4. Infrastructure as code represent the idea
that everything needed to run an
infrastructure can be consider as
Software
and as such can
leverage development technics for
Collaboration, Deployment and
Continuous Integration.
7. CI/CD Pipeline for Software Development
Code Build Test Deploy Monitor
Dev
CI
Continuous Integration
CD
Continuous
Deployment
8. What is the impact ?
âą Customers who embraced this
new way of building infrastructure for servers observed:
200x
more
frequent
deployment
24x
faster
recovery
from failure
3x
lower
change
failure
rate
2.5x
Shorter
lead time
Source: 2016 State of Devops Report (from puppet)
9. Infrastructure as Code
is about
Operation Efficiency
Who is not interested to
operate the network more efficiently ?
10. Fall 2016 NetDevOps Survey
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
18% are already in production
60% are thinking about it or evaluating it
Infrastructure as code
12. Version Control
Virtual Lab
Master
Feature B
Looks good
please can you
add description
Done
Approved
Approved
Virtual Lab
1 â Create virtual topology
2 â Deploy new configurations
3 â Run all tests
Report tests
result
Pull Request
Example of workflow
Production
Configuration store in
version control
New branch for each
modification
1
2
Pull request for each
modification
3
Review process as
part of pull request
Automated test as
part of pull request
4
5
Delete virtual env
once report is
available
6
Deploy in production
when pull request is
merged
7
Deploy
Validate
13. Infrastructure as Code is a Journey
âą There is not only one story for Infrastructure as
Code
âą All aspects may or may not be present
âą Only Change control is mandatory
Start small and evolve from there
14. Infrastructure as Code is a Journey
Infrastructure as Code
Network
Continuous Delivery
Automated
Deployment
Generate and deploy
configuration
automatically
Run continuous tests in
your network to identify
issue as quickly as
possible
Test/Validate your
changes
before deploying them
in production
15. Change
Control
Version control
Review process
Virtual Lab
Build Virtual Lab on
demand
Test
Test network device
status
Continuous
integration
Telemetry
Collect,
Visualize and
Correlate
Config
Automation
Templatize and
automate
configuration
Event
Driven
Actively monitor
events
Infra
As
Code
Infrastructure as code / Building Block
Mandatory
16. Compelling for all customers
Change Control
Virtual Lab
Test
Telemetry
Config Automation
Event Driven
Conservative Early Adopter
20. Fall 2016 NetDevOps Survey
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
60% are already in production
34% are thinking about it or evaluating it
Git
21. Change Control - fundamentals
Github or Gitlab
Master
Feature B
Looks good please
can you add
description
Done
Approved
Approved
Pull Request
Branch Master always represent what is
deployed in production.
Every change must be proposed
using a Pull Request
Change can be discussed and adjusted
before being merged
26. Continuous Integration
Travis-CI External tools that will execute some
tests for EACH change/commit:
1. Download the project
2. Setup Environment
3. Run tests
4. Report results in Github/GitlabGitlab-CI
27. Gitlab-CI â setup
stages:
- test
- deploy
before_script:
- pip install -r requirements.txt
- pip install -q ansible
generate_config:
stage: test
script:
- ansible-playbook pb.generate.config.yaml
deploy_config:
stage: deploy
script:
- ansible-playbook pb.conf.all.commit.yaml
.gitlab-ci.yamlâą Configuration defined
inside the project with a
config file (.gitlab.yaml)
âą Can define a pipeline of
stages and actions for
each stage
âą Some stages can be
applicable to some
branches only
28. Validate
Deploy
Gitlab-CI â Infrastructure as Code Pipeline
Test
Build
âą Validate new configurations on physical lab or
virtual lab
âą Validate that network is behaving properly
after new configurations have been deployed
âą Deploy New configurations in production
environment
âą Create new configurations, make sure
Branch
Master
Only
30. Configuration
Generation Project
Configuration Generation Project
âą A project to generate
configurations is
mainly composed of :
â Templates
â Variables
â Scripts/Playbooks
Templates Variables
junos-system.j2
bgp.j2
Acl.j2
Interfaces name
Device names
Mgmt IP
IP addresses
Etc ..
Scripts
Playbooks
deploy_config
check_connectivity
31. 1 project â multiple environments
Lab Production
âą Between environments, templates
are shared but some variables and
playbooks can be different
âą Everything need to be tested and if
there are too many environment
specific variables, the chance to
not find a bug increase.
Configuration
Generation
Project
Shared Templates
Lab Vars Prod VarsShared Var
Lab Pbs Prod PbsShared Playbooks
32. Topology Independent w/ Ansible
âą Topology file name defined in the
inventory file under the variable
âtopology_file
âą File loaded with pre_tasks in each
playbook
hosts.ini
Playbooks
33. Topology Independent w/ Ansible
âą Centralize information related
to physical topology
âą Access these information
from other files by using
variable name
sample-topology.yaml
host_vars/fabric-01/underlay.yaml
36. The VMs itself is not enough
On-Premise
Cloud
When building a virtual lab for testing,
the VM itself is not enough.
We need to have a solution to :
âą Create the topology, L1/L2 links
âą Spin up and down devices,
âą Configure devices etc âŠ
âą Assign IP addresses
Ravello System
Vagrant
37. What is Vagrant ?
A tool for building and distributing
virtualized environment
Open Source and modular
Vagrantfile
Define what type of VM/Box
Define the physical topology
Vagrantcloud
Automatic download
Provisioning
OpenStackHypervisor
VM App Store
38. Ravello System
âą Layer 2 âdata-center-likeâ networking
âą Easy replication through Blueprint
âą Public IP for all VMs
âą Isolated Networking
âą Self-service & on-demand access
âą Unlimited capacity
âą Usage based pricing
âą Scalable
âą Robust REST APIs
Cloud Based
Virtual Lab
Oracle Cloud
Google Compute Engine
AWS
39. Ravello - Automation
âą Automate creation / deployment of virtual topologies
on Ravello using Ansible
âą Open Source library developed by Juniper
https://github.com/Juniper/ravello-ansible
41. Demo / topology
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
âą Physical network based on
Spine/Leaf topology
âą Each device has a unique ASN
âą eBGP between all members
âą Simple IP routing
42. Demo / building Bloc
Gitlab-CI
Gitlab vQFX
Change
control Config
Virtual
Lab Tests
43. Testing w/ Ansible
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
Testing is done using Ansible
âą Check Physical layer
â Check all interfaces are UP
â Check LLDP neighbors
âą Check Underlay
â Ping all neighbors
â Check BGP status
â Ping ANY2ANY between leaf
44. Testing w/ Ansible
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
âą Testing is done using Ansible
âą Check Physical layer
â Check all interfaces are UP
â Check LLDP neighbors
âą Chech Underlay
â Ping all neighbors
â Check BGP status
â Ping ANY2ANY between leaf
47. What Professional Services Bring
Industry leading expertise in designing and
implementing network automation
Delivering an integrated software framework for
automation
Sharing knowledge throughout delivery
Maintaining rigor so that projects are delivered
on time and within budget
Knowledge Transfer & Customer
Focus
Network Design, Implementation
and Testing Expertise
Open Source Framework Expertise
Project Management
48. Network Automation Services
Network Automation Services
PS Practice
Software Defined
Networking
Core & Edge
Cloud &
Data Center
Security
Design Deploy AuditTest
Design
Automation
Automated
Deployment
Test
Automation
Audit
Automation
50. Get Started with examples online
Ravello
Ansible Library to automate Ravello
https://github.com/Juniper/ravello-ansible
Example of Project to build an IP fabric on Ravello using Ansible
https://github.com/dgarros/rav-ipfabric-demo
51. Get Started with examples online
Ansible
Ansible project to configure and test an IP Fabric + EVPN/VXLAN
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan
Playbook to check physical and underlay layer using Ansible
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yaml
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yaml
52. Get Started with examples online
Telemetry / OpenNTI
Open Source Telemetry Collector for Telemetry, Netconf and Event (syslog)
https://github.com/Juniper/open-nti
Fluentd plugin for Juniper Telemetry Streaming
https://github.com/JNPRAutomate/fluent-plugin-juniper-telemetry
53. Associated products/tools (1/2)
Change
control
Version control
Review process
Github/Gitlab
Travis-CI
Jenkins
Virtual Lab
Build virtual Lab on
demand
vMX/vQFX/vSRX
Ravello
Vagrant
Junosphere
Test
Test network device
status
Continuous
integration
JSNAPy
Pyez
NITA
Robot Framework
Ansible
54. Associated products/tools (2/2)
Telemetry
Collect,
Visualize and
Correlate
JTI
Openconfig
Netconf
OpenNTI
Kapacitor
Third party integration
Config
Automation
Execute more
automated tests
Ansible
Saltstack
Pyez
Netconf
Event Driven
Saltstack
jEDI