Very Good Read
Very Good Read
Very Good Read
Fabrizio Maccioni
BRKRST-2673
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Agenda
• Introduction
• Model Driven Telemetry
• Application Hosting
• Configuration Management
Tools
• DevNet
• Conclusion
4
Introduction
5
Why automation and programmability?
hostname switch1
int g0/0
ip address 10.1.1.11/24
vlan 100,200,300
.
Needs to configure
Administrator
.
.
hostname switch6
int g0/0
ip address 10.1.1.16/24
vlan 100,200,300
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
“By 2020, networking personnel with experience in
Ansible, Python and/or integrating systems via APIs
will receive a 30% salary premium (on
average) over those with only CLI-based skills.”
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
IOS XE 16.x: Intent-based Network OS
standards-based APIs
IOS XE 16.x
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
IOS XE 16.x: Intent-based Network OS
INTENT CONTEXT
optimized for enterprise networks
standards-based APIs
IOS XE 16.x
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
IOS XE 16.X enables…
Cisco Solutions 3rd Party Integration DIY Solutions
DNA Center Standards Based Interoperability Custom Development
Model Driven Model Driven
Programmability Telemetry
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
IOS XE 16.X enables…
Cisco Solutions 3rd Party Integration DIY Solutions
DNA Center Standards Based Interoperability Custom Development
Model Driven Model Driven
Programmability Telemetry
Cisco Catalyst 9000 BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Multiple Approaches: Turn-Key or Build Your Own?
Turn Key DIY & 3rd Party
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Model Driven Telemetry
12
IOS XE
16.6.1
12
Problem Statement:
Legacy Mechanisms Insufficient for Programmatic Environments
SNMP
syslog
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Automation not easy with SNMP and CLI
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Why this matters now
OPENSOURCE
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Model Driven Telemetry
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Model Driven Telemetry
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Pull vs Pull Architecture
Vs
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Model Driven Telemetry
Collector
Open Native
Interfaces
Device Features
SNMP
Physical and Virtual Network Infrastructure Interface BGP QoS ACL …
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Model Driven Telemetry
tcollector
Collector
Interfaces
Device Features
SNMP
Physical and Virtual Network Infrastructure Interface BGP QoS ACL …
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Quick APIs
Refresh
20
BRKRST-2673
A fre
R
PI sh
e
s
Configuration Management Today
CLI CLI
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
A fre
R
PI sh
e
s
Configuration Management Today
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
A fre
R
PI sh
e
Open Programmable APIs
s
CLI
Parser
Device Features
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
A fre
R
PI sh
e
Open Programmable APIs
s
Simplified View
CLI
Parser
Device Features
Device
Interface BGP QoS ACL … Features
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
A fre
R
PI sh
e
Open Programmable APIs
s
Simplified View
CLI
Parser
Data Model YANG Models
Device Features
Device
Interface BGP QoS ACL … Features
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
A fre
R
PI sh
e
Open Programmable APIs
s
Simplified View
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
A fre
R
PI sh
e
s
Data Models
Interface Model definition
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
A fre
R
PI sh
YANG Models
e
s
YANG Models
XML Payload
Data
Gig 1/0/1
“CL rocks!”
enabled
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
A fre
R
PI sh
e
s
Protocols Comparison
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
A fre
R
PI sh
e
XML vs JSON vs YAML
s
lightweight, text-based, language-independent data interchange formats
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
A fre
R
PI sh
e
XML vs JSON vs YAML
s
lightweight, text-based, language-independent data interchange formats
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
A fre
R
PI sh
NETCONF definition
e
s
“NETCONF is a protocol defined by the IETF to install, manipulate, and delete the
configuration of network devices”
SSH Transport
2006 2011
https://tools.ietf.org/html/rfc6241
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
A fre
R
PI sh
e
NETCONF Highlights
s
• Transactional
• Either all configuration is applied or nothing
• Avoids inconsistent state
• Both at Single Device and Network-wide level
• Error Management
• OK or error code
• Capability Exchange
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
A fre
R
PI sh
e
s
REST vs RESTCONF: not the same!
