ncs: network control system hands-on labs

NCS: Network Control System Hands-on Lab TS-SP-01-I

Housekeeping Notes

Thank you for attending Cisco Connect Toronto 2015, here are a few housekeeping notes to ensure we all enjoy the session today.

§  Please ensure your cellphones / laptops are set on silent to ensure no one is disturbed during the session

§  A power bar is available under each desk in case you need to charge your laptop (Labs only)

§  We will be using the Cisco dCloud Environment for all the Labs. Please make sure you have internet access using the provide credentials.

House Keeping Notes

§  Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed Internet connection, and a cisco.com account

§  Customers will have direct access to a subset of dCloud demos and labs

§  Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared with the customers (cisco.com user).

§  Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com credentials

§  Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help

dCloud

Customers now get full dCloud experience!

§  Give us your feedback and you could win a Plantronics headset. Complete the session survey on your Cisco Connect Toronto Mobile app at the end of your session for a chance to win

§  Winners will be announced and posted at the Information desk and on Twitter at the end of the day (You must be present to win!)

Complete your session evaluation – May 14th

NCS: Network Control System Hands-on Lab Jason Yen (Solution Architect – US Sales) – [email protected] Ashok Sadasivan (Solution Architect – US Sales) – [email protected]

§  Introduction to the lab §  Overview of Network Control System (NCS)

§  Task 1: Installing NCS

§  Task 2: NCS Device Manager

§  Task 3: NCS Service Manager

§  Conclusion

Agenda

Introduction to the NCS Lab

§  You have been assigned a POD consist of two servers §  Connect to your POC using the Anyconnect credentials in your sheet

§  Remote desktop to the windows server or ssh directly to the NCS server using Putty directly from your working machine.

Introduction to the NCS Lab: Connecting to POD

NCS Server. Access via SSH IP address: 198.18.134.4 Username/Password: cisco/cisco

PC Workstation IP address: 198.18.133.253 Username/Password: Administrator / C1sco12345

Introduction to the NCS Lab: Windows Host

§  Instruction led, we will be guiding you through a set of steps §  No step-by-step written guide, we know this is the first contact with NCS

for several of you

§  Network devices are emulated using in-house management plane emulator: ncs-netsim (also distributed with NCS)

§  PODs will be available for your access until Friday noon

§  By the end of the lab, we will show you how to access additional self-guided lab examples

§  You can contact the instructors for a “Meet the Engineer” slot if need a deeper-dive

Introduction to the NCS Lab: Connecting to POD

Overview of NCS

Network Control System (NCS)

Multi-Vendor Service Orchestration

& Network automation

for today’s networks and NFV/SDN

§  Founded in 2005 §  HQ in Stockholm, Sweden

§  US Office in Silicon Valley §  Fully part of Cisco since 9 July 2014

§  Software product company §  Multi-vendor Service Orchestration & Network Automation §  Service Orchestration for NFV/SDN (and today’s networks !) §  Centralized Network Control – SDN §  Yang & Netconf experts

§  100+ customers world-wide §  7 out of 10 world’s largest network equipment vendors §  Early NFV leadership – multiple deployments

§  Target Markets §  Service Providers §  Could providers / Data Centers §  Network Equipment Vendors

Tail-f At-a-Glance §  Disruptive Service Orchestration software

§  Reduces time & efforts to develop & provision services in a Multi-Vendor network

§  Early leader in the fast-growing NFV market

Blue Chip Customers

Tier1 SP Japan

Tier1 SP US

tw telecom (Level3 now) : L2 & L3 VPN Provisioning

Business Challenge: Fast delivery of various types of VPNs (L2 and L3) and Carrier Ethernet 2.0 services for traffic separation in a dynamic, programmatic way.

