Upload
cisco-devnet
View
428
Download
6
Embed Size (px)
Citation preview
Device Programmability with Cisco Plug-n-Play Solution
Bhaskar Bhattacharjee, Manager, Software DevelopmentDEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 2DEVNET-2052
• Introduction
• Network Deployment Challenges
• Introducing Cisco Plug-n-Play Solution
• Deployment Use Cases
• Zero Touch Server Discovery
• Embedded Agent Capabilities
• Protocol Definition
• Cisco Plug-n-Play on DevNet
• Programmability with Tcl
• Conclusion
Agenda
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 3DEVNET-2052
Introduction
• Cisco is committed to provide a deployment solution to reduce customer OPEX which,• provides a zero touch device provisioning experience• can interoperate with multiple management applications• has built-in rich features for provisioning and monitoring• uses standard protocols, opens up the APIs, and makes the solution developer friendly
0
100%
Source: ForresterCAPEX OPEX
33% 67%• Device deployment is mostly manual and
complex
• Each year customers spend high OPEX on device deployments
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 4DEVNET-2052
Network Deployment Challenges
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Network deployment – Challenges
Direct Costs•Shipping •Travel costs
Complexity•Config errors•Different products / processes
Security•3rd party not secure•Rogue devices
Time/Productivity•Manual process •Shipping , Storage, Travel
Today’s Process Business Challenges
Site-1
Central Staging facility• Install OS• Install base config
Installer
Re-Ships equipment
Cisco
Site-2 Site-3
Reseller/Partner
Ships Ships
Deployment Sites
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Need to ask the right questions
Which steps can I eliminate?
Can Zero-touch Solutions help?
Is Pre-staging really necessary?
Without pre-staging, how do I ensure security ?
What about Post-deployment operations? – should I consider SDN?
Can I avoid truck-rolls due to misconfigurations?
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Bringing it all togetherOne Solution to bind them all!
Smart Install
Auto Install
CNS
Config / Image Download
APIC EM / NSO / ODL Integration Security Open Protocol More….
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Network deployment – Proposed
Fully Automated•No CLI •No Expert Installer
Programmable•Fix rich services•Well defined APIs to customize
Security Built-In•Secured server-agent transactions•Rogue device detection (SUDI)
Time/Productivity•Faster deployments •Real time error detection and RMA
Cisco Plug-n-Play Key benefits
Site-1
NOC
Installer
Cisco
Site-2 Site-3
Cisco ships direct to the deployment site
Cisco PnP Protocol
Deployment Sites
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Introducing Cisco Plug-n-Play Solution
9DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Cisco Plug-n-Play Solution Components
Cloud Hosted Redirection ServiceWeb hosted app on cisco.com to help discover
customer specific Plug-n-Plug server
Plug-n-Play Server AppA centralized server that manages the network
devices for images, configurations, files, licenses, etc.
PnP Helper ApplicationsApplications on smart phones and personal computers
that facilitates to deliver boot strap configuration as needed
PnP AgentAn embedded agent that runs on the Cisco devices to automate deployment process
Plug-n-Play protocolProtocol used between the
Agent and the PnP server. This is an open schema allowing
third-party development of PnP servers
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Key Benefits of Cisco Plug-n-Play Solution• Fully automated network device install
• No CLI needed. No manual intervention. No touching required.• No experienced network admin needed on site
• Security built in• Configurations passed to device with secure transport• Rogue device detection
• RMA: Automated device replacement
• Customizable• Customers can adapt the solution to fit their needs
• Not Cisco Proprietary• Protocol is open and based on HTTP• Based on Publically available schema
• Final and Unique configuration delivered to every device
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
PnP Server in NOC
PnP Server
Install Location
Day 0: New device is pre-provisioned in PnP Server with image & config details
Day 1: PnP server authenticates the device. A secure communication channel is created
Day 1: PnP server sends configuration, image, licenses and files to the device
Day 1: Device reloads executes post install actions (script or CLI)
Device- DatabaseUDI: AF34P7Dev. Info.
license
config
image
Day 1: Installer connects the network cables and powers on the device.Day 1: Device discovers PnP server and sends it’s SUDI certificate
1
2
3
4
5
6
Day 1: Install success/failure notifications are sent by the PnP server as needed. 7
Cisco PnP: Device Communication Flow
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Deployment Use Cases
13DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Use Case 1 : Greenfield Branch Deployment
Pre Provision Projects/Sites• Policies• Match Rules • Configs/Image• IP Addressing
Network Admin
Installer
Day 0
Day 1Day 1
PnP Server
Network Admin
InternetDeliver bootstrap
IT Admin remotely monitors status of install while in progress.
