SlideShare ist ein Scribd-Unternehmen logo

Puppet devops wdec

Wojciech Dec
Wojciech Dec

This document discusses configuring Cisco devices using Puppet and Chef automation tools. It provides an overview of: - The benefits of automated configuration vs manual configuration such as reliability, auditing, and drift correction. - How Puppet and Chef work by maintaining configuration state in code and transitioning systems from current to desired state in an idempotent way. - Key components of Puppet like the Puppet master, catalogs, and Puppet agents. And key components of Chef like the Chef server, cookbooks, recipes, and Chef clients. - Cisco's One-PK which provides an API and SDK for developing applications to control and configure Cisco devices, and how Puppet and Chef agents are

Technologie
1 von 26
Downloaden Sie, um offline zu lesen
Cisco configuration automation using puppet/chef Amsterdam DevOps Meetup © 2010 Cisco and/or its affiliates. All rights reserved. 1
•  Automated configuration vs. Manual configuration •  Manual configuration: Just log in and do it! Fine for very small number of systems – a very small number Attempting to scale brings severe risk of carpal tunnel Checklists can help... a little Settings you care about buried with everything else Missing: Reviewing Auditing History Reliable documentation Drift correction © 2012 Cisco and/or its affiliates. All rights reserved. 2
•  What do they do? Configure resources on your systems so you don’t have to! Systems transition from current state to desired state. Maintain the configuration state in “code” Are idempotent •  Problems they solve: Lots of systems get configured Facilitate config management ( use git/gerrit) – Bad configuration can be worse than no configuration Correct “drift” Allow staging, rollback Auditing Can programmatically create higher level “service” configurations. © 2012 Cisco and/or its affiliates. All rights reserved. 3
•  Ansible, CFEngine, B2Cfg, smartfrog, fabric, numerous others… •  All frameworks work in the same (old) problem domain; Config automation. •  Differences lie in: Degree of adoption Business and service model of authors Domain Specific Language, Programming Language Platforms supported Specializations: General IT, Orchestration Architecture; proxies, push-pull model, scale-out. Extensibility framework Deterministic resource ordering Good dose of religion… © 2012 Cisco and/or its affiliates. All rights reserved. 4
•  Puppet is client (node agent) – server (master) software framework designed to automate node configuration and reporting. •  Puppet master stores target high level resource “manifest” (intent) for nodes. Manifest is compiled by the master based on “facts” collected from the node. This is a “catalog” that gets sent to nodes •  Puppet client interprets catalog and selects methods to arrive at the target configuration of the resources © 2012 Cisco and/or its affiliates. All rights reserved. 5
•  Chef software framework is comprised of Chef Server, Chef Client (agent/node), Chef Workstation. •  Server stores target high level configurations expressed in Ruby (cookbooks). Recipes in the cookbook define what is required to configure a node. •  Cookbooks/recipes combined with attributes determine a node’s target “node-object” configuration. Server stores a representation of each node object •  Chef client build the node object from received cookbooks, recipes, etc. Clients run “Ohai” to collect local attributes on each chef run. •  Workstation is used to author cookbooks and recipes. Uses “knife” to load these and interact with the Chef server. © 2012 Cisco and/or its affiliates. All rights reserved. 6
© 2012 Cisco and/or its affiliates. All rights reserved. 7
CLI New Paradigm Network OS SNMP HTML Monitoring XML AAA Interface CDP App Policy Discovery Syslog Netflow C Java Python Routing Data Plane Ruby Events Routing Protocols Span © 2012 Cisco and/or its affiliates. All rights reserved. Actions App EEM (TCL) Anything you can think of Traditional Approach 8
YOUR Applications Cross OS Network Programming Environment to: Program •  Innovate API Presentation •  Extend onePK •  Automate onePK IPC Channel •  Customize API Infrastructure •  Enhance Router/ Switch © 2012 Cisco and/or its affiliates. All rights reserved. •  Modify Catalyst Nexus ASR ISR 9
Choose the Hosting Model that Suits Your Platform and Your Application On An External Server •  Plentiful memory/compute •  Higher latency and delay •  Supported on by all platforms App App Ideal for Device Agents •  Dedicated memory/compute •  Low latency and delay •  Requires modular hardware blade On the Router App © 2012 Cisco and/or its affiliates. All rights reserved. Blade On A Hardware Blade -No “End “Blad e” e “Proc •  Shared memory/compute •  Very low latency and delay •  Requires modular software architecture de” ss” 10 10
C, Java, Python (Ruby) Program onePK API Presentation onePK API Infrastructure IOS / XE (Catalyst, ISR, ASR1K) © 2012 Cisco and/or its affiliates. All rights reserved. NXOS (Nexus Platforms) IOS XR (ASR 9K, CRS) 11
Base Service Set Description Data Path Provides packet delivery service to application: Copy, Punt, Inject Policy Provides filtering (NBAR, ACL), classification (Class-maps, Policy-maps), actions (Marking, Policing, Queuing, Copy, Punt) and applying policies to interfaces on network elements Routing Read RIB routes, add/remove routes, receive RIB notifications Element Get element properties, CPU/memory statistics, network interfaces, element and interface events Discovery L3 topology and local service discovery Utility Syslog events notification, Path tracing capabilities (ingress/egress and interface stats, next-hop info, etc.) Developer Debug capability, CLI extension which allows application to extend/integrate application’s CLIs with network element © 2012 Cisco and/or its affiliates. All rights reserved. Used by onePK Puppet/Chef Agent 12
Linux Container Management Agents •  onePK provides manageability abstraction. Traditional Management Agents (CLI, syslog, SNMP, XML) Manageability Abstraction Next Generation New agents Management (Puppet, Chef,..) Agents (Puppet, …) onePK PL Transport/Marshaling onePK AL OS Shim Consistent across cisco OSes Exposes dynamic device state and configuration •  Linux Container Runs distribution on OS kernel Fitted with cisco onepk libraries Device Management Infrastructure NXOS Helps avoid CLI scraping OS-specific Management Infrastructure XOS and Component APIs Isolates application failures from Network Element Flexibility for application developers Device Components © 2012 Cisco and/or its affiliates. All rights reserved. 13
