Programmatic way to configure and monitor Networking devices

1. DEVOPS IN NETWORKING
Presenter Name: Sreenivas Makam
Presented at: Devops Days India
Presentation Date: Nov 4, 2016

2. About me
• Senior Engineering Manager at Cisco Systems Data Center
group
• Author of “Mastering CoreOS”
https://www.packtpub.com/networking-and-
servers/mastering-coreos/ )
• Docker
Captain(https://www.docker.com/community/docker-
captains )
• Blog: https://sreeninet.wordpress.com/
• Code hacks: https://github.com/smakam
• Linkedin: https://in.linkedin.com/in/sreenivasmakam
• Twitter: @srmakam

3. What is Devops in Networking?
Programmatic way to
configure and monitor
Network devices

4. Devops in Networking - Motivations
• SDN technologies centered around splitting control, data and
management plane.(eg: Cisco ACI, Vmware NSX, ODL)
• Maturity of server automation tools. Tools like Ansible, Puppet, Chef are
used for network automation.
• Availability of Routers for modeling(eg: Cisco CML/VIRL, Arista vEoS)
• Availability of Cloud routers(eg: Cisco CSR1000v, Brocade vRouter,
Juniper’s vSRX)
• White box switches (eg: Cumulus, Big Switch) exposing Linux OS.
Traditional switch vendors are also exposing Linux OS in few of their
products.
• Opensource projects like Opendaylight, ONOS, OVS, Opencompute in the
Networking space.
• Container networking demanding simplicity
• Cloud providers and big enterprises getting into networking space (eg:
Amazon, Google, Facebook, LinkedIn)

5. Devops in Networking – Use cases
Configuration:
• Network wide L2/L3 configuration like vlans, routing
protocols
• Configuring services like firewall, load balancers
• Declarative configuration rather than imperative
Monitoring:
• Check cable mismatches
• Inventory checking
• Performance monitoring
• Check for error counters and thresholds
• Analytics

6. Devops Networking Roadmap
Past
• Telnet, ssh access
• Use CLI and parse raw text output.
• SNMP is used for monitoring.
Present
• Use CLI or API with CLI underneath, get formatted json/xml output.
• Use Python libraries and Ansible modules for abstraction.
• REST access for CLI. (Eg) Cisco's NXAPI, Arista's Pyapi.
• Examples of API libraries: Pycsco, Pyeapi, pyjunos, NAPALM
Future
• Model driven APIs
• Use Yang models with REST/netconf/restconf/grpc transport
• Models used for both configuration and monitoring
• SDN Controllers using common YANG models.

7. Devops in Networking Ecosystem
Devops in
Networking
Cisco, Juniper,
Arista, Cloud
Devices, etc
Tools
Ansible, Chef,
Puppet,
Postman
Languages
Shell Scripting,
Python, Pyang
library, Jinja2
templating
Protocols
ssh, SNMP,
Netconf, REST,
restconf, grpc
Models
Mib, YANG
Data types
xml, json,
yaml
Groups
Openconfig,
IETF, odl, onos

8. Python Library and Ansible example
Read and Create vlans from Arista Device:
# start by importing the library
import pyeapi
# create a node object by specifying the node to work with
node = pyeapi.connect_to('veos01')
run_conf = node.running_config
print 'RUNNING CONFIG'
print run_conf
version_out = node.enable('show version')
print 'VERSION output', version_out
print 'My System MAC address is',
version_out[0]['result']['systemMacAddress']
# Get vlan endpoint
vlans = node.api('vlans')
# Get and print all vlan
vlan_out = vlans.getall()
print 'current vlans', vlan_out
# Create new vlan 1000
vlans.create(1000)
# Get and print all vlan
vlan_out = vlans.getall()
print 'current vlans', vlan_out
Get LLDP neighbors using Ansible from Cisco device:
Get_neighbors.yml:
---
- name: get neighbor data
hosts: 3k-grp1
connection: local
gather_facts: no
tasks:
- name: get neighbors
nxos_get_neighbors: type=cdp host={{ inventory_hostname }}
Execute playbook:
$ ansible-playbook get-neighbors.yml
PLAY [get neighbor data]
******************************************************
TASK: [get neighbors]
*********************************************************
ok: [n3k1]
ok: [n3k2]
PLAY RECAP
***********************************************************
*********
n3k1 : ok=2 changed=1 unreachable=0 failed=0
n3k2 : ok=2 changed=0 unreachable=0 failed=0

9. YANG model
OSPF YANG model:
module example-ospf {
namespace "http://example.org/netconf/ospf";
prefix ospf;
import network-types { // Access another module's def'ns
prefix nett;
}
container ospf { // Declare the top-level tag
list area { // Declare a list of "area" nodes
key name; // The key "name" identifies list members
leaf name {
type nett:area-id;
}
list interface {
key name;
leaf name {
type nett:interface-name;
}
leaf priority {
description "Designated router priority";
type uint8; // The type is a constraint on
// valid values for "priority".
}
leaf metric {
type uint16 {
range 1..65535;
}
}
leaf dead-interval {
units seconds;
type uint16 {
range 1..65535;
}
}
}
}
}
}
OSPF XML representation based on YANG model:
<ospf xmlns="http://example.org/netconf/ospf">
<area>
<name>0.0.0.0</name>
<interface>
<name>ge-0/0/0.0</name>
<!-- The priority for this interface -->
<priority>30</priority>
<metric>100</metric>
<dead-interval>120</dead-interval>
</interface>
<interface>
<name>ge-0/0/1.0</name>
<metric>140</metric>
</interface>
</area>
<area>
<name>10.1.2.0</name>
<interface>
<name>ge-0/0/2.0</name>
<metric>100</metric>
</interface>
<interface>
<name>ge-0/0/3.0</name>
<metric>140</metric>
<dead-interval>120</dead-interval>
</interface>
</area>
</ospf>

10. References
• Networking Devops blogs
(https://sreeninet.wordpress.com/category/devopsnet/)
• Openconfig github(https://github.com/openconfig/public)
• Jason’s blog(http://jedelman.com/)
• Data field day videos
(https://www.youtube.com/playlist?list=PLinuRwpnsHadcSz4jqt5p0_dUZ
hRRGqVg)
• INOG presentation (http://jedelman.com/home/openconfig-restconf-
and-automated-cable-verification-at-inog9/)
• YANG model repository(https://github.com/YangModels/yang)
• Pyang(https://github.com/mbj4668/pyang)
• NAPALM (https://github.com/napalm-automation/napalm)
• Pycsco (https://github.com/jedelman8/pycsco)
• Pyeapi (https://github.com/arista-eosplus/pyeapi)