1 of 18

Automation, Orchestration prototyping, and strategy

Nick Buraglio

ESnet Network Planning Team

LBNL

GPN Webinar

3/9/2018

2 of 18

Problem scope

  • All networks have a superset of loosely coupled services that in many cases must be touched manually in order to complete common tasks. Manually performing repetitive tasks is inefficient and error prone.

3 of 18

What about SDN?

  • “SDN” currently exists as a specialized networking toolkit deployed primarily in large data centers
  • Standardized control protocols have not met critical mass in vendor provided solutions (i.e. Incumbent network vendor stacks)
  • Topological awareness and centralized stateful controllers across large geographic areas is very difficult to run in production
  • Radical change is very, very hard in existing environments
    • Legacy support is often a requirement
    • Internal support models can be difficult to update organizationally

4 of 18

What can we do?

  • Orchestrate the automations

5 of 18

Automation and Orchestration

Automation

  • Defining a task and creating a programmatic methodology for execution of that task

6 of 18

Automation and Orchestration

Orchestration

  • Defining and automating a workflow of tasks and/or processes. May involve multiple systems and technological disciplines

7 of 18

State of the network

  • Existing networks tend to have entrenched workflows
  • Most existing workflows are manual and repetitive
    • Likely require manipulation of multiple systems
      • DNS, IPAM, Database, Ticket tracking, etc.
  • Time consuming, manual tasks
    • Create VLAN RVI on a router, tag VLAN on switch A, B, C, D
    • Configure network in IGP
    • Verify prefix in IGP
    • Add Prefix to IPAM
    • Update ticket
    • …..

8 of 18

Hypothesis

  • We can gain efficiency and consistency, lower margin of human error; free resources by utilizing a common platform that works across networking, systems, and services.

9 of 18

The reality of it...

  • Many options make strategy more difficult
  • It can be difficult to see the benefit until you can see the benefit
  • The first step is the hardest

10 of 18

What will I need & what makes it easier?

  • Validated support for your network or system hardware
  • Source of truth
    • Database
  • Templates, Templates, Templates
  • Can happen in parallel
  • Completely possible to get started with none of this

11 of 18

Example requirements for a platform

  • Must
    • Good documentation
    • Examples
    • Deep compatibility
    • Ability to talk to existing network equipment

    • Able to utilize templates
  • Highly desirable
    • Agentless
    • Commercial support
    • Rollback capability
  • Desirable
    • Web based interface
    • In-house experience

    • Works with your existing environment

12 of 18

Take it slow

  • See what’s already there
  • Automation is not a “boil the ocean” endeavor
  • Orchestration happens as a result of expanding automation
  • Don’t get hung up on the hype - do what works
  • Almost all of the pieces can happen in parallel

13 of 18

Get started: Pick 3

  • Pick the top 3 repetitive, manual tasks
  • Automate the simplest
  • Work out the bugs
  • Automate the next, refining the process
  • Pick 2 more because you’ve seen the benefit
  • …….
  • Profit

14 of 18

Example existing workflows

  • Basic automation of day to day
    • User Management
    • BGP route filters
    • L2 VPLS Circuits
    • VLAN creation and plumbing
    • L3 network creation and verification
  • Template prototypes of
    • BGP peerings
    • VRFs
    • [UNI, Linu]X system management
    • Validation of known state

15 of 18

What options are there?

  • Ansible
  • Salt
  • + NAPALM
  • Roll-your-own
    • Scripts utilizing RANCID, Oxidized as “transport”
  • Tail-F
  • NetYce

16 of 18

Orchestration prototype

Iperf -c

Iperf -s

X

X

BGP

OSPF

Management System

Virtualization System

Virtualization System

17 of 18

Lessons Learned

  • It’s work
  • Beware of edge cases
  • Some command sets may not have “native” handlers in some systems but can be performed “manually”
  • Orchestration comes second
  • It needs some dedicated time and resources
    • Pays back in very large dividends

18 of 18

Resources

  • Network to Code classes, Slack, documentation
    • http://networktocode.com/
  • Ansible/Puppet/Oxidized/NAMALM documentation
  • GitHub Examples
  • Commercial options such as Tail-F, Netyce, etc.
  • O’reilly book “Network Programmability and Automation”
    • ISBN 978-1491931257
  • IPSpace online training courses on automation and Ansible