One of the common types of network engineering sleuthing is discovering what changed when the network is behaving differently, but everyone is saying “nothing changed.” In large networks this can be like looking for that needle in a haystack without a magnet… long, tedious, and rewarded by a painful “stick” if and when you finally find what you are looking for. I’d like to share a new tool every network engineer must have in their toolbox to help with this work, Genie.
Genie is part of pyATS, a FREE and Open Source network testing and validation framework from Cisco. pyATS started out years ago inside of Cisco to help our software developing IOS, XR, and NX operating systems run tests of the software features of the platforms. After many customers expressing interest in using the tooling for their own testing, the Cisco Test Automation team within Cisco started looking at options to make the framework available to customers. Several options were explored for how to release it, and I am BEYOND EXCITED that a FREE and Open Source model was selected.
With pyATS network engineers can build very robust test cases in Python to run through everything from general to specific tests. A couple examples include ensuring no interfaces are reporting CRC errors, or that all defined neighbors in BGP are up and established. You can checkout some great examples up on GitHub here!
But what if you are just getting started with automation and aren’t ready to write test cases in Python? Never fear, this is where Genie CLI steps in to allow access to many of the core features of pyATS in a NO CODE model. How about an example…
Call back time… remember that opening sentence in this blog… (go ahead and scroll back up and read it again). Now before we go looking for “what changed,” we need to have something to compare against. Let’s call it our “known good” configuration. So when the network is all good, we want to “profile” our network and “learn” the current configuration. This is done with genie like this.
genie learn conf --testbed-file network.yaml --output good
This command will connect to the devices listed in your “testbed” and learn the configuration from every device. I know what you’re thinking… “Big Whoop Hank… anyone can run ‘show running-configuration’ on a device. And you are right… but that’s not the magic part. What Genie does is “parse” (a fancy programming term for read through and process) the configuration into a structured JSON object that is really easy to process with automation – as we’ll see in the next step.
So you’re ready for the next time “nothing changes.” As your team is all pointing fingers at each other and insisting they didn’t change anything, quietly walk back to your office and fire up your terminal to enter this command.
genie learn configuration --testbed network.yaml --output nothing_changed
You’ll now get a current copy of the configuration across your network, and you can open up all the files and read through them looking for changes….. I’M KIDDING! While that would be possible, it’s a terrible idea. Instead have Genie do it for you with this command.
genie diff good nothing_changed
You’ll get a nice output that looks like this
+==============================================================================+ | Genie Diff Summary between directories good/ and nothing_changed/ | +==============================================================================+ | File: config_iosxe_csr1000v-1_ops.txt | | - Diff can be found at ./diff_config_iosxe_csr1000v-1_ops.txt | |------------------------------------------------------------------------------| | File: config_iosxr_iosxr_ops.txt | | - Diff can be found at ./diff_config_iosxr_iosxr_ops.txt | |------------------------------------------------------------------------------| | File: config_nxos_sbx-n9kv-ao_ops.txt | | - Diff can be found at ./diff_config_nxos_sbx-n9kv-ao_ops.txt | |------------------------------------------------------------------------------|
Look at that… there WERE some changes, and they are highlighted inside some Diff files. These files look something like this…
--- gold_config/config_iosxe_csr1000v-1_ops.txt +++ changed/config_iosxe_csr1000v-1_ops.txt +Current configuration : 9351 bytes: +interface Loopback1001: + description GenieLoop1001: + no ip address: +interface Loopback1184: + description New Interface Created with Genie change: + no ip address: -Current configuration : 9191 bytes:
With this new found knowledge, head back to your team and calmly ask who added a couple of Loopback interfaces to the network (or whatever change you actually found). It is VERY important to keep the self satisfied smirk off your face and definitely not in your tone of voice. No one likes that.
Phenonomal COSMIC POWER is yours!
Pretty darn cool huh… well guess what, there’s more. Genie can learn more than just “configuration.” It can learn and compare other network features such as interfaces, vlans, ospf, and many more. This lets you quickly find not just the changes in configuration, but also operational details like interface counters, route neighbors, spanning-tree stats, etc.
If this is tickling your fancy (and be honest, it totally is), please join me on October 17th 2019 for a DevNet Webinar. I’ll be talking all about this amazing feature and how you can use it today.
You can also check out these great resources on pyATS and Genie right now:
- pyATS and Genie on DevNet
- NetDevOps Live! episode on pyATS and Genie
- This exact use case on Automation Exchange
- A self-guided Genie CLI demo I wrote
- Some Learning Labs on pyATS and Genie
Have fun with your new super-power and definitely let me know what you’re using it for. Drop me a comment here, or over on Twitter @hfpreston or LinkedIn @hpreston.
Until next time!
We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!
Twitter @CiscoDevNet | Facebook | LinkedIn
Visit the new Developer Video Channel
Big Whoop Hank… We have a git repo (migrated from an svn repo years ago) containing every config of all of our devices, automatically collected and commited into the repo – we can scroll back through every switch-, router- and firewall-config since the dawn of time.
Oh this also works great as distributed backup and database to research issues even when nothing is working. Just have the network team run a cronjob pulling the git on a regular base.
Great article!