Device Agent Master/ Server Device Proxy Agent Master/ Server Device Proxy Agent Agent Agent OnePK OnePK SSH, OnePK Linux container(s) on NXOS © 2012 Cisco and/or its affiliates. All rights reserved. 14
Device Agent Pros: -  Each Agent maps directly to managed Master device -  machine’s characteristics (facts) exposed as own -  Easily extensible. Does not require core puppet code changes -  Automated agent plugin code download Agent Agent from master OnePK OnePK -  Better Scale -  Integration with CLI Cons: -  Requires LXC container capability on Linux device container(s) on NXOS © 2012 Cisco and/or its affiliates. All rights reserved. Device Proxy Agent Pros: -  No specific device requirements Master -  One agent could proxy for multiple machines Cons: -  More complicated agent (device proxy). Device Proxy -  Requires extensions in core “device” mode Agent code -  Scale and authentication management SSH, OnePK 15
© 2012 Cisco and/or its affiliates. All rights reserved. 16
class cisco_onep { $ciscodev = ”n3k-vlab" Cisco Device Cisco Interface cisco_device {$ciscodev: #log => debug, ensure => present, } cisco_interface { 'Ethernet1/5': switchport => access, access_vlan => 1000, } cisco_vlan { 1000: ensure => present, vlan_name => ’Green', state => active, } Cisco VLAN } © 2012 Cisco and/or its affiliates. All rights reserved. 17
Master Nexus Switch 1. Request Container Puppet Agent Classify 2. Reply onePK Module onePK API Compile 3. Execute onePK Infra © 2012 Cisco and/or its affiliates. All rights reserved. 4. Report Report 18
•  Puppet agent is available for EFT Currently Nexus 3000k and 7000k only Cisco Plugin Resource Types + Providers Master plugin and agent container image – not directly customer accessible •  Chef agent coming up Currently Nexus 3000k and 7000k only Heavy Weight Resource Provider add-on Agent Container image – not directly customer accessible •  Initial set of capabilities for each: Device characteristics Interface and VLAN configuration STP configuration •  If you’d like extend the agents – contact your cisco account manager/partner. J © 2012 Cisco and/or its affiliates. All rights reserved. 19
•  Plenty of Configuration Management Automation tools out there Help with the task of running operations at scale Puppet and Chef are two of the more popular/mature ones •  Cisco One-PK Cisco device library set and SDK allowing development of applications for controlling/configuring cisco devices Language bindings available in C, Java, Python, (Ruby). (Or SWIG your own ;-) ) •  Puppet and Chef agents for Nexus switches built using One-Pk Helps automate the production resources. Will be available as a switch container image + server extension package. © 2012 Cisco and/or its affiliates. All rights reserved. 20
NXOS Puppet Agent DHCP Server SCP Server Puppet Master N3k “bare –metal” N3k Power-on DHCP Solicit (POAP options) DHCP Offer (POAP script, config file name, image names) Base OS and Configuration (not puppet managed) SCP copy (config, images) Base Configuration activated and container installed Puppet device agent run triggered OnePK API used for device facts collection Production Resources configuration(puppet managed) Puppet (Facts collection: name, mac-address, current config, etc) Puppet (Catalog: target Interface and VLAN, config, etc) N3k VLANs configured © 2012 Cisco and/or its affiliates. All rights reserved. Puppet Master determines catalog OnePK API used for device configuration 21
Thank you © 2012 Cisco and/or its affiliates. All rights reserved. 2010 22
onePK Puppet Agent CLI - Configuration Command Description Example Onep Application Application-name onep applications puppet Puppet Version puppet v0.8 Master Puppet Master IPv4/FQDN and Port master bxb-oa-linux2.cisco.com port 8999 VRF VRF name vrf management Cert-name Certificate name: Support shared certificate and non-shared certificate cert-name n3k-oa-3.cisco.com Environment Environment (categorization) environment bxb_oa_n3k_3 Node-name Node name node-name facter Default-username Device credentials default-username lab password lab Run-interval Run frequency run-interval 180 Domain-name Domain name domain-name cisco.com Splay Pseduo random frequency add splay splay-limit 60 Activate Activate daemon mode activate Name-server DNS name-server 173.37.87.157 © 2012 Cisco and/or its affiliates. All rights reserved. 23
onePK Puppet Agent CLI – Execution & Monitoring Command Group Description Example Noop Execute Noop execution execute onep application puppet v0.8 puppet_agent agent-noop Oneshot Execute One time execution execute onep application puppet v0.8 puppet_agent agent-oneshot Ssl-all Clear Clear all certificates and private keys clear onep application puppet v0.8 puppet_agent ssl-all Ssl-cert Clear Clear certificate clear onep application puppet v0.8 puppet_agent ssl-cert Show Oper Data Show Show puppet agent config data (master (server) name, run interval, etc.) show onep application puppet v0.8 puppet_to agent agent oper-data Show Last Exec Log Show Show log from most recent noop or oneshot mode run (exec mode run) show onep application puppet v0.8 puppet_agent agent last-execlog Show Run History Show Show logs from most recent daemon mode runs show onep application puppet v0.8 puppet_agent agent run-history run-number 1 Show Puppet Config Show Shows puppet agent –config print all show onep application puppet v0.8 puppet_agent config Show Puppet Copyright Show Show Puppet Agent copyright show onep application puppet v0.8 puppet_agent copyright Show Facter Show Show all facter variables. show onep application puppet v0.8 puppet_agent facter Show Log CLI Show Troubleshooting support show onep application puppet v0.8 puppet_agent agent log cli © 2012 Cisco and/or its affiliates. All rights reserved. 24
onePK Puppet Agent CLI – Debug Command Group Description Example Debug Puppet Agent Level Debug Enable debug level (verbose, etc.) debug onep application puppet v0.8 puppet_agent agent level 1 Debug Puppet CLI Debug CLI Troubleshooting debug onep application puppet v0.8 puppet_agent cli Debug Puppet pmgmt Debug Management daemon troubleshooting debug onep application puppet v0.8 puppet_agent pmgmt Debug Puppet Util Debug Utility troubleshooting debug onep application puppet v0.8 puppet_agent util © 2012 Cisco and/or its affiliates. All rights reserved. 25
© 2012 Cisco and/or its affiliates. All rights reserved. 26

