Device Programmability with Cisco Plug-n-Play Solution

Device Programmability with Cisco Plug-n-Play Solution

Bhaskar Bhattacharjee, Manager, Software DevelopmentDEVNET-2052

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 2DEVNET-2052

• Introduction

• Network Deployment Challenges

• Introducing Cisco Plug-n-Play Solution

• Deployment Use Cases

• Zero Touch Server Discovery

• Embedded Agent Capabilities

• Protocol Definition

• Cisco Plug-n-Play on DevNet

• Programmability with Tcl

• Conclusion

Agenda


Introduction

• Cisco is committed to provide a deployment solution to reduce customer OPEX which,• provides a zero touch device provisioning experience• can interoperate with multiple management applications• has built-in rich features for provisioning and monitoring• uses standard protocols, opens up the APIs, and makes the solution developer friendly

0

100%

Source: ForresterCAPEX OPEX

33% 67%• Device deployment is mostly manual and

complex

• Each year customers spend high OPEX on device deployments


Network Deployment Challenges

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 5

Network deployment – Challenges

Direct Costs•Shipping •Travel costs

Complexity•Config errors•Different products / processes

Security•3rd party not secure•Rogue devices

Time/Productivity•Manual process •Shipping , Storage, Travel

Today’s Process Business Challenges

Site-1

Central Staging facility• Install OS• Install base config

Installer

Re-Ships equipment

Cisco

Site-2 Site-3

Reseller/Partner

Ships Ships

Deployment Sites

DEVNET-2052


Need to ask the right questions

Which steps can I eliminate?

Can Zero-touch Solutions help?

Is Pre-staging really necessary?

Without pre-staging, how do I ensure security ?

What about Post-deployment operations? – should I consider SDN?

Can I avoid truck-rolls due to misconfigurations?

DEVNET-2052


Bringing it all togetherOne Solution to bind them all!

Smart Install

Auto Install

CNS

Config / Image Download

APIC EM / NSO / ODL Integration Security Open Protocol More….

DEVNET-2052


Network deployment – Proposed

Fully Automated•No CLI •No Expert Installer

Programmable•Fix rich services•Well defined APIs to customize

Security Built-In•Secured server-agent transactions•Rogue device detection (SUDI)

Time/Productivity•Faster deployments •Real time error detection and RMA

Cisco Plug-n-Play Key benefits

Site-1

NOC

Installer

Cisco

Site-2 Site-3

Cisco ships direct to the deployment site

Cisco PnP Protocol

Deployment Sites

DEVNET-2052

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public

Introducing Cisco Plug-n-Play Solution

9DEVNET-2052


Cisco Plug-n-Play Solution Components

Cloud Hosted Redirection ServiceWeb hosted app on cisco.com to help discover

customer specific Plug-n-Plug server

Plug-n-Play Server AppA centralized server that manages the network

devices for images, configurations, files, licenses, etc.

PnP Helper ApplicationsApplications on smart phones and personal computers

that facilitates to deliver boot strap configuration as needed

PnP AgentAn embedded agent that runs on the Cisco devices to automate deployment process

Plug-n-Play protocolProtocol used between the

Agent and the PnP server. This is an open schema allowing

third-party development of PnP servers

DEVNET-2052


Key Benefits of Cisco Plug-n-Play Solution• Fully automated network device install

• No CLI needed. No manual intervention. No touching required.• No experienced network admin needed on site

• Security built in• Configurations passed to device with secure transport• Rogue device detection

• RMA: Automated device replacement

• Customizable• Customers can adapt the solution to fit their needs

• Not Cisco Proprietary• Protocol is open and based on HTTP• Based on Publically available schema

• Final and Unique configuration delivered to every device

DEVNET-2052


PnP Server in NOC

PnP Server

Install Location

Day 0: New device is pre-provisioned in PnP Server with image & config details

Day 1: PnP server authenticates the device. A secure communication channel is created

