SlideShare uma empresa Scribd logo

This is the way - Holistic (Network) Automation

Maximilan Wilhelm
Maximilan Wilhelm

The Systems Engineering / SRE world has undergone a shift of thinking towards intend driven holistic configuration management a long time ago, but it feels like the majority of network automation solutions are still following the idea of making incremental changes to the routers and switches out there, which at the same time might also be managed manually by operators typing (or copying) magic spells into a CLI. This makes the device configuration the synchronization point and we don’t really have an idea of what this configuration will look like in full without checking back on the device. I believe we as Network (Automation) Engineers need to follow suit, make the mental shift to the holistic approach, let Perl, Shell and expect scripts be, and bring software engineering methods to network automation. This way we are able to tackle the problems at hand at an abstract level, build solutions which can be reasoned with, tested on their own, and scale to our needs. For the most daunting problem of configuration management this means plugging some of those systems together and building a solution which generates and owns the full device configuration. Dealing with diverging configuration parts, across the fleet, carefully cleaning up old approaches to configure X, doing incremental changes, and figuring out how to interact with a platform API, a dialect of NETCONF, YANG, etc. would all be from the past –-- wouldn’t that be great? A recording of this talk can be found at https://media.ccc.de/v/froscon2022-2820-this_is_the_way_-_holistic_network_automation