RESTCONF IOS XE
16.8.1
API PUT
Configuration and Operation
DELETE
Device Features
SNMP
Interface BGP QoS ACL …
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
RESTCONF Operations
compared to NETCONF
RESTCONF NETCONF
<get-config>, <get>
GET
<edit-config> (operation=“create”)
POST
<edit-config> (operation=“create/replace”)
PUT
<edit-config> (operation=“delete”)
DELETE
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
A fre
R
PI sh
e
s
IOS XE
gNMI and gRPC 16.8.1
gNMI gRPC
Google
Google
Network Management Interface Remote Procedure Call
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
A fre
R
PI sh
e
s
gNMI Operations
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
A fre
R
PI sh
e
s
YANG Models and Tools
Presentation ID © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
A fre
R
PI sh
e
s
YANG Models and Tools
https://github.com/YangModels/yang/tree/master/vendor/cisco
Presentation ID © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
A fre
R
PI sh
e
s
YANG Models and Tools
https://github.com/YangModels/yang/tree/master/vendor/cisco https://github.com/mbj4668/pyang
Presentation ID © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
A fre
R
PI sh
e
s
YANG Models and Tools
https://github.com/YangModels/yang/tree/master/vendor/cisco https://github.com/mbj4668/pyang
https://github.com/CiscoDevNet/yang-explorer
Presentation ID © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
A fre
R
PI sh
e
s
YANG Models and Tools
https://github.com/YangModels/yang/tree/master/vendor/cisco https://github.com/mbj4668/pyang
https://github.com/CiscoDevNet/yang-explorer https://developer.cisco.com/site/ydk/
Presentation ID © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
MDT Subscription
Publications
34
Presentation ID
IOS XE
Network Subscription 16.6.1
Instruction on:
• What data to collect
• Where to send it and how
• How often
Collector
subscription
subscription service
subscriber
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Network Subscription
Subscription Publication
Device Features
SNMP
Interface BGP QoS ACL …
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
Types of Subscriptions
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Types of Subscriptions
On-change
Event occurs
Subscriber
asynchronous notification
Publisher
Datastore
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Types of Subscriptions
Periodic On-change
Push Tree every ‘X’
secondsdata
Continuous Event occurs
Subscriber Subscriber
Publisher Publisher
Datastore Datastore
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Model Driven Telemetry Operations Examples
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Periodic subscription
t t t t t t t
Counters / Measures
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Periodic subscription RPC
Filter
Period
Xpath-filter:
• XML Xpath filter defining the data object to which you want to subscribe.
Period:
• The time period, in centiseconds (1/100th of a second), between push updates
containing the subscribed information
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
RPC reply
OK
ID
Notification result:
• useful for error handling
Subscription-id:
• ID assigned to the subscription
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
IOS XE
On-change subscription 16.8.1
t t t t t t t
Filter
dampening-period
Xpath-filter:
• XML Xpath filter defining the data object to which you want to subscribe.
Dampening Period:
• Send immediately on change
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Verify subscription by CLI or…
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Verify subscription by CLI or…
show telemetry ietf subscription all brief
brief
ID
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Verify subscription by CLI or…
show telemetry ietf subscription all brief
brief
Filter
Period
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
…by APIs
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
…by APIs
ng
e r.ya
<get> RPC t-op
E -md
IOS-X
c o-
Cis
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
…by APIs
ng
e r.ya
<get> RPC t-op
E -md
IOS-X
c o-
Cis
RPC Reply
ID
Period
Filter
Preferred Solution: Type
• error handling
• structured XML data
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Delete subscription
Subscriptions can be deleted in two ways:
• Send a delete-subscription RPC with the subscription ID (Preferred)
• Close/disconnect the Netconf session
All subscriptions created over this session will be deleted
delete-subscription RPC
ID
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Model Driven Telemetry Demo
47
Model Driven Telemetry in-a-box Demo
Ubuntu VM
IETF Client
NETCONF
YANG
Cisco Catalyst
9300 BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Model Driven Telemetry in-a-box Demo
Ubuntu VM
3
IETF Client
Publications Subscriptions
2 1
NETCONF
YANG
Cisco Catalyst
9300 BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Model Driven Telemetry Recap
✔ Telemetry Push
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Model Driven Telemetry Recap
IOS XE
16.6.1
✔ Telemetry Push
IOS XE
16.8.1
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Application Hosting
50
IOS XE
16.8.1
Application Hosting
50
Networking today...
Catalyst 9000
Unified Platform
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Fog Computing, intelligence at the Edge
Unified Platform
CLOUD
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Fog Computing, intelligence at the Edge
Unified Platform
EDGE/FOG
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Cases enabled by App Hosting
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Container Basics & Terminology
}
App A App B
• Virtual Machine
Bins/Libs Bins/Libs
GBs
Guest OS Guest OS
Includes application, binaries & libraries, an
Hypervisor
entire guest OS.