Day 1: PnP server sends configuration, image, licenses and files to the device

Day 1: Device reloads executes post install actions (script or CLI)

Device- DatabaseUDI: AF34P7Dev. Info.

license

config

image

Day 1: Installer connects the network cables and powers on the device.Day 1: Device discovers PnP server and sends it’s SUDI certificate

1

2

3

4

5

6

Day 1: Install success/failure notifications are sent by the PnP server as needed. 7

Cisco PnP: Device Communication Flow

DEVNET-2052


Deployment Use Cases

13DEVNET-2052


Use Case 1 : Greenfield Branch Deployment

Pre Provision Projects/Sites• Policies• Match Rules • Configs/Image• IP Addressing

Network Admin

Installer

Day 0

Day 1Day 1

PnP Server

Network Admin

InternetDeliver bootstrap

IT Admin remotely monitors status of install while in progress.

PnP Server site Device list

Installer on site• Mount and cable

devices • Power-on

PID Serial # Hostname IP address

ISR-2951 FOX23zxcd ISR-main 192.168.15.1

ISR-2951 FOX23zxcb ISR-bakcup 192.168.15.2

C3850 FOC123dfg Dist1 192.168.16.3

C3560C FOC443asd ACC-sw1 192.168.16.4

C3560C FOC443asa ACC-sw2 192.168.16.5

C3560C FOC443asg ACC-sw3 192.168.16.6

C3560C FOC443asx AC-sw4 192.168.16.7

Booting devices contact PnP Server requesting instructions

DEVNET-2052


Use Case 2 : Campus - Site Bring-up

Installer

Remote Installer• Mount and cable

devices • Power-on

Day 1

PnP Server

Campus – Bldg-1

Campus – Bldg-2

Pre Provision Projects/Sites• Policies• Match Rules • Configs/Image• IP Addressing

Network Admin

Day 0

Network Admin remotely monitors status of install while in progress.

Booting devices call out to PnP Server, requesting instructions

Day 1

Campus – Bldg-3Campus – Bldg-4

DEVNET-2052


Mark Device for RMA• Use Inventory to find

devicePnP Server waiting for replacement deviceOpens TAC Case

Network Admin

Day N

Use Case 3 : Branch - Zero-touch RMA

Asst. Branch Mgr.• Removes old device.• Mount and cable

replacement device• Power-on

Day N+1

No replacement Pre Provisioning

1. Zero-touch RMA based on neighbor table

• PnP Server maintains neighbor info.

• Applies same image/config to new device

OR

2. Serial Number match• Incoming Switch SR#

configured as replacement device

• Image/Config applied to new device

Note: PID must match!

Cisco ships replacement

PnP Server

Internet

Asst. Branch Mgr.

At Branch, • No Bootstrap config• No CLI• App optional

DEVNET-2052


Use Case 4: Old version support w/ SMI Proxy

• “SMI Proxy” runs on the Device with PnP Agent.

• “SMI Proxy” Translates SMI to PNP• Represents SMI Client to the PnP Server

• “SMI Proxy” must be explicitly enabled.

• PnP Server can manage Legacy IOS images on Catalyst switches

• Catalyst 3k/4k with minimum IP Base support SMI Proxy

Internet

ISR: Agent enabled

3850: Agent enabledSMI Proxy enabled

SMI clients

Smart Install protocol

PnP ProtocolOn http

Translation layer

APIC EM Server

SMI Proxy

DEVNET-2052


Zero Touch Server Discovery

18DEVNET-2052


Cisco Plug-n-Play: Deployments Done Zero Touch Way

DHCP server

Cloud based PnP Server

Local PnP Server

DNSServer

DNSServer

DHCP server based

DHCP option 43/60 = PnP

server address

DHCP + DNS server

Cloud based PnP server

Mobile Helper device

Name Lookuppnpserver.

