Software Defined Wide Area Networking (SD-WAN) is bubbling up to be one of the prime use cases of SDN. The vendors that fall into the SD-WAN bucket often include Glue Networks, Nuage, Viptela, CloudGenix, VeloCloud, etc. As you dive into each of the solutions from the vendors, you may realize that some are truly unique technologically and some may just be offering a better way to manage existing wide area networking equipment (which is still a huge value add).
                                                                                                                                                       Read More

If you are a frequent reader of my blog, you know that last year I left my job to do something that I was intrinsically motivated to do.  Unfortunately, because of this, I haven’t been able to write as much as I normally would.  I do hope that changes.  But, time is money now – literally.  My time has been spent driving business, negotiating, writing Scopes of Work, building a website, managing finances, and producing quality work for customers, and I hope all of that continues.

                                                                                                                                                       Read More

One of the harder things to do when it comes to network automation is work with the majority of the install base that exists out there. This is true even if we focus purely on data extraction, i.e. issuing show commands and getting the results in an automated fashion. The reason for this is that most devices do not support returning structured data in formats such as JSON or XML, and this often times makes automation a non-starter for network engineers. 
                                                                                                                                                    Read More

Over the past several months, I’ve found myself holding back on writing posts simply because my blog platform does not support the ability to embed code or even change fonts to resemble code, CLI, or working on a terminal. Screen shots are good, but offering the ability to copy and paste is nice, plus it just looks cleaner. This is unacceptable.                                                                            
                                                                                                                                               Read More

Over the past few years, I’ve written quite a bit about SDN and more recently more about what can be done today with existing products, APIs, and tools in terms of improving operational efficiencies.  Most of the examples have leveraged modern network devices that have some type of API because it streamlines how to integrate with 3rd party systems be it a custom application or a platform like Ansible (a platform that I’ve written about frequently).  I’ve posted examples here and there on GitHub on these topics, but nothing that starts from the ground up.

With that in mind, I’ve recently created a new GitHub project that walks through step by step on how to get Ansible installed and specifically up and running ready to automate Cisco Nexus switches.  Note: In full transparency, I was compensated by Cisco for this particular project.  It was a no-brainer since I was already doing similar work over the past several months.  That said, going forward it would be great to get others involved in any capacity from writing docs to writing code.

Network Automation with Cisco Nexus & Ansible

The README in the GitHub project repository outlines exactly Continue reading

If you have ever worked with Ansible, it’s almost a guarantee that you have used their online docs to figure out what parameters a given module supports, how they should be used, or what their defaults are.  Over the past few weeks, I’ve been working on a few custom modules and was trying to find a way to generate web docs for them, and have them locally accessible or easily posted to GitHub.  

Ansible offers a way to “make webdocs,” but it generates the complete module inventory and truth be told, I didn’t get this work for my custom modules, so I figured I would explore a “simplified” way --- a way that should be able to generate docs as needed for one or more modules on an as needed basis.  

The outcome was the creation of an Ansible module and Jinja2 template that automatically generates a markdown file (that can then be viewed or posted anywhere). 

How does it work?

The modules you’ve built or are local to your machine (even Ansible core modules) that you want to generate a web doc for must be documented according to Ansible standards.  That’s the Continue reading

The way in which networks are configured, deployed, and managed is changing.  The network industry is in a shift from managing devices box by box via the CLI to having more centralized ways to manage and deploy devices.  While the CLI isn’t going away anytime soon, we can look at the two operational models that are gaining traction within the network community.

SDN Controllers

SDN controllers do two major things that increase operational efficiencies.  They offer a central point of management and visibility for the network team, but also offer a single point of integration for 3rd party systems – these systems could be anything from cloud management platform, monitoring or automation systems, to native business applications.  Note: even when there are controllers being used by a human, there is risk.  There is the risk of clicking the wrong button, forgetting the order of operations of which buttons needs to be clicked, etc.  This doesn’t go away.  Change control windows still have risk.

DevOps for Networking

We’ve also seen an increased amount of focus on the intersection of DevOps and networking. I’m really referring to DevOps automation tools and the network.  For Continue reading

We’ve heard a lot of Software Defined Networking (SDN), Open Networking, APIs, and policy models over the past few months (and years).  There are days where it’s sickening to hear the term SDN, but even on those darkest days, the reality is that the network industry has a bright and open future.  In this post, I’m going to share a list of networking projects that I’m aware of that are not only open, but also open source.  It is definitely eye opening and extremely positive to see so much open source activity in the network industry.

OpenDaylight (ODL) – established in April 2013 is an open source Software Defined Networking (SDN) controller platform(s).  There are different controller platforms for different use cases.

OpenFlow (OF) – established in the late 2000s, the OpenFlow 1.0 release launched in December 2009.  The Open Networking Foundation took over the development (not actually coding) of OpenFlow when ONF formed in late March / early April in 2010.

