#CLUS NetDevOps Developer Environments with Vagrant Do it like they do on the Developer Channel! Stuart Clark NetDevOps Evangelist DEVNET-1365
#CLUS Agenda
• Vagrant 101
• Our first network vagrant up!
• Vagrant + Ansible Provisioning
• Multi-Node Topologies
• The right tool for the right job…
• How to do it yourself!
DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Cisco Webex Teams
Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space
Webex Teams will be moderated cs.co/ciscolivebot#DEVNET-1365 by the speaker until June 18, 2018.
#CLUS © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44 Preparation Steps to Follow Along (or after) Workstation Requirements
• Python Windows Workstation Caveats
• 2.7.10 or higher • Vagrant & VirtualBox work great
• 3.6.2 or higher • Ansible not supported on Windows (control station) • pip & virtual environment • Python scripts to create Vagrant boxes • ”git” command line tools require Linux or OS X
• Vagrant
• VirtualBox
• Homebrew (Apple OS X)
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Setup your Workstation
• Clone the Repository
• Setup Python Virtual Environment
• Get Vagrant Box
# From your “code” directory $ https://github.com/CiscoDevNet/learning_lab_vagrant_netprog_code $ cd learning_lab_vagrant_netprog_code
$ ls –l README.md lab01 lab02 lab03
$ virtualenv venv --python=python3.6 $ source venv/bin/activate $ pip install –r lab03/requirements.txt
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Vagrant 101 Development Environments Made Easy
• Open Source Develop Tooling by lab\ $ vagrant init nxos/7.0.3.I7.3 lab\ $ vagrant up HashiCorp Bringing machine 'default' up with 'virtualbox' www.vagrantup.com provider... ==> default: Importing box ‘nxos/7.0.3.I7.3'... ==> default: Forwarding ports... • Simple configuration file stored default: 830 (guest) => 2223 (host) with code default: 80 (guest) => 2224 (host) default: 443 (guest) => 2225 (host) • “easy to configure, reproducible, default: 22 (guest) => 2222 (host) and portable work environments” lab\ $ vagrant ssh Nexus9000v# • Multi-Platform for both guest and host
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Key Terms and Concepts
• Vagrantfile (venv) lab\ $ ls lab02/ Vagrantfile • Configuration file for vagrant (venv) lab\ $ vagrant box list • centos/7 (virtualbox, 1611.01) Box iosxe/16.06.02 (virtualbox, 0) • Base images for different iosxr/6.1.2 (virtualbox, 0) nxos/7.0.3.I7.3 (virtualbox, 0) individual environments ubuntu/trusty64 (virtualbox, 20160323.0.0)
• Provider (venv) lab\ $ vagrant box add nxos/7.0.3.I7.3 n9000v.box
• Virtualization technology (venv) lab\ $ vagrant global-status used by vagrant id name provider state directory ------• Default is VirtualBox, many 8d1eaec default virtualbox saved ~/coding/BRKDEV-1368 other supported
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 Vagrant Commands
• vagrant init box name • vagrant provision • Initialize a new Vagrantfile in a • Re-run configured provisioner (eg Ansible) directory • vagrant box list • vagrant up / halt / destroy • Display list of available boxes • Start, stop, and delete an environment • vagrant status / global-status • Display current status of environments • Vagrant suspend / resume lab\ $ vagrant suspend • Pause and restart an environment ==> default: Saving VM state and suspending • vagrant ssh [machine] lab\ $ vagrant resume ==> default: Resuming suspended VM... • Connect via SSH to a running environment lab\ $ vagrant port 830 (guest) => 2223 (host) • vagrant port 22 (guest) => 2222 (host)
• View the nat’d ports for the lab\ $ vagrant ssh environment Nexus9000v#
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Explore Vagrant with Basic Linux VMs
• Create new project directory lab\ $ mkdir vagrant_explore lab\ $ cd vagrant_explore • Initialize a new Vagrant environment vagrant_explore\ $ vagrant init hashicorp/precise64 • Bring it up vagrant_explore\ $ vagrant up
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Explore Vagrant with Basic Linux VMs
• Connect to your environment vagrant_explore\ $ vagrant ssh with SSH # Now you’re inside the Vagrant VM • vagrant@precise64:~$ Explore lifecycle operations of vagrant@precise64:~$ pwd Vagrant vagrant@precise64:~$ exit
