Enterprise SDN: Architectures and Key Concepts
Bruno Klauser Joe M. Clarke Kevin Kuhls Consulting Engineer Distinguished Engineer Technical Marketing EN EMEAR TAC Engineer
TECSDN-2602 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close “Industry after industry is becoming technology-driven as software rapidly eats the world. As it spreads, so do complexity and opportunity.”
Todd Hewlin, Managing Director, TCG Advisors, Author of “B4B”
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Digital Transformation
UBER, The world’s largest taxi company owns no vehicles
AIRBNB, The world’s largest accommodation provider owns no real estate
NETFLIX, The world’s largest movie provider owns no theater
Every Company, AMAZON, The world’s largest bookstore owns City, Country no brick and mortar stores
“Digital disruption will displace 40% of incumbent companies in the next 5 years.”
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Digital Transformation
Wind Power
Aviation
Connected Lighting Fin Tech Startups Every Company, City, Country Incumbent Players New Entrants
“Digital disruption will displace 40% of incumbent companies in the next 5 years.”
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public “CIOs are challenged to keep running existing IT more efficiently and safely, while enabling business innovation and differentiation at a quickening pace.
…”
Gartner
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 “CIOs are challenged to keep running existing IT more efficiently and safely, while enabling business innovation and differentiation at a quickening pace.
The Solution – Bimodal IT …”
Gartner
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Bimodal IT
Problem: CIOs are challenged to keep running existing IT more efficiently and safely, while enabling business innovation and differentiation at a quickening pace.
Solution: Bimodal IT, enabling developers and enabling governance
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 “Any man who can drive safely while kissing a pretty girl is simply not giving the kiss the attention it deserves.”
Albert Einstein
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Bimodal IT
Traditional DevOps / Fast IT
Agile, Scrum, ITIL, eTOM, Continuous Delivery TOGAF, COBIT, etc (CD), Continuous Integration (CI), etc
Speed of Iteration (minutes, seconds) !
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Ingredients of Bimodal and Hybrid IT Towards a Network Architecture for Softwarization / Digitization
• Application Centricity
• Programmability • Infrastructure • Controllers API • Services CONTROLLER
• Virtualization
• vAF: Application Functions IT Traditional APIs and Containers • vMF: Management Functions virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS
• vNF: Network Functions SWITCHING | ROUTING | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Cisco Digital Network Architecture The Network to enable Your Digital Business Cisco Digital Network Architecture
Cloud Services and Management Network-enabled Applications Policy | Orchestration Insights & Open APIs | Developers Environment Experiences Automation Analytics Automation Principles Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights & Assurance
Open & Programmable | Standards-Based Security & Infrastructure Compliance Physical | Virtual | Programmable | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Cisco Digital Network Architecture
Cloud Services and Management
Policy | Orchestration
Open APIs | Developers Environment
Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights
Open & Programmable | Standards-Based
Physical & Virtual Infrastructure | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Cisco Digital Network Architecture
Cloud Services and Management
Network-enabled Applications Cloud-Level APIs Policy | Orchestration Examples include: Case API, proTACtive, apiconsole.cisco.com, ... Open APIs | Developers Environment
Automation Analytics Controller-Level APIs Abstraction & Policy Control Network Data, Examples include: APIC-EM NB REST API, from Core to Edge Contextual Insights DNA Analytics NB API, ...
Open & Programmable | Standards-Based Infrastructure Infrastructure-Level APIs Examples include: RESTCONF, Open Service Physical | Virtual | Programmable | App Hosting Containers, embedded EEM/Python, ...
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Cisco Digital Network Architecture
Cloud Services and Management Network-enabled Applications Policy | Orchestration
Open APIs | Developers Environment
Automation Analytics
Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights
Open & Programmable | Standards-Based Infrastructure
Physical | Virtual | Programmable | App Hosting
Cloud-enabled | Software-delivered
Source: “The Business Value of Creating Digital-Ready Networks with Cisco DNA Solutions”, IDC, 2016
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 Cisco SDN Policy Model Branch to DC
CONSISTENT POLICY ACROSS CLOUD, DC, WAN AND ACCESS
DATA CENTER WAN AND ACCESS
Application Network Flow Profile User/Things Network Profile SLA, Security, QoS, Load Balancing QoS, Security, SLA, Device, Location, Role
Cloud Data Center WAN Access CISCO ADVANTAGE BROWNFIELD AND POLICY FRAMEWORK: FOCUS ON END TO END GREENFIELD APPLICATION AND USER ENABLEMENT
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close Enterprise SDN Controllers – Major Milestones Major Milestones of Controller Development
CSDN CiscoONE Open Cisco Cisco Cisco Cisco Controller Controller Daylight XNC APIC-EM Open SDN APIC-EM Controller Controller Controller Controller Controller
Experimental Early Adopter Open Source Production Production Best of Both Production for Academia Deployments Community Release Release Release Driven Controller Layer Indiana University 12+ Customers (Orchestration + Analytics) Uni Wisconsin (Enterprise and XNC 1.0 GA Announced EFT GA1 Academia) September 2013 CiscoLive ‘14 Q1 2015 Q4 CY15
Q4 2011 Q2 2012 April 2013 Sept 2013 Q1 2015 2015 …
Programmable Network Network Layer Data Plane – (ASIC and Software)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 OpenDaylight – Who is Contributing? Question: Who are today’s top contributors to Open Daylight?
Answer: Check OpenDaylight’s Spectrometer (based on OpenStack Stackalytics)
Source: http://spectrometer.opendaylight.org/?metric=loc&project_type=opendaylight
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 “It took Linux 10 years to get to the level of community contribution where OpenDaylight is today”
Jim Zemlin, Executive Director, Linux Foundation
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 Cisco Digital Network Architecture
Cloud Services and Management Network-enabled Applications Policy | Orchestration Insights & Open APIs | Developers Environment Experiences Automation Analytics Automation Principles Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights & Assurance
Open & Programmable | Standards-Based Security & Infrastructure Compliance Physical | Virtual | Programmable | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 Ingredients of Bimodal and Hybrid IT Towards a Network Architecture for Softwarization / Digitization
• Application Centricity
• Programmability • Infrastructure • Controllers API • Services CONTROLLER
• Virtualization
• vAF: Application Functions IT Traditional APIs and Containers • vMF: Management Functions virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS
• vNF: Network Functions SWITCHING | ROUTING | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 APIC-EM Platform Architecture
APIC-EM Applications Applications built on top of APIC-EM
Network Path Network Applications packaged with APIC-EM IWAN Easy QoS Inventory Trace PnP Core Applications bundled Advanced Topology Visualizer IWAN Application separately licensed
Northbound REST API Open and Documented REST API APIC-EM Controller Platform Services Inventory Policy RBAC Policy Analysis Core Services Manager Programmer Applications Specific Services Topology Data Access IWAN Network PnP Services Service Services
SOUTHBOUND ABSTRACTION LAYER Provides Scale and High Availability CATALYST | ISR | ASR | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 APIC-EM Easy QoS App
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Easy QoS App
“QoS rollouts were once 6-month projects costing over $200K. With Cisco APIC EM Easy QoS, we will go from months to minutes with nominal costs. ”
Brian McEvoy, Sr. Network Engineer, Symantec
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Easy QoS App
New Easy QoS Features in APIC-EM 1.3 General Availability Policy Configuration Preview Policy Rollback/Restore (…to brownfield QoS config) Policy Abort Advanced Consumer Policies Bidirectional Policies Extended Custom Application Options (Port Range, Subnets, DSCP) Custom SP Profiles (DSCP, BW, Class Models) UI Alerts about Pending Changes Faster Provisioning (1000 Devices in < 1hr) Improved UX
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Easy QoS App – Dynamic QoS
SDN API APIC Application EM Dynamic Policy Management
Client A calls Client sends call setup App Server calls APIC-EM QoS policy enabled client B info to App server to setup policy on network device
SDN API APIC Application EM Dynamic Policy Management
Call ends Client sends call teardown App Server calls APIC-EM QoS policy removed info to App Server to delete policy from network device
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 EasyQoS Solution Applications can interact with APIC-EM via Northbound APIs, informing the network of application-specific and dynamic QoS requirements
Network Operators express high-level business-intent to APIC-EM EasyQoS
EM Southbound APIs translate business-intent to platform- specific configurations
Wireless AP ASR/ISRs Wireless AP Trust Boundary MQC Trust Boundary PEP Catalyst 4500 Nexus 7700 PEP 4Q (WMM) 1P7Q1T F3: 1P7Q1T 4Q (WMM)
Catalyst 3650 Catalyst 6500 WLC Catalyst 2960-X Trust Boundary 1P3Q4T PEP Trust Boundary PEP 1P7Q4T PEP 2P6Q3T 2P6Q4T 1P3Q3T … TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 APIC-EM 1.3 – Scale Numbers
` Network Access End Devices: Points: Hosts: 10000 10000 100,000
Note: These scale numbers are for the APIC-EM platform and the base applications. Some other APIC-EM applications might have different scale numbers.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33 Discovery
• New Discovery UI for improved UX
• Easy identification of devices with failures for faster troubleshooting
• Editing of Existing Discovery Jobs
• Cloning of Discovery Jobs to quickly create new ones
• Discovery History to track changes
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Network Plug and Play (PnP)
Deployment Device receives target 2 image and configuration
Discovery Device can reach 1 PnP Server on APIC-EM
No Staging Routers (ISR, ASR) No Staging Required PnP Runs from Cisco Factory-Default Configuration Switches (Catalyst®) Wireless Access Points
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 Network Plug and Play (PnP) – Templates
PnP Templates • Introduced in 1.3 • Based on Apache Velocity
• UI Support • API Support
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 Network Plug and Play (PnP) New PnP Features in APIC-EM 1.3 Configuration Templates Template UI Text / Form / Preview Default variable substitution Device AAA Configuration Support Credential configuration (username & pwd) Global / device specific credentials Configuration Validation Syntax check Routers (ISR, ASR) Flag Non-ASCII & Control characters Per Device Management IP and Credentials Switches (Catalyst®) Wireless Access Points PnP agent IPv6 Support
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 IWAN App on APIC-EM 1. Step-by-Step Network and Hub Settings
2. Branch Site Setup
`
3. Application Policy Definition and Customization 4. Monitoring and Troubleshooting
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Flow Analysis
Accurate 5-tuple path flow-analysis – available via GUI and REST APIs
Problem: How to capture Application Flow Information along a complex wireless, wired path?
