4. Infrastructure as code represent the idea
that everything needed to run an
infrastructure can be consider as
Software
and as such can
leverage development technics for
Collaboration, Deployment and
Continuous Integration.
7. CI/CD Pipeline for Software Development
Code Build Test Deploy Monitor
Dev
CI
Continuous Integration
CD
Continuous
Deployment
8. What is the impact ?
• Customers who embraced this
new way of building infrastructure for servers observed:
200x
more
frequent
deployment
24x
faster
recovery
from failure
3x
lower
change
failure
rate
2.5x
Shorter
lead time
Source: 2016 State of Devops Report (from puppet)
9. Infrastructure as Code
is about
Operation Efficiency
Who is not interested to
operate the network more efficiently ?
10. Fall 2016 NetDevOps Survey
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
18% are already in production
60% are thinking about it or evaluating it
Infrastructure as code
12. Version Control
Virtual Lab
Master
Feature B
Looks good
please can you
add description
Done
Approved
Approved
Virtual Lab
1 – Create virtual topology
2 – Deploy new configurations
3 – Run all tests
Report tests
result
Pull Request
Example of workflow
Production
Configuration store in
version control
New branch for each
modification
1
2
Pull request for each
modification
3
Review process as
part of pull request
Automated test as
part of pull request
4
5
Delete virtual env
once report is
available
6
Deploy in production
when pull request is
merged
7
Deploy
Validate
13. Infrastructure as Code is a Journey
• There is not only one story for Infrastructure as
Code
• All aspects may or may not be present
• Only Change control is mandatory
Start small and evolve from there
14. Infrastructure as Code is a Journey
Infrastructure as Code
Network
Continuous Delivery
Automated
Deployment
Generate and deploy
configuration
automatically
Run continuous tests in
your network to identify
issue as quickly as
possible
Test/Validate your
changes
before deploying them
in production
15. Change
Control
Version control
Review process
Virtual Lab
Build Virtual Lab on
demand
Test
Test network device
status
Continuous
integration
Telemetry
Collect,
Visualize and
Correlate
Config
Automation
Templatize and
automate
configuration
Event
Driven
Actively monitor
events
Infra
As
Code
Infrastructure as code / Building Block
Mandatory
16. Compelling for all customers
Change Control
Virtual Lab
Test
Telemetry
Config Automation
Event Driven
Conservative Early Adopter
20. Fall 2016 NetDevOps Survey
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
No interest Thinking about it Evaluating In Production
60% are already in production
34% are thinking about it or evaluating it
Git
21. Change Control - fundamentals
Github or Gitlab
Master
Feature B
Looks good please
can you add
description
Done
Approved
Approved
Pull Request
Branch Master always represent what is
deployed in production.
Every change must be proposed
using a Pull Request
Change can be discussed and adjusted
before being merged
26. Continuous Integration
Travis-CI External tools that will execute some
tests for EACH change/commit:
1. Download the project
2. Setup Environment
3. Run tests
4. Report results in Github/GitlabGitlab-CI
27. Gitlab-CI – setup
stages:
- test
- deploy
before_script:
- pip install -r requirements.txt
- pip install -q ansible
generate_config:
stage: test
script:
- ansible-playbook pb.generate.config.yaml
deploy_config:
stage: deploy
script:
- ansible-playbook pb.conf.all.commit.yaml
.gitlab-ci.yaml• Configuration defined
inside the project with a
config file (.gitlab.yaml)
• Can define a pipeline of
stages and actions for
each stage
• Some stages can be
applicable to some
branches only
28. Validate
Deploy
Gitlab-CI – Infrastructure as Code Pipeline
Test
Build
• Validate new configurations on physical lab or
virtual lab
• Validate that network is behaving properly
after new configurations have been deployed
• Deploy New configurations in production
environment
• Create new configurations, make sure
Branch
Master
Only
30. Configuration
Generation Project
Configuration Generation Project
• A project to generate
configurations is
mainly composed of :
– Templates
– Variables
– Scripts/Playbooks
Templates Variables
junos-system.j2
bgp.j2
Acl.j2
Interfaces name
Device names
Mgmt IP
IP addresses
Etc ..
Scripts
Playbooks
deploy_config
check_connectivity
31. 1 project – multiple environments
Lab Production
• Between environments, templates
are shared but some variables and
playbooks can be different
• Everything need to be tested and if
there are too many environment
specific variables, the chance to
not find a bug increase.
