Network Switch APIs (and the Lack Thereof)
Since the dawn of time on managed network switches, we’ve had the CLI. Well, that’s a bit of a lie – menu driven interfaces were the go-to option for a number of years. But the point still stands in that when it comes to managed switches, the CLI is king.
Now as with the CLI options in many other IT systems, you’d expect that automation and scripting have become prevalent. After all, you don’t configure desktops and servers by hand nowadays. But networking… well, seems to be lacking in that department.
While yes, there are shiny new options out there with full REST APIs available and standards are being worked on for defining the models that make up a network, it doesn’t tackle today’s existing deployments. On large campus deployments, changing a port’s purpose is a regular job. While 802.1x can (and does) take a lot of the manual effort out, it’s not deployed everywhere.
At the moment, even that simple port role change job requires me to return to my desk (we’re a small team that also tackles physical patching) and fire up the CLI. The “interface range” command is great for mass changes but becomes less useful when configuring ports splattered across a stack.
This, along with a whole bunch of troubleshooting work I’m occasionally involved in, has prompted me to write a web interface that allows the management of switches from your mobile phone. It’s only got the configuration feature at the moment but looks something like this:
While it’s not complete, I can pass on a couple of lessons. Firstly, the likes of Netmiko make the job of SSH-ing into the equipment very easy. But that’s something I shouldn’t even need to be doing. A proper API would be nice but I must admit that even HP’s own IMC uses SSH on our equipment.
Secondly, if you’re developing a web based system, use a proper framework. I’ve been using Symfony and it’s resulted in far more cleaner/maintainable code than doing everything by hand would. It’s even got bindings (with the right bundles) into the RabbitMQ system I’m using to pass the configuration jobs between the web interface and the Python script that actually does the work.
Like I said, it’s still work in progress and I’ve got my own ideas about features to be added. However, I do want to ask, what would you look for in a web based management system for your network infrastructure?