Weitere ähnliche Inhalte Ähnlich wie NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab (20) Mehr von Cisco Canada (20) Kürzlich hochgeladen (20) NSO: Network Service Orchestrator enabled by Tail-f Hands-on Lab1. Cisco Confidential© 2015 Cisco and/or its affiliates. All rights reserved. 1
Network Service
Orchestrator (NSO)
Hands-on Lab
Juan Velez
Consulting Systems Engineer US Sales – juvelez@cisco.com
May 18th 2016
Guilherme Tuche
Consulting Systems Engineer US Sales – gtuche@cisco.com
TS-SP-17-I
3. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
House Keeping Notes – May 18th
Thank you for attending Cisco Connect Toronto 2016, here are a few housekeeping notes to ensure
we all enjoy the session today.
• WiFi SSID = CiscoLabs, password = CiscoLabs
• We will be using the Cisco dCloud Environment for all the labs. Please be sure you have internet
access using the provided credentials.
Please ensure your
cellphones / laptops are
set on silent to ensure
no one is disturbed
during the session
A power bar is available
under each desk in
case you need to
charge your laptop
4. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
• Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet
connection, and a cisco.com account
• Customers will have direct access to a subset of dCloud demos and labs
• Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared
with the customers (cisco.com user).
• Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com
credentials
• Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help
Customers now get full dCloud experience!
5. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Agenda
The Lab will run from 8 am to 12 noon with a 15 minute intermission at 10 am
• Introduction to the lab
• Overview of Network Service Orchestrator (NSO)
• Installing NSO
• NSO Device Management
• NSO Service Management
• YANG Intro
• Service Design
• Conclusion
6. Cisco Confidential 6© 2015 Cisco and/or its affiliates. All rights reserved.
Introduction to the NSO Lab
7. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
dCloud access
• Use Cisco AnyConnect Already Installed on Your Laptop (Recommended)
OR
• Download and Install Cisco AnyConnect from Cisco.com
Get Cisco AnyConnect from the Cisco Support and Download page:
http://www.cisco.com/c/en/us/support/index.html
If you encounter issues, please choose another option listed.
OR
• Use the dCloud Browser Based Cisco AnyConnect
Click the Host URL to start this option: https://dcloud-rtp-anyconnect.cisco.com .
IMPORTANT: This option requires the latest version of Java and your web browser. Use this option only if
you cannot install the Cisco AnyConnect VPN Client on your laptop.
8. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
dCloud access
• Launch the Cisco AnyConnect client on your laptop
Use Host = https://dcloud-rtp-anyconnect.cisco.com
Attendee # User Name Password
1 v673user1 080aa2
2 v470user1 2b2c86
3 v403user1 323995
4 v877user1 c13aed
5 v241user1 6e69e9
6 v361user1 5272ef
7 v298user1 dcf8ea
8 v455user1 7b8ed9
9 v857user1 bbe854
10 v715user1 6813bb
11 v315user1 d02027
12 v211user1 1e2811
Attendee # User Name Password
13 v238user1 6f62e5
14 v330user1 47f40a
15 v13user1 1193d0
16 v438user1 46a040
17 v571user1 54f6d3
18 v247user1 1d87dd
19 v359user1 96ce28
20 v111user1 79e971
21 v885user1 82f0d8
22 v95user1 c3b673
23 v873user1 31d684
24 v132user1 42d1a5
9. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Introduction to the NSO Lab
• You have been assigned a POD consisting of two servers
• Connect to your POD using the AnyConnect credentials in the previous slide
• Remote Desktop to the Windows server OR open SSH session directly to the NSO
server using Putty or equivalent directly from your laptop.