Configuration
Generation
Project
Shared Templates
Lab Vars Prod VarsShared Var
Lab Pbs Prod PbsShared Playbooks
32. Topology Independent w/ Ansible
• Topology file name defined in the
inventory file under the variable
“topology_file
• File loaded with pre_tasks in each
playbook
hosts.ini
Playbooks
33. Topology Independent w/ Ansible
• Centralize information related
to physical topology
• Access these information
from other files by using
variable name
sample-topology.yaml
host_vars/fabric-01/underlay.yaml
36. The VMs itself is not enough
On-Premise
Cloud
When building a virtual lab for testing,
the VM itself is not enough.
We need to have a solution to :
• Create the topology, L1/L2 links
• Spin up and down devices,
• Configure devices etc …
• Assign IP addresses
Ravello System
Vagrant
37. What is Vagrant ?
A tool for building and distributing
virtualized environment
Open Source and modular
Vagrantfile
Define what type of VM/Box
Define the physical topology
Vagrantcloud
Automatic download
Provisioning
OpenStackHypervisor
VM App Store
38. Ravello System
• Layer 2 ‘data-center-like’ networking
• Easy replication through Blueprint
• Public IP for all VMs
• Isolated Networking
• Self-service & on-demand access
• Unlimited capacity
• Usage based pricing
• Scalable
• Robust REST APIs
Cloud Based
Virtual Lab
Oracle Cloud
Google Compute Engine
AWS
39. Ravello - Automation
• Automate creation / deployment of virtual topologies
on Ravello using Ansible
• Open Source library developed by Juniper
https://github.com/Juniper/ravello-ansible
41. Demo / topology
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
• Physical network based on
Spine/Leaf topology
• Each device has a unique ASN
• eBGP between all members
• Simple IP routing
42. Demo / building Bloc
Gitlab-CI
Gitlab vQFX
Change
control Config
Virtual
Lab Tests
43. Testing w/ Ansible
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
Testing is done using Ansible
• Check Physical layer
– Check all interfaces are UP
– Check LLDP neighbors
• Check Underlay
– Ping all neighbors
– Check BGP status
– Ping ANY2ANY between leaf
44. Testing w/ Ansible
spine-01 spine-02
leaf-01 leaf-02 leaf-03 leaf-04
• Testing is done using Ansible
• Check Physical layer
– Check all interfaces are UP
– Check LLDP neighbors
• Chech Underlay
– Ping all neighbors
– Check BGP status
– Ping ANY2ANY between leaf
47. What Professional Services Bring
Industry leading expertise in designing and
implementing network automation
Delivering an integrated software framework for
automation
Sharing knowledge throughout delivery
Maintaining rigor so that projects are delivered
on time and within budget
Knowledge Transfer & Customer
Focus
Network Design, Implementation
and Testing Expertise
Open Source Framework Expertise
Project Management
48. Network Automation Services
Network Automation Services
PS Practice
Software Defined
Networking
Core & Edge
Cloud &
Data Center
Security
Design Deploy AuditTest
Design
Automation
Automated
Deployment
Test
Automation
Audit
Automation
50. Get Started with examples online
Ravello
Ansible Library to automate Ravello
https://github.com/Juniper/ravello-ansible
Example of Project to build an IP fabric on Ravello using Ansible
https://github.com/dgarros/rav-ipfabric-demo
51. Get Started with examples online
Ansible
Ansible project to configure and test an IP Fabric + EVPN/VXLAN
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan
Playbook to check physical and underlay layer using Ansible
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yaml
https://github.com/JNPRAutomate/ansible-junos-evpn-vxlan/blob/master/pb.check.physical.yaml
52. Get Started with examples online
Telemetry / OpenNTI
Open Source Telemetry Collector for Telemetry, Netconf and Event (syslog)
https://github.com/Juniper/open-nti
Fluentd plugin for Juniper Telemetry Streaming
https://github.com/JNPRAutomate/fluent-plugin-juniper-telemetry
53. Associated products/tools (1/2)
Change
control
Version control
Review process
Github/Gitlab
Travis-CI
Jenkins
Virtual Lab
Build virtual Lab on
demand
vMX/vQFX/vSRX
Ravello
Vagrant
Junosphere
Test
Test network device
status
Continuous
integration
JSNAPy
Pyez
NITA
Robot Framework
Ansible
54. Associated products/tools (2/2)
Telemetry
Collect,
Visualize and
Correlate
JTI
Openconfig
Netconf
OpenNTI
Kapacitor
Third party integration
Config
Automation
Execute more
automated tests
Ansible
Saltstack
Pyez
Netconf
Event Driven
Saltstack
jEDI