Solution: Leverage APIC-EM – the SDN Controller for Enterprise
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Flow Analysis
Accurate 5-tuple path flow-analysis – available via GUI and REST APIs
CAPWAP Tunnel ACL Check Stats: Device, Interface, QoS, Perfmon© 2017 Cisco and/or its affiliates.Link All rights Source reserved. CiscoInformation Public APIC-EM Flow Analysis
Accurate 5-tuple path flow-analysis – available via GUI and REST APIs
{ "response": { "sourceIP": "65.1.1.83", "request": { "sourceIP": "212.1.10.20", "destIP": "212.1.10.20" "destIP": "65.1.1.6" } }, "lastUpdate": "Thu Apr 23 01:23:21 UTC 2015", "properties": [ ], "networkElementsInfo": [ { "id": "424621be-d2b4-4d42-ad16-92d4d5c19fa4", "type": "WIRED", "ip": "212.1.10.20", "linkInformationSource": "Wired" }, { "id": "8beada2e-cd2c-421d-941f-3ba42696c489", "name": "CAMPUS-Access1", "type": "SWITCH",© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public "ip": "212.1.10.1", APIC-EM Northbound REST API
Problem: How to get started with a Controller API? Solution: Explore
Example: 1) In the APIC-EM User Interface, click on [API] 2) Navigate to the desired API in our example: /network-device/count
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 APIC-EM Northbound REST API Bundling, Versioning, Deprecation and Release Strategy
• API changes within a version will be backward compatible i.e adding a new optional parameter to existing API URL does not constitute a version change
• Up versioning an API does not guarantee backward compatibility
• When a new version of an API is released, the older version will be supported for 2 or more years before it is removed
• Telemetry will be used to get insights in API usage and retire unused APIs early in cycle
• Deprecated APIs will respond with appropriate message (that emphasizes the deprecation, time until it is valid, etc)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 Real-World Example
Example: Subnets seen by APIC-EM
Problem: How to get a full list of all subnets seen by APIC-EM ?
Solution: Use the APIC-EM REST APIs: Subnets seen by APIC-EM:
40.0.0.0 /24 40.0.1.0 /30 : 40.0.1.4 /30 1) For each network device: for item in interface_list: 40.0.1.8 /30 if (item[0] != '') & (item[1] != ''): 40.0.1.12 /30 2) Extract IP/Subnet Information of all subnet = ipcalc.Network(item[0] + "/" + item[1]) 40.0.1.16 /30 subnets.append(...) 40.0.1.20 /30 interfaces into a list : 40.0.1.24 /30 40.0.1.28 /30 40.0.1.32 /30 3) De-duplicate Subnets 40.0.1.36 /30 40.0.1.40 /30 40.0.1.44 /30 4) Sort the List 40.0.1.48 /30 40.0.2.0 /30 40.0.2.4 /30 40.0.2.8 /30 40.0.2.12 /30 See: 40.0.2.16 /30 https://communities.cisco.com/people/steffenwebb/blog/ virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS40.0.5.0 /24 2016/04/07/get-all-subnets-from-apic-em-controller 40.0.7.0 /24 172.10.0.0 /24 SWITCHING | ROUTING | WIRELESS172.20.0.0 /24 192.168.1.0 /24 192.168.2.0 /24 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Inventory Integration
Problem: How to leverage APIC-EM discovery and inventory to feed service monitoring? Solution: Integrate APIC-EM REST APIs with existing Paessler / PRTG System: 1. Identify Relevant Service Domains 2. Run APIC-EM Discovery 3. Share APIC-EM Inventory via REST APIs and modular PowerShell Tool/Adapter 4. Correlate with EoX and proTACtive
information via apiconsole.cisco.com IT Traditional 5. Visualize and Share with IT and
DevOps users via PRTG virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS
See www.damovo.com SWITCHING | ROUTING | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Real-World Example
Example: Analytics Integration
Problem: How to dynamically correlate data from APIC-EM and other sources to create visually appealing, informative and insightful reports? Solution: Automate report generation via APIC-EM REST APIs and Tableau: 1. Define Report Templates (ahead of time) 2. Trigger APIC-EM Export via REST APIs 3. Correlate with other data sources 4. Generate Reports and share with IT and
DevOps users via Tableau IT Traditional 1 View instead of 7 spreadsheets Tailored Reports for Job Roles virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS
See www.damovo.com SWITCHING | ROUTING | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 Real-World Example
Example: Campus Automation
Problem: How automate campus network operations to minimize OPEX and increase efficiency?
Solution: Leverage APIC-EM and DevNet to deliver automated solutions to customers • 1st PnP Prodution Reference • Custom App on top of PnP ‘Config Writer’
• OPEX Reduction Traditional IT Traditional • Standardization • Enables Innovation
See www.computacenter.com
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 Real-World Example
Example: Visualizing Multicast
Problem: In a Hospital, Multicast is used for critical Medical Equipment as well as Patient Entertainment and Media – data privacy is a key concern. How to visualize the relevant multicast information? Solution: Harvest information from the network and create custom, augmented displays 1) Collect relevant Topology, Inventory and Host information from APIC-EM NeXt UI Toolkit 2) Augment with Multicast tree(s) 3) Multicast Visualizer App 3) Use NeXt UI to for visual representation 1) 2) 4) Share with operational staff
See: http://www.anyweb.ch http://www.hsr.ch Network
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Command Runner
Problem: A controller API which is model-based and policy-driven is great – but sometimes we just need some arbitrary operational data. Why can’t I just run a plain old show command via the API?
Solution: 1. Upgrade to APIC-EM 1.4
2. Select Devices from Inventory
3. Run Commands
4. Wait for Task Completion
5. Read Results
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Command Runner
Problem: A controller API which is model-based and policy-driven is great – but sometimes we just need some arbitrary operational data. Why can’t I just run a plain old show command via the API?
[{'commandResponses': {'BLACKLISTED': {}, 'FAILURE': {}, 'SUCCESS': {'show configuration id detail': 'Configuration ' 'version ' Solution: ': 56303\n' 'Last ' 'change ' 'time ' ': ' 1. Upgrade to APIC-EM 1.4 '2017-01-19T06:12:53.573Z\n' 'Changed by ' 'user ' ': cisco\n' 'Changed ' 'from ' 2. Select Devices from Inventory 'process ' ': Virtual ' 'Exec', 'show ip interface brief': 'Interface ' 'IP-Address ' 'OK? Method ' 'Status ' 3. Run Commands 'Protocol\n' 'Embedded-Service-Engine0/0 ' 'unassigned ' 'YES NVRAM ' 'administratively ' 'down down \n' 'GigabitEthernet0/0 ' 4. Wait for Task Completion '172.16.2.2 ' 'YES manual ' 'up ' 'up \n' 'GigabitEthernet0/1 ' '10.2.2.1 ' 'YES manual ' 5. Read Results 'up ' 'up \n' 'GigabitEthernet0/2 ' '10.2.1.18 ' 'YES manual ' 'up ' © 2017 'up Cisco and/or \n' its affiliates. All rights reserved. Cisco Public 'Loopback0 ' '10.255.2.1 ' Command Runner
Problem: A controller API which is model-based and policy-driven is great – but sometimes we just need some arbitrary operational data. Why can’t I just run a plain old show command via the API?
Solution: 1. Upgrade to APIC-EM 1.4
2. Select Devices from Inventory • POST a cli read request using /network-device-poller/cli/read-request accepts a JSON-encoded request 3. Run Commands maximum of 100 device IPs and a maximum of 5 commands) returns a Task ID, which can be polled for status: /task/{taskId} 4. Wait for Task Completion • 3) when the task is complete, the response will return a File ID. • Resulting file contains the command output: /file/{fileId} 5. Read Results
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 51 Command Runner
Problem: A controller API which is model-based and policy-driven is great – but sometimes we just need some arbitrary operational data. Why can’t I just run a plain old show command via the API?
Solution: 1. Upgrade to APIC-EM 1.4
2. Select Devices from Inventory
3. Run Commands
4. Wait for Task Completion
5. Read Results
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public APIC-EM Platform – App Modularity
IWAN Path Trace Until APIC-EM 1.2 Cisco Applications are EasyQoS Lifecycle Mgmt. - developed independently - packaged and deployed with APIC-EM PnP Integrity Verification
From APIC-EM 1.3 Cisco Applications are - developed independently - deployed on demand
Going Forward - Descriptive Service Model - DNA Center Integration - DNA Analytics Integration
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 53 Deploy, Report, Measure, Adjust, Repeat
Business Intent Business Insight
Automation Analytics Service Policy Abstraction & Policy Control Network Data, Service Analytics from Core to Edge Contextual Insights
Infra Config Analytics Infra Telemetry
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 54 APIC-EM Platform Architecture – Today
APIC-EM Applications Applications built on top of APIC-EM
Network Path Network Applications packaged with APIC-EM IWAN Easy QoS Inventory Trace PnP Core Applications bundled Advanced Topology Visualizer IWAN Application separately licensed
Northbound REST API Open and Documented REST API APIC-EM Controller Platform Services Inventory Policy RBAC Policy Analysis Core Services Manager Programmer Applications Specific Services Topology Data Access IWAN Network PnP Services Service Services
Elastic Controller Infrastructure (Grapevine 1 ) Provides Scale and High Availability
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58 APIC-EM Platform Architecture – Today
APIC-EM Applications UI UI UI UI
Core Apps App 1 App 2 App 3
Telemetry Telemetry Telemetry Telemetry Northbound REST API APIC-EM Controller Platform Services
App 1 Service App 1 Service Common Services App 2 Service App 2 Service
Elastic Controller Infrastructure (Grapevine 1 )
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 DNA Controller and Analytics Evolution
Common Presentation Layer (DNA Center)
APIC-EM Applications UI UI UI UI
Core Apps App 1 App 2 App 3
Telemetry Telemetry Telemetry Telemetry Northbound REST API APIC-EM Controller Platform Services
App 1 Service App 1 Service Common Services App 2 Service App 2 Service
Elastic Controller Infrastructure (Grapevine 2 / Maglev)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60 DNA Controller and Analytics Evolution
Common Presentation Layer (DNA Center)
APIC-EM Applications
Core Apps App 1 App 2 App 3
Telemetry Telemetry Telemetry Telemetry Northbound REST API APIC-EM Controller Platform Services
App 1 Service App 1 Service Common Services App 2 Service App 2 Service
Elastic Controller Infrastructure (Grapevine 2 / Maglev)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61 DNA Controller and Analytics Evolution
Common Presentation Layer (DNA Center)
APIC-EM Applications
Core Apps App 1 App 2 App 3
Telemetry Telemetry Telemetry Telemetry Northbound REST API Northbound REST API APIC-EM Controller Platform Services DNA Analytics – Network Data Platform Stream Machine App 1 Service App 1 Service Data Store Processing Learning Common Services App 2 Service App 2 Service Collectors – Events, Streams, Telemetry, Metrics
Elastic Controller Infrastructure (Grapevine 2 / Maglev)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 62 DNA Controller and Analytics Evolution
Common Presentation Layer (DNA Center)
APIC-EM Applications
Core Apps App 1 App 2 App 3
Northbound REST API Northbound REST API APIC-EM Controller Platform Services DNA Analytics – Network Data Platform Stream Machine App 1 Service App 1 Service Data Store Processing Learning Common Services App 2 Service App 2 Service Collectors – Events, Streams, Telemetry, Metrics
Elastic Controller Infrastructure (Grapevine 2 / Maglev)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63 DNA Controller and Analytics Evolution
Common Presentation Layer (DNA Center)
APIC-EM Applications Analytics Applications
Core Applications DNA Assurance Core Apps App 1 App 2 App 3
Presentation – Policy, Visualization
Northbound REST API Northbound REST API APIC-EM Controller Platform Services DNA Analytics – Network Data Platform Stream Machine App 1 Service App 1 Service Data Store Processing Learning Common Services App 2 Service App 2 Service Collectors – Events, Streams, Telemetry, Metrics
Elastic Controller Infrastructure (Grapevine 2 / Maglev)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64 DNA Assurance – UI Main Dashboard
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65 Additional Enterprise SDN “Controllers” Switch Fabric
Spine 1 Spine 2 Spine x
Leaf 1 Leaf 2 Leaf 3 Leaf x
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 67 Switch Fabric
• Not just in the Datacenter anymore…
Border x
Agg 1 Agg 2 Agg x
Edge 1 Edge 2 Edge 3 Edge x
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 68 Campus Fabric SDN in the Enterprise C • L2 + L3 Overlay -vs- L2 or L3 Only • Host Mobility with Anycast Gateway • Adds VRF + SGT into Data-Plane B • Virtual Tunnel Endpoints (No Static) B • No Topology Limitations (Basic IP)
E E E
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69 Campus Fabric Fabric Control-Plane Fabric Border Node Node SDN in the Enterprise C • L2 + L3 Overlay -vs- L2 or L3 Only • Host Mobility with Anycast Gateway • Adds VRF + SGT into Data-Plane B • Virtual Tunnel Endpoints (No Static) B • No Topology Limitations (Basic IP)
E E E
LISP Overlay
Fabric Edge Node
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70 What exactly is a Fabric? Types of Overlays
Hybrid L2 + L3 Overlays offer the Best of Both Worlds
Layer 2 Overlays Layer 3 Overlays
• Emulates a LAN segment • Abstract IP connectivity
• Transport Ethernet Frames (IP & Non-IP) • Transport IP Packets (IPv4 & IPv6)
• Single subnet mobility (L2 domain) • Full mobility regardless of Gateway
• Exposure to Layer 2 flooding • Contain network related failures (floods)
• Useful in emulating physical topologies • Useful to abstract connectivity and policy
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 71 What is unique about Campus Fabric? Key Components – LISP 1. LISP based Control-Plane
Routing Protocols = Big Tables & More CPU LISP DB + Cache = Small Tables & Less CPU
BEFORE AFTER
Prefix RLOC IP Address = Location + Identity Separate Identity from Location 192.58.28.128 ….....171.68.228.121 189.16.17.89 ….....171.68.226.120 22.78.190.64 ….....171.68.226.121 172.16.19.90 ….....171.68.226.120 Prefix Next-hop 192.58.28.128 ….....171.68.228.121 189.16.17.89 ….1 ...... 71.68.226.120 192.58.28.128 ….....171.68.228.121 Flexible 22.78.190.64 ….....171.68.226.121 189.16.17.89 ….....171.68.226.120 172.16.19.90 ….....171.68.226.120 22.78.190.64 ….....171.68.226.121 192.58.28.128 …....171.68.228.121 Prefix Next-hop 172.16.19.90 ….....171.68.226.120 189.16.17.89 …....171.68.226.120 189.16.17.89 ….1 ...71.68.226.120 192.58.28.128 ….....171.68.228.121 22.78.190.64 ….....171.68.226.121 Mapping 22.78.190.64 ….....171.68.226.121 172.16.19.90 …...... 171.68.226.120 172.16.19.90 ….....171.68.226.120 192.58.28.128 ….....171.68.228.121 192.58.28.128 …....171.68.228.121 189.16.17.89 …....171.68.226.120 22.78.190.64 ….....171.68.226.121 Database 172.16.19.90 …...... 171.68.226.120 192.58.28.128 …...... 171.68.228.121 189.16.17.89 ….....171.68.226.120 22.78.190.64 …...... 171.68.226.121 172.16.19.90 ….....171.68.226.120 192.58.28.128 ….....171.68.228.121 Endpoint Routes are Prefix Next-hop 189.16.17.89 ….1 ...... 71.68.226.120 22.78.190.64 ….....171.68.226.121 Consolidated 172.16.19.90 ….....171.68.226.120 192.58.28.128 …....171.68.228.121 189.16.17.89 …....171.68.226.120 Prefix Next-hop 22.78.190.64 ….....171.68.226.121 189.16.17.89 ….1 ...71.68.226.120 172.16.19.90 …...... 171.68.226.120 to LISP DB 22.78.190.64 ….....171.68.226.121 192.58.28.128 ….....171.68.228.121 172.16.19.90 ….....171.68.226.120 189.16.17.89 …....171.68.226.120 192.58.28.128 …....171.68.228.121 22.78.190.64 ….....171.68.226.121 172.16.19.90 …...... 171.68.226.120 192.58.28.128 …...... 171.68.228.121 189.16.17.89 ….....171.68.226.120 22.78.190.64 …...... 171.68.226.121 172.16.19.90 ….....171.68.226.120 192.58.28.128 ….....171.68.228.121 Prefix Next-hop Prefix Next-hop 189.16.17.89 ….1 ...71.68.226.120 189.16.17.89 ….1 ...... 71.68.226.120 22.78.190.64 ….....171.68.226.121 22.78.190.64 ….....171.68.226.121 172.16.19.90 ….....171.68.226.120 172.16.19.90 ….....171.68.226.120 192.58.28.128 …....171.68.228.121 192.58.28.128 …....171.68.228.121 189.16.17.89 …....171.68.226.120 22.78.190.64 ….....171.68.226.121 172.16.19.90 …...... 171.68.226.120 192.58.28.128 ….....171.68.228.121 189.16.17.89 …....171.68.226.120 22.78.190.64 ….....171.68.226.121 Topology + Endpoint Routes 172.16.19.90 …...... 171.68.226.120 Only Local Routes 192.58.28.128 …...... 171.68.228.121 189.16.17.89 ….....171.68.226.120 Topology Routes 22.78.190.64 …...... 171.68.226.121 172.16.19.90 ….....171.68.226.120 192.58.28.128 ….....171.68.228.121 Endpoint Routes
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 72 What is unique about Campus Fabric? Key Components – VXLAN 1. LISP based Control-Plane 2. VXLAN based Data-Plane
ORIGINAL ETHERNET IP PAYLOAD PACKET Supports L3 Overlay PACKET IN ETHERNET IP UDP LISP IP PAYLOAD LISP Supports L2 & L3 Overlay PACKET IN ETHERNET IP UDP VXLAN ETHERNET IP PAYLOAD VXLAN
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 73 What is unique about Campus Fabric? Key Components – CTS 1. LISP based Control-Plane 2. VXLAN based Data-Plane 3. Integrated Cisco TrustSec
Virtual Routing & Forwarding Scalable Group Tagging VRF + SGT
ETHERNET IP UDP VXLAN ETHERNET IP PAYLOAD
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Mounting YANG Datastores OpenDaylight Controller Config
NETCONF RESTCONF Config Store MD-SAL
NETCONF
• Mounted under e.g. http://localhost:8181/restconf/config/network-topology:network- topology/topology/topology-netconf/node/controller-config
• Data can be accessed using …/yang-ext:mount/…
• …/yang-ext:mount/config:modules is used to configure the various plug-ins
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76 Mounting YANG Datastores OpenDaylight NETCONF Node “Discovery” RESTCONF Node Inventory Model Cache MD-SAL
NETCONF
XR1 XR2 OpenWRT • Nodes added by POSTing to config:modules
• ODL connects to each node
• ODL learns capabilities (YANG modules) and stores to model cache • Cache at ~/cache/schema. Filenames of form [email protected].
