{"id":13604547,"url":"https://github.com/network-automation/ansible-napalm-samples","last_synced_at":"2025-04-11T22:03:05.396Z","repository":{"id":96100669,"uuid":"104798901","full_name":"network-automation/ansible-napalm-samples","owner":"network-automation","description":"GitHub Repo comparing NAPALM and Ansible on Cisco NXOSv and Arista vEOS","archived":false,"fork":false,"pushed_at":"2018-06-27T18:00:17.000Z","size":30,"stargazers_count":100,"open_issues_count":0,"forks_count":29,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-02-04T10:27:31.937Z","etag":null,"topics":["ansible","ansible-modules","arista","arista-veos","eos","napalm","nxos","playbook","snmp","yml"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/network-automation.png","metadata":{"files":{"readme":"README.md","changelog":"change_snmp_password-oldmethod.yml","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-09-25T20:29:45.000Z","updated_at":"2025-01-28T20:27:21.000Z","dependencies_parsed_at":"2024-01-16T23:44:27.106Z","dependency_job_id":"9e525fd3-4407-4b49-b50b-0557817d0662","html_url":"https://github.com/network-automation/ansible-napalm-samples","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/network-automation%2Fansible-napalm-samples","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/network-automation%2Fansible-napalm-samples/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/network-automation%2Fansible-napalm-samples/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/network-automation%2Fansible-napalm-samples/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/network-automation","download_url":"https://codeload.github.com/network-automation/ansible-napalm-samples/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239785302,"owners_count":19696753,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-modules","arista","arista-veos","eos","napalm","nxos","playbook","snmp","yml"],"created_at":"2024-08-01T19:00:47.637Z","updated_at":"2025-02-20T05:32:06.970Z","avatar_url":"https://github.com/network-automation.png","language":"Python","funding_links":[],"categories":["ansible","playbook"],"sub_categories":[],"readme":"# Ansible and NAPALM Samples\nThis GitHub Repo focuses on comparing [Ansible](https://www.ansible.com/network-automation) and [NAPALM](https://github.com/napalm-automation/napalm) on Cisco NX-OS and Arista EOS.\n\nAnsible is powerful automation software that you can learn quickly. Ansible is an open source project, Ansible Engine is the product you can buy enterprise support for. NAPALM is actually a Python library that implements a set of functions to interact with different router vendor devices using a unified API. NAPLAM isn't a product, but rather another open source project with a community behind it. While many networking use-cases can potentially overlap the two tools augment each other rather than compete directly. There are even [NAPALM Ansible modules](https://github.com/napalm-automation/napalm-ansible).\n\n## Table of Contents\n- [Example 1 - Backing up a Config](#example-1---backing-up-a-config)\n- [Example 2 - Adding an IP address to an interface](#example-2---adding-an-ip-address-to-an-interface)\n- [Example 3 - Adding a new VLAN](#example-3---adding-a-new-vlan)\n- [Example 4 - Change the SNMP password](#example-4---change-the-snmp-password)\n\nNAPALM also has [Ansible modules](https://github.com/napalm-automation/napalm-ansible) so you can use Ansible to run NAPLAM. Example 5 and 6 shows NAPALM being used in conjunction with Ansible compared to native Ansible modules.\n\n- [Example 5 - Grabbing a show version](#example-5---grabbing-a-show-version)\n- [Example 6 - Changing hostname and domain_name](#example-6---changing-hostname-and-domain_name)\n\n\n## Example 1 - Backing up a Config\n\n### Ansible\n\nAnsible can use the nxos_config module for easy backups. There is a backup parameter that can just be turned to `yes`. This playbook is stored as [backup.yml](backup.yml) on this git repo.\n\n```\n---\n- hosts: cisco\n connection: network_cli\n tasks:\n - nxos_config:\n backup: yes\n``` \n\nRun the playbook with `ansible-playbook backup.yml`. Although not shown here the output will also have color output (yellow=changed, green=OK, red=failed.).