PC Workstation
IP address: 198.18.133.252
Username/Password: Administrator / C1sco12345
NSO Server - access via SSH
IP address: 198.18.1.79
Username/Password: cisco/ C1sco12345
OR
10. Cisco ConfidentialCisco Confidential© 2015 Cisco and/or its affiliates. All rights reserved. 10
NSO GUI
Mostly CLI will be used in lab
NSO CLI
Opens a PUTTY
session to NSO
WinSCP
For file transfers to/from NSO
Text Editors
Notepad++ & Sublime installed
11. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Introduction to the NSO Lab: Connecting to your POD
• Lab is instructor-led, we will be guiding you through a set of steps
• There is no step-by-step written guide. We know this is the first contact with NSO for
several of you.
• Network devices are emulated using in-house emulator: VIRL
• PODs will be available for your access until noon on Friday
• By the end of the lab, we will show you how to access additional self-guided lab
examples
• You can contact the instructors for a “Meet the Engineer” slot if you need a deeper-dive
13. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13Cisco ConfidentialCisco Confidential© 2016 Cisco and/or its affiliates. All rights reserved. 13
Network Services Orchestrator (NSO)
Multi-Vendor Service Orchestration &
Network Automation for today’s
networks and NFV/SDN
14. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
• Part of Cisco acquisition of Tail-f
Tail-f was founded in 2005
Fully part of Cisco since July 9th 2014
• Re-branded NSO from NCS
• Multi-vendor Service Orchestration & Network
Automation
Service Orchestration for NFV/SDN (and today’s networks !)
Centralized Network Control – SDN
Based on industry standards Yang & Netconf
• 100+ customers world-wide
Almost all of the world’s largest network equipment vendors
Early NFV leadership – multiple deployments
• Target Markets
Service Providers
Cloud providers / Data Centers
Network Equipment Vendors
NSO At-a-Glance
Disruptive Service Orchestration
software
Reduces time & efforts to develop
& provision services in a Multi-
Vendor network
Early leader in the fast-growing
NFV market
Blue Chip Customers
Tier1 SP
Japan
Tier1 SP
US
15. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Agility : Model-Driven
Operation : Network Transaction
NSO At-a-Glance
OSS
Service Order
Minimal Device
Reconfigurations
NSO
Multi-vendor L1-L7 network
16. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
• Multi-vendor Service Orchestration &
Network Automation for existing & future
(SDN/NFV…) networks
• Single Pane of Glass for:
• L1-L7 networking
• Hardware Devices
• Virtual Appliances
• OpenFlow Switches
• All the above can be from any vendor :
Cisco, Juniper, ALU, Ericsson, Huwaei,
Ciena, Infinera, F5, A10, Brocade, Palo
Alto, Avaya, Sonus, Fortinet, etc…
NSO Key Features
Multi-vendor L1-L7 network
17. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
• NSO provides abstractions based on
• Standard Data models (YANG RFC 6020)
for devices & services
• Transaction : ensures fail-safe operations &
network configuration accuracy
• Benefits
• No hard-coded assumptions/info about
services or devices
• Can be used for all types of services and all
types of network devices
• Automation can be based on accurate real-
time view of service and network state
NSO Key Features
Multi-vendor L1-L7 network
18. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
NSO Zoom in Architecture
Source information is set at 12 points.
Service Manager
Multi-Vendor Network
Network
Engineer
EMS/NMS
NETCONF REST CLI Web UI SNMP
JAVA/Javascript/
Python
OSS/BSS
NSO
AAA Core Engine
NETCONF SNMP REST CLI WS
Network Element Drivers
Mapping
Logic
Templates
Fast Map
Device ManagerNotification ReceiverAlarm Manager
Openflow Switches
Service
Models
Package
Manager
Script API
Device
Models
Developer
API
19. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
NSO for Network Engineers – User Interfaces
Auto-rendered Web UI with powerful
extensibility features
Cisco or Juniper-style CLI for
network-wide configuration changes
20. Cisco Confidential 20© 2015 Cisco and/or its affiliates. All rights reserved.
NETCONF
Network management protocol specifically
designed to support service activation and
provisioning.
