Ansible Hands On Introduction

Automating Your Network with Ansible
and Cisco NSO

Enable Continuous Integration and Deployment with Zero Downtime
John Malzahn – Host, Senior Manager, Cloud and Virtualization Solutions Marketing, Cisco Systems
Carl Moberg – Technical Director, Cisco Systems
Andrius Benokraitis – Principal Product Manager, Networking, Ansible by Red Hat
Ian Hood – Chief Technologist, Global Telco, Red Hat
October 12, 2017

Today’s Presenters
John Malzahn Andrius Benokraitis Carl Moberg Ian Hood

Senior Manager, Cloud Principal Product Technology Director, Chief Technologist
and Virtualization Manager, Networking Cloud and Virtualization Global Telco
Solutions Marketing Group
Cisco Systems Ansible by Red Hat Cisco Systems Red Hat
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Agenda
Red Hat
1 Ansible Automation
Cisco NSO
2 Lifecycle Orchestration
Better Together:
3 Ansible and Cisco NSO
4 Demo
5 Wrap-up
Automation with Ansible
No matter where you are on your path
to digital transformation, you can
make an impact with automation.
How are you thinking about management?
What is your automation strategy?
Everyone is talking about
automation
ANSIBLE IS THE UNIVERSAL LANGUAGE
BUSINESS DEV QA/SECURITY IT OPERATIONS
RED HAT ANSIBLE TOWER
Scale + operationalize your automation
CONTROL KNOWLEDGE DELEGATION
RED HAT ANSIBLE ENGINE

Support for your Ansible automation
SIMPLE POWERFUL AGENTLESS
FUELED BY AN INNOVATIVE OPEN SOURCE COMMUNITY
Cisco NSO
The Industry Leading Network
Automation & Orchestration Platform
Cisco NSO – The Network API
Automation Network
Frameworks Engineers • No hard-coded assumptions
about:
Northbound: REST, NETCONF, JSON-RPC, Java, Python, Erlang, CLI, Web UI • Network services
• Network architecture
• Network devices
Cisco NSO • YANG-based data store driving
the north- and southbound
interfaces
Southbound: 70+ vendors across physical and virtual networks
• Southbound multi-protocol
CPE Metro and Access WAN Data Center support including NETCONF,
REST, CLI, SNMP
• Massively scalable
architecture deployed in
networks with 100k+ devices
Network Device Stack
Single entry point Features Change Rate
for configuration,
operations CLI/NETCONF/etc with supporting High, depends on
infrastructure including config master location in network
db for inflight changes and service:
Config Management • Day0/1 on install
In-memory and/or artifacts on disk • Day N for services
complicated updates through micro-
Application Config orchestration
Applications Proprietary applications, lifecycle as Low, as part of

integrated product maintenance or
OS security
Non-mainstream (platform HAL,
kernel patches, etc), lifecycle as
Monolithic Versioning integrated product
From Devices (ConfD)…
CLI SNMP NETCONF REST Challenges:
• Many different APIs and interfaces
ConfD to the north
• Heterogenous environment to
Data
Data the south
Models
Models CDB • One operation may lead to
many activities
Subscription-based APIs Solution includes:

A Mess (OS, Apps) • APIs and interfaces driven
by models
• Transaction-engine with
flexible rollback
…to Networks (NSO)
CLI SNMP NETCONF REST Challenges are very similar, but larger
scale, more distributed
NSO Service
So we added some more to the
Models
solution:
Device
CDB • Layered models for abstraction
Models • Mapping between layers
• Adapters for talking different protocols
NED NED NED NED
A Mess (the Network)

So Here We Are – Cisco NSO
Network Engineering Ops and Provisioning Service Developers • Model-driven end-to-end
service lifecycle and customer
experience in focus
NSO
• Seamless integration
Service Manager with existing and future
Package OSS/BSS environment
CDB Manager
Device Manager • Loosely-coupled and modular
architecture leveraging open
Device Abstraction ESC (VNFM) APIs and standard protocols
• Orchestration across
VNF Lifecycle VNF Service
NED NED NED multi-domain and multi-layer for
Manager Monitoring
centralized policy
and services across
entire network
Multi-domain Networks
Automation
Better Together with Ansible
+ NSO
Reference Architectures
Spanning Applications and Networks
Application Centric Connectivity Centric
Playbooks
Ansible NSO
NSO Ansible Playbooks
App App App App
Ansible Plus Cisco NSO – Better Together
• Ansible uses Playbooks to define named

tasks that are executed by the ansible-
Red Hat Ansible Tower playbook tool. The tasks use modules to
provides playbook-driven IT perform activities. The NSO modules
uses the version JSON-RPC API
and network automation
• NSO uses YANG modules to describe
the schema of the data that can be
manipulated using JSON-RPC. Clients
Cisco NSO provides model- (in this case an Ansible module) perform
driven service orchestration in operations on the data stored in CDB.
hybrid networks
• Easily consumed by native Ansible allows
application-centric services to unlock the
full value of the network
Ansible + Cisco NSO - Roles and Responsibilities
Ansible Devops teams
Playbook
• Owns lifecycle of playbook
Playbook
Playbook
YANG becomes contract language
NSO module between teams across infrastructure
cycles:
JSON-RPC
• Requirements from apps device
NSO provided in YAML-format
• New services published by infra
YANG
CDB team as REST-interface update
Infrastructure teams:
• Owns lifecycle of network services
Hybrid Network
Applicable Cisco NSO Features
Ansible • NSO provides a full CRUD
Playbook
Playbook
Playbook interface
• Create – easy
NSO module
• Update – hard
JSON-RPC • Delete – very hard
NSO • Transactions – either stuff

YANG
entirely happens or no stuff
CDB YANG happens
• Model-based (YANG) so clients
can fetch and validate payloads
Hybrid Network
Three Ansible Modules for Cisco NSO
• The nso_verify module fetches data from NSO, compares with
data in the task and reports any violations
• The nso_action module performs RPCs on NSO (e.g. check-sync)
and validates the output
• The nso_config module is used to create and delete instance data
in NSO
Module Commonality
• YAML data encoding for all Ansible features
• YAML encoding is straight translation from the JSON data structures
natively provided by NSO, e.g:
• curl -H "Accept: application/yang-data+json" \
http://localhost:8080/restconf/data/devices/ | json2yaml
• Input data is runtime validated against applicable subset of NSO YANG
modules
Value of Ansible Tower + Cisco NSO
• Single Ansible module • Gain immediate control over
leveraging NSO to support 70+ the entire network from data
vendors across domains center to CPE
• Integrated YANG-support for • Significantly reduce the amount
model-driven configuration of time spent testing
validation configuration changes
• Full rollback capabilities across • Reduce fallouts requiring
vendors and device types manual intervention to a
minimum
Automating Your
Infrastructure with Ansible
Tower and Cisco NSO
AUTOMATION >> Ansible + Cisco NSO Use Cases
Network Continuous
Automation Compliance
NFV / SDN IoT
Automating Mobile Services – vIMS / vEPC Use Cases
• Service Orchestration ServiceService Provider
Provider Cloud Cloud
• SDN / Network Automation
• RHOSP Deployment Automation Orchestration/Automation
• Ceph Storage Automation
Ansible
CloudForms
•VNF / Workload Placement Tower Cisco NSO
Customers
Mobile Devices Open

APIs
Cisco NSO
vEPC vIMS vSMS vPCRF
Business Location /
Venues
NFVI RH OSP
RHEL KVM RH Storage OVS/DPDK
Compute Storage Network

RHEL HOST
Demo Time!
Demo Setup – Cisco NSO
JSON-
CLI REST
RPC • Three groups of three routers each,
running in netsim (management only,
NSO
no packets passed)
CDB
• Appropriate NEDs loaded to support
the router types and protocols
XE (CLI) XR (CLI)
NETCON
F
• I’ll use the CLI and REST for manual
steps, and Ansible will use the JSON-
RPC interface
IOS-XE IOS-XR Juniper

Demo Setup – Ansible
• Three NSO modules interacting
Playbook
Playbook
with device- and service level
Ansible Playbooks
abstractions
NSO Configuration • A set of example playbooks
Module
using the modules
NSO Verification
Module
NSO Action Module
JSON-RPC
Summary
What You Gain
Cisco Network Services Orchestrator + Ansible Tower
• Agility Throughout Service Lifecycle
- Strict YANG model-driven solution
- Auto-rendered business logic results in 90% less code
- Effortlessly re-deployment of updated service and device models
- DevOps for differentiation
• Full automation of Applications and Networks
• Robust and Proven in tier-1 Deployments
• Industry’s Broadest Multivendor Support
• Relevant in today’s and tomorrow’s networks
For more information
Visit:
www.cisco.com/go/nso
www.redhat.com/ansible
And contact your Cisco and Red Hat

account representatives

Ansible Hands On Introduction

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Ansible Hands On Introduction

Încărcat de

Drepturi de autor:

Formate disponibile

Automating Your Network with Ansible

and Cisco NSO

October 12, 2017

John Malzahn Andrius Benokraitis Carl Moberg Ian Hood

Cisco Systems Ansible by Red Hat Cisco Systems Red Hat

What is your automation strategy?

BUSINESS DEV QA/SECURITY IT OPERATIONS

CONTROL KNOWLEDGE DELEGATION

RED HAT ANSIBLE ENGINE

SIMPLE POWERFUL AGENTLESS

FUELED BY AN INNOVATIVE OPEN SOURCE COMMUNITY

Applications Proprietary applications, lifecycle as Low, as part of

Subscription-based APIs Solution includes:

A Mess (the Network)

NSO Ansible Playbooks

App App App App

• Ansible uses Playbooks to define named

JSON-RPC • Delete – very hard

NSO • Transactions – either stuff

NFV / SDN IoT

Mobile Devices Open

vEPC vIMS vSMS vPCRF

RHEL KVM RH Storage OVS/DPDK

Compute Storage Network

IOS-XE IOS-XR Juniper

NSO Action Module

And contact your Cisco and Red Hat

S-ar putea să vă placă și