Engenharia
1 de 27
Baixar para ler offline
This is the way Holistic (Network) Automation FrOSCon 2022 Maximilian Wilhelm 1 / 27
Agenda 1. A little bit of history 2. Software Engineering Methods 3. Applying SWE Methods to Network Automation 4. Reality check 5. Q&A 2 / 27
Who's who Maximilian Wilhelm Networker Open Source Hacker Fanboy of (Debian) Linux (Linux) networking Occupation: By day: Network Automation Engineer at Cloudflare By night: Lead Infrastructure Architect, Freifunk Hochstift In between: Freelance Infrastructure Architect for hire Contact @BarbarossaTM max@sdn.clinic 3 / 27
A little bit of history 4 / 27
History When I was a student First IT job in early 2004 Institute of Mathematics at Paderborn University More or less separate network Some hundred clients and servers Fully automated install + management Home grown solution SDeployment Written in Shell (IIRC) (Un)install packages + maintain configuration Owns full configuration files Helped to find an intruder Managed to exchange sshd binary Didn't support Kerberos, so changed the config file SDeployment changed config file back and service failed to restart 5 / 27
History Birth of new automation tools Intent driven configuration Describe the desired state Packages (un)installed Presence (+content) or absence of a file Restart services on changes ... Solution makes sure to reach/keep that state Timeline of their birth (according to Wikipedia) 2003 bcfg2* 2005 Puppet 2009 Chef 2011 SaltStack 2012 Ansible 2012 Batou* * 1st GIT commit 6 / 27
History State of network configuration today Broad spectrum Operators typing or pasting magic spells into a CLI Deployment helpers called with explicit parameters Evolution: Expect, Perl, Python scripts Vendor solutions of different colors and sizes Up to full vendor lock-in SDN solutions Home-grown solutions, anywhere on the spectrum Up to Google size full magic solution 7 / 27
History Where does this leave us now? Wouldn't it be cool ... To remove all the toil from Network config management! So Network Engineers can focus on engineering To have a vendor independent solution? That can be tested and proven to do the right thing? That scales well? That is even Open Source? But, how would we build that? 8 / 27
History SWE Methods Software Engineering Methods 9 / 27
History SWE Methods Software Engineering Methods - Abstraction Operating Systems Drivers for hardware components I/O, Keyboard, Mice, Displays File systems for data storage Networking ISO/OSI or hour glass model Internet protocols (HTTP, SMTP, ...) Routing protocols (OSPF, IS-IS, BGP ...) 10 / 27
History SWE Methods Software Engineering Methods - Testing Unit tests Test function/method, class, package with knowledge of the inside White-box testing Integration test Useful for APIs or protocols Verify BGP implementations work with others Regression testing Something broke, we fixed it Make sure we notice when it breaks again 11 / 27
History SWE Methods Software Engineering Methods - Pipeline 12 / 27
History SWE Methods Applying SWE Methods Applying SWE Methods to Network Automation 13 / 27
History SWE Methods Applying SWE Methods Abstraction Codify network architecture and processes Topology + rules Vendor configuration details One large config file vs. different smaller ones Different dialects or even languages Generate vendor neutral config and translate from there 14 / 27
History SWE Methods Applying SWE Methods Topology - Example CGN 15 / 27
History SWE Methods Applying SWE Methods Topology - Example FFHO BB/DC-POP 1 (PAD1) DC-POP 2 (PAD2) DC-POP 3 (remote) VPN CR CSW CSW CR Dark Fiber Gateway Gateway Gateway RF BB-POP (WBBL-only, w/ APs) RF RF BBR RF APs BB-POP (WBBL + VPN, w/ APs) BBR RF APs POP 4 (PAD3) [planned] CR Gateway Dark Fiber [planned] RF RF CSW RF RF BB-POP (WBBL-only) RF RF BBR RF CR Internet FFHO Topologie (schematic) Legend Router Layer3 Switch Switch WiFi PTP link Access Point CWDM MUX Gateway KVM Hypervisor KVM KVM KVM 16 / 27
History SWE Methods Applying SWE Methods Nodes Represent devices Attributes Status, Role OS IPs (on interfaces) Location (rack ... region) Edges Represent links Attributes Status, Role Bandwidth, Distance, Priority ... Abstraction - Topology as a graph 17 / 27
History SWE Methods Applying SWE Methods Abstraction - Rules What would have an operator configured manually?* *If they did the right thing™ Examples, based on FFHO infrastructure Internal routing protocols (OSPS + iBGP) Learning of edge prefixes Automagically generated firewall rules (CoPP) ... 18 / 27
History SWE Methods Applying SWE Methods Software Engineering Methods - Pipeline Input IRM / DCIM + IPAM Any solution which offers an API, e.g. NetBox or Nautobot Any local database(s) holding business relevant information E.g. subscribers / services Process(es) Controller which gathers topology information and applies rules Generate vendor neutral configuration Translate configuration into required vendor configuration(s) Apply the config as an atomic operation (if possible) Micro service approach beneficial Output The complete generated configuration Vendor independent or vendor specific, depending on POV 19 / 27
History SWE Methods Applying SWE Methods Controller generates the vendor independent config Rules could be part of code or textual Translator generates vendor specific language from that Multiple config files for Linux routers Single config file for (e.g. Cisco) switches Translator also (can) apply config SaltStack, Ansible, ... Home grown Software Engineering Methods - Pipeline 20 / 27
History SWE Methods Applying SWE Methods Software Engineering Methods - Testing Unit tests Controller can be tested without touching production network Testing Translator can be harder Integration tests New controller versions can be tested against live data source Compare result with currently running production controller Does it generate the config we expect? No risk of impacting infrastructure Translator can be tested offline or in a lab Input: Static generic config from generator Apply config to lab device (VM?) Verify device config against expected result 21 / 27
History SWE Methods Applying SWE Methods Reality check Reality check 22 / 27
History SWE Methods Applying SWE Methods Reality check Reality check Does that exist? Not as Open Source Wait, but you have logic in Salt (FFHO) Yes, and I regret that. 23 / 27
History SWE Methods Applying SWE Methods Reality check Reality check - Lessons learned Data stored in pillar only usable inside Salt Limits flexibility a lot Evolution From input in pillar to NetBox From logic in Jinja templates to Python modules inside Salt Abstract NetBox data structures away with NACL Move more and more logic into NACL (e.g. iBGP mesh computation) Use Salt as translator instead of controller 24 / 27
History SWE Methods Applying SWE Methods Reality check Q&A Questions? 25 / 27
History SWE Methods Applying SWE Methods Reality check Q&A Questions & answers Why not generate the config within Salt or Ansible? How do you test that? Automatically? Limited to Python and the environment of the solution Why not buy vendor solution here? Because it's not vendor independent What do you do if it can't do X or is discontinued? Why not use NETCONF/YANG? Because it's not vendor independent enough And it's for iterative config changes Yes NETCONF can to complete config replace, but what's the point? 26 / 27
History SWE Methods Applying SWE Methods Reality check Q&A Questions? 27 / 27

