網工Python之路 -- CSV和Jinja2批量配置交換機(量大又有差別化的配置)
在平時的網絡運維工做中,網工少不了要給新設備作批量配置。其中一些配置好比line vty下的transport input ssh以及AAA、SNMP之類的屬於共有配置,全部此類命令在全部設備上是統一沒有差別的,寫一個Python腳本用Paramiko、Netmiko或者pexpect等SSH模塊就能輕鬆搞定。可是針對那些有差別化的配置,好比每一個端口下的description(好比用來描述每一個端口下面所鏈接的服務器的名稱,服務器的物理端口(網卡)號,以及服務器的用途等等),每一個端口的功能(access port仍是trunk port?若是是access port,access哪一個VLAN?由於存在差別,你不能簡單的用一個interface range來一次性統一完成全部端口的配置)以及在不一樣交換機上劃分和建立不一樣的VLAN id等等,光靠上述SSH模塊是很難搞定的,就算能搞定,寫出來的腳本的代碼量也是至關龐大,不便於維護的。這時就有必要用到Jinja2這個模板引擎來幫助咱們完成這些量大又有差別化的配置。python
本文將以一臺華爲思科設備爲例,講解如何使用Jinja2來完成對該交換機多個端口的配置ios
華爲篇:bash
ensp拓撲:服務器
switch ports2.csv文件內容以下:網絡
interface-template2.j2文件內容以下:app
interface {{ interface }}
description Link to {{ server }} port {{ port }} for {{ purpose }}
{% if vlan == "Trunk" -%}
port link-type trunk
{% else -%}
port link-type access
port default vlan {{ vlan }}
{% endif -%}
undo shutdown
jinja2_peizhiSW.py文件內容以下:運維
from jinja2 import Template
import csv
from netmiko import ConnectHandler
csv_file = open('switch ports2.csv')
template_file = open('interface-template2.j2')
reader = csv.DictReader(csv_file)
interface_template = Template(template_file.read(), keep_trailing_newline=True)
interface_configs = ''
for row in reader:
interface_config = interface_template.render(
interface = row['Interface'],
vlan = row['VLAN'],
server = row['Server'],
link = row['Port'],
purpose = row['Purpose']
)
interface_configs += interface_config
config_set = interface_configs.split('\n')
SW = {
'device_type': 'huawei',
'ip': '192.168.88.1',
'username': 'admin',
'password': 'admin123',
}
connect = ConnectHandler(**SW)
print ('Connected to switch')
output = connect.send_config_set(config_set) #output = connect.send_config_set(config_set, cmd_verify=False) 註釋這個是Netmiko 3須要的自身的一個"bug",我查看了個人netmiko是2因此不須要這個參數
print(output)
執行結果:dom
執行成功 cmd打印的
PS D:\Python_Files\python2020item\CSV_Jinja2> python .\jinja2_peizhiSW.py
Connected to switch
Traceback (most recent call last):
File ".\jinja2_peizhiSW.py", line 35, in <module>
output = connect.send_config_set(config_set, cmd_verify=False)
TypeError: send_config_set() got an unexpected keyword argument 'cmd_verify'
PS D:\Python_Files\python2020item\CSV_Jinja2>
PS D:\Python_Files\python2020item\CSV_Jinja2>
PS D:\Python_Files\python2020item\CSV_Jinja2> python .\jinja2_peizhiSW.py
Connected to switch
system-view
Enter system view, return user view with Ctrl+Z.
[RR]interface Ethernet0/0/0
[RR-Ethernet0/0/0] description Link to esxi-01 port for VM Host
[RR-Ethernet0/0/0] port link-type trunk
[RR-Ethernet0/0/0] undo shutdown
Info: Interface Ethernet0/0/0 is not shutdown.
[RR-Ethernet0/0/0]
[RR-Ethernet0/0/0]interface Ethernet0/0/1
[RR-Ethernet0/0/1] description Link to esxi-01 port for VM Host
[RR-Ethernet0/0/1] port link-type trunk
[RR-Ethernet0/0/1] undo shutdown
Info: Interface Ethernet0/0/1 is not shutdown.