# Back on your local workstation vagrant_explore\ $ vagrant status vagrant_explore\ $ vagrant suspend vagrant_explore\ $ vagrant resume vagrant_explore\ $ vagrant reload vagrant_explore\ $ vagrant destroy
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Vagrantfile Basics
# -*- mode: ruby -*- # vi: set ft=ruby : Vagrant is a Ruby application # All Vagrant configuration is done below. The "2" in Vagrant.configure # configures the configuration version (we support older styles for Majority of default # backwards compatibility). Please don't change it unless you know what Vagrantfile is comments # you're doing. Vagrant.configure("2") do |config| Start Configuration Block # Every Vagrant development environment requires a box. # You can search for boxes at https://vagrantcloud.com/search. config.vm.box = "hashicorp/precise64" Identify the box to use end End Configuration Block
Note: Vagrant Boxes can include default settings* Partial* fileSimplified output displayed and editedfor presentation sample
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Our first network vagrant up! Initialize your Vagrantfile
lab\ $ cd lab01/ • View available boxes hands_on_1\ $ vagrant box list • Initialize new Vagrant File hands_on_1\ $ vagrant box add nxos/7.0.3.I7.3 ~/Downloads/nxosv-final.7.0.3.I7.3.box –force
hands_on_1\ $ vagrant init nxos/7.0.3.I7.3
hands_on_1\ $ open Vagrantfile
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Vagrantfile Basics (for Network Devices)
# -*- mode: ruby -*- # vi: set ft=ruby :
Vagrant.configure("2") do |config| # Every Vagrant development environment requires a box. You can search for Box Name # boxes at https://atlas.hashicorp.com/search. config.vm.box = ”nxos/7.0.3.I7.3" config.ssh.insert_key = false Don’t insert Vagrant public key. Recommended # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine. config.vm.network "forwarded_port", guest: 830, host: 2223, id: "netconf" Forward local ports for config.vm.network "forwarded_port", guest: 80, host: 2224, id: ”http" API/App access. config.vm.network "forwarded_port", guest: 443, host: 2225, id: "restconf-ssl" SSH is forwarded by default # Create a private network, which allows host-only access to the machine # using a specific IP. config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false Create environment config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false networks. end ”eth1” connected to host by default Note: Vagrant Boxes can include default settings * Simplified and edited sample
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Let’s add more interfaces and open up API Access
• Open Vagrantfile
• Add port forwarding
• Add 2 Interfaces to Configuration
• Specific positioning in file is irrelevant * Simplified and edited sample
• * Must be within |config| block
Vagrant.configure("2") do |config| config.vm.box = "nxos/7.0.3.I7.3" # Forward API Port config.vm.network :forwarded_port, guest: 80, host: 2224, id: 'http' # Create a private networks config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false end or cp Vagrantfile.solution Vagrantfile
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Start a Vagrant Environment
lab01\ $ vagrant up • Start environment # Known ssh bug • View NAT’d ports for APIs # vagrant up 2nd time
lab01\ $ vagrant up • Connect to running switch lab01\ $ vagrant port
lab01\ $ vagrant ssh Note: Due to the nature of the Nexus 9000v shell, vagrant will report an error after starting the VM. This is expected, and does not indicate a problem. Simply enter vagrant up again to complete the setup successfully.
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 Explore the Vagrant Environment
# Run from Vagrant Environment (ie vagrant ssh) • Baseline Configurations n9kv1# sh run | inc "username vagrant" • Logins – User / Cert Nexus9000v# sh run int mgmt0 • APIs Nexus9000v# sh run | inc feature • Interfaces Nexus900v# conf t
• Open NX-API Developer Nexus9000v(config)# feature nxapi
Sandbox # Exit from Vagrant Environment http://127.0.0.1:2224
• Make an API Call
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Destroy Hands on Demo 1
lab01\ $ vagrant destroy • Destroy this environment
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 Vagrant + Ansible Provisioning Come on... Really “vagrant ssh” and “config t”?!?
