Junos PyEZ e sebelisa mohlala oa mosebetsi oa ho batla li-subnets tsa mahala tsa ipv4

Sengoloa se mabapi le ho sebetsa le Junos PyEZ - "Python microframework e o nolofalletsang ho laola le ho iketsetsa lisebelisoa tse tsamaisang Junos OS" automation le tsamaiso, tsohle tseo re li ratang. Ho ngola sengoloa se hlalositsoeng sehloohong sena ho ne ho e-na le lipheo tse 'maloa - ho ithuta Python le ho iketsetsa mesebetsi ea ho bokella tlhahisoleseling kapa ho fetola tlhophiso ea lisebelisoa tse tsamaisang Junos OS. Khetho ea motsoako ona o khethehileng oa Python + Junos PyEZ e entsoe ka lebaka la thibelo e tlaase ea ho kena puong ea lenaneo la Python le boiketlo ba tšebeliso ea laebrari ea Junos PyEZ, e sa hlokeng tsebo ea litsebi tsa Junos OS.

Sepheo

Ho hlahlojoa ha li-subnets tsa mahala tsa ipv4 tsa k'hamphani. Maemo a hore subnet e lokolohile ke ho ba sieo ha ho kenoa mabapi le eona litseleng tsa switch e sebetsang joalo ka router e tsamaisang Junos OS.

Ts'ebetsong

Python + Junos PyEZ, leha ho bile le moleko oa ho e etsa ka paramiko le ssh.exec_command, Ka lebaka leo, o tla hloka ho hlophisa protocol ea taolo ea marang-rang ea sesebelisoa sa netconf ho lisebelisoa tse ntseng li hlahlojoa. Netconf e sebetsa le hardware ka ho letsetsa RPC e hole mme e sebelisa XML, mohlaleng ona, ho fana ka tlhahisoleseling eo e e fumanang.

Ho kenya mofuta oa hajoale oa Junos PyEZ ho tsoa ho PyPI ho etsoa ka taelo e latelang:

$ pip install junos-eznc

U ka kenya hape ho tsoa lekaleng le ka sehloohong la morero ho GitHub ka taelo e latelang:

$ pip install git+https://github.com/Juniper/py-junos-eznc.git

Le khetho e 'ngoe hape ka

$ pip install -r requirements.txt 

Taelo ena e tla kenya lilaebrari tse sieo tsamaisong 'me li hlokahala bakeng sa ts'ebetso. Phetolelong ea ka litlhoko.txt Ho na le tse peli feela tsa tsona, liphetolelo tsa morao-rao li bontšitsoe ka nako ea ho ngola script:

junos-eznc
netaddr

Ka mokhoa o ikhethileng, mongolo o nka lebitso la mosebelisi oa hajoale tsamaisong; o ka kena tlasa lebitso la mosebelisi e mong o sebelisa konopo ea show_route.py -u getpass.getpass e nka phasewete ho tsoa ho stdin kahoo phasewete e ke ke ea lula ho sistimi. Ho hokela sesebelisoa, o tla hloka hape ho kenya lebitso la moamoheli kapa aterese ea IP ha o khothalletsoa. Lintlha tsohle tse hlokahalang bakeng sa tumello ho sesebelisoa li amohetsoe.

Junos PyEZ e ts'ehetsa ho hokela lisebelisoa tse tsamaisang Junos OS ho sebelisa console, telnet kapa netconf ka ssh. Sengoliloeng se bua ka khetho ea ho qetela.

Ho hokela lisebelisoa, sebelisa sehlopha sa Sesebelisoa sa mojule oa jnpr.junos

with jnpr.junos.Device(host=router,
                           user=args.name,
                           passwd=password) as dev:

Kopo e etsoa bakeng sa litsela tsohle tse tsejoang ke router ka mohala oa ts'ebetso o hole kapa mohala oa ts'ebetso o hole, ho sa tsotellehe hore na ke ofe o loketseng haholoanyane.

data = dev.rpc.get_route_information()

Taelo e ts'oanang ho Junos OS

user@router> show route | display xml

Ka ho eketsa rpc qetellong ea taelo, re fumana tag ea kopo mme re ka e bapisa le lebitso la mokhoa oa RPC, ka tsela ena re ka fumana mabitso a mang a thahasello. Ke habohlokoa ho hlokomela hore syntax ea ho ngola lebokose la kopo e fapane le lebitso la mokhoa, e leng, o lokela ho nkela li-hyphens sebaka ka li-underscore.

user@router> show route | display xml rpc
<rpc-reply >route_list = data.xpath("//rt-destination/text()")

Karolo e 'ngoe e ne e phuthetsoe ka sekoahelo sa nakoana, e le hore u se ke ua pheta kopo ho router haeba ho ne ho hlokahala ho hlahloba subnet e' ngoe ho tsoa ho bao router e seng e ntse e tseba ka eona. Ke habohlokoa ho bolela hore router eo ke etsang kopo ho eona e tseba litsela feela ka OSPF, kahoo bakeng sa router e bohale ho molemo ho fetola kopo hanyenyane ho fokotsa nako ea ho sebetsa ea script.

data = dev.rpc.get_ospf_route_information()

Joale ha re shebeng likahare tsa loop ea nakoana

Qalong, mosebelisi o tla botsoa ho kenya subnet ka mask le li-octet tse fetang tse tharo ho tsoa marang-rang a subnet e le 'ngoe, sena sea hlokahala ho beha sebaka sa ho batla. Ha ke rate ts'ebetsong ena ea ho hlakisa litekanyetso le mefuta ea lipatlisiso, empa ho fihlela joale ha ke so fumane tharollo e molemo. Ka mor'a moo, ho tsoa lethathamong le hlahisitsoeng la subnets route_list, ho sebelisa phapang e nang le li-octet tse fetang tse tharo, ke khetha li-subnet tse nkhahlang.

tmp = re.search(r'^%sS*' % subnet_search, route_list[i])

Ka IPNetwork, module ea netaddr, ke amohela li-subnets ka mokhoa oa lethathamo la liaterese tsa ipv4.

range_subnet = netaddr.IPNetwork(tmp.group(0))

Ke sebelisa IPNetwork, ke fumana liaterese tse ngata ho tsoa ho marang-rang a kentsoeng ke mosebelisi ka maske mme ke hlahisa lethathamo la liaterese tsohle tse tsoang mofuteng ona bakeng sa ho bapisa le lenane la liaterese tse tšoaretsoeng.

for i in set(net_list).difference(set(busyip)):
        freeip.append(i)

Ke bonts'a lenane le hlahisoang la liaterese tsa mahala ka mokhoa oa subnets

print(netaddr.IPSet(freeip))

Ka tlase ke mongolo o felletseng, o lekiloeng ho li-switches tse sebelisoang e le router, mefuta ea ex4550, ex4600.

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import argparse
import getpass
import netaddr
import re
import sys

import jnpr.junos

parser = argparse.ArgumentParser()
parser.add_argument('-u', '--user',
                    action='store',
                    dest='name',
                    help='Enter login from tacacs if it differs from the '
                         'username in the system.')
args = parser.parse_args()

if not args.name:
    args.name = getpass.getuser()    # Return the “login name” of the user.
router = input("Full routers name: ")
password = getpass.getpass("Password: ")

try:
    # Authenticates to a device running Junos, for get information about routs
    # into xml format and selects by tag.
    route_list = []
    with jnpr.junos.Device(host=router,
                           user=args.name,
                           passwd=password) as dev:
        data = dev.rpc.get_route_information()
    route_list = data.xpath("//rt-destination/text()")
except (jnpr.junos.exception.ConnectRefusedError,
        jnpr.junos.exception.ConnectUnknownHostError) as err:
    print("Equipment name or password wrong.")
    sys.exit(1)

while True:
    subnet = input("Net with mask: ")
    subnet_search = input("Input no more three octet: ")
    # Gets a list of busy IP addresses from the received subnets.
    busyip = []
    for i in range(len(route_list)):
        tmp = re.search(r'^%sS*' % subnet_search, route_list[i])
        if tmp:
            range_subnet = netaddr.IPNetwork(tmp.group(0))
            for ip in range_subnet:
                busyip.append("%s" % ip)
    range_subnet = netaddr.IPNetwork(subnet)
    # Gets list ip adresses from subnetworks lists.
    net_list = []
    for ip in range_subnet:
        net_list.append("%s" % ip)
    # Сomparing lists.
    freeip = []
    for i in set(net_list).difference(set(busyip)):
        freeip.append(i)
    print(netaddr.IPSet(freeip))

    request = input("To run request again enter yes or y, "
                    "press 'enter', complete request: ")
    if request in ("yes", "y"):
        continue
    else:
        print('Bye')
        break

Source: www.habr.com