device programmibality rest v1 00
TRANSCRIPT
Software-Defined Networking and Network Programmability
Mark “Mitch” Mitchiner - Solutions Architect
CCIE #3958
[email protected] 2016
Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Evolution of an Architecture
Traditional Control Plane Architecture
Two Fundamental Architectural Issues- Box by Box Management of the System- Network Architecture as a Fully Distributed Service
Evolved Control Plane Architectures
Anticipated benefits:
• Closely aligns the control plane with the needs of applications
• Enables componentization with associated APIs
• Improves performance , enhance manageability, operations and consistency
Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Types of Interactions:
Bootstrap
Configure
Monitoring
Extend
What’s Evolving:
Manual -> Automated
Static -> Dynamic
Generic -> Custom
Why:
Agility
Scale
Cost
Complexity
Evolving Our Interaction with Network OS
Cisco Confidential 4© 2013-2014 Cisco and/or its affiliates. All rights reserved.
SDN and Network Programming – Centralized Model
• OpenFlow and Open Network Foundation (ONF) are credited with starting the discussion of SDN and providing the first modern SDN control protocol
• ONF defines SDN as a decoupling of the control plane and the data plane, through the OpenFlow protocol
• OpenFlow provides:
• Standardized southbound protocol
• Robust flow/traffic control through OF primitives
• Powerful combinational pipeline model for pattern matching
• Potential challenges:
• Scale
• Availability
• Performance
• Complexity
Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved.
SDN: IETF Model
Software-Defined Networking (SDN) can be defined as a new approach for network programmability
Network programmability refers to the capacity to initialize, control, change, and manage network behavior dynamically via open interfaces
Cisco Confidential 6© 2013-2014 Cisco and/or its affiliates. All rights reserved.
How > 70% of Config Management is Done Today
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#blah blah blah ?
% Unrecognized command
Router(config)#^Z
Router#wr mem
Building configuration...
[OK]
Router#
Task Oriented
Human Friendly
Easy To Replay
No Special Tools
Software Unfriendly
Subject To Change
No Common Data Model
No Error Reporting
Cisco Confidential 7© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The Evolution of Device Interaction
Traditional
Evolving ONIEiPXE
Plug n Play
PoAP
Smart InstallAuto Install
CLI
BootstrapControllers
OpenstackPuppet/Chef
RESTJSON RPCNETCONF
CLI
ConfigureI2RS
OpenFlow
OnboxPython
EEM
ExtendPush model
BGP-LS
Netflow
SNMP
Syslog
CLI
Monitor
Cisco Confidential 8© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Software defined networking (SDN) is an architecture that allows the network to more reactive to the requirements of the services and workloads placed upon it
• Hybrid approach takes advantage of hardware intelligence as well as existing feature sets within the network operating system
• Network devices can be exposed to the application layer through application programming interfaces (APIs)
• Allows an evolutionary approach to network programmability
• Over 95% of the use cases for SDN involve the centralization of the Management Plane
Model-driven Programmability – The Rise of Network Automation
Model-Driven APIs
XML JSON
Netconf Restconf
YANG Models
Network Infrastructure
Cisco Confidential 9© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Requirements of Next-Gen Config Management
Easy to Use
Separates Config and Operational Data
Lots of Tooling
Accessible Format
Error Checking
Backup/Restore Capability
Human & Machine Friendly
RFC3535
Cisco Confidential 10© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Key Protocols: NETCONF
Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NETCONF is an IETF Config Management Protocol
V 1.0
• RFC 3535 Background and requirements
• RFC 4741 1.0 Base NETCONF Protocol
• RFC 4742NETCONF over SSH
V 1.1
• RFC 6241 – 1.1 Base NETCONF Protocol
• RFC 6242 –NETCONF over SSH
Extensions
• RFC 5277 Notifications
• RFC 5717 Partial Locking
• RFC 6243 With defaults
• RFC 6244 NETCONF + YANG Architectural Overview
Content
Operations
Messages
Transport
Protocol Stack
Cisco Confidential 12© 2013-2014 Cisco and/or its affiliates. All rights reserved.
• NMS• Script• Plugin• Cut-n-Paste
NETCONF Uses a Client-Server Model
ServerClient
SSH
Connection-Oriented
Authenticated
Reliable
Trustworthy
Secure
Cisco Confidential 13© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Clients Make Requests Using RPCs
ServerClient
<rpc message-id=“1”>
<rpc-reply message-id=“1”>
A simple Remote Procedure Call (RPC) paradigm facilitates communication between the client and the server (aka the network device).