[RR-Ethernet0/0/1]
[RR-Ethernet0/0/1]interface Ethernet0/0/2
[RR-Ethernet0/0/2] description Link to esxi-02 port for VM Host
[RR-Ethernet0/0/2] port link-type trunk
[RR-Ethernet0/0/2] undo shutdown
Info: Interface Ethernet0/0/2 is not shutdown.
[RR-Ethernet0/0/2]
[RR-Ethernet0/0/2]interface Ethernet0/0/3
[RR-Ethernet0/0/3] description Link to esxi-02 port for VM Host
[RR-Ethernet0/0/3] port link-type trunk
[RR-Ethernet0/0/3] undo shutdown
Info: Interface Ethernet0/0/3 is not shutdown.
[RR-Ethernet0/0/3]
[RR-Ethernet0/0/3]interface Ethernet0/0/4
[RR-Ethernet0/0/4] description Link to db-01 port for Database Server
[RR-Ethernet0/0/4] port link-type access
[RR-Ethernet0/0/4] port default vlan 80
[RR-Ethernet0/0/4] undo shutdown
Info: Interface Ethernet0/0/4 is not shutdown.
[RR-Ethernet0/0/4]
[RR-Ethernet0/0/4]interface Ethernet0/0/5
[RR-Ethernet0/0/5] description Link to db-02 port for Database Server
[RR-Ethernet0/0/5] port link-type access
[RR-Ethernet0/0/5] port default vlan 80
[RR-Ethernet0/0/5] undo shutdown
Info: Interface Ethernet0/0/5 is not shutdown.
[RR-Ethernet0/0/5]
[RR-Ethernet0/0/5]interface Ethernet0/0/6
[RR-Ethernet0/0/6] description Link to app-01 port for App Server
[RR-Ethernet0/0/6] port link-type access
[RR-Ethernet0/0/6] port default vlan 80
[RR-Ethernet0/0/6] undo shutdown
Info: Interface Ethernet0/0/6 is not shutdown.
[RR-Ethernet0/0/6]
[RR-Ethernet0/0/6]interface Ethernet0/0/7
[RR-Ethernet0/0/7] description Link to app-02 port for App Server
[RR-Ethernet0/0/7] port link-type access
[RR-Ethernet0/0/7] port default vlan 80
[RR-Ethernet0/0/7] undo shutdown
Info: Interface Ethernet0/0/7 is not shutdown.
[RR-Ethernet0/0/7]
[RR-Ethernet0/0/7]
[RR-Ethernet0/0/7]return
<RR>
PS D:\Python_Files\python2020item\CSV_Jinja2>
=======================================================================================
交換機配置也對應上了
[RR]dis cur
[V200R003C00]
#
sysname RR
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent sys-info version v3
snmp-agent group v3 MyGroup privacy read-view View_ALL write-view View_ALL notify-view View_ALL
snmp-agent target-host trap-hostname V3HOST address 192.168.88.3 udp-port 162 trap-paramsname V3TRAP
snmp-agent target-host trap-paramsname V3TRAP v3 securityname MyUser privacy
snmp-agent mib-view View_ALL include iso
snmp-agent usm-user v3 MyUser MyGroup authentication-mode sha 4705BD8CE37634ECB4D7DE1D59E200E00DFF5B06 privacy-mode aes128 4705BD8CE37634ECB4D7DE1D59E200E00DFF5B06
snmp-agent trap source GigabitEthernet0/0/0
snmp-agent trap enable
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load flash:/portalpage.zip
#
drop illegal-mac alarm
#
vlan batch 80
#
wlan ac-global carrier id other ac id 0
#
set cpu-usage threshold 80 restore 75
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$b^!*~`,kEQm{^F(k8;_<cyON%$%$
local-user admin privilege level 15
local-user admin service-type telnet ssh
#
firewall zone Local
priority 15
#
interface Ethernet0/0/0
description Link to esxi-01 port for VM Host
port link-type trunk
#
interface Ethernet0/0/1
description Link to esxi-01 port for VM Host
port link-type trunk
#
interface Ethernet0/0/2
description Link to esxi-02 port for VM Host
port link-type trunk
#
interface Ethernet0/0/3
description Link to esxi-02 port for VM Host
port link-type trunk
#
interface Ethernet0/0/4
description Link to db-01 port for Database Server
port link-type access
port default vlan 80
#
interface Ethernet0/0/5
description Link to db-02 port for Database Server
port link-type access
port default vlan 80
#
interface Ethernet0/0/6
description Link to app-01 port for App Server
port link-type access
port default vlan 80
#
interface Ethernet0/0/7
description Link to app-02 port for App Server
port link-type access
port default vlan 80
#
interface GigabitEthernet0/0/0
ip address 192.168.88.1 255.255.255.0
#
interface GigabitEthernet0/0/1
#
interface NULL0
#
interface LoopBack3
#
interface LoopBack4
#
interface LoopBack6
#
interface LoopBack8
#
interface LoopBack9
#
interface LoopBack66
#
interface LoopBack88
#
ssh user admin authentication-type all
stelnet server enable
#
user-interface con 0
authentication-mode password
user-interface vty 0 4
authentication-mode aaa
protocol inbound ssh
user-interface vty 16 20
#
wlan ac
#
return
[RR]
[RR]
[RR]dis int bire
[RR]dis int ?
