AUTOMATION EVOLUTION WITH JUNOS

Eric JiSR. ARCHITECTCLOUD MARKETING

Suresh KrishnanSR. TMECLOUD MARKETING

Rajesh RajahSR. SOLUTIONS ARCHITECTCDBU PLM

JUNIPER AUTOMATIONWhat’s In It For You

1 Understand the tools available in the JUNOS Automation tool kit

2 Position/recommend tools necessary to address customer needs

3 Use JUNOS automation capabilities as the insertion point for Juniper products

To give Juniper a competitive advantage

AGENDAAUTOMATION OVERVIEW

JUNIPER AUTOMATION OFFERINGS

USE CASES

COMPETITIVE

DEMO

Nodal Automation

( Puppet, Chef )

Ad-HocScripting

( Bash, Perl )

IT WorkflowOrchestration

Business Workflow

Orchestration

Manual Vendor CLI Proprietary Product

skillsIT

DIFFERENT POINTS OF VIEWRapid Application Delivery

Networking

Discrete blocks with no business alignment

ContinuityAgility

Application Velocity

THE AUTOMATION CONTINUUM

Old Way

ProductionCollectConfigureBuildPhysical Install

New Way

ProductionCollectConfigureBuildPhysical Install

Hours/Days(manual)

Minutes(automated)

BENEFITS• Minimum networking skills required• Reduced Opex• Consistent, Repeatable and Efficient• Rapid Application delivery

Control Analytics Configuration

CONTRAIL: NETWORK ORCHESTRATION, AUTOMATION

OSS/BSS

CLOUD SERVICES, ANALYTICS

API/SDK (VIRTUALIZED, PHYSICAL)ORCHESTRATION/OSS

Applications

Network Compute Storage

SDN

• Abstraction of the Network Layer to address it as a whole as opposed to discrete parts

Orchestration

• Domain wide ability to control resources in combination across various systems

Automation

• Programmatic Access to Data Center Resource for consistency, repeatability, and efficiency

APPROACH COMPARISONAutomation, Orchestration, and SDN

JUNIPER OFFERINGS

JUNOS AUTOMATION STACKTool built into Junos that enable automation

Chef

Junos

Data Plane (PFE)Chassis

XML

Netconf

PythonEZ Framework RubyEZ Library

PuppetAnsiblePythonScripts

RubyScripts

Junoscript

SNMPRO

CLI

Junos Platform Automation Stack

15+ years of automation history

Open architecture

Three key features at the platform layer

XML Junos Script and Netconf Junos EZ

NETWORK AUTOMATION

The Build phase centers around the initial design and installation of a network component

The Configure phase covers methods to deploy on demand configuration and software changes to the platform

The Collection phase deals with automating the process of monitoring operational state of the platform and reacting on state conditions

Build

ConfigureCollect

AUTOMATION TOOLKIT: BUILD

Feature Description

Zero Touch Provisioning (ZTP)

• Out of the box configuration and software deployment• Faster deployment

• Multi-node orchestration awareness• Agentless• Vendor Agnostic

Configure CollectBuild

Flexible scripting option for custom provisioning

Switch successfully provisioned

Switch is racked and stacked, sends a DHCP request on

boot

Configuration and image information loaded on DHCP

server

EX & QFX Series

Switches

DHCP Server responds with image and configuration

DHCP Server

BUILD: ZERO TOUCH PROVISIONING

• Minimal skill required• Consistent deployment• Reduced Data Center

Build time• Reduced configuration

errors

load different images based on location

BUILD: ANSIBLE

Python API

AnsibleTransports

Plugins

PlaybookFiles

Junos_get_facts

Junos_install_os Junos_reboot

Junos_install_config

Junos_shutdown

ModuleLibrary

Security Routing Switching

NETCONF

SSH

Telnet/Console

• Agentless and simple approach• Coding skills not required• Work flow Engine• One tool for Network/Compute/Storage

