Script to automate Cisco device configuration?

Not regarding the NP but i thought this would be the best place to put this.

Im looking for a script of some kind which lets you automate cisco switch configuration without having knowledge with the IOS CLI. Im possibly thinking maybe theres a perl script which can refer to a csv file, where the user enters things such as vlan details, management IP, username and passwords, which port is assigned to a vlan etc. They can then run the script which will generate the output and write it to the switch. Or even just generate a config so the user can copy it to the switch.

Is this possible? i have no knowledge of scripting/programming but i am wondering if there is already one out there.

Find more posts tagged with

Comments

ilcram19-2

thats taken the fun away lol, you can try to use the cisco SDM im not sure if they have it for switches i never used it though it sucks lol, or create a template test files sometimes that works well

Bosefus

They way I configure en mass is make a template in notepad.

I then change the details that are device specific for each device (such as IPs) and then paste the config into the router.

For instance

config t
int fa0/0
ip add 192.168.0.1 255.255.255.0
no shut

I dont see why a program could not be created to do this. As you said the user would be prompted for values to enter (such as ip addresses) then the program could generate a text file which the user would paste into the router. The text file would have to include the needed commands as well.

kristianbrown

Or just make an excel sheet where you have an input tab where you put in all vlans, management ip's, username/password etc etc. And another tab where the configuration gets generated from the inputs?

--.

GT-Rob

CiscoWorks or SDM can dumb it down a bit for the admins who don't know CLI. You could probably almost teach the basic commands (as well as set up a privilege level that only accepts said commands) to the admins for turning up ports, setting vlans, etc. in the time it would take to set something else up.

Otherwise I dont see why you couldn't write a program that takes inputs from user defined fields, and uses that to input commands into a switch via telnet or something. Again, just depends if its worth someone's time to create it.

joshgibson82

Microsoft Word mail merge would do that for you.

nel

haha, no this isnt for me, im fine with the CLI. Like the OP said, it takes the fun away from it all. This was a request from a manager incase im never there as an emergency, because at the moment, there is no one else with the skills.

They asked for a script which could maybe ask the user a few basic options to initially setup the switch without any knowledge of the CLI. i was just wondering if there was anything out there so i could at least say i tried

tech-airman

nel,

How about configuring a T.F.T.P. server that holds backup config files that the networking devices can attempt to download from upon crash recovery?

Sepiraph

There are basically 3 ways to automate IOS configuration:

1) Cisco SDM (by far the easiest choice but also least powerful/scalable/versatile)

Use a scripting language (e.g. I use perl), then from a term server/host:

2) Make use of the Telnet API function for the respective language, you'd need to configure things like SNMP community script, username account setup and then you can pretty much 'paste' the command in your script. Pretty easy to do once you have the basic script and configuration setup.

3) Make use of SNMP itself by using allowing write access, you'd need to figure out the MIB and OID for the specific task you want to do. This is the most involved method but also the most versatile and powerful. (That's how NMS works).

In OP's situation, he'd be looking at #1 option.

nabz0r

I hope it's ok to bump a 4 year old thread. I am very interested in this myself, have you found a solution for your needs, nel? Please let me know as I am looking for something like this and all inputs are very much appreciated!

theodoxa

You can generate a configuration with pretty much any programming or scripting language. Probably the easiest way (if you just want to copy and paste) is to use XHTML, CSS, and Javascript. You create a form with XHTML using drop down boxes, text boxes, etc...and use Javascript to generate the configuration and sanity check the information entered.

theodoxa

here's a quick example web page that generates a configuration specifying hostname, domain-name, and whether the HTTP and HTTPS servers are enabled. Obviously, you could add a lot more options such as VLANs, VTP, etc...

http://agredon.com/switch.xhtml

Hondabuff

Use Cisco Network Assistant you newbies

or Cisco Configuration Professional.

OfWolfAndMan

Kiwi cat tools...

powmia

https://pynet.twb-tech.com/

He has some config templating tutorials. His preference is ansible. There are a number of options in the wild, but the overall approach to using a framework built upon a templating system is a scalable approach to the problem.

Priston

I created my own webpage for access switches and terminal servers.

I would upload a clean version of it but it looks like it's not letting me upload .txt files

apr911

theodoxa wrote: »

You can generate a configuration with pretty much any programming or scripting language. Probably the easiest way (if you just want to copy and paste) is to use XHTML, CSS, and Javascript. You create a form with XHTML using drop down boxes, text boxes, etc...and use Javascript to generate the configuration and sanity check the information entered.

This is spot on. There are dozens of ways to do what you're asking the real issue is the lack of scope. As with any software development project, you need to determine the use case for your software (script) so you can determine which features are going to be needed.

If its only going to be used when you are out of the office, the question becomes in what context will people need to make changes to the switch? Are they really going to be deploying new switches from scratch with full-on customization while you're out of the office and no one who understands the CLI is available? Or do they just need a way to move vlans around?

They may be similar problems but the approach you take in tackling them is likely to be different.

Basically, you could build a script that will customize things to your heart's content and spit out the commands needed to make the requested changes but now you're basically reinventing the CLI into a GUI and that is a vastly different undertaken to a GUI capable of turning an access port into a trunk.

Ultimately though, anything beyond a few user friendly customizations and you're not likely to lime the state you end up in. Without someone there who understands what's happening to sanity check the input and response, there is no guarantee it will work unless you add the sanity checks to your programming but now you're talking about having to cover for all yours error amongst other issues.

d4nz1g

Cisco is now implenting python and xml API for its devices.
Look for Cisco ACI and puppet.

down77

Actually what you would want to look at is Cisco Prime/Cisco ONE which is available now. I have a number of accounts who use this for automation and intelligence into their devices (Catalyst, ISR, Wireless, etc). ACI/Puppet is part of the APIC suite meant for Data Center (nexus, ucs)

Hondabuff

I have all my configs saved to a word template and the info that needs changed is highlighted in yellow. Just plug in your info and copy and paste into the router or switch. Goes something like 1) log into switch 2) enable 3) conf t 4) paste 5) wr 6) log out of equipment and power down 7) Ship

kohr-ah

As we use a default base config I made an excel sheet that had all 120 locations in it. All you have to do is choose the site and put the last octet of the IP and then in an entry field type the switch location and hit generate. It pops up for you to save as a text file.

Another tab is routers.

Took maybe an hour to make. Saved me tons of work. Did it for solarwinds custom properties also.

creamy_stew

Sharing is caring

I'm especially curious about the router tab.

/creamy

networker050184

I just wrote a script today for some of our support guys that basically does the same thing as kohr-ah's spreadsheet. It just uses a text file template, asks the user for some variables (location to pull in communities, snmp address, loopback IP, etc) then spits it out into a text file. Took me about 20 minutes to write in Ruby. Pretty easy.

creamy_stew

Oh yeah!? Well, in Python, it would take like 20 milliseconds!

Hrumph

I'm not actually that good at Python

networker050184

Ruby is super easy, not a lot of syntax to work through and forgetting a semi colon messing you all up. I could certainly do things way faster in Ruby but I'm far from an expert or even intermediate.

I usually run scripts in Python because that's what most people use these days, but this particular box has some old custom Python stuff someone created 10 years ago and no longer with the company. Best not to touch it because I sure can't fix it if it breaks....

linuxabuser

I use Powershell with Jenkins as a front end.

networker050184

Thanks for the suggestion linuxabuser. I'll have to check that out. I've been dabbling in some powershell for a project I'm working on and looking for some ways to expand on it.

kohr-ah

creamy_stew wrote: »

Sharing is caring
I'm especially curious about the router tab.

/creamy

Left my work laptop at work to perform updates. I will gladly share Monday when I get in

Ill make a few changes to get rid of custom corporate information.

TechGuru80

Definitely all kinds of ways to do it. It might feel kind of dangerous to automatically have the script execute though. CCP lets you select parameters of a config template so you only have to fill in that information. You could also use like Java, Python, etc to write to a txt file for copying. You really would want to have a backup of the config anyways so that seems like a decent option.

networker050184

I've been meaning to take a closer look at Trigger for a while but haven't gotten around to it. Anyone have any experience with it?

https://trigger.readthedocs.org/en/latest/index.html

linuxabuser

networker050184 wrote: »

Thanks for the suggestion linuxabuser. I'll have to check that out. I've been dabbling in some powershell for a project I'm working on and looking for some ways to expand on it.

Just since I'm a nice guy (ha!) here's a small Powershell config snippet I've been working on. There is currently no validation or verification. I'm working on building that in.

What this does is connect to a new, out of the box Cisco router via the Console port and configure it to grab a startup config file via TFTP.

[Power Shell] Powershell Cisco Serial Console - BETA - Pastebin.com