The Path to a Programmable Network
1 like340 views
The document discusses strategies for automating network configuration using model-driven approaches and open standards. It provides an overview of exciting developments in software development that could enable more programmatic network configuration. Specifically, it covers NETCONF and YANG standards for automating device configuration and management, and recommends starting with familiarization of OpenConfig models, templated deployments of simple configurations, and using tools like YDK and NCClient to test automations.
![NETCONF: XML over SSH
© Copyright 2019 Opengear, Inc. www.opengear.com 23
$ ssh -oHostKeyAlgorithms=+ssh-dss root@ios-xe-mgmt.cisco.com -p 10000 -s netconf
S: <hello> <capabilities> … </capabilities> </hello>
]]>]]>
C: <hello> <capabilities> … </capabilities> </hello>](https://image.slidesharecdn.com/david-the-path-to-a-programmable-network-190704083522/85/The-Path-to-a-Programmable-Network-23-320.jpg)
![NETCONF: XML over SSH (continued)
© Copyright 2019 Opengear, Inc. www.opengear.com 24
C: <rpc>
<get-config>
<source><running/></source>
</get-config>
</rpc>
S: <rpc-reply>
<data>
<interfaces><interface> <name>eth0</name> <enabled>true<… </interfaces>
</data>
</rpc-reply>
]]>]]>](https://image.slidesharecdn.com/david-the-path-to-a-programmable-network-190704083522/85/The-Path-to-a-Programmable-Network-24-320.jpg)
The Path to a Programmable Network
- 1. www.opengear.com© Copyright 2019 Opengear, Inc. 1 The Path to a Programmable Network Open Telemetry and Model-Driven Configuration David Leonard 4-Jul-2019 MyNOG-8, Kuala Lumpur
- 2. © Copyright 2019 Opengear, Inc. www.opengear.com 2
- 3. Overview © Copyright 2019 Opengear, Inc. www.opengear.com 3 • Motivation • Exciting news from the world of software development • Strategies for automation • Standards • Demo / teaser
- 4. © Copyright 2019 Opengear, Inc. www.opengear.com 4 How it starts
- 5. © Copyright 2019 Opengear, Inc. www.opengear.com 5 configure
- 6. © Copyright 2019 Opengear, Inc. www.opengear.com 6 configure configure configure
- 7. © Copyright 2019 Opengear, Inc. www.opengear.com 7 configure configure configure configureconfigure configure configure configure configure
- 8. © Copyright 2019 Opengear, Inc. www.opengear.com 8 configure configure configure configureconfigure configure configure configure configure
- 9. © Copyright 2019 Opengear, Inc. www.opengear.com 9 What have we wrought?
- 10. Trouble with configuring via the CLI © Copyright 2019 Opengear, Inc. www.opengear.com 10 • Configs applied and maintained by hand • Vendor-specific syntax, ever-changing • Inconsistent configurations, unexplained special cases • Configurations are forgotten; until... reactive break-fix model • Workarounds: brute force, diligence, hard work, RANCID • Fragile scrapers break on upgrades • Human-oriented interfaces are for humans
- 11. © Copyright 2019 Opengear, Inc. www.opengear.com 11 Manual control Controlled by software
- 12. © Copyright 2019 Opengear, Inc. www.opengear.com 12 Combining the reliability of software with the low cost of network changes
- 13. Exciting news from the world of software © Copyright 2019 Opengear, Inc. www.opengear.com 13 • Agile practices – Lighter but more intense teamwork • git + pull requests – collaborative text editing, focused review • CI/CD + tests + sandboxes – safety nets are safer • DevOps – the best tools and practices adopted by operations
- 14. © Copyright 2019 Opengear, Inc. www.opengear.com 14 programmer
- 15. © Copyright 2019 Opengear, Inc. www.opengear.com 15 configure configure configure configureconfigure configure configure configure configure 1:100
- 16. © Copyright 2019 Opengear, Inc. www.opengear.com 16 program program program configure configure configure 1:100
- 17. © Copyright 2019 Opengear, Inc. www.opengear.com 17 program program configure configure configure configure configure configure configure program 1:1000
- 18. © Copyright 2019 Opengear, Inc. www.opengear.com 18 Strategies
- 19. Pre-conditions for automation © Copyright 2019 Opengear, Inc. www.opengear.com 19 • Inventory: do you have good detail of all devices? • Requirements: business's expectation of function level; now & plans • Standards: which model/vocabulary to use in automation • Telemetry: feedback channels • Automation: control channels; tooling • Trust: get experience, confidently predict automation's behaviour • other: Budget, Stakeholders, Suppliers
- 20. © Copyright 2019 Opengear, Inc. www.opengear.com 20 Provisioning Monitoring Security … Requirements ? ? ? ? Automation ? ? ? ? Telemetry ? ? ? ? Inventory ? ? ? ? Standards ? ? ? ? Suppliers ? ? ? ? Partners ? ? ? ? Budget ? ? ? ? Trust ? ? ? ?