Recomendados

NFV Testing
NFV TestingNFV Testing
NFV TestingOpen Networking Summit
 
Summit 16: How to Compose a New OPNFV Solution Stack?
Summit 16: How to Compose a New OPNFV Solution Stack?Summit 16: How to Compose a New OPNFV Solution Stack?
Summit 16: How to Compose a New OPNFV Solution Stack?OPNFV
 
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...Hirofumi Iwasaki
 
Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben Rodriguez
 
IPv4 to IPv6 network transformation
IPv4 to IPv6 network transformationIPv4 to IPv6 network transformation
IPv4 to IPv6 network transformationNikolay Milovanov
 
Summit 16: The Hitchhiker/Hacker's Guide to NFV Benchmarking
Summit 16: The Hitchhiker/Hacker's Guide to NFV BenchmarkingSummit 16: The Hitchhiker/Hacker's Guide to NFV Benchmarking
Summit 16: The Hitchhiker/Hacker's Guide to NFV BenchmarkingOPNFV
 
Dynamic Hadoop Clusters
Dynamic Hadoop ClustersDynamic Hadoop Clusters
Dynamic Hadoop ClustersSteve Loughran
 
Muves3 Elastic Grid Java One2009 Final
Muves3 Elastic Grid Java One2009 FinalMuves3 Elastic Grid Java One2009 Final
Muves3 Elastic Grid Java One2009 FinalElastic Grid, LLC.
 

Recomendados

NFV Testing
NFV TestingNFV Testing
NFV TestingOpen Networking Summit
 
Summit 16: How to Compose a New OPNFV Solution Stack?
Summit 16: How to Compose a New OPNFV Solution Stack?Summit 16: How to Compose a New OPNFV Solution Stack?
Summit 16: How to Compose a New OPNFV Solution Stack?OPNFV
 
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...
Java EE 7 with Apache Spark for the World’s Largest Credit Card Core Systems ...Hirofumi Iwasaki
 
Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben from Spirent talks at the SDN World Congress about the importance of and...
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben Rodriguez
 
IPv4 to IPv6 network transformation
IPv4 to IPv6 network transformationIPv4 to IPv6 network transformation
IPv4 to IPv6 network transformationNikolay Milovanov
 
Summit 16: The Hitchhiker/Hacker's Guide to NFV Benchmarking
Summit 16: The Hitchhiker/Hacker's Guide to NFV BenchmarkingSummit 16: The Hitchhiker/Hacker's Guide to NFV Benchmarking
Summit 16: The Hitchhiker/Hacker's Guide to NFV BenchmarkingOPNFV
 
Dynamic Hadoop Clusters
Dynamic Hadoop ClustersDynamic Hadoop Clusters
Dynamic Hadoop ClustersSteve Loughran
 
Muves3 Elastic Grid Java One2009 Final
Muves3 Elastic Grid Java One2009 FinalMuves3 Elastic Grid Java One2009 Final
Muves3 Elastic Grid Java One2009 FinalElastic Grid, LLC.
 
The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkThe Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkOpen Networking Summits
 
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)Virtualization and Cloud Management Solutions
 
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...ir. Carmelo Zaccone
 
SDN and metrics from the SDOs
SDN and metrics from the SDOsSDN and metrics from the SDOs
SDN and metrics from the SDOsOpen Networking Summit
 
Learn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVLearn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVGhodhbane Mohamed Amine
 
Monitoring federation open stack infrastructure
Monitoring federation open stack infrastructureMonitoring federation open stack infrastructure
Monitoring federation open stack infrastructureFernando Lopez Aguilar
 
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overviewIntroduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overviewCisco DevNet
 
