First Half of Python for Network Engineers

It’s been non stop for 5 weeks of training, but this week we had a week off so I thought I would post this.

I was able to get my work to fund the Python for Network Engineers course taught by Kirk Byers. 

https://pynet.twb-tech.com/class-pyauto.html

I had taken the free class a couple of times and learned quite a bit. I thought that being able to take the paid course would give me a better understanding of things related to python and how to handle some of the more complex things that I want to do. I really want to be able to take advantage of more automation in our environment and make things work better/easier with fewer chances for errors. I also want to empower my Helpdesk to be able to do more things, we are a very small shop with a large footprint of stores/offices. We have deployed Meraki to almost all of the locations so being able to take advantage of python/rest apis has been a great benefit so far. However I feel there is more that I can do, I just need some more training. Also the more stuff I can give to my Helpdesk the less they have to call me for and I can try and get some more sleep(as though that would happen). 

I have really enjoyed the first half of the class and learned quite a bit so far in just using Netmiko, textfsm, and jinja2. The other part that is nice is the community of people that Kirk has put together so that we can all learn off from each other and exchange ideas and questions. Between using Slack and some group channels there has been a lot of good comments/questions exchanged back and forth. 

As for the class Kirk’s videos have been informative and I have found a lot of useful information in them. His examples have been good and have shown some real life information in working with equipment. Not diving into actual network engineering, but showing some information in relation to real life data/examples. I have also found the exercises he has assigned us to be challenging and quite good. I have picked up some good ideas from them and it has pushed my learning and understanding of python.

In all I am really enjoying it and can’t wait for the next half and to see how my python programming improves.

Meraki Script to pull LTE Card Signal

Script for pulling the make and signal strength of wireless cards

We are trying to continually audit our LTE cards in the Meraki Routers so we wanted to be able to monitor the stores LTE connections and see the signal strength and then determine which if any needed to be swapped out. However that data is only stored at the device level so you have to iterate through the whole Organization then by network and then by device in the network. Meraki has a polling limit for how many times you can poll the cloud per second so I put a 1 second delay in there to keep the program from overwhelming everything and causing issues for itself or for our users monitoring on the website.

The script can be found here:

https://github.com/undrwatr/MERAKI_CARD_SIGNAL

How I handle credentials and shared variables in Python

How to handle common variables between programs

I have been writing a lot of python programs lately for interacting with the Meraki Platform. I was tired of copying and pasting my variables and credentials between programs, plus I wanted the ability to easily upload the programs to GitHub without having to worry about sanitizing the program of my companies or personal data. I did some searching and didn’t find a lot so what I figured I would do is put this information into a python module and then I could call that module from within my programs and then I wouldn’t have to worry about keeping all of my data secure. I decided to call my module cred.py and then I could call it from within the program with just a “import cred”. I used to copy this file into each of the directories where I was working on a program. Then I ran into a problem where I had to change an API key, I then had to go through and find all of the cred.py files I had created and then update the data in them. That proved to be more of a pain than I wanted to deal with so I decided to place it in a central directory for all of my programs. This proved much easier, but then I had to figure out how to call it from within Python without making it a module in the install path.

That is where I came up with this:

import sys

#Import the CRED module from a separate directory
sys.path.insert(0,’../CRED’)
import cred

With this it allows me to keep one central directory to store all of my credentials, but also commonly needed variables. I call it from within the program and can then run my programs easily. Love to hear how others are handling this or if there is a better way for me to do it.

Walt Disney World in October

As a family we made our yearly trip to WDW for Food and Wine and to have some fun in the heat and humidity. We as parents like going and our son likes to go and has a good time. At least we think he does and usually he doesn’t dissuade us from that notion. Here are some of the shots I took as we went to Epcot and Animal Kingdom.

Epcot food and Wine and of course character Meet and Greets:

 

Random shots from around the park.

What trip to Florida would be complete with out a thunderstorm and some really bad weather. This was a shot I got as we were running back to our hotel trying to get in before the storm hit.

Animal Kingdom and Avatar Land:

And of course since it was a quick vacation here is the child hurriedly finishing his homework before he has to go back to school the next day. So sad for him.

Moving Cisco UCS to 10G Interfaces

We initially implemented our Cisco UCS chassis and FI’s with 4 port channels each with 2x1Gb interfaces connected to our Cisco Core Switches. Now we are in the process of moving from a dual Cisco Core to a Juniper Virtual Chassis Core, more on that later in another post. Part of getting the new core was finally getting 10G for our network. We had been surviving just fine with our current network connectivity, but figured it wouldn’t hurt to get 10G and connect whatever we could to it.

What I could not find searching around the internet was how the UCS FI’s were going to handle the additional links and how the traffic would move over. I was afraid it would do some sort of Spanning Tree blocking and not allow them to pass traffic. However I realized after checking the existing links that I had two from each FI and both of them were actively passing traffic and neither was in a blocking state.

I then went ahead and started to plan the turnup of the links. For us the majority of our servers are sitting in the UCS environment from bare metal linux and windows machines, to our 500 Guest VMfarm. With so much crucial infrastructure we wanted to make sure we didn’t have any downtime or lose any traffic during the transition. So as part of the planning I built out a python script that would ping a list of known addresses to ensure they were all up and on the network as each part of the plan was completed. I wanted it be useful across any platform so that the code was reusable, so I made some allowances for the different versions and the unique requirements of each OS. The only requirement is a file called hosts.txt with your ip addresses in it you want to ping. Its multi threaded so it will run a lot of the pings at the same time and complete it as soon as possible. Then you just need to go through the output and look for anything that is failing.

 

 

[codesyntax lang=”python”]

#!/usr/bin/python

import sys
import os
import platform
import subprocess
import threading

plat = platform.system()
scriptDir = sys.path[0]
hosts = os.path.join(scriptDir, ‘hosts.txt’)
hostsFile = open(hosts, “r”)
lines = hostsFile.readlines()

def ping(ip):
if plat == “Windows”:
ping = subprocess.Popen(
[“ping”, “-n”, “1”, “-l”, “1”, “-w”, “100”, ip],
stdout = subprocess.PIPE,
stderr = subprocess.PIPE
)

if plat == “Linux”:
ping = subprocess.Popen(
[“ping”, “-c”, “1”, “-l”, “1”, “-s”, “1”, “-W”, “1”, ip],
stdout = subprocess.PIPE,
stderr = subprocess.PIPE
)
if plat == “Darwin”:
ping = subprocess.Popen(
#[“ping”, “-c”, “1”, “-l”, “1”, “-s”, “1”, “-W”, “1”, ip],
[“ping”, “-c”, “1”, “-s”, “1”, “-W”, “1”, ip],
stdout = subprocess.PIPE,
stderr = subprocess.PIPE
)

out, error = ping.communicate()
print out
print error

for ip in lines:
threading.Thread(target=ping, args=(ip,)).run()
[/codesyntax]

For the migration we took the subordinate FI and brought up the 10G interface as we watched traffic flow over it we then ran the ping script a couple of times. We then started to shutdown the trunk interfaces each time running the ping script looking for issues. After we had the Subordinate FI moved over to the 10G and new core we then then did the same with the Primary FI. I was happy to find that at no time did we lost any connectivity to our hosts/guests and that everything went smoothly.