[NETWORK] AUTOMATIONFOR EVERYONE

Andrius Benokraitis Michael FordPrincipal Product Manager Solution Architectandriusb@redhat.com mford@redhat.comDurham, NC Chicago, IL

MANAGING NETWORKSHASN’T CHANGED

IN 30 YEARS.

NETWORKS ARE DRIVEN MANUALLY

THIS STINKS

PLAN AND PROTOTYPE VIRTUALLYUse tasks as reusable building blocks

USE YOUR CURRENT DEVELOPMENT PRACTICESAgile, DevOps, Waterfall

GO BEYOND THE “PING” TESTIntegrate with formal testing platforms

BE CONFIDENT DURING DEPLOYMENTValidate changes were successful

ENSURE AN ON-GOING STEADY-STATE

WHY AUTOMATE YOUR NETWORK?

WHY ANSIBLE?

SIMPLE POWERFUL AGENTLESS

NOT python

Download and go

Existing knowledge reuse

Ideal for network gear

No agents to exploit or update

Standards-based SSH

Connect via Plugins

Easy platform enablement

Leverage Linux tools

(fo t k )

WHY ANSIBLE TOWER?

When is Tower > Ansible Project?

○ When 2 or more people start using my Playbooks○ When I need a central point of Playbook execution○ When I need an API to control my Playbooks○ When I need integrations with TACACS+, RADIUS, SAML, AD○ When my boss asks for compliance checking and enhanced logging○ When we are doing more than just network automation

7 Platforms28 Modules

17 Platforms141 Modules

29 Platforms267 Modules

33 Platforms463 Modules

2.1May 2016

2.2Oct 2016

2.3Apr 2017

2.4Sep 2017

NETWORK AUTOMATION PROGRESS40 Platforms572 Modules

2.5Mar 2018

45 Platforms639 Modules

2.6Jun 2018

50 Platforms700 Modules

2.7Oct 2018

ANSIBLE NETWORK AUTOMATION

ansible.com/for/networksgalaxy.ansible.com/ansible-network

700+ NetworkModules

50 Network

Platforms

15* Galaxy

Network Roles

*Roles developed and maintained by Ansible Network Engineering

A10

Apstra AOS

Arista EOS, CVP

Aruba Networks

AVI Networks

Big Switch Networks

Brocade Ironware

Cisco ACI, AireOS, ASA, Firepower,IOS, IOS-XR, Meraki, NSO, NX-OSCitrix Netscaler

Cumulus Linux

Dell OS6, OS9, OS10

MikroTik RouterOS

Openswitch (OPX)

Ordnance

NETCONF

Netvisor

OpenSwitch

Open vSwitch (OVS)

Palo Alto PAN-OS

Nokia NetAct, SR OS

Ubiquiti EdgeOS

VyOS

NETWORK MODULES: BUILT-IN DEVICE ENABLEMENT

Exoscale

Extreme EX-OS, NOS,SLX-OS, VOSS

F5 BIG-IP, BIG-IQ

Fortinet FortIOS, FMGR

Huawei CloudEngine

Illumos

Infoblox NIOS

Juniper JunOS

Lenovo CNOS, ENOS

Mellanox ONYX

---- hosts: cisco gather_facts: false connection: network_cli

tasks:- name: show command for cisco

cli_command: command: show ip int br register: result

- name: display result to terminal window debug: var: result.stdout_lines

AUTOMATION FOR EVERYONE: NETWORK ENGINEERS

AUTOMATION FOR EVERYONE: PLAYBOOK RESULTS

AUTOMATION FOR EVERYONE: NETWORK ENGINEERS

---- hosts: juniper gather_facts: false connection: network_cli

tasks:- name: show command for juniper

cli_command: command: show interfaces terse em1 register: result

- name: display result to terminal window debug: var: result.stdout_lines

MEASURING SUCCESS

BEFORE AFTER

Problem: A large global hotel chain needs to manage the VPN configuration for 3000 locations

● 15 minutes to populate variables in YAML

● Schedule in Tower● Updated in days

● Fill out a Word doc config template

● Manually push● Updated in 2 years

PUBLIC CUSTOMER CASE STUDIES“ The [Surescripts] IT team can now manage far more servers and networking devices, with confidence that no mistakes will occur, as they can test changes with the same Ansible Playbooks used in production.

”

EXTERNAL:

ansible.com/workshops

ANSIBLE SYSTEM ADMINISTRATOR

DO409Automation with Ansible II:

Ansible Tower

ANSIBLE LEARNING PATH

DO407*Automation with Ansible I

Red Hat Certificate of Expertise in Ansible

Automation

DO007Ansible Essentials: Simplicity

in Automation

DO457Ansible for Network

Automation

DO407 - Learn to use Ansible to automate system administration tasks on managed hosts & write Ansible Playbooks to standardize task executions.

DO409 -Learn to configure users and teams for role-based access control to Tower resources & Perform basic maintenance and administration of an Ansible Tower installation.

DO457 - You will be able to use Red Hat Ansible Automation for Networking to write Ansible playbooks and launch them to manage the routers, switches, and other devices in your network infrastructure.

Impact of Training: