Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Puppet Enterprise for the Network

1,836 views

Published on

Discusses the networking community and how they approach automation - current challenges/opportunities Learn about the "Netdev" Puppet module initiative; a "standard library" of resource types for networking equipment - current and future ideas.

Speaker
Jeremy Schulman
Global Solutions Architect, Infrastructure Automation, Juniper Networks
Jeremy is a 20 year veteran in the networking industry and has been with Juniper Networks for over five year. He holds a BSCS from Georgia Tech and began his career as an embedded software engineer building network infrastructure. After 12 years in software, Jeremy transitioned into a technical sales role as a network solutions architect. In 2012 Jeremy's focus turned exclusively to Infrastructure Automation. Jeremy now directs field awareness and DevOp initiatives integrating Junos with IT automation frameworks. He was responsible for the initial development of Puppet for Junos, and he is the maintainer of the Ruby NETCONF gem.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Puppet Enterprise for the Network

  1. 1. Copyright © 2013 Juniper Networks, Inc. www.juniper.netCopyright © 2013 Juniper Networks, Inc. www.juniper.net PUPPET AND NETWORKING Jeremy Schulman - Director | Automation Concept Engineering @nwkautomaniac jschulman@juniper.net
  2. 2. Copyright © 2013 Juniper Networks, Inc. www.juniper.net
  3. 3. Copyright © 2013 Juniper Networks, Inc. www.juniper.net WHY DID WE DO IT?
  4. 4. Copyright © 2013 Juniper Networks, Inc. www.juniper.net
  5. 5. Copyright © 2013 Juniper Networks, Inc. www.juniper.net Device running Junos OS Puppet Netdev modules Ruby Gems Ruby Interpreter XML Puppet Agent (client) Puppet Master (server) netdev jpuppet package PUPPET FOR JUNOS (FreeBSD)
  6. 6. Copyright © 2013 Juniper Networks, Inc. www.juniper.net JUNOS XML API ON-BOX AND OFF-BOX AUTOMATION Secure TCP/IP connections via SSHv2 (RFC4742) XML NETCONF XML PROTOCOL (RFC4741) SwitchingSecurity Routing Management System Automate config changes, remote invocation of operational commands, collection of logs  Secure and connection oriented … SSHv2 as transport  Structured and transaction based … XML as RPC request / response  User-class privilege aware … Native to Junos  Comprehensive & Consistent ... Automate everything NETCONF client libraries exist for a number of programming languages such as Java, Perl, Ruby, Python, and even SLAX !
  7. 7. Copyright © 2013 Juniper Networks, Inc. www.juniper.net PUPPET "NETDEV" MODULE Netdev is a vendor-neutral network abstraction framework developed by Juniper Networks and contributed freely to the DevOps community Juniper has contributed basic layer-1 and layer-2 network abstractions DevOps can extend the framework to define any abstractions or features they need for their environment The Netdev framework is open and free; i.e. the “DevOps” way
  8. 8. Copyright © 2013 Juniper Networks, Inc. www.juniper.net PUPPET FOR JUNOS “DevOps” Approach:  Netdev module source code is in Github  All packages are stored where they should be (Puppet Forge,…)  Support done on J-Net community forum  Juniper technical documentation available  Free, “BSD-style” license
  9. 9. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV RESOURCES TYPES Resource Description netdev_vlan Manages VLAN configuration netdev_interface Manages Physical Interface configuration netdev_l2_interface Manages VLAN to interface assignments netdev_lag Manages Link Aggregation Group configuration class switch_template { netdev_vlan { "Pink": vlan_id => 703 } netdev_vlan { "Green": vlan_id => 101 } netdev_l2_interface { 'ge-0/0/19': untagged_vlan => Pink, } netdev_l2_interface { 'ge-0/0/20': description => "My port, back off!", untagged_vlan => Blue, tagged_vlans => [ Green, Black, Yellow ], } }
  10. 10. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_VLAN MANAGE VLANS Property Description name The name of the VLAN, e.g. “Blue” vlan_id The VLAN tag-ID value [ 1 .. 4095 ] description The VLAN description. If one is not provided, then it will default to: Puppet created VLAN: <name>: <vlan-id> VLANs are assigned to ports using the netdev_l2_interface resource
  11. 11. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_INTERFACE MANAGE PHYSICAL INTERFACES Property Description name The name of the interface, e.g. “ge-0/0/0” description Assigns the description value to the interface, defaults to: Puppet created interface: <name> admin Configures the administrative state, defaults to up: up, down mtu Configures the interface MTU value speed Defaults to auto, Forces the link speed: 10m, 100m, 1g, 10g, auto duplex Defaults to auto Forces the link duplex: full, half, auto
  12. 12. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_L2_INTERFACE MANAGE ASSIGNMENT OF VLANS TO SWITCH PORTS Property Description name The name of the interface, e.g. “ge-0/0/0”, note: does *not* include the unit number description Assigns the description value to the interface, defaults to: Puppet created eth-switch: <name> untagged_vlan VLAN name for untagged packets. If the port is also processing tagged packets, then this VLAN is the "native VLAN" tagged_vlans VLAN names for tagged packets. This could be a single value, or an array of values. When this property is set, vlan_tagging property defaults to enable vlan_tagging Normally not used ... automatic by Puppet disable (default) - port is in access mode, tagged packets discarded enable - port is in trunk mode, tagged packets processed Automatically set to enable if tagged_vlans is also set
  13. 13. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_LAG MANAGE LINK AGGREGATION GROUPS Property Description name The name of the interface, e.g. “ae0” links A list of physical interfaces that makes up the LAG bundle lacp Controls if and how the Link Aggregation Control Protocol (LACP) is used. disabled (default) – LACP is not used active – LACP is in the active mode passive – LACP is in the passive mode minimum_links The number of physical links that must be in the “up” condition to declare the LAG port in the “up” condition. By default this value is not set and there is no minimum link requirement
  14. 14. Copyright © 2013 Juniper Networks, Inc. www.juniper.net AUTOMATION IS LIKE EATING ICE CREAM • Everyone want it • Everyone wants something different • No-one wants to make it • No-one wants to clean up the mess
  15. 15. Copyright © 2013 Juniper Networks, Inc. www.juniper.net HOW DO YOU EAT ICE CREAM? Banana Split at Baskin Robins Self Service Frozen Yogurt The Grocery Store DIY with Kitchen-Aid
  16. 16. Copyright © 2013 Juniper Networks, Inc. www.juniper.net FRICTIONLESS IT AUTOMATION  Return on Investment  Increase revenue throughput  Reduce costs to manually do repetitive work  Reduce costs due to delays and errors  Reduce Risk  Manually operated complex systems are fragile  Improve Service  Network infrastructure is a "utility" that runs the business  Server and application automation is the standard  Network automation must "level-up"
  17. 17. Copyright © 2013 Juniper Networks, Inc. www.juniper.net Nodal Automation ( Puppet, Chef ) Ad-Hoc Scripting ( Bash, Perl ) IT Workflow Orchestration Business Workflow Orchestration JNCIA Associate JNCIS Specialist JNCIP Professional JNCIE Expert IT Network Value is a function of automation programming and system integration that drives the business Value is a function of mastering vendor CLI and networking domain knowledge
  18. 18. Copyright © 2013 Juniper Networks, Inc. www.juniper.net SERVER WORLD Device running Linux Linux Kernel Fedora Distribution Applications Applications Applications Applications Middleware Middleware Middleware Middleware Discrete collections of package / files / service More discrete collections of package / files / service
  19. 19. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETWORKING WORLD Device running Junos Junos Image Initial Configuration Service Service Service Service Discrete collections of configuration statement More discrete collections of configuration statement
  20. 20. Copyright © 2013 Juniper Networks, Inc. www.juniper.net OPPORTUNITIES FOR NETWORK AUTOMATION Device running Junos Junos Image Initial Configuration Service Service Service Service BUILD HOUSE CHANGE HOUSE
  21. 21. Copyright © 2013 Juniper Networks, Inc. www.juniper.net LEARN MORE ABOUT PUPPET FOR JUNOS
  22. 22. Copyright © 2013 Juniper Networks, Inc. www.juniper.net THANK YOU !
  23. 23. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_L2_INTERFACE ACCESS PORT EXAMPLE - EX PLATFORMS node "ex4" { netdev_device { $hostname: } netdev_l2_interface { "ge-0/0/9": untagged_vlan => Green } } interfaces { ge-0/0/9 { unit 0 { description "Puppet created netdev_l2_interface : ge-0/0/9" family ethernet-switching { port-mode access; vlan { members Green; } } } } }
  24. 24. Copyright © 2013 Juniper Networks, Inc. www.juniper.net NETDEV_L2_INTERFACE ACCESS PORT EXAMPLE - MX PLATFORMS node "mx12" { netdev_device { $hostname: } netdev_l2_interface { "ge-5/0/3": untagged_vlan => Green } } interfaces { ge-5/0/3 unit 0 { description "Puppet created netdev_l2_interface: ge-5/0/3"; family bridge { interface-mode access; vlan-id 101; } } } }

×