\n\n```\n[root@localhost ~]# ansible-playbook backup.yml\n\nPLAY [cisco] ******************************************************************\n\nTASK [nxos_config] ************************************************************\n\nok: [n9k]\n\nPLAY RECAP ********************************************************************\nn9k : ok=1 changed=0 unreachable=0 failed=0\n```\n\nAfter running the playbook there will be a timestamped config stored under the directory backup:\n```\n[root@localhost ~]# ls backup\nn9k_config.2017-09-26@10:21:28\n```\n\n### NAPALM\n\nNAPALM calls a backup file a *checkpoint* file and can be retrieved using the `_get_checkpoint_file()`. The code snippet below is only a portion of the code, the python script is stored in this git repo as [get_config.py](get_config.py).\n\n```python\n###config snippet, rest of config removed for brevity\ncheckpoint = device._get_checkpoint_file()\n#print(checkpoint)\n\n#create the directory if it does not exist\nif not os.path.exists(\"backup\"):\n os.makedirs(\"backup\")\n\nf = open(\"backup/\" + nxos_facts['hostname'] + \".\" + time, 'w')\nf.write(checkpoint)\nf.close\ndevice.close()\n###config snippet, rest of config removed for brevity\n```\n\nRun the python program with `python backup.py`. The python program will create a folder:\n```\n[root@localhost naplam_examples]# ls backup/\nswitch.2017-09-26@15-11\n```\n\n## Example 2 - Adding an IP address to an interface\n\n### Ansible\n\nAnsible has a [eos_config](http://docs.ansible.com/ansible/latest/eos_config_module.html) specifically used for making config changes (either entire flat-files) or partials (in this case editing a single interface). This playbook is stored as [ipaddress.yml](ipaddress.yml) on this git repo.\n```\n---\n- hosts: arista\n connection: network_cli\n tasks:\n - eos_config:\n lines:\n - no switchport\n - ip address 172.16.1.1/24\n parents: interface Ethernet1\n``` \n\nTo run a playbook use the `ansible-playbook` command.\n```\n[root@localhost ~]# ansible-playbook ipaddress.yml\n```\n\nVerify the interface is configured with a `show run int e1`\n\n```bash\neos#sh run int e1\ninterface Ethernet1\n no switchport\n ip address 172.16.1.1/24\n```\n\n### NAPALM\n\nThis demonstration will show NAPLAM in python only mode (meaning no third party integrations). The code snippet below is only a portion of the code, the python script is stored in this git repo as [ipaddress.py](ipaddress.py). This example is configuring on NX-OS (versus Ansible that was running on Arista EOS).\n\n```python\n###config snippet, rest of config removed for brevity\ndriver = napalm.get_network_driver('nxos')\n# Connect:\ndevice = driver(hostname='192.168.2.3', username='admin',\n password='Bullf00d')\nprint 'Opening ...'\ndevice.open()\n\nconfig_string = \"\"\" interface Ethernet1/20\n no switchport\n ip address 172.16.1.1/24 \"\"\"\n\ndevice.load_merge_candidate(config=config_string)\n\n###config snippet, rest of config removed for brevity\n\ndevice.commit_config()\n\ndevice.close()\n```\n\nTo run the program execute the python program:\n```\n[root@localhost naplam_examples]# python ipaddress.py\n```\n\nVerify the interface is configured with a `show run int e1/20`\n```\nswitch# sh run int e1/20\n\n!Command: show running-config interface Ethernet1/20\n!Time: Tue Sep 19 22:51:37 2017\n\nversion 7.0(3)I7(1)\n\ninterface Ethernet1/20\n no switchport\n ip address 172.16.1.1/24\n```\n\n## Example 3 - Adding a new VLAN\n\n### Ansible\nIn addition to the [nxos_config module](http://docs.ansible.com/ansible/latest/nxos_config_module.html) we can use the [nxos_vlan module](http://docs.ansible.com/ansible/latest/nxos_vlan_module.html) to make this really easy. This playbook is stored as [add_vlan.yml](add_vlan.yml) on this git repo.\n```\n---\n- hosts: cisco\n connection: network_cli\n tasks:\n - nxos_vlan:\n vlan_id: 10\n name: STORAGE\n``` \nRun the playbook with `ansible-playbook add_vlan.yml`\n\nVerify the VLAN is configured with a `show running-config vlan 10`\n```\nswitch# show running-config vlan 10\n\n!Command: show running-config vlan 10\n!Time: Tue Sep 19 22:39:40 2017\n\nversion 7.0(3)I7(1)\nvlan 10\nvlan 10\n name STORAGE\n```\n\n### NAPALM\n\nThis demonstration will show NAPLAM in python only mode (meaning no third party integrations). The code snippet below is only a portion of the code, the python script is stored in this git repo as [add_vlan.py](add_vlan.py)\n\n```python\n###config snippet, rest of config removed for brevity\ndriver = napalm.get_network_driver('nxos')\n# Connect:\ndevice = driver(hostname='192.168.2.3', username='admin',\n password='Bullf00d')\nprint 'Opening ...'