The document discusses treating networks like containers by automating network configuration and changes through continuous integration/delivery pipelines. It recommends building network automation tools, implementing standard templates and tests, and deploying network changes using blue/green deployment patterns to reduce risk. Automating network configuration, implementing standards, and using pipelines and deployment patterns allows networks to be updated safely and at scale like containerized software.

1. How to Treat a Network
as a Container
(or get close)
Cisco DevNet Create | 2018

2. whoami
rosemary wang
platform & infra
@thoughtworks
@joatmon08

3. “digital transformation”
regressive automated

4. compute
regressive automated

5. build
ship
run

6. network
???????????

7. 99 problems
terminology
api
non-standard
“distributed system”
protocols are specialized
+94 more

8. connectivity
service discovery
policy

9. network
regressive automated
physical containers
dynamic
infrastructure*
*software-defined X / public cloud

10. build
ship
run
test
test
test

11. TEST

12. E2E
Integration
Service/Contract
Unit
Manualcost
validate
configuration
confirm
interaction
validate
interaction
“the real deal”
“The Testing Pyramid”

13. Manualcost
E2E
Integration
Service/Contract
Unit
“The Testing Signpost”

14. build

15. Given ⇨ the component to automate ⇨ Setup
When ⇨ some event happens ⇨ Automation
Then ⇨ the component should be configured ⇨ Test

16. connectivity
https://github.com/joatmon08/2018-cisco-devnet-create

17. topology from http://docker-k8s-lab.readthedocs.io/en/latest/docker/docker-ovs.html

18. Smoke Test
tests/smoke/features/connectivity.feature
Ansible Playbook
playbook/
Mock Virtual Device
joatmon08/openvswitch-docker
connectivity

19. unit: check_openvswitch_playbook
Creates a Vagrant box with Open vSwitch image, checks that the
playbook runs to completion.
lint_yaml lint_python check_ansible_syntax
Make sure spacing & syntax is good.
integration: bootstrap
sh -c '. venv/bin/activate; cd tests/smoke && behave'
Creates two Open vSwitch hosts via Vagrant, runs playbook,
creates a container on each and checks connectivity.
contract: bootstrap
sh -c '. venv/bin/activate; pytest tests/contract --capture=no'
Create Open vSwitch host via Vagrant, captures output of Consul
Handler and compares to input of playbook
Same tests as integration, except on real device if I had one.
E2E
Integration
Service/Contract
Unit
makefile
testing the feature

20. list of tools
Vagrant: for virtual devices
Ansible: for device automation
Python: for coding
pytest: for running unit/service tests
behave: BDD for running integration tests
makefile: shortcuts for staging & running tests

21. Automation Tool
Linting Program
Testing Framework
Smoke Test
Testing Framework
Scripts/BDD
Smoke Test
test
Config/Template
Validation
Functional Validation
Output/Input
Certification
Staging/Production E2E
Integration
Service/Contract
Unit

22. ship

23. ▢ names
▢ design principles
▢ common template/code formatting
▢ testing/development setup
▢ event triggers
set the standards

24. ▢ quality review
▢ linting programs
▢ version control
▢ CI/CD framework
▢ documentation
enforce the standards

25. changes fail
when
patterns break

26. therefore,
test for
conformance

27. “..is an automated manifestation
of your process for getting
software from version control
into the hands of your users.”
Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation
a pipeline

28. When I need to ship anything,
then I should do it through a pipeline.
Unit Build Secure Monitor Perform DeployTest
Lint
Unit Test
Contract Test
Automation Smoke Test
Conformance
Tests
(can run async)
Production
Ready!

29. pipeline.gocd.yaml

30. run

31. upgrade
scale
secure

32. upgrade
in-place
blue/green
depends on
risk
configuration

33. connectivity
Given I have a container or software-defined network
When I need to upgrade that network*
Then I should create a new network with updated
configuration and use it.
*Assumes no IP address affinity

34. blue
compute
cluster
compute
orchestrator

35. blue
network
orchestrator
compute
cluster
compute
orchestrator
green

36. blue
network
orchestrator
compute
cluster
compute
orchestrator
green
“Deploy” Fan-Out

37. blue
network
orchestrator
compute
cluster
compute
orchestrator
green
“Deploy” Fan-Out

38. blue
network
orchestrator
compute
cluster
compute
orchestrator
green
50%50%
“Deploy” Fan-Out

39. blue
network
orchestrator
compute
orchestrator
green
100%
“Deploy” Fan-Out

40. network
orchestrator
compute
orchestrator
green
100%
“Deploy” Fan-Out

41. networking is challenging
invest in tests
patterns & standards are useful

42. learn more
▢ hack
▢ read examples
▢ repurpose
▢ befriend a network engineer / qa / dev

43. thank you!
@joatmon08
https://goo.gl/oc2ySq
https://github.com/joatmon08/2018-cisco-devnet-create