PnP Server site Device list
Installer on site• Mount and cable
devices • Power-on
PID Serial # Hostname IP address
ISR-2951 FOX23zxcd ISR-main 192.168.15.1
ISR-2951 FOX23zxcb ISR-bakcup 192.168.15.2
C3850 FOC123dfg Dist1 192.168.16.3
C3560C FOC443asd ACC-sw1 192.168.16.4
C3560C FOC443asa ACC-sw2 192.168.16.5
C3560C FOC443asg ACC-sw3 192.168.16.6
C3560C FOC443asx AC-sw4 192.168.16.7
Booting devices contact PnP Server requesting instructions
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Use Case 2 : Campus - Site Bring-up
Installer
Remote Installer• Mount and cable
devices • Power-on
Day 1
PnP Server
Campus – Bldg-1
Campus – Bldg-2
Pre Provision Projects/Sites• Policies• Match Rules • Configs/Image• IP Addressing
Network Admin
Day 0
Network Admin remotely monitors status of install while in progress.
Booting devices call out to PnP Server, requesting instructions
Day 1
Campus – Bldg-3Campus – Bldg-4
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Mark Device for RMA• Use Inventory to find
devicePnP Server waiting for replacement deviceOpens TAC Case
Network Admin
Day N
Use Case 3 : Branch - Zero-touch RMA
Asst. Branch Mgr.• Removes old device.• Mount and cable
replacement device• Power-on
Day N+1
No replacement Pre Provisioning
1. Zero-touch RMA based on neighbor table
• PnP Server maintains neighbor info.
• Applies same image/config to new device
OR
2. Serial Number match• Incoming Switch SR#
configured as replacement device
• Image/Config applied to new device
Note: PID must match!
Cisco ships replacement
PnP Server
Internet
Asst. Branch Mgr.
At Branch, • No Bootstrap config• No CLI• App optional
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Use Case 4: Old version support w/ SMI Proxy
• “SMI Proxy” runs on the Device with PnP Agent.
• “SMI Proxy” Translates SMI to PNP• Represents SMI Client to the PnP Server
• “SMI Proxy” must be explicitly enabled.
• PnP Server can manage Legacy IOS images on Catalyst switches
• Catalyst 3k/4k with minimum IP Base support SMI Proxy
Internet
ISR: Agent enabled
3850: Agent enabledSMI Proxy enabled
SMI clients
Smart Install protocol
PnP ProtocolOn http
Translation layer
APIC EM Server
SMI Proxy
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Zero Touch Server Discovery
18DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Cisco Plug-n-Play: Deployments Done Zero Touch Way
DHCP server
Cloud based PnP Server
Local PnP Server
DNSServer
DNSServer
DHCP server based
DHCP option 43/60 = PnP
server address
DHCP + DNS server
Cloud based PnP server
Mobile Helper device
Name Lookuppnpserver.
localdomain.com
Cloud Redirectiondevicehelpercisco.com
Mobile app connects to PnP server over WAN to distribute bootstrap config
Gateway
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
DHCP Based Discovery
DHCP Server PnP Server
New device is powered on
Device receives PnP server specific metadata info configured in DHCP option 43
1
2
Device validates server’s location and establishes a communication with the server
3
Assumptions:• New devices can reach DHCP server• Customer is willing to configure DHCP server for network devices
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Option 43 Discovery With Linux DHCP Server Configuration
Configure the Linux DHCP server with thePnP-specific option 43
sudo apt-get install isc-dhcp-serversudo vi /etc/dhcp/dhcpd.conf
default-lease-time 600;max-lease-time 7200;option space CISCO_PNP;option CISCO_PNP.pnpserver code 43 = string;
option subnet-mask 255.255.255.0;option broadcast-address 10.30.30.255;
subnet 10.30.30.0 netmask 255.255.255.0 { range 10.30.30.2 10.30.30.255;}class “ciscopnp" { match if option vendor-class-identifier = "ciscopnp"; option vendor-class-identifier "ciscopnp"; vendor-option-space CISCO_PNP; option CISCO_PNP.pnpserver "5A;B2;K4;I172.19.210.215;J80";}service isc-dhcp-server start
Pre-provision the DHCP server with: IP address Option 43
Network Admin
DHCP Server
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Option 43 Discovery with IOS DHCP Server Configuration
ip dhcp excluded-address 10.1.1.1!ip dhcp pool pnp_device_pool network 10.1.1.0 255.255.255.0 default-router 10.1.1.1 option 43 ascii "5A1D;B2;K4;I172.19.210.215;J80"!
A localized, Cisco IOS® Software-based DHCP server with the PnP-specific option 43
Pre-provisionDHCP Server IP address Option 43
Network Admin
Cisco® IOS DHCP Server
The sample configuration uses 10.1.1.0/24as the DHCP pool
The DHCP server IP is 10.1.1.1 DHCP option 43 is set with 172.19.45.222
as the PnP Server IP address
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 23DEVNET-2052
Mar 30 01:31:05.441: PNPA-discovery: Info: Checking if PnP discovery should startMar 30 01:31:05.441: PNPA-discovery: Info: PnP discovery process is not runningMar 30 01:31:05.441: PNPA-discovery: Info: Started PnP Discovery Process, pid=446Mar 30 01:31:29.156: PNPA-discovery: Info: Startup config does not existsMar 30 01:31:29.156: PNPA-discovery: Info: Initiating PnP discovery managerMar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.inp=[K4;B2;I172.19.210.215;J80]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.K4.htp=[ transport http ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.B2.s12=[ ipv4 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.Ix.srv.ip.rm=[ 172.19.210.215 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.Jx.srv.rt.rm=[ port 80 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdoop.1.ztp=[pnp-zero-touch] host=[] ipad=[172.19.210.215] port=80Mar 30 01:33:06.984: %PNPA-DHCP Op-43 Msg: Command = pnp profile pnp-zero-touch, Return code = 0Mar 30 01:33:07.999: %PNPA-DHCP Op-43 Msg: Command = transport http ipv4 10.10.10.13 port 80 , Return code = 0Mar 30 01:38:12.958: PNPA-discovery: pnpa_disc_dhcp_option_43: Port is 80Mar 30 01:38:12.958: PNPA-discovery: pnpa_validate_port_type: Port is 80Mar 30 01:38:12.958: PNPA-discovery: Info: PnP server discovery was successfulMar 30 01:38:27.991: PNPA-discovery: Info: PnP profile configuration was successfulMar 30 01:38:27.991: PNPA-discovery: Info: PnP discovery process was successfulMar 30 01:38:27.991: PNPA-discovery: Info: Exitting PnP Discovery Process...
Sample console debug logs from DHCP based discovery
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 24DEVNET-2052
pnp profile pnp-zero-touch transport http ipv4 172.19.210.215 port 80
Sample PnP configuration on the device from DHCP based discovery
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
PnP Snooping
DHCP Server PnP Server
New device is powered on
DHCP server sends packet
1
2
Device validates server’s location and establishes a communication with the server
4
Assumptions:• New devices can reach DHCP server• Customer is NOT willing to configure DHCP server for network devices• Upstream SW is configured to snoop DHCP
Upstream device intercepts DHCP packet and adds PnP server specific metadata info by adding option 43
3
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
<snooping> <enableSnooping> <serverIp>172.19.210.215</serverIp> <profileName>pnp_profile</profileName> <vlanId>1</vlanId> <trustedInterfaces> <interfaces>GigabitEthernet1/0/1</interfaces> <interfaces>GigabitEthernet1/0/3</interfaces> </trustedInterfaces> </enableSnooping> </snooping>
Sample PnP message to enable PnP snooping on the upstream switch
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
DNS Based Discovery
DHCP Server PnP Server
New device is powered on
Receives domain name of the network
1
2
Device establishes a communication with the server4
Assumptions:• New devices can reach DHCP server• Customer deployed PnP server in the network with the name “pnpserver”
Device reads domain name and creates predefined PnP server name such as pnpserver.cisco.com and looks it up on the DNS server
3
DNS Server
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
DNS Discovery Configuration
sudo vi /etc/dhcp/dhcpd.conf
default-lease-time 600;max-lease-time 7200;
option subnet-mask 255.255.255.0;option broadcast-address 10.30.30.255;option domain-name-servers 10.30.30.1;option domain-name “cisco.com";
Configure the Linux DHCP server for adomain name (DNS)
subnet 10.30.30.0 netmask 255.255.255.0 { range 10.30.30.2 10.30.30.255;}service isc-dhcp-server start
Network admin configures the DHCP server to a server domain name
Network Admin
DNS Server
DNS Server should be configured to map pnpserver.cisco.com to 172.19.210.215
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Web Service API to Cisco CloudNew device is powered on
Device reaches out to the Cisco cloud service using a well known URL as shown on the right
1
2
