This program reads in the configuration file from a Cisco router or switch running IOS-XE extracts the unique information and inserts it into a new configuration at designated locations.
This new configuration is then rendered with a Jinja template with site specific configuration parameters and a golden configuration Jinja template that consists of best practice configurations standard across all site.
This program was developed to meet the need to upgrade switch configurations during platform upgrades using the latest industry best practices and enterprise security standards in an automated fashion.
- Leverages Jinja templating in a .j2 template per site with macros for config blocks like DNS, SNMP, etc.
- Certain unique configurations are extracted as unstructured code blocks, such as interface configurations and routing
configurations.
- These configurations are currently just pasted into the new configuration at set locations in the config
designated by
!!![config_name]!!!.- i.e
!!!Interfacesis used to designate where the interface configuration goes.
- i.e
- These copied configurations should be peer-reviewed for relevance and application to the new platform. Specifically interfaces names might change, VLANs might no longer be needed, etc.
- Future releases will include parsers for these configurations for easier transfer to the new configuration
- These configurations are currently just pasted into the new configuration at set locations in the config
designated by
[Step 1] Clone repo:
git clone git@github.com:jconwell3115/Golden_Config_Generator.git[Step 2] Navigate to the project directory
cd Golden_Config_Generator[Step 3] Install required dependencies:
pip install -r requirements.txt[Step 4] (Optional) Install pre-commit:
pre-commit install(GoldenConfigGenerator) jconw483@Jons-PC ~/Work_Environments/GoldenConfigGenerator/Golden_Config_Generator $ python3 golden_config_generator.py -h
usage: golden_config_generator.py [-h] [-c CONFIG]
This program reads in an old configuration file and then converts it to a new 'golden'
configuration using industry standard best practices for Cisco Catalyst switches running
IOS-XE versions 16.9 and up.
options:
-h, --help show this help message and exit
-c CONFIG, --config CONFIG
Configuration file to convert
Thanks for using golden_config_generator!
This program can be ran with the
-c {{ switch_config }}or with no argument. If run with no argument the program will ask for the name of the switch configurationFuture release will include the option to convert all configurations in a given directory.
Run the program on the test configurations for proof of concept:
Sample configurations files are located in the configuration_files/old_configurations directory.
(.venv) $ golden_config_generator.py -c S1-AS-3320-104-1.cfgThis will output the new configurations in the configuration_files/new_configurations directory.
There will be a template rendered with the {{ hostname }}.j2 located in the
templates/new_switch_templates directory
.
├── configuration_files
│ ├── new_configurations
│ │ ├── S1-AS-3320-104-1_2025_03_14.cfg
│ │ └── S3-CS-2015-321-1_2025_03_14.cfg
│ └── old_configurations
│ ├── S1-AS-3320-104-1.cfg
│ ├── S2-AS-527-109-1.cfg
│ └── S3-CS-2015-321-1.cfg
├── golden_config_generator.py
├── LICENSE
├── pipdeptree_current.txt
├── pyproject.toml
├── README.md
├── requirements.txt
└── templates
├── new_switch_templates
│ ├── S1-AS-3320-104-1.j2
│ └── S3-CS-2015-321-1.j2
├── site_1.j2
├── site_2.j2
├── site_3.j2
└── switch_template.j2
-
configuration_files - Directory to store old and new configurations
- new_configurations - Directory that holds the new golden configs created by the program
- old_configurations - Directory that the program searches for the configurations to be converted
-
templates - Directory that stores the site specific templates and the base golden config switch template
- new_switch_templates - These are the templates created during the program run, these aren't really needed, but are good reference to see the workflow.
This is a general idea and the details would need to be defined a bit more
-
Create Ansible Playbook that orchestrates the following
- Login to a live network device and gather the configuration.
- Save the file locally and to the flash on the network device.
- Copy the configuration to flash:[hostname]_automated_reconfigure.cfg.
- Run the configuration through the golden_config_generator.py program to generate a new configuration.
- Copy the new configuration to the live network device
- Create an eem script that will copy the new configuration into startup and reload the device.
- The EEM script needs to be in the new configuration as well.
- The EEM script will run checkouts after the reboot to ensure everything is working fine, else it will revert the configuration to the old config and reload again.
Add Jinja tempaltes for sitesAdd base configuration templateModularize the code into smaller methodsAdd generic old configuration files for testing and proof of conceptCLI arguments to take the file name- Add a CLI switch to read and convert all files in a given directory
Email:
jconwell3115@gmail.comPhone: 867-5309
Please note: This script is meant for demo purposes only. All tools/ scripts in this repo are released for use "AS IS" without any warranties of any kind, including, but not limited to their installation, use, or performance. Any use of these scripts and tools is at your own risk. There is no guarantee that they have been through thorough testing in a comparable environment and we are not responsible for any damage or data loss incurred with their use. You are responsible for reviewing and testing any scripts you run thoroughly before use in any non-testing environment.