MACRo 2017 - 6th International Conference on Recent Achievements
in Mechatronics, Automation, Computer Science and Robotics
Network Automation and Abstraction using Python
Programming Methods
Paul MIHĂILĂ, Titus BĂLAN, Radu CURPEN, Florin SANDU
Electronics and Computers Department, Faculty of Electrical Engineering and Computer
Science, ”Transilvania” University, Brașov, e-mail: paul_mihaila2002@yahoo.com
e-mail: titus.balan@unitbv.ro, e-mail: radu.curpen@unitbv.ro, e-mail: sandu@unitbv.ro
Manuscript received September 10, 2017, revised October 19, 2017.
Abstract: Network programmability is a trend, enhanced and inspired by Software
Defined Networks, that are based on scripting methods and standard programming
languages used for controlling and monitoring of network elements. This paper is
illustrating some new methods in configuring network devices by using automation,
reducing time for equipment configuration and easier maintenance. It also improves
network security by recognizing and fixing security vulnerabilities and it increases the
network stability. These methods represent the future of networks, allowing the
management of an increased number of devices in a unitary way.
Keywords: Network automation, software defined networks, computer network
operations, network management, python scripting.
1. Introduction
The number of devices in a network and their heterogeneous nature is
steadily increasing. The traditional methods used for network equipment
configuration are time consuming, taking into consideration also the vendor
specific know-how needed. The Software Defined Networks (SDN) [1] concept
tries to eliminate the vendor dependency via standard protocols, like OpenFlow
[2]. However, the “traditional” non-SDN legacy networks need to keep the pace
and respond to dynamic network changes. Network automation is a solution for
Operational Expenses OPEX saving, improving not only the time spent for
configuring the network devices, but also the efficiency of network maintenance
through procedures that are easier to follow and implement at large scale.
95
10.1515/macro-2017-0011
Unauthenticated
Download Date | 12/23/17 1:59 AM
96
P. Mihăilă, T. Bălan, R. Curpen, F. Sandu
Network programmability [3] allows for reliable and dynamic infrastructure
configurations by automating deployments, simplifying the network and
reducing human generated errors [4].
All major vendors, including Cisco, started promoting the software
configurability of networks (e.g. Cisco DevNet concept that promotes the
creation of an open source community for network programmability [5]). All
new automation implementations are based on generic programing methods
(python, java) and standard interfaces (Secure Shell SSH or even RESTful
webservices).
For the relevance of the Python methods usage of network programmability
we can mention the following Open Source and API tools available at Cisco
Open Source Dev Center [5]: Yang/NetConf browser, OpenStack automation,
network security and Big Data implementations.
However, only the newer devices have support for the new programmatic
methods (some deployed from centralized controller, like APIC-EM in case of
Cisco), and this paper addresses methods to automate legacy network elements.
The main objective of this paper is to demonstrate the efficiency of the
scripting in configuring network devices. For that we have created an emulated
network topology in GNS3, having as main element a Docker Container Ubuntu
image, with the role of a network controlling element. We have controlled the
network devices in a programmatic way using the Netmiko [6] and Paramiko
[7] open source packages, based on Python.
Futher we present the possibility of network programmability using
abstracting methods and the concept of “driver”. We introduce a method
implemented by the authors using the NTAF (Network Test Automation
Forum) [8] standards, based on XMPP (eXtensible Messaging and Presence
Protocol protocol) [9] and introducing the driver methodology that we plan to
implement also with Python, by the use of NAPALM [10] library.
2. Network programmability using Python scripting languages:
Netmiko and Paramiko
At its core, network programmability [11] and automation has the main goal
of simplifying the tasks involved in configuring, managing and operating
network equipment, network topologies, network services and network
connectivity. In our experimental setup we have used the GNS3 emulator which
is a tool for building, designing and testing networks [12], capable now also to
connect to external networks and allowing integration with virtual images or
Docker Containers.
Unauthenticated
Download Date | 12/23/17 1:59 AM
Network Automation and Abstraction using Python Programming Methods
97
A. Network setup
For our specific implementation, we have used an Ubuntu Docker Container
which is running Python scripts [13], allowing to connect to devices and
automate their configuration via ssh connections.
Python scripting is based on Netmiko [6] and Paramiko [7] libraries for
controlling the network devices. Both Netmiko and Paramiko are using SSH
connection to get the control of devices. SSH (Secure Shell) is a cryptographic
network protocol for operating network services securely over an unsecured
network.
Paramiko is a Python implementation of the SSHv2 protocol, providing both
client and server functionality. It is a pure Python interface around SSH
networking concepts and it leverages a Python C extension for low level
cryptography. [6]
Netmiko is a multi-vendor library, based on Paramiko, simplifying
connections across a broad set of networking vendors and platforms.
The scripts incorporate various functionalities like VLAN creation, routing
protocols or configuration backup. These scripts can be used for almost all
network devices regardless of the vendor that produces them. [14]
The topology contains an Ubuntu Docker Container [15][16] which will run
the automated scripts for configuring network devices, a Layer 2 Switch (using
real Cisco IOS) that is making the connection to the NAT Cloud (for having
access to Internet) and to the three Layer 3 Switches that will be automatically
configured (Figure 1).
Figure 1: Network topology
The Ubuntu Docker Container needs to be in the same network as the
devices that we want to automatically configure so it can obtain an IP via a
common DHCP or we can configure a static IP address. It also must be
connected to Internet for downloading the necessary libraries.
Unauthenticated
Download Date | 12/23/17 1:59 AM
98
P. Mihăilă, T. Bălan, R. Curpen, F. Sandu
Figure 2: Necessary libraries for Ubuntu Docker Container
B. Python automation methods
With the help of Netmiko and Paramiko, we have written a script that creates
simultaneously VLANs on those three Layer 3 Switches.
In Figure 3 we can see the script used to create multiple VLANs on a single
switch. We have to specify the IP address configured on the switch, the
username and the password configured for VTY lines and afterwards the
connection via SSH could be done by transmitting those parameters to the
switch using Paramiko library.
When connection is successful, we have to specify the invoke_shell so we
can directly configure the switch via SSH. Afterwards we have created a loop
that creates VLANs from 2 to 10 (VLAN 1 is configured implicitly on every
switch). At the end, we have close SSH connection via ssh_client.close call.
Figure 3: Paramiko script for creating VLANs on a single switch
Unauthenticated
Download Date | 12/23/17 1:59 AM
Network Automation and Abstraction using Python Programming Methods
99
Below we present another script using Netmiko that can create VLANs on
a number of switches, available in the topology.
Figure 4: Netmiko script for creating VLANs on multiple switches
As we can see, the difference between Netmiko and Paramiko is that
Netmiko uses an easier way to connect to switches using ConnectHandler which
is also using SSH in the backend. In addition, when we use Netmiko we have to
specify the device type that we want to control.
With the script from Figure 4 we can create multiples VLANs on multiple
switches. The main difference between this script and the one from Figure 3 is
that in this script uses a variable (all_devices) which includes all the other three
switches in this case. Afterwards, same like in the previous script, we have used
a loop that is creating 9 VLANs (from 2 to 10).
The example above implements a simple functionality, suitable for
exemplification purposes, but the configuration possibilities are broad. We
consider the two above mention Python implementations as a good alternative
and less dependent of vendor specific commands compared to the “expect”
method of TCL scripting language, very used by network administrators for
automation.
Unauthenticated
Download Date | 12/23/17 1:59 AM
100
P. Mihăilă, T. Bălan, R. Curpen, F. Sandu
3. Abstraction of network equipment via the “driver” concept
Another important aspect of heterogeneous networks is the possibility to
program the network, independent of vendor specific functions. In one of our
previous implementations [17] we have used the standardization provided by
NTAF (Network Test Automation Forum) [8] that is using the concept of
generic devices and specific drivers for automation. The NTAF driver concept
was so generic that it had an example a Driver for a toaster (see Figure. 5) and
was using as main protocol the XMPP [9][18].
The first set of specifications that we have also implemented were addressing
the “Tool Registration, Discovery and Activation” and “Tool Automation
Harness”.
Figure 5: Generic driver concept, example for a toaster (source: NTAF)
Previously successfully used for chat rooms, XMPP (Extensible Messaging and
Presence Protocol) was proposed by NTAF for network automation, reusing
social networking concepts.
In our implementation, we have used NTAF used OpenFire as XMPP
Server, and Spark as XMPP Client. The network elements were thus
aggregated in a ”social network”, having all the integrated equipment listed in
the Contact List displayed by Spark (see Figure 6). Network elements are
publishing state/availability and capabilities using XMPP.
Furthermore, we are able to send commands to an equipment from a chat
window based on the XMPP-to-SNMP parser that we have implemented.
Unauthenticated
Download Date | 12/23/17 1:59 AM
Network Automation and Abstraction using Python Programming Methods
101
Figure 6: Implementation of XMPP communication with network equipment using
OpenFire XMPP Server: The network element is reachable via the Contact List of the
Spark client
Using NTAF standard via XMPP protocol we have automated different real,
emulated (Cisco Dynapims images) and virtualized resources (Juniper Olive
virtual images). However, the communication method to each device was
unitary and vendor independent, as we are also counting on drivers (plug-ins).