Empfohlen

JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
0xdaryl
 
JavaOne 2015: From Java Code to Machine Code
JavaOne 2015: From Java Code to Machine CodeJavaOne 2015: From Java Code to Machine Code
JavaOne 2015: From Java Code to Machine Code
Chris Bailey
 
Apic dc api deep dive
Apic dc api deep dive Apic dc api deep dive
Apic dc api deep dive
Cisco DevNet
 
Custom Buildpacks and Data Services
Custom Buildpacks and Data ServicesCustom Buildpacks and Data Services
Custom Buildpacks and Data Services
Tom Kranz
 
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
Cisco DevNet
 
Peering Inside the Black Box: A Case for Observability
Peering Inside the Black Box: A Case for ObservabilityPeering Inside the Black Box: A Case for Observability
Peering Inside the Black Box: A Case for Observability
VMware Tanzu
 
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
Simplilearn
 
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWSConfiguring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Puppet
 

Empfohlen

JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
JavaOne 2015 CON7547 "Beyond the Coffee Cup: Leveraging Java Runtime Technolo...
0xdaryl
 
JavaOne 2015: From Java Code to Machine Code
JavaOne 2015: From Java Code to Machine CodeJavaOne 2015: From Java Code to Machine Code
JavaOne 2015: From Java Code to Machine Code
Chris Bailey
 
Apic dc api deep dive
Apic dc api deep dive Apic dc api deep dive
Apic dc api deep dive
Cisco DevNet
 
Custom Buildpacks and Data Services
Custom Buildpacks and Data ServicesCustom Buildpacks and Data Services
Custom Buildpacks and Data Services
Tom Kranz
 
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
DEVNET-2002 Coding 201: Coding Skills 201: Going Further with REST and Python...
Cisco DevNet
 
