SlideShare a Scribd company logo

Infrastructure API Lightning Talk by Jeremy Pollard of box.com

Download as PPTX, PDF
D
DevOps4Networks

What If Your Network Was Smarter Than You?

Technology
1 of 42
1 What If Your Network Was Smarter Than You? Jeremy Pollard
2 Who Am I? • Jeremy Pollard • Network Engineer @ Box.com • SIGGRAPH2015 GraphicsNet Committee Chair • Automator • Lindy-Hop and Blues Dancer
3 Complete Network Overhaul Networks that grow organically don’t scale, news to no one.
4 Network Overhaul • Old design grew as needed ‒ Need a switch? Add a switch. ‒ Flat layer 2 design. ‒ Did not Scale. • New Design ‒ Greenfield! ‒ New hardware! ‒ New design! ‒ New Datacenter!
5 “ Let’s build a smarter network. Said everyone, everywhere.
6 How do we do this? What are we trying to solve?
7 We’re Network Engineers…
8 And We Like… • Standards • Specifications • Designing with scalability in mind • Repeatable patterns
9 And Yet We Still Have To Answer Questions Like… • Which IP address should I use? • Where is this host located? • Do you know how this device is supposed to be cabled? • Which port should I use? • Did you configure that new switch?
10 Boring
11 Error Prone
12 A Waste Of Time
13 Cost The Company $$$
14 How Did Box Approach This? By thinking outside the Box… HA! Get it?! *crickets*
15 New Network Design In 30 seconds or less • Core / Agg / ToR model • Fully routed to the ToR • Two ToRs per cabinet • Pattern based port assignment • Mathematically generated ‒ IP addresses ‒ Hostnames ‒ VLANs • ID numbers to indicate Datacenter, Pod, Cabinet ‒ More on this later!
16 For Every Pair of ToRs • Over 300 pieces of unique information ‒ IP addresses/subnets ‒ Pinned routes ‒ Radius / Logging / NTP / etc servers ‒ Interface descriptions • ~180 DNS records • Cabling instructions ‒ 8 upstream port assignments ‒ 2 Serial consoles ‒ 2 management ports
17 Highly Complex
18 Highly Automatable
19 Time to build a smarter network
20 The Infrastructure API
21 Infrastructure API • HTTP based REST API • All things IP / Network / Datacenter • Single source of truth
22 It’s our design specification
23 It’s our design specification Implemented in code
24 Infrastructure API • IP address management for network devices and hosts ‒ In-band and Out-of-Band • Hostname generation • DNS registration • Generates all 300 unique pieces of info for ToR provisioning • Generates physical cable mappings and port assignments • Host to Security zone mapping • Provide network information for a given IP • Provide physical location for a given IP
25 Infrastructure API • Returns JSON objects • Easily integrates into token-based templates ‒ Full text configuration ‒ Cabling instructions • Can be easily integrated into other services
26 How Does It Work?
27 Fundamentals First • Procedurally Generated • Single Seed • Remember the IDs? ‒ Datacenter ‒ Pod ‒ Cabinet ‒ Host Type (Production side only) ‒ Rack-u (Out-of-Band side only) 0001010.10101000.10100001.00010100 Static Datacenter Pod Cab Type Host
28 Seeds • IP - > Datacenter / Pod / Cabinet / Type IDs • IDs - > Everything Else ‒ $cab_count = ($MAX_POD_SIZE * $pod_id - 1 ) + $cab_id ‒ $hostname = sprintf(‘tsw%02d’, $cab_count) ‒ $serial_server_number = $cab_count / 32 + 7($pod_id - 1) + 4 ‒ $serial_port_number = 33 + (($cab_count - 1) % 32) / 2 • And so on…
29 New Switch Provisioning A Use Case
30 In The Datacenter • DC Tech enters rack information to get cabling specifications for the cabinet
31 Once Racking and Cabling is Complete: • Manually Configure the management IP address ‒ This will be our seed! ‒ We’re working on DHCP… • Download provision.sh to the switch and execute. ‒ Downloads latest EOS ‒ Detects management IP ‒ API Call: device_config with management IP as the argument ‒ Infrastructure API generates the config ‒ Config is then saved to startup-config ‒ API Call: register_dns with management IP as the argument ‒ Infrastructure API calls our DNS API to register all records ‒ Download first_boot.sh ‒ Reboot device
32 After Reboot • first_boot.sh executed 2 minutes after boot • API Call: inventory_update ‒ Inventory API scans the device collecting: ‒ Hostname ‒ Serial Numbers ‒ Interface IP Addresses ‒ Interface States • Success!! ‒ Switch successfully provisioned ‒ Automatically added to monitoring
33 Other Uses?
34 Other uses? • Core / Datacenter teams host provisioning ‒ Host IP address assignment ‒ Hostname generation / DNS registration • Hadoop rack awareness • Assists in automating inventory audits ‒ Physical / logical mappings ‒ Host locating • If you build it, they will come.
35 Humans are still needed… Right? Right?!
36 You Bet! • All those IDs need to be defined – Thankfully it’s crazy easy! • YAML based data structure • Datacenters are assigned pods • Pods exist in cages • Pods are assigned Cabs • Etc…
37 We’re just not answering these questions anymore… • Which IP address should I use? • Where is this host located? • Do you know how this device is supposed to be cabled? • Which port should I use? • Did you configure that new switch?
38 “ This sounds great! But what are the potential problems? - Said anyone still paying attention
39 Problems… • Screw up ID allocation • DC Tech cabled devices incorrectly or incorrect physical location • Need to move an existing cab to another pod • Bugs!
40 What’s Next? To the future!!
41 Yet To Come • Get DHCP working for management addresses • Dynamically generate topology diagrams ‒ Graphviz ‒ D3 ‒ Take your pick • Automated validation of link health ‒ Up / Down ‒ Light levels ‒ Db loss
42 Thanks!

