161027 net opscoding-junos-automation
TRANSCRIPT
1 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
JUNOS AUTOMATION その1~OVERVIEW & PYEZ~Regional PLM/TME 塚本 広海 2016/10/27
NetOpsCoding #4
2 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
LEGAL STATEMENT
This statement of direction sets forth Juniper Networks’ current intention and is subject to change at any time without notice. No purchases are contingent upon Juniper Networks delivering any feature or functionality depicted in this presentation
3 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
ジュニパーネットワークス
SECURITYSWITCHINGROUTING
PERFORMANCE
AUTOM
ATION
4 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
THE NEXT TRANSFORMATION IN NETWORKING
TCP/IP
EARLY 1980’S LATE 1990’S TODAY
PACKET FORWARDING ENGINE AUTOMATIONONLINE POPULATION:Tens of Thousands ONLINE POPULATION:Hundreds of Millions ONLINE POPULATION:Billions
5 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
6 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
AUTOMATION - CATEGORY
Domain Automation
Network Automation
Platform Automation <SLAX>
7 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
AUTOMATION – WW USER PYRAMID
SP Tier 1SP Tier 1SP Tier 2/3SP Tier 2/3
ENT – FinancialENT – FinancialENT – Federal/PublicENT – Federal/Public
ENT – StrategicENT – StrategicENT – Other EnterprisesENT – Other Enterprises
OTT Web 2.0
API/programmable積極的開発
開発消極的シンプルなツール活用
8 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
DCDCEdgeCoreEdge
AUTOMATION - DOMAIN
AccessAggregation
9 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
DCDCEdgeCoreEdge
JUNIPER AUTOMATION DOMAIN & MANAGEMENT
AccessAggregation
Security DirectorNetwork Director
Connectivity Services DirectorEdge Services Director
Northstar ControllerNorthstar Controller ContrailContrail
Contrail Service Contrail Service Orchestrator オンボックス & オフボックスオートメーションの提供
SPACE
10 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
11 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
Programmable Interface(API)Structured operation data(JSON,XML)Device configuration in structured format(JSON,XML)Atomic configuration changesConfiguration RollbackConfiguration ReplaceConfiguration DiffSupport for industry-standard models (IETF, OpenConfig)
NETWORK AUTOMATION RFP REQUIREMENTS
All Pass : JUNOS
12 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
JUNOS AUTOMATIONSTACK
13 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
Data Plane (PFE)Chassis
XML-RPC
NETCONF JunoscriptSNMPRO
Junos Platform Automation Stack
PyEZ Framework
AnsiblePythonScriptsPythonScripts Salt*
RubyEZ Library
PuppetRubyScriptsRubyScripts Chef
Python / SLAX
CLIRA*CLIRA*JSNAPJSNAP
THRIFT
JET API
REST CLIjVisionSensor
JUNOS AUTOMATION STACK
14 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
STAGES OF AUTOMATION IN NETWORKING構築
設定運用
15 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
PROGRAMMATIC CONTROL & AUTOMATION構築 設定ZTP
運用
NetconifyOpenClos
OpenConfigNetconf/Restful
PyEZ
Ansible
PuppetChefAnsible
OpenConfigJunos Telemetry
NetconfMessage Bus
JSNAPJunos Script
PyEZ
16 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
シンプルにJUNOSを操作するオープンソース Pythonライブラリ”Built for the networking engineer”
PyEz
17 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
PYTHONEZ FRAMEWORK
Build Simple to Complex Applications
IT FrameworksPython Shell Python script Custom Applications
Open Source – Maintained by CommunityNETCONF Client (NCCLIENT)NETCONF TRANSPORT ONLY VENDOR AGNOSTIC NO ABSTRACTIONS
Open Source – Maintained by Juniper
"snippets"(no variables)
"templates"(merge variables)Resources Tables
Configuration Changes Operational StateJunos Python EZ (Junos PyEZ)
