What did you Expect? Part 1: Connecting to Cisco IOS

Most of my career I have been an network operator.  In that time there have been many repetitive tasks that I wish I could have automated but I simply did not not have the skill or knowledge to do anything about it.  So when Big Matt Stone sat down and showed me what writing code in Expect inside of Python was all about I was BLOWN AWAY!  This is part one of who knows how many in my series of starting to use Expect to automate network tasks.

For months I have been reading books on Python and trying to figure out how to write applications from the ground up.  This is hard for me.  While I can now read some Python code, I am not doing much functional in it yet.  But suddenly there is Expect and within an hour of sitting down with it I had SSH’d into one of my 3560 lab switches and actually made changes without typing commands into the CLI.  Cool!

Let me take a minute here and explain one of the guiding principles I have been working off of lately.  Mike Bushong introduced me to the idea of the Path to Automated Networking.  As you can see below the path starts at 1 with Command Line Interface and ends with 10 which is Machine Learning and Intelligent Computational Networking.  In between those two numbers is a wide range of skills, challenges and time commitments.

automated networking

For me I have been asking where am I on this path.  What I have come up with, is personally I am right between Templating (2) and Expect/Task Driven Automation (3).  Likely this is where many operators are today.  I have ran into quite a few  who are fluent in Perl or have hacked Bash scripts to automate their workflows.  I have met even more who are great at integrating multiple applications both commercial and OpenSource to optimize their daily routines.  But that can only take us so far.

So with that I am going to quit trying to cheat, jumping from 2 to 6 by trying to replicate what my friends and co-workers are doing and just follow the path.  Without further adieu here is me getting started with Python and Expect.

If you did not read the link on Expect, here is a quick laymens overview.  Expect is a methodology within most development environments that allows you to automate interactions with systems based on knowing what the system will ask.  I have chosen to to my learning initially in Cisco IOS because that is what my home lab is and I have been using IOS inside of GNS3 for years so I have a go to mobile dev environment to test my IOS expect scripts in.  It also helps that I spent the majority of my operational career working with Cisco equipment.  So with that here is an example of logging into a switch with Expect in plain english, NOT CODE!

Expect:  Switch_1>

Send: enable

Expect: password

Send: ‘enable_password’

Expect: Switch_1#

Send: Configure Terminal

Expect:  Switch_1(config)#

Send: exit

Expect: Switch_1#

Send: quit

This is pretty cool when you start wrapping your head around it.  It means that at the minimum you can take all those sharp templates you feel really proud about (I have hundreds for different situations) and convert them to expect.  Just like that you will no longer have to worry about buffers running out or characters errors when you copy and paste that big old config template.  Whats more you can now do configuration tasks such as generate RSA keys that required user input and would break template deployment.

But we are walking down a path and we are all in technology so we know that realistically that path is never ending. But it also means that the further we go down the path the more amazing the things we can do!  So lets do what we did above but with actual code.

# Imports Needed Libraries to run Code
import pexpect
import sys
import os
#
# Creates Variables to be referenced by code
#
# Creates a variable named switch_ip and sets it to 10.0.0.2
switch_ip = "10.0.0.2"
# Creates a variable named switch_un and sets it to pytest
switch_un = "pytest"
# Creates a variable named switch_pw and sets it to pytest
switch_pw = "pytest"
# Creates a variable named enable_pw and sets it to password
enable_pw = "password"
#
# Creates Variable (child) for the SSH Session and Starts it.
# The SSH Session is created from the (switch_un) and (switch_ip) variables
# The %s@%s python code is referencing what folows %
# which is (switch_un, switch_ip)
# In a real life SSH connection it would look like this ssh switch_un@switch_ip
# Which would use the variables we created earlier and
# translate to ssh [email protected]
child = pexpect.spawn('ssh %s@%s' % (switch_un, switch_ip))
# Create a logfile of running code and
# drop it to Standard Out/screen unbuffered.
# We do this for debugging and status of script
child.logfile = os.fdopen(sys.stdout.fileno(), 'w', 0)
# Shows that the next prompt we expect from the SSH Session
# (child) is Password:
child.expect('Password:')
# We now send the varible switch_pw
child.sendline(switch_pw)
# Shows that the next prompt we expect from the SSH Session (child) is >
child.expect('>')
# We now send the IOS command terminal length 0
# to prevent potential need for user inputs
child.sendline('terminal length 0')
# Shows that the next prompt we expect from SSH Session (child) is >
child.expect('\>')
# We no send the IOS command enable
child.sendline('enable')
# Shows that the next prompt we expect from SSH Session (child) is Password
child.expect('Password:')
# We now send the variable (enable_pw)
child.sendline(enable_pw)
# Shows that the next prompt we expect from SSH Session (child) is #
child.expect('#')
# We now send the IOS command conf t
child.sendline('conf t')
# Shows that the next prompt we expect from SSH Session (child) is (config)#
child.expect('\(config\)#')
# We now send the IOS command end
child.sendline('end')
# Shows that the next prompt we expect from the SSH Session (child) is >
child.expect('#')
# We now send the IOS command to quit which will terminate
# the SSH session (child) and end the program
child.sendline('quit')

And with that we have written a basic Python script using Expect.  You can download the file on my GitHub page. Next time we’ll do more than log in and log out.  We’ll actually change some things on our test device.  Thanks for reading and stay tuned for the next edition of What did you Expect.

2 comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.