NCS: NEtwork Control System Hands-on Labs

NCS: Network Control System Hands-on Lab
TS-SP-01-I

Thank you for attending Cisco Connect Toronto 2015, here are a few
housekeeping notes to ensure we all enjoy the session today.
§  Please ensure your cellphones / laptops are set on silent to ensure no
one is disturbed during the session
§  A power bar is available under each desk in case you need to charge
your laptop (Labs only)
§  We will be using the Cisco dCloud Environment for all the Labs. Please
make sure you have internet access using the provide credentials.
House Keeping Notes

§  Cisco dCloud is a self-service platform that can be accessed via a browser, a high-speed
Internet connection, and a cisco.com account
§  Customers will have direct access to a subset of dCloud demos and labs
§  Restricted content must be brokered by an authorized user (Cisco or Partner) and then shared
with the customers (cisco.com user).
§  Go to dcloud.cisco.com, select the location closest to you, and log in with your cisco.com
credentials
§  Review the getting started videos and try Cisco dCloud today: https://dcloud-cms.cisco.com/help
dCloud
Customers now get full dCloud experience!

§  Give us your feedback and you could win
a Plantronics headset. Complete the
session survey on your Cisco Connect
Toronto Mobile app at the end of your
session for a chance to win
§  Winners will be announced and posted at
the Information desk and on Twitter at the
end of the day (You must be present to win!)
Complete your session evaluation – May 14th

NCS: Network Control System
Hands-on Lab
Jason Yen (Solution Architect – US Sales) – jasyen@cisco.com
Ashok Sadasivan (Solution Architect – US Sales) – ashok2@cisco.com

§  Introduction to the lab
§  Overview of Network Control System (NCS)
§  Task 1: Installing NCS
§  Task 2: NCS Device Manager
§  Task 3: NCS Service Manager
§  Conclusion
Agenda

§  You have been assigned a POD consist of two servers
§  Connect to your POC using the Anyconnect credentials in your sheet
§  Remote desktop to the windows server or ssh directly to the NCS server
using Putty directly from your working machine.
Introduction to the NCS Lab: Connecting to POD
NCS Server. Access via SSH
IP address: 198.18.134.4
Username/Password: cisco/cisco
PC Workstation
IP address: 198.18.133.253
Username/Password: Administrator /
C1sco12345

Introduction to the NCS Lab: Windows Host

§  Instruction led, we will be guiding you through a set of steps
§  No step-by-step written guide, we know this is the first contact with NCS
for several of you
§  Network devices are emulated using in-house management plane
emulator: ncs-netsim (also distributed with NCS)
§  PODs will be available for your access until Friday noon
§  By the end of the lab, we will show you how to access additional self-
guided lab examples
§  You can contact the instructors for a “Meet the Engineer” slot if need a
deeper-dive
Introduction to the NCS Lab: Connecting to POD

Network Control System (NCS)
Multi-Vendor Service Orchestration
& Network automation
for today’s networks and NFV/SDN

§  Founded in 2005
§  HQ in Stockholm, Sweden
§  US Office in Silicon Valley
§  Fully part of Cisco since 9 July 2014
§  Software product company
§  Multi-vendor Service Orchestration & Network Automation
§  Service Orchestration for NFV/SDN (and today’s networks !)
§  Centralized Network Control – SDN
§  Yang & Netconf experts
§  100+ customers world-wide
§  7 out of 10 world’s largest network equipment vendors
§  Early NFV leadership – multiple deployments
§  Target Markets
§  Service Providers
§  Could providers / Data Centers
§  Network Equipment Vendors
Tail-f At-a-Glance §  Disruptive Service Orchestration software
§  Reduces time & efforts to develop &
provision services in a Multi-Vendor
network
§  Early leader in the fast-growing NFV
market
Blue Chip Customers
Tier1 SP
Japan
Tier1 SP
US

tw telecom (Level3 now) : L2 & L3 VPN Provisioning
Business Challenge:
Fast delivery of various types of VPNs (L2 and L3) and
Carrier Ethernet 2.0 services for traffic separation in a
dynamic, programmatic way.
Benefits with NCS:
•  Replacing home-grown system & manual processes
•  Increase agility and lower OPEX
•  Provision complex VPNs spanning 40,000 devices
from multiple vendors using network-wide,
transaction-safe features
•  Core routers: Juniper MX series
•  PEs: Cisco for PE
•  CEs: Overture, Adtran, ADVA
•  Develop VPN services using CLI templates of Java
•  Support for provisioning, updating and removing
VPNs using minimal diffs
•  API integration with customer self-service portal,
OSS, and analytics systems

