Network Automation using Python

Vinit Jain
CCIE# 22854
Twitter - @vinugenie

March 29th, 2022

 Welcome to the new “Meet Authors event”
Learn from the IT expert that literally wrote the books & content
“Lear more about the latest trends in cybersecurity and the alternatives to
enhance your security career”

Meet Learn the Trends & Clarify

Author Story behind Key Content Questions

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Win a free
signed copy!
2 Free copies

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
 Meet the Author

Vinit Jain Co-author Cisco Press books and

Technical Leader
CCIE #22854 Educational material!
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Network Automation using Python
Vinit Jain, Sr. Technical Leader, CCIE #22854
Network Automation
• Process of using software to automate network provisioning, testing,
deployment and network management
• To help maximize network efficiency and functionality
• Networks are complex and bulky in nature
• Manual operations – more delays
• Automation makes the networks more agile and responsive to
changes
• Benefits:
• Improved operational efficiency
• Reduced errors
• Lower OPEX
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
 Network Automation Architecture
Human Interface

Data Management Verification & Testing

Configuration
Visibility & Telemetry
Management

Network Infrastructure
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Network Programmability
• It’s a set of tools to deploy, manage and troubleshoot a network
device
• Network engineer perspective – interacting with a device or group of
devices
• Software developer perspective – abstracting the network. Seeing
the whole network as a single device and manipulating it with
software
Infrastructure
Applications API
(Routers,
(Python) (JSON / XML)
Switches..)

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Benefits of Network Programmability
• Reduced OPEX
• Customization
• Reduced human error
• Operational flexibility
• Increased opportunity for innovation

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Application Programming Interface (API)
• APIs are mechanisms used to Application
communicate with applications and
other software. Northbound API

• An API may perform different

Controller
functions based on where they are
located in the flow
Southbound API
• Used to communicate with various
components of the network through
software Data Plane

• APIs are usually RESTful APIs

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Representational State Transfer (REST) APIs
• An API that uses REST is often referred to a RESTful API.
• RESTful APIs use Hypertext Transfer Protocol (HTTP) methods to
gather and manipulate data.
HTTP Function Action

GET Read
POST Create
PATCH Update / Modify
PUT Update / Replace
DELETE Delete
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
HTTP Status Codes
HTTP STATUS RESULT COMMON REASON
CODE
200 Ok Using GET or POST to exchange data with
an API
201 Created Creating resources by using a REST API call
400 Bad Request Request failed due to client-side issue
401 Unauthorized Client not authenticated to access site or
API call
403 Forbidden Access not granted based on supplied
credentials
404 Not Found Page at HTTP URL location does not exist
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
or is hidden 12
Netmiko

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Netmiko Overview
• Netmiko – Python library used extensively to interact with network
devices
• Multi-vendor library
• Cisco IOS/IOS-XE, NX-OS, firewalls, etc.
• Extended support of Paramiko library’s SSH functionality
• Going into configuration modes
• Sending commands
• Retrieving outputs
• Taking care of yes/no prompts

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
NAPALM

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
NAPALM Overview
• NAPALM - Network automation and programmability abstraction
layer with multi-vendor support
• Provides functions that allows:
• Configuration operations (commit or rollback)
• Retrieve state data from network devices

• Contains methods to establish connection to network devices

• Can work in conjunction with automation tools – Ansible
• Has support for various network OS:
• IOS, IOS-XR, NX-OS, JunOS, EOS, etc.

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
NAPALM Operations
• Replace – Allows users to replace the existing running configuration with an
entirely new configuration.
• Merge – Allows users to merge configuration changes from a file to the
running configuration on the device.
• Compare – Compare the newly proposed configuration with the existing
one. Only applies to replace operation and not for merge operation.
• Discard – Resets the merge configuration file to an empty file. Thus, not
allowing the new configuration to be applied on the device.
• Commit – Commits the proposed configuration to the network device. In
other words, used to deploy a staged configuration.
• Rollback – Rollback (revert back) the running configuration to the saved
configured prior to the last commit.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Jinja

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Templating with Jinja2
• Jinja is a modern templating language for Python – Modelled after
Django templates
• Allows user to easily interact with Python program
• Use data to quickly generate dynamic content
• Benefits:
• Template inheritance
• Optimal just-in-time compilation
• Easy debuggability
• Configurable syntax

• Commonly used with web frameworks such as Flask

• Configuration management tools – Ansible, Nornir, etc.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Delimiters
• {% . . . %} – for statements
• {{ . . . }} – for expressions (used to print template output)
• {# . . . #} – for Comments. Comments are not included in template
output
• # . . . ## – for line statements

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Nornir

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Nornir Overview
• Python based automation framework
• Manage network and host inventory and provide common
framework to write plugins for the network devices and hosts
• Requires minimum Python version 3.6.2
• Multi-threaded – Defaults to 20 worker threads
• Initialized using config file – references couple other files
• Host inventory file
• Group file

• All these files are written in YAML format

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Nornir Advantages
• Python or Golang (Gornir)
• Reuse existing libraries – napalm, netmiko
• Quick host filtering based on any attribute or combination of
attributes
• Very fast due to use of threads
• Can be used to build highly flexible and extensible automation tools
using Flask, Django, etc.
• Automatically performs caching and closes open connections

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Submit Your
Questions Now!

Use the Q&A panel to submit your

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential questions, our expert will respond
24
Extra Resources and References

Cisco Press
Network Programmability and Automation Fundamentals [Learn more]
News

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide
https://www.ciscopress.com/store/ccnp-and-ccie-security-core-scor-350-701-official-cert-9780135971970

Cisco DevNet Professional DEVCOR 350-901 Study Guide

https://www.ciscopress.com/store/cisco-devnet-professional-devcor-350-901-study-guide-9780137500048

Other useful resources:

Interview with Vinit Jain, Cisco's Top Events Contributor

https://community.cisco.com/t5/networking-documents/interview-with-vinit-jain-cisco-s-top-events-contributor/ta-p/3156059

Vinit’s publications
http://www.ciscopress.com/authors/bio/255ee209-1418-4938-9a42-d3bece2b46c6

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Congratulations
winners!

We’ll contact you via email

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Thank you for Your
Time!

Please help to complete the survey

Your opinion is important and help us to improve

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Thanks For Joining today!

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28