Application for evaluation machine
Automatic network construction using ZTP x Ansible ~ A practical introduction to white Box switches for beginners ~
Introduction
In the second to fourth articles on Open Networking, we introduced "Zero Touch Provisioning (ZTP)" and "Ansible". In this article, we will introduce a more efficient network construction method that combines the two.
We have other articles related to Open Networking, so please check out the article that interests you from the list below.
Basics of ZTP and Ansible you should know before you start
ZTP Advantages/Disadvantages
ZTP is a system in which devices such as white Box switches are connected to the network in which they are to be installed, and once they are turned on, they are automatically configured and ready to use.
The advantages and disadvantages of ZTP alone are as follows:
[merit]
・Because the setting is simple, it is not difficult to build a ZTP environment
[Demerit]
・It is necessary to create Config for each white Box switch in advance
・If there is no mechanism to automatically correct any changes to the initial settings, it is necessary to manually correct all Configs.
The construction of the ZTP environment itself is not difficult, but it is necessary to prepare Config for each white Box switch, and the larger the number, the more time it takes to prepare manually.
For more details about ZTP, please see the fourth article, which provides a detailed explanation.
Eliminate the disadvantages of ZTP with ZTP x Ansible
By combining ZTP with Ansible, you can automate the creation of configs themselves, significantly reducing the amount of work required.
We will explain the basic steps using ZTP and Ansible.
① Apply the config of each white Box switch with ZTP (config is created with Ansible)
② When changing settings, you can change the settings in real time by editing/executing the playbook on the Ansible host (useful when applying the same settings to many switches).
③ Using the Ansible host, you can periodically back up the configuration of each device.
※ Playbook is a file that describes the process to be executed.
This makes configuration creation and changes more efficient and simplifies management.
There is a learning cost to Ansible, but once you have learned it, subsequent operations will be very smooth.
How to create a config using AnsibleArticle 3We have provided a more detailed introduction, so please take a look if you are interested.
How to get a backup using Ansible
Next, we will introduce how to obtain a backup of Ansible, which was also described in the Advantages of ZTP x Ansible in Step 3 of ZTP x Ansible.
By regularly backing up the white Box switch, you can always obtain the latest configuration. This allows you to quickly apply the latest configuration to the replacement device using ZTP even if the white Box switch breaks down, enabling faster response.
[Building environment]
- Server: Ubuntu 16.04
- White Box Switch: Edgecore AS7726-32X
- NOS:OcNOS 1.3.9
Backup acquisition configuration diagram
Ansible directory structure
├── hosts # inventory file
│
├── set_crontab.yml # Playbook file to execute
│
└── backup.yml # Playbook file executed by cron job
Set the playbook (set_crontab.yml) as below and create a script that executes the cron job (backup.yml) every minute.
set_crontab.yml
---
- hosts: localhost
gather_facts: false
tasks:
- name: set crontab
cron:
name: backup_config
job: "/usr/bin/ansible-playbook -i ~/Ansible/ocnos-bgp-ansible/hosts ~/Ansible/ocnos-bgp-ansible/backup.yml
The playbook executed by the cron job is below.
backup.yml
---
- name: Buck up running-config
gather_facts: no
hosts: OCNOS
vars:
now_date: "{{ lookup('pipe','date +%Y%m%d%H%M') }}"
tasks:
- ocnos_config:
exec_cmds:
- 'copy running-config scp scp://tecstar:tecstar@192.168.0.80/tmp/configs/{{ inventory_hostname }}_bk.conf.{{ now_date }} vrf management'Execute Playbook commands with Ansible
By executing the playbook (set_crontab.yml) from the command below, the regular backup setting is completed.
ansible-playbook set_crontab.ymlAfter running the playbook, make sure your crontabs are set correctly.
コマンド実行
#Ansible: backup_config
* * * * * /usr/bin/ansible-playbook -i ~/Ansible/ocnos-bgp-ansible/hosts ~/Ansible/ocnos-bgp-ansible/backup.yml ---->正常に設定されていることが確認できる-->tecstar@tecstar:~$ crontab -l ----->コマンド実行 #Ansible: backup_config * * * * * /usr/bin/ansible-playbook -i ~/Ansible/ocnos-bgp-ansible/hosts ~/Ansible/ocnos-bgp-ansible/backup.yml ---->正常に設定されていることが確認できるAlso, as shown below, Config is actually acquired every minute, and it can be confirmed that it is operating normally.
(This time, the file name has a time stamp, and the backup was taken at 16:53, 16:54, 16:55, and 16:56)
tecstar@tecstar:/tmp/configs$ ls AS7726-A_bk.conf.202107191653 AS7726-A_bk.conf.202107191654 AS7726-A_bk.conf.202107191655 AS7726-A_bk.conf.202107191656
That was the introduction of the automation solution using ZTP and Ansible.
Next time, we plan to introduce monitoring/visualization methods using OSS tools.
At the end
Macnica offers a service that provides a remote environment where you can actually experience open networking and conduct testing and verification.
This service allows us to verify the operability of the network OS and perform tests that combine network OSs, white Box switches, and optical transceivers from various manufacturers.
Image of remote verification service
It is a service that allows you to easily verify open networking, and the basic configuration is free of charge.
You can check the downloadable materials for available network OS and white Box switches, specific use cases, and how to apply. The materials can be downloaded from the URL listed in the information email by answering the questionnaire from the "Macnica Network OS Remote Verification Service" below.
These people are using the remote verification service.
Here are some testimonials from people who have actually used the service.
Furukawa Network Solution Co., Ltd.
“Recently, the number of remote service environments is increasing, but I was impressed with the ease of access to the evaluation equipment.
The materials you provided were easy to understand, and we were able to proceed smoothly with the intended verification. ”
Related information
Click here for list of materials
In addition to introducing products handled by Macnica,
We publish materials related to open networking, such as BGP cross network automatic construction files and network operation test evaluation reports.
Click here for details
Product Page Top
Edgecore Networks
We continue to be a pioneer in open networking by developing and selling products related to OpenNetworking/white Box switches.
Aviz Networks
We are pioneers of SONiC, an open source network operating system, providing observability, configuration automation tools and support from a team of SONiC experts.
IP Infusion
As a market leader among open networking providers, we provide reliable network solutions to over 600 customers, including carriers, service providers, and data centers.
Inquiry/Document request
In charge of Macnica Edgecore Networks
- TEL:045-470-9831
- E-mail:projectmonstar@macnica.co.jp
Weekdays: 9:00-17:00