IP Fabric webhook for automated remediation

Jan 5, 2021 · 3 min read · networking monitoring software ipfabric ·

Share on:

IP Fabric network discovery can collect the network state. Release 3.7.0 introduced webhooks.

Let's see how webhooks can be used for automated remediation.

Brownfield automation

In a common brownfield scenario, an existing network is carefully configured box-by-box by ~~CLI huggers~~ network engineers.

It is not unusual to forget to save the configuration after a quick network change while multitasking. Even in the best network design an ~~unexpected reboot~~ unplanned redundancy test can have an impact if a device reboots with an old configuration.

The remediation usually involves getting the latest backup from some repository and pushing the configuration to the box. If the configuration backup is not updated or missing time to recover can be quite long.

IP Fabric includes a long list of checks that are performed after every snapshot. In this post we will focus on the saved configuration check

A saved configuration check is available when a user forgets to save a changed configuration. IP Fabric compares the actual (running) configuration with the saved (startup) configuration and the results can be found in the Technology → Management → Saved Config Consistency table.

Info

The same workflow can be applied to any check.

Workflow

A webhook is a custom callback. IP Fabric introduced webhooks in release 3.7.0. We will use it as a starting point of the remediation workflow:

IP Fabric executes a network discovery
when the discovery completes a webhook is sent to a listener running on a Linux box
the listener queries IP Fabric via API to verify if any device fails the saved configuration check mentioned before
if any device fails the check, a script is executed to apply the remediation (save the configuration) only where necessary (the non-compliant devices)

Details of the implementation

For this demo I used:

FastAPI as a listener of the webhook
nornir_ipfabric module to collect the inventory from IP Fabric
netmiko to send commands to the devices
nornir automation framework

This video shows a demo of the process:

Wrap up

Automated remediation can be a starting point for a larger network automation initiative.

In this demo we fixed the issue in the workflow itself. In some cases, when a more conservative approach is preferable, remediation could be as simple as opening a support ticket to engage a network engineer to manually apply the fix.

Leveraging IP Fabric's automated discovery, data normalization, webhooks, and API it is possible to implement an automation workflow minimizing the necessary code and all the associated additional work and risks.

Don't forget to subscribe to my youtube channel, I will posts more details about the webhook implementation soon.

Links

IP Fabric website

Listen about IP Fabric on IPSpace Software Gone Wild Podcast

nornir-ipfabric module

FastAPI