This project aims to generates automatically the topology of the entreprise showing if there is an access to the network devices. It leverages the modules Flask, APScheduler and Diagrams with Genie/pyATS framework with its connect() method in order to check the access by simply handling ConnectionError exception as in Check_Access project related with Validate/Monitor access to network devices with the integration of Genie/pyATS, WebEx Messenger and Syslog server use case.
In summary, this project :
-
The function Check_Access is scheduled in background with APScheduler and excecuted periodically in order to retrieve the actual topology access state of the devices.
-
A Flask route that retrieve and display the topology access state with legend indicating the access state according to the color : Red device in case No Access and Blue device in case Access Ok. There is two templates: Auto Access State and On demand Access State. In both cases, there is a GIF animation indicating that the topology access state is on process in the case that this latter is not previusly generated or deleted in some reason by the admin.
- Auto Access : Retrieve periodically the topology access state with auto refreshing the web page. Feel free to change the period time in index_auto_refresh_state.html
- On-demand Access : The admin can retrieve the actual topology access state of the devices using a botton.
Here is the topology used in this project:
GNS3 was used with Cisco routers and a Linux machine as Admin since the framework Genie/PyATS works only on Linux or Mac OSX. However, you can use the Windows Subsystem for Linux (WSL, as the case used in this project). You can also test this project using your own emulator or the DevNet Sandbox Cisco Modeling Labs (CML). You just need to modify the parameters concerning the information about the devices used in the connex.yml file (IP addresses, users, IOS type, ...).
The best practice is to leverage Python Virtual Environments (env). Please follow these steps to clone the Git repository and create and active the virtual environment:
git clone https://github.com/cherifimehdi/Graphical_Check_Access.git
cd Graphical_Check_Access
python3 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
As the packages used are found in requirements.txt file, alternatively, you can install the packages as follows:
pip3 install pyats[full]
pip3 install flask
pip3 install diagrams
pip install apscheduler
Diagrams requires Graphviz to render the diagram. You need to install Graphviz and Python 3.6 or higher.
Please consider to:
- Modify the parameters in connex.yml file according to your devices configuration and types (IOS, ip, credentials,...)
- Save the index_auto_refresh_state.html and index_on-demand_state.html files in the folder templates and the images router.jpg, switch.jpg, router-no-access.jpg, switch-no-access.jpg, vSwitch.png and Access_Problem.gif in the folder static (in this case the same folder as the topology generated and overwritten each time containing the state of the devices Topology_Result.png)
Here we run the graphical_check_access.py script from the Admin host:
(Graphical_Check_Access) [mehdi@Graphical_Check_Access]$ python graphical_check_access.py
* Serving Flask app 'graphical_check_access' (lazy loading)
* Environment: production
WARNING: This is a development server. Do not use it in a production deployment.
Use a production WSGI server instead.
* Debug mode: on
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger PIN: 615-503-771We use index_auto_refresh_state.html template to automatically show the access state of the devices periodically.
Before building the access state : 
In the case there is an access to the devices: 
Now we deactivate the access for the router R3: 
In the case there is no access to the devices: 
We use index_on-demand_state.html template to give the admin the possibility to retirive the access state of the devices using a botton.
Before building the access state : 
In the case there is an access to the devices: 
Now we deactivate the access for the router R3:
In the case there is no access to the devices: 
Active Cisco CCAI Instructor and Network Engineering Trainer. Part of Cisco DevNet Class 2020. Cisco DevNet Code Exchange and Automation Exchange Contributor. I am interesting in all about NetDevOps, Networking programmability and automation. I am a Cisco contents fan.