Testbed-Topology

Testbed

Generate from Excel/CSV file

Generating from excel or csv file: pyats|genie create testbed file --path source.xls --output testbed/DC.yml
- Option --encode-password will obfuscate the password. For better security, use secret string
https://pubhub.devnetcloud.com/media/genie-docs/docs/cli/genie_create.html
https://pubhub.devnetcloud.com/media/pyats-getting-started/docs/quickstart/manageconnections.html

# source.xls
hostname,ip,username,password,protocol,os
R1,10.10.10.1:222,admin,cisco,ssh,iosxe
R2,10.10.10.2:222,admin,,ssh,iosxr
R3,10.10.10.3:222,admin,,ssh,nxos

Sample generated testbed file, which can be manually created as well:

devices:
  R1:
    connections:
      cli:
        ip: 10.10.10.1
        port: 222
        protocol: ssh
    credentials:
      default:
        password: cisco
        username: admin
      enable:
        password: cisco
    os: iosxe
    type: iosxe
  R2:
    connections:
      cli:
        ip: 10.10.10.2
        port: 222
        protocol: ssh
    credentials:
      default:
        password: '%ASK{}'
        username: admin
      enable:
        password: '%ASK{}'
    os: iosxr
    type: iosxr
  R3:
    connections:
      cli:
        ip: 10.10.10.3
        port: 222
        protocol: ssh
    credentials:
      default:
        password: '%ASK{}'
        username: admin
      enable:
        password: '%ASK{}'
    os: nxos
    type: nxos

Generate testbed interactively

pyats create testbed interactive --output mytb.yaml --encode-password

Generate testbed from Python Dictionary

Create testbed from a dictionary

Validate Testbed file

pyats validate testbed $file
Validate testbed

Secret Strings

Secret strings (such as passwords) may be specified in an encoded form suitable for sharing with a wide audience, while ensuring that only authorized users are able to decode these strings into their plaintext form.
By default, pyATS secret strings are not cryptographically secure.
https://pubhub.devnetcloud.com/media/pyats/docs/utilities/secret_strings.html

Secure secret strings cryptographically

Update Configuration file:

[secrets]
string.representer = pyats.utils.secret_strings.FernetSecretStringRepresenter

Install the cryptography package: pip install cryptography
Ensure permission to access configuration file is set correctly: chmod 600 ~/.pyats/pyats.conf
Generate a cryptography key: pyats secret keygen
Update configuration file

[secrets]
string.representer = pyats.utils.secret_strings.FernetSecretStringRepresenter
string.key = $GeneratedKeyFromStep4

Encode a password

> pyats secret encode [--prefix my_custom]
Password: MySecretPassword
Encoded string :
gAAAAABdsgvwElU9_3RTZsRnd4b1l3Es2gV6Y_DUnUE8C9y3SdZGBc2v0B2m9sKVz80jyeYhlWKMDwtqfwlbg4sQ2Y0a843luOrZyyOuCgZ7bxE5X3Dk_NY=

OR

> pyats secret encode --string MySecretPassword [--prefix my_custom]
Encoded string :
gAAAAABdsgvwElU9_3RTZsRnd4b1l3Es2gV6Y_DUnUE8C9y3SdZGBc2v0B2m9sKVz80jyeYhlWKMDwtqfwlbg4sQ2Y0a843luOrZyyOuCgZ7bxE5X3Dk_NY=

Decode encoded password

> pyats secret decode gAAAAABdsgvwElU9_3RTZsRnd4b1l3Es2gV6Y_DUnUE8C9y3SdZGBc2v0B2m9sKVz80jyeYhlWKMDwtqfwlbg4sQ2Y0a843luOrZyyOuCgZ7bxE5X3Dk_NY=
Decoded string :
MySecretPassword

Add encrypted password to testbed

# Snippet of your testbed.yaml
testbed:
    name: sampleTestbed
    credentials:
        default:
            username: admin
            password: "%ENC{gAAAAABdsgvwElU9_3RTZsRnd4b1l3Es2gV6Y_DUnUE8C9y3SdZGBc2v0B2m9sKVz80jyeYhlWKMDwtqfwlbg4sQ2Y0a843luOrZyyOuCgZ7bxE5X3Dk_NY=}"

# With prefix
testbed:
    credentials:
        default:
            username: my_username
            password: "%ENC{wr3DssK0w5nDlsORw4nDmcK2w4LDqMOfw6vDjsOdw4k=}"
        alternate:
            username: alternate_username
            password: "%ENC{<my_custom encoded string>, prefix=my_custom}"
    custom:
        custom_key: |4-
            custom data containing encoded text
            %ENC{<my_custom encoded string>, prefix=my_custom}

Check that passwords can be recovered from loaded testbed

> pyats shell --testbed_file my_testbed.yaml
>>> from pyats.utils.secret_strings import to_plaintext
>>> to_plaintext(testbed.credentials.default.password)
'MySecretPassword'
>>> to_plaintext(testbed.credentials.alternate.password)
'MySecretPassword'
>>> testbed.custom.custom_key
'custom data containing encoded text\nMySecretPassword'

Using Secret String Object

from pyats.utils.secret_strings import to_plaintext, SecretString

# Create a secret string by specifying its encoded form.
# The ``pyats secret encode`` CLI command may be used to convert a
# plaintext string to encoded form.
my_secret = SecretString('w53DssKBw6fDmMOCw5bDisOa')

# Decode the password
my_secret.plaintext
'my password'

# Create a secret string from plaintext.
my_secret =  SecretString.from_plaintext('another secret')

# Asterisks are shown when the secret is printed.
print(my_secret)
**************

# Print the secret string in plaintext form.
# The ``pyats secret decode`` CLI command may be used to convert
# an encoded string to plaintext form.
to_plaintext(my_secret)
'another secret'

# to_plaintext works on regular strings as well.
to_plaintext('plain string')
'plain string'

# Print the secret string in its encoded form.
my_secret.data
'w53DssKBw6fDmMOCw5bDisOa'

# Allocate a brand new key.
# This does the same thing as the ``pyats secret keygen`` CLI command.
print(SecretString.keygen())

# Allocate a secret string that stores a string in plaintext (non-encoded)
# form.
from pyats.utils.secret_strings import PlainTextSecretStringRepresenter
weak_secret = SecretString('weak_pw', representer_cls= PlainTextSecretStringRepresenter)

Customizing Connection

Allow users to tune unicon plugin behavior without the need for any code changes, several kinds of overrides may be made from the testbed YAML itself.
Connecting to a pyATS device via unicon ultimately results in a unicon Connection object being created. The following parameters are eligible for override under the arguments key in the testbed YAML connection block:
- learn_hostname
- prompt_recovery
- init_exec_commands
- init_config_commands
- mit
- log_stdout
- debug
- goto_enable
- standby_goto_enable
Customizing your connection
By default, after logging in device, pyats will change terminal settings both in terminal and in config mode and also show output to stdout. To disable, used below config

device.connect(init_exec_commands=[],
               init_config_commands=[],
               log_stdout=False)

Error Pattern Handling

c.execute('show interface invalid', error_pattern=['^% Invalid'])

from pyats.topology import loader

tb = loader.load('testbed.yaml')
ncs = tb.devices.ncs

ncs.connect(via='cli')
ncs.settings.ERROR_PATTERN=[]

Default error patterns:

ncs.settings.ERROR_PATTERN
['Error:', 'syntax error', 'Aborted', 'result false']

Pass an empty list to avoide error pattern checking: c.execute('show command error', error_pattern=[])

Set Environment Variables for connection

uut.settings.ENV = {'MYENV': 'mystring'}

Set Terminal Size Settings

uut.settings.ENV = {'ROWS': 200, 'COLUMNS': 200}

Logging

Every unicon device connection Logger has 3 handlers.

Screen Handler: This logs messages on stdout
File Handler: This logs messages in file /tmp/--.log. This is default log file. To modify the file value, the logfile parameter can be used.
pyATS TaskLog Handler: This logs messages in pyats TaskLog file

Log level of device output and service messages is INFO.

Change logfile when connecting

In unicon standalone mode:

dev = Connection(hostname=uut_hostname,
                   start=[uut_start_cmd],
                   logfile='user-provided-file')

With pyATS: dev.connect(logfile='user-provided-file')

Disable unicon device connection logging

Set logger level above logging.INFO.

import logging
uut.log.setLevel(logging.WARNING)

# To enable debug logs, use below:
import logging
uut.log.setLevel(logging.DEBUG)

# in Testbed file
devices:
  PE1:
    connections:
      defaults:
        class: 'unicon.Unicon'
        debug: True

# With pyATS
dev.connect(log_stdout=False)

Topology

Topology module is delivered as part of base pyATS installation in the form of a Python Package
Installation if needed: pip install pyats.topology

Device Object

Device objects represent any piece of physical and/or virtual hardware that constitutes an important part of a testbed topology.
- Each device may belong to a testbed (added to a Testbed object)
- Each device may host arbitrary number of interfaces (Interface objects)
- Interface names must be unique within a device

Creating Topology

There are two ways to create a topology within your testscript:

create each testbed object from topology module classes and craft their interconnects together manually (eg, by assigning interfaces to each device).
create a YAML testbed description file, and load it using the topology loader function.

Reference

Getting Started
https://developer.cisco.com/netdevops/live
https://developer.cisco.com/pyats/
PyATS Hands on Learning
https://github.com/CiscoTestAutomation?utm_campaign=oyoutube-davidbombal&utm_source=oyoutube&utm_medium=davidbombal-video13
https://github.com/hpreston/netdevops_demos
Genie makes all your network automation wishes come true (most of them)! Hank Preston explains: https://www.youtube.com/watch?v=unOmwDsMj8k
pyATS Series - Parsing like a pro: https://xrdocs.io/programmability/tutorials/pyats-series-parsing-like-a-pro/
Parse Genie: https://developer.cisco.com/codeexchange/github/repo/clay584/parse_genie/
pyATS Tutorial for Beginners: https://www.rogerperkin.co.uk/network-automation/pyats/pyats-genie-tutorial/
Explore Genie: https://pubhub.devnetcloud.com/media/genie-docs/docs/cookbooks/explore.html
https://pubhub.devnetcloud.com/media/genie-docs/docs/overview/introduction.html
Intro Network Test
Testbed & Topology Information
Useful Libraries
Learn Device Features
First Steps with PyATS
Cisco Test Automation github
Automated testing using PyATS and Genie

PreviousParser NextUseful Libraries

Last updated 1 year ago