| technology | networking - John McGovern
5 Top Free Python Libraries for Network Automation
Within the past few years network automation has seen an explosion in popularity. As a result, there seems to be an ever-increasing supply of tools available to the modern engineer to help implement automated network configuration and change management. While having such a wide and diverse array of tooling available is undoubtedly of great benefit to the community, it can certainly feel a little bit overwhelming and even intimidating.
To help simplify this, I've identified what I believe to be the top five free Python libraries for network automation both in this article and also this YouTube video:
All of these libraries are sufficiently mature, well-tested, and have a strong support within the automation community. So, let's dig in.
Netmiko is an exceptional Python library developed by Kirk Byers designed to act as an abstraction layer over the Paramiko Python implementation of the SSHv2 protocol. In effect, Netmiko is Paramiko reimagined and adapted to interact with networking devices specifically. In real terms, Netmiko has been programmed to have an awareness of the quirks of networking devices and subsequently hides these lower-level details away from the automation engineer.
For example, Netmiko understands that when issuing a configuration change to a Cisco device, all commands sent must first begin with an elevation to Global Configuration mode and, thus, will automatically issue a "configure terminal" on your behalf. These seemingly small details ultimate amount to a drastic reduction in the complexity of your automation scripts.
Moreover, Netmiko tightly integrates with parsing solutions such as TextFSM and Genie, giving you the option to return the output of your show commands in the form of structured data.
NAPALM is a Python library developed by David Barroso and has been carefully written to simplify automated interactions with networking devices — regardless of operating system through the use of a unified API. NAPALM has a multitude of great features but my personal favourite is its "Getter" concept.
Let's suppose, for example, you wanted to pull BGP Neighbor information from your network. Now if all of your devices are Cisco IOS, then you could simply use Netmiko to issue a "show ip bgp neighbor" and retrieve that information handily. However, what if your network was 1/3rd Cisco, 1/3rd Juniper and 1/3Rd Arista?
By using NAPALM Getters, you can pull all of that information simply by issuing the vendor-agnostic command "get_bgp_neighbors". Under the hood, NAPALM will issue the appropriate platform-specific show commands to each device and present that output back to you in a standardised format, structured in JSON.
Genie is a Python library developed and tailored to be used for automated network testing. For anyone new to network automation, my first recommendation is always to learn how to use the Genie CLI. In my opinion there is no better "bang for your buck" in the world of automation today. It is simple to use and immediately grants the engineer an incredible level of insight into the state of their network. Through using the Genie CLI, engineers are essentially able to capture and compare different snapshots of the network state and run an automated comparison to identify exactly what has changed.
Let's imagine you were running OSPF within your network. By issuing the Genie CLI command "genie learn ospf", Genie will automatically run a massive volume of different OSPF-specific show commands and collate that information to document all of the OSPF details running within the network. Now, if we assume later down line connectivity in some part of the network was suddenly lost. Through reissuing the "genie learn ospf" command, the current OSPF state will be relearned, thus enabling Genie the ability to compare the current broken state to the original state.
Subsequently, Genie will identify all of the relevant changes and return to the engineer a highly targeted summary of items to begin troubleshooting. This is a feature any engineer, even those with no programming experience, can learn to use within one day of training and one which will continually optimise and simplify their network troubleshooting.
NCClient is a Python library written to simplify scripting and automation over the NETCONF protocol. Modern automation aims to interact with networking devices via the use of APIs as opposed to the Command Line Interface. NETCONF is feature-rich and offers the ability to exact granular control over the network with its ability to lock a device's configuration datastore, conduct full operation configuration replacements and much more.
The XML-based protocol can be somewhat complex to use, particularly for beginners. However, NCClient and its "Manager" function simplifies this by enabling an API for RPC operations as method calls with support for both Subtree and Xpath filtering. As such, NCClient has become the standard way of interacting with the NETCONF protocol and an essential Python library for the modern network automation engineer.
RESTCONF is a lightweight, stateless HTTP-based protocol and has burst onto the scene as the newer and simpler cousin of NETCONF. As RESTCONF's presence gradually increases, you're going to hear more and more about the Python Requests library. The Requests library abstracts many of the complexities of making HTTP requests behind a simple API and offers several built-in methods to retrieve or push data to a REST-based API, such as GET or POST requests.
For each method, Requests returns back a "response" object for inspection. Included in this object are many extremely useful attributes such as the returned Status Code and the ability to easily raise exceptions upon failure via the raise_for_status() object. If you're going to be writing Python scripts to automate your network over RESTCONF, you're going to be importing the Requests library.
There are many new Python-based projects bursting on the scene that I am extremely excited about. I would encourage you to be adventurous and explore the landscape. That said, if you're simply looking to find tools that are stable, effective, and efficient, these five Python libraries are all tried and true. All of them, in my opinion, represent the very best Python library-based network automation options available on the market.