Operation and maintenance of the juvenile series python and cisco (1)

Operation and maintenance of the juvenile series python and cisco (1)

---

Preliminaries

This series of articles you need to have CCNA / HCNA basic knowledge (know how to knock command)

---

python

This series of articles need to use the python version 2.7, the module is paramiko.
Why python2.7 instead 3.x? Because most of the system comes with a 2.7, it's that simple ~

paramiko module is so powerful, it is the most commonly used SSH login function, use paramiko realized SSH Once logged in, you can also execute commands remotely configure the device. In the part of the code I will write to you a brief look at the role of each tag.

---

Series Description

Series of articles will not be many (expected 2-3 articles?), After all, just a block from the simple to the slightly more complex, and from a single point to batch, and then to exception handling, this is probably the route. Article described some places may not be accurate, please exhibitions.

---

python and cisco

1) Topology FIG.

• GNS3 used to make a simple topology, the bridging GNS3 centos in the connected router centos.

2) switch configuration

• Switch configuration ssh, do not pay attention to the length of the key 512, or the login fails.

R3(config)#hostname R3
R3(config)#ip domain name yunwsn.com
R3(config)#crypto key generate rsa
The name for the keys will be: R3.yunwsn.com
Choose the size of the key modulus in the range of 360 to 2048 for your
  General Purpose Keys. Choosing a key modulus greater than 512 may take
  a few minutes.

How many bits in the modulus [512]: 2048
% Generating 512 bit RSA keys, keys will be non-exportable...[OK]
*Mar  1 00:11:52.127: %SSH-5-ENABLED: SSH 2.0 has been enabled
R3(config)#
R2(config)#line vty 0 10
R2(config-line)#transport input ssh
R2(config-line)#login local
R2(config-line)#exit
R1(config)#username yunwsn privilege 15 password 123456
R1(config)#enable password 123456

3) python configuration

• AnSo paramiko

Baidu's no pip install it ~

[root@yunwei ~]# pip install paramiko
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7.
Collecting paramiko
  Using cached https://files.pythonhosted.org/packages/cf/ae/94e70d49044ccc234bfdba20114fa947d7ba6eb68a2e452d89b920e62227/paramiko-2.4.2-py2.py3-none-any.whl
Requirement already satisfied: cryptography>=1.5 in /usr/lib64/python2.7/site-packages (from paramiko) (2.6.1)
Requirement already satisfied: pynacl>=1.0.1 in /usr/lib64/python2.7/site-packages (from paramiko) (1.3.0)
Requirement already satisfied: pyasn1>=0.1.7 in /usr/lib/python2.7/site-packages (from paramiko) (0.4.5)
Requirement already satisfied: bcrypt>=3.1.3 in /usr/lib64/python2.7/site-packages (from paramiko) (3.1.6)
Requirement already satisfied: enum34; python_version < "3" in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.1.6)
Requirement already satisfied: asn1crypto>=0.21.0 in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (0.24.0)
Requirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/lib64/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.12.3)
Requirement already satisfied: six>=1.4.1 in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.12.0)
Requirement already satisfied: ipaddress; python_version < "3" in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.0.22)
Requirement already satisfied: pycparser in /usr/lib/python2.7/site-packages (from cffi!=1.11.3,>=1.8->cryptography>=1.5->paramiko) (2.19)
Installing collected packages: paramiko
Successfully installed paramiko-2.4.2
[root@yunwei ~]# 

• Coding

#!/usr/bin/env python
import paramiko   # 导入paramiko模块
import time       # 导入time模块，这个后面会用到
host = '192.168.108.254'   # 定义主机IP
user = 'yunwsn'            # 定义登录的用户名
passwd = '123456'          # 定义使用的密码
s = paramiko.SSHClient()   # 实例化，啥意思?请看注释①
s.set_missing_host_key_policy(paramiko.AutoAddPolicy())  # 请看注释②
s.connect(host,username=user,password=passwd,look_for_keys=False,allow_agent=False) # 定义登录的IP、用户名和密码
print 'login success.'  # 登录成功提示
cmd = s.invoke_shell()  # 创建一个交互式的shell，实现多发送条命令
cmd.send("conf t \n")   # 发送命令
time.sleep(1)           # 睡眠1s，特别重要，注释③
cmd.send("int f0/1 \n")
time.sleep(1)
cmd.send("ip add 1.1.1.2 255.255.255.0 \n")
time.sleep(1)
cmd.send("end \n")
time.sleep(1)
cmd.send("show ip int bri\n ")
time.sleep(1)
output = cmd.recv(65535)  # 接收输出
print output              # 打印输出
cmd.close()               # 关闭交互式shell

• Comment:

  • ①: instantiating be understood as a simple, all class attributes paramiko.SSHClient imparting s. It is, for example, John's father was rich generation, then the property is rich, then ... ah, almost, after instantiation, s you can use the original paramiko.SSHClient () all the way to the following, in fact, it can be understood as an alias , to take an individual name paramiko.SSHClient s

  • ②: When landing, some devices will prompt the following, and requires the user to enter [yes] to the next step, using this parameter, you do not need to enter yes

    [root@yunwei cisco]# ssh [email protected]
    The authenticity of host '192.168.108.254 (192.168.108.254)' can't be established.
    RSA key fingerprint is SHA256:FBFOoRUMkKYCyDbpZKkRiuhCbiYuOX8EuHLUMoN0C/M.
    RSA key fingerprint is MD5:b9:ad:29:24:43:bb:48:8c:58:3e:ce:03:a4:74:e2:cf.
    Are you sure you want to continue connecting (yes/no)? 

• ③：在我的GNS3中，路由器反应比较慢，比如我输入了conf t ，他可能过了0.5s才能进入config模式，python的下一条命令int f0/1可能在0.5s的时候就执行了，导致命令执行不成功，所以，我在中间加入了一个睡眠，1s后再执行下个命令，大家在使用的时候可以修改这个时间，使命令执行时间更加合理。

4) 实现效果

[root@yunwei cisco]# python ywsn_p_c_lab1.py 
login success.

R1#conf t 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int f0/1 
R1(config-if)#ip add 1.1.1.2 255.255.255.0 
R1(config-if)#end 
R1#show ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.108.254 YES manual up                    up      
FastEthernet0/1            1.1.1.2         YES manual up                    down    
FastEthernet0/2            unassigned      YES unset  up                    down    
FastEthernet0/3            unassigned      YES unset  up                    down    
FastEthernet0/4            unassigned      YES unset  up                    down    
FastEthernet0/5            unassigned      YES unset  up                    down    
FastEthernet0/6            unassigned      YES unset  up                    down    
FastEthernet0/7            unassigned      YES unset  up                    down    
FastEthernet0/8            unassigned      YES unset  up                    down    
FastEthernet0/9            unassigned      YES unset  up                    down    
FastEthernet0/10           unassigned      YES unset  up                    down    
FastEthernet0/11           unassigned      YES unset  up                    down    
FastEthernet0/12           unassigned      YES unset  up                    down    
FastEthernet0/13           unassigned      YES unset  up                    down    
FastEthernet0/14           unassigned      YES unset  up                    down    
FastEthernet0/15           unassigned      YES unset  up                    down    
Vlan1                      unassigned      YES unset  up                    down    
R1#
[root@yunwei cisco]# 

微信公众号~运维少年