The official report from the ETSI Remote NFV API Plugtest as well as the 4th Plugtest events have now been posted:
Although we are not allowed to comment on specifics, I believe the reported results indicate that our new SOL003 interfaces on both NSO NFVO and ESC performed exellent! This is of course to be expected, considering the successful deployment at Rakuten, where NSO NFVO interoperates with ESC as well as with a 3rd party VNFM over SOL003 in a live network.
The previous event reports are
Here you can see that NSO NFVO and ESC have been tested against 40+ VNFs with excellent results!
... View more
Here is a list of links related to Rakuten's new all-virtual mobile network
Reimagining the End-to-End Mobile Network in the 5G Era (Cisco whitepaper 2019-06)
How the world changed: Cisco CEO on Rakuten's new mobile network (Rakuten.today 2019-06-26)
Rakuten Cloud Platform is a Blueprint for the Future (Cisco SP360 blog 2019-03-21)
Enabling Rakuten Cloud Platform with Cisco NFVI and Orchestration Solutions (Cisco SP360 blog 2019-02-25)
Rakuten is building the world's first end-to-end cloud-native mobile network: Tareq Amin (Rakuten.today 2019-01-18)
... View more
NSO NFVO 4.0 was released in May, and it supports the SOL003 interface. This was tested against multiple VNFMs during the ETSI NFV Plugtest event earlier this month (June 2019), including Cisco ESC (ETSI NFV Plugtest NDA prevents me from listing the other VNFM vendors in a public forum)
... View more
Yet again there was a lot of NSO related content at Cisco Live US 2019. This time the event was held in San Diego. Here is a list of the events that I could find
Service Orchestration with Cisco Network Services Orchestrator - BRKNMS-1100
Ohad Harel, SOFTWARE ARCHITECT.CUSTOMER DELIVERY
Michel Papiashvili, SOFTWARE ARCHITECT.CUSTOMER DELIVERY
The session will provide an introduction to Cisco Network Services Orchestrator (enabled by Tail-F), its architecture and components to illustrate one possible path to network programmability. Throughout the session we will discuss Service Models and the YANG modeling language and we will walk through a live Service creation Use-Case. This session is targetted at both an enterprise and a service provider public.
NSO Advanced XML Templates - DEVNET-2367 Fatih Ayvaz, SOFTWARE ARCHITECT.CUSTOMER DELIVERY, Cisco Systems, Inc.
Software development skills often are perceived to be barriers in the network automation journey. While Cisco Network Services Orchestrator (NSO) is a great enablement platform via offering a rich set of APIs and capabilities to exploit its model-driven and transactional architecture, network service packages usually require a custom-built mapping logic coded in Java or Python to implement certain software controls in provisioning flow. Delivered in NSO release 4.6, "Advanced Templates" wide opens the gates of software control now into XML templates. Non-programmers can easily inject loops, conditionals, variable processing and some sort of computations inside the XML templates which are driven by the actual device configurations. Key message is that non-programmers can also implement software control logic in NSO service composition. In this session, participants will learn how this new feature is implemented and used in a real life production use case.
Succeeding with Network Automation using Cisco NSO - BRKNMS-2945 Fredrik Swahn, MANAGER.PRODUCT MARKETING, Cisco Systems, Inc.
Network Automation is high on the agenda, but remains a daunting challenge, with results often failing to live up to expectations. Many are struggling with both the technical and organizational changes it requires. With years of experience of implementing network automation using the Cisco Network Services Orchestrator (NSO), we have developed a Network Automation Delivery Model (NADM) that aims to guide customers in their journey towards a fully automated network. A powerful, standardized, model that covers the essential parts of a network automation transformation will be presented and discussed. The model covers all four perspectives of People, Process, Technology, and Organization and therefore targets all the stakeholders from C-level decision makers to the network engineers that execute the operations of the network as of today. During the session, both challenges and success factors for implementing network automation will be presented and put into context.
Fast Track Network migration using NSO solution - BRKNMS-2301
Sandeep Lohia, SOFTWARE ARCHITECT.CUSTOMER DELIVERY, Cisco Systems, Inc.
Giri Venugopal, ARCHITECT.SOFTWARE ARCHITECTURE, Cisco Systems, Inc.
Can a service migration that takes about 9 months per site, 40 maintenance windows and requiring 5 network operators per maintenance window be automated such that a single operator can complete the migration process in a few maintenance windows spread across couple of weeks? Sounds impossible? Cisco AS team made this a reality! As Service Providers deploy NFV infrastructure, they are faced with complexity of migrating existing services from dedicated hardware to NFV. Migration of services from one platform to another is one of the ongoing chores that network operators need to perform on regular basis. Service Providers are penalized for service disruption; ensuring all service/ circuits are functional is key to a successful migration. Cisco AS developed an innovative migration automation tool using NSO that not only accelerates the time needed for migration of customers but also provides a comprehensive view of all relevant KPIs pre-and post migration to ensure successful migration.
NetDevOps - Batteries and Pipeline Included with Cisco NSO and Ansible - BRKPRG-1206
Kevin Corbin, TECHNICAL SOLUTIONS ARCHITECT.SALES
Carl Moberg, TECHNOLOGY DIRECTOR
Cisco NSO provides an out-of-the-box, no-code API to the configuration and operational state of your entire physical and virtual network across all your vendors. That's a mouthful we know, but combine it with YAML-encoding of all that data and a small set of modules to manage it, and it becomes an unprecedented way to allow Ansible to robustly automate all the networks with a low-toil approach. Including auto-generation of task content based on golden configurations.
DevNet Workshop - Orchestrating EVPN VXLAN Services (IOS-XR,NX-OS) with Cisco NSO - DEVWKS-1445
Manoj Abraham, MANAGER.SOFTWARE DEVELOPMENT ENGINEERING
Sakthi Malli Somanathan, TECHNICAL LEADER.TEST ENGINEERING-DEVELOPMENT
This hands-on lab session will introduce implementing EVPN services using Cisco NSO(Network services Orchestrator). Participants will use NSO to deploy EVPN services on Cisco IOS-XR & NX-OS devices, verify the configuration and test EVPN operation across the network. With Cisco NSO's model driven automation framework for multi vendor solutions, These services can be pushed to the devices more quickly with much less effort and less risk of configuration errors. Participants will be guided through a step-by-step process of bring up EVPN services using Cisco NSO Orchestrator. This will be a beginner level network programmability hands-on lab.
DevNet Workshop-Build an Ansible Playbook to Automate NSO Service Package Deployment - DEVWKS-1703 Weigang Huang, BUSINESS DEVELOPMENT MANAGER.BUSINESS DEVELOPMENT
Arun Kumar Sakthivel, SOFTWARE CONSULTING ENGINEER.CUSTOMER DELIVERY
Service delivery is an important aspect of network automation. As one of the universal automation languages, Ansible has been chosen as service delivery automation tool for many organizations. This workshop will create an Ansible playbook for service delivery of Cisco Network Service Orchestrator(NSO). The delivery contains application environment setup; NSO application delivery, NSO network element driver (NED) delivery, NSO service packages delivery and post-delivery verification. There are several best practice guides from Ansible communities and others. However, every automation has its own uniqueness. Not all the best practice rules are suitable for each use case. This work shop will explain and evaluate the best practice rules used. This workshop contains the following:
Create Ansible playbooks skeleton using ansible-galaxy
Create main play book
Create sub-play books for sub-tasks
Test and verify
End to End Automation for Large Scale Optical Networking - BRKOPT-2010
Sruthi Pendam, ENGINEER.TECHNICAL MARKETING
Data Center Interconnect and peering bandwidth requirements continue to grow rapidly. There are simple, scalable and price/power/space optimized DWDM transport solutions to support this growth. In this session, you will be introduced to the NCS 1000 portfolio that has been optimized for data center applications. It enables simplicity through Auto-provisioning, Model-Driven Programmability, Network Services Orchestration(NSO) and Streaming telemetry with fine-grained and real-time monitoring. We will look at Closed loop Automation via different phases - Collecting Data, Persistence, Optimization, Remediation
The Life Changing Magic of Automating Segment Routing and MPLS - BRKMPL-2210
Shelly Cadora, PRINCIPAL ENGINEER.TECHNICAL MARKETING
Network automation is a good thing in general, but how does it benefit MPLS/Segment Routing Networks in particular? In this session, we focus on the specific applications of automation technologies in MPLS/Segment Routing networks. Areas of focus include configuration, monitoring, and traffic engineering. What YANG models can be used to configure Segment Routing? Is NETCONF or gNMI better? What model-driven telemetry sensor-paths can validate a successful SR migration? How can tools like NSO make the job easier? Are there open source tools that can help? If you’ve ever asked yourself these questions, this session is for you!