Host OS
Server
• Docker Container
format for Linux containers that makes the App A
Bins/Libs
App B
Bins/Libs
} MBs
process of creating and maintaining containers
Docker Engine
easier. Host OS
Server
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Container Basics & Terminology
}
App A App B
• Virtual Machine
Bins/Libs Bins/Libs
GBs
Guest OS Guest OS
Includes application, binaries & libraries, an
Hypervisor
entire guest OS.
Host OS
Server
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOS XE
Application Hosting
Application Hosting in Enterprise Platforms
IOS
Custom
Control
Plane App
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Hosting in Enterprise Platforms
This Session
VMAN Cisco Application Framework (CAF)/IOx
IOS
Custom
Control
Plane App
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Hosting Framework
External Management Interfaces Coming
Soon
REST
REST
REST
CLI Local Manager
REST
VM VM LXC LXC
Custom
App
Kernel Kernel
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Demo
IOx Management Interfaces: DNA-Center @ WoS
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Demo
IOx Management Interfaces: DNA-Center @ WoS
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Enterprise Application
Standalone DNAC Automated DNAC Integrated
Infrastructure programmability and
Infrastructure programmability and
Infrastructure programmability hosting services, with DNA Center
hosting services, with DNA Center
and hosting services only provided automation, assurance, APIs,
provided automation, assurance, APIs
and DNA Center integrated UI/UX
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Enterprise Application
Standalone DNAC Automated DNAC Integrated
Infrastructure programmability and
Infrastructure programmability and
Infrastructure programmability hosting services, with DNA Center
hosting services, with DNA Center
and hosting services only provided automation, assurance, APIs,
provided automation, assurance, APIs
and DNA Center integrated UI/UX
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
App Hosting
Enterprise Platforms
App Hosting Enterprise Platforms
Future
• ISR4K
ISR4321, ISR4331, ISR4351, ISR4431, ISR4451
• ASR1K Future
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
FY
Cat9k HW Resources
I
App Hosting
Total Total
Core
Max
Platform Memory
CPU
Spedd
Storage USB Storage
(GB) Cores (GHz) (GB) Memory CPU
M2 SATA
Cores USB 2.0 USB 3.0
(GB) units Storage
(front) (back)
Catalyst 2 1 5032 8 120 N/A
8 4 1.8 120
9300
240
Catalyst
16 4 2.4 960 8 1 7400 8 N/A 480
9400
960
Catalyst
16 4 2.4 120 8 1 7400 8 120 N/A
9500
*Apps CANNOT be installed into the flash, they need to be installed in USB/SATA storage. Note: Guestshell has access to the flash
** Cisco advise not to use Front Panel USB ports for App Hosting. Caveats, it is the only option available in IOS XE 16.8.1
** Support for USB 3.0 and SATA SSD Storage for App Hosting is targeted for IOS XE 16.9.1
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Catalyst 9K– New External Storage Options
Cat 9300/9500 Cat 9400
Plug into
Back Panel
removable SUP
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Hosting: Virtual Port Group
VPG
• maps to a Linux bridge IP address
C9K
SVI interface of the Linux switch Container
vNIC 0
Container
vNIC 0 vNIC 0
VM
vNIC 1
SVI
Bridging Routing
vNIC 12.0.0.1/24
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Hosting: Virtual Port Group
VPG
• maps to a Linux bridge IP address
C9K
SVI interface of the Linux switch Container
vNIC 0
Container
vNIC 0 vNIC 0
VM
vNIC 1
vNIC 12.0.0.1/24
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
App Network Configuration
Virtual Port Group
1. config IOS XE
LXC/VM interfaces
console connection
2. connect to container
app-hosting connect appid wireshark console
Management interface
3. configure container
interfaces
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Applications list
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Applications list
App ID State
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Applications list
Type
App ID State
Resources
Network
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
HW Resources
show app-hosting resource
Storage
CPU
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application
Development
Anatomy of IOx an Application
IOx App
resource
network limit
console storage
Application
Descriptor
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Development Flow