Ethernet Ethernet interface
GigabitEthernet GigabitEthernet interface
LoopBack LoopBack interface
NULL NULL interface
brief Summary information about the interface status and configuration
counters Counters
description Interface description
main Main interface
slot Slot number
| Matching output
<cr> Please press ENTER to execute command
[RR]dis int brie
[RR]dis int brief
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
^down: standby
(e): ETHOAM down
(d): Dampening Suppressed
InUti/OutUti: input utility/output utility
Interface PHY Protocol InUti OutUti inErrors outErrors
Ethernet0/0/0 down down 0% 0% 0 0
Ethernet0/0/1 down down 0% 0% 0 0
Ethernet0/0/2 down down 0% 0% 0 0
Ethernet0/0/3 down down 0% 0% 0 0
Ethernet0/0/4 down down 0% 0% 0 0
Ethernet0/0/5 down down 0% 0% 0 0
Ethernet0/0/6 down down 0% 0% 0 0
Ethernet0/0/7 down down 0% 0% 0 0
GigabitEthernet0/0/0 up up 0% 0% 0 0
GigabitEthernet0/0/1 down down 0% 0% 0 0
LoopBack3 up up(s) 0% 0% 0 0
LoopBack4 up up(s) 0% 0% 0 0
LoopBack6 up up(s) 0% 0% 0 0
LoopBack8 up up(s) 0% 0% 0 0
LoopBack9 up up(s) 0% 0% 0 0
LoopBack66 up up(s) 0% 0% 0 0
LoopBack88 up up(s) 0% 0% 0 0
NULL0 up up(s) 0% 0% 0 0
[RR]
[RR]
[RR]dis int des
[RR]dis int description brei
[RR]dis int description brie
[RR]dis int description brie
^
Error: Wrong parameter found at '^' position.
[RR]dis int description ?
Ethernet Ethernet interface
GigabitEthernet GigabitEthernet interface
LoopBack LoopBack interface
NULL NULL interface
| Matching output
<cr> Please press ENTER to execute command
[RR]dis int description
PHY: Physical
*down: administratively down
(l): loopback
(s): spoofing
(b): BFD down
^down: standby
(e): ETHOAM down
(d): Dampening Suppressed
Interface PHY Protocol Description
Eth0/0/0 down down Link to esxi-01 port for VM Host
Eth0/0/1 down down Link to esxi-01 port for VM Host
Eth0/0/2 down down Link to esxi-02 port for VM Host
Eth0/0/3 down down Link to esxi-02 port for VM Host
Eth0/0/4 down down Link to db-01 port for Database
Server
Eth0/0/5 down down Link to db-02 port for Database
Server
Eth0/0/6 down down Link to app-01 port for App Serv
er
Eth0/0/7 down down Link to app-02 port for App Serv
er
GE0/0/0 up up HUAWEI, AR Series, GigabitEtherne
t0/0/0 Interface
GE0/0/1 down down HUAWEI, AR Series, GigabitEtherne
t0/0/1 Interface
Loop3 up up(s) HUAWEI, AR Series, LoopBack3 Inte
rface
Loop4 up up(s) HUAWEI, AR Series, LoopBack4 Inte
rface
Loop6 up up(s) HUAWEI, AR Series, LoopBack6 Inte
rface
Loop8 up up(s) HUAWEI, AR Series, LoopBack8 Inte
rface
Loop9 up up(s) HUAWEI, AR Series, LoopBack9 Inte
rface
Loop66 up up(s) HUAWEI, AR Series, LoopBack66 Int
erface
Loop88 up up(s) HUAWEI, AR Series, LoopBack88 Int
erface
NULL0 up up(s) HUAWEI, AR Series, NULL0 Interfac
e
[RR]
思科篇:ssh
實驗拓撲:ide
switch ports-gns3.csv文件內容:
interface-template-gns3.j2文件內容:
interface {{ interface }}
description Link to {{ server }} port {{ port }} for {{ purpose }}
switchport
{% if vlan == "Trunk" -%}
switchport mode trunk
{% else -%}
switchport mode access
switchport access vlan {{ vlan }}
spanning-tree portfast
{% endif -%}
no shutdown
jinja2_peizhiSW-gns3.py
from jinja2 import Template
import csv
from netmiko import ConnectHandler
csv_file = open('switch ports-gns3.csv')
