When it comes to open-source network automation tools, NAPALM is one of the heavy hitters in the industry. For those of you who are new to NAPALM, it is:

... a vendor-neutral, cross-platform open-source project that provides a unified API to network devices.

Typically NAPALM is used for configuring devices, and reading device output. However, NAPALM also provides another lesser-known feature, which is extremely useful, called compliance reporting.

In short, compliance reporting provides a simplistic way (via YAML) to write a set of checks, such as the version must be X or the mgmt IP must be Y. This is then applied to your device, and you are given a JSON based report detailing if your device complies.

Quick example:

# define validator files
$ cat validate-eos.yml
---
- get_facts:
    os_version: 4.17

# run compliance_report
>>> with eos_driver(**eos_config) as eos:
...     pprint.pprint(eos.compliance_report("validate-eos.yml"))
...
{u'complies': False,
 u'skipped': [],
 'get_facts': {u'complies': False,
               u'extra': [],
               u'missing': [],
               u'present': {'os_version': {u'actual_value': u'4.15.2.1F-2759627.41521F',
                                           u'complies': False,
                                           u'nested': False}}} 

The great thing about this feature is that it isn't just limited to validating configuration. You can also validate the result of running a ping from the device, or validating CPU or memory usage! Niiice...

Think this may be useful? Let us know your thoughts. Just hit reply or add to the comments below.

Become a Network Automation Jedi
Join our membership and enjoy:
  • Deep Dive Library
  • Community Support
  • Hands-on Examples
  • Multivendor Labs (beta)

100% Satisfaction Guaranteed!
Cancel your membership at any time.


Join our Community