Download - Infrastructure as Code for Network
![Page 1: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/1.jpg)
Infrastructure as CodeDamien Garros, Technical Marketing Engineer
![Page 2: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/2.jpg)
2 © 2016 Juniper Networks, Inc. All rights reserved.
• What is Infrastructure as Code ?• Tips and Tricks to Get Started• Demo• How to get started
Agenda
![Page 3: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/3.jpg)
What is Infrastructure as Code ?
![Page 4: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/4.jpg)
4 © 2016 Juniper Networks, Inc. All rights reserved.
Infrastructure as code represent the idea that everything needed to run an infrastructure can be
consider as Software
and as such can leverage development
technics for Collaboration, Deployment and Continuous
Integration.
![Page 5: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/5.jpg)
5 © 2016 Juniper Networks, Inc. All rights reserved.
CI/CD for Networks
![Page 6: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/6.jpg)
6 © 2016 Juniper Networks, Inc. All rights reserved.
CI/CD for Networks
CI/CD what ??
![Page 7: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/7.jpg)
7 © 2016 Juniper Networks, Inc. All rights reserved.
CI/CD Pipeline for Software Development
Code Build Test Deploy Monitor
Dev
CIContinuous Integration
CDContinuous Deployment
![Page 8: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/8.jpg)
8 © 2016 Juniper Networks, Inc. All rights reserved.
What is the impact ? • Customers who embraced this
new way of building infrastructure for servers observed:
200x more
frequent deployment
24x faster
recovery from failure
3x lower
change failure rate
2.5x Shorter
lead time
Source: 2016 State of Devops Report (from puppet)
![Page 9: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/9.jpg)
9 © 2016 Juniper Networks, Inc. All rights reserved.
Infrastructure as Code is about
Operation Efficiency
Who is not interested to operate the network more efficiently ?
![Page 10: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/10.jpg)
10 © 2016 Juniper Networks, Inc. All rights reserved.
Fall 2016 NetDevOps Survey
Series1
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
18% are already in production60% are thinking about it or evaluating it
Infrastructure as code
![Page 11: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/11.jpg)
Example of Workflows
![Page 12: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/12.jpg)
12 © 2016 Juniper Networks, Inc. All rights reserved.
Version ControlVirtual Lab
Master
Feature B
Looks good please can you add description
Done
Approved
Approved
Virtual Lab1 – Create virtual topology2 – Deploy new configurations3 – Run all tests
Report tests result
Pull Request
Example of workflow
Production
Configuration store in version control
New branch for each modification
1
2
Pull request for each modification3
Review process as part of pull request
Automated test as part of pull request
4
5
Delete virtual env once report is available
6
Deploy in production when pull request is merged
7
Deploy
Validate
![Page 13: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/13.jpg)
13 © 2016 Juniper Networks, Inc. All rights reserved.
Infrastructure as Code is a Journey
• There is not only one story for Infrastructure as Code
• All aspects may or may not be present• Only Change control is mandatory
Start small and evolve from there
![Page 14: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/14.jpg)
14 © 2016 Juniper Networks, Inc. All rights reserved.
Infrastructure as Code is a Journey
Infrastructure as CodeNetwork
Continuous DeliveryAutomated Deployment
Generate and deploy configuration automatically
Run continuous tests in your network to identify
issue as quickly as possible
Test/Validate your changes
before deploying them in production
![Page 15: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/15.jpg)
15 © 2016 Juniper Networks, Inc. All rights reserved.
Change Control
Version controlReview process
Virtual Lab
Build Virtual Lab on demand
TestTest network device statusContinuous integration
Telemetry
Collect,Visualize and Correlate
Config Automation
Templatize and automate configuration
Event Driven
Actively monitor events
Infra As
Code
Infrastructure as code / Building Block
Mandatory
![Page 16: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/16.jpg)
16 © 2016 Juniper Networks, Inc. All rights reserved.
Compelling for all customers
Change Control
Virtual Lab
Test
Telemetry
Config Automation
Event Driven
Conservative Early Adopter
![Page 17: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/17.jpg)
Tips and Tricksto Get Started
![Page 18: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/18.jpg)
Change Control
![Page 19: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/19.jpg)
19 © 2016 Juniper Networks, Inc. All rights reserved.
ScriptsCode
Device configuration
Documentation
Bug tracker
Everything is moving to Github or Gitlab
![Page 20: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/20.jpg)
20 © 2016 Juniper Networks, Inc. All rights reserved.
Fall 2016 NetDevOps Survey
Series1
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
60% are already in production34% are thinking about it or evaluating it
Git
![Page 21: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/21.jpg)
21 © 2016 Juniper Networks, Inc. All rights reserved.
Change Control - fundamentalsGithub or Gitlab
Master
Feature B
Looks good please can you add description
Done
Approved
Approved
Pull Request
Branch Master always represent what is deployed in production.
