vagrant up for Network Engineers - clnv.s3.amazonaws.com · vagrant up for Network Engineers Do it...
Transcript of vagrant up for Network Engineers - clnv.s3.amazonaws.com · vagrant up for Network Engineers Do it...
vagrant up for Network EngineersDo it like they do on the Developer Channel!
Hank Preston, NetDevOps Evangelistccie 38336, R/S@hfpreston
DEVNET-1365
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#DEVNET-1365
• Vagrant 101
• Hands On: Your first vagrant up!
• Hands On: Vagrant + Ansible
• Discuss: Multi-Node Topologies
• How to do it yourself!
Agenda
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Setup your laptop
• Clone the Repository
• Setup Python Virtual Environment
$ cd ~/code/ciscolive_workshops/devnet-1364
$ source labsetup.sh
$ ls –l
README.md iosxr_example
hands_on_1 nxos_example
hands_on_2 requirements.txt
hands_on_3 venv
DEVNET-1365 6
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Development Environments Made Easy
• Open Source Develop Tooling by HashiCorpwww.vagrantup.com
• Simple configuration file stored with code
• “easy to configure, reproducible, and portable work environments”
• Multi-Platform for both guest and host
lab\ $ vagrant init iosxe/16.6.1
lab\ $ vagrant up
Bringing machine 'default' up with 'virtualbox'
provider...
==> default: Importing box 'iosxe/16.6.1'...
==> default: Forwarding ports...
default: 830 (guest) => 2223 (host)
default: 80 (guest) => 2224 (host)
default: 443 (guest) => 2225 (host)
default: 22 (guest) => 2222 (host)
lab\ $ vagrant ssh
csr1kv#
DEVNET-1365 8
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Key Terms and Concepts
• Vagrantfile
• Configuration file for vagrant
• Box
• Base images for different individual environments
• Provider
• Virtualization technology used by vagrant
• Default is VirtualBox, many other supported
lab\ $ ls
Vagrantfile
lab\ $ vagrant box list
centos/7 (virtualbox, 1611.01)
ubuntu/trusty64 (virtualbox, 20160323.0.0)
iosxe/16.6.1 (virtualbox, 0)
iosxr/6.1.2 (virtualbox, 0)
nxos/7.0.3.I6.1 (virtualbox, 0)
lab\ $ vagrant status
Current machine states:
default running (virtualbox)
DEVNET-1365 9
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrant Commands• vagrant init box name
• Initialize a new Vagrantfile in a directory
• vagrant up / halt / destroy
• Start, stop, and delete an environment
• vagrant resume / suspend
• Pause and restart an environment
• vagrant ssh [machine]
• Connect via SSH to a running environment
• vagrant port
• View the nat’d ports for the environment
• vagrant provision
• Re-run configured provisioner (eg Ansible)
lab\ $ vagrant suspend
==> default: Saving VM state and suspending
lab\ $ vagrant resume
==> default: Resuming suspended VM...
lab\ $ vagrant port
830 (guest) => 2223 (host)
22 (guest) => 2222 (host)
lab\ $ vagrant ssh
csr1kv#
• vagrant box list
• Display list of available boxes
• vagrant status / global-status
• Display current status of environments
DEVNET-1365 10
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrantfile Basics (for Network Devices)
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
config.vm.box = "iosxe/16.6.1"
config.ssh.insert_key = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine.
config.vm.network "forwarded_port", guest: 830, host: 2223, id: "netconf"
config.vm.network "forwarded_port", guest: 80, host: 2224, id: ”http"
config.vm.network "forwarded_port", guest: 443, host: 2225, id: "restconf-ssl"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false
config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false
end
* Simplified and edited sample
Box Name
Don’t insert Vagrant public
key. Recommended
Forward local ports for
API/App access. SSH is forwarded by default
Create environment
networks.”eth1” connected to host by
default
Note: Vagrant Boxes can include default settings
DEVNET-1365 11
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Initialize your Vagrantfile
• View available boxes
• Initialize new Vagrant File
lab\ $ cd hands_on_1/
hands_on_1\ $ vagrant box list
hands_on_1\ $ vagrant init iosxe/16.06.02
hands_on_1\ $ open Vagrantfile
DEVNET-1365 13
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Let’s add more interfaces!