localdomain.com

Cloud Redirectiondevicehelpercisco.com

Mobile app connects to PnP server over WAN to distribute bootstrap config

Gateway

DEVNET-2052


DHCP Based Discovery

DHCP Server PnP Server

New device is powered on

Device receives PnP server specific metadata info configured in DHCP option 43

1

2

Device validates server’s location and establishes a communication with the server

3

Assumptions:• New devices can reach DHCP server• Customer is willing to configure DHCP server for network devices

DEVNET-2052


Option 43 Discovery With Linux DHCP Server Configuration

Configure the Linux DHCP server with thePnP-specific option 43

sudo apt-get install isc-dhcp-serversudo vi /etc/dhcp/dhcpd.conf

default-lease-time 600;max-lease-time 7200;option space CISCO_PNP;option CISCO_PNP.pnpserver code 43 = string;

option subnet-mask 255.255.255.0;option broadcast-address 10.30.30.255;

subnet 10.30.30.0 netmask 255.255.255.0 { range 10.30.30.2 10.30.30.255;}class “ciscopnp" { match if option vendor-class-identifier = "ciscopnp"; option vendor-class-identifier "ciscopnp"; vendor-option-space CISCO_PNP; option CISCO_PNP.pnpserver "5A;B2;K4;I172.19.210.215;J80";}service isc-dhcp-server start

Pre-provision the DHCP server with: IP address Option 43

Network Admin

DHCP Server

DEVNET-2052


Option 43 Discovery with IOS DHCP Server Configuration

ip dhcp excluded-address 10.1.1.1!ip dhcp pool pnp_device_pool network 10.1.1.0 255.255.255.0 default-router 10.1.1.1 option 43 ascii "5A1D;B2;K4;I172.19.210.215;J80"!

A localized, Cisco IOS® Software-based DHCP server with the PnP-specific option 43

Pre-provisionDHCP Server IP address Option 43

Network Admin

Cisco® IOS DHCP Server

The sample configuration uses 10.1.1.0/24as the DHCP pool

The DHCP server IP is 10.1.1.1 DHCP option 43 is set with 172.19.45.222

as the PnP Server IP address

DEVNET-2052


Mar 30 01:31:05.441: PNPA-discovery: Info: Checking if PnP discovery should startMar 30 01:31:05.441: PNPA-discovery: Info: PnP discovery process is not runningMar 30 01:31:05.441: PNPA-discovery: Info: Started PnP Discovery Process, pid=446Mar 30 01:31:29.156: PNPA-discovery: Info: Startup config does not existsMar 30 01:31:29.156: PNPA-discovery: Info: Initiating PnP discovery managerMar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.inp=[K4;B2;I172.19.210.215;J80]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.K4.htp=[ transport http ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.B2.s12=[ ipv4 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.Ix.srv.ip.rm=[ 172.19.210.215 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdgfa.1.Jx.srv.rt.rm=[ port 80 ]Mar 30 01:32:06.963: %PNPA-DHCP Op-43 Msg: _pdoop.1.ztp=[pnp-zero-touch] host=[] ipad=[172.19.210.215] port=80Mar 30 01:33:06.984: %PNPA-DHCP Op-43 Msg: Command = pnp profile pnp-zero-touch, Return code = 0Mar 30 01:33:07.999: %PNPA-DHCP Op-43 Msg: Command = transport http ipv4 10.10.10.13 port 80 , Return code = 0Mar 30 01:38:12.958: PNPA-discovery: pnpa_disc_dhcp_option_43: Port is 80Mar 30 01:38:12.958: PNPA-discovery: pnpa_validate_port_type: Port is 80Mar 30 01:38:12.958: PNPA-discovery: Info: PnP server discovery was successfulMar 30 01:38:27.991: PNPA-discovery: Info: PnP profile configuration was successfulMar 30 01:38:27.991: PNPA-discovery: Info: PnP discovery process was successfulMar 30 01:38:27.991: PNPA-discovery: Info: Exitting PnP Discovery Process...

