managing your cisco datacenter network with ansible

Managing Your Cisco Datacenter Network with Ansible

Fabrizio MaccioniTechnical Marketing [email protected]@fabrimaccioni

2© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Session Objective:Abstract

As IT organizations adopt the cloud strategy to build agile data centers, they realize the need to move fast and drive higher levels of innovation.

One of the key components is automation for reliable provisioning and management of the datacenter network.

Join us as we discuss how Ansible can be leveraged to manage your Cisco data center network.


Session NOT Objective:

Explain what Ansible is

Try to sell Ansible and/or Cisco gear

Deep dive on Ansible modules

AgendaWhat problems are we trying to solve?

Ansible Overview on Cisco Nexus

Cisco Nexus before Ansible 2.0

New features introduced in Ansible 2.0

References and Joint RedHat/Ansible/Cisco initiatives


Why?“I can spin up servers in minutes with my Ansible Playbooks,

why does it take orders of magnitude more to spin up and affect change on my Network Elements?”

“IT Organizations using configuration management tools deploy 30x more frequently with 200x shorter lead times;

they have 60x fewer failures and recover 168x faster”

2015 State of DevOps Report


ServicesNetwork

Data Center Automation and IT CollaborationToday: Serialized Configuration and Management

SUCCESSFUL DEPLOYMENT

SlowError Prone

ApplicationsCompute

ApplicationRequirements


ServicesNetwork

Data Center Automation and IT CollaborationToday: Serialized Configuration and Management

SUCCESSFUL DEPLOYMENTApplicationsCompute



Access

Core

DC Network TransformationLegacy 3 tiers Architecture

Aggregation


Leaf

Spine

Huge Fabrics: many Spines and 100s Leaves

DC Network TransformationModern Fabrics Architecture

Border Leaf


ScaleConsistency

L3



Ansible and Cisco: Better Together

Huge Fabrics: many Spines and 100s LeavesNetwork, Servers and Applications Configurations managed by Ansible

… Cisco UCS

Cisco Nexus Fabric


Why Ansible?

• Everybody talks about Ansible!! • Streamlined and Fast• Yaml is easy• Good Documentation• Agentless!• Agentless!!• Agentless!!!

Must be cool!!

https://clusterhq.com/assets/pdfs/state-of-container-usage-june-2015.pdf

Which container orchestration toolsare you considering?


(Via SSH/HTTP[S])

(Via ssh)

Ansible Overview on Cisco NexusHow Ansible Typically Works

CLI


Show clock

NXAPI Web Server(NGINX)

{"jsonrpc": "2.0","method": "cli","params": {

"cmd": "show clock","version": 1

},"id": 1

}

{"jsonrpc": "2.0","result": {"body": {

"simple_time": "15:00:37.762 PST Mon Aug 18 2014\n"}

},"id": 1

}

HTTP / HTTPS

Switch(config)# feature nxapi

Ansible Overview on Cisco NexusTechnology Enabler: NX-API


Ansible Overview on Cisco NexusNXAPI Web Sandbox (1) Point browser to IP Address of Network Element

(2) Enter CLI Commands

(2) See formatted input as you type (3) See formatted output in json/xml

(3) Click POST (4) Generate Python script


System

Physical

eth1/1, eth1/2…

BGP

BGP router ID, peers…

ARP

ARP entries

VRF

VRF instances

Ansible Overview on Cisco NexusObject Model


System

BgpEntity BgpInstance BgpDomain BgpPeer

BgpLocalASN

BgpPeerAf

BgpPeerEntry

L1PhysIf

ethpmPhysIf ethpmPortCap

L1Load

L1StormControl

Globally unique identifier for an object in the database

Naming rule on http://developer.cisco.com


sys/bgp/inst/dom-default/peer-[192.168.0.2]sys/phys-[eth1/1]/phys/portcap


Python API

BashTCL

CLI(VSH)

NGINIX Server

Data Management Engine

Netconf

Transport: SSHData: XML

Object Store

SNMP Agent

SNMPNX-APIREST

NetconfClient

BGP LACP ACL QoSVLAN

Transaction Commit Status: Success/Raise Fault

1


NX-APICLI


Ansible Overview on Cisco NexusObject Model: Native vs Open Models

Data Management Engine

Transport: SSHData: XML

Object StoreBGP LACP ACL QoSVLAN

Transaction Commit Status: Success/Raise Fault

NX-APIREST

Model Mapping


Cisco Nexus before Ansible 2.0how to

1. Install pycsco Open Source Library

2. Clone nxos-ansible Ansible Modules Repository

And follow instructions at https://github.com/jedelman8/nxos-ansible

3. Test some Playbookshttps://github.com/jedelman8/nxos-ansible/tree/master/test-playbooks


Command SNMP groupSNMP Server SNMP Community SNMP user

Interface VTP VLAN

AAA server AAA Server host

ACL

Copy

DirFeature File Copy

Get Facts

Get Interface

Get IPv4 Interface Get Neighbors HSRP IGMP

NTP Switchport VPC

UDLD

Cisco NX-OS Configuration

Cisco Nexus before Ansible 2.0Modules

https://github.com/jedelman8/nxos-ansible/tree/master/library


Cisco Nexus before Ansible 2.0Sample Playbook: VLAN configuration




New features introduced in Ansible 2.0References and Joint RedHat/Ansible/Cisco initiatives


New features introduced in Ansible 2.0Key Features

• New Nexus Core Modules!!nxos_config Manage Cisco NXOS configuration sectionsnxos_command Run arbitrary command on Cisco NXOS devicesnxos_template Manage Cisco NXOS device configurations over SSH or NXAPI

• Support for different transportsSSH and NX-API

• Several new useful Optionsdelegate_to, waitfor, force, backup, retries, before/after and more!


New features introduced in Ansible 2.0Key Features

• IOS/IOS-XE and IOS-XR Core Modules• ios_config Manage Cisco IOS configuration sections• ios_template Manage Cisco IOS device configurations over SSH


New features introduced in Ansible 2.0How to

1. Install pycsco Library

2. Clone nxos-ansible Repository

3. Follow instructions at https://github.com/jedelman8/nxos-ansible

Test some Playbookshttps://github.com/ansible/test-nxos.git


New features introduced in Ansible 2.0 Sample Playbook


ServicesNetwork

Cisco And Ansible: Better Together

SUCCESSFUL DEPLOYMENTApplicationsCompute


ACCELERATE APPLICATION DEPLOYMENT

Open NX-OS

Open Ecosystem

Ansible Native Support


References

Ansiblehttp://docs.ansible.com/ansible/list_of_network_modules.html

GitHubhttps://github.com/datacenter https://github.com/datacenter/opennxos

https://github.com/datacenter/nxos-ansible

Cisco§ http://www.cisco.com/go/ansible


http://developer.cisco.com

Cisco Open Initiative: DevNet

CommunityDeveloper SupportEvents


Joint RedHat/Ansible/Cisco initiatives

1. RedHat/Ansible Press Release, February

2. Ansible on Cisco Nexus Webinar, March

3. Cisco Modules update

4. Ansible on Cisco Nexus White Paper

5. More to come…

Ansible Modules


Managing Your Cisco Datacenter Network with Ansible

Fabrizio MaccioniTechnical Marketing [email protected]@fabrimaccioni