Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Network Automation using Python & Ansible

  1. #1

    Default Network Automation using Python & Ansible

    Hello,

    Guys I am a Network Engineer and been working on many multi vendor equipments for years. Now a days alot of buzz is around regarding automation using Python and Ansible, hence this post.

    My confusion is that why we would do Network automation using Python? When Python is written in C / C++ and is an interpreted language not a compiled one which makes it horribly slow while executing iterated tasks (like "for" loops). I've skimmed through some of Python tutorial vids on Youtube and although they are very informative if you want to learn Python, I could not realize why take all this pain to code to achieve something that you can do manually. Is it the idea that we write thousands of line of code once and then simply keep on executing it instead of doing manual configurations for each network element ? Can someone please give a practical example as to how Python would make network management efficient ?

    For Ansible, please have a look at https://pynet.twb-tech.com/. A simple config backup routine warrants 100s of code lines which inherits coding errors and administrative overhead. Please suggest what I am missing in terms of efficiency while using Python / Ansible as network automation tools / techniques.

    Thanks and regards,

  2. #2
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    whoa ? why use python ? c is there for ya, IDK alot about networks but there is a (HUGE) performance gap between c an pyhthon.
    The only advantage i could think of is easier to code. like you'd write way less in python than c to do the same task.
    What is automation ?? lol

  3. #3
    Client Beta Testers Appelpitje's Avatar
    Join Date
    Jan 2012
    Location
    Belgium
    Posts
    571

    Default

    Python is indeed easy to use and thats why it's used a lot, but indeed u also have other programming languages that are more performant, even Java is faster than Python in most cases.

  4. #4
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    This might be a little off topic, I'm not a network engineer, but I am a Systems and Server Engineer. I recently got into powershell. I guess, like python that is not a compiled code. However, it makes my life a LOT easier with automating stuff. Primarily because powershell easily gets a handle on active directory and exchange, so you can run scripts that will recursively check all domains and stuff for almost anything you want.
    Just some examples I used in the past..
    Check all users in all domains that are disabled accounts
    Check all mailboxes that belong to a group called "blah"
    Check all users that have passwords set to never expire

    If I were to do this manually, it would be such a tedious process, and by running a powershell script I can grab everything I need in a couple seconds.

    Like I said, I'm not familiar with python, and I know consumer based networking, but I'm not too proficient in enterprise networking, but I would imagine the concept would be similar... For example say you're working with cisco or juniper or whatever... Maybe there is an easy way to hook into those firewalls/switches etc to recursively check stuff or configure stuff automatically instead of having to run a crap load of terminal commands?

    At least that's my guess.

  5. #5

    Default

    @Ryback : Network Automation primarily means doing configurations in an automated manner.

    @James: You are correct that writing scripts make life alot easier than doing same thing manually. I've posted this same query on some other professional forums as well and someone said that the idea is the same as that of development of robots: to make our lives easier and I understand that otherwise people would not be using them. But my confusion was regarding choice of programming language. I am not very proficient in programming languages but read on some forums that if a program takes 2 months to code in Python by single programmer, the same program will take 2 programmers a full year to have the same functionality coded in C. So yeah, apparently it is the ease of programing in Python that has captured the market.

    I've written a simple C program to calculate primary numbers in a given range and then did the same in Python. Its like comparing Jet with toddler. Compiled C programs are that fast or even more. My guess is that in Network (or System) automation we do not need a lot of nested loops and requirements are pretty much text manipulation and singular statements where Python excels.

    Any other thoughts ?
    Last edited by anspectrum; September 11th, 2017 at 01:32 PM.

  6. #6
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    I will say this... Take C/C++ for example. It's a very common language. Compare it to Java. People are saying Java is much simpler because it allows you to do everything that c/c++ would with less code.
    Even the MFC API similar to that of visual basic where you drag and drop "widgets" and then just tell that widget how to interact with your application versus having to create a bunch of custom buttons and doing it...

    The difference is how much "flexibility" and control you have over your code versus how another language or API uses it. It's a little difficult to explain; maybe Leyok can elaborate on this haha..

    When it comes down to it, you're probably right. python uses some API that allows you do do the exact same thing in 100 lines of code that a c/c++ programmers might need to do in 10,000 lines of code.

    Each function that a programmer might need to create probably uses a custom algorithm or something like that, but it can be tweaked and optimized for performance, security, and efficiency; whereas in the other example with less code, you don't might have less flexibility and ability to optimize the code.