Sample console debug logs from DHCP based discovery


pnp profile pnp-zero-touch transport http ipv4 172.19.210.215 port 80

Sample PnP configuration on the device from DHCP based discovery


PnP Snooping



DHCP server sends packet

1

2

Device validates server’s location and establishes a communication with the server

4

Assumptions:• New devices can reach DHCP server• Customer is NOT willing to configure DHCP server for network devices• Upstream SW is configured to snoop DHCP

Upstream device intercepts DHCP packet and adds PnP server specific metadata info by adding option 43

3

DEVNET-2052


<snooping> <enableSnooping> <serverIp>172.19.210.215</serverIp> <profileName>pnp_profile</profileName> <vlanId>1</vlanId> <trustedInterfaces> <interfaces>GigabitEthernet1/0/1</interfaces> <interfaces>GigabitEthernet1/0/3</interfaces> </trustedInterfaces> </enableSnooping> </snooping>

Sample PnP message to enable PnP snooping on the upstream switch

DEVNET-2052


DNS Based Discovery



Receives domain name of the network

1

2

Device establishes a communication with the server4

Assumptions:• New devices can reach DHCP server• Customer deployed PnP server in the network with the name “pnpserver”

Device reads domain name and creates predefined PnP server name such as pnpserver.cisco.com and looks it up on the DNS server

3

DNS Server

DEVNET-2052


DNS Discovery Configuration

sudo vi /etc/dhcp/dhcpd.conf

default-lease-time 600;max-lease-time 7200;

option subnet-mask 255.255.255.0;option broadcast-address 10.30.30.255;option domain-name-servers 10.30.30.1;option domain-name “cisco.com";

Configure the Linux DHCP server for adomain name (DNS)

subnet 10.30.30.0 netmask 255.255.255.0 { range 10.30.30.2 10.30.30.255;}service isc-dhcp-server start

Network admin configures the DHCP server to a server domain name

Network Admin

DNS Server

DNS Server should be configured to map pnpserver.cisco.com to 172.19.210.215

DEVNET-2052


Web Service API to Cisco CloudNew device is powered on

Device reaches out to the Cisco cloud service using a well known URL as shown on the right

1

2

Device establishes a communication with the server4

Assumptions:• New device has internet connectivity (from the ISP)• Cisco cloud server URL is hard coded to https://devicehelper.cisco.com

Cloud service verifies the devices and points to the right PnP server at the customer premises

3

PnP Server

https://devicehelper.cisco.com

DEVNET-2052


PnP Mobile AppDevice in a branch or satellite location gets powered on

Installer plugs in laptop/smart phone to the device to auto bootstrap the device

1

2

Assumptions:• New device is the first device to be deployed and has no internet connectivity

Device gets configured to establish a communication with the PnP server

4

PnP Server

Installer

Mobile App collects device info, sends it to the server over 3G/4G/Wifi to verification, and receives the right bootstrap configuration for the device

3

DEVNET-2052


Embedded Agent Capabilities

31DEVNET-2052


Cisco Plug-n-Play Agent Services• Use case driven capabilities built within the agent to perform end-to-end

operations• Image Install Service• Configuration Upgrade Service• License Management Service• Tcl Script Execution Service• Certification Install Service• Configuration CLI Service

Single Chassis Cat3750High Availability Cat4500 9 Member Stacked Cat3750

APIC EM Server

File Server

Services add intelligence to the workflow and encapsulates the platform complexities from the server.

