Python for the Enterprise

Dmitry Figol, CSE TAC

Kevin Kuhls, TME EISG

DEVNET-2449

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to chat with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#DEVNET-2449Cisco Spark spaces will be available until July 3, 2017.

• Programmability overview

• YANG

• NETCONF

• Application hosting

Agenda

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Why Network Programmability Matters

0

100%

67%

Source: Forrester

CAPEX OPEX

33%0 10 100 1000

Computing Networking

Seconds

Source: Open Compute Project

Network Expenses Deployment Speed

DEVNET-2449 5

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

CLI CLI

Physical and Virtual Network Infrastructure

Configuration Management Today

DEVNET-2449 6

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Human

Friendly

Task

Oriented

Easy To

Replay

No

Special

Tools

Syntax

format

changes

No

Structured

output

No Error

Reporting

No

Transaction

manageme

nt

Configuration Management Today: CLI

DEVNET-2449 7

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

• Programming Building block

• APIs can have various Properties• Transport (SSH, HTTP)

• Encoding (XML, JSON, ProtoBuffer)

• Data structure (Data Models)

• Some Examples of APIs • The Twitter API

• The Java API

“A set of Function Calls that allows talking to a system”

APIs – Application Programming Interfaces

DEVNET-2449 8

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Network Programmability

Physical and Virtual Network Infrastructure

Business Automation System(s)

Controller

Open Device Programmability

DEVNET-2449 9

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Network Programmability

Physical and Virtual Network Infrastructure

Open Device Programmability

Programmatic

Interfaces

Open

Protocols

Configuration

Management

Traffic

Engineering

Operational

State

DEVNET-2449 10

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

RESTconf NETCONF gRPC

Implementation

Device Features

Interface BGP QoS ACL …

Data Model

Configuration

StandardDevice Specific

Operational

StandardDevice Specific

Other vendors

DEVNET-2449 11

YANG

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

• Explicitly and precisely defines Data

• Structure• Syntax

• Semantics

• Consistent and complete

Data Models

Interface Model definition

DEVNET-2449 13

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

YANG Data Model Structure

• Look familiar?

• Description of all interfaces• Can be named,

described, typed, enabled (or not), set for traps

DEVNET-2449 14

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Where to get the Models?

• https://github.com/YangModels/yang

“YANG modules from standard organizations such as the IETF, open source such as Open Daylight or vendor specific modules”

DEVNET-2449 15

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Tools to work with YANG Models

• pyang ‘An extensible YANG validator and converter in python’

• https://github.com/mbj4668/pyang

• Via PyPi: pyang - A YANG (RFC 6020) validator and converter

• Mandatory tool

• YANG Explorer ‘An open-source YANG Browser and RPC Builder Application’

• https://github.com/CiscoDevNet/yang-explorer

• Web Based GUI

• More difficult to get started with

DEVNET-2449 16

NETCONF

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

NETCONF Overview

Transport

Remote

Operations

Management

Services

Management info

(instantiated/payload)

Management info

(definition)

XML-encoded content

e.g., YANG modules

NETCONF operations

<edit-config>, <get-config>, <get>

Netconf RPC

<rpc>, <rpc-reply>

TLS, SSH

Manager (client)

XML

content

per

YANG

Conceptual

Data

Store

Agent

(server)

Several data stores:

• Running

• Startup

• Candidate

DEVNET-2449 18

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

• How do I know what a box can support?

• Many other ways too.

• This is the capabilities exchange defined by the RFC

• Can I download all these models to help me code?

• This is great for integrating.

ssh -p 830 admin@o22-4451-1 -s netconf

<get-schema

xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-

monitoring">

</get-schema>

NETCONF Capabilities

DEVNET-2449 19

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Main Operations Description

<get> (close to ‘show ?’) Retrieve running configuration and device state information

<get-config> (close to ‘show run’) Retrieve all or part of specified configuration datastore

<edit-config> (close to ‘conf t’) Loads all or part of a configuration to the specified configuration datastore

Other Operations Description

<copy-config> Replace an entire configuration datastore with another

<delete-config> Delete a configuration datastore

<commit> Copy candidate datastore to running datastore (ex: XR)

<lock> / <unlock> Lock or unlock the entire configuration datastore system

<close-session> Graceful termination of NETCONF session

<kill-session> Forced termination of NETCONF session

NETCONF Operations

DEVNET-2449 20

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<get>

<filter>

<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces">

<interface>

<name>GigabitEthernet1/0/1</name>

</interface>

</interfaces>

</filter>

</get>

</rpc>

Message - RPC

Operation

Content

NETCONF Stack

DEVNET-2449 21

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

1. Capability discovery, model download

2. Transactions

3. Notifications

Three Things to Like about NETCONF

DEVNET-2449 22

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

YDK – The YANG Development Kit

• https://developer.cisco.com/site/ydk/

YDK turns YANG models in Python classes

DEVNET-2449 23

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Example – Configure and Monitor IPSLAUsing YDK