1.Architecture
1.Architecture1.Architecture
1.Architecturephanleson
 
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14Stefano Salsano
 
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...Scott Donald
 
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...Rafael Ferreira da Silva
 
PROSE
PROSEPROSE
PROSEEric Van Hensbergen
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingOpenSourceIndia
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingsuniltomar04
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007Jorgen Thelin
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualizationidrajeev
 
Neo4j Vision and Roadmap
Neo4j Vision and Roadmap Neo4j Vision and Roadmap
Neo4j Vision and Roadmap Neo4j
 
optimizing_ceph_flash
optimizing_ceph_flashoptimizing_ceph_flash
optimizing_ceph_flashVijayendra Shamanna
 
Dean Hagen
Dean HagenDean Hagen
Dean HagenDean Hagen
 
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...Hirofumi Iwasaki
 
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Maximilan Wilhelm
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 

Mais conteúdo relacionado

Semelhante a This is the way - Holistic (Network) Automation

The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkThe Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkOpen Networking Summits
 
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...ir. Carmelo Zaccone
 
Learn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVLearn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVGhodhbane Mohamed Amine
 
Monitoring federation open stack infrastructure
Monitoring federation open stack infrastructureMonitoring federation open stack infrastructure
Monitoring federation open stack infrastructureFernando Lopez Aguilar
 
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overviewIntroduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overviewCisco DevNet
 
1.Architecture
1.Architecture1.Architecture
1.Architecturephanleson
 
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14Stefano Salsano
 
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...Scott Donald
 
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...Rafael Ferreira da Silva
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingOpenSourceIndia
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingsuniltomar04
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007Jorgen Thelin
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualizationidrajeev
 
Neo4j Vision and Roadmap
Neo4j Vision and Roadmap Neo4j Vision and Roadmap
Neo4j Vision and Roadmap Neo4j
 
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...Hirofumi Iwasaki
 

Semelhante a This is the way - Holistic (Network) Automation (20)

The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkThe Challenges of SDN/OpenFlow in an Operational and Large-scale Network
The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
 
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
 
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
Future Internet Week - IPv6 the way forward: IPv6 and security from a user’s ...
 
SDN and metrics from the SDOs
SDN and metrics from the SDOsSDN and metrics from the SDOs
SDN and metrics from the SDOs
 
Learn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVLearn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFV
 
Monitoring federation open stack infrastructure
Monitoring federation open stack infrastructureMonitoring federation open stack infrastructure
Monitoring federation open stack infrastructure
 
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overviewIntroduction to Data Models & Cisco's NextGen Device Level APIs: an overview
Introduction to Data Models & Cisco's NextGen Device Level APIs: an overview
 
1.Architecture
1.Architecture1.Architecture
1.Architecture
 
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
OSHI - Open Source Hybrid IP/SDN networking @EWSDN14
 
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
A Collaborative Research Proposal To The NSF Research Accelerator For Multip...
 
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
Running Accurate, Scalable, and Reproducible Simulations of Distributed Syste...
 
PROSE
PROSEPROSE
PROSE
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualization
 
Neo4j Vision and Roadmap
Neo4j Vision and Roadmap Neo4j Vision and Roadmap
Neo4j Vision and Roadmap
 
optimizing_ceph_flash
optimizing_ceph_flashoptimizing_ceph_flash
optimizing_ceph_flash
 
Dean Hagen
Dean HagenDean Hagen
Dean Hagen
 
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
Case Study: Credit Card Core System with Exalogic, Exadata, Oracle Cloud Mach...
 

