运维少年系列 python and cisco (1)
16lz
2021-03-12
运维少年系列 python and cisco (1)
骚年 运维少年
运维少年系列 python and cisco (1)
预备知识
本系列文章需要各位具有CCNA/HCNA基础知识(知道命令怎么敲)
python
本系列文章需要使用到的python版本为2.7,模块为paramiko。
为何使用python2.7而不是3.x?因为绝大部分系统都自带了2.7,就这么简单~
paramiko模块功能十分强大,最常使用的就是其SSH登录的功能,使用paramiko实现了SSH登录之后,还可以执行命令,实现远程配置设备。在代码编写部分我会向各位简单的介绍一下每段代码的作用。
系列文章说明
系列文章不会很多(预计2-3篇?),毕竟就一个模块,从简单到稍微复杂一点,然后从单点到批量,然后到异常处理,大概的路线就是这样。文章有些地方可能描述的不准确,请大家多多指教。
python and cisco
1) 拓扑图
使用GNS3做一个简单的拓扑,将centos桥接GNS3中,使路由器与centos相连。
2) 交换机配置
- 交换机配置ssh,注意密钥的长度不要使用512,不然登录会失败。
R3(config)#hostname R3R3(config)#ip domain name yunwsn.comR3(config)#crypto key generate rsaThe name for the keys will be: R3.yunwsn.comChoose the size of the key modulus in the range of 360 to 2048 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.How many bits in the modulus [512]: 2048% Generating 512 bit RSA keys, keys will be non-exportable...[OK]*Mar 1 00:11:52.127: %SSH-5-ENABLED: SSH 2.0 has been enabledR3(config)#R2(config)#line vty 0 10R2(config-line)#transport input sshR2(config-line)#login localR2(config-line)#exitR1(config)#username yunwsn privilege 15 password 123456R1(config)#enable password 1234563) python配置
- 安装paramiko
没有pip的百度安装一下吧~
[root@yunwei ~]# pip install paramikoDEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7.Collecting paramiko Using cached https://files.pythonhosted.org/packages/cf/ae/94e70d49044ccc234bfdba20114fa947d7ba6eb68a2e452d89b920e62227/paramiko-2.4.2-py2.py3-none-any.whlRequirement already satisfied: cryptography>=1.5 in /usr/lib64/python2.7/site-packages (from paramiko) (2.6.1)Requirement already satisfied: pynacl>=1.0.1 in /usr/lib64/python2.7/site-packages (from paramiko) (1.3.0)Requirement already satisfied: pyasn1>=0.1.7 in /usr/lib/python2.7/site-packages (from paramiko) (0.4.5)Requirement already satisfied: bcrypt>=3.1.3 in /usr/lib64/python2.7/site-packages (from paramiko) (3.1.6)Requirement already satisfied: enum34; python_version < "3" in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.1.6)Requirement already satisfied: asn1crypto>=0.21.0 in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (0.24.0)Requirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/lib64/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.12.3)Requirement already satisfied: six>=1.4.1 in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.12.0)Requirement already satisfied: ipaddress; python_version < "3" in /usr/lib/python2.7/site-packages (from cryptography>=1.5->paramiko) (1.0.22)Requirement already satisfied: pycparser in /usr/lib/python2.7/site-packages (from cffi!=1.11.3,>=1.8->cryptography>=1.5->paramiko) (2.19)Installing collected packages: paramikoSuccessfully installed paramiko-2.4.2[root@yunwei ~]# - 代码编写
