NetBCN - Design Driven Infrastructure Automation powered by Infrahub

Transcript

1. NetBCN, February 27th 2024 Damien Garros, Co-founder OpsMill Powered by

   Infrahub Design Driven Infrastructure Automation

2. About Me Co-Founder and CEO of Focused on Infrastructure as

   Code, Automation & Observability for 10+ years Previously leading Technical Architecture at Network to Code @dgarros damiengarros @damgarros

3. Agenda 1. Design Driven Infrastructure Automation 2. Infrahub 3. Demo

   Managing an IP Fabric with a Design Driven Approach with Infrahub

4. Design Driven Infrastructure Automation

5. Infrastructure Building Lifecycle Design Build Operate Mermaid.js Convert Design to

   Implementation Configure, Allocate LLD Design Documents Diagrams & Wording HLD Operate, keep the lights on Troubleshoot

6. Critical Design Context is lost in the process Convert Design

   to Implementation Design Documents Operate, keep the lights on Design Build Operate

7. Design Driven Automation Configure Configs Validate Tests Document LLD Implementation

   Instance of a Design Configure Configs Configure Configs Validate Tests Validate Tests Document LLD Document LLD Design

8. • The design is usually implemented in code or with

   a DSL (Design Builder) • Each instance is defined by specific inputs Input #1 Input #2 Design Builder From Design to Implementation Implementations Instance #1 Instance #2

9. Resources & Examples of Design Driven Automation Jeremy Schulman Design

   Driven Network Assurance Implemented at MLB Presentations Autocon0 NANOG88 AVD : Arista Validated Design Infrastructure as Code https://avd.sh/ MALT : Multi Abstraction Layer Topology Paper & Presentations NSDI 2020 NANOG80

10. Common Challenges • How to update the implementations when a

    design evolve ? • How to identify Drift from the Design ? • How to store the information about each implementation ?

11. Input #1 Source Of Truth Input #2 Design Builder Only

    the implementation is stored Lost, not Stored Stored in Git Stored in the Source of Truth

12. Infrahub Input #1 Input #2 Design Builder Infrahub’s approach All

    aspects of the design are stored in Infrahub CI Pipeline Design builds are idempotent Implementations are continuous validated based on the Input and the Design

13. Infrahub by OpsMill

14. Infrastructure The next evolution of Infrastructure Management Infrahub Network Security

    Cloud A central HUB to manage all of the information that powers your infrastructure. Infra as Code + Data Management

15. A modern Source of Truth must possess two essential qualities

    SCHEMA UI/UX API PEER REVIEW BRANCH IMMUTABILITY Flexible Data Model It should have the flexibility to capture diverse types of data, whether technical or business-related, providing a comprehensive view of the infrastructure. Versioning It should enable effective control and validation of data changes before they are implemented, ensuring the stability and integrity of the infrastructure.

16. Infrahub Extensible Schema Extensible Data Model Unified Storage Graph DB

    Historical Data Data Lineage Collaboration Integrations - Ansible, Nornir, Terraform UI Query Engine Metadata Version Control Branches Configuration Rendering CI Pipeline Peer review and validation Automation Global View Extensibility

17. How it Compares Version Control Immutability Extensible Schema N Y

    Y User Interface UI / UX API / GraphQL N Y Y Limited Y Limited Y Schemaless Y Y Y N GitOps Infra as Code Infrahub In-House Database Purpose Built Tools Limited Limited Y Y Y

18. Infrahub Unified Storage w/ Version Control Data Files Config Rendering

    Artifact Peer Review CI Pipeline User Defined Schema UI, API, GraphQL Infrahub Overview

19. Infrahub Unified Storage w/ Version Control Config Rendering Artifact Peer

    Review CI Pipeline Design Data UI, API, GraphQL Infrahub Overview IPAM Inventory Cabling & Topology Design Builder Config Templates Rendered Configs Business Context

20. Core Architecture • Python / Async • Data stored in

    Neo4j • Deep Integration with Git • Python Client for CI Versioned Graph Compiler Intent Graph Modeling CI Pipeline RBAC Framework Git Manager

21. Automation Transformations Infrahub Source of Truth Fetch Transform Render Deploy

    Fetch Transform Render Deploy Data Data Change Control Change Control Agent → Engine

22. Demo

23. Topology / Pod Design Driven DC Fabric Topology Information •

    Number of spines, leafs • Type of devices • MLAG Support • Supernet for Prefix allocation • DNS & NTP Spine 1 Spine 2 Spine 3 Spine 4 Leaf 1 Leaf 2 Leaf N Pod #1

24. Source of Truth Data Models Topology Services Network Management Device

    Interface L2/L3 IP Address / Prefix Cable Autonomous System BGP Session Technical Implementation Models Design Models Organization Location Organization Models

25. 1 - Schema Management / Extensibility 2 - Unified Storage

    / Git Integration 3 - Configuration Rendering 4 - CI Pipeline, Design Validation 5 - Immutable Storage 6 - Test Framework for Transformations Demo Agenda

26. Thank You