template_file = open('interface-template-gns3.j2')
reader = csv.DictReader(csv_file)
interface_template = Template(template_file.read(), keep_trailing_newline=True)
interface_configs = ''
for row in reader:
interface_config = interface_template.render(
interface = row['Interface'],
vlan = row['VLAN'],
server = row['Server'],
link = row['Port'],
purpose = row['Purpose']
)
interface_configs += interface_config
config_set = interface_configs.split('\n')
SW = {
'device_type': 'cisco_ios',
'ip': '192.168.88.1',
'username': 'admin',
'password': 'admin123',
}
connect = ConnectHandler(**SW)
print ('Connected to switch')
output = connect.send_config_set(config_set) #output = connect.send_config_set(config_set, cmd_verify=False) 註釋這個是Netmiko 3須要的自身的一個"bug",我查看了個人netmiko是2因此不須要這個參數
print(output)
執行結果:
!
interface FastEthernet3/0
description Link to esxi-01 port for VM Host
switchport mode trunk
!
interface FastEthernet3/1
description Link to esxi-01 port for VM Host
switchport mode trunk
!
interface FastEthernet3/2
description Link to esxi-02 port for VM Host
switchport mode trunk
!
interface FastEthernet3/3
description Link to esxi-02 port for VM Host
switchport mode trunk
!
interface FastEthernet3/4
description Link to db-01 port for Database Server
switchport access vlan 80
!
interface FastEthernet3/5
description Link to db-02 port for Database Server
switchport access vlan 80
!
interface FastEthernet3/6
description Link to app-01 port for App Server
switchport access vlan 80
!
interface FastEthernet3/7
description Link to app-02 port for App Server
switchport access vlan 80
!
interface FastEthernet3/8
================================
PS D:\Python_Files\python2020item\CSV_Jinja2> python .\jinja2_peizhiSW-gns3.py
Connected to switch
config term
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface FastEthernet3/0
R1(config-if)# description Link to esxi-01 port for VM Host
R1(config-if)# switchport
R1(config-if)# switchport mode trunk
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/1
R1(config-if)# description Link to esxi-01 port for VM Host
R1(config-if)# switchport
R1(config-if)# switchport mode trunk
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/2
R1(config-if)# description Link to esxi-02 port for VM Host
R1(config-if)# switchport
R1(config-if)# switchport mode trunk
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/3
R1(config-if)# description Link to esxi-02 port for VM Host
R1(config-if)# switchport
R1(config-if)# switchport mode trunk
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/4
R1(config-if)# description Link to db-01 port for Database Server
R1(config-if)# switchport
R1(config-if)# switchport mode access
R1(config-if)# switchport access vlan 80
%Access VLAN 80 does not exist. Please add it to vlan database
R1(config-if)# spanning-tree port type edge
^
% Invalid input detected at '^' marker.
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/5
R1(config-if)# description Link to db-02 port for Database Server
R1(config-if)# switchport
R1(config-if)# switchport mode access
R1(config-if)# switchport access vlan 80
%Access VLAN 80 does not exist. Please add it to vlan database
R1(config-if)# spanning-tree port type edge
^
% Invalid input detected at '^' marker.