Mais de Maximilan Wilhelm

Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Maximilan Wilhelm
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with LinuxMaximilan Wilhelm
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngMaximilan Wilhelm
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Maximilan Wilhelm
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Maximilan Wilhelm
 
Out-of-Band-Management für APU-Boards
Out-of-Band-Management für APU-BoardsOut-of-Band-Management für APU-Boards
Out-of-Band-Management für APU-BoardsMaximilan Wilhelm
 
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...Maximilan Wilhelm
 
Best Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedBest Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedMaximilan Wilhelm
 
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackL2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackMaximilan Wilhelm
 
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Maximilan Wilhelm
 
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPMaximilan Wilhelm
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFMaximilan Wilhelm
 
Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPMaximilan Wilhelm
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux NetworkingMaximilan Wilhelm
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonMaximilan Wilhelm
 
AS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxAS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxMaximilan Wilhelm
 
Software Defined Freifunk Backbones
Software Defined Freifunk BackbonesSoftware Defined Freifunk Backbones
Software Defined Freifunk BackbonesMaximilan Wilhelm
 

Mais de Maximilan Wilhelm (19)

Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
Fun with PRB, VRFs and NetNS on Linux - What is it, how does it work, what ca...
 
Building your own CGN boxes with Linux
Building your own CGN boxes with LinuxBuilding your own CGN boxes with Linux
Building your own CGN boxes with Linux
 
Contemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ngContemporary network configuration for linux - ifupdown-ng
Contemporary network configuration for linux - ifupdown-ng
 
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
Angewandte Netzwerkgrundlagen reloaded - von Layer 1 bis 3
 
Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...Intent driven, fully automated deployment of anycasted load balancers with ha...
Intent driven, fully automated deployment of anycasted load balancers with ha...
 
Anycast all the things
Anycast all the thingsAnycast all the things
Anycast all the things
 
Out-of-Band-Management für APU-Boards
Out-of-Band-Management für APU-BoardsOut-of-Band-Management für APU-Boards
Out-of-Band-Management für APU-Boards
 
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...
Wie baue ich ein Freifunkbackbone - Was wir in den letzten 5 Jahren gelernt h...
 
Best Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learnedBest Current Operational Practices - Dos, Don’ts and lessons learned
Best Current Operational Practices - Dos, Don’ts and lessons learned
 
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-NetzwerkstackL2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
L2/L3 für Fortgeschrittene - Helle und dunkle Magie im Linux-Netzwerkstack
 
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
Overlays & IP-Fabrics - viele Wege führen nach Rom und warum Layer2 keine Lös...
 
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
 
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPFDynamische Routingprotokolle Aufzucht und Pflege - OSPF
Dynamische Routingprotokolle Aufzucht und Pflege - OSPF
 
IPv6 im Jahre 2018
IPv6 im Jahre 2018IPv6 im Jahre 2018
IPv6 im Jahre 2018
 
Netzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IPNetzwerkgrundlagen - Von Ethernet bis IP
Netzwerkgrundlagen - Von Ethernet bis IP
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
 
Building your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and pythonBuilding your own sdn with debian linux salt stack and python
Building your own sdn with debian linux salt stack and python
 
AS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and LinuxAS201701 - Building an Internet backbone with pure 1he servers and Linux
AS201701 - Building an Internet backbone with pure 1he servers and Linux
 
Software Defined Freifunk Backbones
Software Defined Freifunk BackbonesSoftware Defined Freifunk Backbones
Software Defined Freifunk Backbones
 

Último

Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
Steel Structures - Building technology.pptx
Steel Structures - Building technology.pptxSteel Structures - Building technology.pptx
Steel Structures - Building technology.pptxNikhil Raut
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdfCaalaaAbdulkerim
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
Industrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptIndustrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptNarmatha D
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxKartikeyaDwivedi3
 
Industrial Safety Unit-I SAFETY TERMINOLOGIES
Industrial Safety Unit-I SAFETY TERMINOLOGIESIndustrial Safety Unit-I SAFETY TERMINOLOGIES
Industrial Safety Unit-I SAFETY TERMINOLOGIESNarmatha D
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - GuideGOPINATHS437943
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating SystemRashmi Bhat
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
National Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfNational Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfRajuKanojiya4
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxsiddharthjain2303
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 

Último (20)

Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
Steel Structures - Building technology.pptx
Steel Structures - Building technology.pptxSteel Structures - Building technology.pptx
Steel Structures - Building technology.pptx
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdf
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
Industrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.pptIndustrial Safety Unit-IV workplace health and safety.ppt
Industrial Safety Unit-IV workplace health and safety.ppt
 
Concrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptxConcrete Mix Design - IS 10262-2019 - .pptx
Concrete Mix Design - IS 10262-2019 - .pptx
 
Industrial Safety Unit-I SAFETY TERMINOLOGIES
Industrial Safety Unit-I SAFETY TERMINOLOGIESIndustrial Safety Unit-I SAFETY TERMINOLOGIES
Industrial Safety Unit-I SAFETY TERMINOLOGIES
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Transport layer issues and challenges - Guide
Transport layer issues and challenges - GuideTransport layer issues and challenges - Guide
Transport layer issues and challenges - Guide
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
Virtual memory management in Operating System
Virtual memory management in Operating SystemVirtual memory management in Operating System
Virtual memory management in Operating System
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
National Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdfNational Level Hackathon Participation Certificate.pdf
National Level Hackathon Participation Certificate.pdf
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptx
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 

This is the way - Holistic (Network) Automation

  • 1. This is the way Holistic (Network) Automation FrOSCon 2022 Maximilian Wilhelm 1 / 27
  • 2. Agenda 1. A little bit of history 2. Software Engineering Methods 3. Applying SWE Methods to Network Automation 4. Reality check 5. Q&A 2 / 27
  • 3. Who's who Maximilian Wilhelm Networker Open Source Hacker Fanboy of (Debian) Linux (Linux) networking Occupation: By day: Network Automation Engineer at Cloudflare By night: Lead Infrastructure Architect, Freifunk Hochstift In between: Freelance Infrastructure Architect for hire Contact @BarbarossaTM max@sdn.clinic 3 / 27
  • 4. A little bit of history 4 / 27
  • 5. History When I was a student First IT job in early 2004 Institute of Mathematics at Paderborn University More or less separate network Some hundred clients and servers Fully automated install + management Home grown solution SDeployment Written in Shell (IIRC) (Un)install packages + maintain configuration Owns full configuration files Helped to find an intruder Managed to exchange sshd binary Didn't support Kerberos, so changed the config file SDeployment changed config file back and service failed to restart 5 / 27
  • 6. History Birth of new automation tools Intent driven configuration Describe the desired state Packages (un)installed Presence (+content) or absence of a file Restart services on changes ... Solution makes sure to reach/keep that state Timeline of their birth (according to Wikipedia) 2003 bcfg2* 2005 Puppet 2009 Chef 2011 SaltStack 2012 Ansible 2012 Batou* * 1st GIT commit 6 / 27
  • 7. History State of network configuration today Broad spectrum Operators typing or pasting magic spells into a CLI Deployment helpers called with explicit parameters Evolution: Expect, Perl, Python scripts Vendor solutions of different colors and sizes Up to full vendor lock-in SDN solutions Home-grown solutions, anywhere on the spectrum Up to Google size full magic solution 7 / 27
  • 8. History Where does this leave us now? Wouldn't it be cool ... To remove all the toil from Network config management! So Network Engineers can focus on engineering To have a vendor independent solution? That can be tested and proven to do the right thing? That scales well? That is even Open Source? But, how would we build that? 8 / 27
  • 10. History SWE Methods Software Engineering Methods - Abstraction Operating Systems Drivers for hardware components I/O, Keyboard, Mice, Displays File systems for data storage Networking ISO/OSI or hour glass model Internet protocols (HTTP, SMTP, ...) Routing protocols (OSPF, IS-IS, BGP ...) 10 / 27
  • 11. History SWE Methods Software Engineering Methods - Testing Unit tests Test function/method, class, package with knowledge of the inside White-box testing Integration test Useful for APIs or protocols Verify BGP implementations work with others Regression testing Something broke, we fixed it Make sure we notice when it breaks again 11 / 27
  • 12. History SWE Methods Software Engineering Methods - Pipeline 12 / 27
  • 13. History SWE Methods Applying SWE Methods Applying SWE Methods to Network Automation 13 / 27
