Upload
robb-boyd
View
356
Download
0
Embed Size (px)
Citation preview
Beyond Command Line Interface:
Catalyst Switching Programmability
Jeff McLaughlin, Fabrizio Maccioni
August 9, 2017
IOS XE 16.x: Industry-Leading Open Programmable OS
Easy onboarding of
devices using turnkey and
open source tools
Consistent management
of devices through
machine interfaces
Develop, deploy, test new
services on devices
Stream granular data for
real time monitoring and
troubleshooting
Open Standards Based Extensible Consistent
API
Device
Onboarding
Configuration
Automation
Application
Hosting
Telemetry
IOS XE: Automating Network Device Lifecycle
Install
Configure
Optimize
Upgrade
Goal:
Apply configuration to the
device
Tools:
Data Models
Programmable Interfaces
Python Scripting
Goal:
Continuously upgrade
network, incrementally
and safely
Tools:
Patching
Config/Replace
Goal:
Get devices into an operational state
Provisioning Automation Tools:
PXE, ZTP, PnP
Python Scripting
Goal:
Add dynamic services,
optimize behavior and
trouble shooting
Tools:
Operating Data Models
Telemetry
Device Provisioning Automation
Pre-boot Execution Environment (PXE) Client
Zero Touch Provisioning
Cisco Network Plug and Play
Boot Image
Source
Network Device Device
Programmable
Interfaces
Open Open Open (via APIC-EM)
Ideal for heterogeneous /
multi-vendor network environmentsOptimized for Cisco networks
(highly secure and scalable)
updates
16.5.1New
16.5.1
Boot Server
PXE Booting Switch
ZTP Server
ZTP AgentSwitchZTP script
PnP AgentSwitchPnP Agent
Config Templates Use CasePnP Templates
hostname $hostname
enable password xxx
!
username sdn password 0 xxx
!
ip http server
ip http secure-server
snmp-server community xxxx RO
!
line con 0
line vty 0 15
login local
transport input ssh telnet
end
variables prefixed by $
Template GUI form:
https://communities.cisco.com/community/developer/dna/blog/2016/10/30/apic-em-13-update-plug-and-play-network-automation-api-part1
NewAPIC-EM 1.3
Launch APIC-EM
YANG Data Models
YANGModel
container ip {
list vrf {
leaf rd
}
}
Data
red_vrf
rd 65001:1 XML
<vrf>red</vrf>
<rd>1:1</rd>
YANG models can be used as a template for generating structured data in many different formats.
JSON
{“vrf”: “red”
“rd”: “1:1”}
YANGcontainer ip {list vrf {description"Configure an IP VPN Routing/Forwardinginstance";
leaf name {type string;
}
leaf rd {description"Specify Route Distinguisher";type rd-type;
}}
}
XML<ip><vrf><name>vrf_red</name><rd>65000:1</rd>
</vrf><vrf><name>vrf_green</name><rd>65000:2</rd>
</vrf></ip>
YANG Configuration Model Example*
* Note: YANG model simplified for clarity
ip vrf vrf_redrd 65001:1
!ip vrf vrf_greenrd 65001:2
!
CLI
Who Defines YANG Models?
https://github.com/YangModels/yang
https://github.com/openconfig
NETCONF Highlights
• Transactional• Either all configuration is applied or nothing
• Avoids inconsistent state
• Both at Single Device and Network-wide level
• Error Management• OK or error code
• Capability Exchange
• Models Download from a Device
ssh -p 830 [email protected] -s netconf
NETCONF Operation Example
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><get><filter>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces"><interface><name>GigabitEthernet1/0/1</name>
</interface></interfaces>
</filter></get>
</rpc>
Message - RPC
Operation
Payload (Content)
PYANG Tool
“Tool to validate and navigate YANG Models”
pyang -f tree [email protected] --tree-depth 4
depth optionschema tree YANG Model
https://github.com/mbj4668/pyang
YangExplorer Demo
(1) Select a Profile
(2) Browse Models
(3) Define Operations
(4) Create RPC
(5) Run RPC
Python Scripts
YDK
Check Capabilities
https://github.com/CiscoDevNet/yang-explorer
YangExplorer
Streaming Telemetry
Export enriched, consistent and concise data with context from
network devices for a better user and operator experience
Periodic or
On-Change
Structured Data Scalable Reduced CPU
Load
Streaming Telemetry
NETCONF RESTCONF gRPC
Device Features
Interface BGP QoS ACL …
SNMP
YANG Data Model
Open Native Open Native
Physical and Virtual Network Infrastructure
Configuration Operational
Programmable
Interfaces
Collector
SubscriptionPeriodic or on-change
tcollector
IOS XE Operational Data Models
Asset Management System Monitoring Feature Monitoring
openconfig-platform.yang Cisco-IOS-XE-checkpoint-archive-oper.yangCisco-IOS-XE-environment-oper.yangCisco-IOS-XE-memory-oper.yangCisco-IOS-XE-platform-software-oper.yangCisco-IOS-XE-process-cpu-oper.yangCisco-IOS-XE-process-memory-oper.yangietf-interfaces.yang
Cisco-IOS-XE-acl-oper.yangCisco-IOS-XE-bfd-oper.yangCisco-IOS-XE-bgp-oper.yangCisco-IOS-XE-cfm-oper.yangCisco-IOS-XE-efp-oper.yangCisco-IOS-XE-flow-monitor-oper.yangCisco-IOS-XE-ip-sla-oper.yangCisco-IOS-XE-lldp-oper.yangCisco-IOS-XE-mpls-fwd-oper.yangCisco-IOS-XE-mpls-ldp.yangCisco-IOS-XE-trustsec-oper.yangCisco-IOS-XE-virtual-service-oper.yangcisco-bridge-domain.yangcisco-qos-action-oper.yangcommon-mpls-static.yangietf-diffserv-target.yangietf-ospf.yangietf-routing.yang
https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/1651
Streaming Telemetry Demo
RPC Subscription Launch Kibana
Python: Why not C, Ruby, Perl, TCL, Go, etc.?