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/6
R1(config-if)# description Link to app-01 port for App Server
R1(config-if)# switchport
R1(config-if)# switchport mode access
R1(config-if)# switchport access vlan 80
%Access VLAN 80 does not exist. Please add it to vlan database
R1(config-if)# spanning-tree port type edge
^
% Invalid input detected at '^' marker.
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#interface FastEthernet3/7
R1(config-if)# description Link to app-02 port for App Server
R1(config-if)# switchport
R1(config-if)# switchport mode access
R1(config-if)# switchport access vlan 80
%Access VLAN 80 does not exist. Please add it to vlan database
R1(config-if)# spanning-tree port type edge
^
% Invalid input detected at '^' marker.
R1(config-if)# no shutdown
R1(config-if)#
R1(config-if)#
R1(config-if)#end
R1#
PS D:\Python_Files\python2020item\CSV_Jinja2>
=================================================
思科配置ssh
配置ssh以下:
R1(config)#line vty 0 4
R1(config-line)#transport input all 【能夠選ssh telnet 我都選了,all】
R1(config-line)#login local 【使用本地定義的用戶名密碼登陸】
R1(config-line)#
R1(config-line)#exi
R1(config)#username admin privilege 15 password cisco 【定義本地定義的用戶名密碼】
R1(config)#crypto key generate rsa
% Please define a domain-name first. 【務必先定義domain-name】
R1(config)#
R1(config)#ip domain-name xxh.com
R1(config)#
R1(config)#crypto key generate rsa 【發現配置了ip domain-name xxh.com和crypto key generate rsa 以後,22端口能測試通了!crypto key generate rsa在路由器上產生一對RSA密鑰就會自動啓用SSH.若是你刪除這對RSA密鑰,就會自動禁用該SSH服務器】
以後配置ip,我以後再用CRT測試,發現ssh2不行,ssh1卻是能夠登陸。
R1#show ip ssh
SSH Enabled - version 1.99
Authentication timeout: 120 secs; Authentication retries: 3
R1#
R1#conf t
R1(config)#ip ssh version 2
R1(config)#exi
R1#show ip ssh
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3
R1#
R1#
R1#
注意:重啓路由器以後,gns模擬器須要crypto key generate rsa從新生成key才能恢復ssh功能,否則又不能ssh了
R1#conf
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#crypto key generate rsa
The name for the keys will be: R1.xxh.com
Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take
a few minutes.
How many bits in the modulus [512]:
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]
R1(config)#
R1(config)#
R1(config)#
R1(config)#
R1(config)#
*Mar 1 00:00:54.711: %SSH-5-ENABLED: SSH 2.0 has been enabled
R1(config)#
*Mar 1 00:01:15.199: %SYS-5-CONFIG_I: Configured from console by admin on vty0 (192.168.88.3)
R1(config)#
相關文章
- 1. 交換機基本配置--交換機批量配置端口
- 2. expect批量配置交換機
- 3. BatchConfigTool批量配置工具
- 4. 華爲交換機批量處理端口的配置(端口組配置)
- 5. 交換機配置——Cisco(思科)-交換機初始化配置
- 6. ansible 批量配置cisco 交換機---接口篇
- 7. 交換機配置
- 8. 交換機的VLAN配置
- 9. 批量生產https 配置
- 10. 交換機工作原理和配置
- 更多相關文章...
- • Eclipse Debug 配置 - Eclipse 教程
- • Git 安裝配置 - Git 教程
- • IDEA下SpringBoot工程配置文件沒有提示
- • IntelliJ IDEA 代碼格式化配置和快捷鍵
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 「插件」Runner更新Pro版,幫助設計師遠離996
- 2. 錯誤 707 Could not load file or assembly ‘Newtonsoft.Json, Version=12.0.0.0, Culture=neutral, PublicKe
- 3. Jenkins 2018 報告速覽,Kubernetes使用率躍升235%!
- 4. TVI-Android技術篇之註解Annotation
- 5. android studio啓動項目
- 6. Android的ADIL
- 7. Android卡頓的檢測及優化方法彙總(線下+線上)
- 8. 登錄註冊的業務邏輯流程梳理
- 9. NDK(1)創建自己的C/C++文件
- 10. 小菜的系統框架界面設計-你的評估是我的決策
歡迎關注本站公眾號,獲取更多信息
相關文章