JUNOS SPECIFIC ABSTRACTION LAYER MICRO-FRAMEWORK
Views
18 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
情報取得設定変更OSユーティリティマネージメントユーティリティ
• 事前定義された基本情報 facts• YAML定義のTable and View• RPCによるshowコマンド• Config ASCII text, junos setコマンド, XML, • Jinja2 Template objectsテンプレートベース• OS インストール、再起動、シャットダウン etc• コンフィグ比較、レスキューコンフィグ、コンフィグ変更のアップetc
PyEZ でできること
19 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
少ないコード数で簡単にRaw python – 48行 PyEz– 7行
show version取得 – factsサンプル-import paramikoimport socketimport timeimport sys
ssh = paramiko.SSHCient()ssh.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
CLOSE = """<rpc><close-session/>
</rpc> """
SOFT_ADD = """<rpc><get-software-information/>
<rpc/>"""
socket = socket.socker(socket.AF_INET,socket.SOCK_STREAN)socket.connect(("10.10.11.129",830))
trans = paramiko.Transport(socket)trans.connect(username="xxx", password="xxx")
#CREATE CHANNEL FOR DATA COMMch = trans/open_session()name = ch.set_name('netconf')
#Invoke NETCONFch.invoke_subsystem('netconf')
#SEND_COMMANDcf.send(SOFT_ADD)
#Receive data returneddata = ch.recv(2048)while data:data = ch.recv(1024)print data,if data.find('</rpc-reply>') == 0:#we have reached the end of replych.send(CLOSE)
ch.close()trans.close()socket.close()
from jnpr.junos import Devicefrom jnpr.junos.op.routes import RouteTabledev = Device(host='10.0.0.243', user='vsrx', password='srx123', port='22')dev.open()print(dev.facts)
20 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
1. JUNOS verup
2. Config変更(setコマンド読込)
3. Routing table情報(Table and View活用)
PyEzサンプル
21 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
ユースケース1:誰でも使えるWEBアプリ
機器の一覧表示と、showコマンド等の実行設定一括投入
OSインストール
サポート情報(RSI)取得結果の一覧OSイメージ管理
• 誰でも簡単に情報取得が可能。• Vlan追加などの定型設定追加など。
22 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
ユースケース2 : ノード追加時の設定テンプレートsystem {host-name switch-14-02-42-01;domain-name mycorp.net;backup-router 10.176.31.1 destination 10.0.0.0/8;time-zone America/Los_Angeles;}
Junos Configuration
system {host-name ${Hostname};domain-name mycorp.net;backup-router ${BackupRouter}¥destination 10.0.0.0/8;time-zone ${TimeZone};}
Config Template
Template Repository
Expert1.
新規ノード
Hostname: NEW-NODEBackupRouter: 10.176.31.2TZ: Tokyo/Japan
新ノード情報
エキスパートが商用Configを作成
JINJA2テンプレートでtemplateを作成
新規ノード追加時、テンプレートと固有情報からConfigを簡易に生成
1
2
3Non-expert
2.
3.
23 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
ユースケース3:外部システム連携Security Routing Switching
24 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
CUSTOMER AUTOMATINGHISTORICAL Currently In the future…Monitoring特定箇所の監視
Installationコンソールの解放 Upgrades設定追加
Provisioning繰返しからの解放
This slide is not an accurate description of all our customers as we have customer who do not automate at all and others who live in a culture where everything should be automated. This slide is meant to show trends and where the tipping point in automation is at today.
Orchestrationドメインの拡大
DevOps即時評価&展開
Autonomous自己回復,予兆検知
25 Copyright © 2016 Juniper Networks, Inc. www.juniper.net* Based on queries posted by their employees on Google Group
PyEZ users*
26 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
PyEZリファレンスGithub : Pyez-examples O’REILLY Book
https://github.com/vnitinv/pyez-examples
Google groupJunos Python EZ
http://forums.juniper.net/t5/Automation/Where-can-I-learn-more-about-Junos-PyEZ/ta-p/280496
TechWiki YoutubePythonEZ (PYEZ) – BasicsJuniper doc
27 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
SUMMARY
JUNIPER ♥ Automation & NetOps
活用事例やJunos automationの期待など意見交換、発表 お願いします
28 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
イベント告知
OpenContrail Meet-Up
12月初旬に実施予定LT募集
29 Copyright © 2016 Juniper Networks, Inc. www.juniper.net
END