NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab

Cisco Confidential© 2015 Cisco and/or its affiliates. All rights reserved. 1
Network Service
Orchestrator (NSO)
Hands-on Lab
Juan Velez
Consulting Systems Engineer US Sales – juvelez@cisco.com
May 18th 2016
Guilherme Tuche
Consulting Systems Engineer US Sales – gtuche@cisco.com
TS-SP-17-I

Cisco Confidential 2© 2015 Cisco and/or its affiliates. All rights reserved.
Housekeeping Notes

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
House Keeping Notes – May 18th
Thank you for attending Cisco Connect Toronto 2016, here are a few housekeeping notes to ensure
we all enjoy the session today.
• WiFi SSID = CiscoLabs, password = CiscoLabs
• We will be using the Cisco dCloud Environment for all the labs. Please be sure you have internet
access using the provided credentials.
Please ensure your
cellphones / laptops are
set on silent to ensure
no one is disturbed
during the session
A power bar is available
under each desk in
case you need to
charge your laptop

• Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet
connection, and a cisco.com account
• Customers will have direct access to a subset of dCloud demos and labs
• Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared
with the customers (cisco.com user).
• Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com
credentials
• Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help
Customers now get full dCloud experience!

Agenda
The Lab will run from 8 am to 12 noon with a 15 minute intermission at 10 am
• Introduction to the lab
• Overview of Network Service Orchestrator (NSO)
• Installing NSO
• NSO Device Management
• NSO Service Management
• YANG Intro
• Service Design
• Conclusion

Introduction to the NSO Lab

dCloud access
• Use Cisco AnyConnect Already Installed on Your Laptop (Recommended)
OR
• Download and Install Cisco AnyConnect from Cisco.com
Get Cisco AnyConnect from the Cisco Support and Download page:
http://www.cisco.com/c/en/us/support/index.html
If you encounter issues, please choose another option listed.
OR
• Use the dCloud Browser Based Cisco AnyConnect
Click the Host URL to start this option: https://dcloud-rtp-anyconnect.cisco.com .
IMPORTANT: This option requires the latest version of Java and your web browser. Use this option only if
you cannot install the Cisco AnyConnect VPN Client on your laptop.

dCloud access
• Launch the Cisco AnyConnect client on your laptop
Use Host = https://dcloud-rtp-anyconnect.cisco.com
Attendee # User Name Password
1 v673user1 080aa2
2 v470user1 2b2c86
3 v403user1 323995
4 v877user1 c13aed
5 v241user1 6e69e9
6 v361user1 5272ef
7 v298user1 dcf8ea
8 v455user1 7b8ed9
9 v857user1 bbe854
10 v715user1 6813bb
11 v315user1 d02027
12 v211user1 1e2811
Attendee # User Name Password
13 v238user1 6f62e5
14 v330user1 47f40a
15 v13user1 1193d0
16 v438user1 46a040
17 v571user1 54f6d3
18 v247user1 1d87dd
19 v359user1 96ce28
20 v111user1 79e971
21 v885user1 82f0d8
22 v95user1 c3b673
23 v873user1 31d684
24 v132user1 42d1a5

Introduction to the NSO Lab
• You have been assigned a POD consisting of two servers
• Connect to your POD using the AnyConnect credentials in the previous slide
• Remote Desktop to the Windows server OR open SSH session directly to the NSO
server using Putty or equivalent directly from your laptop.
PC Workstation
IP address: 198.18.133.252
Username/Password: Administrator / C1sco12345
NSO Server - access via SSH
IP address: 198.18.1.79
Username/Password: cisco/ C1sco12345
OR

Cisco ConfidentialCisco Confidential© 2015 Cisco and/or its affiliates. All rights reserved. 10
NSO GUI
Mostly CLI will be used in lab
NSO CLI
Opens a PUTTY
session to NSO
WinSCP
For file transfers to/from NSO
Text Editors
Notepad++ & Sublime installed

Introduction to the NSO Lab: Connecting to your POD
• Lab is instructor-led, we will be guiding you through a set of steps
• There is no step-by-step written guide. We know this is the first contact with NSO for
several of you.
• Network devices are emulated using in-house emulator: VIRL
• PODs will be available for your access until noon on Friday
• By the end of the lab, we will show you how to access additional self-guided lab
examples
• You can contact the instructors for a “Meet the Engineer” slot if you need a deeper-dive