Benefits with NCS: •  Replacing home-grown system & manual processes •  Increase agility and lower OPEX •  Provision complex VPNs spanning 40,000 devices

from multiple vendors using network-wide, transaction-safe features

•  Core routers: Juniper MX series •  PEs: Cisco for PE •  CEs: Overture, Adtran, ADVA

•  Develop VPN services using CLI templates of Java

•  Support for provisioning, updating and removing VPNs using minimal diffs

•  API integration with customer self-service portal, OSS, and analytics systems

OSS

Service Order

Minimal Device Reconfigurations

Tail-f NCS

Multi-vendor L1-L7 network

Agility : Model-Driven Operations: Network Transactions

Network Control System (NCS)

NCS Details & Key Features §  Multi-vendor Service Orchestration & Network Automation for existing & future

(SDN/NFV…) networks

§  Single Pane of Glass for: §  L1-L7 networking

§  Hardware Devices

§  Virtual Appliances

§  OpenFlow Switches

All the above can be from any vendor : Cisco, Juniper, ALU, Ericsson, Huwaei, Ciena, Infinera, F5, A10, Brocade, Palo Alto, Avaya, Sonus, Fortinet, etc…

§  NCS provides abstractions based on §  Standard Data models (YANG RFC 6020) for devices & services

§  Transaction : ensures fail-safe operations & network configuration accuracy

§  Benefits §  No hard-coded assumptions/info about services or devices

§  Can be used for all types of services and all types of network devices

§  Automation can be based on accurate real-time view of service and network state

Multi-vendor L1-L7 network

Service Manager

Multi-Vendor Network

Network Engineer EMS/NMS

NETCONF

REST CLI Web UI SNMP JAVA/Javascript/ Python

OSS/BSS

NCS

AAA Core Engine

NETCONF

SNMP REST CLI WS

Network Element Drivers

Mapping Logic Templates

Fast Map

Device Manager Notification Receiver Alarm Manager

Openflow Switches

Service Models

Package Manager

Script API

Device Models

Developer API

Tail-f NCS Zoom in Architecture

NCS for Network Engineers – User Interfaces

Auto-rendered Web UI with powerful extensibility features

Cisco or Juniper-style CLI for network-wide configuration changes

NETCONF/YANG High-level Properties

•  NETCONF Network management protocol specifically designed to support service activation and provisioning. Encrypted, efficient transport

XML content transported over SSH+TCP. Extensible

XML Namespaces make it possible to add e.g. new RPC types or new table columns without breaking existing applications.

Transactional Configuration changes happen all-or-nothing and all-at-once which simplifies network management applications.

Network-wide Can address multiple network elements in parallel to implement network-wide transactions.

•  YANG

Text based data modeling language designed for use with NETCONF. Operator friendly

Easy to mimic existing human operator interfaces, such as CLI and WebUI. Supports tables inside tables.

Precise Very precise and specific data definitions. Allowed values could be “1..99 | 1300..1999 | none”. Explicit about keys in tables.

Extensible Define additional keywords in Yang with rigid syntax, that standard compilers parse correctly. Additional keywords used to generate code, documentation, test cases, etc based on model.

Human readable Non-programmers can read Yang models.

Task 1: Installing NCS

§  Check the distribution filename: §  ncs-3.0.darwin.x86_64.installer.bin

§  Check your OS version: §  Linux distributions §  OS X

§  Check the CPU archurecture: §  x86_64 – 64-bit Intel x86 architecture §  I686 - 32-bit Intel x86 architecture

§  Java version (JDK 1.6 or higher)

System Requirements (Cont.)

§  Obtain distribution file: §  ncs-3.0.darwin.x86_64.installer.bin

§  It contains: §  NSO, examples, documentation §  NETSIM Network Simulator

§  Run the installation

Installing Cisco NSO

$ sh ncs-3.0.darwin.x86_64.installer.bin ~/ncs/3.0 INFO Using temporary directory /var/… to stage NCS installation bundle INFO Unpacked ncs-3.0 in /Users/tailf/ncs/3.0 INFO Found and unpacked corresponding DOCUMENTATION_PACKAGE INFO Found and unpacked corresponding EXAMPLE_PACKAGE INFO Generating default SSH hostkey (this may take some time) INFO SSH hostkey generated INFO Environment set-up generated in /Users/tailf/ncs-3.0/ncsrc INFO NCS installation script finished INFO Found and unpacked corresponding NETSIM_PACKAGE INFO NCS installation complete

