puppet enterprise for the network

PUPPET AND NETWORKING

Jeremy Schulman - Director | Automation Concept Engineering

@nwkautomaniacjschulman@juniper.net

WHY DID WE DO IT?

Device running Junos OS

Puppet Netdev modules

Ruby Gems

Ruby Interpreter

Puppet Agent (client)

Puppet Master (server)

netdev

jpuppetpackage

PUPPET FOR JUNOS

(FreeBSD)

JUNOS XML APION-BOX AND OFF-BOX AUTOMATION

Secure TCP/IP connections viaSSHv2 (RFC4742)

NETCONF XML PROTOCOL (RFC4741)

SwitchingSecurity Routing

Management System

Automate config changes,remote invocation of operational commands,collection of logs

Secure and connection oriented … SSHv2 as transport Structured and transaction based … XML as RPC request / response User-class privilege aware … Native to Junos Comprehensive & Consistent ... Automate everything

NETCONF client libraries exist for a number of programming languages such as Java, Perl, Ruby, Python, and even SLAX !

PUPPET "NETDEV" MODULE

Netdev is a vendor-neutral network abstraction framework developed by Juniper Networks and contributed freely to the DevOps community

Juniper has contributed basic layer-1 and layer-2 network abstractions

DevOps can extend the framework to define any abstractions or features they need for their environment

The Netdev framework is open and free; i.e. the “DevOps” way

PUPPET FOR JUNOS

“DevOps” Approach:

Netdev module source code is in Github

All packages are stored where they should be (Puppet Forge,…)

Support done on J-Net community forum

Juniper technical documentation available

Free, “BSD-style” license

NETDEV RESOURCES TYPES

Resource Description

netdev_vlan Manages VLAN configuration

netdev_interface Manages Physical Interface configuration

netdev_l2_interface Manages VLAN to interface assignments

netdev_lag Manages Link Aggregation Group configuration

class switch_template { netdev_vlan { "Pink": vlan_id => 703 } netdev_vlan { "Green": vlan_id => 101 } netdev_l2_interface { 'ge-0/0/19': untagged_vlan => Pink, } netdev_l2_interface { 'ge-0/0/20': description => "My port, back off!", untagged_vlan => Blue, tagged_vlans => [ Green, Black, Yellow ], } }

NETDEV_VLAN MANAGE VLANS

Property Description

name The name of the VLAN, e.g. “Blue”

vlan_id The VLAN tag-ID value [ 1 .. 4095 ]

description The VLAN description. If one is not provided, then it will default to:Puppet created VLAN: <name>: <vlan-id>

VLANs are assigned to ports using the netdev_l2_interface resource

NETDEV_INTERFACE MANAGE PHYSICAL INTERFACES

name The name of the interface, e.g. “ge-0/0/0”

description Assigns the description value to the interface, defaults to:Puppet created interface: <name>

admin Configures the administrative state, defaults to up:up, down

mtu Configures the interface MTU value

speed Defaults to auto, Forces the link speed:10m, 100m, 1g, 10g, auto

duplex Defaults to autoForces the link duplex:full, half, auto

NETDEV_L2_INTERFACE MANAGE ASSIGNMENT OF VLANS TO SWITCH PORTS

name The name of the interface, e.g. “ge-0/0/0”, note: does *not* include the unit number

description Assigns the description value to the interface, defaults to:Puppet created eth-switch: <name>

untagged_vlan VLAN name for untagged packets. If the port is also processing tagged packets, then this VLAN is the "native VLAN"

tagged_vlans VLAN names for tagged packets. This could be a single value, or an array of values. When this property is set, vlan_tagging property defaults to enable

vlan_tagging Normally not used ... automatic by Puppetdisable (default) - port is in access mode, tagged packets discardedenable - port is in trunk mode, tagged packets processedAutomatically set to enable if tagged_vlans is also set