Encrypted, efficient transport
XML content transported over SSH+TCP.
Extensible
XML Namespaces make it possible to add e.g. new
RPC types or new table columns without breaking
existing applications.
Transactional
Configuration changes happen all-or-nothing and all-
at-once which simplifies network management
applications.
Network-wide
Can address multiple network elements in parallel to
implement network-wide transactions.
Text based data modeling language designed
for use with NETCONF.
Operator friendly
Easy to mimic existing human operator interfaces,
such as CLI and WebUI. Supports tables inside
tables.
Precise
Very precise and specific data definitions. Allowed
values could be “1..99 | 1300..1999 | none”. Explicit
about keys in tables.
Extensible
Define additional keywords in Yang with rigid syntax,
that standard compilers parse correctly. Additional
keywords used to generate code, documentation,
test cases, etc based on model.
Human readable
Non-programmers can read Yang models.
YANG
22. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
System Requirements
• Check the distribution filename:
ncs-3.3.linux.x86_64.installer.bin
• Check your OS version:
Linux distributions
OS X
• Check the CPU archurecture:
x86_64 – 64-bit Intel x86 architecture
I686 - 32-bit Intel x86 architecture
• Java version (JDK 1.6 or higher)
• Apache ANT
23. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Installing Cisco NSO
• Obtain distribution file:
ncs-3.3.darwin.x86_64.installer.bin
• It contains:
NSO, examples, documentation
NETSIM Network Simulator
• Run the installation
$ sh ncs-3.3.linux.x86_64.installer.bin ~/ncs/3.3
INFO Using temporary directory /var/… to stage NSO installation bundle
INFO Unpacked ncs-3.3 in /Users/tailf/ncs/3.3
INFO Found and unpacked corresponding DOCUMENTATION_PACKAGE
INFO Found and unpacked corresponding EXAMPLE_PACKAGE
INFO Generating default SSH hostkey (this may take some time)
INFO SSH hostkey generated
INFO Environment set-up generated in /Users/tailf/ncs-3.3/ncsrc
INFO NSO installation script finished
INFO Found and unpacked corresponding NETSIM_PACKAGE
INFO NSO installation complete
24. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
NSO Directories
ncs-3.3/
/home/cisco/ncs
bin/
lib/
doc/
web-server/
ncs-cdb/
ncs.conf
datacenter/
ncs-cdb/
ncs.conf
ncs-working/
ncs-cdb/
ncs.conf
ncs-2.9/
Project Directory
Installation Directory
Two directory types:
examples.ncs
25. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Setup an NSO Project Runtime Directory
• Make sure binaries are added to your PATH: (You also added to .bashrc)
• Run the ncs-setup script:
• Creates a database directory ./ncs-cdb
• Creates a log directory ./log
• Creates an empty packages directory ./packages
• Creates a default ncs.conf
$ source ~/ncs/3.3/ncsrc
$ ncs-setup –-dest ~/ncs/ncs-working
26. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Starting Cisco NSO
• Start the NSO daemon:
• Check if the deamon is running:
• Start the CLI (Cisco XR style):
• Start the CLI (Juniper style):
$ ncs
$ ncs --status
$ ncs_cli –C –u admin
$ ncs_cli -J –u admin
28. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Using Packages
• Make sure your package is in the right place
• The ./packages directory
• Don’t store anything else in the packages/ directory!
• Don’t keep “old” packages in the packages directory!
29. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Using Packages
• Existing packages:
• NEDS ($NSO_DIR/packages/neds)
• Services ($NSO_DIR/packages/services)
• Tools ($NSO_DIR/packages/tools)
• Copy (or softlink) packages from the NSO installation:
cp -r $NSO_DIR/packages/neds/cisco-iosxr packages/
OR
ln –sF $NSO_DIR/packages/ned/cisco-iosxr packages/
30. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Reloading Packages
• Check if all the required packages are loaded using show packages command
• Package reload can be forced using request packages reload command
• Package reload can be forced with starting NSO using —with-package-reload flag
admin@ncs> show packages package package-version
PACKAGE
NAME VERSION
----------------------
cisco-iosxr 3.0
discovery 1.0
admin@ncs> request packages reload
result Done
[ok][2014-10-14 14:17:06]
32. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Netsim Overview
ncs-netsim is a network devices simulation tool
Used to test NSO with simulated devices
Uses NED device packages
A NED package contains netsim directory
Represents device configuration and CLI
The same YANG for models are used for
simulated and real devices
Netsim simulated devices
(ConfD)
Physical or virtual non-
simulated devices
33. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Starting Simulated Devices
• Below example creates 3 Cisco IOS devices:
• Start the CLI (Cisco XR style):
$ ncs-netsim create-network <NED package> <#N devices> <Device Name Prefix>
$ ncs-netsim create-network packages/cisco-iosxr 3 c
$ ncs-netsim start
DEVICE c0 OK STARTED
DEVICE c1 OK STARTED
DEVICE c2 OK STARTED
34. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
Access Simulated Devices
• You can access the CLI of the simulated devices:
$ ncs-netsim cli-i c1
admin connected from 127.0.0.1 using console *
c1> enable
c1# show running-config
class-map m
match mpls experimental topmost 1
match packet length max 255
match packet length min 2
match qos-group 1
!
c1# exit
36. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Device Manager
Is the heart of NSO
NSO keeps a master copy of configuration in
CDB
Network element drivers (NED) supports
different protocols:
NETCONF
SNMP
CLI
Generic NED (Java code)
Network Element Driver
Device Manager
Master Copy of
Configurations
37. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
NSO CLI
• In Operational mode, the CLI displays operational data stored in CDB (or live
data from the devices)
• In Configuration mode, the CLI displays network configuration data stored in
CDB
Operational Mode Configuration Mode
ncs# show devices device
devices device lb0
...
alarm-summary indeterminates 0
alarm-summary criticals 0
alarm-summary majors 0
alarm-summary minors 0
alarm-summary warnings 0
...
devices device www0
...
ncs# configure
ncs(config)# show full-configuration
devices device ce0
devices device ce0
address 127.0.0.1
port 10022
ssh host-key ssh-dss
…
38. Cisco Confidential 38© 2015 Cisco and/or its affiliates. All rights reserved.
Device Configuration Management
39. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Synchronizing from Device
• Device Configurations in NSO and actual Device Configuration should
match
• After initial device discovery or import, it makes sense to synchronize
configurations from devices
sync-to
sync-from
check-sync
compare-sync
ncs# devices sync-from
sync-result {
device lb0
result true
}
40. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Synchronizing from Device
• When a device has been configured out of band
• Clears up rogue configuration
• “dry-run” option available to check changes
sync-to
sync-from
check-sync
compare-sync
ncs# devices device c0 sync-to
result true
Change device
configuration over CLI.
41. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Check Sync
• Check if a device has been configured out of band
• Check if a subset of managed devices has been configured out of band
ncs# devices check-sync
sync-result {
device ce0
result in-sync
}
...
ncs# devices device ce0..3 check-sync
devices device ce0 check-sync
result in-sync
devices device ce1 check-sync
result in-sync
devices device ce2 check-sync
42. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Comparing Configuration
• Compare out-of-sync device configuration
ncs(config)# devices device c0 check-sync
result out-of-sync
info got: 290fa2b49608df9975c9912e4306110 expected:
ef3bbd344ef94b3fecec5cb93ac7458c
ncs(config)# devices device c0 compare-config
diff
devices {
device c0 {
config {
ios:snmp-server {
+ community foobar {
+ RW;
+ }
}
}
}
}
43. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Displaying Configuration
• Display only new parts of configuration:
• Display full configuration:
admin@ncs(config)# show configuration devices device c0
devices device c0
description c0-PE
!
