In the last blog article, we looked at using NETCONF with Juniper
Junos devices using the ncclient module.
In this blog article, we’ll build on this knowledge and use ncclient with
Cisco Nexus devices.
Blog Series
Python for Network Engineers - Part 1 - Introduction
Python for Network Engineers - Part 2 - Making REST calls
Python for Network Engineers - Part 3 - Using Cisco Nexus NX-API
Python for Network Engineers - Part 4 - Using Arista EOS eAPI
Python for Network Engineers - Part 5 - Using Junos NETCONF interface
Python for Network Engineers - Part 6 - Using Cisco Nexus NETCONF interface
Python for Network Engineers - Part 7 - Using Palo Alto Networks XML API
Python for Network Engineers - Part 1 - Introduction
Python for Network Engineers - Part 2 - Making REST calls
Python for Network Engineers - Part 3 - Using Cisco Nexus NX-API
Python for Network Engineers - Part 4 - Using Arista EOS eAPI
Python for Network Engineers - Part 5 - Using Junos NETCONF interface
Python for Network Engineers - Part 6 - Using Cisco Nexus NETCONF interface
Python for Network Engineers - Part 7 - Using Palo Alto Networks XML API
Python for Network Engineers - Part 2 - Making REST calls
Python for Network Engineers - Part 3 - Using Cisco Nexus NX-API
Python for Network Engineers - Part 4 - Using Arista EOS eAPI
Python for Network Engineers - Part 5 - Using Junos NETCONF interface
Python for Network Engineers - Part 6 - Using Cisco Nexus NETCONF interface
Python for Network Engineers - Part 7 - Using Palo Alto Networks XML API
Introduction
From NX-OS 7.2 onwards the Cisco Nexus platform offers a
REST API. However, prior to that, the
best way to program a Cisco Nexus device is through its NETCONF interface.
In this blog, we’ll show that it’s very simple to pass Cisco cli commands through NETCONF and get back structured data.
Cisco NETCONF interface
For this example, I’m using a Cisco Nexus N7K and Ubuntu Linux
16.04 with Python.
Nexus Setup
On the Cisco Nexus switch, there is no special configuration needed
to enable NETCONF. However, you may wish
to make a dedicated user for accessing the device whilst scripting.
We can test our Cisco Nexus switch is NETCONF capable by
doing a simple SSH command from the Linux prompt:
james@ubuntu:~/python/git/examples/nxncc$
ssh admin@192.168.229.51 -s netconf
User Access Verification
Password:
<?xml version="1.0"
encoding="ISO-8859-1"?>
<hello
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.0</capability>
</capabilities>
<session-id>7500</session-id>
</hello>
]]>]]>
The Nexus switch sends a hello message back and we could now send raw NETCONF data to the switch through SSH, but we will just disconnect and use ncclient.
Python Setup
Please refer to the previous blog article (part 5) on how to
setup ncclient before proceeding with the below examples.
Example 1
In this first example we’re just going to create a session
to the nexus switch, run a simple show command and capture the response. From the Python interactive prompt:
from ncclient import manager
import xmltodict, json
host = '192.168.229.51'
uname=upass='admin'
s = manager.connect(host=host,
port=22, username=uname, password=upass, hostkey_verify=False,
device_params={'name':'nexus'})
r = s.exec_command({'show vlan
brief'})
We can now display the response data in a human-friendly format. However, as it’s structured data it’s very easy for us to manipulate and pull out the bits that we need
j =
xmltodict.parse(r.xml)['rpc-reply']['data']
print json.dumps(j, indent=2)
Example 2
In this next example, we will execute a configuration level command and also show how we can
work under sub prompts. Assuming we
already have a session object “s” from the previous example:
command = 'configure terminal ; vlan
10 ; name PYTHON_TEST10'
r = s.exec_command({command})
We can see we get some basic output to say the command completed correctly:
print r
If we try to execute a command with the wrong cli syntax then we get an error that can be captured in a script easily. To show this then just try the following:
command = 'configure terminal ;
blah blah'
r = s.exec_command({command})
Conclusion
That’s it for this article.
Only two examples, but from those two examples you should be able to do almost
any task that you can do on the Nexus cli.
Note on OpenConfig
Lastly a quick note on OpenConfig. In the last blog post and this one, we've looked at using NETCONF to interact with Junos and Nexus devices. For both, we've been able to send cli formatted commands because we're using proprietary data models.
This is great for developing quick and easy tools to do simple tasks. However, to build complex apps on large networks it's harder to use as we always need to determine what device type we're connecting to. Then we need to structure the configuration data for that device type and we'll get back different structured response data.
OpenConfig means that we can use exactly the same data model on different vendor devices. For example, I could send a standard piece of YANG data over NETCONF to configure a BGP parameter and get back response data in a standardised format. IOS-XR has put a huge amount of development into OpenConfig in version 6.0.0 but I've yet to play around with it, so please see the links in the references section below.
Resources
NETCONF RFC
Githib for Python NETCONF module and YANG models
About the Author
The author of this blog works for Vanguard IT who provide a range of professional services and managed services
For more information go to https://vanguard-it.net
No comments:
Post a Comment