vagrant up for network engineers - clnv.s3.amazonaws.com · vagrant up for network engineers do it...

vagrant up for Network EngineersDo it like they do on the Developer Channel!

Hank Preston, NetDevOps Evangelistccie 38336, R/S@hfpreston

DEVNET-1365

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#DEVNET-1365

• Vagrant 101

• Hands On: Your first vagrant up!

• Hands On: Vagrant + Ansible

• Discuss: Multi-Node Topologies

• How to do it yourself!

Agenda

Lab Preparation


Setup your laptop

• Clone the Repository

• Setup Python Virtual Environment

$ cd ~/code/ciscolive_workshops/devnet-1364

$ source labsetup.sh

$ ls –l

README.md iosxr_example

hands_on_1 nxos_example

hands_on_2 requirements.txt

hands_on_3 venv

DEVNET-1365 6

Vagrant 101


Development Environments Made Easy

• Open Source Develop Tooling by HashiCorpwww.vagrantup.com

• Simple configuration file stored with code

• “easy to configure, reproducible, and portable work environments”

• Multi-Platform for both guest and host

lab\ $ vagrant init iosxe/16.6.1

lab\ $ vagrant up

Bringing machine 'default' up with 'virtualbox'

provider...

==> default: Importing box 'iosxe/16.6.1'...

==> default: Forwarding ports...

default: 830 (guest) => 2223 (host)




lab\ $ vagrant ssh

csr1kv#

DEVNET-1365 8

http://www.vagrantup.com/


Key Terms and Concepts

• Vagrantfile

• Configuration file for vagrant

• Box

• Base images for different individual environments

• Provider

• Virtualization technology used by vagrant

• Default is VirtualBox, many other supported

lab\ $ ls

Vagrantfile

lab\ $ vagrant box list

centos/7 (virtualbox, 1611.01)

ubuntu/trusty64 (virtualbox, 20160323.0.0)

iosxe/16.6.1 (virtualbox, 0)

iosxr/6.1.2 (virtualbox, 0)

nxos/7.0.3.I6.1 (virtualbox, 0)

lab\ $ vagrant status

Current machine states:

default running (virtualbox)

DEVNET-1365 9


Vagrant Commands• vagrant init box name

• Initialize a new Vagrantfile in a directory

• vagrant up / halt / destroy

• Start, stop, and delete an environment

• vagrant resume / suspend

• Pause and restart an environment

• vagrant ssh [machine]

• Connect via SSH to a running environment

• vagrant port

• View the nat’d ports for the environment

• vagrant provision

• Re-run configured provisioner (eg Ansible)

lab\ $ vagrant suspend

==> default: Saving VM state and suspending

lab\ $ vagrant resume

==> default: Resuming suspended VM...

lab\ $ vagrant port

830 (guest) => 2223 (host)

22 (guest) => 2222 (host)

lab\ $ vagrant ssh

csr1kv#

• vagrant box list

• Display list of available boxes

• vagrant status / global-status

• Display current status of environments

DEVNET-1365 10


Vagrantfile Basics (for Network Devices)

# -*- mode: ruby -*-

# vi: set ft=ruby :

Vagrant.configure("2") do |config|

# Every Vagrant development environment requires a box. You can search for

# boxes at https://atlas.hashicorp.com/search.

config.vm.box = "iosxe/16.6.1"

config.ssh.insert_key = false

# Create a forwarded port mapping which allows access to a specific port

# within the machine from a port on the host machine.

config.vm.network "forwarded_port", guest: 830, host: 2223, id: "netconf"

config.vm.network "forwarded_port", guest: 80, host: 2224, id: ”http"

config.vm.network "forwarded_port", guest: 443, host: 2225, id: "restconf-ssl"

# Create a private network, which allows host-only access to the machine

# using a specific IP.

config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false


end

* Simplified and edited sample

Box Name

Don’t insert Vagrant public

key. Recommended

Forward local ports for

API/App access. SSH is forwarded by default

Create environment

networks.”eth1” connected to host by

default

Note: Vagrant Boxes can include default settings

DEVNET-1365 11

Hands On 1: Your first vagrant up!