admin@ncs(config)#
admin@ncs(config)# show full-configuration devices device c0
devices device c0
address 127.0.0.1
port 10022
ssh host-key ssh-dss
44. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Configuring Devices
• Configuration change happens after final commit statement
# ncs_cli --user=admin
admin@ncs# config
Entering configuration mode terminal
admin@ncs(config)#
admin@ncs(config)# devices device c0 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# devices device c1 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# devices device c2 config cisco-ios-xr:interface MgmtEth 0/0/0/0 ipv4
address 192.168.128.50 255.255.255.0
admin@ncs(config-if)# commit
Commit complete.
admin@ncs(config)#
45. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Rollbacks
• Every transaction has a corresponding rollback file:
$ ls logs/rollback*
$ more logs/rollback10008
admin@ncs# file show logs/rollback1000<TAB>
Possible completions:
<file to show> rollback10001 rollback10002 rollback10003
rollback10004 rollback10005 rollback10006 rollback10007
rollback10008
ncs(config)# rollback selective 1000<TAB>
Possible completions:
10001 2015-05-12 18:47:17 by system via system
10002 2015-05-12 18:50:10 by admin via cli
10003 2015-05-12 18:50:55 by admin via cli
10004 2015-05-12 18:50:55 by admin via cli
46. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Rollbacks - examples
• Rollback Configuration is always most recent rollback file
• Rollback 3 latest transactions:
• Rollback only changes done in 3rd latest transaction:
• Rollback dhcp changes on asr0 in the 3rd latest transaction:
ncs(config)# rollback configuration
ncs(config)# rollback selective 10006
ncs(config)# rollback selective 10006 devices device asr0 config dhcp
48. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Templates
• Used to apply snippets of configuration
Create template:
Apply to new or existing device:
What’s the difference?
admin@ncs(config)# devices template snmp-community config cisco-ios-xr:snmp-
server community tailfrocks RW
admin@ncs(config)# devices template snmp-community config cisco-ios-xr:snmp-
server community tailfrocks RW
ncs(config)# show configuration
ncs(config)# devices device c3 apply-template template-name snmp-community
ncs(config)# show configuration
ncs(config)# commit
49. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Templates with Variables
• Variable needs to be provided with a value
ncs(config) devices template snmp-community-input config cisco-ios-xr:snmp-server community
{$COMMUNITY}
admin@ncs(config)# devices device c0 apply-template template-name snmp-community-input
Error: A variable value has not been assigned to: COMMUNITY
admin@ncs(config)#
admin@ncs(config)# devices device c0 apply-template template-name snmp-community-input
variable { name COMMUNITY value 'public' }
apply-template-result {
device c0
result ok
}
admin@ncs(config)# show configuration
devices device c0
config
cisco-ios-xr:snmp-server community public
!
!
