At work, I spend my day writing Terraform and Yaml and CICD pipelines to apply said resources.
In my home lab I run a 2 (soon to be more) node K3S cluster, which I manage with Flux and a lot of other things.
My main question
I am looking for a router that has one (or more) of the below:
- Good terraform support
- Good Scripting language (Please not the mikrotik language)
Ideally I want to store my routers config in git, and build a CI solution around the config. Not sure how I will deal with the chicken and egg issue of if there is no internet how do you git pull the repo
What I’ve found so far
- Juniper seem to have a community provider that looks really good
- Mikrotik have a somewhat lacking community provider
- pfsense seems to be the worst in terms of commuity supported providers
Currently, I am leaning towards the Juniper solution, but that means removing the CCNA knowledge from my brain to fit their syntax in
Any help would be greatly appreciated!
Terraform is quite severely lacking in anything related to networks(or hardware in general). Ansible has a lot bigger selection and has modules for all the big 3 vendors. and a lot of the smaller ones too. and in a pinch you can write your own. As long as the machine supports SSH, ansible can manage it, from decades old factory automation to elevators to modern Cisco switches.
You’re unfortunately in for a world of hurt if you intend to use terraform.
Try Arista EOS. You can download docker (cEOS) and virtual machine images (vEOS) for free once you create a free account.
You can also spin those up pretty easily with containerlab. And automate/manage them with ansible.
Automating router/networking configs is a whole thing in itself, it’s mainly done in Python though. Like Netmiko, Genie, or Ansible (which is a wrapper around those packages).
Most routers don’t have their own scripting language either. Most solutions are creating SSH tunnels and then running network commands.
It’s also mostly stateless and not idempotent. Which is why you aren’t going to find many routers that have good terraform support, it’s stateful. (How do you reverse commands in a way that doesn’t destroy the router?)
Either way, if it has an API you can always write your own GO Rest Client and create a Terraform module.
But your best bet is to go with the Python solutions, since most our vendor supported.
I will say that I have automated a K3s cluster including the networking with Vyos Cloud-Init capabilities in Proxmox, using Terraform. BGP was used upstream to make routing dynamic
Oh! I was just researching this!
Check out VyOS. You can virtualize it while you determine if it’s the right fit and then once you’re ready, load it onto a physical chassis. I haven’t actually loaded it yet into my lab, but was impressed with the integrations:
Ansible: https://docs.vyos.io/en/latest/automation/vyos-ansible.html
NAPALM: https://docs.vyos.io/en/latest/automation/vyos-napalm.html
Netmiko: https://docs.vyos.io/en/latest/automation/vyos-netmiko.html
Scrapli: https://scrapli.github.io/scrapli_community/reference/vyos/vyos/sync_driver/
Oxidized(works under “vyatta”): https://github.com/ytti/oxidized/blob/master/docs/Supported-OS-Types.md