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77 Mounting YANG Datastores OpenDaylight NETCONF Node Configuration RESTCONF Node Inventory Model Cache MD-SAL
NETCONF
XR1 XR2 OpenWRT • Nodes configured by POSTing or PUTting to e.g.: • http://localhost:8181/restconf/config/network-topology:network- topology/topology/topology-netconf/node/XR2/yang-ext:mount/Cisco-IOS-XR-ifmgr- cfg:interface-configurations/interface-configuration/act/Loopback0/ • Can retrieve config (or operational stats) using GET
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78 OpenDaylight – Add NETCONF device REST client ODL IOS-XR POST New Device
Store node info 204 No Content Connecting
NETCONF
NETCONF
NETCONF
Add to schema cache … Connected
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 79 OpenDaylight – Successful Edit Config REST client ODL IOS-XR PUT/POST XR Config Basic YANG checks
NETCONF
NETCONF
NETCONF
NETCONF
NETCONF
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
What is Ansible
Ansible, an open source community project sponsored by Red Hat, is the simplest way to automate IT. Ansible is the only automation language that can be used across entire IT teams – from systems and network administrators to developers and managers.
Ansible by Red Hat provides enterprise-ready solutions to automate your entire application lifecycle – from servers to clouds to containers and everything in between.
It uses no agents and no additional custom security infrastructure, so it's easy to deploy - and most importantly, it uses a very simple language (YAML, in the form of Ansible Playbooks) that allow you to describe your automation jobs in a way that approaches plain English.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 82 Ansible Configuration Management Workflow
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 83 Ansible for Networking - name: load new acl into device ios_config: lines: - 10 permit ip host 1.1.1.1 any log - 20 permit ip host 2.2.2.2 any log - 30 permit ip host 3.3.3.3 any log - 40 permit ip host 4.4.4.4 any log - 50 permit ip host 5.5.5.5 any log parents: ip access-list extended test before: no ip access-list extended test match: exact provider: "{{ cli }}"
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 84 Ansible for Networking - name: load new acl into device netconf_config: xml: |
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85 Ansible Terms
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
What Puppet Does
Source: http://puppetlabs.com/puppet/what-is-puppet
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 89 Puppet Integration with Cisco Switches
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 90 Types and Providers
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 91 Compile YANG Directly to Types and Providers
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 92 Puppet Manifest Declarative Configuration of Network Element xe_ietf_interfaces { 'Loopback4': ensure => 'present', enabled => 'true', ipv4_address_ip => '10.44.4.4', ipv4_address_netmask => '255.255.255.0', type => 'Loopback', }
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 93 Infrastructure as Code vrfs: - vrf_name: VRF-DEVELOPMENT vrf_id: 103 vlans: - vlan_id: 3240 name: "10_103_240_0-DATA" ip_address: "10.103.240.1" subnet_mask: "255.255.255.0" dynamic-eid-name: DEVELOPMENT.EID.10_102_240_0 - vlan_id: 3241 name: "10_103_241_0-VOICE" ip_address: "10.103.241.1" subnet_mask: "255.255.255.0" dynamic-eid-name: DEVELOPMENT.EID.10_102_241_0
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Network Data is useful Elsewhere
Where Data Is Created Where Data Is Useful
Applications
Network NMS Element
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 Legacy Data Transfer Mechanisms Insufficient for Programmatic Environments
Where Data Is Created Where Data Is Useful
SNMP
syslog
Applications CLI • Interface up/down Network • Instantaneous config NMS Controller Element • Instantaneous topology • Flow fingerprints • Routes
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 98 Streaming Telemetry Requirements
Where Data Is Created Complete representation Where Data Is Useful Self describing Structured & filterable Static subscriptions Customized object push Multiple destinations Non-repudiation Low latency
? ? ? Applications • Interface up/down High volume Network • Instantaneous config Dynamic subscriptions NMS Controller Element • Instantaneous topology Per-object security • Flow fingerprints Transport options • Routes Standards based
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 99 Three Enablers for Telemetry
Push Not Pull
Analytics-Ready Data
Data-Model Driven
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100 Programmable Interface “Stack”
Collectors & Applications Visibility
NETCONF RESTconf gRPC Protocol
YANG Data Model Data Open Native Open Native Programmable Models Interfaces Configuration Operational
Device Features SNMP Data Physical and Virtual Network Infrastructure Interface BGP QoS ACL …
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 101 Useful Information!!
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 102 Different Customers, Different Models
Prometheus Kibana Panda
ElasticSearch Kafka
BYO Black Proprietary Output Codec Box or OS-based Logstash ST Input Codec S S S S T T
Custom Open Source, Customizable Commercial Stack
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 103 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close Cisco Digital Network Architecture
Cloud Services and Management Network-enabled Applications Policy | Orchestration Insights & Open APIs | Developers Environment Experiences Automation Analytics Automation Principles Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights & Assurance
Open & Programmable | Standards-Based Security & Infrastructure Compliance Physical | Virtual | Programmable | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 105 Open Device Programmability
Set Get Automate RESTCONF NETCONF gRPC Open Device Programmability Data Model
Configuration Operational
Device Device Standard Standard Physical and Virtual Network Infrastructure Specific Specific
Device Features
Interface BGP QoS ACL … Other vendors…
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106 vAF Focus: Virtual Application Functions Device-Level – Hosting Options YOUR App YOUR App YOUR App
Server / Controller Blade Container • Unlimited CPU/RAM/Storage • Physical CPU/RAM/Storage • Dedicated CPU/RAM/Storage • Any OS and/or Hypervisor • Any OS and/or Hypervisor • Any OS in a KVM OVA • High Latency and Delay • Lower Latency and Delay • Low Latency and Delay • Extra Deployment • Modular • Virtualized, Elastic • Extra Footprint • Fate Sharing, local Visibility • Fate Sharing, local Visibility
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 109 UCS E-Series Portfolio UCS-E180D
UCS-E160D
Scalability UCS-E160S 8-core, 1.8 GHz, 96 GB RAM UCS-E140S 6-core, 2.0 GHz, 96 GB RAM
UCS-EN120S 6-core, 1.9 GHz, 32 GB RAM UCS-EN140N 4-core, 1.8 GHz, 16 GB RAM
2-core, 2.0 GHz, 16 GB RAM Shipping New 4-core, 1.0 GHz, 8 GB RAM M1 blades will be EOS by Q1 FY16 Performance
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 110 Virtual Service Containers Problem: Can I run my App inside a Router ? YOUR App Solution: Yes ! From IOS XE3.17 onwards • Option to enable unsigned containers • Any 3rd party KVM • Libvirt based format / YAML manifest file • Requires 4GB+ dedicated RAM virtual-service signing level unsigned • May require persistent storage (NIM-SDD) # virtual-service install name myapp package flash:myapp.ova • ASR1000, ISR4000, CSR1000 # show virtual-service list # show virtual-service detail name myapp Try it out – available today # virtual-service connect name myapp aux|console
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 111 Real-World Example
Example: On-Demand Branch Manageability
Problem: When Enterprise Branch Services become virtualized and elastic, how to provide local visibility and management on-demand?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: On-Demand Branch Manageability
Problem: When Enterprise Branch Services become virtualized and elastic, how to provide local visibility and management on-demand?
Solution: Deploy local Discovery and Management on-demand within IOS XE virtual-service containers • Create pre-installed, pre-configured KVM • Package as IOS XE Virtual Service .ova • Deploy onto ASR. ISR, CSR on-demand • Activate and Use • Remove when no longer required See: http://www.nedi.ch/running-nedi-on-a-cisco-router/
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: On-Demand Branch Manageability
Problem: When Enterprise Branch Services become virtualized and elastic, how to provide local visibility and management on-demand?
Solution: Deploy local Discovery and Management on-demand within IOS XE virtual-service containers nedi.ch • Create pre-installed, pre-configured KVM • Package as IOS XE Virtual Service .ova • Deploy onto ASR. ISR, CSR on-demand • Activate and Use • Remove when no longer required See: http://www.nedi.ch/running-nedi-on-a-cisco-router/
Virtual Service List: Name Status Package Name ------csr_mgmt Installed iosxe-remote-mgmt.03.17... nedi Activated nedi.ova © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes:
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations • Deploy Virtual Probes into key Locations (IOS XE Virtual-Service on ISR 4451)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations • Deploy Virtual Probes into key Locations (IOS XE Virtual-Service on ISR 4451) • Reduce MTTT -43% and MTTR -8%
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations • Deploy Virtual Probes into key Locations (IOS XE Virtual-Service on ISR 4451) • Reduce MTTT -43% and MTTR -8%
See: blog.thousandeyes.com/troubleshooting-cloud-services-cisco © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Real-World Example
Example: Hybrid Services – Cisco IT
Problem: How to consistently monitor and troubleshoot a growing set of business critical hybrid services (on-premise + cloud-based) ?
Solution: Detect and Alert via ThousandEyes Probes: • Leverage existing Cloud-based Probes • Deploy Mac-Mini Probes into key Locations • Deploy Virtual Probes into key Locations (IOS XE Virtual-Service on ISR 4451) • Reduce MTTT -43% and MTTR -8%
See: blog.thousandeyes.com/troubleshooting-cloud-services-cisco © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public vNF Focus: Virtual Network Functions Why Virtualization for the Network?
