Open in app

Sign in

Write

Sign in

Network Automation with Cisco Devices

Safouat El Yassini
5 min readOct 17, 2023

--

Before starting Check My Network Automation Toolkit created using Python

The networking has seen significant advancements in the way networks are managed and configured, from manual console connections to remote access using Telnet to SSH, and finally the integration of automation through tools like Ansible, Netmiko, and NAPALM.

The history of the networking field:

Network management and configuration have evolved significantly over time:

Cable Console Connections: In the early days, network devices were managed through direct physical connections using console cables. Administrators had to be physically present, which was time-consuming and inefficient, especially as networks grew.

Remote Access with Telnet: As networks expanded, remote management became essential. Telnet allowed administrators to connect remotely using a command-line interface. However, Telnet had security vulnerabilities due to plaintext data transmission.

SSH (Secure Shell): To address Telnet’s security issues, the industry transitioned to SSH, providing encrypted communication for enhanced security during remote management. SSH is now the standard for network device management.

Automation with Ansible, Netmiko, and NAPALM: Networks grew in complexity, making manual management error-prone and impractical. Automation tools like Ansible, Netmiko, and NAPALM were developed. Ansible streamlines tasks with automation playbooks, Netmiko offers a Python library for programmatic device interaction, and NAPALM provides a vendor-agnostic API for multi-vendor network automation. These tools boost efficiency, reduce errors, and adapt networks to changing demands swiftly.

Network Automation

Key aspects of network automation include:

Configuration Management: Automating the setup and configuration of network devices such as routers, switches, and firewalls to ensure consistency and reduce configuration errors.

Provisioning: Automatically deploying and provisioning network resources, such as virtual machines, VLANs, or subnets, based on predefined templates or policies.

Monitoring and Alerting: Setting up automated monitoring tools to collect data on network performance, detect issues, and generate alerts when network conditions deviate from the norm.

Load Balancing: Automating the distribution of network traffic across multiple servers or paths to optimize resource utilization and enhance reliability.

Scaling: Automatically adjusting network resources and configurations to handle changes in demand or traffic patterns.

Security: Using automation to enforce access control, apply security policies, detect threats, and respond to security incidents in real-time.

Orchestration: Coordinating and automating the provisioning of network services as part of a larger application or cloud deployment process.

Ansible

In Ansible, configuration templates are often stored in the form of Ansible playbooks, which are written in YAML. Ansible playbooks define the tasks and configurations to be applied to remote hosts, including network devices. These playbooks can use Jinja2 templates to dynamically generate configurations by injecting variables and parameters provided by the user.

Here’s how it works:

  1. Ansible Playbooks: Playbooks are written in YAML and describe the desired state of the network devices. They contain a list of tasks that should be executed on remote hosts. These tasks can include configuration changes, software installations, and various other actions.
  2. Jinja2 Templates: Within Ansible playbooks, you can use Jinja2 templates to create dynamic configurations. Jinja2 templates allow you to insert variables and parameters provided by the user into configuration files. This makes it possible to generate customized configuration files based on user input.
  3. User Input: Users can provide input to Ansible playbooks using variables, either through command-line arguments, inventory files, or external parameter files. These variables are then used to customize the playbook’s behavior, including configuring network devices.
--
- name: Configure Network Devices
  hosts: network_devices
  gather_facts: no
  tasks:
    - name: Generate Configuration
      template:
        src: network_template.j2
        dest: /etc/network.conf
      vars:
        user_input_variable: "{{ user_input_parameter }}"

Python

Taking inspiration from the functionality of Ansible, you can create your own Network Automation System using Python. After establishing the SSH protocol on your Cisco devices, you can access them using the two libraries, Netmiko and Napalm, to execute commands on them

from netmiko import ConnectHandler

# Define device details
device = {
    'device_type': 'cisco_ios',
    'ip': '192.168.1.1',
    'username': 'your_username',
    'password': 'your_password',
}

# Establish an SSH connection to the device
net_connect = ConnectHandler(**device)

# Send commands to the device
output = net_connect.send_command("show version")
print(output)

# Close the SSH connection
net_connect.disconnect()
from napalm import get_network_driver

# Define the network driver (in this case, 'ios' for Cisco devices)
driver = get_network_driver('ios')

# Define device details
device = {
    'hostname': '192.168.1.1',
    'username': 'your_username',
    'password': 'your_password',
}

# Connect to the device
device = driver(**device)
device.open()

# Send a command to the device
command = 'show interfaces status'
output = device.cli([command])

# Print the command output
print(output[command])

# Close the connection
device.close()

Python or Ansible?

Ansible is a powerful tool for network automation and is often the preferred choice for its simplicity and ease of use, especially for those who are not Python experts. The choice between Ansible and Python libraries like Netmiko and Napalm depends on your specific requirements and preferences.

Using Python instead of Ansible for network automation offers more flexibility and control in certain situations. Here are some reasons why you might choose these libraries over Ansible:

Fine-grained control: Python allow you to have more granular control over network devices. You can send specific commands and receive detailed responses, which can be useful for complex configurations and troubleshooting.

Customization: With Python, you can write custom scripts tailored to your network automation needs. You’re not limited to the predefined Ansible modules and playbooks.

Legacy Devices: Some network devices may not be fully supported by Ansible, but you can still interact with them using Netmiko and Napalm, which offer extensive device support.

Existing Scripts: If you already have scripts or automation workflows written in Python using Netmiko and Napalm, it may be more convenient to continue using them rather than migrating to Ansible.

Complex Scenarios: For highly complex or unique network automation scenarios, writing custom Python scripts can be more suitable.

Network Automation Toolkit

You can check my Network Automation Toolkit on my GitHub .

It illustrates the utilization of the SSH connection by using the Netmiko and NAPALM for automating the configuration of diverse network protocols on Cisco devices. it contain three menus

Recommendation

I recommend the course of Network Engineering with Python created by David Bombal.

I hope that this article can help you in your networking journey.

--

--

Safouat El Yassini

Written by Safouat El Yassini

10 Followers

Software Engineering & Data Scientist

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams