My boss has tasked me with "Figure out what this SDN thing is and show me some Proof of Concepts"
I'm pretty pumped to be able to devote my time to learning this for myself, and for the company. We are a heavy Cisco shop with remote offices throughout the US.
Any suggestions out there on where the best places are to start, what you guys recommend, where to learn/research it?
Quote from: EOS on September 22, 2016, 06:05:45 AM
My boss has tasked me with "Figure out what this SDN thing is and show me some Proof of Concepts"
I'm pretty pumped to be able to devote my time to learning this for myself, and for the company. We are a heavy Cisco shop with remote offices throughout the US.
Any suggestions out there on where the best places are to start, what you guys recommend, where to learn/research it?
youtube, and watch some videos search 'SDN'
Your biggest hurdle is to actually nail down what SDN really is. Its become such a marketing term it can pretty much mean anything new these days. But there are several areas of you can focus in on depending on your needs or interest. Most of these are highly subjective and can be seen multiple ways, or I might not have the right view/grasp of them ATM.
1) Data Center automation, controller based solutions, which can even be a broad term itself. Think of current wifi solutions and replace the APs with network devices.
Just to name a few:
-Cisco ACI - (controller based network fabric using APIC controller)
-VMWare NSX - (controller based network fabric within VMWare enviroment)
-Arista Cloudvision - (Controller based network mgmt using central server)
-Cumulus Linux - (linux based router/switch running on whitebox hardware or host servers)
-OpenStack - (https://www.openstack.org/)(Open Source controller for managing pretty much everything)
-Nuage Networks - (http://www.nuagenetworks.net/) (Controller based network mgmt using central server built on OpenStack)
-Apstra - (http://www.apstra.com/)(Controller based network mgmt using central server)
2) SD-WAN, which is automating the WAN connections and links to fine tune traffic patterns and policies
-Cisco iWAN
-Viptella
-SilverPeak
-Pretty much every vendor out there has branded a solution for SD-WAN. These are just the most popular.
3) Cloud Networking which builds parts or all of your infrastructure in a highly automated and accessible hosted solution.
-Amazon AWS
-Microsoft Azure
-Google Cloud platform
4) DevOps, which is scripting/automating operations aspects of your day-to-day either into workflows or mgmt tools. Or whatever the hell some people think this is. Im unsure at this point...
-Ansible - (automation framework allowing you to build "playbooks" to automate specific task into workflows)
-Python scripting - (Hello World)
-Build your own - (Notepad++ and get busy!)
-Programmers who think they know networking better than CCIEs
-Networking guy who think they can program
And to round out the list there is Docker which takes virtualization one step further and containerizes specific software or processes.
https://www.docker.com/
Now that you are fully up to speed on SDN please update your resume accordingly. :banana:
Thank you both.
I've been searching around and reading up on it, but there's different ideas about what SDN is/should do for your environment.
@that1guy15 - Great breakdown. That is insanely helpful to me right now!! :pub:
...and that why i love these forums. :thankyou:
Can't believe no one has mentioned https://www.sdxcentral.com/ (https://www.sdxcentral.com/) yet.
Oh, that and start replacing all your Ciscos with all the Arista hotness. :problem?:
Quote from: AspiringNetworker on September 22, 2016, 09:29:15 AM
Can't believe no one has mentioned https://www.sdxcentral.com/ (https://www.sdxcentral.com/) yet.
Oh, that and start replacing all your Ciscos with all the Arista hotness. :problem?:
I need to spend more time there. Not sure why I dont... Great resource.
Quote from: that1guy15 on September 22, 2016, 09:58:44 AM
Quote from: AspiringNetworker on September 22, 2016, 09:29:15 AM
Can't believe no one has mentioned https://www.sdxcentral.com/ (https://www.sdxcentral.com/) yet.
Oh, that and start replacing all your Ciscos with all the Arista hotness. :problem?:
I need to spend more time there. Not sure why I dont... Great resource.
Fun Fact - My boss had a meeting/lunch with an Arista SE and Sales guy, and came back from it with this direction for me. LOL
Hehe nice....
Aristas.... Aristas everywhere.... :banana:
Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator
Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks
Like others have said the hardest part is really figuring out what SDN is. I would take what you do day to day and try to figure out how one would typically automate said jobs. Like why in the world am I manually adding vlans and acls?
1.) Find a programming language. Python is probably the easiest one out there. I would highly suggest learning things like paramiko or interacting with an API. This is all vendor driven.
2.) Find some blogs where ansible is used. Ansible is very powerful without knowing much of a programming language.
3.) Begin to explore outside of your realm with things like Docker,NSX etc
4.) linux,linux,linux,linux,linux
I think I am 2+ years into this SDN thing. I still do not have a 100% clear definition on what it is. Check out some of these blog posts I have done in the past few months of SDN like topics....
https://danielhertzberg.net/2016/05/09/arista-ztp-basics/
https://danielhertzberg.net/2016/08/08/network-continuous-integration-using-jenkinsjinja2-and-ansible/
Quote from: wintermute000 on September 22, 2016, 04:32:06 PM
Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator
Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks
lulz you said powershell.
Oh sure if @burnyd gets to shamelessly promote his blog so will I!!!
I have a series on my blog to cover some of the current trends in DC networking. Im kinda just getting it rolling but have had to set it aside for other projects. Check it out and hopefully new post will be coming soon.
http://blog.movingonesandzeros.net/2016/05/current-trend-in-networking-series.html
Quote from: that1guy15 on September 23, 2016, 08:18:49 AM
Oh sure if @burnyd gets to shamelessly promote his blog so will I!!!
I have a series on my blog to cover some of the current trends in DC networking. Im kinda just getting it rolling but have had to set it aside for other projects. Check it out and hopefully new post will be coming soon.
http://blog.movingonesandzeros.net/2016/05/current-trend-in-networking-series.html
... all these blogs, including burnyd's and That1guy15's, are available in the blog section of this forum!
Quote from: burnyd on September 23, 2016, 07:51:11 AM
Quote from: wintermute000 on September 22, 2016, 04:32:06 PM
Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator
Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks
lulz you said powershell.
Preaching to the choir (Python/Ansible FTW) but in all seriousness, its not that bad LOL - in fact its pretty darned powerful (too powerful... heard some real horror stories re: the fact its not typed!)
The main scenario re: automating NSX configuration with powershell vs python + RESTAPI is simple practicalities - its easier to ask the already heavily MS enterprise shops we typically deal with: have you installed powercli, usually yes, ok here we go. Vs can I have a linux server, with python install, and pip all these extra things, oh its proxied so we need to ask for proxy permissions / FW permissions and oh that means it has to go to security for approval and wait our policy is to maintain our own internal repos whaddaya mean your internal repo only has version XYZ, oh oops linux servers are in a different zone so we'll have to punch FW rules, but wait the vcenter admins aren't comfortable with some stinkin nix neckbeard hitting his valuable API calls with strange and alien JSON.... AARGH
Whilst on that topic: they better fix that thing whereby to edit an object you need to send a payload defining the whole damned object again. Leading to ugly hacks like this
https://richdowling.wordpress.com/2015/07/15/automating-nsx-from-powercli/
OTOH there is plenty of spadework being done by others in powershell land, that appears to be the focus from Vmware guys
http://thatcouldbeaproblem.com/?p=893
http://virtualize-automate.com/wp/index.php/2016/03/18/getting-started-powernsx/
Quote from: wintermute000 on September 23, 2016, 11:58:10 PM
Quote from: burnyd on September 23, 2016, 07:51:11 AM
Quote from: wintermute000 on September 22, 2016, 04:32:06 PM
Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator
Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks
lulz you said powershell.
Preaching to the choir (Python/Ansible FTW) but in all seriousness, its not that bad LOL - in fact its pretty darned powerful (too powerful... heard some real horror stories re: the fact its not typed!)
The main scenario re: automating NSX configuration with powershell vs python + RESTAPI is simple practicalities - its easier to ask the already heavily MS enterprise shops we typically deal with: have you installed powercli, usually yes, ok here we go. Vs can I have a linux server, with python install, and pip all these extra things, oh its proxied so we need to ask for proxy permissions / FW permissions and oh that means it has to go to security for approval and wait our policy is to maintain our own internal repos whaddaya mean your internal repo only has version XYZ, oh oops linux servers are in a different zone so we'll have to punch FW rules, but wait the vcenter admins aren't comfortable with some stinkin nix neckbeard hitting his valuable API calls with strange and alien JSON.... AARGH
Whilst on that topic: they better fix that thing whereby to edit an object you need to send a payload defining the whole damned object again. Leading to ugly hacks like this
https://richdowling.wordpress.com/2015/07/15/automating-nsx-from-powercli/
OTOH there is plenty of spadework being done by others in powershell land, that appears to be the focus from Vmware guys
http://thatcouldbeaproblem.com/?p=893
http://virtualize-automate.com/wp/index.php/2016/03/18/getting-started-powernsx/
You can interact with the NSX API via httplib because its all just XML.
https://github.com/burnyd/NSXBuild
That is one of the first scripts I have ever wrote. Its f'n terrible. I would have written it way better today after another year plus of experience at this point.
nice, starred and will flick past my colleagues involved in our current NSX project.
Have you used requests? how do you compare it vs httplib? Requests is the only python RESTAPI library I've used so far (and I do like it!).
I have never used requests. httplib is just plain simple when working with XML based API's I would suggest using that unless you have a vendor made python library that makes things really easy.
Other than that like with Arista you can import the jsonrpclib library and start messing around. That will talk to each one of the switches through the api return json and you can itterate around it. If you need any help with the nsx stuff or atista lmk.
Just had our local SE do the quarterly Arista update and lo behold as you mentioned, telemetry....
the full BGP tables look tasty as well, esp after full MPLS-PE functionality is rolled out - I'm not totally convinced by the 'just use VXLAN+EVPN' line of thought just yet. TE being one concern.
Exciting times for Arista for sure.
Quote from: wintermute000 on October 12, 2016, 05:17:33 PM
Just had our local SE do the quarterly Arista update and lo behold as you mentioned, telemetry....
the full BGP tables look tasty as well, esp after full MPLS-PE functionality is rolled out - I'm not totally convinced by the 'just use VXLAN+EVPN' line of thought just yet. TE being one concern.
Exciting times for Arista for sure.
Telemetry is going to be a huge deal for us. Just doing some eft's for some customers and trying to export it this weekend into elk stack its really awesome.
Yah ping me about all of that. Right now as I type this no L3VPN support is here yet its in Q2 of 2017. Full tables are available in a 1RU device which is just awesome. I am not sure what you mean by that with VXLAN? Im not sure if we will ever do RSVP-TE. I can tell you right now that we do support segment routing like right now. Same with BGP labeled unicast.
I have been reading a tons of web articles in the past, but to tell you the truth, it will only confuse you more. I have replenished my technical books this years with hundreds of $$ allocation in topics and bought latest books for AI, data mining intro, GIT, python, and yes SDN.
Out of two books I purchased for SDN after spending a time in B&N were
Software Defined Networks - A Comprehensive Approach.
978-0-12-416675-2 were stellar.
After reading halfway through, it is only clear that all of these internet articles will not even come close to get you understanding.
Not only it describes the technicals of the SDN in the deep, it gives analysis of many current implementations by many vendors and categorizes into 3 major implementations:
sdn native - pure sdn implementation with openflow protocols: many startups such as BGN.
sdn via legacy - some of the sdn are implemented and emulated in legacy hardware: Cisco ACI for example.
sdn via hypervisor - some of the sdn are implemented and emulated in virtual environment: VMWare Nikira.
I suggest you to go ahead and obtain the book. LIke I said, the tech articles on the web are mostly very basic and subjective.
Saying that, I am already in search on how to do some basic implementation and start doing some development works on openflow protocol. I am looking around any development kit with white box switch that is tailored to give developer to jump start on the development of Network app using openflow API. Anyone has done it?
looks to be a second edition that just released last week.
https://www.amazon.com/Software-Defined-Networks-Second-Comprehensive/dp/0128045558/ref=sr_1_fkmr0_2?ie=UTF8&qid=1478523256&sr=8-2-fkmr0&keywords=Software+Defined+Networks+-+A+Comprehensive+Approach.+978-0-12-416675-2
Book has some solid reviews.. Just ordered the 2nd edition
looks like i got 1st edition one. I think it covered up to openflow 1.3.
You are in good hands.