Easy to Learn
Interactive shell
Easy to begin with simple scripts
Libraries!
Extensive libraries, like an “app store” for developers
Read Excel, output PDF, draw graphs, etc.
And it’s well supported in the networking community!
Getting Python
PC/Windows
Download and install Python 2.7 or 3
Download and install PIP package manager
1
2
Python 2 vs 3
Python 2.7.10
>>> print "Hello World!”
Hello World!
Python 3.6.0a4
>>> print "Hello World!"
SyntaxError: Missing parentheses
>>> print ("Hello World")
Hello World
Python 2
• Most common version
• Default installation on Linux
• Most libraries
• Losing popularity
Python 3
• Several language enhancements
• Often separate installation
• Not all libraries supported
• Commonly used in books/courses
Python 2 and 3 are not mutually compatible!
PIP Install
Python
PDFrw
OpenPy
XL
NCClient
YDK-Py
$ pip install netaddr
Downloading/unpacking netaddr
Downloading netaddr-0.7.19-py2.py3-none-any.whl
(1.6MB): 1.6MB downloaded
Installing collected packages: netaddr
Successfully installed netaddr
Cleaning up...
<interface><GigabitEthernet><name>1/0/14</name><description>To_Core_Switch</description><ip><address><primary><address>15.10.1.1</address><mask>255.255.255.0</mask>
</primary></address>
</ip></GigabitEthernet>
</interface>
gigabitethernet= interface.Gigabitethernet()gigabitethernet.name = "1/0/14"gigabitethernet.description = "To_Core_Switch"gigabitethernet.ip.address.primary.address = "15.10.1.1"gigabitethernet.ip.address.primary.mask = "255.255.255.0" ip_add.gigabitethernet.append(gigabitethernet)
NCClient:
YDK:
Installing git
Install Git using the standard installers on Mac/Windows
Use the usual methods on Linux (apt-get, yum, rpm, etc.)
Highly Recommended: Install GitHub Desktop!
Using Python with IOS XE Devices
scripts executed externally from switch:
• configuration management automation
• telemetry / operational data
• controller use cases including APIC-EM / Cisco Network PNP
IOS-XE DeviceIOS
Python
SSH/NETCONF
“Off-Box” Python
Linux Server
• scripts executed locally on switch:
• provisioning automation (ZTP)
• automating Embedded Event Manager
• application development
• IOT
IOS-XE Device
IOS
Python
IOS XE “On-Box” PythonIOS XE
16.5.1
Guest ShellVirtualized Linux Environment On Your Switch
• Secure Linux shell environment
• On-box rapid prototyping
• Application Hosting
• Disabled by default
switch# guestshell enableNetwork OS
Guest ShellLinux Container
API
Linuxapplications
IOS XE
16.5.1
The old days of networking...
Slow processor
Little memory
Monolithic IOS
Hardware dedicated to IOS
(Pictured: Cisco 2501)
Networking today...
Fast x86 processor
SSD expansion
Linux-based OS
Capable of multiple apps
(Pictured: Catalyst 9300)
Types of applications
Performance/Throughput testing
Configuration Management agents
Packet collection/analysis
Python-based apps
Recommended
IOx Client Fog Director
Local ManagerRE
ST
RE
ST
REST
Cisco Application Framework (CAF)/IOx
Host OS (IOS XE Kernel)
Linux Process Linux Process
Kernel
LXC VM
CLI
External Management Tools
On-Box Management Tools
rootfsContainer Workflow
VM
Workflow
Disk Img(Qcow2)
- artifacts.tgz
- package.yaml- package.mf
Packaging (IOxClient/Script)
package.tar
How do I learn Python?
Automate the Boring Stuff with Python, Al Sweigart
Great introduction to Python focused on automation. (Not specifically network automation.) Covers Python 3.0 only. Assumes zero knowledge. Read Excel docs, generate PDFs, etc. Highly recommended.
Real Python. http://realpython.com
Three-part course. Begins with basics assuming no knowledge. Covers Python 2.7 and 3.0. Parts II and III focus on web development with Python. Covers flask, Django, jinja2 templates. Many resources on the web site for free.
Cisco DevNet
http://developer.cisco.com
• Learning Labs
• Sandboxes
• API Documentation
• Python, YDK, REST
• And More!