Overview of NSO

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13Cisco ConfidentialCisco Confidential© 2016 Cisco and/or its affiliates. All rights reserved. 13
Network Services Orchestrator (NSO)
Multi-Vendor Service Orchestration &
Network Automation for today’s
networks and NFV/SDN

• Part of Cisco acquisition of Tail-f
Tail-f was founded in 2005
Fully part of Cisco since July 9th 2014
• Re-branded NSO from NCS
• Multi-vendor Service Orchestration & Network
Automation
Service Orchestration for NFV/SDN (and today’s networks !)
Centralized Network Control – SDN
Based on industry standards Yang & Netconf
• 100+ customers world-wide
Almost all of the world’s largest network equipment vendors
Early NFV leadership – multiple deployments
• Target Markets
Service Providers
Cloud providers / Data Centers
Network Equipment Vendors
NSO At-a-Glance
 Disruptive Service Orchestration
software
 Reduces time & efforts to develop
& provision services in a Multi-
Vendor network
 Early leader in the fast-growing
NFV market
Blue Chip Customers
Tier1 SP
Japan
Tier1 SP
US

Agility : Model-Driven
Operation : Network Transaction
NSO At-a-Glance
OSS
Service Order
Minimal Device
Reconfigurations
NSO
Multi-vendor L1-L7 network

• Multi-vendor Service Orchestration &
Network Automation for existing & future
(SDN/NFV…) networks
• Single Pane of Glass for:
• L1-L7 networking
• Hardware Devices
• Virtual Appliances
• OpenFlow Switches
• All the above can be from any vendor :
Cisco, Juniper, ALU, Ericsson, Huwaei,
Ciena, Infinera, F5, A10, Brocade, Palo
Alto, Avaya, Sonus, Fortinet, etc…
NSO Key Features

• NSO provides abstractions based on
• Standard Data models (YANG RFC 6020)
for devices & services
• Transaction : ensures fail-safe operations &
network configuration accuracy
• Benefits
• No hard-coded assumptions/info about
services or devices
• Can be used for all types of services and all
types of network devices
• Automation can be based on accurate real-
time view of service and network state
NSO Key Features

NSO Zoom in Architecture
Source information is set at 12 points.
Service Manager
Multi-Vendor Network
Network
Engineer
EMS/NMS
NETCONF REST CLI Web UI SNMP
JAVA/Javascript/
Python
OSS/BSS
NSO
AAA Core Engine
NETCONF SNMP REST CLI WS
Network Element Drivers
Mapping
Logic
Templates
Fast Map
Device ManagerNotification ReceiverAlarm Manager
Openflow Switches
Service
Models
Package
Manager
Script API
Device
Models
Developer
API

NSO for Network Engineers – User Interfaces
Auto-rendered Web UI with powerful
extensibility features
Cisco or Juniper-style CLI for
network-wide configuration changes

NETCONF
Network management protocol specifically
designed to support service activation and
provisioning.
Encrypted, efficient transport
XML content transported over SSH+TCP.
Extensible
XML Namespaces make it possible to add e.g. new
RPC types or new table columns without breaking
existing applications.
Transactional
Configuration changes happen all-or-nothing and all-
at-once which simplifies network management
applications.
Network-wide
Can address multiple network elements in parallel to
implement network-wide transactions.
Text based data modeling language designed
for use with NETCONF.
Operator friendly
Easy to mimic existing human operator interfaces,
such as CLI and WebUI. Supports tables inside
tables.
Precise
Very precise and specific data definitions. Allowed
values could be “1..99 | 1300..1999 | none”. Explicit
about keys in tables.
Extensible
Define additional keywords in Yang with rigid syntax,
that standard compilers parse correctly. Additional
keywords used to generate code, documentation,
test cases, etc based on model.
Human readable
Non-programmers can read Yang models.
YANG

Installing NSO

System Requirements
• Check the distribution filename:
ncs-3.3.linux.x86_64.installer.bin
• Check your OS version:
Linux distributions
OS X
• Check the CPU archurecture:
x86_64 – 64-bit Intel x86 architecture
I686 - 32-bit Intel x86 architecture
• Java version (JDK 1.6 or higher)
• Apache ANT