Open vSwitch (OVS) – established in mid to late 2009 by the Nicira team to replace the standard Linux bridge.  It’s Continue reading

In previous posts, I’ve written about using Ansible for network automation.  Few of them can be found here, here, here, and here.  In one of the posts, I had a video that was automating Cisco routers with Ansible, and was using onePK as the API to communicate to the device.  In this post, I’ll be focusing on automating Nexus switches – this means each of the Ansible modules will be using NX-API to communicate with the device.  This also eliminates the need for the users of these modules to know Python as they’ll be using the Ansible platform for their specific automation needs.

While the demo below is for configuration automation and shows what can be done in just a few seconds, it needs to be understood that automation is much more than pushing configurations.  I hope to show some of this first hand by doing more interesting things as it pertains to data gathering, verification, troubleshooting, that do increase speed and agility, but also predictability.

The following video shows how Ansible can be used to automate interfaces and VLANs on Nexus switches.   This will be the first in a Continue reading

I've posted a few times in the past about Cisco's NX-API and realized I hadn't provided any guidance on how to get started using the API itself.  In this post, I share two videos that are meant to serve as a quick start to those who don't have a development background and are looking to test NX-API.

The first video looks at the NX-API sandbox and how you map the data represented in the sandbox back into objects that you can use while working in Python.

The second video shows where to get the modules that I use in the first video, namely xmltodict and device.py.

Note: the device module that I use is primarily used with XML data being returned from the device.  The easiest thing for those who want to test is to follow the steps outlined in the videos although there are mechanisms to switch to JSON.  This device module does not support json-rpc (as that is still fairly new in NX-API).

And, don't forget, you'll need to connect to your Nexus 3K/9K via the management interface to work with NX-API.

Other NX-API links to check out:

Cisco Nexus 9000 NX-API
Cisco NX-API 1.0 Update
Continue reading

Facebook recently wrote about the network architecture they are using in their new Altoona data center facility.  If you haven't read through their article yet, it's definitely worth the read.

They have a few diagrams that outline the architecture.  One of them is in 3-D.  3-D diagrams are always more difficult for my brain to conceptualize (maybe it's just me), so I re-drew it in a more typical 2-D fashion.

There aren't details on quantity and speeds of ports for the spine and edge switches, so I represented them similar to how they have them in their diagram.  Assuming at least 144 ports of 40G in each spine switch it would allow the data center to be the home to over 100,000 servers.  For every downward facing port a spine switch has (across the plane), 2300 servers can be added.  That's the amount of servers per pod.  48 servers per rack * 48 racks per pod = 2300 servers.  Based on the switch types being used, this number could be more, but I'm using the characteristics of 48 x 10G ports for host facing ports + 4 x 40G ports for uplinks.

My diagram depicts 8 racks in the POD Continue reading

I gave a presentation at Interop last month and tried to make two major points about network automation.  One, network automation is so much more than just “pushing configs” and two, network automation is still relevant in Software Defined Network environments that have a controller deployed as part of the overall solution.  And I’m referring to controllers from ANY vendor including, but definitely not limited to Cisco’s APIC, NSX Controllers, Nuage Controller/Director, Juniper Contrail, Plexxi Control, OpenDaylight, and Big Switch’s Big Cloud Fabric.  

A few months ago, I was at Network Field Day 8 and got to see a live demo of Big Switch’s newly released Big Cloud Fabric solution.  It seemed slick, but I was curious on automating the fabric using the northbound APIs exposed from their controller.  As it turns out, I was able to get access to a small fabric (2 leafs / 2 spines) to get familiar with Big Cloud Fabric.  In parallel to that, I started testing Schprokits as I mentioned in my previous post.

So, sure enough I spent some time putting together a demo to show what can be done with network automation tools and how they Continue reading

Over the past few months I’ve written about Ansible and the intersection of DevOps and Networking quite a few times.  As network vendors continue to develop better APIs on network devices (switches, routers, FWs, etc.) there is no doubt going to be an emergence of new tools for the network industry.  One of these emerging tools is Schprokits.  Schprokits (company name and product name), still in stealth, was founded by Jeremy Schulman, who previously worked at Juniper and did the initial work for integrating Junos with Puppet, Chef, and Ansible, and on top of that developed the Juniper PyEZ Python framework.  Schprokits seems to be the outcome of Schulman’s experiences working with existing DevOps automation platforms and building one now purpose built for networking.  Over the past few weeks, I've been fortunate to be able to be part of the first Schprokits user-test group.  

In this article, I’m going to explore not only working with Schprokits, but also working with AutoNetkit.  AutoNetkit, part of the PhD thesis work of Simon Knight, is an application and framework for modeling network devices, both from a configuration and visualization/diagramming standpoint.  Some of Continue reading

It’s been some time since I wrote about Cisco’s onePK.  In this post, I’ll look at some of the good and the bad of onePK and also show an example of how to add a route to a device running onePK to help make a few points along the way.

The Bad

I’ve never heard anyone speak positively about onePK and I’m not sure I 100% agree, but I’ll save the positivity for the next section.  onePK is a thick Software Development Kit (SDK).  If you are a network engineer looking to learn to program from the ground up, it may NOT be the BEST place to start.  That said, if you are looking to learn about object oriented programming, listener APIs, etc., and can spare some time, it’s a great place to start.  If you’re already a developer, it probably won’t be much different compared to learning any other SDK.

