World Wide Technology, Inc. ENS Virtual Team meeting October 2015

1. Copyright © 2015 World Wide Technology, Inc. All rights reserved.
Programmability and Automation
in Data Center Networks
A talk on Hot Air Balloons, Camels and Excel Spreadsheets
October 2015
Joel W. King Engineering and Innovations
Enterprise Networking Solutions

2. Hot Air Balloons, Camels and Excel
• First passengers: A rooster,
a duck, and a sheep
• Altitude record 68,900 feet.
• To carry paying passengers for hire
a pilot must have a commercial
pilot certificate.
• The passengers are active participants
in both take-off and landing

3. Agenda
WWT University: ACI Professional Services Deployment Engineers
NX-OS Programmability for MP-BGP EVPN VXLAN Fabric Design
Cisco ACI Barrier to Success

4. ACI Programmability
• WWT University: ACI Professional Services Deployment Engineers
• Specific Learning Outcomes
• Configure an ACI fabric using Ansible playbooks (roles)
• Understand components of RESTful web APIs
• Working knowledge of Markup Languages
• Learn to create Jinja templates of XML configuration files
• Basic understanding of Git for version control and Ansible role sharing
• Goal
• Work as a Team to create a library of configuration best practices

5. Key take-aways
• Most of the concepts are applicable to NX-OS | NX-API
• Learning to program was not a requirement.
• Thinking like a programmer proved beneficial.
• Effective Automation is about generalizing and
abstracting workflow
• Success of selling ACI depends on the PS engineers.

6. Learning to Think like a Programmer
• Learning programming is like learning spelling and grammar.
• Programming is a tedious and exacting discipline.
• Have you developed an aptitude and interest in programming by age 25?
• Thinking like a programmer…. the art of Computer Science
• Teaches critical thinking skills
• How to process and represent information

7. What are Markup Languages?
• Markup Languages are implementations of
Data Serialization formats | standards | languages
• Cisco IOS configuration files are a proprietary form of
Markup Language
• Examples
• CSV Comma Separated Values
• XML Extensible Markup Language
• JSON JavaScript Object Notation
• YAML YAML ain’t Markup Language

8. Why Learn Markup Languages?
• Represent structured data to define a network configuration.
• Less emphasis on Command Line Interface (CLI) and IOS config files
Cisco ACI controller (APIC)
will generate and accept both
JSON and XML to save and upload
configurations
NETCONF protocol uses an XML
for configuration data and output messages.
Cisco IOS XR software has an XML
application programming interface (API).

9. Why Learn Ansible?
• Simple, yet powerful automation tool for all things Data Center
• Low barrier to entry – Open Source, runs in a VM on your laptop
• Agentless
• Automation without programming
• Exposes you to Markup Languages
• Forces you to think like a programmer

10. Network automation going mainstream
#netdevops
Network Programmability
User's Group
www.npug.net

11. Cultural Shift of #NetDevOps
• DevOps isn’t automation tool(s) , or a role within an organization.
• Networking is the next frontier for DevOps.
• Moving to think about applications, not infrastructure.
Holistic system thinking
No silos - sharing
Metrics - Rapid, useful feedback
Automation: Automate the drudgery away
Guiding Principles:

12. Hot Air Balloons and Network Engineers
Looking over the edge of the
basket gives you a immediate
sense of anxiety and uneasiness.

13. NX-OS Programmability for MP-BGP EVPN
VXLAN Fabric Design

14. Cisco Data Center Switching
• If you are looking to Cisco for a Data Center switch, it will be a Nexus 9000.
• Nexus 9000 runs in either of two modes:
• NX-OS
• Application Centric Infrastructure – ACI
• Networks need Automation & Programmability.
• NX-API enables a northbound REST interface on individual NX-OS switches
• Nexus 3000 NX-API supported NX-OS 6.0(2)U4(1).
• NX-OS release 7.x enables NX-API on Cisco Nexus 5000 and 6000
• APIC is the Software Defined Networking controller for ACI

15. Ansible and Cisco Data Center Networking
SSH – TCP/22
Users, API
NTP – UDP / 123
HTTP(s) TCP/80:443:22
HTTP(s) TCP/80:443
SSH – TCP/22
GitHub
HTTPS TCP/443
LDAP – TCP / 389
ESX
Server
Windows
Systems
Linux
DockerAmazon
Web Services
Agentless
Ansible / Tower
REST API
connection: local
feature nx-api
Nexus 3000 | 9000
Nexus 9000
ACI
github.com/joelwking/
PARAMIKO
APIC-EM
Cisco IOS

16. NX-OS Programmabilty
• ******* [ customer name removed ] *******************
• MP-BGP EVPN VXLAN Fabric Design
• Nexus 9500 spines (4)
• Nexus 9300 leafs (40)
• NX-OS configuration is complex
775 lines of config per leaf
WWT Integration Technology Center (ITC)
Cisco Virtual Topology System (VTS)
Cisco Prime Data Center Network Manager
(DCNM)

17. Process Flow
Group Variables
(All Leafs)
Host Variables
(Individual Switch)
Jinja Template
L2 Port Configuration
CSV
L3 Port Configuration
CSV
Switch
Configuration