Device establishes a communication with the server4
Assumptions:• New device has internet connectivity (from the ISP)• Cisco cloud server URL is hard coded to https://devicehelper.cisco.com
Cloud service verifies the devices and points to the right PnP server at the customer premises
3
PnP Server
https://devicehelper.cisco.com
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
PnP Mobile AppDevice in a branch or satellite location gets powered on
Installer plugs in laptop/smart phone to the device to auto bootstrap the device
1
2
Assumptions:• New device is the first device to be deployed and has no internet connectivity
Device gets configured to establish a communication with the PnP server
4
PnP Server
Installer
Mobile App collects device info, sends it to the server over 3G/4G/Wifi to verification, and receives the right bootstrap configuration for the device
3
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Embedded Agent Capabilities
31DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Cisco Plug-n-Play Agent Services• Use case driven capabilities built within the agent to perform end-to-end
operations• Image Install Service• Configuration Upgrade Service• License Management Service• Tcl Script Execution Service• Certification Install Service• Configuration CLI Service
Single Chassis Cat3750High Availability Cat4500 9 Member Stacked Cat3750
APIC EM Server
File Server
Services add intelligence to the workflow and encapsulates the platform complexities from the server.
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
PnP Agent Service: Image Install Service Workflow• PnP server sends image location based on the PID of the device
• PnP agent:
`Checks if the path is valid
Calculates disk space on the destination. If there is not enough, the service finds alternate disk
space onthe device
Downloads the image to the
right destination where
enough spaceis available
Checks the integrity ofthe image
Installs the image to all the
applicable hardware
(standaloneunit, high-
availability unit, stacked unit)
Notifies the server that
image installation
was successful
Reloads the device
If any error occurs during the process of
image installation, the
agent aborts and reports the
error back tothe server
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Agent Image Install Service
`
<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8"> <response xmlns="urn:cisco:pnp:image-install" version="1.0" success="0" correlator="03"> <errorInfo> <errorSeverity>ERROR</errorSeverity> <errorCode>PnP Service Error (1804)</errorCode> <errorMessage>Config-register cannot be 0x0</errorMessage> </errorInfo> </response></pnp>
<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8">
<request correlator="1234"> <image> <copy> <source> <location>http://10.10.10.19/images/isr4400-universalk9.20140420.bin</location>…………………………
</pnp>
Sample XML payload for image installation request from thePnP server
Sample image installation error response
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Agent Image Install Service
`
Mar 30 09:09:54.084: PNPA-image-install: Source file is of type image (mzip)Mar 30 09:09:54.084: PNPA-image-install: Config-register: 0xFMar 30 09:09:54.126: PNPA-image-install: Destination file: flash:c3750e-universalk9-mz.1Mar 30 09:09:54.126: PNPA-image-install: Initialization SuccessfulMar 30 09:09:54.126: PNPA-image-install: Calculating current running image checksum...Mar 30 09:09:54.126: PNPA-image-install: Performing image checksum verification...Mar 30 09:10:20.659: PNPA-image-install: Expected checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:10:20.659: PNPA-image-install: Computed checksum: 1a2c66abe64cb7fe20b0a5dde76e4f70Mar 30 09:10:20.659: PNPA-image-install: Running Image flash:c3750e-universalk9-mz checksum different from provided checksumMar 30 09:10:20.793: PNPA-image-install: Total free size on flash: 32125952 bytesMar 30 09:10:20.793: PNPA-image-install: Copying Image.............Mar 30 09:12:51.100: PNPA-image-install: Image copy successfulMar 30 09:12:51.100: PNPA-image-install: Performing image checksum verification....Mar 30 09:13:17.675: PNPA-image-install: Expected checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:13:17.675: PNPA-image-install: Computed checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:13:17.675: PNPA-image-install: Checksum verified for flash:c3750e-universalk9-mz.1Mar 30 09:13:18.011: PNPA-image-install: Found boot start markerMar 30 09:13:21.970: PNPA-image-install: Set to boot new ImageMar 30 09:13:22.029: PNPA-image-install: Reload scheduled by userMar 30 09:13:22.029: PNPA-image-install: PNP ImageInstall SuccessfulCP-BL16-C3750E-1#
