Sean Cavanaugh Technical Marketing Manager Red Hat Ansible Automation seanc@redhat.com

Ansible 101 on Cumulus Linux

Pete Lumbis Senior Technical Marketing Manager Cumulus Networks plumbis@cumulusnetworks.com

+

WHAT WE’RE TALKING ABOUT TODAY

Ansible Network Automation Updates Ansible Automates Ansible Workshops Ask an Expert - Oct 25 Cumulus Linux 101 Q/A

Ansible Network Automation Updates

ansible.com/blog ●  The httpapi connection plugin ●  New network modules ●  Tower Updates

For more information or to register visit: ansible.com/automates

Santa Clara, CA

October 18, 2018

Nashville, TN

October 25, 2018

Tampa, FL

November 14, 2018

For more information or to register visit: ansible.com/workshops

Atlanta, GA

October 18, 2018

Portland, OR

November 6, 2018

Houston, TX

November 7, 2018

NETWORKING WORKSHOP NETWORKING WORKSHOP NETWORKING WORKSHOP

Ask an Expert - Thu, Oct 25, 2018 2PM EDT

https://www.ansible.com/webinars

Pete Lumbis – CCIE #28677, CCDE 2012::3

Introduction to Ansible + Cumulus

Cumulus Networks Technical Marketing Engineer

Network Disaggregation

Cisco

Arista

Juniper

App App App

Network OS

Open Hardware

Cumulus NetQ

Network Operating SystemCumulus Linux

CUMULUS LINUX

CLI Layer 2 and 3 Automation

Reliable Software - Cumulus Linux Network OS

Switch Silicon

Front Panel Ports

Industry-Standard Hardware

FanPowerCPU FlashRAM

Ansible with Cumulus vs Legacy Vendors

Ansible host runs locally Pushes outputs to each node Scale-up model

Ansible runs distributed Fast, highly scalable Each node runs native Ansible Modern DevOps scale-out model

Cisco/Arista/Juniper

Cumulus Linux

Ansible: Built for Linux

●  Ansible was built for Linux on Day 1

●  Hundreds of Linux Modules

●  Cumulus Linux is Linux ○  No special API or license for automation

●  Ansible on Cumulus == Ansible on Linux ○  Tutorials ○  Documentation ○  Facts ○  Modules

Cumulus Configuration Overview

●  Layer 1 and 2 ○  Debian/Ubuntu Interfaces File

■  /etc/network/interfaces ○  Manages IPs, VLANs, MTU

●  Layer 3 ○  Routing Application FRR

■  /etc/frr/frr.conf ○  Manages BGP, OSPF, EVPN

●  Built-in full CLI

●  Tab Completion

●  Idempotent

●  Writes to Linux files ○  Easily mix and match modes

The Linux Way Cumulus Command Line (NCLU) Automation

Friendly Human

Friendly

My First Playbook

●  Translate network config to Ansible

●  Push straight commands using command module

●  Cumulus NCLU keeps it idempotency, not Ansible

My First Playbook - Hosts

Who?

My First Playbook – Become (root)

become root

My First Playbook - Tasks

What to do?

Idempotency?

●  Only do something if required

●  If nothing changed, do nothing

●  Otherwise, set it to what’s expected

●  Examples ○  File transfer ○  Configuration change ○  Reset a BGP peer ○  Install software

What’s a Module?

●  Python code that does “stuff” ○  Abstracts complexity ○  Manages idempotency ○  Copy files, create users, install software

●  Many built in modules ○  docs.ansible.com

●  Build your own ○  It’s Open Source!

●  Cumulus relies on stock Linux modules ○  Used on tens of thousands of Linux servers

Module Example

●  “user” module ○  Provided username, settings

●  Figures out how to create the user

●  Only does it once

Sidebar: Ad Hoc Commands

●  “Run Once” commands ○  ansible-a

●  Check an entire network at once

●  Apply simple changes across a network

Kick It Up a Notch: Vars

●  Vars - Variables ○  Inputs from flat file or IPAM (Infoblox, Netbox, etc) ○  Allows for templates and standard settings

■  -name:Configureinterface■  command:netaddinterface{{interface_name}}

○  Key to DRY – Do Not Repeat Yourself ■  Use variables instead of repeating commands

○  Ansible includes “magic” variables called “facts” ■  i.e., Hostname, OS, interface names, CPU ■  View with “ansible<device>-msetup”

Kick It Up a Notch: Roles

●  Role – A multi-step function or set of functions ○  Best practice: define roles by component actions

■  Interfaces, Routing, AAA ○  Roles can have their own vars and tasks

■  Ansible looks for folders named “vars” and ”tasks” ○  Roles are applied to nodes or groups of nodes

Kick It Up a Notch: Roles

●  Role – A multi-step function or set of functions ○  Best practice: define roles by component actions

■  Interfaces, Routing, AAA ○  Roles can have their own vars and tasks

■  Ansible looks for folders named “vars” and ”tasks” ○  Roles are applied to nodes or groups of nodes

Kick It Up a Notch: Roles

●  Role – A multi-step function or set of functions ○  Best practice: define roles by component actions

■  Interfaces, Routing, AAA ○  Roles can have their own vars and tasks

■  Ansible looks for folders named “vars” and ”tasks” ○  Roles are applied to nodes or groups of nodes

Kick It Up a Notch: Roles

●  Role – A multi-step function or set of functions ○  Best practice: define roles by component actions

■  Interfaces, Routing, AAA ○  Roles can have their own vars and tasks

■  Ansible looks for folders named “vars” and ”tasks” ○  Roles are applied to nodes or groups of nodes

Kick It Up a Notch: Roles

●  Role – A multi-step function or set of functions ○  Best practice: define roles by component actions

■  Interfaces, Routing, AAA ○  Roles can have their own vars and tasks

■  Ansible looks for folders named “vars” and ”tasks” ○  Roles are applied to nodes or groups of nodes

Static

Vars

Quick Recap

●  Hosts – who to act on

●  Tasks – what to do to the hosts

●  Vars – variables to plug into tasks

●  Roles – common grouping of tasks

Ansible Master Class - Jinja Templates

●  Jinja2 templating language ○  Not Ansible specific, originated in web development

●  Very powerful ○  But complex

●  Uses vars to build configurations

●  Ansible template module turns variables into files

●  Loops for even more power

Beyond Configuration

●  Ansible’s power is endless ○  Pairs perfectly with Cumulus Linux

●  Manage security policies ○  Enforce global standards ○  Ad hoc compliance check

●  Simple network troubleshooting ○  Can everyone ping the internet?

●  Software Updates ○  OS Software + Monitoring packages with apt module

Try it on your laptop

●  Cumulus Virtual Experience (Vx) ○  Free, full featured, VM

○  <1G RAM/instance

○  Virtual copy of physical datacenter

○  Integration with DevOps tools like Vagrant

Cumulus Networks Confidential

cumulusnetworks.com/vx

Try it in the Cloud

https://cumulusnetworks.com/try-for-free/cumulusnetworks.com/citc

Cumulus in the Cloud is a virtual data center where you can try open networking for free and evaluate the latest innovations from Cumulus Networks.

Cumulus in the Cloud

Get started

Thank you! Visit us at cumulusnetworks.com or follow us @cumulusnetworks

© 2018 Cumulus Networks. Cumulus Networks, the Cumulus Networks Logo, and Cumulus Linux are trademarks or registered trademarks of Cumulus Networks, Inc. or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a

world-wide basis.

33

Q / A ansible-network@redhat.com

github.com/network-automation

facebook.com/ansibleautomation

twitter.com/ansible

+