Recommended

The_Final_Presentation
The_Final_PresentationThe_Final_Presentation
The_Final_PresentationMichael Schultz
 
Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
Connecting Hardware to Flex (360MAX)
Connecting Hardware to Flex (360MAX)Connecting Hardware to Flex (360MAX)
Connecting Hardware to Flex (360MAX)Justin Mclean
 
MarsBoard - NXP IMX6 Processor
MarsBoard - NXP IMX6 ProcessorMarsBoard - NXP IMX6 Processor
MarsBoard - NXP IMX6 ProcessorNEEVEE Technologies
 
Connecting hardware up to ColdFusion
Connecting hardware up to ColdFusionConnecting hardware up to ColdFusion
Connecting hardware up to ColdFusionJustin Mclean
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingKHNOG
 
Linx88 IPv6 Neighbor Discovery Russell Heilling
Linx88 IPv6 Neighbor Discovery Russell HeillingLinx88 IPv6 Neighbor Discovery Russell Heilling
Linx88 IPv6 Neighbor Discovery Russell HeillingRussell Heilling
 
H ap 170929154108
H ap 170929154108H ap 170929154108
H ap 170929154108farsheed Homayoonfard
 

Recommended

The_Final_Presentation
The_Final_PresentationThe_Final_Presentation
The_Final_PresentationMichael Schultz
 
Day 17.1 nat pat
Day 17.1 nat pat Day 17.1 nat pat
Day 17.1 nat pat CYBERINTELLIGENTS
 
Connecting Hardware to Flex (360MAX)
Connecting Hardware to Flex (360MAX)Connecting Hardware to Flex (360MAX)
Connecting Hardware to Flex (360MAX)Justin Mclean
 
MarsBoard - NXP IMX6 Processor
MarsBoard - NXP IMX6 ProcessorMarsBoard - NXP IMX6 Processor
MarsBoard - NXP IMX6 ProcessorNEEVEE Technologies
 
Connecting hardware up to ColdFusion
Connecting hardware up to ColdFusionConnecting hardware up to ColdFusion
Connecting hardware up to ColdFusionJustin Mclean
 
How to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingHow to Prevent DHCP Spoofing
How to Prevent DHCP SpoofingKHNOG
 
Linx88 IPv6 Neighbor Discovery Russell Heilling
Linx88 IPv6 Neighbor Discovery Russell HeillingLinx88 IPv6 Neighbor Discovery Russell Heilling
Linx88 IPv6 Neighbor Discovery Russell HeillingRussell Heilling
 
H ap 170929154108
H ap 170929154108H ap 170929154108
H ap 170929154108farsheed Homayoonfard
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5Waqas Ahmed Nawaz
 
REDA services
REDA servicesREDA services
REDA servicesYuri Fonin
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6Paras Jha
 
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)Mr.Nukoon Phimsen
 
APRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationAPRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationTom Paseka
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planningTim Martin
 
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4Hussein Elmenshawy
 
Fedv6tf-fhs
Fedv6tf-fhsFedv6tf-fhs
Fedv6tf-fhsTim Martin
 
Ip interfaces by faststream technologies
Ip interfaces by faststream technologiesIp interfaces by faststream technologies
Ip interfaces by faststream technologiesVishalMalhotra58
 
03 Make Things Talk
03 Make Things Talk03 Make Things Talk
03 Make Things TalkMr.Nukoon Phimsen
 
Oracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and ExadataOracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and ExadataMike Chafin
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsTim Martin
 
Asterisk Voip
Asterisk VoipAsterisk Voip
Asterisk VoipVipin Sahu
 
ThinkNetPresentation
ThinkNetPresentationThinkNetPresentation
ThinkNetPresentationJamal Ahmad
 
Amp si net_hub444_specsheet
Amp si net_hub444_specsheetAmp si net_hub444_specsheet
Amp si net_hub444_specsheetElectromate
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scoutyeokm1
 
Ipv6
Ipv6Ipv6
Ipv6Nitesh Singh
 
Keep calm-and-try-v6only
Keep calm-and-try-v6onlyKeep calm-and-try-v6only
Keep calm-and-try-v6onlyBangladesh Network Operators Group
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 
Box.net overview
Box.net overviewBox.net overview
Box.net overviewEric McDuffee
 
AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012Porter-Roth Associates
 

More Related Content

What's hot

CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5Waqas Ahmed Nawaz
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Alejandro Salinas
 
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)Mr.Nukoon Phimsen
 
APRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationAPRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationTom Paseka
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planningTim Martin
 
Ip interfaces by faststream technologies
Ip interfaces by faststream technologiesIp interfaces by faststream technologies
Ip interfaces by faststream technologiesVishalMalhotra58
 
Oracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and ExadataOracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and ExadataMike Chafin
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsTim Martin
 
ThinkNetPresentation
ThinkNetPresentationThinkNetPresentation
ThinkNetPresentationJamal Ahmad
 
Amp si net_hub444_specsheet
Amp si net_hub444_specsheetAmp si net_hub444_specsheet
Amp si net_hub444_specsheetElectromate
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scoutyeokm1
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKIAPNIC
 

What's hot (20)

CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 5
 
REDA services
REDA servicesREDA services
REDA services
 
Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)Network Automation (Bay Area Juniper Networks Meetup)
Network Automation (Bay Area Juniper Networks Meetup)
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6
 
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
02 Raspberry Pi GPIO Interface on Node-RED (Some correction)
 
APRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationAPRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering Automation
 
IPv6 address-planning
IPv6 address-planningIPv6 address-planning
IPv6 address-planning
 
I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4I Pv6 Enabling Menog 0.4
I Pv6 Enabling Menog 0.4
 
Fedv6tf-fhs
Fedv6tf-fhsFedv6tf-fhs
Fedv6tf-fhs
 
Ip interfaces by faststream technologies
Ip interfaces by faststream technologiesIp interfaces by faststream technologies
Ip interfaces by faststream technologies
 
03 Make Things Talk
03 Make Things Talk03 Make Things Talk
03 Make Things Talk
 
Oracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and ExadataOracle Enterprise manager SNMP and Exadata
Oracle Enterprise manager SNMP and Exadata
 
Fedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friendsFedv6tf-IPv6-new-friends
Fedv6tf-IPv6-new-friends
 
Asterisk Voip
Asterisk VoipAsterisk Voip
Asterisk Voip
 
ThinkNetPresentation
ThinkNetPresentationThinkNetPresentation
ThinkNetPresentation
 
Amp si net_hub444_specsheet
Amp si net_hub444_specsheetAmp si net_hub444_specsheet
Amp si net_hub444_specsheet
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scout
 
Ipv6
Ipv6Ipv6
Ipv6
 
Keep calm-and-try-v6only
Keep calm-and-try-v6onlyKeep calm-and-try-v6only
Keep calm-and-try-v6only
 
Route Hijaking and the role of RPKI
Route Hijaking and the role of RPKIRoute Hijaking and the role of RPKI
Route Hijaking and the role of RPKI
 

Viewers also liked

AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012Porter-Roth Associates
 
Why Systems Fail: There is no Silver Bullet for ECM/RM Implementations
Why Systems Fail: There is no Silver Bullet for ECM/RM ImplementationsWhy Systems Fail: There is no Silver Bullet for ECM/RM Implementations
Why Systems Fail: There is no Silver Bullet for ECM/RM ImplementationsPorter-Roth Associates
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...Yiannis Verginadis
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Spiceworks
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...Motty Ben Atia
 
Enterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersEnterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersdigitallibrary
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...exponential-inc
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Spiceworks
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security programmatt_presson
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessInfopulse
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
Robbery Prevention for Small Businesses
Robbery Prevention for Small BusinessesRobbery Prevention for Small Businesses
Robbery Prevention for Small BusinessesFundera
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...David J Rosenthal
 
Security Guide For Small Business
Security Guide For Small BusinessSecurity Guide For Small Business
Security Guide For Small BusinessBrendanRose
 
Challenges Of Global Data Collection
Challenges Of Global Data Collection Challenges Of Global Data Collection
Challenges Of Global Data Collection ResearchShare
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small BusinessesWilkins Consulting, LLC
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!cisoplatform
 
Small business data security
Small business data securitySmall business data security
Small business data securityDavid Usher
 

Viewers also liked (20)

Box.net overview
Box.net overviewBox.net overview
Box.net overview
 
AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012AIIM Cloud Collaboration Presentation Jan. 2012
AIIM Cloud Collaboration Presentation Jan. 2012
 
Why Systems Fail: There is no Silver Bullet for ECM/RM Implementations
Why Systems Fail: There is no Silver Bullet for ECM/RM ImplementationsWhy Systems Fail: There is no Silver Bullet for ECM/RM Implementations
Why Systems Fail: There is no Silver Bullet for ECM/RM Implementations
 
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
PaaSword: A Holistic Data Privacy and Security by Design Framework for Cloud ...
 
Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...Winning the war against data- Strategies to beat your arch nemesis: files - G...
Winning the war against data- Strategies to beat your arch nemesis: files - G...
 
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
SMB Security Opportunity –Use and Plans for Solutions and Profile of "Securit...
 
Enterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it mattersEnterprise 2.0: What it is and why it matters
Enterprise 2.0: What it is and why it matters
 
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
Keynote Address at 2013 CloudCon: A day in the life of the SMB by Michael To...
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT Security
 
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
Security Essentials for the SMB IT Network (on a Shoestring Budget!) - Adam W...
 
Building a database security program
Building a database security programBuilding a database security program
Building a database security program
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
Robbery Prevention for Small Businesses
Robbery Prevention for Small BusinessesRobbery Prevention for Small Businesses
Robbery Prevention for Small Businesses
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
 
Security Guide For Small Business
Security Guide For Small BusinessSecurity Guide For Small Business
Security Guide For Small Business
 
Challenges Of Global Data Collection
Challenges Of Global Data Collection Challenges Of Global Data Collection
Challenges Of Global Data Collection
 
5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses5 Step Data Security Plan for Small Businesses
5 Step Data Security Plan for Small Businesses
 
Big data security challenges and recommendations!
Big data security challenges and recommendations!Big data security challenges and recommendations!
Big data security challenges and recommendations!
 
Small business data security
Small business data securitySmall business data security
Small business data security
 

Similar to Infrastructure API Lightning Talk by Jeremy Pollard of box.com

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.ioWhen DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.ioDevOps4Networks
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3Shane Duffy
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Adam Dunkels
 
Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05gameaxt
 
Introduction to Computer Networking
Introduction to Computer NetworkingIntroduction to Computer Networking
Introduction to Computer NetworkingAmit Saha
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminskyDan Kaminsky
 
Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Geethu Jose
 
MULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKSMULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKSKathirvel Ayyaswamy
 
CCNA Industrial Training Presentation
CCNA Industrial Training PresentationCCNA Industrial Training Presentation
CCNA Industrial Training PresentationTalvinder Singh
 
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingUccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingShu Shin
 
Asynchronous design with Spring and RTI: 1M events per second
Asynchronous design with Spring and RTI: 1M events per secondAsynchronous design with Spring and RTI: 1M events per second
Asynchronous design with Spring and RTI: 1M events per secondStuart (Pid) Williams
 
IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening? IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening? Digicomp Academy AG
 
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meetingIPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meetingRIPE NCC
 
IT Networks and Vulnarabilities .pdf
IT Networks and Vulnarabilities .pdfIT Networks and Vulnarabilities .pdf
IT Networks and Vulnarabilities .pdfPeterOwenje1
 
Stupid Boot Tricks: using ipxe and chef to get to boot management bliss
Stupid Boot Tricks: using ipxe and chef to get to boot management blissStupid Boot Tricks: using ipxe and chef to get to boot management bliss
Stupid Boot Tricks: using ipxe and chef to get to boot management blissmacslide
 