\ndevice.open()\n\nconfig_string = \"\"\" vlan 20\n name HADOOP \"\"\"\n\ndevice.load_merge_candidate(config=config_string)\n\n###config snippet, rest of config removed for brevity\n\ndevice.commit_config()\n\ndevice.close()\n```\n\nTo run the program execute the python program:\n```\n[root@localhost naplam_examples]# python add_vlan.py\n```\n\nVerify with a `show vlan` or a `show run vlan 20`\n```\nswitch# sh run vlan 20\n\n!Command: show running-config vlan 20\n!Time: Tue Sep 19 22:50:11 2017\n\nversion 7.0(3)I7(1)\nvlan 20\nvlan 20\n name HADOOP\n``` \n\n## Example 4 - Change the SNMP password\nA common maintenance task for network operations teams is to change the SNMP password every so often (e.g. every 90 days). This can also be automated with Ansible and NAPALM. \n\n2 NOTES:\n- To see available groups on NXOS you can look at `show snmp group`. The network-admin is commonly used for configuration.\n- NXOS has some default password complexities. From the NXOS box: `password strength check: Password should contain characters from at least three of the following classes: lower case letters, upper case letters, digits and special characters.`\n\n### Ansible\nFor Ansible there is a [nxos_snmp_user module](http://docs.ansible.com/ansible/latest/nxos_snmp_user_module.html) that is available to use. The Ansible playbook demonstrated is stored as [change_snmp_password.yml](change_snmp_password.yml).\n\n```\n---\n- hosts: cisco\n connection: network_cli\n tasks:\n - nxos_snmp_user:\n user: exampleuser\n group: network-admin\n authentication: sha\n pwd: testPASS123\n``` \nTo run the playbook perform a `ansible-playbook change_snmp_password.yml`\n\nOn the NXOS switch we can perform a `show run | i snmp` to see the new config:\n```\nswitch# sh run | i snmp\nsnmp-server user admin network-admin auth md5 0xc1ddb036df145c775510428fe3c6b553 priv 0xc1ddb036df145c775510428fe3c6b553 localizedkey\nsnmp-server user exampleuser network-admin auth sha 0x7071c014b53743ca568dd2c3fd70005c5e21db5e localizedkey\n```\n\n### NAPALM\n\nNAPALM treats everything as a config merge or replace so there is no specific module just for SNMP (for configuring, there is a `get_snmp_information()`). This is very similar where we can merge a flat-file or string into the existing config. The code snippet below is only a portion of the code, the python script is stored in this git repo as [change_snmp_password.py](change_snmp_password.py).\n\n```python\n###config snippet, rest of config removed for brevity\ndriver = napalm.get_network_driver('nxos')\n# Connect:\ndevice = driver(hostname='192.168.2.3', username='admin',\n password='Bullf00d')\nprint 'Opening ...'\ndevice.open()\n\nconfig_string = \"\"\" snmp-server user exampleuser network-admin auth sha testPASS123 \"\"\"\n\ndevice.load_merge_candidate(config=config_string)\n\n###config snippet, rest of config removed for brevity\n\ndevice.commit_config()\n\ndevice.close()\n```\n\nTo run the program execute the python program:\n```\n[root@localhost naplam_examples]# python change_snmp_password.py\n```\n\nOn the NXOS switch we can perform a `show run | i snmp` to see the new config:\n```\nswitch# sh run | i snmp\nsnmp-server user admin network-admin auth md5 0xc1ddb036df145c775510428fe3c6b553 priv 0xc1ddb036df145c775510428fe3c6b553 localizedkey\nsnmp-server user exampleuser network-admin auth sha 0x7071c014b53743ca568dd2c3fd70005c5e21db5e localizedkey\n```\n## Example 5 - Grabbing a show version\n\n### Ansible\nFor Ansible there is a [nxos_facts module](http://docs.ansible.com/ansible/latest/nxos_facts_module.html) that is available to use for collecting facts about a system. The Ansible playbook demonstrated is stored as [showversion.yml](showversion.yml).