Network Automation Hat_0627/04.pdf · provisioning and management • Simplify network operations Event-driven Automation • Telemetry for ... (PFE) THRIFT XML-RPC SNMP NETCONF CLI

© 2019 Juniper Networks

Network Automation-getting from automatable to automated

Vince Yu 游源濱技術總監 Juniper Networks


DIGITIZATION & CONNECTEDNESS

Society further digitizes and everything becomes connected

Worldwide IT Spend

Sources: Gartner, 2017; IHS Markit 2017

$1T

$2T

$3T

$4T

$5T

Internet Connectable Devices

B

10B

20B

30B

40B

50B

60B

70B

80B


JUNIPER ENVISAGES THE SELF-DRIVING NETWORKTM

“I want to issue a challenge that I think

will be really valuable, that will change

how we think about networking, and

make possible things that are not

possible today…For us as an industry to

make self-driving networks a reality,

vendors and network providers have to

work co-operatively with each other.”

Kireeti Kompella, Juniper Networks


SCHEMATIC OF A SELF-DRIVING NETWORK

AnalysisDecision

Making

Actions

Self-Discovery and Configuration

Automatically Connect Nodes

Real-time

Telemetry


The Self-Driving Network

Human-Driven

Automation

• Standard-based network interfaces and data models

• Automate network provisioning and management

• Simplify network operations

Event-driven

Automation

• Telemetry for Actionable Information

• Integration with Full IT infrastructure (Orchestration, etc.)

• Rule-based Actions driven by events

Machine-Driven

Automation

• Use sophisticated algorithms (statistics)

• Pre-programed machines makes decisions and drives network change

• Humans make decisions where machines cannot

• Integrated machine-learning algorithms into the system

• Adaptive machine decisions drive network change

• Human supervision, no active intervention

Autonomy

YOUR JOURNEY TO A SELF-DRIVING NETWORK™


Standards-based network interfaces and data-models

Automate network provisioning & management

Simplify network operations

YANG

PyEZ

JSNAPy

HUMAN-DRIVEN AUTOMATION

Human-Driven

Automation

• Standard-based network interfaces and data models

• Automate network provisioning and management

• Simplify network operations


STANDARDS-BASED NETWORK INTERFACES

Uniform, vendor-neutral approach to access and configure devices

TELNET

SSH

XML

SNMP

Junos

IOS

IOS XR

NexusOS

EOS

VDX

Devicedata model

Device connectivity

NETCONF

Protocol to “install, manipulate and delete configuration”

Uses XML-based data encoding for configuration data and

protocol messages

NETCONF protocol operations over a simple RPC layer

Programmable: Python libraries (ncclient), Juniper PyEZ

Based on RFC Standards (RFC 4741, 4742, 6241, 6242)

N

E

T

C

O

N

F

Junipersupport

NETCONF is the IETF standard for managing devices and is derived from Junoscript API (2001)

Supported on all Juniper platforms, pre-Junos 4.0




TELNET

SSH

XML

SNMP

Junos

IOS

IOS XR

NexusOS

EOS

VDX

Device connectivity

YANG

Data model language for the Network Configuration

Protocol (NETCONF)

Human readable, Supports multiple encoding formats,

including XML and JSON

Transport over NETCONF over SSH and recently also over

gRPC

Based on RFC standards (RFC 6020)

N

E

T

C

O

N

F

Y

A

N

G

YANG is the industry-standard data modeling language and is based of Juniper’s Data Definition Language (DDL, 2001)

Active IETF participation to define standard YANG modules, Support for custom YANG modules

Supported on MX/EX/M/PTX/T-series platforms, Junos 14.2 onwards

Devicedata model

Junipersupport




TELNET

SSH

XML

SNMP

Junos

IOS

IOS XR

NexusOS

EOS

VDX

Device connectivity

OPENCONFIG

Vendor-neutral, model-driven network management

Common Data Models written in YANG

Streaming Telemetry

Industry-driven: Google, AT&T, British Telecom, Microsoft,

Facebook, Comcast, Verizon, Level3, Apple, Deutsche

Telekom, Bell Canada

N

E

T

C

O

N

F

O

P

E

N

C

O

N

F

I

G

Actively engaged in the OpenConfig initiative since inception

Supported on MX/M/PTX/T-series platforms, Junos 16.1 onwards. EX/QFX platforms on roadmap

Y

A

N

G

Devicedata model

gRPC

Junipersupport


AUTOMATED NETWORK PROVISIONING AND MANAGEMENT

Consistent and compliant network operation

Supported on all Juniper platforms, Junos 12.3 onwards

Enhanced capabilities using Ansible modules for Juniper.