OSS
Service Order
Minimal Device
Reconfigurations
Tail-f NCS
Multi-vendor L1-L7 network
Agility : Model-Driven
Operations: Network Transactions
Network Control System (NCS)

NCS Details & Key Features
§  Multi-vendor Service Orchestration & Network Automation for existing & future
(SDN/NFV…) networks
§  Single Pane of Glass for:
§  L1-L7 networking
§  Hardware Devices
§  Virtual Appliances
§  OpenFlow Switches
All the above can be from any vendor : Cisco, Juniper, ALU, Ericsson, Huwaei, Ciena,
Infinera, F5, A10, Brocade, Palo Alto, Avaya, Sonus, Fortinet, etc…
§  NCS provides abstractions based on
§  Standard Data models (YANG RFC 6020) for devices & services
§  Transaction : ensures fail-safe operations & network configuration accuracy
§  Benefits
§  No hard-coded assumptions/info about services or devices
§  Can be used for all types of services and all types of network devices
§  Automation can be based on accurate real-time view of service and network state
Multi-vendor L1-L7 network

Service Manager
Multi-Vendor Network
Network
Engineer
EMS/NMS
NETCON
F
REST CLI Web UI SNMP
JAVA/Javascript/
Python
OSS/BSS
NCS
AAA Core
Engine
NETCON
F
SNMP REST CLI WS
Network Element Drivers
Mapping
Logic
Templates
Fast Map
Device ManagerNotification ReceiverAlarm Manager
Openflow Switches
Service
Models
Package
Manager
Script
API
Device
Models
Developer
API
Tail-f NCS Zoom in Architecture

NCS for Network Engineers – User Interfaces
Auto-rendered Web UI with powerful
extensibility features
Cisco or Juniper-style CLI for network-
wide configuration changes

NETCONF/YANG High-level Properties
•  NETCONF
Network management protocol specifically designed to
support service activation and provisioning.
Encrypted, efficient transport
XML content transported over SSH+TCP.
Extensible
XML Namespaces make it possible to add e.g.
new RPC types or new table columns without
breaking existing applications.
Transactional
Configuration changes happen all-or-nothing and
all-at-once which simplifies network
management applications.
Network-wide
Can address multiple network elements in
parallel to implement network-wide transactions.
•  YANG
Text based data modeling language designed for use with
NETCONF.
Operator friendly
Easy to mimic existing human operator interfaces, such
as CLI and WebUI. Supports tables inside tables.
Precise
Very precise and specific data definitions. Allowed
values could be “1..99 | 1300..1999 | none”. Explicit
about keys in tables.
Extensible
Define additional keywords in Yang with rigid
syntax, that standard compilers parse correctly.
Additional keywords used to generate code,
documentation, test cases, etc based on model.
Human readable
Non-programmers can read Yang models.

§  Check the distribution filename:
§  ncs-3.0.darwin.x86_64.installer.bin
§  Check your OS version:
§  Linux distributions
§  OS X
§  Check the CPU archurecture:
§  x86_64 – 64-bit Intel x86 architecture
§  I686 - 32-bit Intel x86 architecture
§  Java version (JDK 1.6 or higher)
System Requirements (Cont.)

§  Obtain distribution file:
§  ncs-3.0.darwin.x86_64.installer.bin
§  It contains:
§  NSO, examples, documentation
§  NETSIM Network Simulator
§  Run the installation
Installing Cisco NSO
$ sh ncs-3.0.darwin.x86_64.installer.bin ~/ncs/3.0
INFO Using temporary directory /var/… to stage NCS installation bundle
INFO Unpacked ncs-3.0 in /Users/tailf/ncs/3.0
INFO Found and unpacked corresponding DOCUMENTATION_PACKAGE
INFO Found and unpacked corresponding EXAMPLE_PACKAGE
INFO Generating default SSH hostkey (this may take some time)
INFO SSH hostkey generated
INFO Environment set-up generated in /Users/tailf/ncs-3.0/ncsrc
INFO NCS installation script finished
INFO Found and unpacked corresponding NETSIM_PACKAGE
INFO NCS installation complete