NSO Directories

ncs-3.0/

/opt/

bin/

lib/

doc/

web-server/

ncs-cdb/

ncs.conf

datacenter/

ncs-cdb/

ncs.conf

production/

ncs-cdb/

ncs.conf

ncs-2.9/ Project Directory

Installation Directory

Two directory types:

examples.ncs

§  Make sure binaries are added to your PATH:

§  Run the ncs-setup script:

§  Creates a database directory ./ncs-cdb

§  Creates a log directory ./log §  Creates an empty packages directory ./packages

§  Creates a default ncs.conf

Setup an NSO Project Runtime Directory

$ ncs-setup --dest <runtime directory>

$ source ~/NCS/3.0/ncsrc

§  Start the NSO daemon:

§  Check if the deamon is running:

§  Start the CLI (Cisco XR style):

§  Start the CLI (Juniper style):

Starting Cisco NSO

$ ncs

$ ncs --status

$ ncs_cli –u admin

$ ncs_cli -J –u admin

NSO Packages

§  Make sure your package is in the right place §  The./packages directory §  Don’t store anything else in the packages/ directory! §  Don’t keep “old” packages in the packages directory!

Using Packages

§  Existing packages: §  NEDS ($NCS_DIR/packages/neds) §  Services ($NCS_DIR/packages/services) §  Tools ($NCS_DIR/packages/tools)

§  Copy (or softlink) packages from the NSO installation:

Using Existing Packages

cp -r $NCS_DIR/packages/neds/cisco-ios-xr packages/

cp -r $NCS_DIR/packages/tools/discovery packages/

§  Check if all the required packages are loaded using show packages command

§  Package reload can be forced using request packages reload command

§  Package reload can be forced with starting NSO using —with-package-reload flag

Reloading Packages

admin@ncs> show packages package package-version

PACKAGE

NAME VERSION

----------------------

cisco-iosxr 3.0

discovery 1.0

admin@ncs> request packages reload

result Done

[ok][2014-10-14 14:17:06]

Using NETSIM

§  ncs-netsim is a network devices simulation tool

§  Used to test NSO with simulated devices

§  Uses NED device packages §  A NED package contains netsim directory §  Represents device configuration and CLI

§  The same YANG for models are used for simulated and real devices

Netsim Overview

Netsim simulated devices (ConfD)

Physical or virtual non-simulated devices

§  Below example creates 3 Cisco IOS devices:

§  Simply run netsim inside the project folder

Starting Simulated Devices

$ ncs-netsim start

DEVICE c0 OK STARTED



$ ncs-netsim create-network <NED package> <#N devices>

$ ncs-netsim create-network packages/cisco-ios 4 c

§  You can run the CLI towards the simulated devices

Access Simulated Devices

$ ncs-netsim cli-i c1

admin connected from 127.0.0.1 using console *

c1> enable

c1# show running-config

class-map m

match mpls experimental topmost 1

match packet length max 255

match packet length min 2

match qos-group 1

!

c1# exit

Task 2: NCS Device Manager

§  Is the heart of NSO

§  NSO keeps a master copy of configuration in CDB

§  Network element drivers (NED) supports different protocols: §  NETCONF §  SNMP §  CLI §  Generic NED (Java code)

Device Manager

Master Copy of Configurations

Device Manager

Network Element Driver

§  In Operational mode, the CLI displays operational data stored in CDB (or live data from the devices)

§  In Configuration mode, the CLI displays network configuration data stored in CDB

NSO CLI

ncs# show devices device devices device lb0 ... alarm-summary indeterminates 0 alarm-summary criticals 0 alarm-summary majors 0 alarm-summary minors 0 alarm-summary warnings 0 ... devices device www0 ...