Container
Workflow
rootfs
(ext2)
- artifacts.tgz
VM IOx Client - package.yaml
- package.mf
Workflow package.tar
Disk Img
(Qcow2)
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOx Application Descriptor: LXC workflow
App Info
Type: LXC
HW Resources
Application
Descriptor Network int
Startup
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
IOx Application Descriptor: KVM workflow
App Info
Type: VM
HW Resources
Application
Descriptor Network int
qcow2 image
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Cases
Demoed
Performance Monitoring @ CL
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Traffic Analysis VPG
VM int
IOX VM-202
IOS XE
Config
eth1
ERSPAN
VPG
30.30.30.10
30.30.30.1/24 G1/0/45 UCS int
Cat9K ERSPAN
G1/0/45 G1/0/46
vlan 30 vlan 30
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Traffic Analysis VPG
VM int
IOX VM-202
IOS XE
Config
eth1
ERSPAN
VPG
30.30.30.10
30.30.30.1/24 G1/0/45 UCS int
Cat9K ERSPAN
G1/0/45 G1/0/46
vlan 30 vlan 30
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Hosting Demo
PerfSonar GUI
78
Application Hosting Demo WoS
Demo
PerfSonar GUI
78
App Hosting Recap
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
App Hosting Recap
IOS XE
16.8.1
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
Configuration
Management
Tools
80
Configuration Management Tools
“Automate device configuration in a consistent fashion at scale”
Desired State
(Intent)
Main Benefits:
• Automated provisioning • Facts
• Consistency • Version control (infrastructure as code)
• Declarative Intent • Open Source
• Idempotency
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Configuration Management Tools
“Automate device configuration in a consistent fashion at scale”
configuration
Main Benefits:
• Automated provisioning • Facts
• Consistency • Version control (infrastructure as code)
• Declarative Intent • Open Source
• Idempotency
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
Most Popular Configuration Management Tools
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
Most Popular Configuration Management Tools
Enterprise Customers
Focused
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
Configuration Management Tools Comparison
FY
I
Software
Python Ruby Ruby Python
Language
Script
Playbook Manifest
Recipe
SLS Formula
names Role Module Cookbook
Open Source
any server Puppet Master Chef Server Salt Master
Management
Enterprise Salt Stack
Ansible Tower Puppet Enterprise
Management Enterprise
http://docs.ansible.com/
https://puppet.com/blog/ https://
ansible/latest/ https://docs.chef.io/
Get Started intro_getting_started.ht how-get-started-puppet- quick_start.html docs.saltstack.com/en/
beginners-guide getstarted/overview.html
ml
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
Architecture: agent vs agent-less
Intent Intent
Device Features
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Architecture: agent vs agent-less
Intent Intent
LXC: Linux Container BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Architecture: agent vs agent-less
Intent Intent
CLI
Intent NETCONF
config CLI
NETCONF RESTconf gRPC
Puppet
Agent Parser
Data Model
LXC: Linux Container BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Architecture: agent vs agent-less
TODAY
Intent Intent
CLI
Intent NETCONF
config CLI
NETCONF RESTconf gRPC
Puppet
Agent Parser
Data Model
LXC: Linux Container BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Architecture: agent-less + APIs
North Star
Intent
All Platforms
Device Features
* not committed by ISV (independent software vendor) © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
Architecture: agent-less + APIs
FY
I
North Star
Intent
All Platforms
Device Features
* not committed by ISV (independent software vendor) © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
86
Ansible Strengths
http://www.meetup.com/AnsibleSF/events/232761994/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Ansible Strengths
• Everybody talks about Ansible!!
• Simple to install and get started
• Written in Python
• Servers, Application and Networking
• Roles, Variables, Templates
http://www.meetup.com/AnsibleSF/events/232761994/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Ansible Strengths
• Everybody talks about Ansible!!
• Simple to install and get started
• Written in Python
• Servers, Application and Networking
• Roles, Variables, Templates
• Agentless!
• Agentless!!
• Agentless!!!
