[Twisted-Python] SSHv2 client script for Cisco routers

Justin Warren daedalus at eigenmagic.com
Mon Jul 16 05:01:52 EDT 2007


On Thu, 2007-07-12 at 15:00 -0500, Eli Criffield wrote:
> Thats exactly what I've been working on, a script to automate
> connections to cisco switches, where you have to execute multiple
> commands per connection (config t, then some commands ect...)

Hmm. I have code I didn't quite manage to publish last weekend does all
this and more. The current version breaks out to commandline via a
Process to run ssh, rather than implementing the SSH protocol itself,
though.

> I'd like to get ssh worked into http://code.google.com/p/exscript/ .
> Exscript does what your doing with telnetlib and uses  templates and
> concurrent connections.

This looks neat. I'll have to check it out to make sure I'm not
duplicating effort, however, I think I'm attacking this problem from a
different direction. If you're interested, read on. If not, stop now.

*ahem*

I want to automate change implementations. I'm sick of poorly controlled
changes being badly implemented in production environments, with no
backout plans. I'm sick of operators cutting and pasting from Notepad to
run commands over a telnet session. I want to be able to take a test lab
from simulation A to simulation B without having to use 9 different
admin tools.

This needs to work with multiple, different pieces of kit: NetApp,
Cisco, *nix boxen, Windows, etc. Each needs to be talked to slightly
differently.

Expect scripts solve part of the problem: templated communication to
perform a specific action. I've taken things one step further. I've
built a change management framework around this idea. There are 3 major
objects:

Devices: Things that need to have their state changed.
Provisioners: Things that communicate with Devices, in order to
implement Changes.
Changes: A series of actions, applied by a Provisioner, to a list of
Devices, to change their state.

A change consists of 6 major steps:

1. Pre-implementation, to check that the change is implementable, based
on the current state of a device.
2. Implementation, actually applying the change.
3. Post-Implementation verification. Make sure the change worked
correctly.

and then, if something goes wrong somewhere

4. Pre-backout, check that the change can be backed out.
5. Backout, actually backing out the change.
6. Post-backout verification, to make sure the backout was successful.

So, you can define a list of Change templates using variable
substitution, and then these changes can be applied to a list of devices
by using a set of Provisioners that know how to communicate to these
Devices.

Changes can have dependencies, so you can chain them together into a
tree of arbitrary complexity. Using the magic of twisted Deferreds, you
can run changes serially, or in parallel, limited only by the dependency
tree.

So, after that rather lengthy blurb, is anyone interested in this? Or am
I reinventing the wheel? I looked around for something similar in the
FOSS world a couple of months back, but everything I saw seemed to be
*nix centered and didn't do Cisco or NetApp.

Email me off list if you want this thing, so I know whether to try
harder to find some spare hours, or if it can wait a few weeks.

-- 
Justin Warren <daedalus at eigenmagic.com>




More information about the Twisted-Python mailing list