Operational Mode Configuration Mode

ncs# configure ncs(config)# show full-configuration devices device ce0 devices device ce0 address 127.0.0.1 port 10022 ssh host-key ssh-dss …

Device Configuration Management

§  Device Configurations in NSO and actual Device Configuration should match

§  After initial device discovery or import, it makes sense to synchronize configurations from devices

Synchronizing from Device

sync-to sync-from check-sync compare-config

ncs# devices sync-from

sync-result { device lb0 result true }

§  When a device has been configured out of band

§  Clears up rogue configuration

§  “dry-run” option available to check changes

Synchronizing to Device

ncs# devices device www0 sync-to

result true

sync-to sync-from check-sync compare-config

Change device configuration over CLI.

§  Check if a device has been configured out of band

§  Check if a subset of managed devices has been configured out of band

Check Sync

ncs# devices check-sync sync-result {

device ce0 result in-sync

} ...

ncs# devices device ce0..3 check-sync devices device ce0 check-sync result in-sync devices device ce1 check-sync result in-sync devices device ce2 check-sync

§  Compare out-of-sync device configuration

Comparing Configuration

ncs(config)# devices device ce0 check-sync result out-of-sync info got: 290fa2b49608df9975c9912e4306110 expected: ef3bbd344ef94b3fecec5cb93ac7458c ncs(config)# devices device ce0 compare-config diff devices {

device ce0 { config { ios:snmp-server {

+ community foobar { + RW; + }

} } }

}

§  Display only new parts of configuration:

§  Display full configuration

Displaying Configuration

ncs(config)# show configuration devices device www0 devices device www0

description NewDevice

!

ncs(config)# show full-configuration devices device www0 /* Tags: Volvo */ devices device www0 address 127.0.0.1 port 12023 ssh host-key ssh-dss

§  Configuration change happens after final commit statement

Configuring Devices

# ncs_cli --user=admin ncs# configure Entering configuration mode private [ok][2010-04-14 14:28:33] [edit] ncs(config)# devices device www0 config if:interface eth0 ipv4-address 192.168.128.50 ipv4-mask 255.255.255.0 [ok][2010-04-14 14:28:38] [edit] ncs(config)# devices device www1 config if:interface eth0 ipv4-address 192.168.128.51 ipv4-mask 255.255.255.0 [ok][2010-04-14 14:28:51] [edit] ncs(config)# devices device www2 config if:interface eth0 ipv4-address 192.168.128.52 ipv4-mask 255.255.255.0 [ok][2010-04-14 14:29:00] [edit] ncs(config)# commit Commit complete.

§  Every transaction has a corresponding rollback file:

Or NSO CLI:

Rollbacks

> file show logs/rollback<TAB>

ncs(config)# file show logs/rollback<TAB>

Run rollbacks

ncs(config)# rollback <TAB>

Possible completions:

0 - 2011-09-23 09:19:43 by admin via cli

1 - 2011-09-23 09:15:38 by admin via cli

2 - 2011-09-23 09:13:35 by admin via cli

3 - 2011-09-23 08:55:31 by admin via cli

$ ls logs/rollback* $ more logs/rollback0

§  Rollback 0 is always most recent rollback file §  Rollback 3 latest transactions:

§  Rollback only changes done in 3rd latest transaction:

§  Rollback dhcp changes on asr0 in the 3 latest transactions: § 

§  Rollback dhcp changes on asr0 in the 3rd latest transaction:

Rollbacks – Examples

ncs(config)# rollback 2

ncs(config)# rollback selective 2

ncs(config)# rollback 2 devices device asr0 config dhcp

ncs(config)# rollback selective 2 devices device asr0 config dhcp

Templates and Groups

§  Used to apply snippets of configuration

Templates

Create template: Apply to new or existing device: What is the diff?

ncs(config)# show configuration ncs(config)# commit

ncs(config)# devices device www4 apply-template template-name web-server

ncs(config)# devices template web-server config if:interface eth0 ipv4-address 0.0.0.0 ipv4-mask 255.255.255.255 macaddr 00:00:00:00:00:00

ncs(config)# devices template web-server config ws:wsConfig global KeepAlive On MaxKeepAliveRequests 100 ncs(config)# devices template web-server config sys:host-settings dns server 1 address 127.6.7.8 ncs(config)# show configuration

§  Variable needs to be provided with a value

Templates with Variables

ncs(config)# devices device-group blue-web apply-template template-name ifspeed Error: A variable value has not been assigned to: iface ncs(config)# devices device-group blue-web apply-template template-name ifspeed variable { name iface value 'eth0' } ncs(config)# show configuration devices device www1 config interface eth0 speed 1000 ! ! ! devices device www2 config interface eth0 speed 1000 ! ! !

