Have you ever wanted to create scripts and test them in a secure environment?
Network automation is a tool that can help us with many assignments and it can be used for fast deployments, repetitive tasks and log analysis among others. In some cases it is better to test the scripts before using them in a real network environment. This is why it is important to learn how to configure a local lab in order to deploy the scripts. There are many programming languages out there but in this case we are going to focus on Python because it is one of the most popular programming languages. Another important feature is that it has some libraries such as Netmiko or Paramiko that will make the creation of network automation scripts easier.
Preparing the virtual environment
To create the lab we will use a virtual environment but for the purpose of this text, we will skip how to install it and how to upload network images to the virtual machine. However you can learn it in https://www.eve-ng.net/index.php/documentation/.
In order to emulate network equipment we will create a virtual machine and to do so, we can use VmWare or Virtual Box. Next step is to install EVE-NG in our virtual environment and after that we will need to upload images of a network device on the EVE-NG virtual machine. In this case we will use a Juniper vMX image but any vendor’s image could also do. Finally, we will install Python and a code editor, for example Sublime Text or Visual Studio Code.
Once all the software and images were installed and powered on we have to create a link between the virtual images and our local machine. After that, we add a Management (Cloud0) in EVE-NG and connect it to the network device (vMX in this case) as you can see in figure 1 and figure 2.
Figure 1. Creation of Management (Cloud0)
Figure 2. Connection between vMX and Management (Cloud0)
In order to connect via SSH we have to deploy basic configuration on the router. First of all we are going to configure the interface between the vMX and the Management(Cloud0). The connection will be made by a library called Netmiko and we will use R1 as a reference device. When you power on your virtual machine, an IP address for the local EVE-NG management (Figure 3) will be created and this IP will automatically be configured on the network adapters of your PC. We will use this IP to configure the interface in the vMX and enable SSH connectivity with the two Junos commands, as shown on Figure 4.
Figure 3. IP EVE-NG
Figure 4. Basic Configuration
Once the above steps are completed, we will be able to carry out a ICMP test doing a ping between the router and the IP assigned to EVE-NG. If the ping is successful, it means that now we will be able of sending commands through our code editor and it will connect with the devices in our virtual machine.
Figure 5. Test connectivity between local machine and EVE-NG devices
Testing the Scripts
Now that we have laid the groundwork for the virtual environment, it is time to test the scripts. In order to do so we will execute a short script that has the following functions:
• To connect to the Router via SSH
• To configure an interface to another router
• To create a loopback
• To configure OSPF adjacencies
These tools allow us to do other tasks such as implementing a set of functions and reading the output of commands. For instance a useful function is to create a script that sends show commands to our network devices and saves it in a TXT file so we will be able to read and analyze it anytime without connection to the devices.
For more information about commands and features of Netmiko library you can check https://github.com/ktbyers/netmiko.
Also, there are many other libraries such as NAPALM that implement a set of functions to interact with different network operating systems using APIs. Apart from extracting show commands we can use Python to read the output, which gives us a brief description of the discoveries made by the script. Django, which is a high level Python web framework, is recommended to develop websites with multiple applications for our network.
Network automation has no limits. The examples above are just a glimpse of Python uses in combination with networking. Following all the procedures described it is possible to test scripts in a secure environment and see their functions in a real network. In my opinion this is the main reason why network engineers should learn at least the basics of Python in order to apply all its benefits on a daily basis.
Example 2: Using filters to send a command to only some devices in the inventory.
In this example the inventory has 2 devices. The devices are called "router01" and "linux01". "router01" has the "platform" field with value "juniper_junos" to indicate it is using Junos operating system.