Check_Access
Check_Access Project
This project leverages Genie/pyATS framework, WebEx Messenger and python logging module to check access into network devices by displaying, sending the result to WebEx Messenger Space and triggering logs to Syslog server for information and maintenance purposes. This project exploits the simplicity of Genie/pyATS framework with its connect() method in order to check the access by simply handling ConnectionError exception.
Keep in mind that this project is not to test connectivity, it allows to check access and can be used in many ways :
- Check access routinely
- Deployed separately or integrated in projects such as : before each provisioning or retrieving data form devices or CI/CD pipeline process to priore check accessibility
Topology and Simulation
Here is the topology used in this project:
GNS3 was used with Cisco routers and a Linux machine as Admin since the framework Genie/PyATS works only on Linux or Mac OSX. However, you can use the Windows Subsystem for Linux (WSL), as the case of this project represented here by the Admin host as shown in the topology. You can also test this project using your own emulator or the DevNet Sandbox Cisco Modeling Labs (CML). You just need to modify the parameters concerning the information about the devices used in the connex.yml file (IP addresses, users, IOS type, ...).
Packages installation and Requierements
The best practice is to leverage Python Virtual Environments (env). Please follow these steps to clone the Git repository and create and active the virtual environment:
git clone https://github.com/cherifimehdi/Check_Access.git
cd Check_Access
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
As the packages used are found in requirements.txt file, alternatively, you can install the packages as follows:
pip3 install pyats[full]
pip3 install requests
pip3 install requests-toolbelt
pip3 install prettytable
pip3 install python-dotenv
Before using the Check_Access Project
Please consider to:
- Modify the parameters in connex.yml file according to your devices configuration and types (IOS, ip, credentials,...)
- Create a WebEx Messenger Space to send to it the result as a text file
- Update the Token variable in the .env file, the roomId and the address of your Syslog Server in check_access.py script
- Choose and install your Syslog server. For this project I used the open source Tftpd32 software by Ph. Jounin
Check_Access project in action
Once the dependenties are installed and parameters are taken into account for connex.yml, .env files and check_access.py script, you can run the script check_access.py.
This project allows :
- Check access for each device in the testbed file connex.yml
- Trigger log message for each device and send the result to the Syslog server
- Generate the final result as table to print and send as text file to the WebEx Messenger space
In case of no access problem
Here we run check_access.py script from the Admin host:
(Check_Access) [mehdi@Check_Access]$ python check_access.py +--------------------+ | Access Check | +--------+-----------+ | Device | Status | +--------+-----------+ | R1 | Access Ok | | R2 | Access Ok | | R3 | Access Ok | +--------+-----------+
Here the result sent to the Syslog Server:
Here the result sent as a text file to our Webex Space:
Now, we can download the Result.txt file and consult the check access result for the network devices as shown below:
In case of access problem
Now we will deactivate the management interface of the router R2
Now we run the check_access.py script from the Admin host:
(Check_Access) [mehdi@Check_Access]$ python check_access.py +--------------------+ | Access Check | +--------+-----------+ | Device | Status | +--------+-----------+ | R1 | Access Ok | | R2 | No Access | | R3 | Access Ok | +--------+-----------+
As expected, the Syslog server received the logs:
The Result.txt file is now available for download and viewing from WebEx Messenger Space
As it shows from the console, the Syslog server and the Result.txt file, we have an access issue with the Router R2.
About me
Active Cisco CCAI Instructor and Network Engineering Trainer. Part of Cisco DevNet Class 2020. Cisco DevNet Code Exchange and Automation Exchange Contributor.
I am interesting in all about NetDevOps, Networking programmability and automation. I am a Cisco contents fan.
Contact Me
Use Case
Validate/Monitor access to network devices with the integration of Genie/pyATS, WebEx Messenger and Syslog server
Validate/Monitor access to network devices
The present use case leverages Genie/pyATS, WebEx Messenger and python logging module to efficiency Validate/Monitor access to network devices by displaying, sending the result to WebEx Messenger Space and triggering logs to Syslog server for information and maintenance purposes. The present project can be used for:
- Check access to network devices by periodic monitoring process
- Vlidate access to network devices prior provisioning/retrieving data process
- Separatly or integrated in CI/CD pipeline project in order to Validate access to network device before starting the process.
Keep in mind that this project is not to test connectivity, it allows to check access to network devices through their management interfaces.
White Paper
Please refer to these white papers:
Getting started with pyATS Library Genie : Kickoff your Genie experience!
Here a blog post from Hank Preston in case of using CML2: How can I automate device configurations using CML2?
Related Sandbox
Cisco DevNet Sandbox Cisco Modeling Labs
Links to DevNet Learning Labs
Solutions on Ecosystem Exchange
How pyATS can be used as an end-to-end DevOps automation ecosystem: Accelerating your DevOps with pyATS
Efficient Network Devices Data Retrieving - Application case of Validate/Monitor access to network devices with the integration of Genie/pyATS, WebEx Messenger and Syslog server use case
This use case shows an efficent and optimized way to retrieve data from network devices with checking access process by leveraging the Validate/Monitor access to network devices with the integration of Genie/pyATS, WebEx Messenger and Syslog server use case relating with the project Check_Access.
Suppose we have 100 network devices and we have access only to 50 of them, the retriving data process is applied only to these 50 devices witch conduct to save the time with generating logs to Syslog server for maintenance purposes besides the report sent to WebEx Messenger Space.
In summary, this project aims to :
- Check if there is an access to the network devices and generating notification for eeach of them to Syslog server and as report incorporated in text file to WebEx Messenger Space.
- Retrieve data only form devices on witch there is access and generate notifications to Syslog server for both case : Retrieving Success or Not
Remark
We focus here only on the result for the Syslog server notifications and the package installation and requirements, the others details like configuration files modification, topology and the WebEx Messenger result could be found at Check_Access repository related to Validate/Monitor access to network devices with the integration of Genie/pyATS, WebEx Messenger and Syslog server use case as it is a part of this project.
Related Sandbox
Cisco DevNet Sandbox Cisco Modeling Labs
Related Repository
Solutions on Ecosystem Exchange
How pyATS can be used as an end-to-end DevOps automation ecosystem: Accelerating your DevOps with pyATS
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View CommunityCisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.