Cisco Confidential 14© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Operations: What Clients Do to Servers
Cisco Confidential 15© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NETCONF Data Stores: Target of Operations
• Named containers that may hold an entire copy of the configuration
• Not all data stores are supported by all devices
• Running is the only mandatory data store
• Not all data stores are writable
• Check the device’s capabilities
• To make changes to a non-writeable data store, copy from a writable one
• URL is supported by IOS (for config-copy)
<running> <startup> <candidate> <URL>
Cisco Confidential 16© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NETCONF Encodes Everything In XML
<?xml version='1.0' encoding='UTF-8'?><rpc message-id="1001">
<get-config><source>
<running/></source>
</get-config></rpc>
eXtensible Markup Language • XML describes data
• <> delimit markup text (tags)
• Machine and human readable
• W3C Recommendation
• Self-descriptive
Cisco Confidential 17© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Example – Interface Configuration
Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NETCONF Protocol Stack Summary
• Config / Operational DataContent
• <get>, <get-config>, etcOperations
• <rpc>,<rpc-reply>Messages
• SSHTransport
Cisco Confidential 19© 2013-2014 Cisco and/or its affiliates. All rights reserved.
NETCONF References
Tutorials: https://www.youtube.com/watch?v=Vr4kB1_6fLQhttps://www.youtube.com/watch?v=xoPZO1N-x38
Tools: Ncclient: https://github.com/leopoul/ncclient/Confd Netconf-console: http://www.tail-f.com/management-agent/
ReferencesRFC 6241 https://tools.ietf.org/html/rfc6241RFC 6242 https://tools.ietf.org/html/rfc6242
Cisco Confidential 20© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Key Technologies: Data Models & YANG
Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved.
What is YANG?
• A data-modeling language for NetConfand RESTconf
• 'Yet Another Next-Generation'
• Models both configuration data and state for network platforms an XML tree format
• Can define the format used for event notifications
• Designed to be human-readable and extensible
• Standardized models are defined by the IETF NetMod working group (RFC 6020)
Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved.
YANG Is A Language
module ietf-interfaces {import ietf-yang-types {
prefix yang; }container interfaces {
list interface { key "name"; leaf name {
type string;}leaf enabled {
type boolean; default "true";
}…
Self-contained top-level hierarchy of nodes
Import or define data types
Leaf nodes for simple data
Lists for sequence of entries
Containers group related nodes
Cisco Confidential 23© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The Interfaces Data Model in Tree Diagram
Source: http://www.ietf.org/rfc/rfc7223.txt
Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved.
The XML Instantiation
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101"> <data>
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces”xmlns:ianaift="urn:ietf:params:xml:ns:yang:iana-if-type” > <interface> <name>eth0</name><type>ianaift:ethernetCsmacd</type><enabled>false</enabled>
</interface></interfaces>
</data></rpc-reply>
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Where Yang Models Come From
Vendors IETF OpenConfig Other
Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved.
YANG References
Tutorialshttp://www.yang-central.org/twiki/bin/view/Main/YangTutorialshttps://www.youtube.com/watch?v=33VBb6N4yOY
ToolsPyang (python) https://code.google.com/p/pyang/Commercial YANG browsers – MG-Soft, Segue Softhttp://rob.sh/post/209 (pyangbind)
ReferencesRFC 6020 (YANG) : http://tools.ietf.org/html/rfc6020RFC 7223 (Interface Model) http://www.ietf.org/rfc/rfc7223.txthttps://github.com/YangModels/yang/tree/master/experimental/openconfig (OpenConfig)https://github.com/YangModels/yang/tree/master/vendor/cisco (Cisco)
Cisco Confidential 27© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Key API: REST
Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved.
REST Follows a Familiar Model
HTTP GET
HTML
Describes how data should be displayed to please human viewer
HTTP GET
JSON/XML
Describes data in a format applications can understand
{"ids":[303776224, 19449911, 607032789, 86544242, 2506725913, 17631389], "next_cursor":0, "next_cursor_str":"0", "previous_cursor":0, "previous_cursor_str":"0"}
Web Browsing REST API
Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved.
What is REST?
• Stands for “REpresentational State Transfer”
• An architectural style for designing scalable networked applications
• Uses HTTP or HTTPS to transmit calls between entities
• Simple CRUD using HTTP
• Operates on resource representations, each uniquely identified by a URL
• Stateless client-server model
• Term was first used by Roy T Fielding in 2000
Author of HTTP 1.0
Alternative to Simple Object Access Protocol (SOAP) and Web Services Description Language (WSDL)
Cisco Confidential 30© 2013-2014 Cisco and/or its affiliates. All rights reserved.
