Network automation use case

As we have now interacted with multiple sections of Python and device interaction, let's create a use case to incorporate what we have learned so far. The use case is as follows:

Log into the router and fetch some information:

  1. task1(): Show the version, show the IP in brief, show the clock, and show the configured usernames on the router.
  2. task2(): Create another username on the test router with the password test and check whether we can log in successfully with the newly created username.
  3. task3(): Log in with the newly created username test, and delete all the other usernames from the running-config. Once this is done, return all the current usernames configured on the router to confirm whether only the test username is configured on the router.

Let's build a script to tackle these tasks one by one:

from netmiko import ConnectHandler

device = ConnectHandler(device_type='cisco_ios', ip='192.168.255.249', username='cisco', password='cisco')

def task1():
    output = device.send_command("show version")
    print (output)
    output= device.send_command("show ip int brief")
    print (output)
    output= device.send_command("show clock")
    print (output)
    output= device.send_command("show running-config | in username")
    output=output.splitlines()
    for item in output:
        if ("username" in item):
            item=item.split(" ")
            print ("username configured: ",item[1])
            

def task2():
    global device
    configcmds=["username test privilege 15 secret test"]
    device.send_config_set(configcmds)
    output= device.send_command("show running-config | in username")
    output=output.splitlines()
    for item in output:
        if ("username" in item):
            item=item.split(" ")
            print ("username configured: ",item[1])
    device.disconnect()
    try:
        device = ConnectHandler(device_type='cisco_ios', ip='192.168.255.249', username='test', password='test')
        print ("Authenticated successfully with username test")
        device.disconnect()
    except:
        print ("Unable to authenticate with username test")

def task3():
    device = ConnectHandler(device_type='cisco_ios', ip='192.168.255.249', username='test', password='test')
    output= device.send_command("show running-config | in username")
    output=output.splitlines()
    for item in output:
        if ("username" in item):
            if ("test" not in item):
                item=item.split(" ")
                cmd="no username "+item[1]
                outputnew=device.send_config_set(cmd)
    output= device.send_command("show running-config | in username")
    output=output.splitlines()
    for item in output:
        if ("username" in item):
            item=item.split(" ")
            print ("username configured: ",item[1])
            
    device.disconnect()
    
    
#Call task1 by writing task1()
#task1()
#Call task2 by writing task2()
#task2()
#Call task3 by writing task3()
#task3()

As we can see, the three tasks given are defined as three different functions:

  1. The first line indicates that we have imported the Netmiko library, and in the second line we are connecting to our test router with the Cisco credentials.
  2. In the task1() function, we are fetching the outputs of all show commands. Additionally, since we do not want to expose the passwords of the current usernames we have added an extra logic wherein the returned output for show running-config | in username will be parsed by each line for every username, and each line will be split by a space character " ". Also, since the Cisco device returns the actual username in the second position in the output (for example, username test privilege 15 secret 5 ), we print the value of the second item after we split the output string, which is our actual username.

Here's the output for the task1() method:

  1. In the task2() method, we are going to create a username test with the password test, and authenticate with the new username. We have added a try: exception block in this method, which checks for any errors/exceptions for all the statements in the try: section, and if there are any exceptions, rather than breaking the script, it runs the code that is given in the exception section (under the except: keyword). If there are no errors, it continues with the statements in the try: section.

Here's the output for task2():

We can see that we now have two usernames configured, and the router is also now successfully responding to authentication with the test username.

  1. In task3() function, this will first fetch all the usernames that are in running-config, and if there are any usernames that are not test, it will create a dynamic command with no username <username> and send it to the router. Once it is done with all the usernames, it will go ahead and recheck and list out all the usernames not on the router. A success criteria is only the configured username as test should be available on the router.

Here's the output of task3():

The result of task3() is the result of all configured usernames, which in this case is now only test.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.144.84.175