18. Configuring your network from Excel
kingjoe@rocket:~/ansible/roles/excel_nxos/templates$ cat leaf_uplinks.j2
#
# Template for leaf uplinks
#
{% for row in spreadsheet %}
interface {{row.SourcePort}}
description {{row.Description}}
mtu 9216
load-interval counter 1 5
ip address {{row.SourceIP}}
no ipv6 redirects
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 {{OSPF.message_digest_key}}
ip ospf network point-to-point
ip router ospf {{OSPF.processID}} area 0.0.0.0
ip pim sparse-mode
no shutdown
!
{% endfor %}
end
#
# group_vars/leaf
#
OSPF:
message_digest_key: DEADBEEF
processID: 64800

19. group_vars/leaf
#
# group_vars/leaf
#
OSPF:
message_digest_key: DEADBEEF
processID: 64800
BGP:
as: 64800
neighbor:
- {ip_address: 10.181.63.1, password: DEADBEEF}
- {ip_address: 10.181.63.2, password: DEADBEEF}
- {ip_address: 10.181.63.3, password: DEADBEEF}
- {ip_address: 10.181.63.4, password: DEADBEEF}
vrf:
- PROD
- ACPT
- BACKUP
- MNGMT

20. host_vars/13leafzn01-rp01y
#
# host_vars/13leafzn01-rp01y
#
Vlan100:
ip_address: 10.181.0.250/31
loopback0:
ip_address: 10.181.63.11
mask: "/32"
s_ip_address: 10.181.63.100
s_mask: "/32"
#
# vPC peer information
#
peer_keepalive:
destination: 10.192.64.12
source: 10.192.64.11
channel_group_number: 10
channel_group:
- interface: "Ethernet2/11"
description: "13leafzn01-rp01z_E2/11"
- interface: "Ethernet2/12"
description: "13leafzn01-rp01z_E2/12"
13leafzn02-rp01.csv
13leafzn02-rp01_uplinks.csv
Ethernet 1/1 - 48
(layer2 port configuration)
Ethernet 2/1 – 4
(layer3 port configuration)

21. Render the Configuration
#
# Template for leaf uplinks
#
interface Ethernet2/1
description 13spine-rp01_E1/1
mtu 9216
load-interval counter 1 5
ip address 10.181.0.1/31
no ipv6 redirects
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 DEADBEEF
ip ospf network point-to-point
ip router ospf 64800 area 0.0.0.0
ip pim sparse-mode
no shutdown
!
! [ interfaces E2/2 E2/3 and E2/4 removed for brevity ]
!
end
Each column headers are variable names,
cell contents are assigned to these variables.
Variables are then used to render configuration.
Network engineer controls column header names
https://github.com/joelwking/ansible-nxapi/blob/master/csv_to_facts.py

22. Cisco ACI Barrier to Success

23. The History of the Cisco CLI
• Wellfleet Communications
• Early 1990’s
• Extensive marketing around menu system for routers
• Menu systems - hard to see a concise view of the configuration
• Post Cisco IOS 9.21, sales of Wellfleet / Bay Networks started to slow.
• Cisco’s growth continued on its upward trend.
• Cisco CLI, extensive multi-protocol support and TAC instrumental to success.
www.netcraftsmen.com/the-history-of-the-cisco-cli/
Wellfleet Communications Logo" by Source (WP:NFCC#4). Licensed under Fair use via Wikipedia

24. Cisco ACI Barrier to Success
• We need consumable documentation.
• Cut-n-paste of XML at the end of
text documentation and screen shots
has minimal practical value.
• CVDs of over 300 pages of screen
shots isn’t consumable.

25. Jinja Template of the XML and Playbook
$ cat Create_VLAN_Pools.j2
<?xml version="1.0" encoding="UTF-8"?>
<!--
Remarks: {{item._url}}
-->
<fvnsVlanInstP name="{{VLAN_pool.name}}" descr="{{VLAN_pool.descr}}" allocMode="static">
<fvnsEncapBlk name="{{VLAN_pool.name}}" descr="{{VLAN_pool.descr}}" allocMode="static" to="{{VLAN_pool.to}}"
from="{{VLAN_pool.from}}"/>
</fvnsVlanInstP>
VLAN_pool:
name: JINJA
descr: PS ACI Deployment Engineer Class
from: vlan-2700
to: vlan-2709
steps:
- create_VLAN_Pools:
_xml: Create_VLAN_Pools
_url: "/api/mo/uni/infra/vlanns-[{{ VLAN_pool.name }}]-static.xml"
tasks:
- name: Create XML file(s)
template:
src: "{{local_path}}/{{item._xml}}.j2"
dest: "{{local_path}}/xml/__{{item._xml}}.xml"
with_items: "{{steps}}"

26. Resulting XML
$ cat __Create_VLAN_Pools.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Remarks: /api/mo/uni/infra/vlanns-[JINJA]-static.xml
-->
<fvnsVlanInstP name="JINJA" descr="PS ACI Deployment Engineer Class" allocMode="static">
<fvnsEncapBlk name="JINJA" descr="PS ACI Deployment Engineer Class" allocMode="static" to="vlan-2709" from="vlan-2700"/>
</fvnsVlanInstP>
By providing a Jinja template of the XML file with several relevant variables specified
in the YAML playbook, we can more easily consume the ACI documentation
In this format, the XML documentation is consumable by the end customer.

27. Configuring your ACI network from Excel
http://erjosito.tumblr.com/post/129878491127/configuring-your-network-from-excel

28. Landing
• Automation concepts are applicable to
ACI, NX-OS, ….. F5, …. etc.
• Configurations becoming so complex we
need documentation which abstracts to
the common components.
• Every balloon landing is a controlled crash
• Champagne after flights originated
to appease farmers.