Provider Managed Services with Controller-based Architectures - BRKSPG-2010
Scott Wainner, DISTINGUISHED SYSTEMS ENGINEER.SALES
A transition is occurring from managed on-premises appliances to cloud-managed services. Managed Service Providers (MSP) are enabled through controllers to instantiate Virtual Network Functions (VNF) using x86-based compute resources where the services are enabled on universal CPE (e.g. whitebox), in MSP cloud environments, and Internet accessible public clouds. This session describes cloud-native management methods leveraging Cisco orchestration systems such as Cisco DNA-Center and Managed Services Accelerator (MSX) where controllers such as the Network Service Orchestrator (NSO), Software-Defined Access, and Software-Defined WAN are used to manage discrete network domains. NSO is used as an example provisioning controller with Core Function Packs such as Virtual Branch (ENCS/NFVIS), SD-WAN (Viptela), and Managed Device (ISR). Architectural considerations are provided for managing devices and VNF via either the Internet or private IP networks. The ENCS serves as a reference platform to represent management requirements for the hypervisor based on NFVIS, and the VNF service chains. Emphasis is placed on zero-touch provisioning processes and procedures, security requirements, life-cycle management, and orchestration of VNF services chains on the ENCS / NFVIS platform. Architectural options are presented where VNF and controllers may be instantiated on customer premises, in MSP OpenStack cloud networks, as well as public clouds such as AWS, Azure, or Google Cloud.
Automate your 4G/5G Mobile Packet Core - BRKSPM-2014
Vishesh Kansal, SOFTWARE CONSULTING ENGINEER.CUSTOMER DELIVERY
Sunil Panda, SOFTWARE ARCHITECT.CUSTOMER DELIVERY
Today, one of the key challenges faced by Mobility SPs are software upgrades and configuration updates that need to be deployed to their infrastructure. Whenever there is release of new software image with new features or fixes, service providers need to upgrade the entire infrastructure which takes months! Similarly, configuration updates, tethering detection rules, and many more changes that need to be deployed across the network, take a very long time and a significant effort from operations, simply - because it involves a lot of manual work. In this session, we will review a customer use-case where we developed an end-to-end automation solution to address SP Mobility day-2-day operations like os upgrade, plugin update, pre & post validations, KPI monitoring, Configuration/MOP automation, Audit Management for StarOS devices and Ultra-M components (EM, AutoVNF, ESC), utilizing Cisco NSO as the automation Framework.
Orchestrating NGFWv and ASAv to Protect Your On-Prem Workloads - BRKSEC-2062
Alan Cottom, ENGINEER.TECHNICAL MARKETING
As you modernize your on-prem Data Center environments, your threat protections should match your workload in terms of agile provisioning and dynamic policy controls. As you apply different methods of segmentation (VLAN, VxLAN, SGT, EPG, VM-attribute, etc.) to your applications, your security functions must take advantage of these dynamic constructs to apply appropriate policies. This session describes Cisco's virtual firewall appliances (NGFWv and ASAv) on VMware, Microsoft Hyper-V, Linux KVM, and Cisco-offered solutions: ENCS and CSP2100. It will discuss deployment options, threat policies, and orchestration of our appliances. We will detail how you can achieve Zero Touch Provisioning with noted hypervisors, solutions, and our controllers: NSO (Network Service Orchestrator), ESC (Elastic Services Controller). The session will summarize the native platform API capabilities, that played a key role in all this automation, including service insertion in Cisco's next-gen Data Center fabric.