admin@ncs(config)#
50. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Policies
• The Device and Service models contain constraints that always must be true
• You might want to add constraints on run-time activity as well
• Example 1: a certain interface on the device must be ‚Up‘
• Example 2: Interface needs to have a description
ncs(config)# policy rule mgmt-if
ncs(config)# expr config/interface[name='m0'][status='Up’]
ncs(config)# foreach /devices/device
ncs(config)# error-message "Management Interface m0 on device {name} must be Up”
admin@ncs% commit
ncs(config)# show configuration policy rule mgmt-if
foreach /devices/device;
expr config/interface[name='m0'][status='Up'];
error-message "Management Interface m0 on device {name} must be Up”;
53. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
Basic YANG Statements
YANG Programming Equivalent Description
Leaf Variable Contains a single value of a specific type
Leaf-List Array Contains a list of values of the same type
Container Record Contains a single structure containing zero or more
values or other statements (hierarchy)
List Array of Records Contains a list of zero or more sets of values and
other statements (hierarchy)
Leafref Pointer Contains a link to another statement elsewhere in the
file
54. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
YANG Model Statements and Hierarchy
Leaf: single value of a defined type
Leaf-list: multiple values of the same
type
List: multiple records containing at
least one leaf (key) and an arbitrary
hierarchy of other statements
Container: groups other statements;
has no value
Leafref: is a reference to another leaf
Container
Leaf
Container
Leaf-List
Container
List
Leaf
Container Leaf Leaf Leaf-Ref
Leaf
Container Leaf Leaf Leaf-Ref
Leaf
Container Leaf Leaf Leaf-Ref
55. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
YANG Model Statements and Hierarchy
Statement characteristics:
Name
Type (e.g. string, uint32)
Constraints:
min-elements
max-elements
range
key/unique
leafref
must
when
Statement content is enclosed within curly
brackets
Each sub-statement is terminated by
semicolon
container car {
}
container v8_engine {
}
leaf-list cylinder-arrangement {
type string;
max-elements 8;
}
container other-parts {
}
list per-cylinder-parts {
}
leaf piston-diameter {
type uint32;
range "2000..9000";
}
container valves {
leaf number { … }
list position { … }
…
}
57. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
YANG Supports a Number of Data Types
Built-in Types Derived Types
Name Description
int8/16/32/64 Integer
uint8/16/32/64 Unsigned integer
decimal64 Non-integer
string Unicode string
enumeration Set of alternatives
boolean True or false
bits Boolean array
binary Binary BLOB
leafref Reference
identityref Unique identity
empty No value, void
union Choice of member types
instance-identifier References a data tree node
typedef my-base-int32-type {
type int32 {
range "1..4 | 10..20";
}
}
typedef derived-int32 {
type my-base-int32-type {
range "11..max";
}
}
typedef string255 {
type string {
length "1..255";
}
}
typedef derived-str {
type string255 {
length "11 | 42..max";
pattern "[0-9a-fA-F]*";
}
}
58. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Common YANG Data Types (RFC 6991)
IETF YANG Types Using Types
import ietf-yang-types {
prefix yang;
}
Name Description
counter32 non-negative 32-bit integer that monotonically
increases
zero-based-counter32 a counter32 that has the defined initial value zero
counter64 non-negative 64-bit integer that monotonically
increases
zero-based-counter64 a counter64 that has the defined initial value zero
gauge32 non-negative integer, which may increase or
decrease
gauge64 non-negative integer, which may increase or
decrease
date-and-time ISO 8601 standard for representation of dates and
times
phys-address colon-separated hexadecimal pairs (e.g.
1a:ba:da:ba:d0)
mac-address six colon-separated hexadecimal pairs (e.g.
1a:ba:da:ba:d0:00)
xpath1.0 XPATH 1.0 expression
hex-string colon-separated hexadecimal pairs of arbitrary
length
uuid universally unique identifier (RFC 4122)
…
59. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
Common YANG Data Types (RFC 6991) - continued
IETF INET Types Using Types
import ietf-inet-types {
prefix inet;
}
Name Description
ip-version
IP protocol version: 1=IPv4, 2=IPv6,
0=unknown
dscp
Differentiated Services Code Point value: 0 to
63
ipv6-flow-label 32-bit integer in the range from 0 to 1048575
port-number 16-bit integer in the range from 0 to 65535
as-number
32-bit integer representing 2 or 4 octet BGP AS
numbers
ip-address IPv4 or IPv6 address