DEVNET-2052


PnP Agent Service: Image Install Service Workflow• PnP server sends image location based on the PID of the device

• PnP agent:

`Checks if the path is valid

Calculates disk space on the destination. If there is not enough, the service finds alternate disk

space onthe device

Downloads the image to the

right destination where

enough spaceis available

Checks the integrity ofthe image

Installs the image to all the

applicable hardware

(standaloneunit, high-

availability unit, stacked unit)

Notifies the server that

image installation

was successful

Reloads the device

If any error occurs during the process of

image installation, the

agent aborts and reports the

error back tothe server

DEVNET-2052


Agent Image Install Service

`

<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8"> <response xmlns="urn:cisco:pnp:image-install" version="1.0" success="0" correlator="03"> <errorInfo> <errorSeverity>ERROR</errorSeverity> <errorCode>PnP Service Error (1804)</errorCode> <errorMessage>Config-register cannot be 0x0</errorMessage> </errorInfo> </response></pnp>

<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8">

<request correlator="1234"> <image> <copy> <source> <location>http://10.10.10.19/images/isr4400-universalk9.20140420.bin</location>…………………………

</pnp>

Sample XML payload for image installation request from thePnP server

Sample image installation error response

DEVNET-2052


Agent Image Install Service

`

Mar 30 09:09:54.084: PNPA-image-install: Source file is of type image (mzip)Mar 30 09:09:54.084: PNPA-image-install: Config-register: 0xFMar 30 09:09:54.126: PNPA-image-install: Destination file: flash:c3750e-universalk9-mz.1Mar 30 09:09:54.126: PNPA-image-install: Initialization SuccessfulMar 30 09:09:54.126: PNPA-image-install: Calculating current running image checksum...Mar 30 09:09:54.126: PNPA-image-install: Performing image checksum verification...Mar 30 09:10:20.659: PNPA-image-install: Expected checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:10:20.659: PNPA-image-install: Computed checksum: 1a2c66abe64cb7fe20b0a5dde76e4f70Mar 30 09:10:20.659: PNPA-image-install: Running Image flash:c3750e-universalk9-mz checksum different from provided checksumMar 30 09:10:20.793: PNPA-image-install: Total free size on flash: 32125952 bytesMar 30 09:10:20.793: PNPA-image-install: Copying Image.............Mar 30 09:12:51.100: PNPA-image-install: Image copy successfulMar 30 09:12:51.100: PNPA-image-install: Performing image checksum verification....Mar 30 09:13:17.675: PNPA-image-install: Expected checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:13:17.675: PNPA-image-install: Computed checksum: 4d8e713f2e290ce6938a5a2018eb1c49Mar 30 09:13:17.675: PNPA-image-install: Checksum verified for flash:c3750e-universalk9-mz.1Mar 30 09:13:18.011: PNPA-image-install: Found boot start markerMar 30 09:13:21.970: PNPA-image-install: Set to boot new ImageMar 30 09:13:22.029: PNPA-image-install: Reload scheduled by userMar 30 09:13:22.029: PNPA-image-install: PNP ImageInstall SuccessfulCP-BL16-C3750E-1#

Sample Image Installation Console Debug Logs

DEVNET-2052


PnP Agent Service: Config Upgrade Service Workflow

• PnP server sends config file location based on the PID of the device

• PnP agent:

`Checks if the path is valid

Downloads the configuration fileto the specified

destination

Checks the integrity of the

configuration file (MD5 hash)

Checks the syntax of the configuration

to be applied.On failure, the configuration is

not applied

Notifies the server whether the configuration upgrade was

successful or not. Appropriate error codes are sent

Reloads the device if required

If any error occurs during the

configuration upgrade process the agent aborts and reports the error back to

the server

DEVNET-2052


Agent Config Upgrade Service

`

<pnp udi="PID:CISCO3945-CHASSIS,VID:V02,SN:FTX1503AH3V" version="1.0" xmlns="urn:cisco:pnp"> <response correlator="CiscoPnPPro-1.0-config_upgrade-40832" success="0" xmlns="urn:cisco:pnp:config-upgrade"> <errorInfo> <errorSeverity>ERROR</errorSeverity> <errorCode>PnP Service Error 1402</errorCode> <errorMessage>Invalid input detected</errorMessage> </errorInfo> <serviceLog> bogus cli ^ % Invalid input detected at '^' marker. netconf http ^ % Invalid input detected at '^' marker. </serviceLog> </response> </pnp>

