NetBCN, February 27th 2024 Damien Garros, Co-founder OpsMill Powered by Infrahub Design Driven Infrastructure Automation 

About Me Co-Founder and CEO of Focused on Infrastructure as Code, Automation & Observability for 10+ years Previously leading Technical Architecture at Network to Code @dgarros damiengarros @damgarros 

Agenda 1. Design Driven Infrastructure Automation 2. Infrahub 3. Demo Managing an IP Fabric with a Design Driven Approach with Infrahub 

Design Driven Infrastructure Automation 

Infrastructure Building Lifecycle Design Build Operate Mermaid.js Convert Design to Implementation Configure, Allocate LLD Design Documents Diagrams & Wording HLD Operate, keep the lights on Troubleshoot 

Critical Design Context is lost in the process Convert Design to Implementation Design Documents Operate, keep the lights on Design Build Operate 

Design Driven Automation Configure Configs Validate Tests Document LLD Implementation Instance of a Design Configure Configs Configure Configs Validate Tests Validate Tests Document LLD Document LLD Design 

● The design is usually implemented in code or with a DSL (Design Builder) ● Each instance is defined by specific inputs Input #1 Input #2 Design Builder From Design to Implementation Implementations Instance #1 Instance #2 

Resources & Examples of Design Driven Automation Jeremy Schulman Design Driven Network Assurance Implemented at MLB Presentations Autocon0 NANOG88 AVD : Arista Validated Design Infrastructure as Code https://avd.sh/ MALT : Multi Abstraction Layer Topology Paper & Presentations NSDI 2020 NANOG80 

Common Challenges ● How to update the implementations when a design evolve ? ● How to identify Drift from the Design ? ● How to store the information about each implementation ? 

Input #1 Source Of Truth Input #2 Design Builder Only the implementation is stored Lost, not Stored Stored in Git Stored in the Source of Truth 

Infrahub Input #1 Input #2 Design Builder Infrahub’s approach All aspects of the design are stored in Infrahub CI Pipeline Design builds are idempotent Implementations are continuous validated based on the Input and the Design 

Infrahub by OpsMill 

Infrastructure The next evolution of Infrastructure Management Infrahub Network Security Cloud A central HUB to manage all of the information that powers your infrastructure. Infra as Code + Data Management 

A modern Source of Truth must possess two essential qualities SCHEMA UI/UX API PEER REVIEW BRANCH IMMUTABILITY Flexible Data Model It should have the flexibility to capture diverse types of data, whether technical or business-related, providing a comprehensive view of the infrastructure. Versioning It should enable effective control and validation of data changes before they are implemented, ensuring the stability and integrity of the infrastructure. 

Infrahub Extensible Schema Extensible Data Model Unified Storage Graph DB Historical Data Data Lineage Collaboration Integrations - Ansible, Nornir, Terraform UI Query Engine Metadata Version Control Branches Configuration Rendering CI Pipeline Peer review and validation Automation Global View Extensibility 

How it Compares Version Control Immutability Extensible Schema N Y Y User Interface UI / UX API / GraphQL N Y Y Limited Y Limited Y Schemaless Y Y Y N GitOps Infra as Code Infrahub In-House Database Purpose Built Tools Limited Limited Y Y Y 

Infrahub Unified Storage w/ Version Control Data Files Config Rendering Artifact Peer Review CI Pipeline User Defined Schema UI, API, GraphQL Infrahub Overview 

Infrahub Unified Storage w/ Version Control Config Rendering Artifact Peer Review CI Pipeline Design Data UI, API, GraphQL Infrahub Overview IPAM Inventory Cabling & Topology Design Builder Config Templates Rendered Configs Business Context 

Core Architecture ● Python / Async ● Data stored in Neo4j ● Deep Integration with Git ● Python Client for CI Versioned Graph Compiler Intent Graph Modeling CI Pipeline RBAC Framework Git Manager 

Automation Transformations Infrahub Source of Truth Fetch Transform Render Deploy Fetch Transform Render Deploy Data Data Change Control Change Control Agent → Engine 

Demo 

Topology / Pod Design Driven DC Fabric Topology Information ● Number of spines, leafs ● Type of devices ● MLAG Support ● Supernet for Prefix allocation ● DNS & NTP Spine 1 Spine 2 Spine 3 Spine 4 Leaf 1 Leaf 2 Leaf N Pod #1 

Source of Truth Data Models Topology Services Network Management Device Interface L2/L3 IP Address / Prefix Cable Autonomous System BGP Session Technical Implementation Models Design Models Organization Location Organization Models 

1 - Schema Management / Extensibility 2 - Unified Storage / Git Integration 3 - Configuration Rendering 4 - CI Pipeline, Design Validation 5 - Immutable Storage 6 - Test Framework for Transformations Demo Agenda 

Thank You