Every change must be proposed using a Pull Request
Change can be discussed and adjusted before being merged
![Page 22: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/22.jpg)
22 © 2016 Juniper Networks, Inc. All rights reserved.
Why is Git so popular ?
GIT Subversion CVS
![Page 23: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/23.jpg)
23 © 2016 Juniper Networks, Inc. All rights reserved.
Why is Git so popular ?
Enable CollaborationAcross Team
Without losing ownership
![Page 24: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/24.jpg)
24 © 2016 Juniper Networks, Inc. All rights reserved.
Collaboration Platforms
Git
Issue Tracker
DocsWiki
Release mgmt
DockerThird party Doc
Code Coverage Ansible
CI/CD
Pull Request
Stats
Build-In Ecosystem
![Page 25: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/25.jpg)
Continuous Integration
![Page 26: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/26.jpg)
26 © 2016 Juniper Networks, Inc. All rights reserved.
Continuous Integration
Travis-CI External tools that will execute some tests for EACH change/commit:
1. Download the project2. Setup Environment3. Run tests4. Report results in Github/GitlabGitlab-CI
![Page 27: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/27.jpg)
27 © 2016 Juniper Networks, Inc. All rights reserved.
Gitlab-CI – setupstages:
- test- deploy
before_script: - pip install -r requirements.txt - pip install -q ansible
generate_config: stage: test script:
- ansible-playbook pb.generate.config.yaml
deploy_config: stage: deploy script:
- ansible-playbook pb.conf.all.commit.yaml
.gitlab-ci.yaml• Configuration defined inside the project with a config file (.gitlab.yaml)
• Can define a pipeline of stages and actions for each stage
• Some stages can be applicable to some branches only
![Page 28: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/28.jpg)
28 © 2016 Juniper Networks, Inc. All rights reserved.
Validate
Deploy
Gitlab-CI – Infrastructure as Code Pipeline
Test
Build
• Validate new configurations on physical lab or virtual lab
• Validate that network is behaving properly after new configurations have been deployed
• Deploy New configurations in production environment
• Create new configurations, make sure
BranchMaster
Only
![Page 29: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/29.jpg)
Config Automation
![Page 30: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/30.jpg)
30 © 2016 Juniper Networks, Inc. All rights reserved.
Configuration Generation Project
Configuration Generation Project• A project to generate
configurations is mainly composed of :– Templates– Variables– Scripts/Playbooks
Templates Variables
junos-system.j2bgp.j2Acl.j2
Interfaces nameDevice namesMgmt IPIP addressesEtc ..
ScriptsPlaybooks
deploy_configcheck_connectivity
![Page 31: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/31.jpg)
31 © 2016 Juniper Networks, Inc. All rights reserved.
1 project – multiple environments
Lab Production
• Between environments, templates are shared but some variables and playbooks can be different
• Everything need to be tested and if there are too many environment specific variables, the chance to not find a bug increase.
Configuration Generation
Project
Shared Templates
Lab Vars Prod VarsShared Var
Lab Pbs Prod PbsShared Playbooks
![Page 32: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/32.jpg)
32 © 2016 Juniper Networks, Inc. All rights reserved.
Topology Independent w/ Ansible
• Topology file name defined in the inventory file under the variable “topology_file
• File loaded with pre_tasks in each playbook
hosts.ini
Playbooks
![Page 33: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/33.jpg)
33 © 2016 Juniper Networks, Inc. All rights reserved.
Topology Independent w/ Ansible
• Centralize information related to physical topology
• Access these information from other files by using variable name
sample-topology.yaml
host_vars/fabric-01/underlay.yaml
![Page 34: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/34.jpg)
34 © 2016 Juniper Networks, Inc. All rights reserved.
Topology Independent / Inventory w/ Ansible
ansible-playbook -i pre-production.ini pb.conf.all.commit.yaml
ansible-playbook -i production.ini pb.conf.all.commit.yaml
![Page 35: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/35.jpg)
Virtual Lab
![Page 36: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/36.jpg)
36 © 2016 Juniper Networks, Inc. All rights reserved.
The VMs itself is not enough
On-Premise
Cloud
When building a virtual lab for testing, the VM itself is not enough.
We need to have a solution to : • Create the topology, L1/L2 links• Spin up and down devices, • Configure devices etc … • Assign IP addresses
Ravello System
Vagrant
![Page 37: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/37.jpg)
37 © 2016 Juniper Networks, Inc. All rights reserved.
What is Vagrant ?
A tool for building and distributing virtualized environment
Open Source and modular
VagrantfileDefine what type of VM/BoxDefine the physical topology
Vagrantcloud
Automatic download
Provisioning
OpenStackHypervisor
VM App Store
![Page 38: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/38.jpg)
38 © 2016 Juniper Networks, Inc. All rights reserved.