- 21. © Copyright 2019 Opengear, Inc. www.opengear.com 21 Standards
- 22. IETF NETCONF © Copyright 2019 Opengear, Inc. www.opengear.com 22 • 2006 RPC-based protocol for configuring network devices • "SNMP done right" • Replaces CLI-based programmatic interfaces (perl/expect over SSH) • Installs, manipulates configuration • Can validate config before activation • Atomic commit/transaction across multiple devices • Structured message and errors (XML/JSON)
- 23. NETCONF: XML over SSH © Copyright 2019 Opengear, Inc. www.opengear.com 23 $ ssh -oHostKeyAlgorithms=+ssh-dss root@ios-xe-mgmt.cisco.com -p 10000 -s netconf S: <hello> <capabilities> … </capabilities> </hello> ]]>]]> C: <hello> <capabilities> … </capabilities> </hello>
- 24. NETCONF: XML over SSH (continued) © Copyright 2019 Opengear, Inc. www.opengear.com 24 C: <rpc> <get-config> <source><running/></source> </get-config> </rpc> S: <rpc-reply> <data> <interfaces><interface> <name>eth0</name> <enabled>true<… </interfaces> </data> </rpc-reply> ]]>]]>
- 25. NETCONF landscape © Copyright 2019 Opengear, Inc. www.opengear.com 25 • YANG – the modeling language for NETCONF – like MIBs' ASN.1 notation – IETF provides some basic models, eg RFC8343 "ietf-interfaces" • NETCONF – the client-server protocol – NETCONF: sends XML over SSH – RESTCONF: sends XML or JSON over HTTP • OpenConfig – the community – a group of carriers and vendors sharing their YANG models – more than just "vendor MIBs" (called native models)
- 26. Where to get YANG models © Copyright 2019 Opengear, Inc. www.opengear.com 26 • yangcatalog.org – https://github.com/YangModels/yang (yangcatalog.org) • openconfig.org – https://github.com/openconfig/public • https://github.com/Juniper/yang
- 27. © Copyright 2019 Opengear, Inc. www.opengear.com 27 Demo – Getting Started
- 28. © Copyright 2019 Opengear, Inc. www.opengear.com 28
- 29. © Copyright 2019 Opengear, Inc. www.opengear.com 29 Summary
- 30. © Copyright 2019 Opengear, Inc. www.opengear.com 30
- 31. © Copyright 2019 Opengear, Inc. www.opengear.com 31 Suggested approach: • Get familiar with the OpenConfig models, eg BGP. Many examples available showing YANG/NX-OS CLI https://developer.cisco.com/docs/openconfig-yang-release-9-2x/#!ocni-bgp/ocni-bgp • Try simple templated deployment (interfaces) http://karneliuk.com/2018/07/openconfig-w-o-and-w-ansible-for-arista-eos- cisco-ios-xr-and-nokia-sr-os-part-1-interfaces/ • Try same using YDK or NCClient, in Python
- 32. Additional thoughts © Copyright 2019 Opengear, Inc. www.opengear.com 33 • The divide-and-conquer NETCONF strategy reflects what we’ve seen at network operators and in large scale networks • The “surgical” approach to configuration updates is – Faster and less disruptive – Allows for shared control of network devices (multi-tenant) • Alternate approach is to distribute "complete" configuration files via tools like Ansible, possibly generated from YANG models – Reliable, whole-device 'restore' • Ultimate end game is an Intent Based Network?
- 33. © Copyright 2019 Opengear, Inc. www.opengear.com 34