Your SlideShare is downloading. ×
Puppet day v1.1
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Puppet day v1.1

333
views

Published on

Configuring and patching cisco devices using puppet

Configuring and patching cisco devices using puppet

Published in: Technology, News & Politics

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
333
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Puppet Agent for Cisco devices Wojciech Dec – wdec@cisco.com April 12, 2013
  • 2. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 •  Puppet is client (node agent) – server (master) software & framework designed to automate node configuration and reporting. •  Puppet master stores target high level resource “intent” (manifest) for nodes. Manifest is compiled into a node’s list of dependent resource into catalog at puppet run time based on “facts” collected from the node •  Puppet client downloads the “catalog”, and any Puppet code (plugin) from Master. •  Puppet client uses local methods to realize catalog into config
  • 3. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 •  onePK provides manageability abstraction. Avoids CLI scraping Consistent across cisco OSes Exposes dynamic device state + device configuration •  Linux Container Runs distro on OS kernel Fitted with cisco onepk libs Isolates app failures from Network Element Superior flexibility for application developers (compared to SDK enforced walled garden)Device Components Management Agents Manageability Abstraction Device Management Infrastructure OS-specific Management Infrastructure XOS and Component APIs Traditional Management Agents (CLI, syslog, SNMP, XML) Next Generation Management Agents (Puppet, ..) onePK PL Transport/Marshaling onePK AL OS Shim LinuxContainerNXOS
  • 4. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Master Device Proxy Agent SSH, OnePK Device Proxy AgentDevice Agent Master Agent OnePK Linux container(s) on NXOS Agent OnePK
  • 5. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Master Device Proxy Agent SSH, OnePK Device Proxy AgentDevice Agent Master Agent OnePK Linux container(s) on NXOS Agent OnePK Pros: -  Each Agent maps directly to managed device -  machine’s characteristics (facts) exposed as own -  Easily extensible. Does not require core puppet code changes -  Automated agent plugin code download from master -  Better Scale Cons: -  Requires LXC container + OnePK capability on device Pros: -  No specific device requirements -  One agent can proxy for multiple machines Cons: -  CLI Scraping method -  More complicated Puppet agent (device proxy). -  Requires extensions in puppet core “device” mode code -  Scale and authentication management
  • 6. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 (Demo) Sample Manifest node ”cisco-switch" { include onepk_module onepk_vlan { "1000": description => "Green_Vlan", ensure => present } onepk_interface { "Ethernet 1/2": mode => "access", vlan => "1000", ensure => present } $patch_f = "sysinfo_patch.tar.gz” onepk_patch { ”sysinfo_patch": patch => ” ${patch_f}", server_type => ”bootflash", ensure => present, } }
  • 7. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Puppet Master Infra 1 2 3 1.  Based on push or pull trigger, agent runs facter to obtain device configuration information 2.  Agent sends facter data to master along with a catalog request + plugin (if needed) 3.  Master sends agent catalog response (subset of manifest based on agent’s facter data) 4.  Agent processes catalog - Provider applies necessary configuration changes 5.  After provider execution report sent to master ProviderFacter Puppet Agent 4 5 onePK API Cisco plugin Cisco plugin
  • 8. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 •  Demo Flow: •  Show on N7k device •  A puppet agent run Agent run triggered. Facts/Catalog exchanged with master Agent uses OnePK to communicate with switch OS Applies VLAN + switch port configuration Downloads & applies NXOS patch •  Show on N7k device Note: A “bare-metal” version of this demonstration is also available for virgin switch provisioning using PoAP + Puppet: Includes image and container download & install.
  • 9. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9Cisco Confidential 9Cisco Confidential 9© 2010 Cisco and/or its affiliates. All rights reserved. Thank you