In this post we are going to use nornir to manage the IP addresses and firewall rules of a simple hub and spoke topology.
design description.
topology
[topology]()
Firewall information
Device | Interface | Address | Zone |
---|---|---|---|
ny-fw-1 | ge-0/0/0.0 | 10.1.10.1⁄24 | Trust |
ny-fw-1 | ge-0/0/1.0 | 192.0.2.2⁄30 | Untrust |
ny-fw-1 | st0.0 | 172.16.123.1⁄24 | VPN |
la-fw-1 | ge-0/0/0.0 | 10.2.10.1⁄24 | Trust |
la-fw-1 | ge-0/0/1.0 | 192.0.2.6⁄30 | Untrust |
la-fw-1 | st0.0 | 172.16.123.2⁄24 | VPN |
disclaimer about beta nornir (link back to KB https://pynet.twb-tech.com/blog/nornir/os-upgrade-p1.html)
[All in a Python virtual environment]
$ git clone https://github.com/nornir-automation/nornir
Cloning into 'nornir'...
# CD into the repo
$ cd nornir/
# Verify current branch
$ git branch
* develop
$ git fetch origin
# Create a 2.0 branch that tracks the origin/2.0 branch
$ git checkout -b 2.0.0-beta origin/2.0.0-beta
Branch 2.0 set up to track remote branch 2.0 from origin.
Switched to a new branch '2.0'
# Verify we are on the 2.0 branch
$ git branch
* 2.0.0-beta
develop
# Install Nornir and its dependencies (including development dependencies)
$ pip install -r ./requirements-dev.txt
$ pip install -e .