Installing Cisco NSO
• Obtain distribution file:
ncs-3.3.darwin.x86_64.installer.bin
• It contains:
NSO, examples, documentation
NETSIM Network Simulator
• Run the installation
$ sh ncs-3.3.linux.x86_64.installer.bin ~/ncs/3.3
INFO Using temporary directory /var/… to stage NSO installation bundle
INFO Unpacked ncs-3.3 in /Users/tailf/ncs/3.3
INFO Found and unpacked corresponding DOCUMENTATION_PACKAGE
INFO Found and unpacked corresponding EXAMPLE_PACKAGE
INFO Generating default SSH hostkey (this may take some time)
INFO SSH hostkey generated
INFO Environment set-up generated in /Users/tailf/ncs-3.3/ncsrc
INFO NSO installation script finished
INFO Found and unpacked corresponding NETSIM_PACKAGE
INFO NSO installation complete

NSO Directories
ncs-3.3/
/home/cisco/ncs
bin/
lib/
doc/
web-server/
ncs-cdb/
ncs.conf
datacenter/
ncs-cdb/
ncs.conf
ncs-working/
ncs-cdb/
ncs.conf
ncs-2.9/
Project Directory
Installation Directory
Two directory types:
examples.ncs

Setup an NSO Project Runtime Directory
• Make sure binaries are added to your PATH: (You also added to .bashrc)
• Run the ncs-setup script:
• Creates a database directory ./ncs-cdb
• Creates a log directory ./log
• Creates an empty packages directory ./packages
• Creates a default ncs.conf
$ source ~/ncs/3.3/ncsrc
$ ncs-setup –-dest ~/ncs/ncs-working

Starting Cisco NSO
• Start the NSO daemon:
• Check if the deamon is running:
• Start the CLI (Cisco XR style):
• Start the CLI (Juniper style):
$ ncs
$ ncs --status
$ ncs_cli –C –u admin
$ ncs_cli -J –u admin

NSO Packages

Using Packages
• Make sure your package is in the right place
• The ./packages directory
• Don’t store anything else in the packages/ directory!
• Don’t keep “old” packages in the packages directory!

Using Packages
• Existing packages:
• NEDS ($NSO_DIR/packages/neds)
• Services ($NSO_DIR/packages/services)
• Tools ($NSO_DIR/packages/tools)
• Copy (or softlink) packages from the NSO installation:
cp -r $NSO_DIR/packages/neds/cisco-iosxr packages/
OR
ln –sF $NSO_DIR/packages/ned/cisco-iosxr packages/

Reloading Packages
• Check if all the required packages are loaded using show packages command
• Package reload can be forced using request packages reload command
• Package reload can be forced with starting NSO using —with-package-reload flag
admin@ncs> show packages package package-version
PACKAGE
NAME VERSION
----------------------
cisco-iosxr 3.0
discovery 1.0
admin@ncs> request packages reload
result Done
[ok][2014-10-14 14:17:06]

Using NETSIM

Netsim Overview
 ncs-netsim is a network devices simulation tool
 Used to test NSO with simulated devices
 Uses NED device packages
 A NED package contains netsim directory
 Represents device configuration and CLI
 The same YANG for models are used for
simulated and real devices
Netsim simulated devices
(ConfD)
Physical or virtual non-
simulated devices

Starting Simulated Devices
• Below example creates 3 Cisco IOS devices:
• Start the CLI (Cisco XR style):
$ ncs-netsim create-network <NED package> <#N devices> <Device Name Prefix>
$ ncs-netsim create-network packages/cisco-iosxr 3 c
$ ncs-netsim start
DEVICE c0 OK STARTED

Access Simulated Devices
• You can access the CLI of the simulated devices:
$ ncs-netsim cli-i c1
admin connected from 127.0.0.1 using console *
c1> enable
c1# show running-config
class-map m
match mpls experimental topmost 1
match packet length max 255
match packet length min 2
match qos-group 1
!
c1# exit

