Network Automation - Python vs Ansible
The short answer is "it depends"
Overview
In today's world of Network Automation, two popular choices are Ansible and Python. Both have their pros and cons and choosing between them depends on your specific requirements and skillset.
In this blog post, let's go through the differences between Ansible and Python for Network Automation and when to use each one. Please note that I'm writing this from my own experience using both tools for a few years.
Ansible
Ansible is a popular Automation tool that uses a declarative/procedural language called YAML to define configuration management tasks. A declarative language is used to tell a system what you want it to do, without having to give it specific instructions on how to do it. In simpler terms, you simply state what you want the system to accomplish, and the computer figures out the details of how to do it.
In a nutshell, declarative language is like giving someone a recipe. It's a way to describe what you want, without saying exactly how to do it. For example, we can say, "I want a sandwich with ham, cheese, and lettuce," but you don't explain how to make it step-by-step. You just state what you want, and the person making the sandwich figures out how to do it.
Declarative languages abstract away the details of how things are done, allowing us to focus on what needs to be done.
Let's look at the following example where I'm telling Ansible to configure 192.168.10.1/24
on interface GigabitEthernet0/5
. With declarative language, I don't need to tell Ansible the exact commands that need to be run on the Cisco device, Ansible will figure that out.
- name: L3 Interfaces
cisco.ios.ios_l3_interfaces:
config:
- name: GigabitEthernet0/5
ipv4:
- address: 192.168.10.1/24
Ansible is known for its simplicity and ease of use, making it an excellent tool for beginners to get into Network Automation. With Ansible, you can automate tasks such as configuration management and network provisioning.
Python
Python is a general-purpose programming language that is also used for Network Automation. Python provides a wide range of libraries (Netmiko, Nornir, Napalm) and frameworks that can be used to automate tasks, making it a versatile tool for Network Automation. Python provides more flexibility and control over Ansible.
A programming language is like giving someone a set of instructions to follow. You tell them exactly what to do and how to do it, step-by-step.
Using our previous analogy, a programming language is like the set of detailed, step-by-step instructions you give to your friend to make that sandwich. Here's how it might look - Grab two slices of bread, spread mayonnaise on one side of each slice, place a slice of ham on top of the mayonnaise on one of the bread slices and blah blah. You get the point right
Unlike Ansible, you will need to tell Python exactly what it needs to do. For example, to configure an ACL on a Cisco device, you may need to write a script that includes the exact command access-list 1 permit any
that needs to be pushed to the device.
from netmiko import ConnectHandler
cisco_01 = {
"device_type": "cisco_ios",
"host": "10.10.20.17",
"username": "cisco",
"password": "cisco123",
"secret": "cisco123" # Enable password
}
connection = ConnectHandler(**cisco_01)
connection.enable() # Enable method
connection.config_mode() # Global config mode
connection.send_command('access-list 1 permit any')
print('Closing Connection')
connection.disconnect()
So, when should you use Ansible, and when should you use Python for Network Automation? Let's take a closer look.
When to use Ansible for Network Automation?
Ansible is an excellent tool for simple automation tasks such as configuration management. If you have a small network with simple automation needs, Ansible can be a great tool to get started with automation.
As I mentioned before, Ansible's YAML syntax is easy to learn and understand, making it an excellent tool for beginners. With Ansible, you can quickly get started without needing to learn a programming language. If you have a small team and limited resources, Ansible can help you achieve automation faster.
Ansible is particularly well-suited for Configuration Management Tasks and Orchestration. Ansible excels at orchestration, which involves coordinating the execution of multiple tasks across multiple systems. It can manage dependencies between tasks, handle errors, and roll back changes if necessary.
Ansible is also great for automating simple tasks, such as copying files to network devices or running commands on multiple devices. It provides a simple and consistent interface for these tasks.
When to use Python for Network Automation?
Python provides more flexibility and control compared to Ansible making it an excellent choice for complex automation tasks. If you have complex automation needs, Python can provide more powerful tools to accomplish those tasks.
Python also provides a wide range of libraries and frameworks that can be used to customize automation tasks to fit your specific needs. Python can be easily integrated with other tools and systems, making it an excellent tool for integrating different automation tools.
From my experience Python excels when custom logic is required which means it can be used to build complex scripts and automate tasks that require custom logic. For example, you might use Python to build a script that extracts data from network devices and performs complex analyses on it.
Want to learn more?
If you want to learn more about Ansible - https://www.packetswitch.co.uk/tag/ansible/
If you want to learn more about Python - https://www.packetswitch.co.uk/tag/python/
Closing Thoughts
In conclusion, both Ansible and Python are excellent tools for Network Automation. Ansible is an excellent tool for simple automation tasks and is easy to learn. Python, on the other hand, provides more flexibility and control over automation and is an excellent tool for complex automation tasks.
When choosing between Ansible and Python, it's essential to consider your specific requirements and skillset.