https://www.ansible.com/ansible-juniper

ANSIBLE

Agent-less approach, Easy to deploy

Uses YAML ‘playbooks’ to define automation tasks

Works by pushing ‘Ansible modules’ to devices

Supports workflow engineAnsible framework

with Juniper modules

junos_command

junos_config

junos_facts

junos_netconf

junos_package

Playbooks

ModuleLibrary

Routers

Firewalls

Switches

Junipersupport

https://www.ansible.com/ansible-juniper


Consistent and compliant network operation

Supported on all Juniper platforms, Junos 11.4 onwards Increasing popularity in the Juniper DevOps community (>250 stars on Github)https://github.com/Juniper/py-junos-eznc

PyEZ

Automation micro-framework for Junos devices

Remote connectivity and management

Retrieve configuration, operational or run-state information

Make configuration changes, secure copy of files and software updates

PyEZ micro-framework

resources

snippets

templates

Tables

Views

Configuration changes

Operational state

Routers

Firewalls

Switches

AUTOMATED NETWORK PROVISIONING AND MANAGEMENT

Junipersupport

https://github.com/Juniper/py-junos-eznc


Verify network consistency

Juniper proprietary

Supported on all Juniper platforms, Junos 16.1 onwards

https://github.com/Juniper/jsnapy

JSNAPy

Junos Snapshot Administrator in Python

Capture and audit runtime environment snapshots of Juniper devices

Compare pre & post operation outputs

Simplified YAML-based test cases

Netconf

Pre snapshot

Post snapshot

OUTPUTSnap-Check

JSNAPy

Routers FirewallsSwitches

Req

uest

Resp

on

se

SIMPLIFIED NETWORK OPERATIONS

Junipersupport

https://github.com/Juniper/jsnapy


HUMAN-DRIVEN AUTOMATION @JUNIPER

Data Plane (PFE)Chassis

XML-RPC SNMPTHRIFT

CLINETCONF

Ansible Puppet Chef CLIRAJSNAPy

PyEZ Framework RubyEZ Library

Junoscript

OPENCONFIG

gRPC

YANG

Off-Box

On-Box


Gathering Network Telemetry

Rule-based actions on network events

SLAX JET

JVision

EVENT-DRIVEN AUTOMATION

Event-driven

Automation

• Telemetry for Actionable Information

• Integration with Full IT infrastructure (Orchestration, etc.)

• Rule-based Actions driven by events


GATHERING NETWORK TELEMETRY

What gets measured, gets managed

Supported on Juniper MX Series and PTX Series platforms Junos 15.1F3 onwards

gRPC & JVisionCollector

Routers FirewallsSwitches

Collector

In-band Telemetry(Google protobuf)

Push-based telemetry model (v/s pull-based SNMP)

Continuous streaming of Network telemetry data based

on subscriptions

Observe network state through time-series data stream

and take action.

Uses Google protocol buffer encoding format

Goodbye SNMP, Hello gRPC

Junipersupport


RULE-BASED ACTIONS ON NETWORK EVENTS

If-This-Then-That (IFTTT) model

Supported on all Juniper MX Series, PTX Series, QFX Series platforms, Junos 11.4 onwards

Salt Stack

Configuration management system, capable of maintaining remote nodes in defined states

Uses a pub/sub model to publish events from master or agent

Rule-based actions can be built to react to these events

Junos support for SaltStack is through a off-box proxy minionRouters FirewallsSwitches

SALT Proxy modules

Netconf

Req

uest

Resp

on

se

PyEZ

Junipersupport




Supported on all Juniper MX Series, PTX Series, QFX Series platforms,

SLAX: pre-Junos 7.0 onwards; Python on-box: Junos 16.1 onwards

https://github.com/Juniper/junoscriptorium

SLAX & Python (on-box)

Support for SLAX and now Python on-box on Junosdevices

Write scripts to react to on-box network events

Commit Script: Configuration consistency checks

Operational Scripts: Monitoring and troubleshooting

Event scripts: Event-based triggers

Junipersupport

https://github.com/Juniper/junoscriptorium




Supported on all Juniper platforms except ACX Series & SRX Series, Junos 16.1 onwards

Junos Extension Toolkit (JET)

Framework to make Junos more open and

programmable

Enables 3rd party apps to run on Juniper devices

that react to network events

Allows for a programmable Junos control planeFast & Programmatic JET API’S

Junipersupport


JUNOS OS AUTOMATION STACK

Data Plane (PFE)Chassis

XML-RPC SNMPTHRIFT

CLINETCONF

Ansible Puppet Chef CLIRAJSNAPy

PyEZ Framework RubyEZ Library

Junoscript

OPENCONFIG

gRPC

YANG

Off-Box

On-Box

jVision sensor

SALT

Python / SLAXJET

API

Python

Scripts

Ruby

Scripts

REST

Sim

plici

tyFle

xibility


Evolution in managing network infrastructure

• Architect will focus on intent

• Controller will translate intent across network domains

• Machine will translate intent into behavior

• Human are elevated to a high-level strategic activities

MACHINE-DRIVEN AUTOMATION

Machine-Driven

Automation

• Use sophisticated algorithms (statistics)

