Labari game da aiki tare da Junos PyEZ - "Python microframework wanda ke ba ku damar sarrafa da sarrafa na'urorin da ke gudana Junos OS" aiki da kai da gudanarwa, duk abin da muke so. Rubuta rubutun da aka bayyana a cikin wannan labarin yana da maƙasudai da yawa - koyan Python da sarrafa ayyuka ta atomatik don tattara bayanai ko canza daidaitawa akan kayan aikin da ke gudana Junos OS. Zaɓin wannan takamaiman haɗe-haɗe na Python + Junos PyEZ an yi shi ne saboda ƙananan shingen shiga cikin harshen shirye-shiryen Python da sauƙin amfani da ɗakin karatu na Junos PyEZ, wanda baya buƙatar sanin ƙwararrun Junos OS.
Manufar
Audit na ipv4 subnets na kamfanin kyauta. Ma'anar cewa subnet ɗin kyauta shine rashin shigarwa game da shi a cikin hanyoyin da ke kan sauya aiki azaman na'ura mai ba da hanya tsakanin hanyoyin sadarwa da ke aiki da Junos OS.
Aiwatarwa
Python + Junos PyEZ, kodayake akwai jaraba don yin ta ta hanyar paramiko da ssh.exec_command, Sakamakon haka, kuna buƙatar saita ƙa'idar gudanarwar cibiyar sadarwar na'urar netconf akan kayan aikin da ake jefa kuri'a. Netconf yana aiki tare da hardware ta hanyar kira RPC mai nisa kuma yana amfani da XML, a cikin wannan misali, don samar da bayanin da yake karɓa.
Shigar da junos PyEZ na yanzu daga PyPI ana yin shi tare da umarni mai zuwa:
$ pip install junos-ezncHakanan zaka iya shigarwa daga babban reshe na aikin akan GitHub tare da umarni mai zuwa:
$ pip install git+https://github.com/Juniper/py-junos-eznc.gitKuma wani zaɓi ta hanyar
$ pip install -r requirements.txt Wannan umarnin zai shigar da ɗakunan karatu waɗanda suka ɓace daga tsarin kuma suna da mahimmanci don aiki. A cikin sigar tawa bukatun.txt Akwai guda biyu ne kawai daga cikinsu, ana nuna sabbin sigogin a lokacin rubuta rubutun:
junos-eznc
netaddrTa hanyar tsoho, rubutun yana ɗaukar sunan mai amfani na yanzu a cikin tsarin; zaku iya shiga ƙarƙashin sunan wani mai amfani ta amfani da maɓallin show_route.py -u getpass.getpass yana ɗaukar kalmar sirri daga stdin don haka kalmar sirri ba za ta kasance a cikin tsarin ba. Don haɗawa da kayan aiki, kuna buƙatar shigar da sunan mai masauki ko adireshin IP lokacin da aka sa ku. An karɓi duk bayanan da suka wajaba don izini akan na'urar.
Junos PyEZ yana goyan bayan haɗawa zuwa kayan aiki da ke gudana Junos OS ta amfani da na'ura mai kwakwalwa, telnet ko netconf ta ssh. Labarin ya tattauna zaɓi na ƙarshe.
Don haɗawa da kayan aiki, yi amfani da ajin na'ura na module jnpr.junos
with jnpr.junos.Device(host=router,
user=args.name,
passwd=password) as dev:Ana yin buƙatu don duk hanyoyin da aka sani ga na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta hanyar kiran hanya mai nisa ko kiran hanya mai nisa, duk wanda ya fi dacewa.
data = dev.rpc.get_route_information()Irin wannan umarni akan Junos OS
user@router> show route | display xmlTa ƙara rpc zuwa ƙarshen umarnin, muna samun alamar buƙatun kuma za mu iya daidaita shi da sunan hanyar RPC, ta wannan hanyar za mu iya gano wasu sunaye masu sha'awa. Ya kamata a lura da cewa syntax don rubuta alamar buƙatun ya bambanta da sunan hanyar, wato, ya kamata ku maye gurbin hyphens tare da alamar.
user@router> show route | display xml rpc
<rpc-reply >route_list = data.xpath("//rt-destination/text()")Sauran ɓangaren an nannade shi a cikin madauki na ɗan lokaci, don kada a sake maimaita buƙatun ga na'ura mai ba da hanya tsakanin hanyoyin sadarwa idan ya zama dole a duba wani rukunin yanar gizo daga waɗanda na'ura mai ba da hanya tsakanin hanyoyin sadarwa ya rigaya ya sani. Yana da kyau a faɗi cewa na'ura mai ba da hanya tsakanin hanyoyin sadarwa da nake yin buƙatun ta san hanyoyin ne kawai ta hanyar OSPF, don haka ga na'ura mai ba da hanya tsakanin hanyoyin sadarwa yana da kyau a canza buƙatar kaɗan don rage lokacin tafiyar da rubutun.
data = dev.rpc.get_ospf_route_information()Yanzu bari mu dubi abubuwan da ke cikin lokacin madauki
A farkon, za a tambayi mai amfani don shigar da subnet tare da abin rufe fuska kuma ba fiye da octets uku daga cibiyar sadarwa na wannan rukunin yanar gizon ba, wannan wajibi ne don saita kewayon bincike. Ba na son wannan aiwatar da ƙayyadaddun ƙa'idodi da kewayon bincike, amma har yanzu ban sami mafita mafi kyau ba. Na gaba, daga jerin abubuwan da aka samo na hanyoyin sadarwa route_list, ta amfani da madaidaicin da bai ƙunshi fiye da octets uku ba, na zaɓi ƙananan hanyoyin da ke sha'awar ni.
tmp = re.search(r'^%sS*' % subnet_search, route_list[i])Ta hanyar IPNetwork, tsarin netaddr, Ina karɓar subnets a cikin jerin adiresoshin ipv4.
range_subnet = netaddr.IPNetwork(tmp.group(0))Ta amfani da IPNetwork, Ina samun kewayon adireshi daga hanyar sadarwar da mai amfani ya shigar tare da abin rufe fuska kuma na samar da jerin duk adiresoshin daga wannan kewayon don kwatanta da jerin adiresoshin da aka mamaye.
for i in set(net_list).difference(set(busyip)):
freeip.append(i)Ina nuna sakamakon jerin adiresoshin kyauta a cikin nau'i na subnets
print(netaddr.IPSet(freeip))A ƙasa akwai cikakken rubutun, an gwada shi akan maɓallan da aka yi amfani da su azaman na'ura mai ba da hanya tsakanin hanyoyin sadarwa, samfuran ex4550, ex4600
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import argparse
import getpass
import netaddr
import re
import sys
import jnpr.junos
parser = argparse.ArgumentParser()
parser.add_argument('-u', '--user',
action='store',
dest='name',
help='Enter login from tacacs if it differs from the '
'username in the system.')
args = parser.parse_args()
if not args.name:
args.name = getpass.getuser() # Return the “login name” of the user.
router = input("Full routers name: ")
password = getpass.getpass("Password: ")
try:
# Authenticates to a device running Junos, for get information about routs
# into xml format and selects by tag.
route_list = []
with jnpr.junos.Device(host=router,
user=args.name,
passwd=password) as dev:
data = dev.rpc.get_route_information()
route_list = data.xpath("//rt-destination/text()")
except (jnpr.junos.exception.ConnectRefusedError,
jnpr.junos.exception.ConnectUnknownHostError) as err:
print("Equipment name or password wrong.")
sys.exit(1)
while True:
subnet = input("Net with mask: ")
subnet_search = input("Input no more three octet: ")
# Gets a list of busy IP addresses from the received subnets.
busyip = []
for i in range(len(route_list)):
tmp = re.search(r'^%sS*' % subnet_search, route_list[i])
if tmp:
range_subnet = netaddr.IPNetwork(tmp.group(0))
for ip in range_subnet:
busyip.append("%s" % ip)
range_subnet = netaddr.IPNetwork(subnet)
# Gets list ip adresses from subnetworks lists.
net_list = []
for ip in range_subnet:
net_list.append("%s" % ip)
# Сomparing lists.
freeip = []
for i in set(net_list).difference(set(busyip)):
freeip.append(i)
print(netaddr.IPSet(freeip))
request = input("To run request again enter yes or y, "
"press 'enter', complete request: ")
if request in ("yes", "y"):
continue
else:
print('Bye')
break
source: www.habr.com