Peering Inside the Black Box: A Case for Observability
Peering Inside the Black Box: A Case for ObservabilityPeering Inside the Black Box: A Case for Observability
Peering Inside the Black Box: A Case for Observability
VMware Tanzu
 
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
What is Puppet? | How Puppet Works? | Puppet Tutorial For Beginners | DevOps ...
Simplilearn
 
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWSConfiguring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Configuring Highly Scalable Compile Masters, Vasco Cardoso, AWS
Puppet
 
Beyond AEM Curl Commands
Beyond AEM Curl CommandsBeyond AEM Curl Commands
Beyond AEM Curl Commands
Cliffano Subagio
 
Reactive Java EE - Let Me Count the Ways!
Reactive Java EE - Let Me Count the Ways!Reactive Java EE - Let Me Count the Ways!
Reactive Java EE - Let Me Count the Ways!
Reza Rahman
 
API Design Principles Essential 
API Design Principles Essential API Design Principles Essential 
API Design Principles Essential 
Oracle Korea
 
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
Daniel Bryant
 
JavaOne 2014 BOF4241 What's Next for JSF?
JavaOne 2014 BOF4241 What's Next for JSF?JavaOne 2014 BOF4241 What's Next for JSF?
JavaOne 2014 BOF4241 What's Next for JSF?
Edward Burns
 
InterConnect2016: WebApp Architectures with Java and Node.js
InterConnect2016: WebApp Architectures with Java and Node.jsInterConnect2016: WebApp Architectures with Java and Node.js
InterConnect2016: WebApp Architectures with Java and Node.js
Chris Bailey
 
Compliance Automation with InSpec - Chef NYC Meetup - April 2017
Compliance Automation with InSpec - Chef NYC Meetup - April 2017Compliance Automation with InSpec - Chef NYC Meetup - April 2017
Compliance Automation with InSpec - Chef NYC Meetup - April 2017
adamleff
 
WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015
Pavel Bucek
 
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
Mark West
 
Node.js vs Play Framework
Node.js vs Play FrameworkNode.js vs Play Framework
Node.js vs Play Framework
Yevgeniy Brikman
 
Building microservice for api with helidon and cicd pipeline
Building microservice for api with helidon and cicd pipelineBuilding microservice for api with helidon and cicd pipeline
Building microservice for api with helidon and cicd pipeline
DonghuKIM2
 
Troubleshooting Puppet
Troubleshooting PuppetTroubleshooting Puppet
Troubleshooting Puppet
Thomas Howard Uphill
 
Api design and prototype
Api design and prototypeApi design and prototype
Api design and prototype
DonghuKIM2
 
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundryCloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
Jack-Junjie Cai
 
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
Julian Robichaux
 
Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
Puppet
 
Spring - CDI Interop
Spring - CDI InteropSpring - CDI Interop
Spring - CDI Interop
Ray Ploski
 
Migrating From Applets to Java Desktop Apps in JavaFX
Migrating From Applets to Java Desktop Apps in JavaFXMigrating From Applets to Java Desktop Apps in JavaFX
Migrating From Applets to Java Desktop Apps in JavaFX
Bruno Borges
 
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Bhakti Mehta
 
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDIMigrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Mario-Leander Reimer
 
Learn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMLearn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VM
Kumaran Balachandran
 
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do ItChef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
RightScale
 

Weitere ähnliche Inhalte

Was ist angesagt?

J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
Daniel Bryant
 
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
Mark West
 
Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
Puppet
 
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDIMigrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Mario-Leander Reimer
 

Was ist angesagt? (20)

Beyond AEM Curl Commands
Beyond AEM Curl CommandsBeyond AEM Curl Commands
Beyond AEM Curl Commands
 
Reactive Java EE - Let Me Count the Ways!
Reactive Java EE - Let Me Count the Ways!Reactive Java EE - Let Me Count the Ways!
Reactive Java EE - Let Me Count the Ways!
 
API Design Principles Essential 
API Design Principles Essential API Design Principles Essential 
API Design Principles Essential 
 
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
J1 2015 "Debugging Java Apps in Containers: No Heavy Welding Gear Required"
 
JavaOne 2014 BOF4241 What's Next for JSF?
JavaOne 2014 BOF4241 What's Next for JSF?JavaOne 2014 BOF4241 What's Next for JSF?
JavaOne 2014 BOF4241 What's Next for JSF?
 
InterConnect2016: WebApp Architectures with Java and Node.js
InterConnect2016: WebApp Architectures with Java and Node.jsInterConnect2016: WebApp Architectures with Java and Node.js
InterConnect2016: WebApp Architectures with Java and Node.js
 
Compliance Automation with InSpec - Chef NYC Meetup - April 2017
Compliance Automation with InSpec - Chef NYC Meetup - April 2017Compliance Automation with InSpec - Chef NYC Meetup - April 2017
Compliance Automation with InSpec - Chef NYC Meetup - April 2017
 
WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015WebSocket in Enterprise Applications 2015
WebSocket in Enterprise Applications 2015
 
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
JavaOne 2015 : How I Rediscovered My Coding Mojo by Building an IoT/Robotics ...
 
