Automating Legacy Network Devices Jason Edelman @jedelman8

Who Am I? Jason Edelman Traditional Network Engineer Worked for Cisco, VARs, etc. CCIE 15394, VCDX-NV 167 Shifted to software and systems ~4 years ago Provide training and consulting services on network automation technologies Blog: jedelman.com Twitter: @jedelman8

Agenda Why Automation? Network Device Programmability Python Libraries & Ansible Modules Ansible (Red Hat) Live Demo (Ansible)

Network Device Programmability How do you connect to the device? Nexus NX-API NETCONF Arista eAPI REST APIs API du jour 15-20% of all devices?

Network Device Programmability If there is an API, use it… If not, we have old faithful…SSH 85-90% of devices Legacy or Traditional?

It’s OKAY to use SSH

Python => Ansible Python Library Description Ansible Modules Specialty/Focus napalm Multi-vendor library. Uses APIs when possible, but uses SSH (netmiko) for IOS napalm_install_config Note: there are also “get” modules Managing device configurations pyntc ntc_file_copy ntc_save_config ntc_show_command ntc_config_command ntc_reboot ntc_install_os ntc_get_facts ntc_rollback System level tasks netmiko Multi-vendor SSH client (12+ vendors) Used by napalm and ntc modules SSH client

Ansible Agentless Built-in Templating Engine YAML & Jinja2 Reports, Docs, Configs, etc. Created and easily extended in Python (or language of your choice) Gaining adoption for Network Automation

Ansible Inventory File [bldg1] b1-closet1-stack1 b1-closet2-stack2 [bldg2] b2-closet1-stack1 b2-closet2-stack2 Inventory File - inventory

Ansible Inventory File & Playbook [bldg1] b1-closet1-stack1 b1-closet2-stack2 [bldg2] b2-closet1-stack1 b2-closet2-stack2 --- - name: deploy vlan on bldg2 switches hosts: bldg2 connection: local tasks: - name: ensure VLAN 10 exists nxos_vlan: vlan_id=10 name=web_vlan host={{ inventory_hostname }} Inventory File - inventory Playbook - vlan-pb.yml EXECUTE PLAYBOOK: $ ansible-playbook –i inventory vlan-pb.yml

ntc_show_command Multi-vendor Ansible module to streamline converting raw text into JSON key/value pairs Leverages TextFSM netmiko (SSH) is used for transport by default

ntc_show_command JSON data returned

Existing IOS Templates Other vendors and OSs exist too https://github.com/networktocode/ntc-templates/

Sample TextFSM Template No coding Regex in TextFsM templates is all that’s needed

ntc_config_command Send configs from list or from file 12+ device types supported (SSH)

ntc_get_facts Facts returned include: uptime (string) uptime (seconds) model vendor os_version serial_number hostname fqdn vlans interfaces

ntc_save_config Save the running configuration as the startup configuration or to a file on the network device. Performs a commit on Juniper devices / copy run start on others Optionally, save the running configuration as a file to the Ansible control host.

ntc_file_copy Copy local files via SCP to network devices

ntc_rollback Create Checkpoint file and rollback to it if there is an error Insert other tasks between

LIVE DEMO Ansible Quickstart & Overview Save & Backup configs Copying files Collecting Data: inventory & ‘show’ commands Creating Reports Pushing configs (time permitting)

DEMO FILES https://github.com/jedelman8/interop-2016/blob/master/backup-configs.yml

Slack Team slack.networktocode.com Self sign up Various channels for topics such as netmiko, napalm, ansible, trigger, and for specific vendors

Resources https://github.com/ktbyers/netmiko/ https://github.com/networktocode/pyntc https://github.com/napalm-automation/napalm https://github.com/networktocode/ntc-ansible/ https://github.com/napalm-automation/napalm-ansible https://github.com/networktocode/ntc-templates

THANK YOU! Jason Edelman @jedelman8 jedelman.com