When it comes to open-source network automation tools, NAPALM is one of the heavy hitters in the industry. For those of you who are new to NAPALM, it is:

... a vendor-neutral, cross-platform open-source project that provides a unified API to network devices.

Typically NAPALM is used for configuring devices, and reading device output. However, NAPALM also provides another lesser-known feature, which is extremely useful, called compliance reporting.

In short, compliance reporting provides a simplistic way (via YAML) to write a set of checks, such as the version must be X or the mgmt IP must be Y. This is then applied to your device, and you are given a JSON based report detailing if your device complies.

Quick example:

# define validator files
$ cat validate-eos.yml
- get_facts:
    os_version: 4.17

# run compliance_report
>>> with eos_driver(**eos_config) as eos:
...     pprint.pprint(eos.compliance_report("validate-eos.yml"))
{u'complies': False,
 u'skipped': [],
 'get_facts': {u'complies': False,
               u'extra': [],
               u'missing': [],
               u'present': {'os_version': {u'actual_value': u'',
                                           u'complies': False,
                                           u'nested': False}}} 

The great thing about this feature is that it isn't just limited to validating configuration. You can also validate the result of running a ping from the device, or validating CPU or memory usage! Niiice...

Ready to Master Network Automation? Start Your Journey Today!
Our membership provides:
  • Full deep-dive course library (inc. Batfish, pyATS, Netmiko)
  • Code repositories inc. full course code, scripts and examples
  • 24x7 multi-vendor labs (Arista, Cisco, Juniper)
  • Private online community
  • Live monthly tech sessions
  • Access to tech session library

Join Now ➜