NSO Device Manager

Device Manager
 Is the heart of NSO
 NSO keeps a master copy of configuration in
CDB
 Network element drivers (NED) supports
different protocols:
 NETCONF
 SNMP
 CLI
 Generic NED (Java code)
Network Element Driver
Device Manager
Master Copy of
Configurations

NSO CLI
• In Operational mode, the CLI displays operational data stored in CDB (or live
data from the devices)
• In Configuration mode, the CLI displays network configuration data stored in
CDB
Operational Mode Configuration Mode
ncs# show devices device
devices device lb0
...
alarm-summary indeterminates 0
alarm-summary criticals 0
alarm-summary majors 0
alarm-summary minors 0
alarm-summary warnings 0
...
devices device www0
...
ncs# configure
ncs(config)# show full-configuration
devices device ce0
devices device ce0
address 127.0.0.1
port 10022
ssh host-key ssh-dss
…

Device Configuration Management

Synchronizing from Device
• Device Configurations in NSO and actual Device Configuration should
match
• After initial device discovery or import, it makes sense to synchronize
configurations from devices
sync-to
sync-from
check-sync
compare-sync
ncs# devices sync-from
sync-result {
device lb0
result true
}

Synchronizing from Device
• When a device has been configured out of band
• Clears up rogue configuration
• “dry-run” option available to check changes
sync-to
sync-from
check-sync
compare-sync
ncs# devices device c0 sync-to
result true
Change device
configuration over CLI.

Check Sync
• Check if a device has been configured out of band
• Check if a subset of managed devices has been configured out of band
ncs# devices check-sync
sync-result {
device ce0
result in-sync
}
...
ncs# devices device ce0..3 check-sync
devices device ce0 check-sync
result in-sync
result in-sync

Comparing Configuration
• Compare out-of-sync device configuration
ncs(config)# devices device c0 check-sync
result out-of-sync
info got: 290fa2b49608df9975c9912e4306110 expected:
ef3bbd344ef94b3fecec5cb93ac7458c
ncs(config)# devices device c0 compare-config
diff
devices {
device c0 {
config {
ios:snmp-server {
+ community foobar {
+ RW;
+ }
}
}
}
}

Displaying Configuration
• Display only new parts of configuration:
• Display full configuration:
admin@ncs(config)# show configuration devices device c0
devices device c0
description c0-PE
!
admin@ncs(config)#
admin@ncs(config)# show full-configuration devices device c0
devices device c0
address 127.0.0.1
port 10022
ssh host-key ssh-dss

Configuring Devices
• Configuration change happens after final commit statement
# ncs_cli --user=admin
admin@ncs# config
Entering configuration mode terminal
admin@ncs(config)#
admin@ncs(config)# devices device c0 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# devices device c1 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# devices device c2 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# commit
Commit complete.
admin@ncs(config)#

Rollbacks
• Every transaction has a corresponding rollback file:
$ ls logs/rollback*
$ more logs/rollback10008
admin@ncs# file show logs/rollback1000<TAB>
Possible completions:
<file to show> rollback10001 rollback10002 rollback10003
rollback10004 rollback10005 rollback10006 rollback10007
rollback10008
ncs(config)# rollback selective 1000<TAB>
Possible completions:
10001 2015-05-12 18:47:17 by system via system
10002 2015-05-12 18:50:10 by admin via cli
10003 2015-05-12 18:50:55 by admin via cli
10004 2015-05-12 18:50:55 by admin via cli

Rollbacks - examples
• Rollback Configuration is always most recent rollback file
• Rollback 3 latest transactions:
• Rollback only changes done in 3rd latest transaction:
• Rollback dhcp changes on asr0 in the 3rd latest transaction:
ncs(config)# rollback configuration
ncs(config)# rollback selective 10006
ncs(config)# rollback selective 10006 devices device asr0 config dhcp

Templates and Groups

Templates
• Used to apply snippets of configuration
Create template:
Apply to new or existing device:
What’s the difference?
admin@ncs(config)# devices template snmp-community config cisco-ios-xr:snmp-
server community tailfrocks RW
admin@ncs(config)# devices template snmp-community config cisco-ios-xr:snmp-
server community tailfrocks RW
ncs(config)# show configuration
ncs(config)# devices device c3 apply-template template-name snmp-community
ncs(config)# show configuration
ncs(config)# commit