BUILD: JUNIPER SWITCH SUPPORT

Feature Product support

Zero Touch Provisioning (ZTP) • All EX and QFX series products

• Any of the Juniper JUNOS OS based platforms

AUTOMATION TOOLKIT: CONFIGURE

Configure CollectBuild

Tool DescriptionPlatform that can define and enforce the state of the infrastructure

Platform can transform complex infrastructure into code

Simple automation platform that Brings multi-node orchestration awareness

Python EZ "micro-framework" to remotely manage or automate Junos OS devices

Ruby Interpreter

EX | QFX | MX

Puppet "netdev" module

NETCONF

(FreeBSD)

NETCONF "gem"Puppet Agent(client)

Puppet Master(server)

"netdev"

jpuppetpackage

CONFIGURE: PUPPET

Puppet module stored on the Puppet master Puppet Agent downloads module to switch

Ruby Interpreter

EX | QFX | MX

Chef "netdev" module

NETCONF

(FreeBSD)

NETCONF "gem"Chef Client

Chef server

"netdev"

jchefpackage

CONFIGURE: CHEF

“netdev” module stored on the Chef server. Chef client downloads module to switch

CONFIGURE: PYTHON

Build Simple to Complex Applications

IT FrameworksPython Shell Python script Custom Applications

open-source – Maintained by CommunityNETCONF Client (NCCLIENT)

NETCONF TRANSPORT ONLY VENDOR AGNOSTIC NO ABSTRACTIONS

JUNOS SPECIFIC ABSTRACTION LAYER MICRO-FRAMEWORK

Junos Python EZ (JunosPyEZ) open-source – Maintained by Juniper

"snippets"(no variables)

"templates"(merge variables)Resources

Configuration Changes

Tables

Operational State

Views

CONFIGURE: JUNIPER SWITCH SUPPORT

Feature Product support

• EX45xx/EX4200• QFX with Enhanced Automation image• On roadmap for EX4300

• QFX with Enhanced Automation image• On roadmap for EX4300

• All Platforms

PythonEZ • Any JUNOS platform

AUTOMATION TOOLKIT: COLLECT

Configure CollectBuild

Tool DescriptionNetconf / DMI • Standard method for executing RPCs across a network

• Junos exposes all DMI functions via Netconf to remote hosts

Junos Scripts • Built into the Junos OS• Powerful and flexible onboard toolset• Available on all Junos platforms

PythonEZ • "micro-framework" to remotely manage or automate Junos OS devices• Collect operational states as native Python Operational Data

XML

NETCONF XML PROTOCOL (RFC4741)

Management System

Automate config changes,remote invocation of operational commands,collection of logs

NETCONF client libraries exist for a number of programming languages such as Java, Perl, Ruby, Python, and even SLAX !

Security Routing Switching

COLLECT: NETCONF/DMI

• Secure and connection oriented with SSHv2 as transport• Structured and transaction based with XML as RPC request / response• User-class privilege aware

Secure TCP/IP connections via

SSHv2 (RFC4742)

• Create Custom Commands

• Diagnose Network Problems

• Controlled Configuration Change

Operation Script

• Automate Event Responses

• Correlate Events

Event Script

• Assure compliance to business rules network/security policies

Commit Configuration Script

COLLECT: JUNOS SCRIPTS

COLLECT: JUNOS SCRIPTS

Each script type uses XML in its own unique way

Junos Infrastructure

OutputXML

instructionson what to

display

InputBlankXML

document

OpScript

EventScript

OutputXML

instructionson what to

display(if anything)

InputXML

eventdescription

CommitScript

OutputXML

instructionson actions

to take(make changes,issue warnings,

errors, etc.)InputXMLJunos

configuration

JUNOS SPECIFIC ABSTRACTION LAYER MICRO-FRAMEWORK

Junos Python EZ (JunosPyEZ)

COLLECT: PYTHON

Build Simple to Complex Applications

IT FrameworksPython Shell Python script Custom Applications

open-source – Maintained by CommunityNETCONF Client (NCCLIENT)

NETCONF TRANSPORT ONLY VENDOR AGNOSTIC NO ABSTRACTIONS

open-source – Maintained by Juniper

"snippets"(no variables)