CCN CEP.pptx
CCN CEP.pptxCCN CEP.pptx
CCN CEP.pptxNOOR69810
 

Similar to Infrastructure API Lightning Talk by Jeremy Pollard of box.com (20)

When DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.ioWhen DevOps and Networking Intersect by Brent Salisbury of socketplane.io
When DevOps and Networking Intersect by Brent Salisbury of socketplane.io
 
Unit05
Unit05Unit05
Unit05
 
IPv6 networking training sduffy v3
IPv6 networking training sduffy v3IPv6 networking training sduffy v3
IPv6 networking training sduffy v3
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
Building the Internet of Things with Thingsquare and Contiki - day 1, part 2
 
Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05Microsoft Offical Course 20410C_05
Microsoft Offical Course 20410C_05
 
Introduction to Computer Networking
Introduction to Computer NetworkingIntroduction to Computer Networking
Introduction to Computer Networking
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
 
Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)Addressing in networking (IP,MAC,Port addressing)
Addressing in networking (IP,MAC,Port addressing)
 
MULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKSMULTIMEDIA COMMUNICATION & NETWORKS
MULTIMEDIA COMMUNICATION & NETWORKS
 
CCNA Industrial Training Presentation
CCNA Industrial Training PresentationCCNA Industrial Training Presentation
CCNA Industrial Training Presentation
 
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingUccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
 
Iot Workshop Columbus
Iot Workshop ColumbusIot Workshop Columbus
Iot Workshop Columbus
 
Asynchronous design with Spring and RTI: 1M events per second
Asynchronous design with Spring and RTI: 1M events per secondAsynchronous design with Spring and RTI: 1M events per second
Asynchronous design with Spring and RTI: 1M events per second
 
Network Programming Assignment Help
Network Programming Assignment HelpNetwork Programming Assignment Help
Network Programming Assignment Help
 
IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening? IPv6 Council: IPv6 on your servers; fun or frightening?
IPv6 Council: IPv6 on your servers; fun or frightening?
 
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meetingIPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
IPv6 on your servers; fun or frightening? - Swiss IPv6 Council meeting
 
IT Networks and Vulnarabilities .pdf
IT Networks and Vulnarabilities .pdfIT Networks and Vulnarabilities .pdf
IT Networks and Vulnarabilities .pdf
 
Stupid Boot Tricks: using ipxe and chef to get to boot management bliss
Stupid Boot Tricks: using ipxe and chef to get to boot management blissStupid Boot Tricks: using ipxe and chef to get to boot management bliss
Stupid Boot Tricks: using ipxe and chef to get to boot management bliss
 
TCP-IP PROTOCOL
TCP-IP PROTOCOLTCP-IP PROTOCOL
TCP-IP PROTOCOL
 
CCN CEP.pptx
CCN CEP.pptxCCN CEP.pptx
CCN CEP.pptx
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 