Templates with Variables
• Variable needs to be provided with a value
ncs(config) devices template snmp-community-input config cisco-ios-xr:snmp-server community
{$COMMUNITY}
admin@ncs(config)# devices device c0 apply-template template-name snmp-community-input
Error: A variable value has not been assigned to: COMMUNITY
admin@ncs(config)#
admin@ncs(config)# devices device c0 apply-template template-name snmp-community-input
variable { name COMMUNITY value 'public' }
apply-template-result {
device c0
result ok
}
admin@ncs(config)# show configuration
devices device c0
config
cisco-ios-xr:snmp-server community public
!
!
admin@ncs(config)#

Policies
• The Device and Service models contain constraints that always must be true
• You might want to add constraints on run-time activity as well
• Example 1: a certain interface on the device must be ‚Up‘
• Example 2: Interface needs to have a description
ncs(config)# policy rule mgmt-if
ncs(config)# expr config/interface[name='m0'][status='Up’]
ncs(config)# foreach /devices/device
ncs(config)# error-message "Management Interface m0 on device {name} must be Up”
admin@ncs% commit
ncs(config)# show configuration policy rule mgmt-if
foreach /devices/device;
expr config/interface[name='m0'][status='Up'];
error-message "Management Interface m0 on device {name} must be Up”;

NSO Service Manager

YANG Intro

Basic YANG Statements
YANG Programming Equivalent Description
Leaf Variable Contains a single value of a specific type
Leaf-List Array Contains a list of values of the same type
Container Record Contains a single structure containing zero or more
values or other statements (hierarchy)
List Array of Records Contains a list of zero or more sets of values and
other statements (hierarchy)
Leafref Pointer Contains a link to another statement elsewhere in the
file

YANG Model Statements and Hierarchy
 Leaf: single value of a defined type
 Leaf-list: multiple values of the same
type
 List: multiple records containing at
least one leaf (key) and an arbitrary
hierarchy of other statements
 Container: groups other statements;
has no value
 Leafref: is a reference to another leaf
Container
Leaf
Container
Leaf-List
Container
List
Leaf
Container Leaf Leaf Leaf-Ref
Leaf
Leaf

YANG Model Statements and Hierarchy
 Statement characteristics:
 Name
 Type (e.g. string, uint32)
 Constraints:
 min-elements
 max-elements
 range
 key/unique
 leafref
 must
 when
 Statement content is enclosed within curly
brackets
 Each sub-statement is terminated by
semicolon
container car {
}
container v8_engine {
}
leaf-list cylinder-arrangement {
type string;
max-elements 8;
}
container other-parts {
}
list per-cylinder-parts {
}
leaf piston-diameter {
type uint32;
range "2000..9000";
}
container valves {
leaf number { … }
list position { … }
…
}

YANG Data Types

YANG Supports a Number of Data Types
Built-in Types Derived Types
Name Description
int8/16/32/64 Integer
uint8/16/32/64 Unsigned integer
decimal64 Non-integer
string Unicode string
enumeration Set of alternatives
boolean True or false
bits Boolean array
binary Binary BLOB
leafref Reference
identityref Unique identity
empty No value, void
union Choice of member types
instance-identifier References a data tree node
typedef my-base-int32-type {
type int32 {
range "1..4 | 10..20";
}
}
typedef derived-int32 {
type my-base-int32-type {
range "11..max";
}
}
typedef string255 {
type string {
length "1..255";
}
}
typedef derived-str {
type string255 {
length "11 | 42..max";
pattern "[0-9a-fA-F]*";
}
}

Common YANG Data Types (RFC 6991)
IETF YANG Types Using Types
import ietf-yang-types {
prefix yang;
}
Name Description
counter32 non-negative 32-bit integer that monotonically
increases
zero-based-counter32 a counter32 that has the defined initial value zero
counter64 non-negative 64-bit integer that monotonically
increases
zero-based-counter64 a counter64 that has the defined initial value zero
gauge32 non-negative integer, which may increase or
decrease
gauge64 non-negative integer, which may increase or
decrease
date-and-time ISO 8601 standard for representation of dates and
times
phys-address colon-separated hexadecimal pairs (e.g.
1a:ba:da:ba:d0)
mac-address six colon-separated hexadecimal pairs (e.g.
1a:ba:da:ba:d0:00)
xpath1.0 XPATH 1.0 expression
hex-string colon-separated hexadecimal pairs of arbitrary
length
uuid universally unique identifier (RFC 4122)
…