#!/usr/bin/env pythonimport paramiko # 导入paramiko模块import time # 导入time模块,这个后面会用到host = '192.168.108.254' # 定义主机IPuser = 'yunwsn' # 定义登录的用户名passwd = '123456' # 定义使用的密码s = paramiko.SSHClient() # 实例化,啥意思?请看注释①s.set_missing_host_key_policy(paramiko.AutoAddPolicy()) # 请看注释②s.connect(host,username=user,password=passwd,look_for_keys=False,allow_agent=False) # 定义登录的IP、用户名和密码print 'login success.' # 登录成功提示cmd = s.invoke_shell() # 创建一个交互式的shell,实现多发送条命令cmd.send("conf t \n") # 发送命令time.sleep(1) # 睡眠1s,特别重要,注释③cmd.send("int f0/1 \n")time.sleep(1)cmd.send("ip add 1.1.1.2 255.255.255.0 \n")time.sleep(1)cmd.send("end \n")time.sleep(1)cmd.send("show ip int bri\n ")time.sleep(1)output = cmd.recv(65535) # 接收输出print output # 打印输出cmd.close() # 关闭交互式shell- 注释:
- ①:实例化可以简单的理解为,将paramiko.SSHClient类的所有属性赋予s。就比如,张三的父亲是富一代,那么属性就是有钱,然后…嗯,差不多,实例化之后,s可以使用原先paramiko.SSHClient()下面所有的办法,其实也可以将其理解为一个别名,给paramiko.SSHClient取个别名叫s
- ②:在登陆时,有些设备会提示以下内容,需要用户输入【yes】才能进行下一步,而使用了这个参数,则不需要输入yes
[root@yunwei cisco]# ssh yunwsn@192.168.108.254 The authenticity of host '192.168.108.254 (192.168.108.254)' can't be established. RSA key fingerprint is SHA256:FBFOoRUMkKYCyDbpZKkRiuhCbiYuOX8EuHLUMoN0C/M. RSA key fingerprint is MD5:b9:ad:29:24:43:bb:48:8c:58:3e:ce:03:a4:74:e2:cf. Are you sure you want to continue connecting (yes/no)? - ③:在我的GNS3中,路由器反应比较慢,比如我输入了conf t ,他可能过了0.5s才能进入config模式,python的下一条命令int f0/1可能在0.5s的时候就执行了,导致命令执行不成功,所以,我在中间加入了一个睡眠,1s后再执行下个命令,大家在使用的时候可以修改这个时间,使命令执行时间更加合理。
4) 实现效果
[root@yunwei cisco]# python ywsn_p_c_lab1.py login success.R1#conf t Enter configuration commands, one per line. End with CNTL/Z.R1(config)#int f0/1 R1(config-if)#ip add 1.1.1.2 255.255.255.0 R1(config-if)#end R1#show ip int briInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 192.168.108.254 YES manual up up FastEthernet0/1 1.1.1.2 YES manual up down FastEthernet0/2 unassigned YES unset up down FastEthernet0/3 unassigned YES unset up down FastEthernet0/4 unassigned YES unset up down FastEthernet0/5 unassigned YES unset up down FastEthernet0/6 unassigned YES unset up down FastEthernet0/7 unassigned YES unset up down FastEthernet0/8 unassigned YES unset up down FastEthernet0/9 unassigned YES unset up down FastEthernet0/10 unassigned YES unset up down FastEthernet0/11 unassigned YES unset up down FastEthernet0/12 unassigned YES unset up down FastEthernet0/13 unassigned YES unset up down FastEthernet0/14 unassigned YES unset up down FastEthernet0/15 unassigned YES unset up down Vlan1 unassigned YES unset up down R1#[root@yunwei cisco]# 微信公众号~运维少年
©著作权归作者所有:来自51CTO博客作者mb5ffd6f0f39006的原创作品,如需转载,请注明出处,否则将追究法律责任更多相关文章
- wordpress登录失败处理user-lock插件安装
- MySQL系列-用户管理
- python3 paramiko 巡检网络设备
- 查看域用户最后登录时间的方法
- CCNP(ISCW)实验:配置Router 将AAA用于管理访问授权
- Linux常用命令
- Ceph 常用命令整理(Monitor)
- 苹果Mac系统如何安装pip命令?
- Ceph 常用命令整理(集群篇)