  • 14. History SWE Methods Applying SWE Methods Abstraction Codify network architecture and processes Topology + rules Vendor configuration details One large config file vs. different smaller ones Different dialects or even languages Generate vendor neutral config and translate from there 14 / 27
  • 16. History SWE Methods Applying SWE Methods Topology - Example FFHO BB/DC-POP 1 (PAD1) DC-POP 2 (PAD2) DC-POP 3 (remote) VPN CR CSW CSW CR Dark Fiber Gateway Gateway Gateway RF BB-POP (WBBL-only, w/ APs) RF RF BBR RF APs BB-POP (WBBL + VPN, w/ APs) BBR RF APs POP 4 (PAD3) [planned] CR Gateway Dark Fiber [planned] RF RF CSW RF RF BB-POP (WBBL-only) RF RF BBR RF CR Internet FFHO Topologie (schematic) Legend Router Layer3 Switch Switch WiFi PTP link Access Point CWDM MUX Gateway KVM Hypervisor KVM KVM KVM 16 / 27
  • 17. History SWE Methods Applying SWE Methods Nodes Represent devices Attributes Status, Role OS IPs (on interfaces) Location (rack ... region) Edges Represent links Attributes Status, Role Bandwidth, Distance, Priority ... Abstraction - Topology as a graph 17 / 27
  • 18. History SWE Methods Applying SWE Methods Abstraction - Rules What would have an operator configured manually?* *If they did the right thing™ Examples, based on FFHO infrastructure Internal routing protocols (OSPS + iBGP) Learning of edge prefixes Automagically generated firewall rules (CoPP) ... 18 / 27
  • 19. History SWE Methods Applying SWE Methods Software Engineering Methods - Pipeline Input IRM / DCIM + IPAM Any solution which offers an API, e.g. NetBox or Nautobot Any local database(s) holding business relevant information E.g. subscribers / services Process(es) Controller which gathers topology information and applies rules Generate vendor neutral configuration Translate configuration into required vendor configuration(s) Apply the config as an atomic operation (if possible) Micro service approach beneficial Output The complete generated configuration Vendor independent or vendor specific, depending on POV 19 / 27
  • 20. History SWE Methods Applying SWE Methods Controller generates the vendor independent config Rules could be part of code or textual Translator generates vendor specific language from that Multiple config files for Linux routers Single config file for (e.g. Cisco) switches Translator also (can) apply config SaltStack, Ansible, ... Home grown Software Engineering Methods - Pipeline 20 / 27
  • 21. History SWE Methods Applying SWE Methods Software Engineering Methods - Testing Unit tests Controller can be tested without touching production network Testing Translator can be harder Integration tests New controller versions can be tested against live data source Compare result with currently running production controller Does it generate the config we expect? No risk of impacting infrastructure Translator can be tested offline or in a lab Input: Static generic config from generator Apply config to lab device (VM?) Verify device config against expected result 21 / 27
  • 23. History SWE Methods Applying SWE Methods Reality check Reality check Does that exist? Not as Open Source Wait, but you have logic in Salt (FFHO) Yes, and I regret that. 23 / 27
  • 24. History SWE Methods Applying SWE Methods Reality check Reality check - Lessons learned Data stored in pillar only usable inside Salt Limits flexibility a lot Evolution From input in pillar to NetBox From logic in Jinja templates to Python modules inside Salt Abstract NetBox data structures away with NACL Move more and more logic into NACL (e.g. iBGP mesh computation) Use Salt as translator instead of controller 24 / 27
  • 25. History SWE Methods Applying SWE Methods Reality check Q&A Questions? 25 / 27
  • 26. History SWE Methods Applying SWE Methods Reality check Q&A Questions & answers Why not generate the config within Salt or Ansible? How do you test that? Automatically? Limited to Python and the environment of the solution Why not buy vendor solution here? Because it's not vendor independent What do you do if it can't do X or is discontinued? Why not use NETCONF/YANG? Because it's not vendor independent enough And it's for iterative config changes Yes NETCONF can to complete config replace, but what's the point? 26 / 27
  • 27. History SWE Methods Applying SWE Methods Reality check Q&A Questions? 27 / 27