Common YANG Data Types (RFC 6991) - continued
IETF INET Types Using Types
import ietf-inet-types {
prefix inet;
}
Name Description
ip-version
IP protocol version: 1=IPv4, 2=IPv6,
0=unknown
dscp
Differentiated Services Code Point value: 0 to
63
ipv6-flow-label 32-bit integer in the range from 0 to 1048575
port-number 16-bit integer in the range from 0 to 65535
as-number
32-bit integer representing 2 or 4 octet BGP AS
numbers
ip-address IPv4 or IPv6 address
ipv4-address IPv4 address (e.g. 10.1.2.3)
ipv6-address IPv6 address (e.g. fd85:b310:6513:194b::1)
ip-prefix IPv4 or IPv6 prefix
ipv4-prefix IPv4 prefix (e.g. 10.1.2.0/24)
ipv6-prefix IPv6 prefix (e.g. fd85:b310:6513:194b::/64)
domain-name DNS domain name
host IP address or DNS domain name
uri uniform resource identifier
…

YANG Types Example
// percentage type
typedef percentage-type {
type uint8 {
range "1..100";
}
}
// Weekday type
typedef weekday-type {
type enumeration {
enum Mon;
enum Tue;
enum Wed;
enum Thu;
enum Fri;
enum Sat;
enum Sun;
}
}
// Hour & minute & optional second type
typedef hhmm-type {
type string {
pattern '([0-1]?[0-9]|2[0-4]):' +
'([0-5][0-9])(:[0-5][0-9])?';
}
}
// Route Distinguisher AS:NUM or IP:NUM
typedef rd-type {
type string {
pattern '((d+)((.d+){3})?):d+';
}
}
// DSCP type
typedef dscp-type;
type union;
type uint8 { range "0..63"; }
type enumeration {
enum af11;
enum af12;
enum af13;
enum af21;
enum af22;
enum af23;
enum af31;
enum af32;
enum af33;
enum af41;
enum af42;
enum af43;
enum cs1;
enum cs2;
enum cs3;
enum cs4;
enum cs5;
enum cs6;
enum cs7;
enum default;
enum dscp;
enum ef;
enum precedence;
}
}
}

YANG Statements

Basic YANG Statements
• Leaf
• Container
• List
• Leafref

Data Model and Data Visualization
Data Model: Sample Data:
• YANG
• XPath to reference data in the hierarchy:
/ loopback-ipv4
/ loopback-ipv4 / loopback
/ loopback-ipv4 / ip-address
• Graphic visualization of hierarchy and data
type:
K Key Leaf
Leaf T Typedef
G Grouping
L List
C Container R Leafref
L Leaf-list
• XML
<loopback-ipv4>
<loopback>1</loopback>
<ip-address>10.1.1.1</loopback>
</loopback-ipv4>
<loopback-ipv4>
</loopback-ipv4>
192.0.2.213 16772
198.51.100.22 19234
203.0.113.89 22315
These methods are used throughout the course
to help with understanding of YANG data
modeling.

Leaf
• Single value using a built-in or derived data type
• Zero or one instance
loopback
1
leaf loopback {
type int32 {
range "0..2147483647";
}
}
YANG (data model):
XML (data):
XPath:
/ loopback

Leaf Attributes
Attribute Description
config
Whether this leaf is a configurable value ("true") or operational value
("false"). Inherited from parent container if not specified
default Specifies default value for this leaf. Implies that leaf is optional
mandatory Whether the leaf is mandatory ("true") or optional ("false")
must XPath constraint that will be enforced for this leaf
type The data type (and range etc) of this leaf
when Conditional leaf, only present if XPath expression is true
description Human readable definition and help text for this leaf
reference Human readable reference to some other element or spec
units Human readable unit specification (e.g. Hz, MB/s, ℉)
status Whether this leaf is "current", "deprecated" or "obsolete"