Mobility IoT Analytics Cloud Mobile traffic will Exceed IoT Devices will 76% of companies planning 80% of organizations will wired traffic by 2017 triple by 2020 to or investing in Big Data primarily use SaaS by 2018
Deploy new capabilities faster AND Lower operating costs
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 127 Cisco Enterprise Branch and IWAN Management and Orchestration Cisco® SDN Applications
IWAN App ESA Easy QoS PnP
APIC-EM/Cisco Prime™
WAN Intelligent WAN
Transport Intelligent Application Highly Secure Independence Path Control Optimization Connectivity
Platform Physical Virtual Cloud Amazon CSR Web Services 800 and 4000 ASR 1000 ISRv ASAv vWLC vWAAS ASAv Series ISR 1000V Microsoft Azure UCS® E-Series © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Sample Workflow Enterprise Service Automation Pick validated Discover Devices Define Branch Design a Profile & topologies to be used locations select functions 4 1 2 3
5
Assign template and attributes Map to Branches
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 129 State Machine based Automation
StateMachine Based on SCXML Event based W3C working draft Scripting hooks – Groovy Camel based DSL to support EIP Dynamic orchestration flows Add/Update NKP’s on the fly No coding
Opensource SCXML – custom extensions based on draft spec http://commons.apache.org/proper/commons-scxml/ Camel routes http://camel.apache.org/
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 130 Enterprise Network Virtualization – Phase 1
Automation and Orchestration Enterprise Service Automation (ESA) ESA PnP Prime Function’s orchestrates overall workflows APIC-EM APIC-EM Infrastructure Management PnP for initial setup
Virtual Functions / Services Cisco Virtual Functions 3rd Party Virtual Network Functions 3rd Party OS based Services Cisco and 3rd Party vNF, vAF, vMF
NFVIS – Local Management Embedded Management APIs, PnP, Platform Virtual Hypervisor for PnP, WAN Outages, Health Monitor Management Switching Small Deployments
Enterprise Class Compute Platform Designed for Branch Workloads
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 131 Sandbox • Development and testing environment
• Isolates untested code changes and experimentation from the production environments
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 132 Speed of Iteration DevNet Networking Sandboxes (minutes, seconds) !
• Remote access to Cisco DNA building blocks • On-demand and reservation based • Simulated and physical network elements • Optional traffic generation capabilities
devnetsandbox.cisco.com
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 133 Speed of Iteration What is VIRL? (minutes, seconds) ! A network orchestration and virtualization platform: Design graphically Configure automatically Visualize in-depth Integrate Simulate Test Connect Extract Modify Share
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 134 EEM Embedded Event Manager (EEM)
. Extremely flexible and powerful Cisco IOS subsystem within Cisco IOS Software . Adapt device behavior and insert custom logic without IOS upgrade . Event Detectors (ED) integrated with IOS modules for wide range of system event detection . CLI and Tcl based policy provides consistent programmability interface . Powerful event engine supporting multi- event correlation, advance scheduling and more
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 136 What Can Automation Do for Me?
Challenge 1: Every few weeks a router is running low on memory around 2 am, and I want to find out what’s happening
•Solution: EEM policy could be triggered based on the memory utilization, capture the memory information and send the output with Syslog or Email
Challenge 2: My devices are running into a bug where “show ip ospf database” causes them to crash. I want to prevent the command from being run until I can upgrade •Solution: EEM policy can trigger when “show ip ospf database” is executed and stop the command from running and the device from crashing.
Challenge 3: I want to devices to run an automated set of diagnostics that are periodically updated in a central database.
•Solution: EEM policies can be used to connect to the central database via HTTP, extract the commands given the device’s place in the network, run the diagnostics, and then report the results
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 137 From Beginner… Real-World Example Automate Diagnostics
event manager applet LOW_IO_MEM event snmp oid 1.3.6.1.4.1.9.9.48.1.1.1.6.1 get-type exact entry-op lt entry-val "4000000” poll-interval 60 action 0.0 syslog msg "LOW MEMORY DETECTED. Please wait – logging information to flash:low_mem.txt” action 0.1 cli command "enable” action 0.2 cli command "term exec prompt timestamp” action 1.2 cli command "show memory statistics | append flash:low_mem.txt” action 1.3 cli command "show process mem sorted | append flash:low_mem.txt” action 2.3 cli command "show mem all total | append flash:low_mem.txt” action 3.2 cli command "show log | append flash:low_mem.txt” action 3.3 cli command “show tech | append flash:low_mem.txt” action 3.4 cli command “show mem debug leaks summ | append flash:low_mem.txt”
• Capture the required diagnostic information at the time a low I/O memory event occurs
• Save the data for future analysis and alert the operators that the problem has occurred
• This simple applet is extremely popular in TAC that use this every time they are diagnosing a low I/O memory case
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 139 …To Advanced EEM Tcl Policy Suspending Inactive Ports
::cisco::eem::event_register_syslog pattern "LINEPROTO-5-UPDOWN" maxrun 600
if { ![info exists suspend_ports_config] } { set result "ERROR: Policy cannot be run: variable suspend_ports_config has not been set" error $result $errorInfo }
namespace import ::cisco::eem::* namespace import ::cisco::lib::* Say you want to proc run_cli { clist } { … } suspend (i.e., array set arr_einfo [event_reqinfo] if { ! [regexp {Interface ([^,]+), changed state to up} $arr_einfo(msg) -> iface] } { shutdown) ports that exit } haven’t been active in
while { 1 } { a week… set results [run_cli [list "show event manager policy pending | include tm_suspend_ports.tcl"]] if { ! [regexp {tm_suspend_ports.tcl} $results] } { break …Use EEM to watch } after 1000 for ports that become } if { [catch {open $suspend_ports_config "r"} result] } { active… exit } …
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 141 EEM Tcl Policy Suspending Inactive Ports (Cont.)
set fd $result set contents [read $fd] close $fd
set contents [string trim $contents] array set ports [split $contents] …Then delete those if { [info exists ports($iface)] } { array unset ports $iface newly active ports
set fd [open $suspend_ports_config "w"] from a log file tracking puts -nonewline $fd [array get ports] close $fd ports that are down. }
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 142 EEM Tcl Policy Track Ports That Are Down
::cisco::eem::event_register_timer cron cron_entry "0 0 * * *" queue_priority normal maxrun 600 if { ![info exists suspend_ports_days] } { set result "ERROR: Policy cannot be run: variable suspend_ports_days has not been set" error $result $errorInfo } if { ![info exists suspend_ports_config] } { set result "ERROR: Policy cannot be run: variable suspend_ports_config has not been set" error $result $errorInfo } namespace import ::cisco::eem::* namespace import ::cisco::lib::* Every night at proc run_cli { clist } { ... } midnight, another set SECS_IN_DAYS 86400 EEM policy runs that set DOWN 0 set UP 1 set ADMIN_DOWN 2 records each “down” set now [clock seconds] port into a file… set susp_time [expr $suspend_ports_days * $SECS_IN_DAYS] array set suspend_ports [list] if { [catch {open $suspend_ports_config "r"} result] } { array set ports [list] } else { set fd $result set contents [read $fd] close $fd set contents [string trim $contents] array set ports [split $contents] } …
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 143 EEM Tcl Policy Track Ports That Are Down (Cont.)
set result [run_cli [list "show ip interface brief | include Ethernet"]] foreach line [split $result "\n"] { set line [string trim $line] regsub -all {\s+} $line " " line set elems [split $line] set iface [lindex $elems 0] if { ! [regexp {Ethernet} $iface] || [llength $elems] < 6 } { continue } if { [lindex $elems 4] == "administratively" && [lindex $elems 5] == "down" } { set status $ADMIN_DOWN } elseif { [lindex $elems 4] == "down" } { set status $DOWN } elseif { [lindex $elems 4] == "up" && [lindex $elems 5] == "up" } { …If the port has been set status $UP } else { down long enough, it set status $DOWN } is put on a “to-be- if { [info exists ports($iface)] } { if { $status == $UP || $status == $ADMIN_DOWN } { shutdown” list. array unset ports $iface } else { if { [expr $now - $ports($iface)] >= $susp_time } { set suspend_ports($iface) $ports($iface) } } } else { if { $status == $DOWN } { set ports($iface) $now } } } …
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 144 EEM Tcl Policy Track Ports That Are Down (Cont.)
set fd [open $suspend_ports_config "w"] puts -nonewline $fd [array get ports] close $fd set cli [list "config t"] foreach port [array name suspend_ports] { if { [info exists suspend_quarantine_vlan] } { set cli [concat $cli [list "interface $port" "switchport access vlan $suspend_quarantine_vlan"]] action_syslog msg "Moving port $port into quarantine VLAN $suspend_quarantine_vlan since it was last used on [clock format $suspend_ports($port)]" } else { set cli [concat $cli [list "interface $port" "shut"]] action_syslog msg "Shutting down port $port since it was last used on [clock format …For each port in the $suspend_ports($port)]" } } list, it is lappend cli "end" administratively shut if { [catch {run_cli $cli} result] } { action_syslog priority err msg "Failed to shutdown ports: '$result'" down or moved to a } quarantine VLAN (if said VLAN is defined).
Download the full version from https://supportforums.cisco.com/docs/DOC-39192
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 145 Coming Soon To 16.5…
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 146 EEM and Python
• Uses Python 2.7 interpreter
• Similar config to EEM Tcl scripts • Same event specification syntax • Similar built-in methods for syslog, CLI execution, SNMP traps, etc.
• Python scripts run under a guestshell container
• Support for a number of built-in Python modules (may change for release) • requests • SSL/TLS • smtplib • sqlite3
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 147 Python What Is Guestshell?
• A BusyBox Linux container running next to IOS-XE
• Invoked using the guestshell EXEC command
• Access to the same management network as the device itself
• Access to the device’s flash filesystem under /flash
• Guestshell commands can be run directly from IOS EXEC
• Provides a Python scripting environment
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 148 Record User Activity To a Database
Event Python spec modules
Similar data extraction functions
Syslog support
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 149 Execute Commands And Email Output
Execute CLI commands
Send email (including MIME attachments)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 150 Packaging Network Automations Problem: Cisco IOS Embedded Automation Systems often include multiple configuration items, files, checks and procedures – how to ensure they are deployed consistently? Solution: Cisco EASy provides a simple packaging mechanism and open-source EASy Installer. A developer guide is available online to assist with the creation of EASy packages.
