Templating/automating configuration
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept. Graham Johnston Network Planner Westman Communications Group 204.717.2829 johnstong@westmancom.com<mailto:johnstong@westmancom.com>
Hi, Take a look at Ansible https://www.ansible.com/ Our whole infra is automated using it and it is great! Regards, Edy On 6/6/2017 9:22 PM, Graham Johnston wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 johnstong@westmancom.com<mailto:johnstong@westmancom.com>
I echo Ansible. I'm using it with NAPALM and jinja2 templates to push and verify config on switches. Oli On 6 June 2017 at 14:27, Pui Edylie <email@edylie.net> wrote:
Hi,
Take a look at Ansible
Our whole infra is automated using it and it is great!
Regards, Edy
On 6/6/2017 9:22 PM, Graham Johnston wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 johnstong@westmancom.com<mailto:johnstong@westmancom.com>
-- Oliver Elliott Senior Network Specialist IT Services, University of Bristol t: 0117 39 (41131)
❦ 6 juin 2017 14:30 +0100, Oliver Elliott <Oliver.Elliott@bristol.ac.uk> :
I echo Ansible. I'm using it with NAPALM and jinja2 templates to push and verify config on switches.
Why not using the builtin ability of ansible for most vendors? (genuine question) http://docs.ansible.com/ansible/list_of_network_modules.html -- Make it clear before you make it faster. - The Elements of Programming Style (Kernighan & Plauger)
On 7 June 2017 at 00:43, Vincent Bernat <bernat@luffy.cx> wrote:
❦ 6 juin 2017 14:30 +0100, Oliver Elliott <Oliver.Elliott@bristol.ac.uk> :
I echo Ansible. I'm using it with NAPALM and jinja2 templates to push and verify config on switches.
Why not using the builtin ability of ansible for most vendors? (genuine question)
http://docs.ansible.com/ansible/list_of_network_modules.html
One reason, which is our reason for using NAPALM with Ansible, is that the built in Ansible modules often just edit certain lines of config in the target device. For example, the Cisco IOS module within Ansible scans the device config for say the line starting with "Interface Etherernet 1/1" and then I tell it to ensure the lines " ip vrf customer A" and " ip address x.x.x.x n.n.n.n" are under the search line. It's OK but its text matching and not fool proof. It also doesn't help me to guarantee the state of our tin (I might push an update to one interface on a device and simultaneously someone else might pushes an update to a different interface, our respective views of the device config might not include each other’s updates). We use the NAPALM module although it needs to be a bit more than just NAPALM, its not a panacea. We generate a full device config (even for a one line interface update) and push that into atomic storage (git), when then pass that file from git to NAPALM. NAPALM will copy the file to the device and do a full config replace for us, and we can get a diff from before and after that process and report that back and ensure that exactly what we wanted to change has been changed only. All changes come through git which act’s like a queue meaning that if two people make simultaneous updates to different interfaces there’ll be a git commit/push error. [1] Cheers, James. [1] That’s the plan at least, the reality though is that vendor bugs are plentiful.
Graham Johnston wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
you would probably want to look at napalm for something like this. It will back-end into ansible or more recently, salt stack. Nick
https://youtu.be/ltqXgtLWXFo and the assocaited pdf https://www.nanog.org/meetings/nanog44/presentations/Monday/Gill_programatic... On Tue, Jun 6, 2017 at 10:09 AM, Nick Hilliard <nick@foobar.org> wrote:
Graham Johnston wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
you would probably want to look at napalm for something like this. It will back-end into ansible or more recently, salt stack.
Nick
http://ipspace.net - search on everything ref network automation, under webinars. Ivan is among the best in analysis and consolidation of such info, and in documenting all options you may have. Once you see what he has to offer, and definitely not only in the network automation space, you may want to subscribe to all his webinars repository access. Regards, ***Stefan On Jun 6, 2017 8:24 AM, "Graham Johnston" <johnstong@westmancom.com> wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 johnstong@westmancom.com<mailto:johnstong@westmancom.com>
Go templates: http://golang.org <http://golang.org/> Fast and simple with gRPC and other good stuff like kelsey’s confd (a daemon that watches for changes and update templates) % go doc text/template package template // import "text/template" Package template implements data-driven templates for generating textual output. To generate HTML output, see package html/template, which has the same interface as this package but automatically secures HTML output against certain attacks. Templates are executed by applying them to a data structure. Annotations in the template refer to elements of the data structure (typically a field of a struct or a key in a map) to control execution and derive values to be displayed. Execution of the template walks the structure and sets the cursor, represented by a period '.' and called "dot", to the value at the current location in the structure as execution proceeds. The input text for a template is UTF-8-encoded text in any format. "Actions"--data evaluations or control structures--are delimited by "{{" and "}}"; all text outside actions is copied to the output unchanged. Except for raw strings, actions may not span newlines, although comments can. Once parsed, a template may be executed safely in parallel. Here is a trivial example that prints "17 items are made of wool". type Inventory struct { Material string Count uint } sweaters := Inventory{"wool", 17} tmpl, err := template.New("test").Parse("{{.Count}} items are made of {{.Material}}") if err != nil { panic(err) } err = tmpl.Execute(os.Stdout, sweaters) if err != nil { panic(err) } Alexis
On 6 Jun 2017, at 15:22, Graham Johnston <johnstong@westmancom.com> wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 johnstong@westmancom.com<mailto:johnstong@westmancom.com>
Salt is great for generating configs based on jinja templates, and you can use napalm in conjunction with salt to push the configs to the device on a set schedule (typically this is done hourly). If manual changes are made to the router, salt would override them on the next run, so it's a great way to make sure configs are consistent. On Tue, Jun 6, 2017 at 9:25 AM Graham Johnston <johnstong@westmancom.com> wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 <(204)%20717-2829> johnstong@westmancom.com<mailto:johnstong@westmancom.com>
again I understand and agree the reach of your drowning analysis and understanding is awesome hi randy bush oops and hi jp confused of calcutta and chris locke rage boy
On Jun 7, 2017, at 6:17 PM, Andrew Dampf <adampf@gmail.com> wrote:
Salt is great for generating configs based on jinja templates, and you can use napalm in conjunction with salt to push the configs to the device on a set schedule (typically this is done hourly). If manual changes are made to the router, salt would override them on the next run, so it's a great way to make sure configs are consistent.
On Tue, Jun 6, 2017 at 9:25 AM Graham Johnston <johnstong@westmancom.com> wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 <(204)%20717-2829> johnstong@westmancom.com<mailto:johnstong@westmancom.com>
agree again all of the above thanks
On Jun 11, 2017, at 7:58 PM, Gordon Cook <cook@cookreport.com> wrote:
again I understand and agree
the reach of your drowning analysis and understanding is awesome
hi randy bush
oops and hi jp confused of calcutta and chris locke rage boy
On Jun 7, 2017, at 6:17 PM, Andrew Dampf <adampf@gmail.com> wrote:
Salt is great for generating configs based on jinja templates, and you can use napalm in conjunction with salt to push the configs to the device on a set schedule (typically this is done hourly). If manual changes are made to the router, salt would override them on the next run, so it's a great way to make sure configs are consistent.
On Tue, Jun 6, 2017 at 9:25 AM Graham Johnston <johnstong@westmancom.com> wrote:
Short of complete SDN, for those of you that have some degree of configuration templating and/or automation tools what is it that you run? I'm envisioning some sort of tool that let's me define template snippets of configuration and aids in their deployment to devices. I'm okay doing the heaving lifting in defining everything, I'm just looking for the tool that stitches it together and hopefully makes things a little less error prone for those who aren't as adept.
Graham Johnston Network Planner Westman Communications Group 204.717.2829 <(204)%20717-2829> johnstong@westmancom.com<mailto:johnstong@westmancom.com>
participants (11)
-
Alexis Letessier
-
Andrew Dampf
-
Christopher Morrow
-
Gordon Cook
-
Graham Johnston
-
James Bensley
-
Nick Hilliard
-
Oliver Elliott
-
Pui Edylie
-
Stefan
-
Vincent Bernat