<pnp xmlns="urn:cisco:pnp" version="1.0" udi="PID:CISCO3945-CHASSIS,VID:V02,SN:FTX1503AH3V" usr="admin" pwd="cisco" > <request correlator="CiscoPnPPro-1.0-config_upgrade-40832" xmlns="urn:cisco:pnp:config-upgrade"> <config details="all"> <copy> <source> <location>flash0:/switch_config.cfg</location> </source> <applyTo>running</applyTo> </copy> </config> </request> </pnp>

Sample configuration upgrade error response

Sample XML payload for the image installation request from the PnP server

DEVNET-2052


Agent Operation Data Services• Services designed to retrieve device specific information

• Topology Discovery Service

• Device Information Service

• Operational CLI Service

• Syslog Relay Service

DEVNET-2052


<?xml version="1.0" encoding="UTF-8"?><pnp xmlns="urn:cisco:pnp“version="1.0" udi="PID:WS-C3750E-24TD,VID:V03,SN:FDO1332R0R8"><response correlator="03" version="1.0" success="1" xmlns="urn:cisco:pnp:topology"><topology> <element> <local> <interface>GigabitEthernet0/0</interface> <shortInterface>Gi0/0</shortInterface> <macAddress>f866.f27b.a870</macAddress> </local> <remote> <interface>FastEthernet0/10</interface> <macAddress>001f.6d0c.3dca</macAddress> <deviceName>switch-172-BL20</deviceName> <platform>cisco WS-C2950-24</platform> <version>Cisco Internetwork Operating System SoftwareIOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA10a, RELEASE SOFTWARE (fc2)Copyright (c) 1986-2007 by cisco Systems, Inc.Compiled Tue 24-Jul-07 17:13 by antonino</version> </remote> </element> <element> <local> <interface>FastEthernet0/1/0</interface> <shortInterface>Fa0/1/0</shortInterface> <macAddress>c84c.7543.5d7d</macAddress> </local> <remote> <interface>FastEthernet0/1/0</interface> <macAddress>f866.f24d.6a8e</macAddress> <deviceName>eem-2900-1</deviceName> <platform>Cisco CISCO2921/K9</platform> <version>Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.4(0.21)T, ENGINEERING WEEKLY BUILD, synced to V153_3_M0_3Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2013 by Cisco Systems, Inc.Compiled Thu 12-Sep-13 10:17 by hlo</version> </remote> </element></topology></response></pnp>

Sample Topology discovery service output

DEVNET-2052

http://www.cisco.com/techsupport


Protocol Definition

40DEVNET-2052


Protocol Definition• /pnp/HELLO

HTTP Method: GET Description: PnP agent sends this message only during the discovery phase to

ensure the discovered server is reachable. Expected Response: 200OK

• /pnp/WORK-REQUEST HTTP Method: POST Description: Work Request message is initiated by the PnP agent to check with the

PnP server for any new work requests. PnP agent sends this message after discovering the server or when a PnP profile is configured and also at the beginning of every retry.

The body of this request carries the work-info service as defined in the schema pnp_work_info_body.xsd.

Expected Response: 200OK with one of the service methods which are described in the PnP Services chapter

DEVNET-2052


Protocol Definition• /pnp/WORK-RESPONSE

• HTTP Method: POST• Description: Work Response message is sent by the PnP agent to notify the server after

completion of each Work Request initiated by the server to notify the status. The schema definitions for responses are defined in the XSD files of every service in the Response section.