. Package Description EASy Installer = Menu Guided Installation . Pre-Requisite Verification . Pre-Installation Config + . Pre-Installation Exec MyPackage.tar . Environment Variables . Configuration Router# easy-installer tftp://10.1.1.1/mypackage.tar flash:/easy ------. Files Configure and Install EASy Package ‘mypackage-1.03' . Post-Requisite Verification ------1. Display Package Description . Post-Installation Config 2. Configure Package Parameters . Post-Installation Exec 3. Deploy Package Policies 4. Exit . Uninstall Enter option: 2 See: http://www.cisco.com/go/easy EASy Package guide: http://tools.cisco.com/squish/cEAe3
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 151 Coming To 16.6: EEM Policy Manager
• Control which EEM policies (Tcl, Central Policy Server applet, Python) should be deployed on which devices Manifest File • Supports grouping and flexible Name Value device-to-policy matches (per Server 10.1.1.2 Operation Add device or per EEM version)
Policy File First.tcl, Second.tcl. … • Can add necessary config to devices to support policies • Add and remove policies • Leverages a “call home” system to keep policies up-to-date
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 152 Programming With Data Models Is CLI An API?
• It’s been used like one… • Pick the error(s):
Router#show run Router#show run Command authorization failed … description %Error with interface
Router#show run Router#show run Unable to read configuration. Try again later Router#
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 154 Device-Level API – NETCONF and RESTCONF
Problem: How to programmatically interact with a device – in a model-based, machine- consumable, loosely coupled, easy to understand and standards-based way?
Solution: Use NETCONF & RESTCONF from IOS XE3.17 (and XR 6.1, and in NX-OS) onwards YOUR App • RESTful interface over HTTPS, or… • …Session-based, transactional interface over SSH
• JSON/XML data representation JSON / XML • Based on YANG Models
• IETF Standard Models where they exist / SSH HTTPS • Cisco Models where common across platforms • Cisco Platform specific models • ASR1000, ISR4000, CSR1000, Catalyst 3850, … Try it out – available today
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 155 Programmatic, Open And Scalable
• RESTCONF and NETCONF provides a way to configure devices using well- defined YANG data models
• Instead of passing raw CLI, the modeled attributes can be sent using traditional REST calls (e.g., GET, PUT, POST, PATCH, DELETE) in RESTCONF or Remote Procedure Calls (RPCs) using NETCONF
• YANG as a data modeling language is defined in RFC 6020
• RESTCONF is still being standardized in the IETF in draft-ietf-netconf-restconf
• The NETCONF standard is defined in RFC 6241
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 156 Using RESTCONF To Program Devices
YANG interface model
TLS
https://datatracker.ietf.org/doc/draft-ietf-netconf-restconf/
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 157 Enabling NETCONF and RESTCONF Router(config)#netconf-yang Router(config)#restconf
NETCONF port 830 RESTCONF ports 80 or 443
* Users with privilege level 15 will have access
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 158 Example – Configure and Monitor IPSLA The YANG Model
Entry number Here’s what we want to configure: Type and destination IP
ip sla 2 icmp-echo 8.8.8.8 Schedule ip sla schedule 2 start-time now life forever lifetime
Schedule start time
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Example – Configure and Monitor IPSLA Build the RESTCONF Call Operation : PATCH (insert a sub- configuration)
URI: /restconf/api/running/native/ip/sla
RESTCONF entry point and model namespace Config location
Request Body
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 160 Example – Configure and Monitor IPSLA Exploring RESTCONF with Postman
• Postman is a Google Chrome extension that’s great for working with REST interfaces • Plug in the operation, URI, and body, then click Send • Click the Generate Code link to build Python, Perl, Java, cURL, etc. code
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 161 Example – Configure and Monitor IPSLA Code From Postman Java Python
cURL
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 162 Example – Configure and Monitor IPSLA Using NETCONF and ncclient
Install using: pip install ncclient
But you still need to know the model structure…
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 163 Getting To Know YANG With Yang Explorer
• Yang Explorer is an Open Source tool provided by Cisco • Client/server web-based application • Available from GitHub: • https://github.com/CiscoDevNet/yang- explorer • git clone https://github.com/CiscoDevNet/y ang-explorer.git • Graphically interact (i.e., grab data, send configuration) with your devices • Navigate YANG models with ease
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 164 Step 1: Learn A Device’s Capabilities
Shows all the models and versions supported by a device
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 165 Step 2: Sync Models From The Device
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 166 Step 2: Sync Models From The Device
Fetches all of the modules; sync the ones you wish to work with
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 167 Step 2: Sync Models From The Device
Fetches all of the modules; sync the ones you wish to work with
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 168 Step 2: Sync Models From The Device
Fetches all of the modules; sync the ones Subscribe to those you wish to work with modules you synced to add them to the Yang Tree
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 169 Step 2: Sync Models From The Device
Fetches all of the modules; sync the ones Subscribe to those you wish to work with modules you synced to add them to the Yang Tree
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 170 Step 3: Collect Data From The Device
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 171 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 172 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 173 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
The RPC payload appears in the Encoding tab; click Run to execute it
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 174 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
The RPC payload appears in the Encoding tab; click Run to execute it
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 175 Step 3: Collect Data From The Device
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 176 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 177 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 178 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
The RPC payload appears in the Encoding tab; click Run to execute it
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 179 Step 3: Collect Data From The Device
Browse the leafs in the Explorer tree, and select the operations for those you want
The RPC payload appears in the Encoding tab; click Run to execute it
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 180 Step 4: Configure Using The Model
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 181 Step 4: Configure Using The Model
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 182 Step 4: Configure Using The Model
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 183 Generate the RPC and Step 4: Configure Using The Model Run it.
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 184 Generate the RPC and Step 4: Configure Using The Model Run it.
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 185 Generate the RPC and Step 4: Configure Using The Model Run it.
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 186 Generate the RPC and Step 4: Configure Using The Model Run it.
Use the Explorer Tree to select your model and fill in the desired leaf nodes.
class-map match-all my-app description Business Classifier match access-group 110
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 187 From Yang Explorer To Scripting
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 188 Web-Based YANG Searching
Search for Display nodes model trees
View model relationships
Yang Search
http://yangcatalog.org/yang-search/
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 189 YDK – The YANG Development Kit On DevNet! https://developer.cisco.com/site/ydk/
YDK turns YANG models in Python classes
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 190 Example – Configure and Monitor IPSLA Using YDK All the model XML becomes Python object code
Creates the XML…
…Performs the NETCONF
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 191 Example – Configure and Monitor IPSLA Monitor the Results /restconf/api/operational/ip-sla-stats/sla-oper-entry/2?deep
Modeled data is easy to extract and send to a database or another API
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 192 Other Features
• Support for config and operational data
• Reliable feedback on error
• Supports the ability to prevent certain CLI commands from running
• Supports rollback on error or on demand
GET /restconf/api/running/native/ip/name-server { “name-server”: [“8.8.8.8”] } PATCH /restconf/api/running/native/ip/name- server { “name-server”: [“8.8.8.8”, “1.1.1.1”] } POST /restconf/api/running/_rollback
GET /restconf/api/running/native/ip/name-server { “name-server”: [“8.8.8.8”] }
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 193 Enhance EEM With Model-Based Data
::http::config -useragent "tm_gather_stats_rest.tcl/1.0" set tok [::http::geturl "http://192.168.1.48/restconf/api/operational/IF-MIB/ifTable?deep" - headers [list "Authorization" [concat "Basic" "XXXX"] "Accept" "application/vnd.yang.data+json"]] if { [::http::error $tok] != "" } { puts "ERROR: Failed to upload stats: '[::http::error $tok]'" exit 1 Call the [HTTP] } RESTCONF URL
set json [json::json2dict [::http::data $tok]] set ifstate [dict get $json {IF-MIB:ifTable}] foreach intf [dict get $ifstate {ifEntry}] { Process the puts "Stats for [dict get $intf {ifDescr}]:" JSON results puts " Input octets : [dict get $intf {ifHCInOctets}]" puts " Output octets : [dict get $intf {ifHCOutOctets}]" }
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 194 Enhance EEM With Model-Based Data (cont.) The JSON Data
Each interface has a similar block in the “ifEntry” list
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 195 Enhance EEM With Model-Based Data (cont.)
Router#event manager run no_gather_stats_rest.tcl Stats for GigabitEthernet1: Input octets : 620425459 Output octets : 543040831 Stats for GigabitEthernet2: Input octets : 886606126 Output octets : 18925926 Stats for GigabitEthernet3: No screen-scraping required Input octets : 191120 ! Output octets : 60 Stats for Tunnel0: Input octets : 235369165 Output octets : 876776359
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 196 And You Can Do It EEM+Python!