§  The Device and Service models contain constraints that always must be true

§  You might want to add constraints on run-time

§  Example 1: a certain interface on the device must be ‚Up‘

§  Example 2: Interface needs to have a description

ncs(config)# policy rule mgmt-if Value for 'expr' (<string>): config/interface[name='m0'][status='Up’] ncs(config)# foreach /devices/device ncs(config)# error-message "Management Interface m0 on device {name} must be Up” admin@ncs% commit ncs(config)# show configuration policy rule mgmt-if foreach /devices/device; expr config/interface[name='m0'][status='Up']; error-message "Management Interface m0 on device {name} must be Up”;

Policies

Task3: Service Manager

YANG Intro

Basic YANG Statements YANG Programming Equivalent Description Leaf Variable Contains a single value of a specific type

Leaf-List Array Contains a list of values of the same type

Container Record Contains a single structure containing zero or more values or other statements (hierarchy)

List Array of Records Contains a list of zero or more sets of values and other statements (hierarchy)

Leafref Pointer Contains a link to another statement elsewhere in the file

Container

Leaf

Container Leaf-List

Container List

Leaf

Container Leaf Leaf Leaf-Ref

Leaf


Leaf


§  Leaf: single value of a defined type

§  Leaf-list: multiple values of the same type

§  List: multiple records containing at least one leaf (key) and an arbitrary hierarchy of other statements

§  Container: groups other statements; has no value

§  Leafref: is a reference to another leaf

YANG Model Statements and Hierarchy

§  Statement characteristics: §  Name

§  Type (e.g. string, uint32)

§  Constraints: §  min-elements §  max-elements §  range §  key/unique §  leafref §  must §  when

§  Statement content is enclosed within curly brackets

§  Each sub-statement is terminated by semicolon

YANG Model Statements and Hierarchy Example container car { }

container v8_engine { }

leaf-list cylinder-arrangement { type string; max-elements 8; } container other-parts { }

list per-cylinder-parts { }

leaf piston-diameter { type uint32; range "2000..9000"; }

container valves { leaf number { … } list position { … } … }

YANG Data Types

YANG Supports a Number of Data Types Name Description int8/16/32/64 Integer

uint8/16/32/64 Unsigned integer

decimal64 Non-integer

string Unicode string

enumeration Set of alternatives

boolean True or false

bits Boolean array

binary Binary BLOB

leafref Reference

identityref Unique identity

empty No value, void

union Choice of member types

instance-identifier References a data tree node

Built-in Types Derived Types typedef my-base-int32-type { type int32 { range "1..4 | 10..20"; } } typedef derived-int32 { type my-base-int32-type { range "11..max"; } } typedef string255 { type string { length "1..255"; } } typedef derived-str { type string255 { length "11 | 42..max"; pattern "[0-9a-fA-F]*"; } }

Common YANG Data Types (RFC 6991)

Name Description counter32 non-negative 32-bit integer that monotonically increases zero-based-counter32 a counter32 that has the defined initial value zero counter64 non-negative 64-bit integer that monotonically increases zero-based-counter64 a counter64 that has the defined initial value zero gauge32 non-negative integer, which may increase or decrease gauge64 non-negative integer, which may increase or decrease date-and-time ISO 8601 standard for representation of dates and times phys-address colon-separated hexadecimal pairs (e.g. 1a:ba:da:ba:d0) mac-address six colon-separated hexadecimal pairs (e.g. 1a:ba:da:ba:d0:00) xpath1.0 XPATH 1.0 expression hex-string colon-separated hexadecimal pairs of arbitrary length uuid universally unique identifier (RFC 4122) …

import ietf-yang-types { prefix yang; }

IETF YANG Types Using Types

Common YANG Data Types (RFC 6991) (Cont.)

Name Description ip-version IP protocol version: 1=IPv4, 2=IPv6, 0=unknown dscp Differentiated Services Code Point value: 0 to 63 ipv6-flow-label 32-bit integer in the range from 0 to 1048575 port-number 16-bit integer in the range from 0 to 65535

as-number 32-bit integer representing 2 or 4 octet BGP AS numbers ip-address IPv4 or IPv6 address ipv4-address IPv4 address (e.g. 10.1.2.3) ipv6-address IPv6 address (e.g. fd85:b310:6513:194b::1) ip-prefix IPv4 or IPv6 prefix ipv4-prefix IPv4 prefix (e.g. 10.1.2.0/24) ipv6-prefix IPv6 prefix (e.g. fd85:b310:6513:194b::/64) domain-name DNS domain name host IP address or DNS domain name uri uniform resource identifier …

import ietf-inet-types { prefix inet; }

Using Types IETF INET Types

YANG Types Example // percentage type typedef percentage-type { type uint8 { range "1..100"; } } // Weekday type typedef weekday-type { type enumeration { enum Mon; enum Tue; enum Wed; enum Thu; enum Fri; enum Sat; enum Sun; } } // Hour & minute & optional second type typedef hhmm-type { type string { pattern '([0-1]?[0-9]|2[0-4]):' + '([0-5][0-9])(:[0-5][0-9])?'; } } // Route Distinguisher AS:NUM or IP:NUM typedef rd-type { type string { pattern '((\d+)((\.\d+){3})?)\:\d+'; } }

// DSCP type typedef dscp-type; type union; type uint8 { range "0..63"; } type enumeration { enum af11; enum af12; enum af13; enum af21; enum af22; enum af23; enum af31; enum af32; enum af33; enum af41; enum af42; enum af43; enum cs1; enum cs2; enum cs3; enum cs4; enum cs5; enum cs6; enum cs7; enum default; enum dscp; enum ef; enum precedence; } } }

YANG Statements

§  Leaf §  Container

§  List

§  Leafref

Basic YANG Statements

Data model: §  YANG

§  XPath to reference data in the hierarchy:

§  Graphic visualization of hierarchy and data type:

Data Model and Data Visualization Sample data: § XML:

§ Table:

K Key Leaf

Leaf T Typedef

G Grouping

L List

C Container R Leafref

L Leaf-list

192.0.2.213 16772 198.51.100.22 19234 203.0.113.89 22315

/ loopback-ipv4 / loopback-ipv4 / loopback / loopback-ipv4 / ip-address

These methods are used throughout the course to help with understanding of YANG data

modeling.

<loopback-ipv4> <loopback>1</loopback> <ip-address>10.1.1.1</loopback> </loopback-ipv4> <loopback-ipv4> <loopback>2</loopback> <ip-address>10.2.2.2</loopback> </loopback-ipv4> !

§  Single value using a built-in or derived data type

§  Zero or one instance

Leaf

loopback

1

leaf loopback { type int32 { range "0..2147483647"; } }

<loopback>1</loopback>

YANG (data model) XML (data)

XPath: / loopback

Leaf Attributes Attribute Description

config Whether this leaf is a configurable value ("true") or operational value ("false"). Inherited from parent container if not specified

default Specifies default value for this leaf. Implies that leaf is optional

mandatory Whether the leaf is mandatory ("true") or optional ("false")

must XPath constraint that will be enforced for this leaf

type The data type (and range etc) of this leaf

when Conditional leaf, only present if XPath expression is true

description Human readable definition and help text for this leaf

reference Human readable reference to some other element or spec

units Human readable unit specification (e.g. Hz, MB/s, ℉)

status Whether this leaf is "current", "deprecated" or "obsolete"

§  Used to group one or more other statements §  Has no data type by itself

§  May have an implicit meaning

Container

1 10.1.1.1

container loopback-ipv4 { leaf loopback { type int32 { range "0..2147483647"; } } leaf ip-address { type inet:ipv4-address } }

<loopback-ipv4> <loopback>1</loopback> <ip-address>10.1.1.1</loopback> </loopback-ipv4>

C loopback-ipv4

ip-address loopback

XPath: / loopback-ipv4 / loopback-ipv4 / loopback / loopback-ipv4 / ip-address


§  Contains one or more substatements §  Requires one unique identifier (key) §  Zero or more instances

List

1 10.1.1.1 2 10.2.2.2

list loopback-ipv4 {! key loopback;! unique ip-address;! leaf loopback {! type int32 {! range "0..2147483647";! }! }! leaf ip-address {! type inet:ipv4-address! }!}!

<loopback-ipv4> <loopback>1</loopback> <ip-address>10.1.1.1</loopback> </loopback-ipv4> <loopback-ipv4> <loopback>2</loopback> <ip-address>10.2.2.2</loopback> </loopback-ipv4>


L loopback-ipv4

ip-address K loopback

XPath: / loopback-ipv4 / loopback-ipv4 / loopback / loopback-ipv4 / ip-address

Service Design

1.  Create a package skeleton

2.  Use the Cisco NSO CLI to configure a sample service

3.  Create the service template

4.  Create the service model in YANG

5.  Compile and deploy the package

Creating a Service Package Create a Service Skeleton

Configure Sample Service using Cisco NSO CLI

Create Service Template (XML)

Create Service Model (YANG)

Service Model (YANG)

Service Template (XML)


Service Template Skeleton File (XML)

Service Model Skeleton File (YANG)

1.

§  ncs-make-package --service-skeleton template-based trunk

Create a package skeleton

70















2.

§  devices device dell0 config force10:interface Vlan 10 tagged GigabitEthernet0/11

§  devices device catalyst1 config ios:interface GigabitEthernet 0/23 switchport mode trunk switchport trunk allowed vlan 10

§  Commit dry-run outformat native

§  Take this as an input to get the XML template

Configure the Service via NCS

72















3.

§  show full-configuration devices device dell0 config force10:interface Vlan | display xml

§  show full-configuration devices device catalyst1 config ios:interface GigabitEthernet 0/23 | display xml

§  Same Output like the commit dry run in the step before!

XML Template

74















4.

list endpoint {

key device;

leaf device {

type leafref {

path "/ncs:devices/ncs:device/ncs:name";

}

}

leaf interface {

type string;

}

}

leaf vlan {

type uint16;

}

Create the Yang Model

76











Compile & Deploy the Service




5.

ncs_cli -C -u admin packages reload services trunk myservice endpoint catalyst0 interface 0/2 endpoint dell0 interface GigabitEthernet0/12 vlan 12 top show full-configuration services trunk

commit dry-run outformat native

Compile and reload the package

78

§  Service design goal is simplicity for the operator : §  Minimum set of parameters for the service (optimization) §  Strict enforcement of parameters to minimize human error (standardization) §  Thorough testing of service configuration and all possible service options to

ensure robustness of the solution §  NSO and YANG provide modularity and flexibility for service designers

Summary

Conclusion

§  NCS is very simple to install and start operating §  It is very simple to personalize NCS thanks to the use of standard languages such as

YANG and XML templates, plus its network emulator ncs-netsim…

§  NCS can centrally manage devices using all its northbound interfaces using its device manager

§  NCS can automate service provisioning thanks to its service manager

§  The PODs will be available until Friday noon for your access

§  You can access more self-guided labs at examples.ncs folder in your installation

Conclusion from NCS Lab

81

§  Demos in the Cisco Campus §  Walk-in Self-Paced Labs

§  Table Topics

§  Meet the Engineer 1:1 meetings

Continue Your Education

82

Thank You

ncs: network control system hands-on labs

Technology