Networking

Infrastructure

Automation

with

Chef

        Bao @sysbot1  with  Ooyala


Traditional Networking


  • Expensive hardware and vendor lock-in.
  • Proprietary interface caused for steep learning curve.
  • Change is manual, repetitive, error prone and slow.
  • Configuration drift over time.
  • Not simple to do automated and testing.

CLI

CLI with lots of copy & paste (example BGP config)
router bgp 46793
 bgp router-id 1.1.1.2
 no bgp enforce-first-as
 no bgp log-neighbor-changes
 bgp maxas-limit 10
 neighbor Amazon peer-group
 neighbor Amazon remote-as 16509
 <CLIP>
!
ip route 3.3.3.3 255.255.255.252 10.255.255.2 name "Upstream provider"
interface Vlan10
 description ooyala-sv2-net(13.22.22.0/24)
 ip address 13.22.22.2 255.255.255.0
 no ip redirects
 no ip proxy-arp
 ip route-cache flow

Ooyala's Chef workflow with Test-KITCHEN


Layer3 Leaf-Spine with Cumulus



Declare what ports are 10GE or 40GE
include_recipe "cumulus-linux"
::Chef::Recipe.send(:include, Cumulus)

case node.cumulus.model
when "AS6701_32X"
  conf = Cumulus::SwitchConfig.new(Accton::AS6701_32X::X_pipeline,
      Accton::AS6701_32X::Y_pipeline  (21..24).each do |i|
    conf.front_panel_port(i).set4x10g
  end
  cumulus_linux_overlay "AS6701_32X" do
    hardware conf
  end
end


Declare BGP with attributes

include_recipe "quagga"

node.set[:quagga][:daemons][:bgpd] = true
node.set[:quagga][:loopback]="10.51.239.1"
node.set[:quagga][:bgp][:local_asn]="65024"
node.set[:quagga][:bgp][:ebgp_peers]={
  "65022" => {
    "ip" => ["10.101.8.69","10.101.16.69"]
  }
}
node.set[:quagga][:bgp][:networks]=["10.51.0.0/16"]

quagga_bgp node[:quagga][:bgp][:local_asn] do
  ebgp_peers node.quagga.bgp.ebgp_peers
  networks node.quagga.bgp.networks
  loopback node.quagga.loopback
end

Template

bgpd.erb
password <%= node.quagga.password %>
enable password <%= node.quagga.enabled_password %>
!
router bgp <%= @local_asn %>
 bgp router-id <%= @loopback %>
 bgp log-neighbor-changes
<% @networks.each do |i| -%>
 network <%= i %>
<% end -%>
<% @ebgp_peers.each do |asn,v| -%>
 <% v[:ip].each do |ip| -%>
 neighbor <%= ip %> remote-as <%= asn %>
 neighbor <%= ip %> next-hop-self
 <% end -%>
<% end -%>
! 


DEMO


Get the cookbooks at
https://github.com/ooyala/cumulus-linux-cookbook
https://github.com/ooyala/quagga-cookbook

Results

  • Infrastructure as code
  • Leveraging DevOps best-practices (automated tests, CI, deployment).
  • White-box and hardware vendor agnostic.
  • Ooyala has open-sourced two Chef cookbooks:
    • Quagga (routing daemon)
    • Cumulus Overlay (simulate on Vagrant for testing)
  • Blog at:
    • http://engineering.ooyala.com/blog/network-management-and-automation-chef
  • We are hiring!

Networking with Chef at Ooyala

By Bao Nguyen

Networking with Chef at Ooyala

Examples and Demo for using Chef to build Layer3 networking.

  • 2,795