All the model XML becomes Python object code

Creates the

XML…

…Performs the

NETCONF <edit-config>

DEVNET-2449 24

Application hosting

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

* Availability varies by platform

Physical and Virtual Network Infrastructure

• Secure on device service containers

• Support for configuration management, telemetry and other applications

• Optional container life-cycle managementService Containers

Application Hosting

DEVNET-2449 26

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

I can run Apps inside my Router!!

Wait, why would I run an app inside my router?

• Python environment

• Asset management Apps

• Deploy probes anywhere

• Telemetry gathering/local processing

• Option to enable unsigned containers

• Any 3rd party KVM

• Libvirt based format / YAML manifest file

YOUR App

Virtual Service Containers

DEVNET-2449 27

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Guest Shell ApplicationVirtualized Linux Environment On Your Switch or Router

• Maintain IOS-XE system integrity

• Isolated User Space

• Fault Isolation

• Resource Isolation

• On-box rapid prototyping

• Device-level API Integration (CLI, YANG Data Models, EEM, SNMP)

• Scripting (Python)

• Linux Commands

• Application Hosting

• Integrate into your Linux workflow Network OS

Guest Shell

Open Application Container

API

Linuxapplications

DEVNET-2449 28

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card.

• Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.

Complete Your Online Session Evaluation

Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.

DEVNET-2449

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Lunch & Learn

• Meet the Engineer 1:1 meetings

• Related sessions

DEVNET-2449 30

Thank you

Resources

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Building the Environment

• This is a rough guideline how to bring up / prepare the entire environment.

• Git client

• VirtualBox 5.0.28

• Vagrant 1.8.7

• cdrtools (in particular mkisofs)

• a build environment (e.g. compiler, make, ...), suggest to use MacPorts or Brew if running on a Mac

• Clone the iso-xrv-x64-vbox repository from GitHub

• IOS XE image from Cisco.com (e.g. here, then go to IOS XE Software and download the latest image in 16 branch)

DEVNET-2449 34

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Building the Environment (cont)

• Go to the directory where you cloned the iso-xrv-x64-vbox repository. Start the Vagrant box image build by running the following command

• iosxe_iso2vbox.py -v ~/Downloads/csr1000v-universalk9.16.05.01b.iso

• This will take a while. When done, you need to install the resulting box into Vagrant:

• vagrant box add --name csr csr1000v-universalk9.16.05.01b.box

• Building the Vagrant Box

DEVNET-2449 35

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Configure and Start Routers

• Clone this repo from GitHub into a new directory: https://github.com/dmfigol/devnet2449

• Make sure that the Vagrant box name matches the one configured in the Vagrant file

• Ensure you have the required tools installed

• run make to create the ISO files with the router configurations from the folder of Git repository

• Bring up the routers using vagrant up (brings up both) or vagrant up R1 to only start R1

• The next steps are required to prepare configuration disks for the routers

DEVNET-2449 36

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Configure Jupyter notebook

• docker build -t dmfigol/jupyter-netdevops-py3 .

• docker run -it --rm -p 58888:58888 -v $(pwd)/notebooks:/home/docker/ dmfigol/jupyter-netdevops-py3

• Now if you browse to: http://localhost:58888 you should be able to access Jupyter notebooks

DEVNET-2449 37

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Resources

Interface Protocols

• RESTCONF- https://tools.ietf.org/html/draft-ietf-netconf-restconf-09

• NETCONF - https://tools.ietf.org/html/rfc6241

• gRPC - http://www.grpc.io

Data Models

• IETF - https://tools.ietf.org/html/rfc6020

• ITU - https://www.itu.int/oth/T1C02000002

• OpenConfig - http://www.openconfig.net/data-models

DEVNET-2449 38

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Resources (cont.)

• Wojciech’s CL deck ‘A Model-driven Approach to Software Defined Networks with Yang, NETCONF/RESTCONF’, BRKSDN-1903https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=84149&tclass=popup

• YANG Explorer (open source)https://github.com/CiscoDevNet/yang-explorer

DEVNET-2449 39

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Resources (cont.)

• YANG Module Repository (IETF, Open, Vendors)https://github.com/YangModels/yang

• Pyang toolhttps://github.com/mbj4668/pyang

• IOS XR Sitehttps://xrdocs.github.io/

DEVNET-2449 40