Getty Images
How to use NAPALM for efficient network management
NAPALM is a flexible Python library that can integrate with Ansible modules, support multivendor environments, and ease network management and automation strategies.
Modern networks are a complex mix of routers, switches and access points, often from different vendors, each with its own OS and features. It can be difficult for network engineers to interact with these devices separately as networks scale out.
One way to address this complexity is to use NAPALM, or Network Automation and Programmability Abstraction Layer with Multivendor support. NAPALM is an open source Python library that provides a set of functions network engineers use to interact with network devices. It uses a unified API, which means one API unites other APIs from different vendors.
NAPALM offers rich features to automate network tasks, such as the following:
- Device discovery.
- Fault management.
- Configuration management.
- Performance monitoring.
The library provides an abstraction layer that makes it easier to configure multiple vendor devices, regardless of their commands and syntaxes. Its vendor neutrality eases network management for network engineers, and it has simple Python syntax and comprehensive documentation.
Enterprises with multivendor environments often prefer using the NAPALM library. NAPALM's benefits include the following:
- Multivendor support. Network engineers can use NAPALM's unified API to manipulate or retrieve device configurations without worrying about the syntaxes and commands.
- Community-driven. NAPALM supports a central collection of community-driven plugins, and it is well documented.
- Flexible. NAPALM can be integrated with well-known automation frameworks, such as SaltStack, Ansible and Nautobot.
How to start with NAPALM
The latest version of NAPALM can be found here.
A few steps are required to install the library.
First, create a Python virtual environment, called NAPALM_DEMO in this example.
Second, install the library in the virtual environment, using the pip install napalm command.
NAPALM and Python bindings
Python code can interact with code written in different languages using Python bindings. Python bindings enable network engineers to write automation scripts and interact with network devices in a simple and powerful way, while capitalizing on the strengths of different languages. By using the binding language, engineers can complete complex tasks that are usually time-consuming and error-prone.
Many Python bindings for network devices are available in the industry, including the following:
- NAPALM.
- Paramiko.
- Netmiko.
Network engineers choose Python bindings based on their goals to accomplish particular tasks, such as the following:
- Automating daily network tasks.
- Troubleshooting network issues.
- Configuring network devices.
- Gathering network information.
The ultimate goal is to reduce the time and effort it takes to automate tedious network tasks.
Napalm integration with Ansible
Napalm can integrate with popular frameworks, such as Nornir, Ansible and Nautobot.
For Ansible integration, the napalm-ansible plugin contains modules that use NAPALM to retrieve data or modify configurations on networking devices.
Common Ansible modules are the following:
- napalm_get_facts. This module gathers facts from a network device using the Python module NAPALM.
- napalm_install_config. This module takes a file configuration and loads it into a device running any OS that NAPALM supports.
- napalm_validate. This module performs deployment validation via NAPALM.
The napalm_get_facts module
The following code snippet shows how to gather facts from a network device using the napalm_get_facts module:
- name: get facts from device
napalm_get_facts:
hostname: '{{ inventory_hostname }}'
username: '{{ user }}'
dev_os: '{{ os }}'
password: '{{ passwd }}'
filter: ['facts']
register: result
The napalm_install_config module
The next snippet shows how to install a configuration on a network device using the napalm_install_config module:
- name: Install Config using Provider
napalm_install_config:
provider: "{{ ios_provider }}"
config_file: '../compiled/{{ inventory_hostname }}/running.conf'
commit_changes: '{{ commit_changes }}'
replace_config: '{{ replace_config }}'
get_diffs: True
diff_file: '../compiled/{{ inventory_hostname }}/diff'
The napalm_validate module
The last snippet shows how to validate the state of a network device against a predefined validation file using the napalm_validate module.
- name: GET VALIDATION REPORT
napalm_validate:
username: "{{ un }}"
password: "{{ pwd }}"
hostname: "{{ inventory_hostname }}"
dev_os: "{{ dev_os }}"
validation_file: validate.yml
The NAPALM Ansible plugin is a powerful tool network engineers can use to automate the management of networking devices. It's easy to use and provides an API that makes it easy to write Ansible playbooks.
Due to the plugin's extensibility, network engineers and developers can add new features on top of the plugin. For example, they can write custom modules to achieve their requirements based on different network management challenges.
Best practices for NAPALM
For successful network management with NAPALM, network engineers should follow certain best practices that result in a stable network and fewer breakdowns. The following are some strategies that can make a difference in network management:
- Document the code. Documentation is a great way to understand how things work, and it provides a reference for other engineers if someone is absent or not with the company anymore.
- Use a test bed. A test bed is a collection of network devices used to test automation projects before going into a production environment.
- Monitor the network. No network is perfect, so it's important to check that everything works as expected once code is deployed into production.
Network engineers should also implement proper methods for error handling and version control as they work with automation scripts.
Exception management can help engineers avoid errors that cause complex network problems. If an error occurs when trying to connect to a network device, a script handles the exception and helps prevent a crash. Exception management can also identify and troubleshoot common network issues. Logging helps track and troubleshoot automation scripts and any updates, making scripts more reliable.
Version control systems (VCSes) also help network engineers collaborate on scripts and manage complex networks. VCSes track all code changes, enabling users to see who made changes, when and why. They can also help users revert changes, if necessary.