Infrastructure API Lightning Talk by Jeremy Pollard of box.com

  • 1. 1 What If Your Network Was Smarter Than You? Jeremy Pollard
  • 2. 2 Who Am I? • Jeremy Pollard • Network Engineer @ Box.com • SIGGRAPH2015 GraphicsNet Committee Chair • Automator • Lindy-Hop and Blues Dancer
  • 3. 3 Complete Network Overhaul Networks that grow organically don’t scale, news to no one.
  • 4. 4 Network Overhaul • Old design grew as needed ‒ Need a switch? Add a switch. ‒ Flat layer 2 design. ‒ Did not Scale. • New Design ‒ Greenfield! ‒ New hardware! ‒ New design! ‒ New Datacenter!
  • 5. 5 “ Let’s build a smarter network. Said everyone, everywhere.
  • 6. 6 How do we do this? What are we trying to solve?
  • 7. 7 We’re Network Engineers…
  • 8. 8 And We Like… • Standards • Specifications • Designing with scalability in mind • Repeatable patterns
  • 9. 9 And Yet We Still Have To Answer Questions Like… • Which IP address should I use? • Where is this host located? • Do you know how this device is supposed to be cabled? • Which port should I use? • Did you configure that new switch?
  • 12. 12 A Waste Of Time
  • 13. 13 Cost The Company $$$
  • 14. 14 How Did Box Approach This? By thinking outside the Box… HA! Get it?! *crickets*
  • 15. 15 New Network Design In 30 seconds or less • Core / Agg / ToR model • Fully routed to the ToR • Two ToRs per cabinet • Pattern based port assignment • Mathematically generated ‒ IP addresses ‒ Hostnames ‒ VLANs • ID numbers to indicate Datacenter, Pod, Cabinet ‒ More on this later!
  • 16. 16 For Every Pair of ToRs • Over 300 pieces of unique information ‒ IP addresses/subnets ‒ Pinned routes ‒ Radius / Logging / NTP / etc servers ‒ Interface descriptions • ~180 DNS records • Cabling instructions ‒ 8 upstream port assignments ‒ 2 Serial consoles ‒ 2 management ports
  • 19. 19 Time to build a smarter network
  • 21. 21 Infrastructure API • HTTP based REST API • All things IP / Network / Datacenter • Single source of truth
  • 22. 22 It’s our design specification
  • 23. 23 It’s our design specification Implemented in code
  • 24. 24 Infrastructure API • IP address management for network devices and hosts ‒ In-band and Out-of-Band • Hostname generation • DNS registration • Generates all 300 unique pieces of info for ToR provisioning • Generates physical cable mappings and port assignments • Host to Security zone mapping • Provide network information for a given IP • Provide physical location for a given IP
  • 25. 25 Infrastructure API • Returns JSON objects • Easily integrates into token-based templates ‒ Full text configuration ‒ Cabling instructions • Can be easily integrated into other services
  • 26. 26 How Does It Work?
  • 27. 27 Fundamentals First • Procedurally Generated • Single Seed • Remember the IDs? ‒ Datacenter ‒ Pod ‒ Cabinet ‒ Host Type (Production side only) ‒ Rack-u (Out-of-Band side only) 0001010.10101000.10100001.00010100 Static Datacenter Pod Cab Type Host
  • 28. 28 Seeds • IP - > Datacenter / Pod / Cabinet / Type IDs • IDs - > Everything Else ‒ $cab_count = ($MAX_POD_SIZE * $pod_id - 1 ) + $cab_id ‒ $hostname = sprintf(‘tsw%02d’, $cab_count) ‒ $serial_server_number = $cab_count / 32 + 7($pod_id - 1) + 4 ‒ $serial_port_number = 33 + (($cab_count - 1) % 32) / 2 • And so on…
  • 29. 29 New Switch Provisioning A Use Case
  • 30. 30 In The Datacenter • DC Tech enters rack information to get cabling specifications for the cabinet
  • 31. 31 Once Racking and Cabling is Complete: • Manually Configure the management IP address ‒ This will be our seed! ‒ We’re working on DHCP… • Download provision.sh to the switch and execute. ‒ Downloads latest EOS ‒ Detects management IP ‒ API Call: device_config with management IP as the argument ‒ Infrastructure API generates the config ‒ Config is then saved to startup-config ‒ API Call: register_dns with management IP as the argument ‒ Infrastructure API calls our DNS API to register all records ‒ Download first_boot.sh ‒ Reboot device
  • 32. 32 After Reboot • first_boot.sh executed 2 minutes after boot • API Call: inventory_update ‒ Inventory API scans the device collecting: ‒ Hostname ‒ Serial Numbers ‒ Interface IP Addresses ‒ Interface States • Success!! ‒ Switch successfully provisioned ‒ Automatically added to monitoring
  • 34. 34 Other uses? • Core / Datacenter teams host provisioning ‒ Host IP address assignment ‒ Hostname generation / DNS registration • Hadoop rack awareness • Assists in automating inventory audits ‒ Physical / logical mappings ‒ Host locating • If you build it, they will come.
  • 35. 35 Humans are still needed… Right? Right?!
  • 36. 36 You Bet! • All those IDs need to be defined – Thankfully it’s crazy easy! • YAML based data structure • Datacenters are assigned pods • Pods exist in cages • Pods are assigned Cabs • Etc…
  • 37. 37 We’re just not answering these questions anymore… • Which IP address should I use? • Where is this host located? • Do you know how this device is supposed to be cabled? • Which port should I use? • Did you configure that new switch?
  • 38. 38 “ This sounds great! But what are the potential problems? - Said anyone still paying attention
  • 39. 39 Problems… • Screw up ID allocation • DC Tech cabled devices incorrectly or incorrect physical location • Need to move an existing cab to another pod • Bugs!
  • 40. 40 What’s Next? To the future!!
  • 41. 41 Yet To Come • Get DHCP working for management addresses • Dynamically generate topology diagrams ‒ Graphviz ‒ D3 ‒ Take your pick • Automated validation of link health ‒ Up / Down ‒ Light levels ‒ Db loss