On-box programmability allows networking devices to run scripts and programs directly on the device to enable event-driven automation and monitoring. The document discusses how Cisco, Juniper, Arista, and now Catalyst devices support various scripting languages like Python, Tcl, and Lua through mechanisms like Cisco's Embedded Event Manager (EEM). It provides an example of using EEM and a Python script on a Catalyst 3850 to detect routing table changes and post a message to Cisco Spark, demonstrating how on-box programmability can integrate with external systems.

1. On-box programmability
Kazumasa Ikuta
2017.10.10
NetOpsCoding#5 × ネットワークプログラマビリティ勉強会#13

2. 2010年1月21日木曜日。新潟某所にて…
https://www.janog.gr.jp/meeting/janog25/program/rscript.html

4. • Ciscoさん EEM（2003頃〜） … CLI or Tcl
• YAMAHAさん Luaスクリプト（2009/10） … Lua
• Juniperさん JUNOScript2.0 … XSLT/SLAX

5. あれから、
7年と8ヶ月…

6. Junos で On-box Python

7. Arista EoS Event Manager (Condition  Action)

8. Catalyst までも…
#! /bin/bash
LXC
&&
参考：Catalyst 3850 IOS-XE 16.6.1

9. Cat3850-3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Cat3850-3(config)#iox
Cat3850-3(config)#exit
Cat3850-3#
Cat3850-3#guestshell enable
Management Interface will be selected if configured
Please wait for completion
guestshell is in RUNNING state
Cat3850-3#
Cat3850-3#guestshell
[guestshell@guestshell ~]$
[guestshell@guestshell flash]$ pip list install
DEPRECATION: The default format will switch to columns in the future. You can use --format=(legacy|columns) (or define a
format=(legacy|columns) in your pip.conf under the [list] section) to disable this warning.
certifi (2017.7.27.1)
chardet (3.0.4)
idna (2.6)
pip (9.0.1)
requests (2.18.4)
setuptools (22.0.5)
urllib3 (1.22)
[guestshell@guestshell flash]$ vi sho-ver.py
[guestshell@guestshell flash]$
[guestshell@guestshell flash]$ cat sho-ver.py
#!/usr/bin/python
import cli
print cli.execute('show version')
[guestshell@guestshell flash]$
[guestshell@guestshell flash]$ python ./sho-ver.py | grep bin
System image file is "flash:cat3k_caa-universalk9.16.06.01.SPA.bin"
[guestshell@guestshell flash]$
Catalyst で bash
vi, Python
pip

10. cat3850(config-applet)#event ?
application Application specific event
cli CLI event
config Configuration policy event
counter Counter event
env Environmental event
gold GOLD event
identity Identity event
interface Interface event
ioswdsysmon IOS WDSysMon event
ipsla IPSLA Event
mat MAC address table event
neighbor-discovery Neighbor Discovery event
nf NF Event
none Manually run policy event
oir OIR event
rf Redundancy Facility event
routing Routing event
rpc Remote Procedure Call event
snmp SNMP event
snmp-notification SNMP Notification Event
snmp-object SNMP object event
syslog Syslog event
tag event tag identifier
timer Timer event
cat3850(config-applet)#action 100 ?
add Add
append Append to a variable
break Break out of a conditional loop
cli Execute a CLI command
cns-event Send a CNS event
comment add comment
context Save or retrieve context information
continue Continue to next loop iteration
counter Modify a counter value
decrement Decrement a variable
divide Divide
else else conditional
elseif elseif conditional
end end conditional block
exit Exit from applet run
file file operations
force-switchover Force a software switchover
foreach foreach loop
gets get line of input from active tty
handle-error On error action
help Read/Set parser help buffer
if if conditional
increment Increment a variable
info Obtain system specific information
mail Send an e-mail
multiply Multiply
policy Run a pre-registered policy
publish-event Publish an application specific event
puts print data to active tty
regexp regular expression match
reload Reload system
set Set a variable
snmp-object-value Specify value for the SNMP get request
snmp-trap Send an SNMP trap
string string commands
subtract Subtract
syslog Log a syslog message
track Read/Set a tracking object
wait Wait for a specified amount of time
while while loop
内部イベント検出
アクション
&&

11. Demo
https://www.youtube.com/watch?v=7Hla36hkwt0&t=4s
EEM • ルーティングテーブル
の経路変化でトリガー
• Pythonに情報を提供
REST API
OSPF
経路
Catalyst 3850Cisco 1900
×
+ローカルファイルに記述

12. ::cisco::eem::event_register_routing network 1.1.1.0/24 type all ge 24
import requests
import sys
import eem
ACCESS_TOKEN = ”<access_token>"
ROOM_ID = ”<room_id>"
def setHeaders():
accessToken_hdr = 'Bearer ' + ACCESS_TOKEN
spark_header = {'Authorization': accessToken_hdr, 'Content-Type': 'application/json; charset=utf-8'}
return spark_header
def postMsg(the_header,roomId,message):
message = '{"roomId":"' + roomId + '","text":"' + message +'"}'
uri = 'https://api.ciscospark.com/v1/messages'
resp = requests.post(uri, data=message, headers=the_header)
print resp
event = eem.event_reqinfo()
message = ’# RoutingTable Change Detected # -> ' + event['network'] + '-' + event['type'] + '-BY-' + event['protocol']
header=setHeaders()
postMsg(header,ROOM_ID,message)
routewatch.py 1. ルーティング変更イベントを検出したら…
2. 通知内容を作って…
3. 書く。以上。
https://qiita.com/kikuta1978/items/42526882b57eafe480ad

13. SiSi SiSi
SiSiSiSiSiSi SiSiSiSiSiSi SiSiSiSiSiSi
• ネットワーク越しではできないことができ、想像力が膨らむ！（装置内のAPIとか）
• 装置やベンダーに依存する分、オープンに議論しにくい（かもしれない）
• やってみると、けっこう楽しい（しかもわりとリアルに役立つかもしれない）
まとめ：On-box プログラマビリティ
外部からの監視や自動化
• Zabbix
• Python
• Ansible
• Netconf/YANG
• …
内部からの監視や自動化
Shell
Python
EEM
Shell
Python
EEM
• On-box Python
• コンテナ
• イベント -> アクション
• …

14. Thank you!