::cisco::eem::event_register_none maxrun 45 import eem import requests
headers = { 'Accept': 'application/vnd.yang.data+json’ } r = requests.request('GET', 'https://192.168.1.48/restconf/api/operational/IF-MIB/ifTable?deep', auth=(XXX', XXX'), headers=headers, verify=False)
j = r.json() Including SSL ifstats = j['IF-MIB:ifTable'] for intf in ifstats['ifEntry']: print('Stats for {}'.format(intf['ifDescr'])) print(' Input octets : {}'.format(intf['ifHCInOctets'])) print(' Output octets : {}'.format(intf['ifHCOutOctets']))
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 197 RESTCONF Phase 1 XE 3.17 – 1/2 Common Models Overview
Features Cisco Models IETF Models OpenConfig Models Config Oper
Interfaces ✓ ✓ ✓ IPv4/v6 Policy/QOS (augment) ✓ ✓ ✓ IPv4/v6 ACLs ✓ ✓ ✓ BGP ✓ ✓
OSPFv2/v3 (augment) ✓ ✓ ✓ IPv4/v6 Static Routing (augment) ✓ ✓ ✓ IPv4/v6 RIB (augment) ✓ ✓ ✓ VRF Infra (Part of Routing (augment) ✓ ✓ ✓ Model) MPLS Static ✓ ✓ ✓ VXLAN ✓ ✓ ✓
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 198 RESTCONF Phase 1 XE 3.17 – 2/2 Platform Specific Models Overview
Features Config Oper Features Config Oper Features Config Oper EVPN ✓ ✓* NHRP ✓ ✓* BFD ✓ ✓* VLAN ✓ ✓* PfR ✓ G8032 ✓ FIB ✓ ✓* EIGRP ✓ ✓* MPLS-TE ✓ ✓* WAAS ✓ PCEP ✓ E-OAM ✓ ✓* AVC-NBAR ✓ ✓* Inter-AS ✓ VPLS ✓ ✓* AVC-ART ✓ Bridge Domain / ✓ ✓* ISIS ✓ ✓* EVC ESON ✓ Snort ✓ Golf ✓ LISP ✓ SourceFire ✓ GRE ✓ IPSec ✓ ✓* ZBFW ✓ CFM ✓ ✓* PTV ✓ FNF ✓ Interfaces (all ✓ ✓* DMVPN ✓ ✓* types) (*) Operational data retrieval via NETCONF using MIB & show cmd based YANG models
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 199 NETCONF Is Not Just For XE
• Support for XML-based management has been in NX-OS from day 1
• NX-OS supports get-config, edit-config, as well as a custom RPC, exec-command
• Enabled by default when the feature ssh is configured
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 200 NETCONF on NX-OS: Going From CLI To Models
• The xml, xmlin, xmlout, and json pipeline arguments make getting and understanding data easy
xmlin, showing a NETCONF RPC request
json, xml, showing showing JSON output NETCONF of CLI results
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 201 NETCONF on NX-OS: Going From CLI to Models (cont.)
• The xmlin command allows one to take a CLI session and turn it into NETCONF RPCs
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 202 NETCONF on NX-OS: Going From CLI to Models (cont.)
• The xmlin command allows one to take a CLI session and turn it into NETCONF RPCs
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 203 Interacting With Humans – ChatOps
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 204 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close Interacting with Humans – DevOps Style
his Session IS about:
Using Collaboration Technolgies in SDN Workflows
• This Section IS NOT about:
Using SDN for Collaboration Solutions
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 206 Real-World Example
Example: Dynamic Admission Control
Problem: How to consistently and predictably implement dynamic call admission control (DAC) policies on top of an IP network, across campus and branches, supporting multiple communication and collaboration technologies ?
Solution: Leverage DNA and APIC-EM 2) capabilities to integrate with communication Policy Engine 1) and collaboration controllers CAC Service Topology QoS Netwrapper Adapter Analyzer Adapter 1) Define Admission Control Policies in Netwrapper 2) Integrate with Communication Controllers 3) (Skype4Business, Cisco CUCM, …) 3) Integrate with APIC-EM NIB and Easy QoS Branch Branch 4) Communicate and Operate with predictable QoS and SLA 4)
See: www.italtel.com/products/sdn-monitoring-automation WAN https://marketplace.cisco.com/catalog/companies/italtel-s-p-a/products/netwrapper--2
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 207 Interacting with Humans – DevOps Style
• This Session IS about:
Using Collaboration Technolgies in SDN Workflows
• This Session IS NOT about:
Using SDN for Collaboration Solutions
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 208 Interacting with Humans DevOps Style The Pace of IT – Bimodal IT
Problem: CIOs are challenged to keep running existing IT more efficiently and safely, while enabling business innovation and differentiation at a quickening pace.
Solution: Bimodal IT, enabling developers and enabling governance
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 210 Separation of IT areas and buying centers preventing IT to move at the speed demanded by the business
Focus evolved from Consolidation to Automation and now it’s all about Consumption
Business Owners and App Developers went straight to Public DevOps Cloud to meet agility and demand. Security and Data Sovereignty arise.
Operations become bi-modal – IT governance AND agile business interaction. Shift from “how it works” to “how to consume it”
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Ingredients of Bimodal and Hybrid IT Towards a Network Architecture for Softwarization / Digitization
• Application Centricity
• Programmability • Infrastructure • Controllers API • Services CONTROLLER
• Virtualization
• vAF: Application Functions IT Traditional APIs and Containers • vMF: Management Functions virtual NETWORK-, APPLICATION-, MANAGEMENT- FUNCTIONS
• vNF: Network Functions SWITCHING | ROUTING | WIRELESS
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 212 Interacting with Humans DevOps Style Interacting with Humans
Digitization and Softwarization are about Automated workflows using APIs. Problem: However – many (ad-hoc) workflows involve human interaction. How to quickly, rapidly and easily implement DevOps style human interactions ? twitter.com/EASyDMI
Solutions: Many and growing … • We’ve had tweeting routers for almost a decade with EEM / Tcl • Cisco Spark REST APIs • NeXt UI Framework • Tropo REST API for Voice and SMS interaction • …
www.tropo.com © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – #1 Requirement
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 215 Interacting with Humans – #1 Requirement
Enable
• Rapid Adoption - TTFHW (time-to-first hellow world): Minutes - TTFPP (time-to-first production pilot) : Hours
• Scale and Quality Interaction - with the same skills, technologies, architecture and tooling
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 216 Interacting with Humans DevOps Style Interacting with Humans – NeXt
Problem: How to quickly provide a Graphical UI for network-centric custom SDN/DevOps Applications ?
Solution: NeXt
Embedded User eXperience for Network UIs Web Applications • HTML 5 / JavaScript based
• Open source Topology Component • Developed within Cisco
• Used by APIC-EM, Glance, DNA and others UI Core UI Component/View Engine/DOM/AOP/Application Support • Rapid Adoption developer.cisco.com/site/neXt/ JavaScript Core OOP/MVVM/Data Binding/Data Type
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 218 Real-World Example
Example: Visualizing Multicast
Problem: In a Hospital, Multicast is used for critical Medical Equipment as well as Patient Entertainment and Media – data privacy is a key concern. How to visualize the relevant multicast information? Solution: Harvest information from the network and create custom, augmented displays 1) Collect relevant Topology, Inventory and Host information from APIC-EM NeXt UI Toolkit 2) Augment with Multicast tree(s) 3) Multicast Visualizer App 3) Use NeXt UI to for visual representation 1) 2) 4) Share with operational staff
See: http://www.anyweb.ch http://www.hsr.ch Network
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public NeXt is on DevNet – Try it Out
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 220 Real-World Example
Example: Automotive Supply Chain
Problem: Digitization of the Supply Chain and On-Demand production require manufacturer to reorganize production lines for small batches very frequently – needs to be automated instead of project based.
Solution: Self-Service Portal and ERP Production Managers Integration for Production to dynamically parameterize and consume IT services NeXt UI Toolkit 2) 1) Managed Network Inventory and Policies ERP and 3) Supply Chain 2) Expose self-service Portal to Production Systems 1) Managers via NeXt UI Toolkit.. Network Inventory NOC and Policies Operators 3) Automate standard policies via ERP System integration
Production Floor Network
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public ”NeXt means embedded User eXperience in Network.
NeXt is a HTML5/JavaScript based toolkit for network Web Applications.”
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 224 Multiple Domains Require Visualization Networking IOT/Indoor Navigation Big Data
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 225 Challenge – Scale and Complexity
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 226 Challenge – Variety
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 227 Challenge – Interactivity
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 228 Expanded node
Aggregated node
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 229 TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 230 Select multiple node
Move topology on the screen
Zoom in / zoom out
Zoom by selection
Focus drawing
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 231 It is all open sourced now for free with eclipse license 1.0
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 232 Anatomy of a NeXt UI
• index.html your web page
can be dynamic, no static body elements required • Data.js topology data single topology object, from file or in memroyvar topologyData = { nodes: [ {"id": 0, "x": 050, "y": 100, "name": "65.1.1.46"}, • Shell.js (custom) behavior {"id": 1, "x": 100, "y": 50, "name": "AP7081.059f.19ca"}, {"id": 2, "x": 150, "y": 100, "name": "CAMPUS-Access1"} extend and override for custom behavior ], links: [ {"source": 0, "target": 1}, default functionality is present already {"source": 1, "target": 2} (pan, zoom, select, tooltips, colors, etc) ] };
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 233 Sharing NeXt Code – Client Side JavaScript
NeXt on DevNet • Documentation • Tutorials and Labs • Downloads • Community http://developer.cisco.com/site/neXt/ http://communities.cisco.com/community/developer/devnetlabs/next
Sharing and Running NeXt Examples • Works best on Platforms such as JSFiddle.net or Codepen.io http://codepen.io/collection/nrBeEQ/ http://codepen.io/collection/nMWevE/ http://jsfiddle.net/user/nextsupport/fiddles/ Engage with your peers/users
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans DevOps Style Interacting with Humans – ChatOps
Problem: What if your Ops users are road warriors, managers and remote workers?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – ChatOps
Problem: What if your Ops users are road warriors, managers and remote workers?
Solution: ChatOps – Integrate via Cisco Spark REST APIs and/or Tropo.com
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – ChatOps
Problem: What if your Ops users are road warriors, managers and remote workers?
Solution: ChatOps – Integrate via Cisco Spark REST APIs and/or Tropo.com
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – ChatOps
Problem: What if your Ops users are road warriors, managers and remote workers?
Solution: ChatOps – Integrate via Cisco Spark REST APIs and/or Tropo.com
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – ChatOps
Problem: What if your Ops users are road warriors, managers and remote workers?
Solution: ChatOps – Integrate via Cisco Spark REST APIs and/or Tropo.com
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting With Humans – ChatOps
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 241 Interacting with Humans – Spark
Problem: How to post instant information to a chat room and/or interact?
