For most network engineers getting started with network automation, the first question is usually Ansible or Python for Network Automation?
Whilst Ansible is written in Python you don’t need to know any Python to be able to use it. Whilst to perform any network automation using Python you need to understand it very well.
This post will discuss both sides of the argument and hopefully by the end of it, you will have a clear view of what you should start learning.
Ansible and Python are not direct equivalents. Ansible is a tool which is written in Python (and is therefore easy to extend if you know Python). There are things that Ansible is good for (most configuration changes, audits, repetitive tasks across multiple devices) and there are things that a pure Python script will be better for. Pure Python will also give you complete control on performing very specific tasks.
Ansible for Network Automation
Ansible is a an open source platform from Red Hat which consists of Ansible core and or Ansible Tower.
Most engineers getting started use Ansible core which is a command line driven piece of software that uses modules to perform network automation tasks. They write playbooks which are written in YAML and all the code is executed from the command line.
You will need to have an understanding of Linux to run Ansible because as of the time of writing (Jan 2020) Ansible can only be installed on a Linux platform.
Python for Network Automation
Python on the other hand is an interpreted, object-oriented, high-level programming language which can be run on Windows or Linux.
This gives a small advantage that you could run Python code directly from your Windows laptop but to get started you are going to need to know how to write Python code.
Advantages of Ansible
Ansible is a complete platform designed originally to automate Linux server updates but has been widely adopted by the networking community over the last few years following the purhcase of Ansible by Red Hat and the increase in the amount of network modules available.
Ansible keeps track of all devices with it’s inventory file or hosts file. You define all the devices you want to automate and then write a simple playbook in YAML.
An Ansible playbook is very human readable and most people could figure out what the playbook is doing by reading through it.
One of the big advanges of Ansible is that you could write a playbook and then give it to one of your team who could very quickly understand what it was doing and how to edit it.
Compare this to Python where if nobody on your team can understand Python and you give them a script it might be more difficult to hand over.
Ansible also has a very big community and there is a lot of support and as previously mentioned a lot of network modules.
Check this list for the current latest list of Ansible Network Modules
Disadvantges of Ansible
Whilst Ansible is very good at performing repetitive well defined tasks, where Ansible falls down is if the requirements get a bit more complicated. i.e different devices, different operating systems & different connection methods.
I recently used Ansible to upgrade the IOS on 200 x Cisco 3850 switches. The task was well defined and just had to be performed over a period of days and Ansible was the perfect tool.
However if the switch vendor was different and connection methods were different this would have made the playbook very complex. Writing a custom Python script for this task would have been easier.
Advantages of Python
With Python you can pretty much do anything you want, as long as you know how to code it!
Python is now installed on a lot of network platforms and you can run Python code directly on the device.
Also Python is now the computer language of choice for 8 out of 10 computer science departments including MIT and UC Berkley
So Python is not going away, in fact it’s popularity is growing year on year and will only be used more and more for network automation as network engineers develop their skills.
Dis-advantages of Python
The only real dis-advanage of using Python for network automation is the skill level required to use it.
There is usually one engineer who has a good understanidng of Python and he is usually trying to get everyone else to use it. As time goes on and the popularity of Python increases amongst network engineers it will become a standard skill amongst engineers and as the general skill level improves within the industry it’s use will increase.
So, to conclude this discussion. If you want to get started with network automation and you have no knowledge of Python or Ansible then I would recommend you start to use Ansible just to see how it works and then once you have some basic skills also start to learn Python.
If you have some well defined tasks that have solid outocmes, like backing up config files, performing network audits, upgrading IOS images Ansible is a fantastic tool. However alongside learning Python I would also recommend you start to familiarise yourself with Python
Whilst network automation platforms will come and go, Python will remain as a constant.