YANG data models are the map one should use when looking for their way to configure or retrieve any data on SR Linux system. A central role that is given to YANG in SR Linux demands a convenient interface to browse, search through, and process these data models.
Okay, here goes my first attempt fitting the shoes of a content creator.
Please welcome the NetRel episode 001 - Decoding gNMI with Wireshark, it is a 35min journey of using Wireshark to parse the gNMI traffic (both non-secured and secured).
I won't spend your time explaining the first episode; instead, let me tell you what I want the NetRel series to be about. I am interested in covering the aspects of network automation that are not widely covered.
As the networking industry is (slowly) moving towards forklifting networking functions to the cloud-native space we often become the witnesses of mixing decade old tools with cloud-native approaches and architectures.
This post is about one such crazy mixture of using screen scraping library scrapligo with kubectl exec and docker exec commands.
At the very heart of the DC Fabric solution lies a purpose-built, modern Network OS - SR Linux.
SR Linux comes with quite some interesting and innovative ideas. By being able to design the NOS from the ground up, the product team was freed from the legacy burdens which will be there have they decided to built the NOS on top of the existing one. Features like:
Protobuf based SDK
Disaggregated application stack
are the result of taking a fresh look at the modern data center networks and building the NOS for the Netdevops era.
No wonders engineers around the world wanted to play with SR Linux and take those features for a spin first hand. And today it is finally possible!
Just recently the network automation folks witnessed a great library to be ported from Python to Go - scrapligo.
Been working on learning go a bit and have published scrapligo https://t.co/NDXQ6khxCr -- still a work in progress, but has been a fun learning experience! Check it out and let me know what ya think! 🤠
For me personally this was a pivotal point because with scrapligo the Go-minded netengs can now automate their networks with a solid and performant library.
One of the things that scrapligo packs is, of course, the ability to reliably talk to the network devices using the same command line interface as a human would normally do. That means that scrapligo would send and receive the pieces of data that an operator would send/receive if they were connected with a terminal over SSH.
8 min read
Containerlab - your network-centric labs with a Docker UX#
With the growing number of containerized Network Operating Systems (NOS) grows the demand to easily run them in the user-defined, versatile lab topologies. Unfortunately, container runtimes alone and tools like docker-compose are not a particularly good fit for that purpose, as they do not allow a user to easily create p2p connections between the containers.
Containerlab provides a framework for orchestrating networking labs with containers. It starts the containers, builds a virtual wiring between them to create a topology of users choice and then manages a lab lifecycle.
Containerlab focuses on containerized Network Operating Systems such as:
In addition to native containerized NOSes, containerlab can launch traditional virtual-machine based routers using vrnetlab integration:
Nokia virtual SR OS (vSim/VSR)
Cisco IOS XRv
And, of course, containerlab is perfectly capable of wiring up arbitrary linux containers which can host your network applications, virtual functions or simply be a test client. With all that, containerlab provides a single IaaC interface to manage labs which can span contain all the needed variants of nodes:
3 min read
Building and publishing deb/rpm packages with goreleaser and gemfury#
I am a huge fan of a goreleaser tool that enables users to build Go projects and package/publish build artifacts in a fully automated and highly customizable way. We've have been using goreleaser with all our recent projects and we couldn't be any happier since then.
But once the artifacts are built and published, the next important step is to make them easily installable. Especially if you provide deb/rpm packages which are built with NFPM integration.
The "challenge" with deb/rpm packages comes to light when project owners want to add those packages to Apt/Yum repositories. Goreleaser doesn't provide any integrations with 3rd party repositories nor there are Apt/Yum repositories which are free and provide an API to upload artifacts. Or are there?
5 min read
Transparently redirecting packets/frames between interfaces#
Lately I have been consumed by an idea of running container-based labs that span containerized NOSes, classical VM-based routers and regular containers with a single and uniform UX.
Luckily the foundation was already there. With plajjan/vrnetlab you get a toolchain that cleverly packages qemu-based VMs inside the container packaging, and with networkop/docker-topo you can run, deploy and wire containers in meshed topologies.
One particular thing though we needed to address, and it was the way we interconnect containers which host vrnetlab-created routers inside.
Vrnetlab uses its own "overlay datapath" to wire up containers by means of an additional "vr-xcon" container that stitches the exposed sockets. Although this approach allows to re-wire containers in different topologies after the start, this was not something that we could use if we wanted use non-vrnetlab containers in our topology. Ideally I wanted to emulate p2p links between the routers (running inside containers) by veth pairs stretched between them, pretty much like docker does when it launches containers. And that is also the way docker-topo works.
Running multiple VMs out of the same disk image is something we, network engineers, do quite often. A virtualized network usually consists of a few identical virtualized network elements that we interconnected with links making a topology.
In the example above we have 7 virtualized routers in total, although we used only two VM images to create this topology (virtualized Nokia router and it's Juniper vMX counterpart). Each of this VMs require some memory to run, for the simplicity, lets say each VM requires 5GB of RAM.
So roughly, the above topology will claim 30-35GB of RAM in order to operate. Enriching the topology by adding more VMs of the same type will continue to push for more memory, thus running big topologies often becomes an exercise of hunting for RAM.
Luckily, there are technologies like Kernel Same Merging (KSM) and it's enhanced version Ultra-KSM (UKSM) that are able to lift the memory requirement for use cases like above. In a nutshell, they allow to merge mem pages of the same content, effectively reusing the same memory pages between virtual machines.