Network Automation Tools
By now you’re already familiar with what Network Programmability and Automation is, but you’re curious to know what tools are available out there in the wild, or commercially. Let’s talk about it.
Many years after the initial inception of the network that later became the internet, the most common methods used for network management remain:
- CLI Commands
- Putty
- Copy and Paste
- Text Editors e.g., Notepad ++ and Spreadsheets
However, in today’s next generation networks, a whole new set of tools is needed. There are several methods, tools, platforms and software for CLI-based, API-based and GUI-based automation.
- Open-source tools such as Red Hat Ansible, Chef, and Puppet provide a library of CLI-based commands that can be deployed, modified, and reused for various tasks.
- Custom API-based automation software can be written and pushed into production to programmatically manage network devices. This is using CRUD API requests and responses.
- GUI-based software offered by network device vendors is used e.g., Cisco DNA Center. They simplify network automation and management. However, they are vendor-specific and can be very expensive for organizations that employ network devices from different vendors.
- GUI-based platforms that are vendor-agnostic are also used. They manage all devices added to their inventory once deployed. They are easy to use and less expensive compared to their vendor-specific counterparts.
Below are some of the available tools that can help you get started with Network Programmability and Automation ASAP!
- Python Programming Language: First and foremost, there has never been a better time to learn to code. Python is a great language to start with since it enjoys vast support from leading network vendors, the open-source community is also building a great set of libraries and tools using Python. This directly translates to having access to a wide pool of resources and network community support. Moreover, it’s relatively easy to learn and the syntax is also very straightforward.
- Visual Studio Code: The Visual Studio IDE is a development environment that you can use to edit, debug, and build code, and then publish an app. It also includes compilers, code completion tools and many more features to enhance the software development process. VS Code is extensible, which allows you to add third party plugins e.g., for Python and JavaScript.
- Linux OS: Learn Linux, this is arguably the most reliable operating system for both software and network developers. A very popular tool called Ansible requires that you host the control server on a Linux based machine. Linux OS comes in a variety of distributions, if you are just getting started, install the Ubuntu distribution, it offers a great balance between ease of use, stability, and performance.
- Postman Platform and Application Programming Interfaces: Learn about Application Programming Interfaces (APIs). These are a set of routines, protocols, and tools for building software applications, it dictates how software components should interact and share information with each other. An API facilitates communication between a client and a server. The client would be an application such as a Python script and the server would be the network device or controller. A majority, if not all the devices being shipped from leading vendors today come with APIs, most of the APIs that exist today within network infrastructure are HTTP-based RESTful APIs and the Netconf API. Postman is an API platform for developers to design, build, test and iterate their APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
- Ansible Engine: You need to learn about the Ansible IT automation framework. Ansible is a multivendor, simple and powerful automation engine. It’s programmable and relatively easy to learn. Ansible also uses a domain-specific language called YAML that is used as a method of defining an automation workflow or providing a data set to work with (like a list of VLANs).
- Git Version Control: As we increasingly adopt scripting and other network automation processes, it becomes important that we effectively manage the python scripts, templates, and other configuration files. Git is a source control tool that can help us track these and highlight the changes made to them. For instance, if a change to one of the configuration files being tracked breaks something, you can roll back to a previous version of the file and get back to a known good state. Git can also enable you to more easily collaborate on complex projects with other engineers in a distributed fashion. You can additionally move on ahead to implement advanced network programmability and automation techniques such as NetDevOps Continuous Integration and Continuous Delivery (CICD) pipelines using Git, GitHub and GitLab.
- GitHub Actions: GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. You can create workflows that build and test every pull request to your repository or deploy merged pull requests to production.
- Saltstack: Saltstack is an open-source configuration management software and remote execution engine. Salt is a command-line tool. While written in Python, Saltstack configuration management is language agnostic and simple. Salt platform uses the push model for executing commands via the SSH protocol. The default configuration system is YAML and Jinja templates.
- Docker Container: A container is a standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another. A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.
- Jinja2 Engine: Jinja2 is a fast, expressive, extensible templating engine that can be used with Python, Ansible or any other automation tool. This can help with auto-generating configurations for network devices. For example, it can help to ensure all the router and/or switches have identical NTP, SNMP, AAA, banner etc. configurations.