http://www.meetup.com/AnsibleSF/events/232761994/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Ansible Installation and Configuration Reference
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
Ansible Install
http://docs.ansible.com/ansible/latest/intro_installation.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
Ansible Configuration File
http://docs.ansible.com/ansible/latest/intro_configuration.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
Ansible Inventory
• groups [<group-name>]
• Optional parameters
nested groups
host parameter
group parameter
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
Ansible Device Authentication based on keys
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
Ansible Device Authentication based on Passwords
Many Options
• Inventory file
[all:vars]
username=cisco
password=cisco
• External variable file
• Environment Variables
export ANSIBLE_NET_USERNAME=cisco
export ANSIBLE_NET_PASSWORD=cisco
• Ansible command line
ansible-playbook ios_banner.yaml -u admin -k
• Ansible Vault
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Ansible Taxonomy
Role
Playbook
Play
Task
Module
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Ansible Taxonomy
Role
• Role: a set of Playbooks (repeatable standard config)
Playbook
• Playbook: a YAML file with one or more Plays
Play
• Play: a set of tasks
Task
• Task: single action that references a module
Module
• Module: reusable, standalone scripts
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Ansible Playbook Example
http://docs.ansible.com/ansible/latest/YAMLSyntax.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Ansible Playbook Example
Playbook
http://docs.ansible.com/ansible/latest/YAMLSyntax.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Ansible Playbook Example
Playbook
Play
http://docs.ansible.com/ansible/latest/YAMLSyntax.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Ansible Playbook Example
Playbook
Play
Task
http://docs.ansible.com/ansible/latest/YAMLSyntax.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Ansible Playbook Example
Playbook
Play
Task
Module
http://docs.ansible.com/ansible/latest/YAMLSyntax.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Ansible Playbook Run
To run an playbook
ansible-playbook <playbook>.yaml [options]
Common options:
-u admin -k. username and password at runtime
-l 172.26.249.42 single or list of hosts
-i ./hosts overrides inventory files
-v verbose output
-vvvv connection debug
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Ansible Variables and Loops
Referenced as {{ variable }}
external file
Defined in many different ways: list example
• Environment variables
{{ inventory_hostname }}
• Defined in host_vars or group_vars
external file
./host_vars/172.26.249.48.yaml
./group_vars/ios-xe.yaml imported list
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
Ansible Templates
Playbook
interface list
te te file
• Based on Jinja2 pla era
tem gen
• Supports loops, conditions and more
• Implemented in the template module hostname
• Attributes:
mgmt int config
• src: template file
Loop
• dest: directory to store generated files Jinja2 Template
Range
http://docs.ansible.com/ansible/latest/playbooks_templating.html
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
ule
Ansible Documentation mod
loca
tion
• Ansible modules:
ansible-doc ios_vrf
mp les
exa
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
Ansible 2.4 Core Modules for IOS/IOS XE
https://docs.ansible.com/ansible/list_of_network_modules.html#ios
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Ansible 2.5
https://releases.ansible.com/ansible/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Ansible 2.5 New Core Modules for IOS/IOS XE
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
Ansible 2.5: new connections
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
Ansible 2.5: netconf connection
Ansible 2.4 Ansible 2.5
connection local
parameters
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
Ansible 2.5: Declarative Intent
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
Ansible Demo
107
108
Puppet: Agent-less Architecture for Networking
Linux Server
Cisco Catalyst
9300 BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
Puppet: Agent-less Architecture for Networking
Linux Server
NETCONF
YANG
Cisco Catalyst
9300 BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
Cisco Catalyst 9000 CI/CD with Puppet
CentOS VM
Cisco Catalyst BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
Cisco Catalyst 9000 CI/CD with Puppet
CentOS VM
1 Puppet code
Manifests
2 Checkpoint NETCONF
Save
3 Config 4 Validation 5
Config YANG
Cisco Catalyst BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
Cisco Catalyst 9000 CI/CD with Puppet
CentOS VM
1 Puppet code
Manifests
2 Checkpoint NETCONF
3 Config
Tech
Field
Day
1 Puppet code
Manifests
2 Checkpoint NETCONF
3 Config 4 Validation 5 Rollback
Tech
Field
Day
2.5
Desired State
(Intent)
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
Configuration Management Tools Recap
2.5
configuration
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
DevNet
113
Cisco DevNet
• Learning Labs
• Sandboxes
• API Documentation
• Python, YDK, REST
• And More!
https://developer.cisco.com/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
IOS XE on DevNet
https://developer.cisco.com/site/ios-xe/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
FY
IOS XE on DevNet
I
https://developer.cisco.com/site/ios-xe/
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
DevNet Cat9K Sandbox
Cat9K Sanbox
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
Cisco DevNet video course:
from understanding and using JSON, XML and YAML to Edge computing!
https://developer.cisco.com/video/net-prog-basics?utm_campaign=programmability-us&utm_source=ptwitter-engineer&utm_medium=devnet-video
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
FY
Cisco DevNet video course:
I
from understanding and using JSON, XML and YAML to Edge computing!
https://developer.cisco.com/video/net-prog-basics?utm_campaign=programmability-us&utm_source=ptwitter-engineer&utm_medium=devnet-video
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
Conclusion
118
Call to Action
BRKRST-2673 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
Q&A
120
Complete Your Online
Session Evaluation
• Give us your feedback and receive
UPDATE
a Cisco Live 2018 Cap by
completing the overall event
evaluation and 5 session
evaluations.
• All evaluations can be completed
via the Cisco Live Mobile App.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
Thank you
122