Solution: Use the Cisco Spark REST APIs • Login to developer.ciscospark.com • Copy Access Token • Query Rooms SPARK_HEADERS = {'Content-type': 'application/json', developer.ciscospark.com 'Authorization': 'Bearer YOUR-ACCESS-TOKEN'} /endpoint-rooms-get.html • Copy Room ID msg = json.dumps({'roomId':SPARK_ROOM, 'text':'Hello Spark'}) • Post q = requests.post('https://api.ciscospark.com/v1/messages', data=msg, headers=SPARK_HEADERS)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 242 Interacting with Humans – Spark import json import requests
SPARK_BASE = 'https://api.ciscospark.com/v1' SPARK_MESSAGE = '%s/messages' % SPARK_BASE SPARK_ROOM = 'Y2lzY29zcGFyazovL3VzL1JPT00vYjAzYjljZjAtYzQ3Ni0xMWU1LWE4MjYtYmJkM2ZlMmU4YjY2' # Get your access token from developer.ciscospark.com # 1) Login [email protected] / C1sco12345 (where X = your POD 1..30) # 2) Copy the Access Token from top-right corner portrait icon # 3) replace YOUR-ACCESS-TOKEN-HERE in the line below
SPARK_TOKEN = 'Bearer YOUR-ACCESS-TOKEN-HERE' SPARK_HEADERS = {'Content-type': 'application/json', 'Authorization': SPARK_TOKEN} msg = json.dumps({'roomId':SPARK_ROOM,'text':'Hello Spark'}) req = requests.post(SPARK_MESSAGE, data=msg, verify=False, headers=SPARK_HEADERS) print('Spark Response: ' + req.text)
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 243 Cisco Spark for Developers
Developer Portal Interactive Docs
24/7 Dev Support Server SDKs https://developer.ciscospark.com/
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 245 Cisco Spark for Developers
‘Your App’ Now with
GET Cisco Collab!
/People POST /Memberships PUT /Rooms DELETE /Messages
/Webhooks
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 246 Spark Platform Common Management
Message Meeting Call Open Platform
Application Integration Partner Services Spark Hybrid Services APIs Interconnect Cloud + Prem
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 247 Simply Communicate Better One Service, One Experience, for Every Employee
1:1 and Team HD Audio File Mobile Desk and Conferencing Messaging in and Video Sharing App Room Devices Virtual Rooms
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 248 Real-World Example
Example: Exploring and Interacting
Problem: How to explore SDN Controllers and DevOps-style Human Interaction?
Solution: Combine a few things: • DevNet Sandbox • APIC-EM in the Sandbox • APIC-EM REST API via Python • Spark REST APIs Then query host information in APIC-EM from a Spark Room
See: https://github.com/CiscoDevNet/spark-webhooks-sample
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 250 Interacting with Humans DevOps Style Interacting with Humans – Tropo www.tropo.com Problem: How to automate Phone Interactions ?
answer(); • Custom logic can be say("Hello World"); hangup(); • cloud-hosted (Scripting API) {"tropo":[ • on-premise (Web API) {"say": "Hello World"} ]} • Rapid Adoption via PHP, Ruby, Python, answer() JavaScript, JSON, Groovy, … say("Hello World") hangup() www.tropo.com/docs/scripting/quickstarts
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Interacting with Humans – Tropo
Example - Simple IVR Readout and Choice
• Create an App in Development Mode
• Script based on QuickStart Examples
• Call in to test (+41 43 508 13 03)
• Evolve ...
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Welcome Aboard ...
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 254 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close Cisco Digital Network Architecture
Cloud Services and Management Network-enabled Applications Policy | Orchestration Insights & Open APIs | Developers Environment Experiences Automation Analytics Automation Principles Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights & Assurance
Open & Programmable | Standards-Based Security & Infrastructure Compliance Physical | Virtual | Programmable | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 256 Cisco Digital Network Architecture
Cloud Services and Management
Policy | Orchestration
Open APIs | Developers Environment
Abstraction & Policy Control Network Data, from Core to Edge Contextual Insights
Open & Programmable | Standards-Based
Physical & Virtual Infrastructure | App Hosting
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 257 Cisco Digital Network Architecture
Cloud Services and Management
Network-enabled Applications Cloud-Level APIs Policy | Orchestration Examples include: Case API, proTACtive, apiconsole.cisco.com, ... Open APIs | Developers Environment
Automation Analytics Controller-Level APIs Abstraction & Policy Control Network Data, Examples include: APIC-EM NB REST API, from Core to Edge Contextual Insights DNA Analytics NB API, ...
Open & Programmable | Standards-Based Infrastructure Infrastructure-Level APIs Examples include: RESTCONF, Open Service Physical | Virtual | Programmable | App Hosting Containers, embedded EEM/Python, ...
Cloud-enabled | Software-delivered
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 258 Agenda
• Introduction
• Embracing the Software Defined Era
• Controller-Level Perspective
• Infrastructure Perspective • Human-Interaction DevOps Style
• Summary
• Resources, References and Close What can DevNet Accelerate Your Journey do for me? as you and your business adopt Programmability and DevOps Practices
Learn Code Inspire
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 262 Helping you on the Journey….
Learn Code Inspire
Technology Tracks DevNet membership Learning Paths 350,000+ 300+ Network DevNet Zone Partners and Growing
Getting Started and API Reference Guides Roadshows & Pop-up Events DevNet Express Sample Applications 1500+ Solutions
Structured Training Community and 250+ “Compatible” eLearning Instructor Led Pay-for Developer Support Network Solutions 40+ DevNet Learning Labs
Cisco Professional Services Developers Certification Program 40+ 9,800+ 2500+ Partners Strong Coming in 2017 Developer Sandboxes 4,400+ Companies
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 263 DevNet Learning Labs
• Self paced learning
• Modular format (modules 10 – 45 min in duration)
• Beginner and refresher content
• Content includes; programming technologies, concepts and APIs
learninglabs.cisco.com
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 264 Join a DevNet Express
“Educate and equip customers and partners to begin leveraging next-generation solution sets – powered by APIs and Programmability.”
DevNet Express Event Team
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 265 Join a DevNet Express
DNA Programmability free flowing step-by-step
Hackathon Instructor-Led • Learn and be inspired Training (ILT) • Meet with Peers Technical • Engage with DevNet Seed Talks • Lead the transformation
Side-by-side • Seed Talks, Hands-On Missions, Exploration Fun, Collaborative and Engaging
See http://hackathon.cisco.com/events Hands-on Missions
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Engage on DevNet Communities
Maximize the value of your keystrokes
If nobody knows you did {x}, did you get all the benefits of doing {x}?
Jeff Atwood, in „How to Stop Sucking and Be Awesome Instead “
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 267 SDN @ CiscoLive 2017 Software-Driven Network Architectures Content Catalog is Live • Analytics • Automation • Programmability Register Today • Virtualization
Highlights Include: www.ciscolive.com/emea/ BRKSDN-nnnn Python 101 for Network Engineers BRKSDN-2935 From Zero to Network Programmability in 90 minutes - APIC-EM, Prime Infrastructure, UCSD, Spark and Tropo BRKARC-3004 APIC-EM: Policy automation with DNA and network automation easy, fast, reliable BRKSDN-1001 Programming Cisco APIC Enterprise Module with visual oriented programming languages BRKSDN-2046 SDN Enabled QoS-A Deep Dive BRKSDN-2066 Service Function Chaining: Programming Your Data and Service Planes BRKSDN-2116 Containers on routers and switches: Run your apps and tools natively on Cisco boxes BRKSDN-3004 DNS-AS - How to use DNS as a Source of Metadata to Identify your Applications for QoS and Beyond... BRKSDN-nnnn Network Automation with the Meraki API
TECSDN-2602 Enterprise SDN: Architectures and Key Concepts TECSDN-3602 Enterprise SDN: Advanced Network Programming - Hands-On Lab TECSDN-3600 APIC-EM: Redefining the Campus and Branch through a policy based controller
LTRSDN-2500 A Practical Look at Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM): Hands-On Lab LTRSDN-2870 Implementing Cloud based virtual managed services with NFV & vBranch © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public Join a Self-Drive Training Audience: Partner/Customer Technical Format: Classroom ILT – 1 day 50% Presentation 50% Lab Language: English Delivery: Cisco Learning Partner 3 delivered in Q1 5 planned for Q2 • Czech Republic, 10th Nov 2016 • UK 14th Nov 2016 • Austria 17th Nov 2016 • Poland 24th Nov 2016 • Switzerland Jan 2017 TBC
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 269 dCloud and Always-On Demos
Several DNA and Enterprise SDN dCloud Demos available for scheduling
NEW: DNA Always-On Demos now open to Partners https://dcloud-cms.cisco.com/demo/cisco- digital-network-architecture-for-partners-v1
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 270 DNA Programmability QuickBet – Overview
• DNA is the Cisco Enterprise SDN Architecture enabling the Digitization/Softwaization Transformation
• Partner Role and Practice need to evolve towards Bimodal-IT and DevOps Style.
• DNA Programmability QuickBet is based on lessons learned from the successful early adopters
• DNA Programmability QuickBet builds Technical Capability Value Proposition and Go-2-Market Demand Generation and Success
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 271 DNA Programmability QuickBet – Milestones
Pre-Requisites A: Technical Enablement Skills, Capabilities, Internal Assessment Use Case, Prototype, ...
DNA Programmability Practice
B: Go-2-Market C: Demand Generation Public presentation and demo, Funnel, Enablement Collateral, public Success Story Value Proposition, Skills, Demo, ...
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 272 Complete Your Online Session Evaluation
• Please complete your Online Session Evaluations after each session • Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt • All surveys can be completed via the Cisco Live Mobile App or the Don’t forget: Cisco Live sessions will be available Communication Stations for viewing on-demand after the event at CiscoLive.com/Online
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 273 Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
TECSDN-2602 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 274 Q & A What will YOU Program First? Thank You