NSO Directories
ncs-3.0/
/opt/
bin/
lib/
doc/
web-server/
ncs-cdb/
ncs.conf
datacenter/
ncs-cdb/
ncs.conf
production/
ncs-cdb/
ncs.conf
ncs-2.9/
Project Directory
Installation Directory
Two directory types:
examples.ncs

§  Make sure binaries are added to your PATH:
§  Run the ncs-setup script:
§  Creates a database directory ./ncs-cdb
§  Creates a log directory ./log
§  Creates an empty packages directory ./packages
§  Creates a default ncs.conf
Setup an NSO Project Runtime Directory
$ ncs-setup --dest <runtime directory>
$ source ~/NCS/3.0/ncsrc

§  Start the NSO daemon:
§  Check if the deamon is running:
§  Start the CLI (Cisco XR style):
§  Start the CLI (Juniper style):
Starting Cisco NSO
$ ncs
$ ncs --status
$ ncs_cli –u admin
$ ncs_cli -J –u admin

§  Make sure your package is in the right place
§  The./packages directory
§  Don’t store anything else in the packages/ directory!
§  Don’t keep “old” packages in the packages directory!
Using Packages

§  Existing packages:
§  NEDS ($NCS_DIR/packages/neds)
§  Services ($NCS_DIR/packages/services)
§  Tools ($NCS_DIR/packages/tools)
§  Copy (or softlink) packages from the NSO installation:
Using Existing Packages
cp -r $NCS_DIR/packages/neds/cisco-ios-xr packages/
cp -r $NCS_DIR/packages/tools/discovery packages/

§  Check if all the required packages are loaded using show packages command
§  Package reload can be forced using request packages reload command
§  Package reload can be forced with starting NSO using —with-package-reload flag
Reloading Packages
admin@ncs> show packages package package-version
PACKAGE
NAME VERSION
----------------------
cisco-iosxr 3.0
discovery 1.0
admin@ncs> request packages reload
result Done
[ok][2014-10-14 14:17:06]

§  ncs-netsim is a network devices simulation
tool
§  Used to test NSO with simulated devices
§  Uses NED device packages
§  A NED package contains netsim directory
§  Represents device configuration and CLI
§  The same YANG for models are used for
simulated and real devices
Netsim Overview
Netsim simulated
devices (ConfD)
Physical or virtual non-
simulated devices

§  Below example creates 3 Cisco IOS devices:
§  Simply run netsim inside the project folder
Starting Simulated Devices
$ ncs-netsim start
DEVICE c0 OK STARTED
$ ncs-netsim create-network <NED package> <#N devices>
$ ncs-netsim create-network packages/cisco-ios 4 c

§  You can run the CLI towards the simulated devices
Access Simulated Devices
$ ncs-netsim cli-i c1
admin connected from 127.0.0.1 using console *
c1> enable
c1# show running-config
class-map m
match mpls experimental topmost 1
match packet length max 255
match packet length min 2
match qos-group 1
!
c1# exit

§  Is the heart of NSO
§  NSO keeps a master copy of configuration in CDB
§  Network element drivers (NED) supports different protocols:
§  NETCONF
§  SNMP
§  CLI
§  Generic NED (Java code)
Device Manager
Master Copy of
Configurations
Device Manager
Network Element Driver

§  In Operational mode, the CLI displays operational data stored in CDB (or live data
from the devices)
§  In Configuration mode, the CLI displays network configuration data stored in CDB
NSO CLI
ncs# show devices device
devices device lb0
...
alarm-summary indeterminates 0
alarm-summary criticals 0
alarm-summary majors 0
alarm-summary minors 0
alarm-summary warnings 0
...
devices device www0
...
Operational Mode Configuration Mode
ncs# configure
ncs(config)# show full-configuration
devices device ce0
devices device ce0
address 127.0.0.1
port 10022
ssh host-key ssh-dss
…

Device Configuration
Management

§  Device Configurations in NSO and actual Device Configuration should match
§  After initial device discovery or import, it makes sense to synchronize
configurations from devices
Synchronizing from Device
sync-to
sync-from
check-sync
compare-
config
ncs# devices sync-from
sync-result {
device lb0
result true
}

§  When a device has been configured out of band
§  Clears up rogue configuration
§  “dry-run” option available to check changes
Synchronizing to Device
ncs# devices device www0 sync-to
result true
sync-to
sync-from
check-sync
compare-
config
Change device
configuration over CLI.

