network automation - pc.nanog.org€¦ · – network automation lead – owns the automation...
TRANSCRIPT
![Page 1: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/1.jpg)
Network Automation: Do I Need Expensive Vendor Tools To Do
Meaningful Automation?
1
P. Moore NANOG 72
February 20, 2018
![Page 2: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/2.jpg)
Agenda • Orchestration Domains • An Onramp To Automation • Open Source Tools • Use Cases Considered • Case Studies • Conclusions
2
![Page 3: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/3.jpg)
Orchestration Domains 3
Service
Device
Service
Device
IT&OSSSystems
Templates
Service Models v1,v2,v3…
Day0,Day1…
ChangeManagement
Service Lifecycle
Device Lifecycle
ConfigDriftandCompliance
ServiceManagement
ServiceStandards
ConfigStandards
DeviceTurnUp
ServiceOrderManagement
Operational Models + + WF
![Page 4: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/4.jpg)
4
4. Services – Model-based Service
Management 3. Policy
– Model-based Policy Management 2. Maintenance
– Leverage Device Management to automate MOPs
1. Device (Foundational) – Configuration Management Device
Maintenance
Policy
Services
Domains Build Upon Each Other
![Page 5: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/5.jpg)
5
Domains Build Upon Each Other
Templates
Models
Day0,Day1…
CLI/Scripts
Orchestration Service&PolicyLifecycle
VNF – VMs
VNF – Cloud Native
Stage 0
Stage 1
Stage 2
Stage 3
Stage 4
Stage 5
OpenConfig
YANGTO
SCA Device
Images
DeviceLifecycle
Service&Policy
Managem
ent
ServiceLifecycle
MAN
OOpenStack
VMWareClouds
KubernetesDocker
Automation Level Data Model Operations Activities
Manual/Script
YAML
![Page 6: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/6.jpg)
6
Automation Onramp • Address this on 3 fronts:
– People: who will own network automation?
– Process: define how you will manage the automation work
– Platform: define the tools you will use
• Define your use cases thoroughly – “It is ALL about the use case!”
• Crawl > Walk > Run – start simple and expand • “Evolve and Accelerate!”
![Page 7: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/7.jpg)
7
Evolve then Accelerate
AU
TOM
ATIO
N C
APA
BIL
ITIE
S
TIME
Evolve
CLI Scripts Playbooks
Templates Runbooks
Models
Orchestration
Now Workflow
![Page 8: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/8.jpg)
8
People Who will own network automation? • Dedicated Group? Not necessary unless you are looking to put a
very formal program in place • Roles Required:
– Network Automation Lead – owns the automation efforts and works to remove roadblocks with other departments, vendors, etc.
– Automation Designer – defines the work to be done, tools to use, workflow/steps of automation, and acts as technical lead
– Engineer – works with the Designer to build the automation – Subject Matter Experts (SME) – provides knowledge in specific
technology areas • All roles may be filled by a single person in some cases, or may be
4 or more people in larger operations
![Page 9: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/9.jpg)
9
Process: The Automation Factory Define how you will manage the automation work • Submission of automation requests • Prioritization of which efforts to undertake • Execution of automation efforts
![Page 10: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/10.jpg)
10
Platform Define the tools you will use • Use tools you already have • Leverage open source tools
– Ansible & AWX – OpenDaylight, ONAP, etc. – Puppet, Chef, Salt, etc.
• Leverage vendors where the value makes sense
![Page 11: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/11.jpg)
11
Examples: Tools • Ansible, Salt, Chef, Puppet, OpenDaylight
– Playbook scripting
– YAML, YANG, NETCONF
• AWX, Tower, ONAP – Playbook Management
– Workflow
• Bitbucket, Github, etc. – Playbook versioning
– Config versioning (including diff)
![Page 12: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/12.jpg)
12
Use Cases for Examples
• Config Management – Backup
– Config Diff
• MOP Automation – Sub interface turn up
– OS Upgrade
![Page 13: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/13.jpg)
13
Examples: Tool Architecture
Device
BitbucketAWX
Ansible
Playbooks
Configs
Bitbucket manages: • Playbooks • Configs
AWX provides GUI based: • Simple Workflow • Playbook Management • Job Management • Simple Inventory
Ansible is the execution engine underneath AWX to communicate with devices
![Page 14: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/14.jpg)
14
Example: Config Backup
Leveraging Bitbucket: • Repository for
configs • History of
changes to configs • Ability to view
previous configs • Ability to see diffs
between current version and previous versions
![Page 15: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/15.jpg)
15
Example: Config Diff
Diff examples showing items removed from config, as well as inserted or changed
![Page 16: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/16.jpg)
16
Sub-interface Turn Up: Playbook
Your Playbooks should be: • Variablized for reuse
purposes • Specific to a use case • Broken into smaller
executable “chunks” – even if you could combine more functions into the single playbook – for reuse purposes
![Page 17: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/17.jpg)
17
Sub-interface Turn Up: Job Template
AWX allows for: • Definition of Templates
for jobs • Management of
credentials for network access
• Management of simple inventory of devices
![Page 18: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/18.jpg)
18
Sub-interface Turn Up: Workflow
Pre-Checks
Post-Checks
FalloutAction
FalloutRollback
PortTurnUp
UpdateSystems
![Page 19: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/19.jpg)
19
Device OS Upgrade: Playbook
Example of a Playbook for OS Upgrade: • This Playbook leverages the NTC-Ansible module
that can be found at: • https://github.com/networktocode/ntc-
ansible • The example Playbook, and more detail, can be
found at: • http://anastarsha.com/automating-cisco-device-
upgrades-with-ansible/
![Page 20: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/20.jpg)
20
Extensible Architecture
Devices
BitbucketAWX
Ansible
Playbooks
Configs
NetworkAutomationPlatform
Orchestrators(NFV,Data
Center,Cloud,etc.)
Controllers(ODL,Contrail,
etc.)
APIs APIsAPIs
OSS&Other
![Page 21: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/21.jpg)
21
More Sophisticated Workflow
More advanced automation platforms allow for: • Sophisticated workflows • Cross tool workflows (e.g.
Ansible, Puppet, Chef, Cisco NSO, etc.)
• Custom forms and apps to enable more complex automations
![Page 22: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/22.jpg)
Questions?
22
![Page 23: Network Automation - pc.nanog.org€¦ · – Network Automation Lead – owns the automation efforts and works ... – Puppet, Chef, Salt, etc. • Leverage vendors where the value](https://reader034.vdocuments.us/reader034/viewer/2022052407/5b5c70497f8b9aa1428c2a43/html5/thumbnails/23.jpg)
• Network to Code Slack Channel: https://networktocode.herokuapp.com/ • Network To Code Ansible Module:
https://github.com/networktocode/ntc-ansible
• Automating IOS Upgrades with Ansible: http://anastarsha.com/automating-cisco-device-upgrades-with-ansible/
23
References