DEVNET-1365 vagrant up for Network Engineers Do it like they do on the Developer Channel! Hank Preston, NetDevOps Evangelist ccie 38336, R/S @hfpreston Cisco Spark Questions? Use Cisco Spark to communicate with the speaker after the session How 1. Find this session in the Cisco Live Mobile App 2. Click “Join the Discussion” 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Agenda • Vagrant 101 • Hands On: Your first vagrant up! • Hands On: Vagrant + Ansible • Discuss: Multi-Node Topologies • How to do it yourself! Lab Preparation Setup your laptop • $ cd ~/code/ciscolive_workshops/devnet-1364 Clone the Repository $ source labsetup.sh • Setup Python Virtual Environment $ ls –l README.md iosxr_example hands_on_1 nxos_example hands_on_2 requirements.txt hands_on_3 venv DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Vagrant 101 Development Environments Made Easy • Open Source Develop Tooling by lab\ $ vagrant init iosxe/16.6.1 HashiCorp lab\ $ vagrant up Bringing machine 'default' up with 'virtualbox' www.vagrantup.com provider... ==> default: Importing box 'iosxe/16.6.1'... • Simple configuration file stored with ==> default: Forwarding ports... code default: 830 (guest) => 2223 (host) default: 80 (guest) => 2224 (host) default: 443 (guest) => 2225 (host) • “easy to configure, reproducible, default: 22 (guest) => 2222 (host) and portable work environments” lab\ $ vagrant ssh csr1kv# • Multi-Platform for both guest and host DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Key Terms and Concepts • lab\ $ ls Vagrantfile Vagrantfile • Configuration file for vagrant lab\ $ vagrant box list centos/7 (virtualbox, 1611.01) • Box ubuntu/trusty64 (virtualbox, 20160323.0.0) • Base images for different individual iosxe/16.6.1 (virtualbox, 0) iosxr/6.1.2 (virtualbox, 0) environments nxos/7.0.3.I6.1 (virtualbox, 0) • Provider lab\ $ vagrant status Current machine states: • Virtualization technology used by vagrant default running (virtualbox) • Default is VirtualBox, many other supported DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Vagrant Commands • vagrant init box name • vagrant box list • Initialize a new Vagrantfile in a directory • Display list of available boxes • vagrant up / halt / destroy • vagrant status / global-status • Start, stop, and delete an environment • Display current status of environments • vagrant resume / suspend lab\ $ vagrant suspend • Pause and restart an environment ==> default: Saving VM state and suspending • vagrant ssh [machine] lab\ $ vagrant resume • Connect via SSH to a running environment ==> default: Resuming suspended VM... • vagrant port lab\ $ vagrant port 830 (guest) => 2223 (host) • View the nat’d ports for the environment 22 (guest) => 2222 (host) • vagrant provision lab\ $ vagrant ssh • Re-run configured provisioner (eg Ansible) csr1kv# DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 Vagrantfile Basics (for Network Devices) # -*- mode: ruby -*- # vi: set ft=ruby : Vagrant.configure("2") do |config| # Every Vagrant development environment requires a box. You can search for # boxes at https://atlas.hashicorp.com/search. Box Name config.vm.box = "iosxe/16.6.1" config.ssh.insert_key = false Don’t insert Vagrant public key. Recommended # Create a forwarded port mapping which allows access to a specific port # within the machine from a port on the host machine. config.vm.network "forwarded_port", guest: 830, host: 2223, id: "netconf" Forward local ports for config.vm.network "forwarded_port", guest: 80, host: 2224, id: ”http" API/App access. config.vm.network "forwarded_port", guest: 443, host: 2225, id: "restconf-ssl" SSH is forwarded by default # Create a private network, which allows host-only access to the machine # using a specific IP. config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false Create environment config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false networks. end ”eth1” connected to host by default Note: Vagrant Boxes can include default settings * Simplified and edited sample DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Hands On 1: Your first vagrant up! Initialize your Vagrantfile • View available boxes lab\ $ cd hands_on_1/ • Initialize new Vagrant File hands_on_1\ $ vagrant box list hands_on_1\ $ vagrant init iosxe/16.06.02 hands_on_1\ $ open Vagrantfile DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Let’s add more interfaces! • Open Vagrantfile • Add 2 Interfaces to Configuration • Specific positioning in file is irrelevant • * Must be within |config| block * Simplified and edited sample Vagrant.configure("2") do |config| config.vm.box = "iosxe/16.6.1" # Create a private networks config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false end or cp Vagrantfile.solution Vagrantfile DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Start a Vagrant Environment • Start environment hands_on_1\ $ vagrant up hands_on_1\ $ vagrant ssh • Connect to running switch DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15 Explore the Vagrant Environment • # Run from Vagrant Environment (ie vagrant ssh) Baseline Configurations csr1kv#sh run aaa • Logins – User / Cert csr1kv#sh run | sec pubkey-chain • APIs • Interfaces csr1kv#show run int Gig1 csr1kv#sh run | inc conf • Make an API Call # Exit from Vagrant Environment hands_on_1\ $ python netconf_example1.py DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Do some configuration • Configure interface details on hands_on_1\ $ python netconf_example3.py GigabitEthernet2 using . NETCONF . <?xml version="1.0" encoding="UTF-8"?> • Verify <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="urn:uuid:6e622605-29d8-=" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0"> <ok/> </rpc-reply> hands_on_1\ $ vagrant ssh csr1kv#sh ip int bri Interface IP-Address GigabitEthernet2 10.255.255.1 DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17 Build a new Base Box Template • vagrant up and customize hands_on_1\ $ vagrant halt -f hands_on_1\ $ vagrant package \ • vagrant halt -f to shut down --output Custom_IOS_XE.box \ --vagrantfile embedded_vagrantfile_xe • vagrant package to build new hands_on_1\ $ vagrant box add iosxe/custom1 \ box Custom_IOS_XE.box • Include default Vagrantfile to ease use hands_on_1\ $ mkdir custom_box hands_on_1\ $ cd custom_box • vagrant box add to make hands_on_1\ $ vagrant init iosxe/custom1 available DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Review Sample Embedded Vagrantfile Vagrant.configure(2) do |config| config.vm.synced_folder '.', '/vagrant', disabled: true # Give IOS XE 400 seconds to come up config.vm.boot_timeout = 400 # Port 830 is XE NETCONF config.vm.network :forwarded_port, guest: 830, host: 2223, id: 'netconf', auto_correct: true # Port 80 is XE HTTP config.vm.network :forwarded_port, guest: 80, host: 2224, id: 'http', auto_correct: true # Port 443 is XE RESTCONF / SSL config.vm.network :forwarded_port, guest: 443, host: 2225, id: 'restconf-ssl', auto_correct: true config.ssh.forward_agent = true config.ssh.guest_port = 22 config.ssh.insert_key = false config.vm.guest = :other # turn off the check if the plugin is installed if Vagrant.has_plugin?("vagrant-vbguest") config.vbguest.auto_update = false end . end * Simplified and edited sample DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 Destroy Hands on Demo 1 • Destroy this environment hands_on_1\ $ vagrant destroy DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Hands On 3: Provisioning Come on... Really “vagrant ssh” and “config t”?!? • “Infrastructure as Code” dictates entire configuration in code • Building multiple box versions for variations = template sprawl • Human error in manual configurations • There has to be a better way… DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 Vagrant Provisioners • Vagrant.configure("2") do |config| Run with vagrant up # ... other configuration • Install software config.vm.provision "shell" do |s| s.inline = "echo hello" • Alter configurations end end • Run commands/code • Types • Shell, Ansible, Puppet, Chef, Docker, Salt, CFEngine… DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 Hands On 3 Directory • Move to Hands On 3 hands_on_1\ $ cd ../ lab\ $ cd hands_on_3/ hands_on_3\ $ ls • Start the “vagrant up” process now Vagrantfile so it runs while we discuss host_vars hosts ansible_provision.yaml netconf_interface_template.j2 hands_on_3\ $ open Vagrantfile hands_on_3\ $ vagrant up DEVNET-1365 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 hands_on_3/Vagrantfile Vagrant.configure("2") do |config| # Every Vagrant development environment requires a box. You can search for • Specify provisioning details # boxes at https://atlas.hashicorp.com/search. in the file config.vm.box = "iosxe/16.06.02" # Create a private network, which allows host-only access