\n\n```\n---\n- hosts: cisco\n connection: network_cli\n gather_facts: False\n tasks:\n - name: run show version\n nxos_facts:\n - debug:\n var: ansible_net_version\n```\nRun with the playbook with: `ansible-playbook showversion.yml` \n\n```\n[root@localhost ~]# ansible-playbook showversion.yml\n\nPLAY [cisco] ******************************************************************\n\nTASK [run show version] *******************************************************\nok: [n9k]\n\nTASK [debug] ******************************************************************\nok: [n9k] =\u003e {\n \"result.stdout_lines[0][14]\": \" NXOS: version 7.0(3)I7(1)\"\n}\n\nPLAY RECAP ********************************************************************\nn9k : ok=2 changed=0 unreachable=0 failed=0\n```\n\n### NAPALM\nFor Ansible with NAPALM there is a [napalm_get_facts](https://github.com/napalm-automation/napalm-ansible) that is available to use. The Ansible playbook demonstrated is stored as [showversion_napalm.yml](showversion_napalm.yml). The connection method network_cli does not work with the NAPALM modules, and must be set to local.\n\n```\n---\n- hosts: cisco\n connection: local\n tasks:\n - napalm_get_facts:\n hostname: \"{{ inventory_hostname }}\"\n username: \"{{ login_info.username }}\"\n password: \"{{ login_info.password }}\"\n dev_os: \"nxos\"\n register: version\n\n - debug:\n var=version.ansible_facts.napalm_facts.os_version\n```\nRun with the playbook with: `ansible-playbook showversion_napalm.yml`\n```\n[root@localhost ~]# ansible-playbook showversion_napalm.yml\n\nPLAY [cisco] ******************************************************************\n\nTASK [napalm_get_facts] *******************************************************\nok: [n9k]\n\nTASK [print data] *************************************************************\nok: [n9k] =\u003e {\n \"version.ansible_facts.napalm_facts.os_version\": \"7.0(3)I7(1)\"\n}\n\nPLAY RECAP ********************************************************************\nn9k : ok=2 changed=0 unreachable=0 failed=0\n```\n\nBoth examples show the NXOS switch is running 7.0(3)I7(1).\n\n## Example 6 - Changing hostname and domain_name\n\n### Ansible\nFor Ansible there is a [nxos_system module](http://docs.ansible.com/ansible/latest/nxos_system_module.html) that is available to use. The Ansible playbook demonstrated is stored as [hostname.yml](hostname.yml).\n\n```\n---\n- hosts: cisco\n connection: local\n tasks:\n - nxos_system:\n hostname: n9k\n domain_name: durham.nc.com\n provider: \"{{login_info}}\"\n``` \nRun with the playbook with: `ansible-playbook hostname.yml` \n\n### NAPALM with Ansible\nFor Ansible with NAPALM there is a [napalm_install_config](https://github.com/napalm-automation/napalm-ansible) that is available to use. The Ansible playbook demonstrated is stored as [hostname_napalm.yml](hostname_napalm.yml). The [hostname.conf](hostname.conf) is also stored in this git repo for demonstration purposes.\n```\n---\n- hosts: cisco\n connection: local\n tasks:\n - napalm_install_config:\n hostname: \"{{ inventory_hostname }}\"\n username: \"{{ login_info.username }}\"\n password: \"{{ login_info.password }}\"\n dev_os: \"nxos\"\n config_file: hostname.conf\n commit_changes: True\n diff_file: initial.diff\n``` \nRun with the playbook with: `ansible-playbook hostname_napalm.yml` \n\n---\n![Red Hat Ansible Automation](images/rh-ansible-automation.png)\n\nRed Hat® Ansible® Automation consists of three products:\n\n- [Red Hat® Ansible® Tower](https://www.ansible.com/tower): Built for operationalizing and scaling automation, managing complex deployments and speeding up productivity. Extend the power of Ansible Tower with Workflows and Surveys to streamline jobs and simple tools to share solutions with your team.\n\n- [Red Hat® Ansible® Engine](https://www.ansible.com/ansible-engine): a fully supported product built on the foundational capabilities of the Ansible project. Also provides support for select modules including Infoblox.\n\n- [Red Hat® Ansible® Network Automation](https://www.ansible.com/networking): provides support for select networking modules from Arista (EOS), Cisco (IOS, IOS XR, NX-OS), Juniper (JunOS), Open vSwitch, and VyOS. Includes Ansible Tower, Ansible Engine, and curated content specifically for network use cases.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetwork-automation%2Fansible-napalm-samples","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetwork-automation%2Fansible-napalm-samples","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetwork-automation%2Fansible-napalm-samples/lists"}