Network Automation with Ansible, ServiceNow, and ChatOps

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Applause] hi my name is Jason Edelman with networker code in the next 25 minutes or so we're gonna talk about improving network operations network operations really hasn't changed much over the past 20 plus years right now we're kinda meters we're still managing the network one at a time still connecting to the device manually be SSH we're gonna talk about how operations can be thought about a bit differently leveraging multiple types of tools such as chat ITSM tools and even in the center open source automation platforms as well so never to code we work with our clients every day providing them with a combination of consulting and training in that remote emission space essentially everything that we're gonna see in the next twenty plus minutes or so now so what we're gonna be demoing in this in this video is very focused around thinking differently about network operations where specifically we're going to be demoing ansible Tower by Red Hat and ServiceNow but when you think about this top-down ServiceNow could be any ITSM tool right it could be something like BMC's remedy and ansible tower as well has great api's but if you have another platform in the middle that has great api is what you're gonna see in the next 25 minutes or so could effectively be done for the platform but we've just found a lot of interest from our clients in ansible tower as well as ServiceNow so what we're seeing here is our network on the bottom going one step up we have ansible Tower Red Hat and we're gonna have our network engineers right build things like play books within Tower now you could also have network engineers and other IT engineers just consume those workflows using Tower my tower is going to give you things like security and permissions and have button automation directly built in but if you want to expose those work close to other users in the organization such as it could be the helpdesk missus adamant team it could be even business users you can expose them through typical ITSM based change requests ok so we're gonna show how you can now fill out a change request form and have that when you click Submit on a change request form directly execute a job with an ansible tower again very very powerful now it actually goes a step beyond this as well okay so what we're gonna be showing hands on live demo is going beyond just ServiceNow ansible in the network is we're gonna show how we can consume Network even from check so on the Left we have slack on the right we have Cisco WebEx teams so we're gonna be presenting is various ways to consume a single workflow think about this you could today stick with doing network CLI based work connecting to one or more devices you could deploy something like ansible tower great web front-end right great click button automation in itself and you can be done with your we'll say starting point into network automation you can go straight up the stack as well to say well in terms of deploying automation you might want to maintain your typical enterprise controls Thrun ITSM tool like ServiceNow so what does that what does that really mean well let's say this you want to open up a change request to deploy a beeline you fill out a webform you click submit then you want to have one or two or three other teams review that change click approve and then deploy it for ansible well that's possible you can also say well that VLAN change is so common we're gonna dump that our standard change and as soon as somebody fills that out in ServiceNow and they click Submit have it go in real-time or have it go at the next scheduled change window and we're gonna show this in the live demo in this video we're also going to show what's honing that workflow for a VLAN change as an example we're gonna show how you can execute that change directly from ansible directly from slack and directly from WebEx teams now the great thing here is if you execute a given workflow in any of these user interfaces in any of these consumption models they're all gonna trigger the same exact playbook right so you're essentially walking down what can be done with your with your playbook that you wrote now you're gonna expose that via slack or WebEx teams our service now all right so the same job is getting triggered we're also gonna show how you can consume data from platforms like chat meaning if you want to collect data about the network right our done we're gonna focus on things like you know basic characteristics and basic facts about a device to collect to them via via chat but you can collect things such as operational data configuration data this is where you know whatever makes sense to you to have data at your fingertips you can do that you can even collect things like SNMP graphs via chat they get returned to screen chat a screen shot via via chat so effectively we're gonna focus in on service now change requests and those changes being made through ansible tower and getting notified as well directly via chat you also could have things like alerts go back into chat you can have based on a known event on the network if a device goes down a port bounces maybe you want to in the future open up in the incident request directly into ServiceNow so all this is possible today and it's really about improving network operations improving the reliability of the network holistically but in this demo we are gonna walk through making the same exact change on the network from slack WebEx teams from service now and ansible tower directly and all these changes are gonna issue and trigger the same exact job just very very powerful in itself so you you're not gonna have and tools communicating with it with the network we're gonna have that that shim layer here and we're gonna have multiple consumption models multiple ways to consume the network go all through ansible in this case at this point we're gonna shift gears then we're gonna go directly in to the hands-on demo great so at this time what we're gonna do is start our demo using the network to code ServiceNow ITSM portal and as we're seeing here ServiceNow is quite robust you can do quite quite a few things with ServiceNow we're gonna focus in on the left-hand panel where we have some pre-built common change requests and this is where you can customize your panels and service and out to have these types of things that are relevant for your environments so we're gonna start with things like VLAN management as an example the VLAN management would be a common change request just to globally add a VLAN ID and taking a peek at a few others for now another good one is helpdesk port assignments this is where if you want to have the helpdesk be able to configure a port based on Jack ID you don't want to expose necessarily the actual device name or maybe even the vielen of the device we would select the actual pork we'd assumed on the back end there's there's a true mapping of a jack ID to a given switch port interface and then the device type right here they would select the device type reasons for certification request notes things like that and then click Submit ok so we have a few of these pre-built like helpdesk VLAN management switch pour a little bit more network centric as you mentioned for helpdesk they would select the actual device type or switch port management you can do device type but you can also do a VLAN ID to override that as well ok so we'll get started with the line management come back to things like iOS upgrade in just a minute as well so VLAN management as you'd expect we're going select our our device this could be data center of campus really doesn't matter where it is so we're just gonna say we're gonna configure maybe a slack VLAN we'll just put zero zero two here and maybe we'll put VLAN ID 222 on the right-hand side see it populating right-hand justified and we'll just say you know deploy deploy beeline for demo and we'll just do this for our justification and our request notes so when I click Submit here under the cover is what we're gonna see is a job in ansible tower get kicked off this is where you would determine the business process on what should happen but for now we'll click Submit because vielen vielen change is for this demo going to be a standard change it's just a very common thing that we're gonna have happened without any approvals required I'm gonna click f5 refresh we should see update VLAN right here if we open up our change ticket we're gonna scroll down and we're gonna see our desired data in our description for now okay so at this point what we could do is I'm gonna navigate over to ansible Tower we're to go to our jobs at this point we actually see the green button kind of going in and out right here so we see this playbook has started with an ansible tower okay so if we want to view what's happening we could click on our execution of the playbook and we're gonna see this happen in real time going down if you want to monitor this okay this is a very nice feature to be able to still see the standard out within ansible tower okay so the other nice thing as we're in here taking taking a look at insult our see this job this is going to take just a minute to run and deploy that VLAN so we'll come back to that in a second but the other nice thing is if we did go into this job template called PBB line management let's just do a search for that real quick beeline so we get beeline management here if you were a network user didn't want to go through service now maybe that's going to be the interface for Expo using VLAN resources to other teams we could even execute this playbook right here and let's click Next to see our survey and have another team fill out this form directly within Tower right so there's a lot of flexibility with consuming a playbook or consuming Network automation as we may say so we're looking at two options already and what we're going to expose to more in the next few minutes so we're gonna close this our playbook is running we can go back to our jobs this playbook we have a lot of poses in here for the demo but let's jump back into service now and see what's happening at that point let's navigate back here then we're gonna click refresh and even along the way what we're gonna see is the status change within the ServiceNow ticket right it's scheduled now we're actually seeing it's currently in the process of being implemented and the state just closed here so if we scroll down come to our notes we're actually gonna see that along the way of the ticket has now been has not been closed okay so this is this is a very nice feature to be able to to do this and let's f5 refresh one more time and at this point what we should see is that this is officially okay so it was close close to ready okay cool this is this is good to see for now what we're gonna see is even more data as we go into you know the next the next execution of this okay so what we've shown so far is just a ServiceNow standard change executing a playbook now the next interface that we want to expose is from chat but using Cisco WebEx teams all right so what we're in now is a as a workspace that from this workspace we can either interface with the network to collect data or make configuration changes you know so what we're gonna do here is issue that same exact change let's say we're gonna talk to our network to code knodel Bob we're gonna say add villain and we're gonna do device equals and X OS spine1 and we're gonna say VLAN ID equals let's say 500 and V line name equals let's say this is gonna be a team's V line we hit enter so we're getting a response back immediately from our bot with the response saying they've acknowledged and what we're asking for and the bot now is going to go configure VLAN 500 with the name of team's VLAN on an ex-wife spine1 what we're all looking we're actually getting back even more detail here from from chat so we have two links coming back to us around viewing the ticket progress this is in service now or even the link directly to ansible tower so if we navigate into both of those we could click the link but it's open race let's just go back in here let's say open change requests let me see the alert up here as well so we get the alerts WebEx team's going along the way which is pretty you know pretty neat and so let's click on let's actually click on that link let's just say the ticket progress all right so we're gonna get redirected here this was 222 okay cool so we have spine1 teams v-line and we have you know the notes at the bottom getting updated as we as we'd expect now let's jump into our playbook job so we'll click jobs now we see the new job currently running for VLAN management again if we click this link within the jobs we're gonna see we can we have a pause here for the demo so we're gonna okay cool so that's gonna be a pause then we're going to continue with our with our tasks now we're getting the alert from our team's chat so let's jump back into here so what we're seeing is even the feedback from the device so we have the ability to have the show command pre and post change be delivered directly to your console if it's chat or service now and if we come back into our ticket in ServiceNow these are the things that's plus f5 is one more time to refresh short notes these are the things that are it's totally totally up to you so right now and we see data coming into into our change in terms of changing the status and then we saw from from chat we got the feedback from from the device with the show commands now we have other demos where the show command does go back into the ticket as well that way at any point in time you would see the actual commands that were deployed as well as the results you know given a command like show beeline briefed on a nexus and now we see our ticket our ServiceNow ticket 3222 has officially been closed ok so this is interesting so think about this we've already looked at three different ways we could consume the same workflow or same job you can use something like ansible tower directly right and network team DevOps team something like that you could consume it via ServiceNow right for third-party teams like a helpdesk or or any other team that's a consumer of the network we've also seen we've seen this now through chat using Cisco WebEx teams okay so another way we can look at is using using slack right so what we have here this is the result from an elastic --it but the really cool thing is if we just let's get rid of this clean up our output for now with slack there's some built-in slash commands that we have if we do slash add VLAN for Network Autobots what we're gonna end up seeing here is a pop-up right so this is a bit more user friendly but again still just showing how we can leverage chat to consume network resources and we can select our device and spine1 we'll stick with for this demo that's the production device that we have up on the back end and we can say you know slack VLAN and one says it's gonna be VLAN 400 we click Submit same sort of thing so I'm logging to slack as Smith so we're gonna say stand by John Smith and let note about you do its do its job so note about you know fro so it's going to be our communication mechanism into consuming network automation so we're gonna view the status of the job with ServiceNow directly with our link and the insult our console as you'd expect and again just just for kicks we can always come back to the jobs and then see you know the next the next playbook that is running alright so this is running again for for VLAN management ok so what we're seeing here is you know a lot of flexibility in consuming network automation as this runs what I want to show is a few more things one is while we're in WebEx teams we can do things like communicate to note about and use help to see well what what can we do these just a few things that are available there's many more that are built in the backend as an example we have get fact so we can do something like well let's talk to note about and say let's let's get facts let's get facts and say device equals CSR one this is an iOS base router I know table is gonna go go to that device issue you know issue a job and get facts and facts under the covers this is still Ansel being you so we're going to collect a few basic things about the device things like OS version hostname available memory and a few other things and this is where it's totally up to you as you know as the the designer or the Automator to decide what comes back the format you wanted and so here we're just bringing back some defaults with an ansible but this is where we could we could get anything from V lines to BGP to whatever whatever makes sense what we've seen so far is pretty much running the same playbook directly from ansible directly from cisco webex teams and directly from from slack okay so and service now or so we have those four mechanisms to really consume the same the same exact playbook or drive the same workflow we've also you know communicated with the network in terms of deploying a configuration change using ServiceNow we've done that through again these other mechanisms but really importantly also collected data so you don't always have to be configuring devices through these interfaces you know be it ServiceNow or chat we can also and collect data like we're getting fax here and really neat is what we also showed within slack with these slash commands as an example okay so the one last thing that we want to walk through with ServiceNow especially is the ability to map back to your business process right a few of these like switch poor helpdesk VLAN those are actually pre approved change those are standard changes that you could just click Submit and the job could run in real time as we're showing it here but maybe maybe you don't want to run it in real time and you want to schedule at the next change window that's a little totally fine and totally up to you to do that and that's that's awesome so we're gonna show it now is OS upgrades and again so typically you know we're gonna just come in here and select our or device so here we could say nx-os leaf one and then a desired image and the whole goal again just reiterate it is to walk through the business process that makes sense based on the change right in VLANs might just happen in real time because it's a standard change those upgrades maybe not as standard we want to track it a little bit differently so let's let our device and image and click Submit so we click Submit here what's gonna happen is of course a new change will be open now the difference is when we open this latest change to 27 we are going to see on the right-hand side that a change is waiting for approval so let me switch screens jump into a second service now screen I'm in a Chrome incognito tab and let's just do a refresh here on my approvals right so if you notice in the top right I'm logged in as Fred ludie who's gonna approve this ticket but also the initiator was a system administrator if we jump back in here we see change to 27 maps directly back to 227 here from the initiator now what we're doing to simulate two approvals is we're just gonna have Fred approve this ticket twice but in theory again in terms of production environments Fred maybe the first approver and maybe Sally is the second approver you know whatever it might be so we approve it once I'll come in here again let's change this again let's go it go to approve now as soon as they click approve if we jump back into our our tower job we already see the OS upgrade ticket is starting okay so what we're what we're showing is effectively the process that you could implement for any given change I'm going to cancel this actually I don't want to move forward with that upgrade so I will cancel that job for now within within Tower okay so effectively let's jump back to the service now so both of our screens again is one is the initiator this could be a consumer of the network and network engineer right requesting the change and the approvers you know we showed Fred approve the ticket twice but it could be Fred approves the first ticket gets routed to another team or another a peer of Fred's and they approve it and maybe also set the time because even here as we showed once Fred click the approve button twice it did initiate the upgrade immediately now this would be right up to the enterprise process that would dictate how do we handle this for your environment is it one again one approver one-time schedule or is it the next change window right things like that would be essentially built into the workflow to make sure it adheres to your business process and everything here can be consumed via the automation engine the automation tool itself such as ansible Tower in this case it be an ITSM like ServiceNow it could be something like remedy and it can also be chat programs as we showed like WebEx teams or even something like slack hope you guys enjoyed the demo and this was meant to really show different ways to consume some predefined automated workflows within an enterprise environments

Info

Channel: Network to Code

Views: 4,905

Rating: 4.9333334 out of 5

Keywords: network automation, ansible, netops, netdevops, ntc, chatops, nre, automation, devops

Id: f99WdDPsJNg

Channel Id: undefined

Length: 24min 53sec (1493 seconds)

Published: Sun Nov 11 2018