Container
• Used to group one or more other
statements
• Has no data type by itself
• May have an implicit meaning
container loopback-ipv4 {
leaf loopback {
type int32 {
range "0..2147483647";
}
}
leaf ip-address {
type inet:ipv4-address
}
}
YANG (data model):
<loopback-ipv4>
</loopback-ipv4>
XML (data):
XPath:
/ loopback-ipv4
/ loopback-ipv4 / loopback
/ loopback-ipv4 / ip-address
ip-address
C loopback-ipv4
loopback
1 10.1.1.1

List
• Contains one or more sub-statements
• Requires one unique identifier (key)
• Zero or more instances
YANG (data model):
XML (data):
XPath:
/ loopback-ipv4 [loopback=‘1’]
/ loopback-ipv4 [loopback=‘1’] / loopback
/ loopback-ipv4 [loopback=‘2’] / ip-address
ip-address
list loopback-ipv4 {
key loopback;
unique ip-address;
leaf loopback {
type int32 {
range "0..2147483647";
}
}
leaf ip-address {
type inet:ipv4-address
}
}
<loopback-ipv4>
</loopback-ipv4>
<loopback-ipv4>
</loopback-ipv4>
1 10.1.1.1
2 10.2.2.2
L loopback-ipv4
K loopback

Service Design

Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Configure Sample Service
using Cisco NSO CLI
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
1.

Create a package skeleton
# ncs-make-package –service-skeleton template-based trunk

sample service
using Cisco NSO CLI
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
2.

Configure the Service via NSO
• Configure two devices:
admin@ncs(config)# devices device dell0 config force10:interface Vlan 10
tagged GigabitEthernet0/11
admin@ncs(config)# devices device c0 config ios:interface GigabitEthernet 0/23
switchport mode trunk switchport trunk allowed vlan 10
admin@ncs(config)# commit dry-run outformat native
admin@ncs(config)# commit
admin@ncs(config)# commit dry-run outformat xml
• Take a look at the configuration before committing it:
or…
• Now commit the configuration:

sample service
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
3.

Configure the Service via NSO
• Review the configuration to use as the template:
• This is the same output from our ‘commit dry-run outformat xml’ command
• Copy this xml and use it to replace most of what’s in your skeleton template
admin@ncs(config)# show full-configuration devices device dell0 config
force10:interface Vlan | display xml
admin@ncs(config)# show full-configuration devices device catalyst1 config
ios:interface GigabitEthernet 0/23 | display xml

sample service
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
4.

Create the YANG Model
list endpoint {
key device;
leaf device {
type leafref {
path "/ncs:devices/ncs:device/ncs:name";
}
}
leaf interface {
type string;
}
}
leaf vlan {
type uint16;
}

sample service
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
Compile & Deploy the
Service
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
5.

Compile and reload the package
# ncs_cli -C -u admin
admin@ncs# packages reload
admin@ncs# configure
admin@ncs(config)# services trunk myservice endpoint catalyst0 interface 0/2
endpoint dell0 interface GigabitEthernet0/12 vlan 12
admin@ncs(config)# top
admin@ncs(config)# show full-configuration services trunk
admin@ncs(config)# commit dry-run outformat native

Summary
Service design goal is simplicity for the
operator :
Minimum set of parameters for the
service (optimization)
Strict enforcement of parameters to
minimize human error (standardization)
Thorough testing of service configuration
and all possible service options to
ensure robustness of the solution
NSO and YANG provide modularity and
flexibility for service designers

Conclusion

Conclusion from NSO Lab
• NSO is very simple to install and start operating
• It is very simple to personalize NSO thanks to the use of standard languages such as
YANG and XML templates, plus its network emulator ncs-netsim…
• NSO can centrally manage devices using all its northbound interfaces using its device
manager
• NSO can automate service provisioning thanks to its service manager
• The PODs will be available until Friday noon for your access
• You can access more self-guided labs at examples.ncs folder in your installation

Continue Your Education
• Demos in the Cisco Campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings

NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab

NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab

Ähnlich wie NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab (20)

Mehr von Cisco Canada

Mehr von Cisco Canada (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab