Python based utility for automating the upgrade of IOS based switches.
Oh yeah, most importantly, it has a RESTful API for integrating with other tools, Webex Teams, etc.
This project may require some minor changes to work with other platforms.
This project follows a microservices architecture and uses the following components/technologies.
Multi-vendor library to simplify Paramiko SSH connections to network devices.
We use this to actually perform IOS acrobatics. The basic usage of this library is
easy to learn, and maps really well to CLI based workflows.
Flask is a microframework written in Python. We leverage flask from the RESTFul API and rendering the web
based user interface.
In our first use case, an upgrade is a task, but others could be used. See example here.
Flower is a web based tool for monitoring and administrating Celery clusters
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker
Redis is the broker used by Celery to distribute Celery tasks.
MongoDB is an open source database that uses a document-oriented data model. This is where we persist information
about upgrade jobs.
Getting started is super easy, just modify the images.yaml to suit your needs.
WS-X45-SUP7-E:
filename: cat4500e-universalk9.SPA.03.08.04.E.152-4.E4.bin
In this example a platform matching WS-X45-SUP7-E will use cat4500e-universalk9.SPA.03.08.04.E.152-4.E4.bin
from the regional TFTP server.
Regions are how we identify which TFTP server to use for the file transfer for a given switch. Usually
devices contain some geographical region information in their hostname.
Modify regions.yaml to suit your situation.
FR:
regional_fs: 10.250.6.20
BF:
regional_fs: 10.122.1.10
AS:
regional_fs: 10.122.1.10
KC:
regional_fs: 192.168.51.1
In this example, any switch starting with AS
will use 10.122.1.10
as the TFTP server; likewise, switches with starting with kc
will use 192.168.51.1
.
Okay, so if you've gotten this far, you must be willing to give it a spin!
The easiest way to use this project is with docker-compose:
docker-compose build
docker-compose up
You should be able to browse to https://localhost to get started!
Self-signed certificates are provided for convenience and to provide a base level of encryption; however,
for anything beyond kicking the tires, it would probably be a good idea to generate your own, and replace
the default ones in ./nginx/ssl.
Whatcha thinkin?
Owner
Contributors
Categories
Products
Catalyst SwitchesSecure FirewallNX-OSProgramming Languages
PythonLicense
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View Community