• Open Vagrantfile
• Add 2 Interfaces to Configuration
• Specific positioning in file is irrelevant
• * Must be within |config| block
Vagrant.configure("2") do |config|
config.vm.box = "iosxe/16.6.1"
# Create a private networks
config.vm.network :private_network, virtualbox__intnet: "link1", auto_config: false
config.vm.network :private_network, virtualbox__intnet: "link2", auto_config: false
end
* Simplified and edited sample
cp Vagrantfile.solution Vagrantfileor
DEVNET-1365 14
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Start a Vagrant Environment
• Start environment
• Connect to running switch
hands_on_1\ $ vagrant up
hands_on_1\ $ vagrant ssh
DEVNET-1365 15
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Explore the Vagrant Environment
• Baseline Configurations
• Logins – User / Cert
• APIs
• Interfaces
• Make an API Call
# Run from Vagrant Environment (ie vagrant ssh)
csr1kv#sh run aaa
csr1kv#sh run | sec pubkey-chain
csr1kv#show run int Gig1
csr1kv#sh run | inc conf
# Exit from Vagrant Environment
hands_on_1\ $ python netconf_example1.py
DEVNET-1365 16
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Do some configuration
• Configure interface details on GigabitEthernet2 using NETCONF
• Verify
hands_on_1\ $ python netconf_example3.py
.
.
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply
xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
message-id="urn:uuid:6e622605-29d8-="
xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
hands_on_1\ $ vagrant ssh
csr1kv#sh ip int bri
Interface IP-Address
GigabitEthernet2 10.255.255.1
DEVNET-1365 17
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Build a new Base Box Template
• vagrant up and customize
• vagrant halt -f to shut down
• vagrant package to build new box
• Include default Vagrantfile to ease use
• vagrant box add to make available
hands_on_1\ $ vagrant halt -f
hands_on_1\ $ vagrant package \
--output Custom_IOS_XE.box \
--vagrantfile embedded_vagrantfile_xe
hands_on_1\ $ vagrant box add iosxe/custom1 \
Custom_IOS_XE.box
hands_on_1\ $ mkdir custom_box
hands_on_1\ $ cd custom_box
hands_on_1\ $ vagrant init iosxe/custom1
DEVNET-1365 18
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Review Sample Embedded VagrantfileVagrant.configure(2) do |config|
config.vm.synced_folder '.', '/vagrant', disabled: true
# Give IOS XE 400 seconds to come up
config.vm.boot_timeout = 400
# Port 830 is XE NETCONF
config.vm.network :forwarded_port, guest: 830, host: 2223, id: 'netconf', auto_correct: true
# Port 80 is XE HTTP
config.vm.network :forwarded_port, guest: 80, host: 2224, id: 'http', auto_correct: true
# Port 443 is XE RESTCONF / SSL
config.vm.network :forwarded_port, guest: 443, host: 2225, id: 'restconf-ssl', auto_correct: true
config.ssh.forward_agent = true
config.ssh.guest_port = 22
config.ssh.insert_key = false
config.vm.guest = :other
# turn off the check if the plugin is installed
if Vagrant.has_plugin?("vagrant-vbguest")
config.vbguest.auto_update = false
end
.
end
* Simplified and edited sampleDEVNET-1365 19
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Destroy Hands on Demo 1
• Destroy this environment hands_on_1\ $ vagrant destroy
DEVNET-1365 20
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Come on... Really “vagrant ssh” and “config t”?!?
• “Infrastructure as Code” dictates entire configuration in code
• Building multiple box versions for variations = template sprawl
• Human error in manual configurations
• There has to be a better way…
DEVNET-1365 22
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrant Provisioners
• Run with vagrant up
• Install software
• Alter configurations
• Run commands/code
• Types
• Shell, Ansible, Puppet, Chef, Docker, Salt, CFEngine…
Vagrant.configure("2") do |config|
# ... other configuration
config.vm.provision "shell" do |s|
s.inline = "echo hello"
end
end
DEVNET-1365 23
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Hands On 3 Directory
• Move to Hands On 3
• Start the “vagrant up” process now so it runs while we discuss
hands_on_1\ $ cd ../
lab\ $ cd hands_on_3/
hands_on_3\ $ ls
Vagrantfile
host_vars
hosts
ansible_provision.yaml
netconf_interface_template.j2
hands_on_3\ $ open Vagrantfile
hands_on_3\ $ vagrant up
DEVNET-1365 24
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
hands_on_3/VagrantfileVagrant.configure("2") do |config|
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
config.vm.box = "iosxe/16.06.02"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.33.10"