Node.js vs Play Framework
Node.js vs Play FrameworkNode.js vs Play Framework
Node.js vs Play Framework
 
Building microservice for api with helidon and cicd pipeline
Building microservice for api with helidon and cicd pipelineBuilding microservice for api with helidon and cicd pipeline
Building microservice for api with helidon and cicd pipeline
 
Troubleshooting Puppet
Troubleshooting PuppetTroubleshooting Puppet
Troubleshooting Puppet
 
Api design and prototype
Api design and prototypeApi design and prototype
Api design and prototype
 
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundryCloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
Cloud Foundry Summit 2015: 10 common errors when pushing apps to cloud foundry
 
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
Connect2017 DEV-1550 Why Java 8? Or, What's a Lambda?
 
Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
 
Spring - CDI Interop
Spring - CDI InteropSpring - CDI Interop
Spring - CDI Interop
 
Migrating From Applets to Java Desktop Apps in JavaFX
Migrating From Applets to Java Desktop Apps in JavaFXMigrating From Applets to Java Desktop Apps in JavaFX
Migrating From Applets to Java Desktop Apps in JavaFX
 
Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...Expect the unexpected: Anticipate and prepare for failures in microservices b...
Expect the unexpected: Anticipate and prepare for failures in microservices b...
 
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDIMigrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
Migrating a JSF-Based Web Application from Spring 3 to Java EE 7 and CDI
 

Andere mochten auch

Andere mochten auch (9)

Learn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VMLearn Puppet : Quest Guide for the Learning VM
Learn Puppet : Quest Guide for the Learning VM
 
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do ItChef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
Chef vs. Puppet in the Cloud: How Telepictures and MoneySuperMarket Do It
 
Cfengine vs Puppet vs Chef: A Guide for Stressed Developers
Cfengine vs Puppet vs Chef: A Guide for Stressed DevelopersCfengine vs Puppet vs Chef: A Guide for Stressed Developers
Cfengine vs Puppet vs Chef: A Guide for Stressed Developers
 
Puppet vs. Chef - The Battle Wages On
Puppet vs. Chef - The Battle Wages OnPuppet vs. Chef - The Battle Wages On
Puppet vs. Chef - The Battle Wages On
 
Learning Puppet Chapter 1
Learning Puppet Chapter 1Learning Puppet Chapter 1
Learning Puppet Chapter 1
 
Learning puppet chapter 3
Learning puppet chapter 3Learning puppet chapter 3
Learning puppet chapter 3
 
DevOps Cardiff - Puppet vs Chef vs Ansible
DevOps Cardiff - Puppet vs Chef vs AnsibleDevOps Cardiff - Puppet vs Chef vs Ansible
DevOps Cardiff - Puppet vs Chef vs Ansible
 
Devops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with PuppetDevops : Automate Your Infrastructure with Puppet
Devops : Automate Your Infrastructure with Puppet
 
Puppet overview
Puppet overviewPuppet overview
Puppet overview
 

Ähnlich wie Puppet devops wdec

OS for AI: Elastic Microservices & the Next Gen of ML
OS for AI: Elastic Microservices & the Next Gen of MLOS for AI: Elastic Microservices & the Next Gen of ML
OS for AI: Elastic Microservices & the Next Gen of ML
Nordic APIs
 
"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
Volker Linz
 
Lenovo xClarity - Presentacion - ITALTEL.pptx
Lenovo xClarity - Presentacion - ITALTEL.pptxLenovo xClarity - Presentacion - ITALTEL.pptx
Lenovo xClarity - Presentacion - ITALTEL.pptx
JairVelasquezParraga
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
Josef Adersberger
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
QAware GmbH
 
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
GetInData
 

Ähnlich wie Puppet devops wdec (20)

Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
 
Cisco Automation with Puppet and onePK - PuppetConf 2013
Cisco Automation with Puppet and onePK - PuppetConf 2013Cisco Automation with Puppet and onePK - PuppetConf 2013
Cisco Automation with Puppet and onePK - PuppetConf 2013
 
Configuration Management Tools on NX-OS
Configuration Management Tools on NX-OSConfiguration Management Tools on NX-OS
Configuration Management Tools on NX-OS
 
OpenStack with OpenDaylight
OpenStack with OpenDaylightOpenStack with OpenDaylight
OpenStack with OpenDaylight
 
To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…To Build My Own Cloud with Blackjack…
To Build My Own Cloud with Blackjack…
 
OS for AI: Elastic Microservices & the Next Gen of ML
OS for AI: Elastic Microservices & the Next Gen of MLOS for AI: Elastic Microservices & the Next Gen of ML
OS for AI: Elastic Microservices & the Next Gen of ML
 
"Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?""Wie passen Serverless & Autonomous zusammen?"
"Wie passen Serverless & Autonomous zusammen?"
 