NETDEV_LAG MANAGE LINK AGGREGATION GROUPS

name The name of the interface, e.g. “ae0”

links A list of physical interfaces that makes up the LAG bundle

lacp Controls if and how the Link Aggregation Control Protocol (LACP) is used.disabled (default) – LACP is not usedactive – LACP is in the active modepassive – LACP is in the passive mode

minimum_links The number of physical links that must be in the “up” condition to declare the LAG port in the “up” condition. By default this value is not set and there is no minimum link requirement

AUTOMATION IS LIKE EATING ICE CREAM

• Everyone want it

• Everyone wants something different

• No-one wants to make it

• No-one wants to clean up the mess

HOW DO YOU EAT ICE CREAM?

Banana Splitat Baskin Robins

Self ServiceFrozen Yogurt

The Grocery Store DIY with Kitchen-Aid

FRICTIONLESS IT AUTOMATION

Return on Investment Increase revenue throughput

Reduce costs to manually do repetitive work

Reduce costs due to delays and errors

Reduce Risk Manually operated complex systems are fragile

Improve Service Network infrastructure is a "utility" that runs the business

Server and application automation is the standard

Network automation must "level-up"

Nodal Automation

( Puppet, Chef )

Ad-HocScripting

( Bash, Perl )

IT WorkflowOrchestration

Business Workflow

Orchestration

Associate

Specialist

Professional

Expert

Network

Value is a function of automation programming and system integration that drives the business

Value is a function of mastering vendor CLI and networking domain knowledge

SERVER WORLD

Device running Linux

Linux Kernel

Fedora Distribution

Applications Applications

Middleware

Discrete collections of package / files / service

More discrete collections of package / files / service

NETWORKING WORLD

Device running Junos

Junos Image

Initial Configuration

Service Service

Discrete collections of configuration statement

More discrete collections of configuration statement

OPPORTUNITIES FOR NETWORK AUTOMATION

Device running Junos

Junos Image

Initial Configuration

Service Service

BUILDHOUSE

CHANGEHOUSE

LEARN MORE ABOUT PUPPET FOR JUNOS

THANK YOU !

NETDEV_L2_INTERFACEACCESS PORT EXAMPLE - EX PLATFORMS

node "ex4" { netdev_device { $hostname: }

netdev_l2_interface { "ge-0/0/9": untagged_vlan => Green } }

interfaces { ge-0/0/9 { unit 0 { description "Puppet created netdev_l2_interface : ge-0/0/9" family ethernet-switching { port-mode access; vlan { members Green; } } } }}

NETDEV_L2_INTERFACEACCESS PORT EXAMPLE - MX PLATFORMS

node "mx12" { netdev_device { $hostname: }

netdev_l2_interface { "ge-5/0/3": untagged_vlan => Green } }

interfaces { ge-5/0/3 unit 0 { description "Puppet created netdev_l2_interface: ge-5/0/3"; family bridge { interface-mode access; vlan-id 101; } } }}

puppet enterprise for the network

vlan vlan

vlan description

juniper networks

vlan configuration netdev

puppet netdev module

interface assignments

native vlan

blue vlan

Technology

puppet enterprise - linux users' group of davis · puppet...

the value of puppet enterprise

puppet enterprise

introduction to puppet enterprise 5/5

red hat satellite june 25, 2015 and puppet enterprise ·...

what's new in puppet enterprise 2016.2 (emea)

using orchestration in puppet enterprise 3 - puppetconf 2013

lenovo network developer’s guide for lenovo network...

it automation with puppet enterprise

introducion to puppet enterprise

what's new in puppet enterprise 2016.1 4/19

introduction to puppet enterprise 2016.5

intro to puppet enterprise

puppet in the enterprise

what's new in puppet enterprise 2016.1

introduction to puppet enterprise 2016.1 (uk)

introduction to puppet enterprise 01/29/16.pptx

take a fresh look at new puppet enterprise

puppet enterprise 1.0 manual

puppet conf 2012 - managing network devices with puppet