config.vm.network :private_network, virtualbox__intnet: "link1", auto_config
config.vm.network :private_network, virtualbox__intnet: "link2", auto_config
# Enable provisioning with Ansible shell script.
config.vm.provision "ansible" do |ansible|
ansible.playbook = "ansible_provision.yaml"
ansible.inventory_path = "./hosts"
end
end
* Simplified and edited sample
• Specify provisioning details in the file
• For Ansible, specify hosts file
• Used for config details
DEVNET-1365 25
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
hands_on_3/hosts[vagrant]
default ansible_python_interpreter="/usr/bin/env python"
* Partial Playbook for screen display
• Ansible inventory file
• Specify interpreter to link to Python Virtual Environment
DEVNET-1365 26
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
hands_on_3/ansible_provision.yaml---
- name: Provision IOS XE Devices
hosts: all
connection: local
tasks:
- name: Pause to complete boot
pause:
seconds: 5
- name: Configure NETCONF and RESTCONF
ios_config:
provider:
host: "{{mgmt_ip}}"
port: "{{ssh_port}}"
username: "{{username}}"
password: "{{password}}"
lines:
- netconf-yang
- netconf-yang cisco-odm polling-enable
- restconf
- ip http server
- ip http secure-server
register: output_interfaces
* Partial Playbook for screen display
• Ansible Playbook defines configuration
• Several options to use
• ios_config, ios_command, etc
• netconf_config
DEVNET-1365 27
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
hands_on_3/host_vars/default.yaml---
mgmt_ip: 127.0.0.1
netconf_port: 2223
ssh_port: 2222
username: vagrant
password: vagrant
interfaces:
- interface_type: GigabitEthernet
interface_id: 2
description: Link 2 - Configured by Ansible with Vagrant
ip_address: 192.168.100.20
subnet_mask: 255.255.255.0
- interface_type: GigabitEthernet
interface_id: 3
description: Link 3 - Configured by Ansible with Vagrant
ip_address: 192.168.101.20
subnet_mask: 255.255.255.0
* Partial Playbook for screen display
• Host specific details
• Vagrant network intricacies require explicit ip and port info
DEVNET-1365 28
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrant Uphands_on_3\ $ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Machine booted and ready!
==> default: Running provisioner: ansible...
default: Running ansible-playbook...
PLAY [Provision IOS XE Devices] ************************************************
TASK [Configure NETCONF and RESTCONF] ******************************************
ok: [default]
TASK [Configure Interfaces] ****************************************************
changed: [default] => (item={u'subnet_mask': u'255.255.255.0', u'interface_type
u'GigabitEthernet', u'ip_address': u'192.168.100.20', u'description': u'Link
by Ansible with Vagrant', u'interface_id': 2})
changed: [default] => (item={u'subnet_mask': u'255.255.255.0', u'interface_type
u'GigabitEthernet', u'ip_address': u'192.168.101.20', u'description': u'Link
by Ansible with Vagrant', u'interface_id': 3})
PLAY RECAP *********************************************************************
default : ok=5 changed=1 unreachable=0 failed=0
* Simplified and edited sample
• After device fully “up” provisioning runs
DEVNET-1365 29
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Verify device provisioned properlyhands_on_3\ $ vagrant ssh
csr1kv#show ip int bri
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 10.0.2.15 YES DHCP up up
GigabitEthernet2 192.168.100.20 YES other up up
GigabitEthernet3 192.168.101.20 YES other up up
* Simplified and edited sample
• Trust, but verify
DEVNET-1365 30
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Destroy Hands on Demo 3
• Destroy this environment hands_on_3\ $ vagrant destroy
DEVNET-1365 31
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Hands On 2 Directory
• Move to Hands on 2 hands_on_1\ $ cd ../
lab\ $ cd hands_on_2/
hands_on_2\ $ ls
Vagrantfile
hands_on_2\ $ open Vagrantfile
DEVNET-1365 33
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Multi-Node VagrantfileVagrant.configure("2") do |config|
# Node 1: IOS XE Device
config.vm.define "iosxe1" do |node|
node.vm.box = "iosxe/16.06.02"
# Gig2 connected to link1
# Gig3 connected to hosts1
# auto-config not supported.
node.vm.network :private_network, virtualbox__intnet: "link1", auto_config
node.vm.network :private_network, virtualbox__intnet: ”hosts1", auto_config
end
# Node 2: IOS XE Device
config.vm.define "iosxe2" do |node|
node.vm.box = "iosxe/16.06.02"
# Gig2 connected to link1
# Gig3 connected to hosts2
# auto-config not supported.
node.vm.network :private_network, virtualbox__intnet: "link1", auto_config
node.vm.network :private_network, virtualbox__intnet: ”hosts2", auto_config
end
end
* Simplified and edited sample
• Configuration for multiple nodes
• Different boxes supported
• Network them together!
DEVNET-1365 34
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrant Up$ vagrant up
Bringing machine 'iosxe1' up with 'virtualbox' provider...
Bringing machine 'iosxe2' up with 'virtualbox' provider...
==> iosxe1: Preparing network interfaces based on configuration...
iosxe1: Adapter 1: nat
iosxe1: Adapter 2: intnet
iosxe1: Adapter 3: intnet
==> iosxe1: Forwarding ports...
iosxe1: 830 (guest) => 2223 (host) (adapter 1)
iosxe1: 80 (guest) => 2224 (host) (adapter 1)
iosxe1: 443 (guest) => 2225 (host) (adapter 1)
iosxe1: 22 (guest) => 2222 (host) (adapter 1)
==> iosxe1: Machine booted and ready!
==> iosxe2: Importing base box 'iosxe/16.6.1'...
==> iosxe2: Fixed port collision for 830 => 2223. Now on port 2200.
==> iosxe2: Fixed port collision for 80 => 2224. Now on port 2201.
==> iosxe2: Fixed port collision for 443 => 2225. Now on port 2202.
==> iosxe2: Fixed port collision for 22 => 2222. Now on port 2203.
iosxe2: Adapter 1: nat
iosxe2: Adapter 2: intnet
iosxe2: Adapter 3: intnet
==> iosxe2: Forwarding ports...
==> iosxe2: Machine booted and ready!
* Simplified and edited sampleDEVNET-1365 35
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Checkout the Vagrant Environment
• Check status of machines
• vagrant ssh name
(venv2) hands_on_2\ $ vagrant status
Current machine states:
iosxe1 running (virtualbox)
iosxe2 running (virtualbox)
This environment represents multiple VMs. The VMs
are all listed above with their current state. For
more information about a specific VM, run `vagrant
status NAME`.
(venv2) hands_on_2\ $ vagrant ssh iosxe1
csr1kv#exit
(venv2) hands_on_2\ $ vagrant ssh iosxe2
csr1kv#exit
DEVNET-1365 36
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Impact on host system
• Each node takes resources
• Switches/Routers aren’t small VMs
• Monitor Memory Usage
DEVNET-1365 37
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Vagrant Commands
• Make sure all environments destroyed
$ vagrant global-status
# Move to the parent directory of lab
$ cd ~/coding/temp
# Delete lab directory
$ rm –Rf vagrant_net_prog
DEVNET-1365 39
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Network Testing and Dev Options
DEVNET-1365 41
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
When and Why to Use Vagrant
• Modern Development Tool
• Run everything local
• Few dependencies
• Independent Environments
• Ship with Code Samples
• Test and experiment with APIs
DEVNET-1365 42
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
When NOT to use Vagrant
• Large topologies
• Data Plane important
• Multiple simultaneous developers
• Long running tests
DEVNET-1365 43
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46DEVNET-1365
Getting Started with Vagrant On Your Own
• Install Vagrant https://www.vagrantup.com/downloads.html
• Create Your Own Boxes for Cisco IOS XE, IOS XR, and Open NX-OS• https://github.com/hpreston/vagrant_net_prog
• Go to box_building/README.md
• Simple instructions and scripts to create Boxes from available resources (ie from CCO)• **Some downloads require entitlements
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
@hfpreston
http://github.com/hpreston
@CiscoDevNet
facebook.com/ciscodevnet/
http://github.com/CiscoDevNet
Got more questions? Come find me!
DEVNET-1365 47
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#DEVNET-1365
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Session Evaluations after each session
• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.
Complete Your Online Session Evaluation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
DEVNET-1365 50