"templates"(merge variables)Resources

Configuration Changes

Tables

Operational State

Views

COLLECT: JUNIPER SWITCH SUPPORT

Feature Product support

Netconf/DMI • All Platforms

JUNOS Scripts • All Platforms

PythonEZ • All Platforms

ENHANCED AUTOMATION SW ARCHITECTURE

Hardware

Operating System

App App App

Single Vendor Blob

Hardware

Operating System

App App App

Best of Breed Ecosystem

Python & Libraries

Ruby & Libraries

Puppet Agent

Chef ClientLayer 3 ZTP

Disabled VeriExec

Standard Junos Image, with the following changes:

ENHANCED SW: JUNIPER SWITCH SUPPORT

Feature Product support

Enhanced Automation SW Architecture • QFX5100

USE CASES

USE CASES – ENTERPRISE IT

BENEFITS• Minimal skill required by onsite deployment team

• Ensure Consistent deployment in line with company policies

• Reduces Data Center Build out from days to minutes

Configure CollectBuild

NEEDS• Large Scale• Minimal Interaction• Minimal Skills

ZTP + Ansible Server

USE CASES – ENTERPRISE IT

BENEFITS

Network Director

ZTP + Ansible Server

Web Server

Database

Juniper Firewall

New Web Server

• Network Director handles Element Management and Network As A Service Abstraction

• Network Director ensures consistent service deployment with minimal configuration by operations staff

• Network Director Data Center Visualization and Analytics Data ensures up to date data is available

Configure CollectBuild

NEEDS• Consistent Service• Growing new service• Abstraction

USE CASES – ENTERPRISE IT

BENEFITS

Network Director

ZTP + Ansible Server

Ops User

Web Server

Database

Juniper Firewall

New Web Server

Alert / Report

• Operational Workflow Automation allows operations staff to schedule tasks

• Create reports based on “Out of Profile” events

• Automate “Remediation Actions” based on report data to improve network availability and reduce MTTR

Configure CollectBuild

NEEDS• Monitor• Report• Remediate

USE CASE – CLOUD AUTOMATION LIFECYCLE

Boostraping

1Install & Config

2Monitoring &

Alarming

3Repairing

4Scaling

5

Build

1Config

2Collect

3

ZTP

Ansible

Chef

Puppet

Ansible

PythonEZ

Junos Script

PythonEZ

Netconf / DMI

Chef

Puppet

Ansible

SaltStack

Nagios

LogStach

Riemann

Graphite

Zabbix

Collectd

AWS CloudFormation

CloudFoundry

Cloudify

Fabric

Heat

Juju

Network Cycle

App Cycle

SNMP

JuniperCisco

Juniper AdvantageSmart Install (non-Nexus) and POAP (Nexus) ZTP One standard method for all platforms

OnePK and NX-PK SDK and NETCONF XML API All method for all platforms

Puppet and Chef IntegrationPuppet and Chef Integration on the platform

Cisco Solution needs a proxy server. Juniper Puppet and Chef clients run on the box

Python Scripting (Nexus) Rich Off-box functionality with JUNOS EZ libraries

Libraries available for standard operations and configuration. Enables Network administrators to create new automation tasks even with little programming skills

Embedded Automation Systems (EASy)

On the box automation solutions; Event, config, operation scripts, XML interface

Juniper platforms have provided robust on-the-box automation tools for a long time

COMPETITIVE -CISCO

Build

Configure

Collect

JuniperArista

Juniper AdvantageZTP ZTP

Common set of automation tools across routers, switches and security products

Puppet and Chef Integration Puppet and Chef Integration

Ansible works support Ansible works support

eAPI NETCONF XML API

Python Scripting Rich Off-box functionality with JUNOS EZ libraries

Arista EOS programmability Juniper SDK and JVAE

COMPETITIVE -ARISTA

Build

Configure

Collect

34 Copyright © 2013 Juniper Networks, Inc. www.juniper.net

AUTOMATION FOR CLOUD