Ravello System
• Layer 2 ‘data-center-like’ networking• Easy replication through Blueprint• Public IP for all VMs • Isolated Networking• Self-service & on-demand access • Unlimited capacity• Usage based pricing • Scalable• Robust REST APIs
Cloud Based Virtual Lab
Oracle Cloud
Google Compute Engine
AWS
![Page 39: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/39.jpg)
39 © 2016 Juniper Networks, Inc. All rights reserved.
Ravello - Automation
• Automate creation / deployment of virtual topologies on Ravello using Ansible
• Open Source library developed by Juniper
https://github.com/Juniper/ravello-ansible
![Page 40: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/40.jpg)
Demo
![Page 41: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/41.jpg)
41 © 2016 Juniper Networks, Inc. All rights reserved.
Demo / topologyspine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
• Physical network based on Spine/Leaf topology
• Each device has a unique ASN
• eBGP between all members
• Simple IP routing
![Page 42: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/42.jpg)
42 © 2016 Juniper Networks, Inc. All rights reserved.
Demo / building Bloc
Gitlab-CIGitlab vQFX
Change control Config
Virtual Lab Tests
![Page 43: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/43.jpg)
43 © 2016 Juniper Networks, Inc. All rights reserved.
Testing w/ Ansiblespine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
Testing is done using Ansible
• Check Physical layer– Check all interfaces are UP – Check LLDP neighbors
• Check Underlay– Ping all neighbors– Check BGP status– Ping ANY2ANY between leaf
![Page 44: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/44.jpg)
44 © 2016 Juniper Networks, Inc. All rights reserved.
Testing w/ Ansiblespine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
• Testing is done using Ansible
• Check Physical layer– Check all interfaces are UP – Check LLDP neighbors
• Chech Underlay– Ping all neighbors– Check BGP status– Ping ANY2ANY between leaf
![Page 45: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/45.jpg)
45 © 2016 Juniper Networks, Inc. All rights reserved.
Gitlab-CI pipeline
NonMasterBranch
MasterBranch
![Page 46: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/46.jpg)
How to Get Started
![Page 47: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/47.jpg)
47 © 2016 Juniper Networks, Inc. All rights reserved.
What Professional Services Bring
Industry leading expertise in designing and implementing network automation
Delivering an integrated software framework for automation
Sharing knowledge throughout delivery
Maintaining rigor so that projects are delivered on time and within budget
Knowledge Transfer & Customer Focus
Network Design, Implementation and Testing Expertise
Open Source Framework Expertise
Project Management
![Page 48: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/48.jpg)
48 © 2016 Juniper Networks, Inc. All rights reserved.
Network Automation Services
Network Automation Services
PS Practice
Software DefinedNetworking
Core & Edge
Cloud & Data Center
Security
Design Deploy AuditTest
Design Automation
Automated Deployment
TestAutomation
Audit Automation
![Page 49: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/49.jpg)
Thank you
![Page 50: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/50.jpg)
50 © 2016 Juniper Networks, Inc. All rights reserved.
Get Started with examples online
Ravello
Ansible Library to automate Ravellohttps://github.com/Juniper/ravello-ansibleExample of Project to build an IP fabric on Ravello using Ansiblehttps://github.com/dgarros/rav-ipfabric-demo
![Page 51: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/51.jpg)
51 © 2016 Juniper Networks, Inc. All rights reserved.
Get Started with examples online
AnsibleAnsible project to configure and test an IP Fabric + EVPN/VXLANhttps://github.com/JNPRAutomate/ansible-junos-evpn-vxlan Playbook to check physical and underlay layer using Ansiblehttps://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yamlhttps://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yaml
![Page 52: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/52.jpg)
52 © 2016 Juniper Networks, Inc. All rights reserved.
Get Started with examples online
Telemetry / OpenNTIOpen Source Telemetry Collector for Telemetry, Netconf and Event (syslog)https://github.com/Juniper/open-nti
Fluentd plugin for Juniper Telemetry Streaminghttps://github.com/JNPRAutomate/fluent-plugin-juniper-telemetry
![Page 53: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/53.jpg)
53 © 2016 Juniper Networks, Inc. All rights reserved.
Associated products/tools (1/2)
Change control
Version controlReview process
Github/GitlabTravis-CIJenkins
Virtual Lab
Build virtual Lab on demand
vMX/vQFX/vSRXRavelloVagrantJunosphere
TestTest network device statusContinuous integration
JSNAPyPyezNITARobot FrameworkAnsible
![Page 54: Infrastructure as Code for Network](https://reader034.vdocuments.us/reader034/viewer/2022042618/589c414f1a28abec478b6c7b/html5/thumbnails/54.jpg)
54 © 2016 Juniper Networks, Inc. All rights reserved.
Associated products/tools (2/2)
Telemetry
Collect,Visualize and Correlate
JTIOpenconfigNetconfOpenNTIKapacitorThird party integration
Config Automation
Execute more automated tests
AnsibleSaltstackPyezNetconf
Event Driven
SaltstackjEDI