RESTful Interactions
Client Server
Client requests object state
Server returns object state
Client specifies desired state
Server returns resultant state
Cisco Confidential 31© 2013-2014 Cisco and/or its affiliates. All rights reserved.
REST HTTP Methods (or Verbs)
Method Description
GET List the URIs in a collection, or a representation of an individual member
POST Create a new entry in a collection. The new entry's URI is assigned automatically and returned by the operation
PUT Replace an entire collection with a collection, or individual member with another. If a member doesn't exist create it
DELETE Delete an entire collection or an individual member
Cisco Confidential 32© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Why Does This Matter for Networking?
Human Readable
Software Friendly
Large Developer
Base
Client Libraries in Many
Languages
Cisco Confidential 33© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Key API: RESTCONF
Cisco Confidential 34© 2013-2014 Cisco and/or its affiliates. All rights reserved.
RESTCONF - why?
• draft-ietf-netconf-restconf*• “RESTCONF uses HTTP operations to provide CRUD operations on
a NETCONF datastore containing YANG- defined data.”
• Allows use of familiar HTTP Tools and programming libraries
• Tap into pool of developers familiar with HTTP & REST
• Supports XML or JSON data representation
• Why REST-like?• Is Yang model based • This is actually an advantage: Schema allows API predictability and
automation vs model discovery
Cisco Confidential 35© 2013-2014 Cisco and/or its affiliates. All rights reserved.
RESTCONF: Best of Both Worlds?
NETCONF/YANG– SSH– XML
+ JSON + HTTP(S)
RESTCONF
NETCONF REST
YANG
JSON
HTTP
“the simplicity of the HTTP protocol with the predictability and automation potential of a schema-driven API”
Cisco Confidential 36© 2013-2014 Cisco and/or its affiliates. All rights reserved.
RESTCONF is Not A Replacement for NETCONF
• Enables Web Applications to access configuration and operational data
• A simplified transaction model
• Data can be XML or JSON
• Operations include: GET, PUT,PATCH, POST, & DELETE,
NETCONF Operations Not Supported By RESTCONF
• Config locking
• Candidate config
• Startup config
• Validate
• Confirmed commit
Cisco Confidential 37© 2013-2014 Cisco and/or its affiliates. All rights reserved.
What makes NETCONF/YANG & RESTCONF different?
SNMP NETCONF SOAP REST RESTConf
Standard IETF IETF W3C - IETF
Resources OIDs Paths URLs URLs
Data models Defined in MIBs
YANG CoreModels
YANGModels
Data Modeling Language
SMI YANG (WSDL, not data)
Undefined, (WSDL), WADL, text…
YANG
Management Operations
SNMP NETCONF In the XML Schema, not standardized
HTTP operations
HTTP operations
Encoding BER XML XML XML, JSON,…
XML, JSON
Transport Stack
UDP SSHTCP
SSLHTTPTCP
SSLHTTPTCP
SSLHTTPTCP
Cisco Confidential 38© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Open Device Programmability
Cisco Confidential 39© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Open Device Programmability
Physical and Virtual Network Infrastructure
Open Device Programmability
ProgrammableInterfaces
OpenProtocols
Configuration Management
TrafficEngineering
Telemetry & Troubleshooting
SimplifiedDeployment
RESTconf
• IETF draft
• REST “like” interface for accessing YANG data models
• Session oriented
• Runs over HTTP(S)
• IETF standard
• Designed for network programmability
• Session and connection oriented
• Runs over SSH or SOAP
• Open source initiative
• Designed for generic client / server communications
• Session oriented
• Runs over HTTPS
Programmatic Interfaces*Interface Types
NETCONF 1.1 gRPC(IOS-XR only)
Simplified Deployment
Traffic EngineeringTelemetry Troubleshooting
Configuration Management
* Planned for H2CY16
NETCONF 1.1
RESTconfgRPC
(IOS-XR only)
Programmable Interfaces*
Device Features
Interface BGP QoS ACL …
Data Model
Configuration
StandardDevice Specific
Operational
StandardDevice Specific
SNMP
Physical and Virtual Network Infrastructure
Programmable
Interfaces
* Planned for H2CY16
Simplified Deployment
Traffic EngineeringTelemetry Troubleshooting
Configuration Management
Cisco Confidential 42© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Demo
Thank you.