The 3 Stages of Network Automation and Orchestration - PSOSPG-2941
John Malzahn, MARKETING MANAGER.MARKETING
Automation is the core of the next wave of the network management. Service providers and enterprises rely on new innovative technologies such as network functions virtualization (NFV) and network programmability for providing the end-to-end digital experience that users seek. Choosing the right core orchestration solution is crucial to maximizing on these technologies. This session will discuss the specific attributes required and how Cisco's Network Service Orchestrator (NSO) fulfills them. We will cover our experience with the three critical stages of automation and orchestration including the complementary roles of NFV and orchestrated assurance:
Stage 1: Introducing the Network API - Utilize a single interface to all network resources
Stage 2: Moving to Service Abstraction - Leverage one central API for all services
Stage 3: Swith to Innovation - Develop your own services
The business case of network automation - BRKNMS-1011
Russ Brockman, DIRECTOR.BUSINESS DEVELOPMENT
Joao Serrano, BUSINESS DEVELOPMENT MANAGER.BUSINESS DEVELOPMENT
Companies understand they need to embrace automation as a fundamental aspect of their new way of designing networks and processes. But network automation is a long journey and defining the correct strategy including a proper definition of the automation roadmap is critical to success. How should I define my network use cases for automation? How should I understand their business impact? How can I achieve them faster? How should I calculate the return of investment in automating them? How should I attached the correct level of metrics for success measurement? How should define priorities and create an automation plan? How can Cisco Services help me with all of this? This session is specially oriented for NSO and therefore more relevant for SPs and large Enterprise customers with complex automation scenarios. But can be relevant any software driven automation strategy
Bring 5G core network slices into life with automation - BRKSPM-2031
Jiming Shen, ARCHITECT.SOLUTIONS ARCHITECTURE
Scott Riffe, SYSTEMS ENGINEER.SALES
This session is to demostrate how Cisco automation and orchestration products such as Network Services Orchestrator (NSO), Business Process Automation (BPA) platform and Elastic Services Controller (ESC) can form powerful solutions for 5G cloud-native core network slicing. As the 3GPP standards becomes more mature, more service providers are investigating the implementation of network slicing with various customer use cases. The selection of automation and orchestration solution is always a challenging job. We will provide an insightful deep dive of 5G core netework slicing building blocks and associated design of use cases. Then we will focus the automation and orchestration design principles, options and strategies by using Cisco products as examples. The session will also offer live demo of one or more of these options, to help the understanding. We believe a programmable agile 5G network is more efficient, reliable and adaptive to the future needs of service providers and their customers. Attendees will gain a knowledge of the latest 5G cloud-native based packet core network slicing knowledge, as well as associated design and implementation information with Cisco automation and orchestration tools.
Architecture of NFV Platform for Orchestrating Cloud-based & vBranch Managed Services - BRKARC-2259
Brian Cox, ENGINEER.TECHNICAL MARKETING
This session details the Managed Service Accelerator architecture for orchestrating scalable, elastic NFV/SDN solutions to provide managed services like SDWAN, vBranch, next-gen Security, 5G SD-WAN Services, and other managed services. VNF appliances like CSR, FTDv, ISRv, ASAv, XRv, vWAAS, vWLC, and Viptela vEdge will be introduced and how they can be deployed in a NFVI, UCS, OpenStack cloud, or on x86 ENCS vCPE to provide PAYG and improved service velocity. The session will include live demos of actual deployed services. The session will dive into service topologies created from powerful service chains that enable NFV cloud services like SD-WAN, Cloud Security, vCPE, Secure Internet Gateway, vBranch, Web/Content security & IPS, and 5G SD-WAN, and AWS Cloud Connect servcie. Details on the MSX Cloud Platform components and the underlying OpenStack and Kubernetes based microservices architecture, and platform extensibility through SDK, will be covered. Smart licensing, VNF instantiation via Elastic Services Controller (ESC), service provisioning via YANG models & Network Services Orchestrator (NSO) will be discussed. The session will also cover Plug-n-Play capabilities for Zero-touch provisioning of CPE's,
Security Automation/Orchestration for the Hybrid Cloud - BRKSEC-3017
Anthony Sabella, PRINCIPAL SYSTEMS ENGINEER.SALES
Multi-vendor, multi-domain, security, automation… Does this sound interesting? The hybrid cloud enterprise will consume applications in private DC, public cloud, Internet, and SaaS. Securing these use cases are complex, time-consuming tasks even for a single vendor. How about for multi-vendor environments? Cisco has created a software-based services exchange on an open platform, which is built off of generic compute, NFV, orchestration (NFV MANO). This solution stitches users/endpoints to applications using Cisco's Network Service Orchestrator (NSO), and combines the activation, fulfillment, and assurance sequences into a single feedback loop, auto-scaling services based on load. We will also explore how to use this platform as a security hub (next-gen DMZ), and ultimately create a “lights-out” environment leveraging virtualization/orchestration. Virtualizing security services and using different I/O methods to improve performance (OVS, DPDK, SR-IOV), centralized AAA, application dependency mapping, anomaly detection, and firewall/IPS services are all on the docket. Lastly, we will view how some of our largest customers are using these components to automate workflows across multi-vendor, cross-domain environments.
Working 9 to 5 as a NetDevOps Engineer - DEVNET-1291
Hank Preston III, PRINCIPAL ENGINEER.ENGINEERING
This session builds on the evolution of networking discussed in DEVNET-1725. Network engineering has been under a rapid transformation the last several years. It started with the entrance of Software Defined Networking, continued with the Cloud revolution, and now is the time for NetDevOps (or the application of DevOps principals to networking). If you've been along for the journey you've been rapidly exploring and learning new ideas and technologies. Python, Ansible, CICD, Model Driven everything, network verification, and on and on. You've tackled and learned each tool in isolation, in a safe "lab" or "demo" environment. And that is the perfect way to start. The problem comes in moving from that introductory phase into applications in the real network. You know, the network the business relies on. The network you can't even look at without 4 levels of approval. The network you might be a little afraid to try something new with... In this talk let's look at what it's like to manage a real network through NetDevOps. How the tools and technologies combine together to provide a truly more robust, reselient, and efficient network engineering and operations experience. You'll see open source and commercial tools like GitLab, Python, Ansible, NetBox, VIRL, NSO, pyATS and more working together to deliver NetDevOps workflows. And once you're sold on the vision, we'll explore ideas on how you can get there in your own network.
... View more
The NSO vBranch Core Function Pack (CFP) is a component for automation of Cisco SD-Branch. It is primarily targeted towards (Managed) Service Providers. The CFP is a TAC supported product which can be used to build SD-Branch automation solutions. It aims to provide 80%, leaving 20% to be provided by AS, partners, or built by the SP themselves. This means lower development cost, shorter development times, and shorter TTM.
The vBranch CFP features include
Plug-and-play (PnP)/Zero Touch Provisioning (ZTP) of NVFIS devices such as ENCS
Spin-up of Cisco and 3rd party VNFs, including day-0/bootstrap configuration and service chains
Day-1/n configuration of Cisco and 3rd party VNFs
... View more
The preferred mode of operation is that NSO is the only "thing" (including systems and people) that configures the device. So then you do a sync from when you first connect to the device, and then you can assume that NSO is always in sync with the device. This means that when NSO calculates the minimal configuration to send to the device, it knows what is already there. NSO will do a check-sync as the first stage of any transaction, so if someone/something else has configured the device, then the transaction will fail. You can then inspect the delta, and decide if you want to accept waht's on the device (sync-from), overwrite it (sync-to), or ignore it (commit without sync check). This is the safest way to operate.
There are of course less safe ways :-)
... View more
Think about it this way:
1. The device has configuration C, D, E. You do a sync-from. This becomes transaction T1
2. You manually configure A on the device and sync-from. The delta from C, D, E to A, C, D, E becomes transaction T2
3. You manually configure B on the device and sync-from. The delta from A, C, D, E to A, B, C, D, E becomes transaction T3
You can now selectively roll back T2 or T3, or you can cumulatively roll back T3 and T2
... View more
Great - this solved my problem. There is one more step though. The netsim instances need to be re-created. For most (all?) NSO examples you can do
$ make stop clean all start
This will stop the system, wipe it, recompile everything, including recreating the netsims, and starting again
... View more
That's right. If you're an Enterprise, then you would generally manage your Cisco SD-WAN using vManage/vSmart/vBond. The problems we are solving with the NSO SDWAN CFP is to enable an SP to deliver this as a managed service. In that case you will have multiple instances of vManage/vSmart/vBond, perhaps hosted in your private datacenter. Hence you need to scale beyond a single set of controllers, as well as managing tenants. You also need API access to configure the edge routers and controllers, and this is provided by the SDWAN CFP. You may also want to run virtual, VNF form factor versions of the SD-WAN edge routers, perhaps together with other VNFs from Cisco or other vendors, and again, this is a feature of the SD-WAN CFP.
... View more