Another thing to be weary of is that onePK was not intended to be a configuration API.  I voiced my opinion on this already and I do think things are headed in the right direction, but it always helps knowing the history. Continue reading

With other acquisition rumors floating around, I figured I would add my own 2 cents and do some speculating. 

It’s not uncommon to hear that VMware might acquire Cumulus.  Like others, it’s one acquisition that I’ve speculated about for a while.  There is already an interesting dynamic between Cisco and VMware, but as both companies continue to go to market with their Software Defined Networking (SDN), or controller based solutions, VMware still needs to run over a physical data center network.  The physical network market is still largely dominated by Cisco though.  Does VMware want or need to control the physical network?

Extending the SDDC

If VMware took their network strategy one step further and kept true to the Software Defined Data Center (SDDC), they would need a network operating system (NOS) that could run on approved hardware, e.g. hardware compatibility list (HCL).  They need a bare metal (white box) switch company.  Cumulus fits this build well because they are focused on creating open IP fabrics using tried and true protocols and already have their own HCL.  They’ve also already partnered with VMware and support VXLAN termination on certain platforms.  Continue reading

Last week I had the pleasure of speaking at Interop in NYC.  It wasn’t the best turn out for a conference, but all of the sessions that were about automation, APIs, DevOps, and programmability seemed to do fairly well.  For those that didn't attend, the title of the presentation was A Practical Look at Network Automation --- the deck is posted below. 

I also had the opportunity to be a guest on Ivan Pepelnjak’s podcast Software Gone Wild recently and it was just posted yesterday.  Have a listen.

Feel free to reach out with any questions or comments regarding any of the material.

Thanks,
Jason

Twitter: @jedelman8

Many vendors collect their own data that is more than likely a little skewed and biased.  As I prepare for a few upcoming presentations, I thought it would be great to get some REAL data from REAL people doing great things or even those just starting on their automation journey.

If you would be kind enough, there is a link to a survey below that asks a few questions pertaining to network automation and programmability.  No personal information is required.

Network Automation & Programmability Survey 

If you wish to see the results, please fill the survey out :)


Thanks in advance,
Jason

Twitter: @jedelman8

Cumulus Networks has been talking a lot about Prescriptive Topology Manager (PTM).  A great overview of PTM can be found here, but the high level is that PTM ensures “wiring rules are followed by doing a simple runtime verification of connectivity.”  This means that as a user, you can define what the physical topology, or wiring, is supposed to be and compate it against what it really is by leveraging LLDP.  The PTM daemon (PTMd) is what does this analysis on each switch running Cumulus Linux.  There is even integration with routing protocols such that if two switches are improperly cabled, no routing adjacencies will be permitted on that link.  You can check out the PTM code since it is available under the Eclipse Public License (EPL).

Cumulus is said to have a few, but very large customers --- these customers operate at the highest efficiency levels and it is customers like these (speculating here, just go with me) that probably drove Cumulus to develop a feature like this.  However, this is a real problem for networks of all sizes.  I’ve seen 100s to 1000s of pages of word docs and excel Continue reading

Last month I wrote about using the Cisco Nexus NX-API to extract stats from a Nexus switch while using Ansible.  For some reason, last night I finally went on to tackle how to integrate with the Twitter API and then integrated the two together.  Integrating with Twitter has always been top of mind, but just put it on the back burner.  Funny enough though, it was a pretty quick integration thanks to the great people at Google.

What am I talking about?

In the code I pushed last month, I created an Ansible playbook that pulls interface stats from a Nexus 9000 (or any other Nexus device supporting NX-API) and then creates a template report for those stats.  It was pretty vanilla, nothing fancy about it.

There have been integrations with other social platforms, but to be honest, the one that has been stuck in my brain is Hubot that is used at GitHub.  Several months back I remember hearing about Hubot for the second or third time while listening to the Cloudcast podcast with Mark Imbriaco (just before he went to Digital Ocean).  It is amazing to see what can be done Continue reading

I’ve spent the last few days getting briefed by several vendors in Silicon Valley.  They include A10, Big Switch, Brocade, Cisco, Gigamon, Nuage, Pluribus, Spirent, and Thousand Eyes.  Over the next few weeks, I’ll try and get a few posts out about the briefings, but for the first one I wanted to focus on Spirent.  Many are probably aware that Spirent provides packet generators and while that’s what they sell and are really good at, it’s the strategy, vision, and software integration with their products that was extremely intriguing.  

I’ve engaged with many customers over the past 10 years and the majority have never felt a real need to test performance.  It was and is usually very easy to over provision hardware when it comes to Layer 2 & 3 switching.  This is still the case for the most part too – there are 1 RU and 2 RU switches that can forward traffic faster than those big monster boxes of just a few years ago.

Why Test Now?

There are network functions being virtualized from almost every vendor out there --- this usually falls under the Network Functions Virtualization (NFV) trend.  It’s Continue reading