Switch Management Automation

We have already written a lot about the possibilities provided by modern switches with ONIE boot environment and open OS based on Linux for them. Building L3-factories , L2 overlay virtual networks , all this already. But one important topic remained unsolved, which was mentioned a lot - automation capabilities.

The command line is, of course, great and generally classic, but in 2014 I want more. Especially if you have to work with tens and hundreds of devices on the same network.

So what do we get when using a switch with a Linux-based OS, such as Cumulus?

')
Automation begins at the stage of connecting the switch to the network environment. And for that, thanks to the ONIE installation environment, which replaced the PXE. When you first boot using option 239 DHCP, you request a URL from which to get a system image. And along with it a script is requested that will be executed during installation. The list of supported languages ​​includes Bash (Shell), Perl, Python, Ruby. A typical example looks like this:


Zero Touch Provisioning

This option can greatly facilitate the process of expanding or expanding the network, in which there are a large number of similar settings. However, it is already very valuable to fill in the set of necessary software “by default”; any person who has to assemble computers or servers in an amount different from “one for personal use” knows this.

But here we have broken through the installation phase, and here the most interesting things that exist in the Linux world already begin.

Routing
There is a choice from:

• Quagga
• BIRD

The first package is considered more common and convenient, but there is an opinion that the second one has better scalability. For our part, we are just glad of the possibility of choice and offer you the following statistics on the use of various options on the “Nines”:

Routing on traffic exchange nodes

Virtualization
Here the choice is small, but quite decent in terms of the possibilities offered:

• VMware NSX
• Openstack

We wrote about VMware NSX in our previous material , and OpenStack is such a voluminous topic that it requires not even a separate article, but a whole cycle of articles, so we will probably leave this part without additional comments.

Interface Management Automation
When it comes directly to automation control, here we have:

• Puppet - written in Ruby is one of the most well-known client-server configuration management systems of the OS and software using a special language Guide
• Chef is another well-known configuration system.
• CFEngine - the third world-renowned configuration system

As always happens in such cases, holivars about which of the systems is more convenient never stop. Therefore, with only the support of all three systems in the switch OS, it can be said that it has the necessary flexibility to be successfully integrated into most of the existing environments.
However, even if you use third-party or samopisnye management systems, no one bothers you to adapt their client for use within the open operating system of the switch.

And a few more words about popular network interface management packages. Surely, many people know such a Debian package as ifupdown . Cumulus uses its updated version of ifupdown2 :


ifupdown2

By and large, this is still the same package, with preserved backward compatibility, but rewritten in python and with enhanced functionality. In the new version the command syntax has been significantly simplified. But perhaps the most useful feature is the ability to make incremental changes to the configuration of network interfaces, without restarting the interfaces.

Monitoring
Understanding the processes occurring at any time, the desire to always keep abreast of what is happening is a characteristic feature of any good administrator, be it system or network.

For those who are used to Linux'ov utilities, there is a whole host of multi-functional long-developed packages:

• collectd
• Ganglia
• Net-SNMP
• Graphite
• Iscinga

Well, "networkers" rather like the usual sFlow taste.

Prescriptive Topology Manager (PTM)
Another useful feature at the interface of monitoring and automation is PTM. This package allows using LLDP survey of nearest neighbors and BFD (Bidirectional Forwarding Detection) to find failures in existing paths, build a real-existing network topology and compare it with the predefined topology.dot file. The latter is a graphviz-DOT format file - a relatively common way of textual description of the connection graph, which is rather convenient both for working with it as text and for converting it into a graphic display of topology.


Prescriptive Topology Manager

As a result, we get a convenient way to check the correctness of connecting cables, which is very important for large installations. In addition, we get another mechanism for monitoring the state of network connections, and it is easily scripted and already integrated with quagga.

Well, somehow the situation with automation in modern networked open OS looks like.
What do you use?