NETMIKO Automation on Juniper Routers - Full Tutorial for Beginners

, January 11th 2020

(UPDATE: We now have a video demo to accompany this post! Check it out on YouTube.)

Automating SSH sessions with network devices can be a painful job if the appropriate tools are not chosen. That's why, today, I want to talk about Netmiko - a powerful python library that every network engineer should at least be familiar with.

We'll start the post with a high-level look at the library and then jump right in by writing a program to automate config changes on a Juniper router.

The challenge of SSH automation

So, what exactly is Netmiko?

To answer that, we'll start by talking about the SSH protocol. If you want to access the CLI of a network device from a remote location you would typically log in to the device using the SSH protocol.

And, as most of you would know, SSH is the protocol that allows the end-user to remotely access the device through an encrypted channel.

This works great for human operators performing manual tasks, but how can you utilize the SSH protocol in an automated solution?

It would be very challenging and time-consuming to try to write the software to implement the SSH protocol in a TCP sockets program. Thankfully, many libraries exist which abstract away the low-level complexities of such a feat - this allows end-users to focus on the higher-level interactions with their end devices.

One such library for the python language is Paramiko. An end-user may incorporate this library into their program for automating an SSH interaction.

Paramiko has its own problems

You'll find that in practice, however, even Paramiko is difficult to use with network devices. This is a consequence of the unique quirks that each vendor has built into their software.

Take authentication, for example. On some network devices, credentials are provided after the SSH session is established rather than utilizing the inherent authentication capability of the SSH protocol.

Netmiko comes to the rescue

To avoid the pain of network automation with Paramiko, the Netmiko library was built.

Netmiko is built on top of Paramiko. It simplifies SSH automation to network devices by abstracting away the implementation quirks unique to each vendor.

As always, examples are the best way of learning so let's jump right into some code. Today, we'll automate the configuration of a virtual SRX Juniper router running on GNS3. I'm using Ubuntu 18.04 for our python program.

To begin, let's use pip to install Netmiko.

pip install netmiko

We'll now create a new file for our python program and import the required dependency.

#!/usr/bin/env python

# Filename:                     netmiko-tutorial.py
# Command to run the program:   python netmiko-tutorial.py

from netmiko import ConnectHandler

Connecting to a device

Next, let's create an object holding the details of our router. We can then proceed to establish an SSH connection using Netmiko.

# Establish a connection to the router
virtual_srx = {
	'device_type': 'juniper',
	'host':   '192.168.159.10',
	'username': 'root',
	'password': 'juniper123',
	'port' : 22,
}
net_connect = ConnectHandler(**virtual_srx)

Netmiko supports a large range of values for the "device_type" parameter. Check them out in the official docs.

How to run "show" commands

Once a connection is established to our Juniper router, running operational commands is trivial. Let's check the state of an interface.

# Operational Command Example
output = net_connect.send_command('show interfaces ge-0/0/0 terse')
print(output)

Executing the program now yields an output equal to the output we would see if we ran the command directly on the CLI.

Interface               Admin Link Proto    Local                 Remote
ge-0/0/0                up    up
ge-0/0/0.0              up    up   inet     192.168.159.10/24

The library provides the user with unmodified CLI output. To demonstrate this again, let's modify our operational command by misspelling "show" as "sow".

Rerunning the program gives:

root> sow   interfaces
      ^
unknown command.

root> sowinterfaces   ge-0/0/0
      ^
unknown command.

root> sowinterfacesge-0/0/0   terse
      ^
unknown command.

You'll get the same result if you log on the router and try the command manually.

How to edit the running-config

Let's now configure an interface on the router using our Netmiko program. We can do this with a two-step process.

First, we edit the candidate configuration of the router with our new lines of config. We can do this using the send_config_set method.

# Edit the candidate configuration
config_commands = [ 'set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.10/24',
                    'set interfaces ge-0/0/1 unit 0 description "Test Config"']
output = net_connect.send_config_set(config_commands, exit_config_mode=False)
print(output)

With that done, we may commit the change to the running-config.

# Commit the config changes
output = net_connect.commit()
print(output)

Let's verify the program works as expected. Running it yields the output below.

configure
Entering configuration mode

[edit]
root# set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.10/24

[edit]
root# set interfaces ge-0/0/1 unit 0 description "Test Config"

[edit]
root#
commit
commit complete

And finally, we can hop on to the CLI to verify the change.

root> show configuration interfaces ge-0/0/1
unit 0 {
    description "Test Config";
    family inet {
        address 10.10.10.10/24;
    }
}

There we go, that's everything essential we need to know about Netmiko!

That'll be it for today. I hope you enjoyed the tutorial! And as always, stay tuned for more!

ULTRA CONFIG GENERATOR

Netmiko is great at pushing configuration to network devices. But how can we automate the generation of network config?

Have you heard of Ultra Config Generator? If you haven't, I highly recommend you check it out.

We designed the product to allow network engineers to generate and automate network configuration in a highly flexible, efficient and elegant manner. Our users love the application and I hope that you will too.

Take care until next time!

Ultra Config


JOIN THE DISCUSSION

Subscribe to the Blog

Subscribe now and never miss a new post!