We will use a pretty straightforward example to execute show version. We will name this file junos_netconf_1.py:
#!/usr/bin/env python3
from ncclient import manager
conn = manager.connect(
host='192.168.24.252',
port='830',
username='netconf',
password='juniper!',
timeout=10,
device_params={'name':'junos'},
hostkey_verify=False)
result = conn.command('show version', format='text')
print(result)
conn.close_session()
All the fields in the script should be pretty self-explanatory, with the exception of device_params. Starting with ncclient 0.4.1, the device handler was added to specify different vendors or platforms. For example, the name can be juniper, CSR, Nexus, or Huawei. We also added hostkey_verify=False because we are using a self-signed certificate from the Juniper device.
The returned output is rpc-reply encoded in XML with an output element:
<rpc-reply message-id="urn:uuid:7d9280eb-1384-45fe-be48-
b7cd14ccf2b7">
<output>
Hostname: foo
Model: olive
JUNOS Base OS boot [12.1R1.9]
JUNOS Base OS Software Suite [12.1R1.9]
<omitted>
JUNOS Runtime Software Suite [12.1R1.9]
JUNOS Routing Software Suite [12.1R1.9]
</output>
</rpc-reply>
We can parse the XML output to just include the output text:
print(result.xpath('output')[0].text)
In junos_netconf_2.py, we will make configuration changes to the device. We will start with some new imports for constructing new XML elements and the connection manager object:
#!/usr/bin/env python3
from ncclient import manager
from ncclient.xml_ import new_ele, sub_ele
conn = manager.connect(host='192.168.24.252', port='830',
username='netconf' , password='juniper!', timeout=10,
device_params={'name':'junos'}, hostkey_v erify=False)
We will lock the configuration and make configuration changes:
# lock configuration and make configuration changes
conn.lock()
# build configuration
config = new_ele('system')
sub_ele(config, 'host-name').text = 'master'
sub_ele(config, 'domain-name').text = 'python'
Under the build configuration section, we create a new element of system with subelements of host-namre and domain-name. If you were wondering about the hierarchy structure, you can see from the XML display that the node structure with system is the parent of host-name and domain-name:
<system>
<host-name>foo</host-name>
<domain-name>bar</domain-name>
...
</system>
After the configuration is built, the script will push the configuration and commit the configuration changes. These are the normal best practice steps (lock, configure, unlock, commit) for Juniper configuration changes:
# send, validate, and commit config
conn.load_configuration(config=config)
conn.validate()
commit_config = conn.commit()
print(commit_config.tostring)
# unlock config
conn.unlock()
# close session
conn.close_session()
Overall, the NETCONF steps map pretty well to what you would have done in the CLI steps. Please take a look at the junos_netconf_3.py script for a more reusable code. The following example combines the step-by-step example with a few Python functions:
# make a connection object
def connect(host, port, user, password):
connection = manager.connect(host=host, port=port, username=user,
password=password, timeout=10, device_params={'name':'junos'},
hostkey_verify=False)
return connection
# execute show commands
def show_cmds(conn, cmd):
result = conn.command(cmd, format='text')
return result
# push out configuration
def config_cmds(conn, config):
conn.lock()
conn.load_configuration(config=config)
commit_config = conn.commit()
return commit_config.tostring
This file can be executed by itself, or it can be imported to be used by other Python scripts.
Juniper also provides a Python library to be used with their devices called PyEZ. We will take a look at a few examples of using the library in the following section.