ipv4-address IPv4 address (e.g. 10.1.2.3)
ipv6-address IPv6 address (e.g. fd85:b310:6513:194b::1)
ip-prefix IPv4 or IPv6 prefix
ipv4-prefix IPv4 prefix (e.g. 10.1.2.0/24)
ipv6-prefix IPv6 prefix (e.g. fd85:b310:6513:194b::/64)
domain-name DNS domain name
host IP address or DNS domain name
uri uniform resource identifier
…
60. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
YANG Types Example
// percentage type
typedef percentage-type {
type uint8 {
range "1..100";
}
}
// Weekday type
typedef weekday-type {
type enumeration {
enum Mon;
enum Tue;
enum Wed;
enum Thu;
enum Fri;
enum Sat;
enum Sun;
}
}
// Hour & minute & optional second type
typedef hhmm-type {
type string {
pattern '([0-1]?[0-9]|2[0-4]):' +
'([0-5][0-9])(:[0-5][0-9])?';
}
}
// Route Distinguisher AS:NUM or IP:NUM
typedef rd-type {
type string {
pattern '((d+)((.d+){3})?):d+';
}
}
// DSCP type
typedef dscp-type;
type union;
type uint8 { range "0..63"; }
type enumeration {
enum af11;
enum af12;
enum af13;
enum af21;
enum af22;
enum af23;
enum af31;
enum af32;
enum af33;
enum af41;
enum af42;
enum af43;
enum cs1;
enum cs2;
enum cs3;
enum cs4;
enum cs5;
enum cs6;
enum cs7;
enum default;
enum dscp;
enum ef;
enum precedence;
}
}
}
62. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Basic YANG Statements
• Leaf
• Container
• List
• Leafref
63. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
Data Model and Data Visualization
Data Model: Sample Data:
• YANG
• XPath to reference data in the hierarchy:
/ loopback-ipv4
/ loopback-ipv4 / loopback
/ loopback-ipv4 / ip-address
• Graphic visualization of hierarchy and data
type:
K Key Leaf
Leaf T Typedef
G Grouping
L List
C Container R Leafref
L Leaf-list
• XML
<loopback-ipv4>
<loopback>1</loopback>
<ip-address>10.1.1.1</loopback>
</loopback-ipv4>
<loopback-ipv4>
<loopback>2</loopback>
<ip-address>10.2.2.2</loopback>
</loopback-ipv4>
192.0.2.213 16772
198.51.100.22 19234
203.0.113.89 22315
These methods are used throughout the course
to help with understanding of YANG data
modeling.
64. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
Leaf
• Single value using a built-in or derived data type
• Zero or one instance
loopback
1
leaf loopback {
type int32 {
range "0..2147483647";
}
}
<loopback>1</loopback>
YANG (data model):
XML (data):
XPath:
/ loopback
65. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
Leaf Attributes
Attribute Description
config
Whether this leaf is a configurable value ("true") or operational value
("false"). Inherited from parent container if not specified
default Specifies default value for this leaf. Implies that leaf is optional
mandatory Whether the leaf is mandatory ("true") or optional ("false")
must XPath constraint that will be enforced for this leaf
type The data type (and range etc) of this leaf
when Conditional leaf, only present if XPath expression is true
description Human readable definition and help text for this leaf
reference Human readable reference to some other element or spec
units Human readable unit specification (e.g. Hz, MB/s, ℉)
status Whether this leaf is "current", "deprecated" or "obsolete"
66. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
Container
• Used to group one or more other
statements
• Has no data type by itself
• May have an implicit meaning
container loopback-ipv4 {
leaf loopback {
type int32 {
range "0..2147483647";
}
}
leaf ip-address {
type inet:ipv4-address
}
}
YANG (data model):
<loopback-ipv4>
<loopback>1</loopback>
<ip-address>10.1.1.1</loopback>
</loopback-ipv4>
XML (data):
XPath:
/ loopback-ipv4
/ loopback-ipv4 / loopback
/ loopback-ipv4 / ip-address
ip-address
C loopback-ipv4
loopback
1 10.1.1.1
67. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
List
• Contains one or more sub-statements
• Requires one unique identifier (key)
• Zero or more instances
YANG (data model):
XML (data):
XPath:
/ loopback-ipv4 [loopback=‘1’]
/ loopback-ipv4 [loopback=‘1’] / loopback
/ loopback-ipv4 [loopback=‘2’] / ip-address
ip-address
list loopback-ipv4 {
key loopback;
unique ip-address;
leaf loopback {
type int32 {
range "0..2147483647";
}
}
leaf ip-address {
type inet:ipv4-address
}
}
<loopback-ipv4>
<loopback>1</loopback>
<ip-address>10.1.1.1</loopback>
</loopback-ipv4>
<loopback-ipv4>
<loopback>2</loopback>
<ip-address>10.2.2.2</loopback>
</loopback-ipv4>
1 10.1.1.1
2 10.2.2.2
L loopback-ipv4
K loopback
69. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Configure Sample Service
using Cisco NSO CLI
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
Create Service Model
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
1.
70. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
Create a package skeleton
# ncs-make-package –service-skeleton template-based trunk
71. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Configure Sample Service
using Cisco NSO CLI
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
Create Service Model
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
2.
72. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72
Configure the Service via NSO
• Configure two devices:
admin@ncs(config)# devices device dell0 config force10:interface Vlan 10
tagged GigabitEthernet0/11
admin@ncs(config)# devices device c0 config ios:interface GigabitEthernet 0/23
switchport mode trunk switchport trunk allowed vlan 10
admin@ncs(config)# commit dry-run outformat native
admin@ncs(config)# commit
admin@ncs(config)# commit dry-run outformat xml
• Take a look at the configuration before committing it:
or…
• Now commit the configuration:
73. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
Create Service Model
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
Configure Sample Service
using Cisco NSO CLI
3.
74. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74
Configure the Service via NSO
• Review the configuration to use as the template:
• This is the same output from our ‘commit dry-run outformat xml’ command
• Copy this xml and use it to replace most of what’s in your skeleton template
admin@ncs(config)# show full-configuration devices device dell0 config
force10:interface Vlan | display xml
admin@ncs(config)# show full-configuration devices device catalyst1 config
ios:interface GigabitEthernet 0/23 | display xml
75. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75
Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
Create Service Model
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
Configure Sample Service
using Cisco NSO CLI
4.
76. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 76
Create the YANG Model
list endpoint {
key device;
leaf device {
type leafref {
path "/ncs:devices/ncs:device/ncs:name";
}
}
leaf interface {
type string;
}
}
leaf vlan {
type uint16;
}
77. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 77
Creating a Service Package
1. Create a package skeleton
2. Use the Cisco NSO CLI to configure a
sample service
3. Create the service template
4. Create the service model in YANG
5. Compile and deploy the package
Create a Service Skeleton
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
Compile & Deploy the
Service
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
Configure Sample Service
using Cisco NSO CLI
5.
78. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 78
Compile and reload the package
# ncs_cli -C -u admin
admin@ncs# packages reload
admin@ncs# configure
admin@ncs(config)# services trunk myservice endpoint catalyst0 interface 0/2
endpoint dell0 interface GigabitEthernet0/12 vlan 12
admin@ncs(config)# top
admin@ncs(config)# show full-configuration services trunk
admin@ncs(config)# commit dry-run outformat native
79. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 79
Summary
Service design goal is simplicity for the
operator :
Minimum set of parameters for the
service (optimization)
Strict enforcement of parameters to
minimize human error (standardization)
Thorough testing of service configuration
and all possible service options to
ensure robustness of the solution
NSO and YANG provide modularity and
flexibility for service designers
81. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 81
Conclusion from NSO Lab
• NSO is very simple to install and start operating
• It is very simple to personalize NSO thanks to the use of standard languages such as
YANG and XML templates, plus its network emulator ncs-netsim…
• NSO can centrally manage devices using all its northbound interfaces using its device
manager
• NSO can automate service provisioning thanks to its service manager
• The PODs will be available until Friday noon for your access
• You can access more self-guided labs at examples.ncs folder in your installation
82. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 82
Continue Your Education
• Demos in the Cisco Campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings