10 minutes
The network developer’s toolkit
Following on from my first blog post about the changing world of network engineering I thought it would be a good idea to talk about some of the tools and technologies that will form your ‘go to’ toolkit for network automation.
Just to be clear, this is not a comprehensive list of everything you need to know, nor is it an endorsement of any particular technology over another, this is simply a collection of tools that I use regularly as part of my automation development. I’m going to cover what each one is, how it works and what it’s used for. The idea being that when used together, you should have all the tools you need to produce your first piece of network automation.
Linux - the operating system
First of all you’re going to need something to run all of your tools, I make the assumption that most people reading this will be running a windows machine and whilst some of your toolkit will run quite happily on Windows natively, that’s not always the case.
Linux is an open source operating system used to run all of the other tools mentioned here, Linux users usually obtain their operating system by downloading a Linux distribution (distro) such as Ubuntu or CentOS. To begin with you don’t need to have an in depth understanding of Linux but you will need to master the basics such as navigating/manipulating the directory structure and installing applications.
There are a number of ways to run a Linux development environment from your windows machine such as:
- Docker containers
- Windows Subsystem for Linux (WSL)
- A virtual machine via VMWare player or VirtualBox
Further reading:
The Linux command line for beginners
3 good ways to run Linux on Windows
Ansible - the orchestration platform
Ansible is an open-source orchestration and configuration management platform that enables infrastructure as code.
Wait, hang on a minute, what does that mean in plain english?
Yeah ok fair point, let’s start again…
Ansible is open-source software meaning that it is free to use, it acts as an orchestration platform to effectively bring together various components in order to manage, interrogate and configure devices or nodes (in our case network devices) within your infrastructure.
One of the things that makes Ansible so suitable for managing network devices is that it is agentless, meaning that no agent installation is required on the devices being targeted. All that is required is SSH connectivity, equally appealing is that fact that you can run Ansible from your local machine with no requirement for a dedicated server.
There are many components that make up an Ansible automation environment but the main ones you’ll need to know about to get started are..
Inventory - A centralised record that holds information on all of the devices that you want to manage with Ansible, you can group devices together based on common attributes (for example by device type or geographic location) and define variables for individual devices (host_vars) or for the groups that they belong to (group_vars).
Modules - snippets of code that carry out a specific task or function, parameters are used to shape how that code is executed on your devices. As well as generic Ansible modules there are hundreds of vendor specific ones available to use.
Tasks - Actions that can be executed against devices (or groups of) within your inventory, often by calling a module. For example a task to execute a show command on a Cisco device using the ios_command module.
Roles - A collection of tasks grouped together to perform a function. For example a local user role could be a collection of individual tasks to obtain a list of local user accounts, change the password for a certain account and save the configuration.
Playbooks - This is where you bring everything together. Playbooks are used to map inventory hosts or groups to a set of roles, the roles are then executed against those devices.
There’s obviously a bit more to it than that but if you check out my useful links section you’ll find a link to an excellent hands on guide written by my colleague Chris Hannan that covers getting started with Ansible and Cisco Devnet.
YAML - the data format of choice
Ansible uses YAML extensively to construct playbooks, define variables, build roles and many other things so it’s something you’re going to have to get familiar with. The official definition of YAML is a human-readable data-serialization language which basically means that it’s one of many ways to represent data in a machine readable format. The major benefit of YAML is that it’s very easy for humans to read when compared to something like xml.
If we take a basic example of a network interface, I want to represent some basic information such as name, description, IP address and status. Let’s compare YAML to XML
YAML
Interfaces:
- Interface_name: GigabiEthernet1/0/1
Description: WAN link
IPv4:
- IP_address: 10.1.1.1
Mask: 255.255.255.0
Status: up
- Interface_name: Loopback0
Description: Management
IPv4:
- IP_address: 192.168.1.1
Mask: 255.255.255.224
Status: up
HTML
<Interfaces>
<Interface_name>GigabiEthernet1/0/1</Interface_name>
<Description>WAN link</Description>
<IPv4>
<IP_address>10.1.1.1</IP_address>
<Mask>255.255.255.0</Mask>
</IPv4>
<Status>up</Status>
</Interfaces>
<Interfaces>
<Interface_name>Loopback0</Interface_name>
<Description>Management</Description>
<IPv4>
<IP_address>192.168.1.1</IP_address>
<Mask>255.255.255.224</Mask>
</IPv4>
<Status>up</Status>
</Interfaces>
As you can see whilst both examples are decipherable YAML is presented in a way that is more familiar to us as humans and therefore easier to read and digest quickly. The basic YAML structure uses colons to separate key: value pairs (like a dictionary) and dashes to create “bullet” lists.
One important thing to note is that YAML uses strict whitespace indentation to denote this structure so any miss-aligned data within a file will result in errors.
Jinja2 - the templating language
Once you’ve gotten to grips with Ansible and YAML you will soon come to realise that automating configuration across your network estate isn’t the only high value use case. What automation also gives you is the ability to pull information or data from a huge number of sources (i.e. your managed devices) into a central place. This data can come in many formats, structures and languages (e.g. lists, dictionaries, YAML or JSON).
What Jinja2 is really good at is taking this mass of raw data and collating it into a final document using a defined template, this could be something like a report, configuration file or data structure.
Let’s take a look at another example…
Looking back at the YAML data from the previous example, let’s say I wanted to produce a report that detailed the interface configuration for that device. We could produce a simple Jinja2 template file that will do the job for us
{% for interface in Interfaces %}
Interface name = {{ interface.interface_name }}
This interface has a description of {{ interface.description }}
It's IP configuration is {{ interface.IPv4.IP_address }} {{ interface.IPv4.Mask }}
The interface is {{ interface.status }}
{% endfor %}
This will result in the following output:
Interface name = GigabiEthernet1/0/1
This interface has a description of WAN link
It's IP configuration is 10.1.1.1 255.255.255.0
The interface is up
Interface name = Loopback0
This interface has a description of Management
It's IP configuration is 192.168.1.1 255.255.255.224
The interface is up
As you can see the Jinja2 template loops through the list of interfaces and inserts the relevant values into the desired place in the output, the result being a nicely formatted document detailing our interface configuration.
Now this example processed just two interfaces on a single device, but imagine if you had a requirement to generate a report from data for several interfaces across hundreds of devices, that’s where Jinja2 really starts to add value.
What’s even better is that once you’ve built the correct logic to access and process the data you can quickly change the template to achieve a different output completely, a csv report for example.
Interface name,Description,IP Address,Subnet Mask,Status
{% for interface in Interfaces %}
{{ interface.interface_name }},{{ interface.description }},{{ interface.IPv4.IP_address }},{{ interface.IPv4.Mask }},{{ interface.status }}
{% endfor %}
This will result in the following output:
Interface name,Description,IP Address,Subnet Mask,Status
GigabiEthernet1/0/1,WAN link,10.1.1.1,255.255.255.0,up
Loopback0,Management,192.168.1.1,255.255.255.224,up
Jinja2 is a very powerful templating language with the ability to do much, much more to process, manipulate and format large amounts of data but the above should give you an insight into how simple it is to get started.
Git - version control and so much more
If you’re starting to develop automation code, especially if you’re collaborating with others then you’re going to need somewhere to store your work, somewhere that allows you to commit and track your incremental changes, somewhere that keeps a historic log of those changes and allows you to roll back to a happier time when you hadn’t got a bit carried away and messed it all up! You’re also going to need somewhere that allows you to work on the same files as others in your team, merge everyone’s changes into one master document and handle any conflicts along the way.
What you’re going to need is Git.
Like all of the other tools mentioned in this post Git can do so much more than what I’ve just outlined, but even if you never use it for anything other than what I’ve already talked about, it’s still one of the most important tools in your toolkit.
Further reading:
Python - the coding language
Python is a general-purpose coding language which has many use cases such as:
- software development
- data processing and mathematical computations
- creating system scripts or instructions that tell a computer system to “do” something
That last point should sound familiar as it describes the role of an Ansible module, which are written in Python. Jinja2 was also developed for Python so there are large similarities in syntax and logic used between Python scripts and Jinja2 templates.
I’ve debated quite a bit about whether to include Python in this list, Python is a really useful tool to have at your disposal and as you get more into automation it will become integral to your day to day work. However if you’re just starting out I think there’s a fair argument that you don’t necessarily need a deep understanding of Python, I’d go as far as to call it a ‘phase 2’ skill for once you’ve mastered some of the basics.
That said there are a few basic concepts such as loops and conditionals that I would recommend that you get familiar with.
Further reading:
Visual Studio Code - the IDE that brings it all together
VSCode is an Integrated Development Environment (IDE) and simply put its a piece of software that brings together all the elements you need to develop your code within a single window. Whereas traditionally you would have several windows open for exploring files, running code via a terminal and editing files, an IDE brings all this together within a single view. There are many IDEs available to use and what they tend to have in common is the ability to integrate with other elements of your development environment. VS code does this through extensions, there are literally thousands of them which offer functionally such as syntax highlighting, code debugging and Git integration.
As I said at the beginning, this list is not comprehensive and there are alternative technologies to most of the tools I’ve talked about. In fact I’m pretty sure that as you read this there will be a debate raging somewhere about the benefits of XML over YAML, or Terraform over Ansible.
The point of this post is not to say which is better, the point is to give those of you starting out in network automation an idea of the tools that I’ve found most useful. If you grow to love them too, great; if you decide that there’s a better alternative for you, that’s fine too.
I’ll leave that for you to decide…