Initialize your Vagrantfile

• View available boxes

• Initialize new Vagrant File

lab\ $ cd hands_on_1/

hands_on_1\ $ vagrant box list

hands_on_1\ $ vagrant init iosxe/16.06.02

hands_on_1\ $ open Vagrantfile

DEVNET-1365 13


Let’s add more interfaces!

• Open Vagrantfile

• Add 2 Interfaces to Configuration

• Specific positioning in file is irrelevant

• * Must be within |config| block



# Create a private networks



end


cp Vagrantfile.solution Vagrantfileor

DEVNET-1365 14


Start a Vagrant Environment

• Start environment

• Connect to running switch

hands_on_1\ $ vagrant up

hands_on_1\ $ vagrant ssh

DEVNET-1365 15


Explore the Vagrant Environment

• Baseline Configurations

• Logins – User / Cert

• APIs

• Interfaces

• Make an API Call

# Run from Vagrant Environment (ie vagrant ssh)

csr1kv#sh run aaa

csr1kv#sh run | sec pubkey-chain

csr1kv#show run int Gig1

csr1kv#sh run | inc conf

# Exit from Vagrant Environment

hands_on_1\ $ python netconf_example1.py

DEVNET-1365 16


Do some configuration

• Configure interface details on GigabitEthernet2 using NETCONF

• Verify

hands_on_1\ $ python netconf_example3.py

.

.

<?xml version="1.0" encoding="UTF-8"?>

<rpc-reply

xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"

message-id="urn:uuid:6e622605-29d8-="

xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">

<ok/>

</rpc-reply>

hands_on_1\ $ vagrant ssh

csr1kv#sh ip int bri

Interface IP-Address

GigabitEthernet2 10.255.255.1

DEVNET-1365 17


Build a new Base Box Template

• vagrant up and customize

• vagrant halt -f to shut down

• vagrant package to build new box

• Include default Vagrantfile to ease use

• vagrant box add to make available

hands_on_1\ $ vagrant halt -f

hands_on_1\ $ vagrant package \

--output Custom_IOS_XE.box \

--vagrantfile embedded_vagrantfile_xe

hands_on_1\ $ vagrant box add iosxe/custom1 \

Custom_IOS_XE.box

hands_on_1\ $ mkdir custom_box

hands_on_1\ $ cd custom_box

hands_on_1\ $ vagrant init iosxe/custom1

DEVNET-1365 18


Review Sample Embedded VagrantfileVagrant.configure(2) do |config|

config.vm.synced_folder '.', '/vagrant', disabled: true

# Give IOS XE 400 seconds to come up

config.vm.boot_timeout = 400

# Port 830 is XE NETCONF

config.vm.network :forwarded_port, guest: 830, host: 2223, id: 'netconf', auto_correct: true

# Port 80 is XE HTTP

config.vm.network :forwarded_port, guest: 80, host: 2224, id: 'http', auto_correct: true

# Port 443 is XE RESTCONF / SSL

config.vm.network :forwarded_port, guest: 443, host: 2225, id: 'restconf-ssl', auto_correct: true

config.ssh.forward_agent = true

config.ssh.guest_port = 22

config.ssh.insert_key = false

config.vm.guest = :other

# turn off the check if the plugin is installed

if Vagrant.has_plugin?("vagrant-vbguest")

config.vbguest.auto_update = false

end

.

end

* Simplified and edited sampleDEVNET-1365 19


Destroy Hands on Demo 1

• Destroy this environment hands_on_1\ $ vagrant destroy

DEVNET-1365 20

Hands On 3: Provisioning


Come on... Really “vagrant ssh” and “config t”?!?

• “Infrastructure as Code” dictates entire configuration in code

• Building multiple box versions for variations = template sprawl

• Human error in manual configurations

• There has to be a better way…

DEVNET-1365 22


Vagrant Provisioners

• Run with vagrant up

• Install software

• Alter configurations

• Run commands/code

• Types

• Shell, Ansible, Puppet, Chef, Docker, Salt, CFEngine…


# ... other configuration

config.vm.provision "shell" do |s|

s.inline = "echo hello"