Lenovo xClarity - Presentacion - ITALTEL.pptx
Lenovo xClarity - Presentacion - ITALTEL.pptxLenovo xClarity - Presentacion - ITALTEL.pptx
Lenovo xClarity - Presentacion - ITALTEL.pptx
 
Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOps
 
Automation in Network Lifecycle Management - Bay Area Juniper Meetup
Automation in Network Lifecycle Management - Bay Area Juniper MeetupAutomation in Network Lifecycle Management - Bay Area Juniper Meetup
Automation in Network Lifecycle Management - Bay Area Juniper Meetup
 
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ... The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
The Good, the Bad and the Ugly of Migrating Hundreds of Legacy Applications ...
 
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
Migrating Hundreds of Legacy Applications to Kubernetes - The Good, the Bad, ...
 
Cont0519
Cont0519Cont0519
Cont0519
 
Łukasz Romaszewski on Internet of Things Raspberry Pi and Java Embedded JavaC...
Łukasz Romaszewski on Internet of Things Raspberry Pi and Java Embedded JavaC...Łukasz Romaszewski on Internet of Things Raspberry Pi and Java Embedded JavaC...
Łukasz Romaszewski on Internet of Things Raspberry Pi and Java Embedded JavaC...
 
Operational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU SeminarOperational Visibiliy and Analytics - BU Seminar
Operational Visibiliy and Analytics - BU Seminar
 
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
Functioning incessantly of Data Science Platform with Kubeflow - Albert Lewan...
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kubernetes
 
keerthi-resume
keerthi-resumekeerthi-resume
keerthi-resume
 
Infrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & ToolsInfrastructure as Code - Getting Started, Concepts & Tools
Infrastructure as Code - Getting Started, Concepts & Tools
 
PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...
PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...
PLNOG16: Automatyzacja kreaowania usług operatorskich w separacji od rodzaju ...
 

