Changing Network Configurations or State
From Building Network Automation Solutions
At a Glance
- High-intensity interactive online course;
- Jump-start your network automation career;
- Hands-on experience working on a solution to your own problem;
- 9 module course spread across ~3 months;
- Live discussion and guest speaker sessions;
- Design and coding assignments and group work;
- Final course completion certificate.
We built a data model for our infrastructure and a sample service during Week 3 of the course, now it’s time to change the network state, either by generating and changing device configurations, or by using an API provided by a network controller or cloud orchestration system.
We’ll start with simple configuration templates, explore the benefits of Ansible roles, discover various mechanisms and libraries you could use to push the generated configurations to network devices, and figure out how to combine automated configuration deployment with manual checks and approvals.
Hands-on assignments will include:
- Build and deploy a VLAN- or VXLAN-based data center service;
- Build ACLs or firewall rules and deploy them in your infrastructure (and use Capirca in multi-vendor deployments);
- Build router configurations for large-scale WAN deployment.
On February 27th 2018, Mircea Ulinic will describe Salt, an open source, general-purpose event-driven automation framework that is used by very large companies around the globe for various operations including: cloud provisioning, bringing systems up to a desired configuration, schedule commands, securely transfer files, or coordinate complex multi-systems orchestrations.
We will learn how to get started with Salt and set up an environment for event-driven network automation and orchestration. The cross-platform capabilities of SALT are relying on NAPALM which we will assume you're already familiar with. We will learn the recommended steps to install Salt, and the key points to remember. Mircea will also do a brief introduction to the CLI syntax, and acquaint you with the advanced configuration management capabilities. Debugging is always very important - particularly during development, so we will cover this as well, and explore the features Salt provides for debugging.
In the end, we will be briefly discuss event-driven infrastructure that we can use to trigger fully automatic configuration changes in response to external or internal network events.
On March 20th 2018 David Gee will dive deeper into event-driven network automation. As he explains the challenge:
When it comes to running infrastructure and infrastructure services, a lot of the decision making is human based. Someone reads a ticket, someone decides what to do. Someone gets alerted to an event and that someone does something about it. This involvement causes friction in the smooth running nature of automated processes. Fear not! Something can be done about it.
We all know the stories of ITIL and rigid process management and David will show you how event-driven automation could be made reality even with strict and rigid controls, resulting in an environment that reacts automatically to stimuli from your services and infrastructure. We will discuss what events are, when they're important, how to normalize them, and what we can do when we have identified an event positively. We will also discuss commercial vs open source options along with their pros and cons.
Finally, you will see a live demonstration of both syslog and ICMP powered event driven automation in action. Links to usable code samples will be provided in the session so you reproduce the demos in your own environment.
Previous guest speakers
Jeremy Stretch explained what drove him to create NetBox, a new IPAM/DCIM tool, the challenges he encountered in defining the data models, and how the API can be used to drive network automation. Or as he said:
Network automation is great, but it can't happen unless you have some way to model what your network should look like. NetBox, one of the few open-source tools focused on networking engineers' needs was developed to function as the "source of truth" for a network, covering all aspects of IP address and infrastructure management.
David Barroso, the author of NAPALM and SDN Internet Router, described how you can use NAPALM to create a vendor-independent network automation solution in spring 2017 course. His presentation included these topics:
- The challenges of working with vendor automation libraries and data models;
- Abstracting vendor API with NAPALM;
- Abstracting vendor configuration syntax with Jinja2 templates;
- Simplifying the configuration management workflow with NAPALM;
- Data-driven configurations
- Using database backend with Ansible and NAPALM;
- Simplifying network operations by abstracting sites and services.
To learn how to use Ansible playbooks, Ansible network modules and NAPALM to configure network devices watch these presentations:
- Network Service Provisioning Tutorial by David Barroso - 1 hour 25 minutes
- Case study: VLAN Service Provisioning - 1 hour 10 minutes
- WAN Services Deployment case study - 50 minutes
To get Ansible knowledge you'll need to understand the above presentations and solve the hands-on exercises watch these sections of the Ansible for Networking Engineers webinar:
- Complete Jinja2 section - 1 hour 30 minutes
- Network Devices Configuration Management section - ~1 hour
- You might also need a few topics from Ansible Deeper Dive section - 1 hour 40 minutes
You should also study the sample Ansible playbooks.
Finally, you'll probably enjoy the level of abstraction Dinesh Dutt achieved in his Data Center Fabric configuration playbooks (part of Network Automation Use Cases webinar).
Additional recommended materials
- To see NAPALM in action, watch NAPALM presentation from NANOG 64
- The Validating deployments with NAPALM blog post is a must-read.
I would also highly recommend listening to these Software Gone Wild episodes (each one is ~1 hour long):
Recording of the January 2017 session
- Network Automation Tutorial (PDF)
- Abstract Vendor Interfaces
- Abstract Vendor Configuration
- Data-Driven Configuration
- Data-Driven Configuration with Backend
- Data Model Abstractions
- Source code for Network Automation Tutorial