end

end

DEVNET-1365 23


Hands On 3 Directory

• Move to Hands On 3

• Start the “vagrant up” process now so it runs while we discuss

hands_on_1\ $ cd ../


hands_on_3\ $ ls

Vagrantfile

host_vars

hosts

ansible_provision.yaml

netconf_interface_template.j2


hands_on_3\ $ vagrant up

DEVNET-1365 24


hands_on_3/VagrantfileVagrant.configure("2") do |config|

# Every Vagrant development environment requires a box. You can search for

# boxes at https://atlas.hashicorp.com/search.


# Create a private network, which allows host-only access to the machine

# using a specific IP.

# config.vm.network "private_network", ip: "192.168.33.10"

config.vm.network :private_network, virtualbox__intnet: "link1", auto_config

config.vm.network :private_network, virtualbox__intnet: "link2", auto_config

# Enable provisioning with Ansible shell script.

config.vm.provision "ansible" do |ansible|

ansible.playbook = "ansible_provision.yaml"

ansible.inventory_path = "./hosts"

end

end


• Specify provisioning details in the file

• For Ansible, specify hosts file

• Used for config details

DEVNET-1365 25


hands_on_3/hosts[vagrant]

default ansible_python_interpreter="/usr/bin/env python"

* Partial Playbook for screen display

• Ansible inventory file

• Specify interpreter to link to Python Virtual Environment

DEVNET-1365 26


hands_on_3/ansible_provision.yaml---

- name: Provision IOS XE Devices

hosts: all

connection: local

tasks:

- name: Pause to complete boot

pause:

seconds: 5

- name: Configure NETCONF and RESTCONF

ios_config:

provider:

host: "{{mgmt_ip}}"

port: "{{ssh_port}}"

username: "{{username}}"

password: "{{password}}"

lines:

- netconf-yang

- netconf-yang cisco-odm polling-enable

- restconf

- ip http server

- ip http secure-server

register: output_interfaces


• Ansible Playbook defines configuration

• Several options to use

• ios_config, ios_command, etc

• netconf_config

DEVNET-1365 27


hands_on_3/host_vars/default.yaml---

mgmt_ip: 127.0.0.1

netconf_port: 2223

ssh_port: 2222

username: vagrant

password: vagrant

interfaces:

- interface_type: GigabitEthernet

interface_id: 2

description: Link 2 - Configured by Ansible with Vagrant

ip_address: 192.168.100.20

subnet_mask: 255.255.255.0

- interface_type: GigabitEthernet

interface_id: 3

description: Link 3 - Configured by Ansible with Vagrant

ip_address: 192.168.101.20

subnet_mask: 255.255.255.0


• Host specific details

• Vagrant network intricacies require explicit ip and port info

DEVNET-1365 28


Vagrant Uphands_on_3\ $ vagrant up

Bringing machine 'default' up with 'virtualbox' provider...

==> default: Machine booted and ready!

==> default: Running provisioner: ansible...

default: Running ansible-playbook...

PLAY [Provision IOS XE Devices] ************************************************

TASK [Configure NETCONF and RESTCONF] ******************************************

ok: [default]

TASK [Configure Interfaces] ****************************************************

changed: [default] => (item={u'subnet_mask': u'255.255.255.0', u'interface_type

u'GigabitEthernet', u'ip_address': u'192.168.100.20', u'description': u'Link

by Ansible with Vagrant', u'interface_id': 2})

changed: [default] => (item={u'subnet_mask': u'255.255.255.0', u'interface_type

u'GigabitEthernet', u'ip_address': u'192.168.101.20', u'description': u'Link

by Ansible with Vagrant', u'interface_id': 3})

PLAY RECAP *********************************************************************

default : ok=5 changed=1 unreachable=0 failed=0


• After device fully “up” provisioning runs

DEVNET-1365 29


Verify device provisioned properlyhands_on_3\ $ vagrant ssh

csr1kv#show ip int bri

Interface IP-Address OK? Method Status Protocol

GigabitEthernet1 10.0.2.15 YES DHCP up up

GigabitEthernet2 192.168.100.20 YES other up up

GigabitEthernet3 192.168.101.20 YES other up up


• Trust, but verify

DEVNET-1365 30


Destroy Hands on Demo 3

• Destroy this environment hands_on_3\ $ vagrant destroy

DEVNET-1365 31

Discuss: Multi-Node


Hands On 2 Directory

• Move to Hands on 2 hands_on_1\ $ cd ../


hands_on_2\ $ ls

Vagrantfile


DEVNET-1365 33


Multi-Node VagrantfileVagrant.configure("2") do |config|

# Node 1: IOS XE Device

config.vm.define "iosxe1" do |node|

node.vm.box = "iosxe/16.06.02"