• Expected Response: 200OK with service method ‘Bye’ as defined in the schema pnp_work_info_body.xsd

• Agent Configuration

• pnp profile <name>• transport https ipv4 <ip-address> port <port-num>

DEVNET-2052


Cisco Plug-n-Play on DevNet

43DEVNET-2052


PnP Service: Open and Public Programmable Interface

Component communication is open with public schema

APIC-EM-based PnP Server

PnP AgentOpen PnP

SpecPublically available

REST API

No private protocols;The PnP spec is an XML-based schema that is simple to understand and deploy.

PnP Agent Open PnP Spec

Build custom PnP Server

Programmer

Programmer

DEVNET-2052


Cisco Open PnP on DevNet• Web portal on Cisco DevNet for the developer community to learn and adopt

Cisco Open Plug-n-Play protocol

• Navigate: https://developer.cisco.com -> Networking -> Open Plug-n-Play

• URL: https://developer.cisco.com/site/open-plug-n-play/

Learn Download Launch Support

DEVNET-2052

https://developer.cisco.com/



https://developer.cisco.com/site/open-plug-n-play/

https://developer.cisco.com/site/open-plug-n-play/


Programmability with Tcl


Zero Touch Device bootstrapping with Tcl Scripting

NoYes

Bootup

Startup-config exists?

DHCP discovery starts

Bootup normally with startup-configuration

Yes No

Script or cfg file option

exists in DHCP?

• If script found then download and run the script

• If Cfg file found then download and apply startup-configuration

Proceed to PnP Server discovery

Device reaches out to the PnP Server,

receives script location,

downloads, and executes

PnP discovery succeed?

No Yes

Device goes back to retry PnP discovery

• Enable provisioning of devices by downloading and executing Tcl scripts automatically at the bootup time

• Highly customizable day 0 provisioning mechanism by writing the desired workflow in the script

• Works with standard DHCP options 150 and 67 like PoAP on Nexus devices

• Works seamlessly with datacenter devices which uses PoAP, Puppet, Chef, DCNM

DEVNET-2052


Steps for bootstrapping with Tcl Script• DHCP server is provisioned with option 150 (TFTP

server ip) and option 67 (path to the script)• Script is provisioned (by the customer) in the TFTP

server• Device boots up without startup-config and triggers

PnP Agent• PnP Agent receives option 150 and 67 from DHCP

client and downloads the script from TFTP server• PnP Agent invokes the script to complete the

installation• The script may verify the device using Serial Number,

download a configuration, an image file or perform any command supported by the IOS/TCL CLI interface

File Servers TFTP/FTP/HTTP

TFTP ServerDHCP Server

Device to be provisioned

DEVNET-2052


Conclusion

49DEVNET-2052


Conclusion• Cisco Plug-n-Play solution

• provides a zero touch provisioning of Cisco routers, switches, and wireless APs• helps reduce customer OPEX• opens up APIs for the developer community

• DevNet portal provides a one stop shop for PnP solution development

• Tcl scripts makes device provisioning highly customizable

DEVNET-2052


Complete Your Online Session Evaluation

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online

• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card.

• Complete your session surveys through the Cisco Live mobile app or from the Session Catalog on CiscoLive.com/us.

51DEVNET-2052

http://ciscolive.com/Online

http://ciscolive.com/us


Continue Your Education• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Lunch & Learn

• Meet the Engineer 1:1 meetings

• Related sessions


Please join us for the Service Provider Innovation Talk featuring:

Yvette Kanouff | Senior Vice President and General Manager, SP BusinessJoe Cozzolino | Senior Vice President, Cisco Services

Thursday, July 14th, 201611:30 am - 12:30 pm, In the Oceanside A room

What to expect from this innovation talk• Insights on market trends and forecasts• Preview of key technologies and capabilities • Innovative demonstrations of the latest and greatest products• Better understanding of how Cisco can help you succeed

Register to attend the session live now or watch the broadcast on cisco.com

DEVNET-2052 53

Thank you


55DEVNET-2052

Device Programmability with Cisco Plug-n-Play Solution

Technology

Transcript of Device Programmability with Cisco Plug-n-Play Solution