• “Infrastructure as Code” dictates entire configuration in code
• Building multiple box versions for variations = template sprawl
• Human error in manual configurations
• There has to be a better way…
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 Vagrant Provisioners
Vagrant.configure("2") do |config| • Run with vagrant up # ... other configuration
• Install software config.vm.provision "shell" do |s| s.inline = "echo hello" end • Alter configurations end
• Run commands/code
• Types
• Shell, Ansible, Puppet, Chef, Docker, Salt, CFEngine…
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 Provisioning Lab
lab01\ $ cd ../ • Move to lab03 ..._code\ $ cd lab03/
lab03\ $ ls • Start the “vagrant up” process Vagrantfile now so it runs while we discuss host_vars hosts ansible_provision.yaml Requrements.txt
hands_on_3\ $ open Vagrantfile
hands_on_3\ $ vagrant up
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 hands_on_3/Vagrantfile Vagrant.configure("2") do |config| config.vm.define "nxos1" do |node| • Specify provisioning node.vm.box = "nxos/7.0.3.I7.3"
details in the file # Statically set the SSH and HTTP ports config.vm.network :forwarded_port, guest: 22, host: 2222, id: ' • For Ansible, specify config.vm.network :forwarded_port, guest: 80, host: 2224, id: 'http' hosts file end # Setup Ansible Provisioning • Used for config config.vm.provision "ansible" do |ansible| details ansible.playbook = "ansible_provision.yaml" ansible.inventory_path = "./hosts" ansible.raw_arguments = ["--connection=paramiko"] end end
* Partial file output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 lab03/hosts [all:vars] ansible_python_interpreter="/usr/bin/env python" • Ansible inventory file [vagrant] • Specify interpreter nxos1 to link to Python Virtual Environment
* Partial file output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 lab03/ansible_provision.yaml --- • - name: Provision NX-OS Devices Ansible Playbook defines hosts: vagrant configuration connection: local gather_facts: false • Several options to use • ios_config, ios_command, tasks: etc - name: Pause to complete boot pause: • netconf_config seconds: 5
- name: Enable NX-API nxos_feature: provider: "{{provider_ssh}}" feature: nxapi state: enabled
- name: Configure System Settings nxos_system: provider: "{{provider_nxapi}}" * Partial file output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 lab03/host_vars/default.yaml --- provider_nxapi: • Host specific details host: 127.0.0.1 port: 2224 • Vagrant network username: vagrant password: vagrant intricacies require transport: nxapi
explicit ip and port interfaces: info - name: Loopback11 desc: Sample Network Route Injection ip_address: 172.21.1.1 prefix: 24 - name: Loopback12 desc: Sample Network Route Injection ip_address: 172.21.2.1 prefix: 24 - name: Loopback13 desc: Sample Network Route Injection ip_address: 172.21.3.1 * Partial file output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29 Vagrant Up nxos1: Running ansible-playbook...
PLAY [Provision NX-OS Devices] ************************************************* • Run 2nd “vagrant up” TASK [Enable NX-API] *********************************************************** • After device fully ok: [nxos1] “up” provisioning TASK [Configure System Settings] *********************************************** runs changed: [nxos1] TASK [Configure Interfaces] **************************************************** changed: [nxos1] => (item={'name': 'Loopback11', 'desc': 'Sample Network Route Injection', ' '172.21.1.1', 'prefix': 24}) • If provisioning fails, changed: [nxos1] => (item={'name': 'Loopback12', 'desc': 'Sample Network Route Injection', ' '172.21.2.1', 'prefix': 24}) retry with . vagrant provision . PLAY RECAP ********************************************************************* nxos1 : ok=5 changed=3 unreachable=0 failed=0
* Partial output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 Verify device provisioned properly
• Trust, but verify lab03\ $ vagrant ssh n9kv#show ip int bri Interface IP Address Interface Status Lo11 172.21.1.1 protocol-up/link-up/admin-up Lo12 172.21.2.1 protocol-up/link-up/admin-up Lo13 172.21.3.1 protocol-up/link-up/admin-up Lo14 172.21.4.1 protocol-up/link-up/admin-up Eth1/1 172.20.0.1 protocol-down/link-down/admin-up
* Partial output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 Destroy Hands on Demo 3
lab03\ $ vagrant destroy • Destroy this environment
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 Multi-Node Topologies Multi-Node Lab
lab01\ $ cd ../ • Move to lab02 ...code\ $ cd lab02/
lab02\ $ ls
Vagrantfile
lab02\ $ open Vagrantfile
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Multi-Node Vagrantfile Vagrant.configure("2") do |config| config.vm.define "nxos1" do |node| • Configuration node.vm.box = "nxos/7.0.3.I7.3" for multiple # eth1/1 connected to link2, nodes node.vm.network :private_network, virtualbox__intnet: "link2", auto_config # Explicity set SSH Port to avoid conflict and for provisioning • Different boxes config.vm.network :forwarded_port, guest: 22, host: 3122, id: 'ssh supported end config.vm.define "nxos2" do |node| • Network them node.vm.box = "nxos/7.0.3.I7.3"
together! # eth1/1 connected to link2, node.vm.network :private_network, virtualbox__intnet: "link2", auto_config
# Explicity set SSH Port to avoid conflict and for provisioning config.vm.network :forwarded_port, guest: 22, host: 3222, id: 'ssh end end * Partial file output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 Vagrant Up $ vagrant up Bringing machine 'nxos1' up with 'virtualbox' provider... Bringing machine 'nxos2' up with 'virtualbox' provider... . ==> nxos1: Preparing network interfaces based on configuration... nxos1: Adapter 1: nat VMs boot one at a nxos1: Adapter 2: intnet time ==> nxos1: Forwarding ports... nxos1: 22 (guest) => 3122 (host) (adapter 1) Avoid port collisions nxos1: 80 (guest) => 3180 (host) (adapter 1) manually or rely on . auto-fixing The configured shell (config.ssh.shell) is invalid and unable <-- Expected error
# 2nd `vagrant up` after 1st error vagrant up ”vagrant up” after error Bringing machine 'nxos1' up with 'virtualbox' provider... Bringing machine 'nxos2' up with 'virtualbox' provider... ==> nxos1: Machine already provisioned. Run `vagrant provision` or use the `--provision` ==> nxos1: flag to force provisioning. Provisioners marked to run always will still run. ==> nxos2: Importing base box 'nxos/7.0.3.I7.3'...
* Partial output for screen display
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 Checkout the Vagrant Environment
(venv2) lab02\ $ vagrant status • Check status of machines Current machine states:
• vagrant ssh name nxos1 running (virtualbox) nxos2 running (virtualbox)
This environment represents multiple VMs. The VMs are all listed above with their current state. For more information about a specific VM, run `vagrant status NAME`.
(venv2) lab02\ $ vagrant ssh nxos1
n9kv#exit
(venv2) lab02\ $ vagrant ssh nxos2
n9kv#exit
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 Impact on host system
• Each node takes resources
• Switches/Routers aren’t small VMs
• Monitor Memory Usage
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 The right tool for the right job… Network Testing and Dev Options
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 40 When and Why to Use Vagrant
• Modern Development Tool
• Run everything local
• Few dependencies
• Independent Environments
• Ship with Code Samples
• Test and experiment with APIs
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 When NOT to use Vagrant
• Large topologies
• Data Plane important
• Multiple simultaneous developers
• Long running tests
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 How to do it yourself! Getting Started with Vagrant On Your Own
• Install Vagrant www.vagrantup.com/downloads.html
• DevNet Learning Lab Module learninglabs.cisco.com/modules/vagrant_up
• Create Your Own Boxes for Cisco IOS XE, IOS XR, and Open NX-OS
• github.com/hpreston/vagrant_net_prog
• Go to box_building/README.md
• Instructions and scripts to create Boxes from available resources (ie from CCO) **Some downloads require entitlements
• Many other network vendors offering Vagrant support as well
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44 Complete your online session evaluation
Give us your feedback to be entered into a Daily Survey Drawing. Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Continue Demos in Walk-in Meet the Related your the Cisco self-paced engineer sessions education campus labs 1:1 meetings
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 Got more questions? Stay in touch!
Stuart Clark developer.cisco.com [email protected] @CiscoDevNet @bigevilbeard facebook.com/ciscodevnet/ http://github.com/bigevilbeard http://github.com/CiscoDevNet
#CLUS DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 Thank you
#CLUS #CLUS