Sample Image Installation Console Debug Logs
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
PnP Agent Service: Config Upgrade Service Workflow
• PnP server sends config file location based on the PID of the device
• PnP agent:
`Checks if the path is valid
Downloads the configuration fileto the specified
destination
Checks the integrity of the
configuration file (MD5 hash)
Checks the syntax of the configuration
to be applied.On failure, the configuration is
not applied
Notifies the server whether the configuration upgrade was
successful or not. Appropriate error codes are sent
Reloads the device if required
If any error occurs during the
configuration upgrade process the agent aborts and reports the error back to
the server
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Agent Config Upgrade Service
`
<pnp udi="PID:CISCO3945-CHASSIS,VID:V02,SN:FTX1503AH3V" version="1.0" xmlns="urn:cisco:pnp"> <response correlator="CiscoPnPPro-1.0-config_upgrade-40832" success="0" xmlns="urn:cisco:pnp:config-upgrade"> <errorInfo> <errorSeverity>ERROR</errorSeverity> <errorCode>PnP Service Error 1402</errorCode> <errorMessage>Invalid input detected</errorMessage> </errorInfo> <serviceLog> bogus cli ^ % Invalid input detected at '^' marker. netconf http ^ % Invalid input detected at '^' marker. </serviceLog> </response> </pnp>
<pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:CISCO3945-CHASSIS,VID:V02,SN:FTX1503AH3V" usr="admin" pwd="cisco" > <request correlator="CiscoPnPPro-1.0-config_upgrade-40832" xmlns="urn:cisco:pnp:config-upgrade"> <config details="all"> <copy> <source> <location>flash0:/switch_config.cfg</location> </source> <applyTo>running</applyTo> </copy> </config> </request> </pnp>
Sample configuration upgrade error response
Sample XML payload for the image installation request from the PnP server
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Agent Operation Data Services• Services designed to retrieve device specific information
• Topology Discovery Service
• Device Information Service
• Operational CLI Service
• Syslog Relay Service
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp“version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8"><response correlator="03" version="1.0" success="1" xmlns="urn:cisco:pnp:topology"><topology> <element> <local> <interface>GigabitEthernet0/0</interface> <shortInterface>Gi0/0</shortInterface> <macAddress>f866.f27b.a870</macAddress> </local> <remote> <interface>FastEthernet0/10</interface> <macAddress>001f.6d0c.3dca</macAddress> <deviceName>switch-172-BL20</deviceName> <platform>cisco WS-C2950-24</platform> <version>Cisco Internetwork Operating System SoftwareIOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA10a, RELEASE SOFTWARE (fc2)Copyright (c) 1986-2007 by cisco Systems, Inc.Compiled Tue 24-Jul-07 17:13 by antonino</version> </remote> </element> <element> <local> <interface>FastEthernet0/1/0</interface> <shortInterface>Fa0/1/0</shortInterface> <macAddress>c84c.7543.5d7d</macAddress> </local> <remote> <interface>FastEthernet0/1/0</interface> <macAddress>f866.f24d.6a8e</macAddress> <deviceName>eem-2900-1</deviceName> <platform>Cisco CISCO2921/K9</platform> <version>Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.4(0.21)T, ENGINEERING WEEKLY BUILD, synced to V153_3_M0_3Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2013 by Cisco Systems, Inc.Compiled Thu 12-Sep-13 10:17 by hlo</version> </remote> </element></topology></response></pnp>
Sample Topology discovery service output
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Protocol Definition
40DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
Protocol Definition• /pnp/HELLO
HTTP Method: GET Description: PnP agent sends this message only during the discovery phase to
ensure the discovered server is reachable. Expected Response: 200OK
• /pnp/WORK-REQUEST HTTP Method: POST Description: Work Request message is initiated by the PnP agent to check with the
PnP server for any new work requests. PnP agent sends this message after discovering the server or when a PnP profile is configured and also at the beginning of every retry.