• Pre-programed machines makes decisions and drives network change

• Humans make decisions where machines cannot


JUNIPER BOTS

Key Functional Features

Self-provisioningEnforce desired intent and policy

Machine learningPrediction and recommendation

Telemetry & analyticsReal-time self monitoring

Automated service placementConfiguration changes, “the what”

Intent based networkingHigher-level business requirements, “the how”

Juniper Intent Software Architecture

Hybrid Telco Cloud

Private Cloud

Public Cloud

VNFs

HealthBot PeerBotNetwork

SlicingBotTestBot ...

OSS/BSS/Orchestrators/Controllers

...


CONTRAIL

HEALTHBOT

Monitor, Understand, Act

• See what matters

• SLI / SLO dashboard

• Drill down into metrics

• See trends

Test-drive for free at vlabs.juniper.net

CONTRAIL

HEALTH BOT

• Manage processing rules

• Manage groups of things

• Manage alarms & reactions

Built on:Open community of pre-built playbooks to build dashboards and analytics, and

multi-vendor telemetry: Syslog, SNMP, OpenConfig, NETCONF, JTI, gRPC, gNMI


HEALTHBOT IN A CLOSED-LOOP AUTOMATION ARCHITECTURE

JTI OCNet

ConfCLI

Sysl

og

Time series DBRule

Engine

API Server

MGD

Ingest layer

Programmatic

access:REST, NETCONF

Kafka publish

Notification: Slack, email, web hook,…

Python

…

3rd party

provisioning /

NMS

3rd party

analytics apps

PlaybookPlaybook

PlaybookPlaybook

Define1

Collect2

Store3

Visualize5Act7

SN

MP

Telemetry Infra

Function health monitoring

Root Cause Analysis

Log File Analysis

…devices…

Analyze4Kafka pipeline

Notify6

User-defined action or function

Report8

Update9


Self-driving networks: A collective vision

• Telemetry

• Multi-dimensional views

• Automation

• Intent-driven

• Decision making

Autonomy

• Integrated machine-learning algorithms into the system

• Adaptive machine decisions drive network change

• Human supervision, no active intervention

AUTONOMY


Operations

Analytics

State-Driven

Orchestration

Billing and

Reporting

Role-Based

Monitoring & Alarms

Showback and ChargebackEmpower your users with

Role Based GUIs and APIs

Prevent Service DisruptionsStream Analysis for

real-time risk analysis

Physical and Software Defined Infrastructure

DevOps Ready

Data-Driven

Capacity Planning

Enhance reliability and

improve your cloud ROI

IT Automation

MACHINE LEARNING


FREE TRIALS

FREE TRIALS

the

BEST THINGSin life

are

⇠ FREE ⇢

and more catalogued at juniper.net/try

Downloads: DIY experience

Hosted: No install, click and go

Sales-curated: for demos and hosted-trial by request

Cloud marketplace: AWS and more coming

ContrailNetworking

AppFormix vMX vSRX vQFX NITA

JLABS

JLABS JLABS JLABS JLABS JLABS


BUILDING NEW SKILLSETS

LEARNING

JUNIPER

LABSvLabs

Cloud CCL

Juniper Cloud Labs

• JAUT training courses• Automation & DevOps

• Paid training and certs

• NRE oriented

• Intro-level + JNCIA cert

(both new)

• Mid-level + JNCIS cert

(cert new)

• Advanced + JNCIP cert

(new course, cert coming)

• Reference for APIs

• Catalog of apps /

samples / use cases

• Slack Community

• Learning section:• Edu. services courses

and certification

• NRE Labs

• vLabs

• Cloud CCL

• Built open source, by and

for network engineershttps://github.com/nre-learning/antidote

• Free lessons, each with

many quick ~2min labs

• In web browser, there’s

zero-barrier to entry

• Unbranded, Juniper

sponsored

https://github.com/nre-learning/antidote


http://

Labs.

NetworkReliability.

Engineering

https://github.com/

nre-learning/antidote


eng.juniper.net


THANK YOU

Documents

Network Automation Hat_0627/04.pdf · provisioning and management • Simplify network operations Event-driven Automation • Telemetry for ... (PFE) THRIFT XML-RPC SNMP NETCONF CLI