# Gig2 connected to link1

# Gig3 connected to hosts1

# auto-config not supported.

node.vm.network :private_network, virtualbox__intnet: "link1", auto_config

node.vm.network :private_network, virtualbox__intnet: ”hosts1", auto_config

end

# Node 2: IOS XE Device

config.vm.define "iosxe2" do |node|

node.vm.box = "iosxe/16.06.02"

# Gig2 connected to link1

# Gig3 connected to hosts2

# auto-config not supported.

node.vm.network :private_network, virtualbox__intnet: "link1", auto_config

node.vm.network :private_network, virtualbox__intnet: ”hosts2", auto_config

end

end


• Configuration for multiple nodes

• Different boxes supported

• Network them together!

DEVNET-1365 34


Vagrant Up$ vagrant up

Bringing machine 'iosxe1' up with 'virtualbox' provider...

Bringing machine 'iosxe2' up with 'virtualbox' provider...

==> iosxe1: Preparing network interfaces based on configuration...

iosxe1: Adapter 1: nat

iosxe1: Adapter 2: intnet


==> iosxe1: Forwarding ports...

iosxe1: 830 (guest) => 2223 (host) (adapter 1)




==> iosxe1: Machine booted and ready!

==> iosxe2: Importing base box 'iosxe/16.6.1'...

==> iosxe2: Fixed port collision for 830 => 2223. Now on port 2200.




iosxe2: Adapter 1: nat



==> iosxe2: Forwarding ports...

==> iosxe2: Machine booted and ready!

* Simplified and edited sampleDEVNET-1365 35


Checkout the Vagrant Environment

• Check status of machines

• vagrant ssh name

(venv2) hands_on_2\ $ vagrant status

Current machine states:

iosxe1 running (virtualbox)

iosxe2 running (virtualbox)

This environment represents multiple VMs. The VMs

are all listed above with their current state. For

more information about a specific VM, run `vagrant

status NAME`.

(venv2) hands_on_2\ $ vagrant ssh iosxe1

csr1kv#exit

(venv2) hands_on_2\ $ vagrant ssh iosxe2

csr1kv#exit

DEVNET-1365 36


Impact on host system

• Each node takes resources

• Switches/Routers aren’t small VMs

• Monitor Memory Usage

DEVNET-1365 37

Lab Cleanup


Vagrant Commands

• Make sure all environments destroyed

$ vagrant global-status

# Move to the parent directory of lab

$ cd ~/coding/temp

# Delete lab directory

$ rm –Rf vagrant_net_prog

DEVNET-1365 39

The right tool for the right job…


Network Testing and Dev Options

DEVNET-1365 41


When and Why to Use Vagrant

• Modern Development Tool

• Run everything local

• Few dependencies

• Independent Environments

• Ship with Code Samples

• Test and experiment with APIs

DEVNET-1365 42


When NOT to use Vagrant

• Large topologies

• Data Plane important

• Multiple simultaneous developers

• Long running tests

DEVNET-1365 43

How to do it yourself!

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46DEVNET-1365

Getting Started with Vagrant On Your Own

• Install Vagrant https://www.vagrantup.com/downloads.html

• Create Your Own Boxes for Cisco IOS XE, IOS XR, and Open NX-OS• https://github.com/hpreston/vagrant_net_prog

• Go to box_building/README.md

• Simple instructions and scripts to create Boxes from available resources (ie from CCO)• **Some downloads require entitlements

https://www.vagrantup.com/downloads.html

https://github.com/hpreston/vagrant_net_prog


[email protected]

@hfpreston

http://github.com/hpreston

@CiscoDevNet

facebook.com/ciscodevnet/

http://github.com/CiscoDevNet

Got more questions? Come find me!

DEVNET-1365 47

mailto:[email protected]

http://twitter.com/hfpreston

http://github.com/hpreston

http://twitter.com/CiscoDevNet

http://facebook.com/ciscodevnet/

http://github.com/CiscoDevNet


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#DEVNET-1365


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

DEVNET-1365 50

Thank you

vagrant up for network engineers - clnv.s3.amazonaws.com · vagrant up for network engineers do it...

Documents