Presentation on how to chat with PDF using ChatGPT code interpreter
Exploring the Final Frontier of Data Center Orchestration: Network Elements - PuppetConf 2014
1. Network Elements
The Final Frontier of Data Center Automation
Presented by
Jason Pfeifer
Technical Marketing | Cisco
2. Presented by
Why?
I can spin up servers in minutes with my Puppet workflows,
why does it take orders of magnitude more to spin up and
affect change on my Network Elements?”
3. Presented by
IT Management Challenges
Agility 60% of IT managers are not satisfied with the speed
at which IT responds to business needs
Reliability $72,000
/ hr
cost of downtime due to manual errors and configuration
drift
Productivit
y
48% of IT professionals spend 50% or more of their time on
basic administrative tasks
Shadow IT 36% of employees have already used “unapproved” cloud
services
Insight 93% of IT professionals cannot answer “What changed?”
when an outage incident occurs
Sources: Gartner, Kaseya, Harvey Nash, Vanson Bourne, Evolven, InformationWeek
Similar Challenges in the
NetOps Space
4. Presented by
Network Operations Challenges
Agility Rollout speed of network equipment is slow. After physical kit is
installed, configuration should be immediate.
Reliability Huge cost of downtime due to manual errors and configuration
drift
Productivit
y
Networking professionals spend 50% or more of their time on
basic administrative tasks, CLI interaction , screen scraping
output
Home Built Employees have home built scripts / one –off procedures specific
to the local network environment
Insight “What changed?” plagues the industry when an outage incident
occurs. How do we recover?
Sources: Disgruntled Network Administrators
5. NetOps
CUSTOM ONE-OFF SCRIPTS
Presented by
Existing Management Solutions = Insufficient
CUSTOM ONE-OFF SCRIPTS
for i in $(cat host.cfg)
do
ssh user@$i uname -a
done
• Not reusable across different
applications or operating systems
• What happens when original author
Sources: THINKstrategies/FrontRange
leaves?
IT
spawn telnet $ip(t)$port(t)
expect "Trying
$in_telnet...r*
Connected to $in_telnet.r*
Escape character is
'^]'.r*”
send -- "r”
6. Puppet Automates Infrastructure for Network Admins
NETOPS MANAGEMENT STACK
Monitoring Help Desk
Presented by
NETWORK STACKS
Reporting
Asset Management
Applications
Code & Data
Controllers
Operating
Systems
Physical &
Virtual Nodes
Discovery
Provisioning
Configuration
Orchestration
Automation
Service Catalog
Lifecycle management for heterogeneous environments possible
7. Monitoring
Agent Version Control
Presented by
NetOps Agent
CENTRALIZED MANAGEMENT SERVER
GUI Workflows
Reporting
Admin & Security
Hardware Node VM Node Cloud Node
DISTRIBUTED AGENTS
CLOUD-BASED REPOSITORY
OF PRE-BUILT SOLUTIONS
Puppet Forge
Agent Agent Agent
3RD PARTY INTEGRATIONS
CMDBs
LDAP & AD
Switch
12. Presented by
ONE Platform Kit (onePK)
Applications
onePK
Any Cisco
Router or
Switch
C, JAVA, Python
API Presentation
API Abstraction
Catalyst Nexus
ASR
ISR
IPC Channel
Network Programming
Environment to:
• Innovate
• Extend
• Automate
• Customize
• Enhance
• Modify
13. Presented by
Where Do onePK Applications Run?
Choose the Hosting Model that Suits Your Platform and Your Application
16
App
Blade
App
App
On An External Server
• Plentiful memory/compute
• Higher latency and delay
• Supported on by all platforms
On A Hardware Blade
• Dedicated memory/compute
• Low latency and delay
• Requires modular hardware blade
On the Router
• Shared memory/compute
• Very low latency and delay
• Requires modular software architecture
14. Traditional Approach New Paradigm
App
C
Java
Python
(Ruby*)
Presented by
Network OS
Events
App
Monitoring
Routing
Data Plane
Actions EEM (TCL)
Policy
Interface
Discovery
CLI
SNMP
HTML
XML
AAA
CDP
Syslog
Netflow
Routing Protocols
Span
Anything you can think of
Evolving How We Interact
15. Presented by
APIS Are Grouped (Service Sets)
Service Set Description
Data Path Provides packet delivery service to application: Copy, Punt, Inject
Policy
Provides filtering (NBAR, ACL), classification (Class-maps, Policy-maps),
actions (Marking, Policing, Queuing, Copy, Punt) and applying policies to interfaces
on network elements
Routing Read RIB routes, add/remove routes, receive RIB notifications
Element
Get element properties, CPU/memory statistics, network interfaces, element and
interface events
Discovery topology and local service discovery
Utility
Syslog events notification, Path tracing capabilities (ingress/egress and interface stats,
next-hop info, etc.)
Developer
Debug capability, CLI extension which allows application to extend/integrate
application’s CLIs with network element
16. Controller
onePK
Agent
onePK
CAPWAP
Presented by
Agent application resides on NE, utilizes
onePK API library
Choice of communication methods between agent
and controller
Choice of where bulk of processing will occur.
Controller typically has network wide view, agent has
individual box view.
Examples
Web application with REST interface
Management over XMPP
Controller
Agent
onePK
Controller
Agent
onePK
Network Element
Agent
onePK
Network Element
Path
Computation
PCE
PCEP
PCC PCC PCC
Wireless LAN
Control
WLC
AP AP AP
Agent Model Applications
17. Dev Ops
Plug-ins
Container
Presented by
Dev Ops - Plug Ins
Container based packaging of Dev Ops agents
Device hosted
Software runs on local device
Standard
Standard Linux software
Software independence
Secure: Not running in host OS
TTM: Host release independence, fast TTM NOS
OS/Linux
Switch/Router
23. Presented by
Puppet Deployment using POAP
DHCP Script Config
Switch downloads script
DHCP phase: Execute script locally
Get IP Address, Gateway
Script server IP
Script file name
Download software images
Download running-config
Download puppet_plugin.ova
Download plugin_activate.py script
1 Power up Switch with
no startup-config and
default images
NXOS
Puppet
OVA
Reload the router with downloaded software
plugin_activate.py script executes , installing
and activating puppet_plugin.ova
Puppet
Master
Once the plugin is activated, puppet
agent running inside the container will
establish a session with the puppet
master and retrieve catalogues, etc.
2 3
4
5
6
24. Image/Patch New Server/VM Deployment Config. Distribution
Presented by
Package
Repository Puppet/C
Puppet
Master
Device Plug-in
Device Plug-ins:
• Manage images and patches/SMUs
hef
Master
New server
Server
Admin
• Security policies, mgmt. servers
(syslog, dns, snmp etc.) are
common across the network.
• Inject changes at master
Puppet/Ch
Network ef Master
Admin
• ToR configuration for every new device
onboarded
• Reduce Manual process
• Master puts the new server in the right
VLAN/segment / ACL’s
25. Presented by
Cisco Puppet Resource Type Coverage:
Feature Resource Name Description
Cisco Device Access cisco_device Allows credentials for user access control &
accounting
Base L2/L3 interface cisco_interface General interface & L2/L3 base settings
VLAN cisco_vlan Create/destroy of VLANs and general settings
Interface-vlan (SVI) cisco_interface_vlan Create/destroy of SVIs and SVI specific interface
settings
VLAN Trunking Proto (VTP) cisco_vtp VTP global settings
SNMP cisco_snmp_server
cisco_snmp_community
cisco_snmp_group
cisco_snmp_user
SNMP monitoring settings. Notification receiver
settings not covered as of now.
OSPF cisco_ospf
cisco_ospf_vrf
cisco_interface_ospf
OSPF instance create/destroy, per-VRF settings, and
interface settings (area, cost, msg digest, etc)
26. Presented by
Cisco Puppet Resource Type Coverage
Feature Resource Description
TACACS/AAA***
***full set not available at EFT target date
cisco_tacacs_server
cisco_tacacs_server_host
cisco_aaa_tacacs_group
cisco_aaa_authentication
cisco_aaa_authorization
cisco_aaa_accounting
• TACACS global settings
• TACACS per-host settings
• group association and settings
• mapping of groups to AAA features
(authentication, authorization, accounting).
Raw Config CLI commands cisco_command_config Resource to directly apply blocks of configuration
CLI commands.