Kürzlich hochgeladen

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

Puppet devops wdec

  • 1. Cisco configuration automation using puppet/chef Amsterdam DevOps Meetup © 2010 Cisco and/or its affiliates. All rights reserved. 1
  • 2. •  Automated configuration vs. Manual configuration •  Manual configuration: Just log in and do it! Fine for very small number of systems – a very small number Attempting to scale brings severe risk of carpal tunnel Checklists can help... a little Settings you care about buried with everything else Missing: Reviewing Auditing History Reliable documentation Drift correction © 2012 Cisco and/or its affiliates. All rights reserved. 2
  • 3. •  What do they do? Configure resources on your systems so you don’t have to! Systems transition from current state to desired state. Maintain the configuration state in “code” Are idempotent •  Problems they solve: Lots of systems get configured Facilitate config management ( use git/gerrit) – Bad configuration can be worse than no configuration Correct “drift” Allow staging, rollback Auditing Can programmatically create higher level “service” configurations. © 2012 Cisco and/or its affiliates. All rights reserved. 3
  • 4. •  Ansible, CFEngine, B2Cfg, smartfrog, fabric, numerous others… •  All frameworks work in the same (old) problem domain; Config automation. •  Differences lie in: Degree of adoption Business and service model of authors Domain Specific Language, Programming Language Platforms supported Specializations: General IT, Orchestration Architecture; proxies, push-pull model, scale-out. Extensibility framework Deterministic resource ordering Good dose of religion… © 2012 Cisco and/or its affiliates. All rights reserved. 4
  • 5. •  Puppet is client (node agent) – server (master) software framework designed to automate node configuration and reporting. •  Puppet master stores target high level resource “manifest” (intent) for nodes. Manifest is compiled by the master based on “facts” collected from the node. This is a “catalog” that gets sent to nodes •  Puppet client interprets catalog and selects methods to arrive at the target configuration of the resources © 2012 Cisco and/or its affiliates. All rights reserved. 5
  • 6. •  Chef software framework is comprised of Chef Server, Chef Client (agent/node), Chef Workstation. •  Server stores target high level configurations expressed in Ruby (cookbooks). Recipes in the cookbook define what is required to configure a node. •  Cookbooks/recipes combined with attributes determine a node’s target “node-object” configuration. Server stores a representation of each node object •  Chef client build the node object from received cookbooks, recipes, etc. Clients run “Ohai” to collect local attributes on each chef run. •  Workstation is used to author cookbooks and recipes. Uses “knife” to load these and interact with the Chef server. © 2012 Cisco and/or its affiliates. All rights reserved. 6
  • 7. © 2012 Cisco and/or its affiliates. All rights reserved. 7
  • 8. CLI New Paradigm Network OS SNMP HTML Monitoring XML AAA Interface CDP App Policy Discovery Syslog Netflow C Java Python Routing Data Plane Ruby Events Routing Protocols Span © 2012 Cisco and/or its affiliates. All rights reserved. Actions App EEM (TCL) Anything you can think of Traditional Approach 8
  • 9. YOUR Applications Cross OS Network Programming Environment to: Program •  Innovate API Presentation •  Extend onePK •  Automate onePK IPC Channel •  Customize API Infrastructure •  Enhance Router/ Switch © 2012 Cisco and/or its affiliates. All rights reserved. •  Modify Catalyst Nexus ASR ISR 9
  • 10. Choose the Hosting Model that Suits Your Platform and Your Application On An External Server •  Plentiful memory/compute •  Higher latency and delay •  Supported on by all platforms App App Ideal for Device Agents •  Dedicated memory/compute •  Low latency and delay •  Requires modular hardware blade On the Router App © 2012 Cisco and/or its affiliates. All rights reserved. Blade On A Hardware Blade -No “End “Blad e” e “Proc •  Shared memory/compute •  Very low latency and delay •  Requires modular software architecture de” ss” 10 10
  • 11. C, Java, Python (Ruby) Program onePK API Presentation onePK API Infrastructure IOS / XE (Catalyst, ISR, ASR1K) © 2012 Cisco and/or its affiliates. All rights reserved. NXOS (Nexus Platforms) IOS XR (ASR 9K, CRS) 11
  • 12. Base Service Set Description Data Path Provides packet delivery service to application: Copy, Punt, Inject Policy Provides filtering (NBAR, ACL), classification (Class-maps, Policy-maps), actions (Marking, Policing, Queuing, Copy, Punt) and applying policies to interfaces on network elements Routing Read RIB routes, add/remove routes, receive RIB notifications Element Get element properties, CPU/memory statistics, network interfaces, element and interface events Discovery L3 topology and local service discovery Utility Syslog events notification, Path tracing capabilities (ingress/egress and interface stats, next-hop info, etc.) Developer Debug capability, CLI extension which allows application to extend/integrate application’s CLIs with network element © 2012 Cisco and/or its affiliates. All rights reserved. Used by onePK Puppet/Chef Agent 12
  • 13. Linux Container Management Agents •  onePK provides manageability abstraction. Traditional Management Agents (CLI, syslog, SNMP, XML) Manageability Abstraction Next Generation New agents Management (Puppet, Chef,..) Agents (Puppet, …) onePK PL Transport/Marshaling onePK AL OS Shim Consistent across cisco OSes Exposes dynamic device state and configuration •  Linux Container Runs distribution on OS kernel Fitted with cisco onepk libraries Device Management Infrastructure NXOS Helps avoid CLI scraping OS-specific Management Infrastructure XOS and Component APIs Isolates application failures from Network Element Flexibility for application developers Device Components © 2012 Cisco and/or its affiliates. All rights reserved. 13
  • 14. Device Agent Master/ Server Device Proxy Agent Master/ Server Device Proxy Agent Agent Agent OnePK OnePK SSH, OnePK Linux container(s) on NXOS © 2012 Cisco and/or its affiliates. All rights reserved. 14