The body of this request carries the work-info service as defined in the schema pnp_work_info_body.xsd.
Expected Response: 200OK with one of the service methods which are described in the PnP Services chapter
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Protocol Definition• /pnp/WORK-RESPONSE
• HTTP Method: POST• Description: Work Response message is sent by the PnP agent to notify the server after
completion of each Work Request initiated by the server to notify the status. The schema definitions for responses are defined in the XSD files of every service in the Response section.
• Expected Response: 200OK with service method ‘Bye’ as defined in the schema pnp_work_info_body.xsd
• Agent Configuration
• pnp profile <name>• transport https ipv4 <ip-address> port <port-num>
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Plug-n-Play on DevNet
43DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
PnP Service: Open and Public Programmable Interface
Component communication is open with public schema
APIC-EM-based PnP Server
PnP AgentOpen PnP
SpecPublically available
REST API
No private protocols;The PnP spec is an XML-based schema that is simple to understand and deploy.
PnP Agent Open PnP Spec
Build custom PnP Server
Programmer
Programmer
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Cisco Open PnP on DevNet• Web portal on Cisco DevNet for the developer community to learn and adopt
Cisco Open Plug-n-Play protocol
• Navigate: https://developer.cisco.com -> Networking -> Open Plug-n-Play
• URL: https://developer.cisco.com/site/open-plug-n-play/
Learn Download Launch Support
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 46DEVNET-2052
Programmability with Tcl
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Zero Touch Device bootstrapping with Tcl Scripting
NoYes
Bootup
Startup-config exists?
DHCP discovery starts
Bootup normally with startup-configuration
Yes No
Script or cfg file option
exists in DHCP?
• If script found then download and run the script
• If Cfg file found then download and apply startup-configuration
Proceed to PnP Server discovery
Device reaches out to the PnP Server,
receives script location,
downloads, and executes
PnP discovery succeed?
No Yes
Device goes back to retry PnP discovery
• Enable provisioning of devices by downloading and executing Tcl scripts automatically at the bootup time
• Highly customizable day 0 provisioning mechanism by writing the desired workflow in the script
• Works with standard DHCP options 150 and 67 like PoAP on Nexus devices
• Works seamlessly with datacenter devices which uses PoAP, Puppet, Chef, DCNM
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Steps for bootstrapping with Tcl Script• DHCP server is provisioned with option 150 (TFTP
server ip) and option 67 (path to the script)• Script is provisioned (by the customer) in the TFTP
server• Device boots up without startup-config and triggers
PnP Agent• PnP Agent receives option 150 and 67 from DHCP
client and downloads the script from TFTP server• PnP Agent invokes the script to complete the
installation• The script may verify the device using Serial Number,
download a configuration, an image file or perform any command supported by the IOS/TCL CLI interface
File Servers TFTP/FTP/HTTP
TFTP ServerDHCP Server
Device to be provisioned
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conclusion
49DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Conclusion• Cisco Plug-n-Play solution
• provides a zero touch provisioning of Cisco routers, switches, and wireless APs• helps reduce customer OPEX• opens up APIs for the developer community
• DevNet portal provides a one stop shop for PnP solution development
• Tcl scripts makes device provisioning highly customizable
DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card.
• Complete your session surveys through the Cisco Live mobile app or from the Session Catalog on CiscoLive.com/us.
51DEVNET-2052
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 52DEVNET-2052
Continue Your Education• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Lunch & Learn
• Meet the Engineer 1:1 meetings
• Related sessions
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public
Please join us for the Service Provider Innovation Talk featuring:
Yvette Kanouff | Senior Vice President and General Manager, SP BusinessJoe Cozzolino | Senior Vice President, Cisco Services
Thursday, July 14th, 201611:30 am - 12:30 pm, In the Oceanside A room
What to expect from this innovation talk• Insights on market trends and forecasts• Preview of key technologies and capabilities • Innovative demonstrations of the latest and greatest products• Better understanding of how Cisco can help you succeed
Register to attend the session live now or watch the broadcast on cisco.com
DEVNET-2052 53
Thank you
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 54DEVNET-2052
55DEVNET-2052