  7. #7

    Default

    I don't know about that. I have seen some pretty impressive python performance, and I don't even like python. In fact, it's much better than c# by far. I don't know how it compares to c / c++, but man python is perfectly acceptable in terms of performance.

    The reborn master server is written in python btw...
    Browse MOHAA Servers Post GameSpy Era

    VISIT MOHREBORN.COM FOR LATEST INFORMATION



    Medal of Honor: Game Server Browser Fixer - Patches your MOHAA, MOHSH, and MOHBT game binaries to allow you to retrieve a list of game servers within the multi-player menu in-game even after GameSpy ceases operation!

    Medal of Honor: Query Launcher - Find, browse, organize, join, get your ping, and get more information regarding all Medal of Honor (AA, SH, & BT) servers from your PC at any time!
    Medal of Honor: Web Server Master List - Find and browse all Medal of Honor servers online using your browser!
    Add your Medal of Honor Server to the Master List
    YouTube Video for Medal of Honor: Query Launcher and MOHAASERVERS.TK!



    MOHAA Mods and Utilities
    OwN-3m-All's Mods
    Make Me Stock - A program that allows you to easily move-in and move-out non-stock mods and other files at the click of a button. Automates adding / removing mods without having to copy / move files manually.



    Quality Game Servers

    Rent dedicated Dallas Texas, Kansas City, Las Vegas Nevada, Chicago, Pennsylvania, and Sofia Bulgaria MOHAA and other game servers from We Be HostiN starting at $10 a month.


  8. #8
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    That's the thing though... A lot of the "newer" languages, have functions that already do everything for you... For example Java has a cleaning function. C++ doesn't. You need to "clean garbage" yourself.

    It's as I mentioned in my 2nd post above (just as an example), it might have a function that does the bulk work for you. Depending on how well that is coded and optimized, it can either be greatly benefitted from and have fast performance, or if it's poorly coded it can cause lag or performance issues...

    So it's hit or miss. c/c++ you have FULL control under your fingers because you can modify what each function does and how it does it. There are hundreds of ways to write an application that does exactly the same thing... It's just a matter of efficiency and performance.

  9. #9
    Über Prodigy & Developer Razo[R]apiD's Avatar
    Join Date
    May 2010
    Location
    Poland, Lublin
    Posts
    3,257

    Default

    On Linux you have Bash, but it's pain in the ass to write something more complicated in Bash. Admins started to use Perl, where you can in few lines make a lof of stuff and it's still a scripted language that automate tedious manual work. The problem with Perl is that it's very easy to write scripts that can be hard to understand after some time due to Perls very elastic syntax. (There are even contests do write Perl scripts that do certain thing in least amount of code. Some of those scripts look just like random characters..). Python is considered very often as a successor of Perl, with strong syntax checking and formatting, yet still elastic enough to quickly write advanced scripts that do work for you.

    Ansible is very cool. Imagine this:

    You have a web application and it's time of production deployment. You have 50 servers behind a load balancer where you need to deploy new version of your web application. What is more - developers not only made business logic changes to that web app, but refactored code and during deployment, you also need to change the structure of folders and config files on all of those 50 servers.

    With Ansible, you write once what you plan to do on a friday production deployment night and because it's a scripted setup of environment you want to deploy - you have a chance to test this one script on some test servers and make sure that everything land where it needs to land and that it changes everything it needs to change.
    Once you tested this one script - you don't touch it till that friday night, when you just run it and go home.

    Now imagine that you have to sit 6 hours at night, redoing all the work on every server. It's easy to miss one line of config on one of the servers, or one not deleted or copied or moved file and then boom - you have problems tomorrow morning on production.

    Especially when you have to do certain things in certain order (for example - kill this process, copy file, start another process etc. and then edit file, add some line with some server address to config with proper production login and passowrd and IP address, restart another process).

  10. #10
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    I've never worked with ansible, but what RR mentioned above, sounds very similar to what I do in powershell. Everything is automated. In fact I wrote a ps script that pulls all servers from all domains in an organization, and it stores each server in a variable, that you can then seed into another function and do whatever you want. In my example, I seeded the server remotely from my computer and ran a scan of all software that server had. and if that server had a specific piece of software, it would output the name of the server and that software into a text file so I could then uninstall it.

    It saved so much time because I probably had 50 servers.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •