Frictionless IT Automation

1,190 views
1,023 views

Published on

"Puppet for Networking: Frictionless IT Automation" by Jeremy Schulman of Juniper at Puppet Camp Boston 2013.

Published in: Technology

Frictionless IT Automation

  1. 1. Copyright © 2013 Juniper Networks, Inc. www.juniper.netCopyright © 2013 Juniper Networks, Inc. www.juniper.netFRICTIONLESS  IT  AUTOMATION    Jeremy  Schulman  -­‐  Director  |  Automa5on  Concept  Engineering  @nwkautomaniac          
  2. 2. Copyright © 2013 Juniper Networks, Inc. www.juniper.net"THE ORACLE AND THE SHERPA" ...
  3. 3. Copyright © 2013 Juniper Networks, Inc. www.juniper.netAUTOMATION IS LIKE EATING ICE CREAM•  Everyone want it•  Everyone wants something different•  No-one wants to make it•  No-one wants to clean up the mess
  4. 4. Copyright © 2013 Juniper Networks, Inc. www.juniper.netHOW DO YOU EAT ICE CREAM?Banana Splitat Baskin RobinsSelf ServiceFrozen YogurtThe Grocery Store DIY withKitchen-Aid
  5. 5. Copyright © 2013 Juniper Networks, Inc. www.juniper.netFRICTIONLESS IT AUTOMATION§  Return on Investment§  Increase revenue throughput§  Reduce costs to manually do repetitive work§  Reduce costs due to delays and errors§  Reduce Risk§  Manually operated complex systems are fragile§  Improve Service§  Network infrastructure is a "utility" that runs the business§  Server and application automation is the standard§  Network automation must "level-up"
  6. 6. Copyright © 2013 Juniper Networks, Inc. www.juniper.netNodalAutomation( Puppet, Chef )Ad-HocScripting( Bash, Perl )IT WorkflowOrchestrationBusinessWorkflowOrchestrationJNCIAAssociateJNCISSpecialistJNCIPProfessionalJNCIEExpertITNetworkValue is a function ofautomation programmingand system integration thatdrives the businessValue is a function ofmastering vendor CLIand networking domainknowledge
  7. 7. Copyright © 2013 Juniper Networks, Inc. www.juniper.netSERVER WORLDDevice running LinuxLinux KernelFedora DistributionApplications ApplicationsApplications ApplicationsMiddlewareMiddlewareMiddlewareMiddlewareDiscrete collections ofpackage / files / serviceMore discretecollections of package /files / service
  8. 8. Copyright © 2013 Juniper Networks, Inc. www.juniper.netNETWORKING WORLDDevice running JunosJunos ImageInitial ConfigurationService ServiceService ServiceDiscrete collections ofconfiguration statementMore discrete collections ofconfiguration statement
  9. 9. Copyright © 2013 Juniper Networks, Inc. www.juniper.netOPPORTUNITIES FOR NETWORK AUTOMATIONDevice running JunosJunos ImageInitial ConfigurationService ServiceService ServiceBUILDHOUSECHANGEHOUSE
  10. 10. Copyright © 2013 Juniper Networks, Inc. www.juniper.netWHAT IS FRICTION?
  11. 11. Copyright © 2013 Juniper Networks, Inc. www.juniper.netFRICTIONLESS
  12. 12. Copyright © 2013 Juniper Networks, Inc. www.juniper.net1. DEFINE 2. SIMULATE4. REPORTRe-usable infrastructure-as-code Before deploying changesAutomatically and reliablyInsight into changesPUPPET: SOFTWARE-DEFINED INFRASTRUCTUREDESIREDSTATECURRENTSTATE3. ENFORCE}
  13. 13. Copyright © 2013 Juniper Networks, Inc. www.juniper.netPUPPET "NETDEV" MODULE  NetDev is a vendor-neutral network abstractionframework developed by Juniper Networks andcontributed freely to the DevOps community  Juniper has contributed basic layer-1 and layer-2network abstractions  DevOps can extend the framework to define anyabstractions or features they need for their environment  The NetDev framework is open and free; i.e. the“DevOps” way
  14. 14. Copyright © 2013 Juniper Networks, Inc. www.juniper.netPUPPET FOR JUNOS  “DevOps” Approach:§  NetDev module source code is in Github§  All packages are stored where they should be(Puppet Forge,…)§  Support done on J-Net community forum§  Juniper technical documentation available§  Free, “BSD-style” license
  15. 15. Copyright © 2013 Juniper Networks, Inc. www.juniper.netNETDEVRESOURCES TYPESResource Descriptionnetdev_vlan Manages VLAN configurationnetdev_interface Manages Physical Interface configurationnetdev_l2_interface Manages VLAN to interface assignmentsnetdev_lag Manages Link Aggregation Group configuration  class color_switch {  netdev_vlan { "Pink": vlan_id => 703 }  netdev_vlan { "Green": vlan_id => 101 }   netdev_l2_interface { ge-0/0/19:  untagged_vlan => Pink,  }   netdev_l2_interface { ge-0/0/20:  description => "My port, back off!",  untagged_vlan => Blue,  tagged_vlans => [ Green, Black, Yellow ],  }}
  16. 16. Copyright © 2013 Juniper Networks, Inc. www.juniper.netNETDEV_L2_INTERFACEACCESS PORT EXAMPLE - EX PLATFORMS  node "ex4" {  netdev_device { $hostname: }  netdev_l2_interface { "ge-0/0/9":  untagged_vlan => Green  }  }interfaces {ge-0/0/9 {  unit 0 {  description "Puppet created netdev_l2_interface : ge-0/0/9"  family ethernet-switching {  port-mode access;  vlan {  members Green;  }  }  }  }}
  17. 17. Copyright © 2013 Juniper Networks, Inc. www.juniper.netNETDEV_L2_INTERFACEACCESS PORT EXAMPLE - MX PLATFORMS  node "mx12" {  netdev_device { $hostname: }  netdev_l2_interface { "ge-5/0/3":  untagged_vlan => Green  }  }interfaces {  ge-5/0/3  unit 0 {  description "Puppet created netdev_l2_interface: ge-5/0/3";  family bridge {  interface-mode access;  vlan-id 101;  }  }  }}
  18. 18. Copyright © 2013 Juniper Networks, Inc. www.juniper.netJUNOS XML APIFOR SERVER-BASED AUTOMATIONSecure TCP/IPconnections viaSSHv2 (RFC4742)XMLNETCONF XMLPROTOCOL(RFC4741)SwitchingSecurity RoutingManagement SystemAutomate config changes,remote invocation ofoperational commands,collection of logs§  Secure and connection oriented … SSHv2 as transport§  Structured and transaction based … XML as RPC request / response§  User-class privilege aware … Native to Junos§  Comprehensive & Consistent ... Automate everythingNETCONF client librariesexist for a number ofprogramming languages suchas Java, Perl, Ruby, Python,and even SLAX !
  19. 19. Copyright © 2013 Juniper Networks, Inc. www.juniper.netDevice running Junos OSPuppet NetDev modulesRuby GemsRuby InterpreterXMLPuppet Agent(client)Puppet Master(server)netdevjpuppetpackagePUPPET FOR JUNOS(FreeBSD)
  20. 20. Copyright © 2013 Juniper Networks, Inc. www.juniper.netLEARN MORE ABOUT PUPPET FOR JUNOS
  21. 21. Copyright © 2013 Juniper Networks, Inc. www.juniper.netTHANK YOU !

×