Networking
Infrastructure
Automation
with
Chef
Bao @sysbot1 with Ooyala
Traditional Networking
- Expensive hardware and vendor lock-in.
- Proprietary interface caused for steep learning curve.
-
Change is manual, repetitive, error prone and slow.
-
Configuration drift over time.
- Not simple to do automated and testing.
CLI
CLI with lots of copy & paste (example BGP config)
router bgp 46793
bgp router-id 1.1.1.2
no bgp enforce-first-as
no bgp log-neighbor-changes
bgp maxas-limit 10
neighbor Amazon peer-group
neighbor Amazon remote-as 16509
<CLIP>
!
ip route 3.3.3.3 255.255.255.252 10.255.255.2 name "Upstream provider"
interface Vlan10
description ooyala-sv2-net(13.22.22.0/24)
ip address 13.22.22.2 255.255.255.0
no ip redirects
no ip proxy-arp
ip route-cache flow
Ooyala's Chef workflow with Test-KITCHEN
Layer3 Leaf-Spine with Cumulus
Declare what ports are 10GE or 40GE
include_recipe "cumulus-linux"
::Chef::Recipe.send(:include, Cumulus)
case node.cumulus.model
when "AS6701_32X"
conf = Cumulus::SwitchConfig.new(Accton::AS6701_32X::X_pipeline,
Accton::AS6701_32X::Y_pipeline (21..24).each do |i|
conf.front_panel_port(i).set4x10g
end
cumulus_linux_overlay "AS6701_32X" do
hardware conf
end
end
Declare BGP with attributes
include_recipe "quagga"
node.set[:quagga][:daemons][:bgpd] = true
node.set[:quagga][:loopback]="10.51.239.1"
node.set[:quagga][:bgp][:local_asn]="65024"
node.set[:quagga][:bgp][:ebgp_peers]={
"65022" => {
"ip" => ["10.101.8.69","10.101.16.69"]
}
}
node.set[:quagga][:bgp][:networks]=["10.51.0.0/16"]
quagga_bgp node[:quagga][:bgp][:local_asn] do
ebgp_peers node.quagga.bgp.ebgp_peers
networks node.quagga.bgp.networks
loopback node.quagga.loopback
end
Template
bgpd.erb
password <%= node.quagga.password %>
enable password <%= node.quagga.enabled_password %>
!
router bgp <%= @local_asn %>
bgp router-id <%= @loopback %>
bgp log-neighbor-changes
<% @networks.each do |i| -%>
network <%= i %>
<% end -%>
<% @ebgp_peers.each do |asn,v| -%>
<% v[:ip].each do |ip| -%>
neighbor <%= ip %> remote-as <%= asn %>
neighbor <%= ip %> next-hop-self
<% end -%>
<% end -%>
!
DEMO
Get the cookbooks at
https://github.com/ooyala/cumulus-linux-cookbook
https://github.com/ooyala/quagga-cookbook
Results
- Infrastructure as code
- Leveraging DevOps best-practices (automated tests, CI, deployment).
- White-box and hardware vendor agnostic.
- Ooyala has open-sourced two Chef cookbooks:
- Quagga (routing daemon)
- Cumulus Overlay (simulate on Vagrant for testing)
- Blog at:
- http://engineering.ooyala.com/blog/network-management-and-automation-chef
- We are hiring!
Networking with Chef at Ooyala
By Bao Nguyen
Networking with Chef at Ooyala
Examples and Demo for using Chef to build Layer3 networking.
- 2,754