USEFUL PYTHON LIBRARIES FOR NETWORK ENGINEERS:
Let us take some more time to highlight specific Python libraries that are useful in Network Programmability and Automation. As the Internet has grown, so too has Python’s role as an Internet tool. Python has proven to be well-suited to Internet scripting for some of the very same reasons that make it ideal in other domains. Its modular design and rapid turnaround augur well with the intense demands of network development.
- Asyncio: The first useful library is Asyncio – a Python standard library. This module provides infrastructure for writing single-threaded concurrent code using coroutines, multiplexing I/O access over sockets and other resources, running network clients and servers, and other related primitives.
- Netmiko: The second is Netmiko – a multi-vendor Python library that simplifies SSH connections to network devices. It can be used to push out configs to a network device, add VLANs, etc. Among the platforms that Netmiko currently supports are Cisco IOS, Arista EOS, and Juniper Junos.
- NAPALM: The third is NAPALM – a vendor-agnostic open-source python library that provides a unified API to network devices. NAPALM is an abbreviation for Network Automation and Programmability Abstraction Layer with Multivendor support. By design, it works with popular automation tools such as Ansible, SaltStack, and StackStorm. Besides, you don’t have to use an existing automation framework to automate with NAPALM. Since it’s an open-source project you could just integrate it with your own Python script.
- pyATS/Genie: The fourth is pyATS – an infrastructure agnostic, highly pluggable test automation framework that is very scalable. Genie can help network engineers to test, maintain, and diagnose the desired operational state of their network. You could, for instance, use it to ensure that for every “up interface”, there are no CRC errors. Such a use case can greatly help reduce packet drops on a link. Moreover, through plugins and a large pool of Pythonic libraries, you can develop integrations with 3rd party products and execute even more complex DevOps tasks.
- Nornir: The fifth is Nornir – an automation framework written in python to be used with python. Just imagine Nornir as the Flask of automation. Nornir will take care of dealing with the inventory where you have your host information, it will take care of dispatching the tasks to your devices and will provide a common framework to write “plugins”.
Please note that these are just but a few popular ones, the Python programming language has many networking libraries, each has its own strengths. Always do your homework on the right library to use for specific purposes.
This may sound like a lot to learn before getting started, but luckily for us network engineers, change and continuous learning is something we are used to, so this isn’t going to be any different. Once you get a hold of the basics, programmability and automation will quickly become second nature, the same way the CLI currently is a no brainer!
TRANSITIONING INTO A NETWORK AUTOMATION ENGINEER:
We recommend that you take on a three-phase approach to diving into Network Programmability and Automation:
In the first phase, you ought to build a foundation in programming principles, this includes learning about variables, operations, conditionals, loops, etc. And just to reiterate, there really is no better language for network engineers to leverage today than Python. Along with Python, you should explore APIs (particularly REST APIs), data formats like JSON, and YAML. And if you don’t have one already, sign up for a GitHub account and learn how to clone, pull, and push to repositories.
Once you have the programming fundamentals squared away (or at least working on squaring them away) it is time to explore the new platforms of Linux, Docker, Kubernetes and “the Cloud.” As applications are moving from x86 virtualization to micro services, and now serverless, the networks you build will be extending into these new areas and outside of traditional physical network boxes. And before you can intelligently design or engineer the networks for those environments, you need to understand how they basically work. The goal isn’t to become a big bushy beard wearing Unix admin, but rather to become comfortable working in these areas.
Oh, and maybe take a break from all these new topics to checkout some of the new networking standards like YANG data models and NETCONF/RESTCONF interfaces. It isn’t “dead”, but the CLI is losing some of its focus as the lead programmatic interface for the network.
Now you are ready to explore the details of networking in these new environments. In phase three you will dive deep into Linux, container/Docker, cloud, and micro service networking. You have built the foundation of knowledge needed to take a hard look at how networking works inside these new environments. Explore all the new technologies, software, and strategies for implementing and segmenting critical applications in the “cloud native” age and add value to the application projects.
As you spend your time going through the phases above, your particular enterprise or interests will likely have you brush up against topics like NFV, controllers, IOT, DevOps, and NetDevOps. The three phases aren’t written in stone, use your best judgment to explore and learn about the things that seem important, relevant or just interesting as you find them.
With Network Programmability, the secret to getting ahead and deriving value from it is just getting started!
References:
- Network Programmability and Automation by Jason Edelman
- Mastering Python Networking by Eric Chou
No Comments