Based on the same driver concept (the concept that was so successful
implemented in the case of Virtual Instrumentation and IVI Standardization –
Interchangeable Virtual Interfaces) there are also programmable methods for
network abstraction using Python.
For our future work we plan to automate the network elements using the
generic driver concept, based on NAPALM. Network Automation and
Programmability Abstraction Layer with Multivendor support [9] is a Python
library that implements a set of functions to interact with different router vendor
devices using a unified API. The heterogeneous vendors are integrated via
drivers, and NAPALM offers support for most of the important vendors.
5. Conclusions
Software controllability is a concept that is spreading also in the area of
networking, driven by the Software Defined Networks innovative
implementations. Configuring and monitoring any device via automation,
independent of vendors is a goal implementable not only on SDN devices, but
also on other networking solutions. In this paper, we have demonstrated the
Unauthenticated
Download Date | 12/23/17 1:59 AM
102
P. Mihăilă, T. Bălan, R. Curpen, F. Sandu
importance of automation in the “legacy” networks, that are not aware of
OpenFlow SDN protocol. The legacy network equipment represents an
important set of devices, produced by different vendors, very difficult to control
using traditional methods and using unitary/standard methods.
We have demonstrated that using Python, network engineers do not need to
configure by themselves each individual device, they just need to create the
proper infrastructure and by implementing automation scripting. The network
controllability becomes easier and changes can be faster deployed, maybe even
automatically, as response to events that take place in the network. So the
legacy network elements becoming similar with SDNs. We have offered
examples of two automation libraries based on Python and Secure Shell
connections.
Network programmability can be enhanced with the use of an additional
abstraction layer, a driver, thus differences between proprietary solutions are
eliminated. One proposed method of abstraction that was illustrated in an
implementation based on NTAF standardization and the standard XMPP
protocol.
Organizations will benefit from an automation strategy with benefits on
change control, architecture, security and operational management.
Troubleshooting can be made easily and quickly when automated systems
examine the network continuously.
References
1.
Software-Defined Networking: The New Norm for Networks. ONF White Paper. April
13, 2012
2. D. F. Macedo, D. Guedes, L. F. M. Vieira, M. A. M. Vieira and M. Nogueira,
"Programmable Networks—From Software-Defined Radio to Software-Defined
Networking," in IEEE Communications Surveys & Tutorials, vol. 17, no. 2, pp. 1102-1125
3. P. Chaignon, K. Lazri, J. Francois and O. Festor, "Understanding disruptive monitoring
capabilities of programmable networks," 2017 IEEE Conference on Network Softwarization
(NetSoft), Bologna, 2017, pp. 1-6.
4. Tischer R., Gooley J.: Programming and Automating Cisco Networks, Cisco Press,
September 9th 2016
5. Cisco ”DevNet” Open Source Dev Center - https://developer.cisco.com/site/opensource/
6. Netmiko, https://pynet.twb-tech.com/blog/automation/netmiko.html
7. Paramiko, http://www.paramiko.org/
8. Network Test Automation Forum, NTAF White Paper. [online] Available: http://
www.ntaforum.org
9. XMPP - Extensible Messaging and Presence Protocol – https://xmpp.org
10. NAPALM (Network Automation and Programmability Abstraction Layer with
Multivendor support) https://napalm.readthedocs.io/en/latest/
11. Edelman J., Lowe S., Oswalt M.: Network Programmability and Automation, O’Reilly
Media, Inc., 2017
12. GNS3 emulator, https://www.gns3.com/
Unauthenticated
Download Date | 12/23/17 1:59 AM
Network Automation and Abstraction using Python Programming Methods
103
13. S. Lowe, J. Edelman, M. Oswalt, “Network Programmability and Automation, Skills
for the Next-Generation Network Engineer”, O'Reilly Media, December 2015
14. K. Jambunatha, "Design and implement Automated Procedure to upgrade remote
network devices using Python," 2015 IEEE International Advance Computing
Conference (IACC), Banglore, 2015, pp. 217-221.
15. Negus C., Henry W.: Docker Containers: From Start to Enterprise, Prentice Hall,
September 21th 2015
16. Docker Container, https://www.docker.com/what-container
17. S Zamfir, T Balan, F Sandu, “Automating Telecom Equipment for Cloud Integration”,
Review of the Air Force Academy, 2015
18. S. Bendel, T. Springer, D. Schuster, A. Schill, R. Ackermann and M. Ameling, "A
service infrastructure for the Internet of Things based on XMPP," 2013 IEEE
International Conference on Pervasive Computing and Communications Workshops
(PERCOM Workshops), San Diego, CA, 2013, pp. 385-388.
Unauthenticated
Download Date | 12/23/17 1:59 AM