  • 15. Device Agent Pros: -  Each Agent maps directly to managed Master device -  machine’s characteristics (facts) exposed as own -  Easily extensible. Does not require core puppet code changes -  Automated agent plugin code download Agent Agent from master OnePK OnePK -  Better Scale -  Integration with CLI Cons: -  Requires LXC container capability on Linux device container(s) on NXOS © 2012 Cisco and/or its affiliates. All rights reserved. Device Proxy Agent Pros: -  No specific device requirements Master -  One agent could proxy for multiple machines Cons: -  More complicated agent (device proxy). Device Proxy -  Requires extensions in core “device” mode Agent code -  Scale and authentication management SSH, OnePK 15
  • 16. © 2012 Cisco and/or its affiliates. All rights reserved. 16
  • 17. class cisco_onep { $ciscodev = ”n3k-vlab" Cisco Device Cisco Interface cisco_device {$ciscodev: #log => debug, ensure => present, } cisco_interface { 'Ethernet1/5': switchport => access, access_vlan => 1000, } cisco_vlan { 1000: ensure => present, vlan_name => ’Green', state => active, } Cisco VLAN } © 2012 Cisco and/or its affiliates. All rights reserved. 17
  • 18. Master Nexus Switch 1. Request Container Puppet Agent Classify 2. Reply onePK Module onePK API Compile 3. Execute onePK Infra © 2012 Cisco and/or its affiliates. All rights reserved. 4. Report Report 18
  • 19. •  Puppet agent is available for EFT Currently Nexus 3000k and 7000k only Cisco Plugin Resource Types + Providers Master plugin and agent container image – not directly customer accessible •  Chef agent coming up Currently Nexus 3000k and 7000k only Heavy Weight Resource Provider add-on Agent Container image – not directly customer accessible •  Initial set of capabilities for each: Device characteristics Interface and VLAN configuration STP configuration •  If you’d like extend the agents – contact your cisco account manager/partner. J © 2012 Cisco and/or its affiliates. All rights reserved. 19
  • 20. •  Plenty of Configuration Management Automation tools out there Help with the task of running operations at scale Puppet and Chef are two of the more popular/mature ones •  Cisco One-PK Cisco device library set and SDK allowing development of applications for controlling/configuring cisco devices Language bindings available in C, Java, Python, (Ruby). (Or SWIG your own ;-) ) •  Puppet and Chef agents for Nexus switches built using One-Pk Helps automate the production resources. Will be available as a switch container image + server extension package. © 2012 Cisco and/or its affiliates. All rights reserved. 20
  • 21. NXOS Puppet Agent DHCP Server SCP Server Puppet Master N3k “bare –metal” N3k Power-on DHCP Solicit (POAP options) DHCP Offer (POAP script, config file name, image names) Base OS and Configuration (not puppet managed) SCP copy (config, images) Base Configuration activated and container installed Puppet device agent run triggered OnePK API used for device facts collection Production Resources configuration(puppet managed) Puppet (Facts collection: name, mac-address, current config, etc) Puppet (Catalog: target Interface and VLAN, config, etc) N3k VLANs configured © 2012 Cisco and/or its affiliates. All rights reserved. Puppet Master determines catalog OnePK API used for device configuration 21
  • 22. Thank you © 2012 Cisco and/or its affiliates. All rights reserved. 2010 22
  • 23. onePK Puppet Agent CLI - Configuration Command Description Example Onep Application Application-name onep applications puppet Puppet Version puppet v0.8 Master Puppet Master IPv4/FQDN and Port master bxb-oa-linux2.cisco.com port 8999 VRF VRF name vrf management Cert-name Certificate name: Support shared certificate and non-shared certificate cert-name n3k-oa-3.cisco.com Environment Environment (categorization) environment bxb_oa_n3k_3 Node-name Node name node-name facter Default-username Device credentials default-username lab password lab Run-interval Run frequency run-interval 180 Domain-name Domain name domain-name cisco.com Splay Pseduo random frequency add splay splay-limit 60 Activate Activate daemon mode activate Name-server DNS name-server 173.37.87.157 © 2012 Cisco and/or its affiliates. All rights reserved. 23
  • 24. onePK Puppet Agent CLI – Execution & Monitoring Command Group Description Example Noop Execute Noop execution execute onep application puppet v0.8 puppet_agent agent-noop Oneshot Execute One time execution execute onep application puppet v0.8 puppet_agent agent-oneshot Ssl-all Clear Clear all certificates and private keys clear onep application puppet v0.8 puppet_agent ssl-all Ssl-cert Clear Clear certificate clear onep application puppet v0.8 puppet_agent ssl-cert Show Oper Data Show Show puppet agent config data (master (server) name, run interval, etc.) show onep application puppet v0.8 puppet_to agent agent oper-data Show Last Exec Log Show Show log from most recent noop or oneshot mode run (exec mode run) show onep application puppet v0.8 puppet_agent agent last-execlog Show Run History Show Show logs from most recent daemon mode runs show onep application puppet v0.8 puppet_agent agent run-history run-number 1 Show Puppet Config Show Shows puppet agent –config print all show onep application puppet v0.8 puppet_agent config Show Puppet Copyright Show Show Puppet Agent copyright show onep application puppet v0.8 puppet_agent copyright Show Facter Show Show all facter variables. show onep application puppet v0.8 puppet_agent facter Show Log CLI Show Troubleshooting support show onep application puppet v0.8 puppet_agent agent log cli © 2012 Cisco and/or its affiliates. All rights reserved. 24
  • 25. onePK Puppet Agent CLI – Debug Command Group Description Example Debug Puppet Agent Level Debug Enable debug level (verbose, etc.) debug onep application puppet v0.8 puppet_agent agent level 1 Debug Puppet CLI Debug CLI Troubleshooting debug onep application puppet v0.8 puppet_agent cli Debug Puppet pmgmt Debug Management daemon troubleshooting debug onep application puppet v0.8 puppet_agent pmgmt Debug Puppet Util Debug Utility troubleshooting debug onep application puppet v0.8 puppet_agent util © 2012 Cisco and/or its affiliates. All rights reserved. 25
  • 26. © 2012 Cisco and/or its affiliates. All rights reserved. 26