§  Check if a device has been configured out of band
§  Check if a subset of managed devices has been configured out of band
Check Sync
ncs# devices check-sync
sync-result {
device ce0
result in-sync
}
...
ncs# devices device ce0..3 check-sync
devices device ce0 check-sync
result in-sync
result in-sync

§  Compare out-of-sync device configuration
Comparing Configuration
ncs(config)# devices device ce0 check-sync
result out-of-sync
info got: 290fa2b49608df9975c9912e4306110 expected: ef3bbd344ef94b3fecec5cb93ac7458c
ncs(config)# devices device ce0 compare-config
diff
devices {
device ce0 {
config {
ios:snmp-server {
+ community foobar {
+ RW;
+ }
}
}
}
}

§  Display only new parts of configuration:
§  Display full configuration
Displaying Configuration
ncs(config)# show configuration devices device www0
devices device www0
description NewDevice
!
ncs(config)# show full-configuration devices device www0
/* Tags: Volvo */
devices device www0
address 127.0.0.1
port 12023
ssh host-key ssh-dss

§  Configuration change happens after final commit statement
Configuring Devices
# ncs_cli --user=admin
ncs# configure
Entering configuration mode private
[ok][2010-04-14 14:28:33]
[edit]
ncs(config)# devices device www0 config if:interface eth0 ipv4-address 192.168.128.50 ipv4-mask
255.255.255.0
[ok][2010-04-14 14:28:38]
[edit]
255.255.255.0
[ok][2010-04-14 14:28:51]
[edit]
255.255.255.0
[ok][2010-04-14 14:29:00]
[edit]
ncs(config)# commit
Commit complete.

§  Every transaction has a corresponding rollback file:
Or NSO CLI:
Rollbacks
> file show logs/rollback<TAB>
ncs(config)# file show logs/rollback<TAB>
Run rollbacks
ncs(config)# rollback <TAB>
Possible completions:
0 - 2011-09-23 09:19:43 by admin via cli
1 - 2011-09-23 09:15:38 by admin via cli
2 - 2011-09-23 09:13:35 by admin via cli
3 - 2011-09-23 08:55:31 by admin via cli
$ ls logs/rollback*
$ more logs/rollback0

§  Rollback 0 is always most recent rollback file
§  Rollback 3 latest transactions:
§  Rollback only changes done in 3rd latest transaction:
§  Rollback dhcp changes on asr0 in the 3 latest transactions:
§ 
§  Rollback dhcp changes on asr0 in the 3rd latest transaction:
Rollbacks – Examples
ncs(config)# rollback 2
ncs(config)# rollback selective 2
ncs(config)# rollback 2 devices device asr0 config dhcp
ncs(config)# rollback selective 2 devices device asr0 config dhcp

§  Used to apply snippets of configuration
Templates
Create template:
Apply to new or existing device:
What is the diff?
ncs(config)# show configuration
ncs(config)# commit
ncs(config)# devices device www4 apply-template template-name web-server
ncs(config)# devices template web-server config if:interface eth0 ipv4-address 0.0.0.0
ipv4-mask 255.255.255.255 macaddr 00:00:00:00:00:00
ncs(config)# devices template web-server config ws:wsConfig global KeepAlive On MaxKeepAliveRequests
100
ncs(config)# devices template web-server config sys:host-settings dns server 1 address 127.6.7.8

§  Variable needs to be provided with a value
Templates with Variables
ncs(config)# devices device-group blue-web apply-template template-name ifspeed
Error: A variable value has not been assigned to: iface
ncs(config)# devices device-group blue-web apply-template template-name ifspeed variable { name iface
value 'eth0' }
devices device www1
config
interface eth0
speed 1000
!
!
!
devices device www2
config
interface eth0
speed 1000
!
!
!

§  The Device and Service models contain constraints that always must be true
§  You might want to add constraints on run-time
§  Example 1: a certain interface on the device must be ‚Up‘
§  Example 2: Interface needs to have a description
ncs(config)# policy rule mgmt-if
Value for 'expr' (<string>): config/interface[name='m0'][status='Up’]
ncs(config)# foreach /devices/device
ncs(config)# error-message "Management Interface m0 on device {name} must be Up”
admin@ncs% commit
ncs(config)# show configuration policy rule mgmt-if
foreach /devices/device;
expr config/interface[name='m0'][status='Up'];
error-message "Management Interface m0 on device {name} must be Up”;
Policies

Basic YANG Statements
YANG Programming Equivalent Description
Leaf Variable Contains a single value of a specific type
Leaf-List Array Contains a list of values of the same type
Container Record Contains a single structure containing zero or more
values or other statements (hierarchy)
List Array of Records Contains a list of zero or more sets of values and other
statements (hierarchy)
Leafref Pointer Contains a link to another statement elsewhere in the file

Container
Leaf
Container
Leaf-List
Container
List
Leaf
Container Leaf Leaf Leaf-Ref
Leaf
Leaf
§  Leaf: single value of a defined type
§  Leaf-list: multiple values of the same type
§  List: multiple records containing at least one leaf (key) and an arbitrary hierarchy of other statements
§  Container: groups other statements; has no value
§  Leafref: is a reference to another leaf
YANG Model Statements and Hierarchy

§  Statement characteristics:
§  Name
§  Type (e.g. string, uint32)
§  Constraints:
§  min-elements
§  max-elements
§  range
§  key/unique
§  leafref
§  must
§  when
§  Statement content is enclosed within curly brackets
§  Each sub-statement is terminated by semicolon
YANG Model Statements and Hierarchy Examplecontainer car {
}
container v8_engine {
}
leaf-list cylinder-arrangement {
type string;
max-elements 8;
}
container other-parts {
}
list per-cylinder-parts {
}
leaf piston-diameter {
type uint32;
range "2000..9000";
}
container valves {
leaf number { … }
list position { … }
…
}

YANG Supports a Number of Data Types
Name Description
int8/16/32/64 Integer
uint8/16/32/64 Unsigned integer
decimal64 Non-integer
string Unicode string
enumeration Set of alternatives
boolean True or false
bits Boolean array
binary Binary BLOB
leafref Reference
identityref Unique identity
empty No value, void
union Choice of member types
instance-identifier References a data tree node
Built-in Types Derived Types
typedef my-base-int32-type {
type int32 {
range "1..4 | 10..20";
}
}
typedef derived-int32 {
type my-base-int32-type {
range "11..max";
}
}
typedef string255 {
type string {
length "1..255";
}
}
typedef derived-str {
type string255 {
length "11 | 42..max";
pattern "[0-9a-fA-F]*";
}
}

Common YANG Data Types (RFC 6991)
Name Description
counter32 non-negative 32-bit integer that monotonically increases
zero-based-counter32 a counter32 that has the defined initial value zero
counter64 non-negative 64-bit integer that monotonically increases
zero-based-counter64 a counter64 that has the defined initial value zero
gauge32 non-negative integer, which may increase or decrease
gauge64 non-negative integer, which may increase or decrease
date-and-time ISO 8601 standard for representation of dates and times
phys-address colon-separated hexadecimal pairs (e.g. 1a:ba:da:ba:d0)
mac-address six colon-separated hexadecimal pairs (e.g. 1a:ba:da:ba:d0:00)
xpath1.0 XPATH 1.0 expression
hex-string colon-separated hexadecimal pairs of arbitrary length
uuid universally unique identifier (RFC 4122)
…
import ietf-yang-types {
prefix yang;
}
IETF YANG Types Using Types

Common YANG Data Types (RFC 6991) (Cont.)
Name Description
ip-version IP protocol version: 1=IPv4, 2=IPv6, 0=unknown
dscp Differentiated Services Code Point value: 0 to 63
ipv6-flow-label 32-bit integer in the range from 0 to 1048575
port-number 16-bit integer in the range from 0 to 65535
as-number 32-bit integer representing 2 or 4 octet BGP AS numbers
ip-address IPv4 or IPv6 address
ipv4-address IPv4 address (e.g. 10.1.2.3)
ipv6-address IPv6 address (e.g. fd85:b310:6513:194b::1)
ip-prefix IPv4 or IPv6 prefix
ipv4-prefix IPv4 prefix (e.g. 10.1.2.0/24)
ipv6-prefix IPv6 prefix (e.g. fd85:b310:6513:194b::/64)
domain-name DNS domain name
host IP address or DNS domain name
uri uniform resource identifier
…
import ietf-inet-types {
prefix inet;
}
Using TypesIETF INET Types

YANG Types Example
// percentage type
typedef percentage-type {
type uint8 {
range "1..100";
}
}
// Weekday type
typedef weekday-type {
type enumeration {
enum Mon;
enum Tue;
enum Wed;
enum Thu;
enum Fri;
enum Sat;
enum Sun;
}
}
// Hour & minute & optional second type
typedef hhmm-type {
type string {
pattern '([0-1]?[0-9]|2[0-4]):' +
'([0-5][0-9])(:[0-5][0-9])?';
}
}
// Route Distinguisher AS:NUM or IP:NUM
typedef rd-type {
type string {
pattern '((d+)((.d+){3})?):d+';
}
}
// DSCP type
typedef dscp-type;
type union;
type uint8 { range "0..63"; }
type enumeration {
enum af11;
enum af12;
enum af13;
enum af21;
enum af22;
enum af23;
enum af31;
enum af32;
enum af33;
enum af41;
enum af42;
enum af43;
enum cs1;
enum cs2;
enum cs3;
enum cs4;
enum cs5;
enum cs6;
enum cs7;
enum default;
enum dscp;
enum ef;
enum precedence;
}
}
}

§  Leaf
§  Container
§  List
§  Leafref
Basic YANG Statements

Data model:
§  YANG
§  XPath to reference data in the hierarchy:
§  Graphic visualization of hierarchy and data type:
Data Model and Data Visualization
Sample data:
§ XML:
§ Table:
K Key Leaf
Leaf T Typedef
G Grouping
L List
C Container R Leafref
L Leaf-list
192.0.2.213 16772
198.51.100.22 19234
203.0.113.89 22315
/ loopback-ipv4
/ loopback-ipv4 / loopback
/ loopback-ipv4 / ip-address
These methods are used throughout the course
to help with understanding of YANG data
modeling.
<loopback-ipv4>
<loopback>1</loopback>
<ip-address>10.1.1.1</loopback>
</loopback-ipv4>
<loopback-ipv4>
</loopback-ipv4>
!

§  Single value using a built-in or derived data type
§  Zero or one instance
Leaf
loopback
1
leaf loopback {
type int32 {
range "0..2147483647";
}
}
YANG (data model) XML (data)
XPath:
/ loopback

Leaf Attributes
Attribute Description
config
Whether this leaf is a configurable value ("true") or operational
value ("false"). Inherited from parent container if not specified
default Specifies default value for this leaf. Implies that leaf is optional
mandatory Whether the leaf is mandatory ("true") or optional ("false")
must XPath constraint that will be enforced for this leaf
type The data type (and range etc) of this leaf
when Conditional leaf, only present if XPath expression is true
description Human readable definition and help text for this leaf
reference Human readable reference to some other element or spec
units Human readable unit specification (e.g. Hz, MB/s, ℉)
status Whether this leaf is "current", "deprecated" or "obsolete"

§  Used to group one or more other statements
§  Has no data type by itself
§  May have an implicit meaning
Container
1 10.1.1.1
container loopback-ipv4 {
leaf loopback {
type int32 {
range "0..2147483647";
}
}
leaf ip-address {
type inet:ipv4-address
}
}
<loopback-ipv4>
</loopback-ipv4>
C loopback-ipv4
ip-addressloopback
XPath:
/ loopback-ipv4

§  Contains one or more substatements
§  Requires one unique identifier (key)
§  Zero or more instances
List
1 10.1.1.1
2 10.2.2.2
list loopback-ipv4 {!
key loopback;!
unique ip-address;!
leaf loopback {!
type int32 {!
range "0..2147483647";!
}!
}!
leaf ip-address {!
type inet:ipv4-address!
}!
}!
<loopback-ipv4>
</loopback-ipv4>
<loopback-ipv4>
</loopback-ipv4>
L loopback-ipv4
ip-addressK loopback
XPath:
/ loopback-ipv4

1.  Create a package skeleton
2.  Use the Cisco NSO CLI to
configure a sample service
3.  Create the service template
4.  Create the service model in
YANG
5.  Compile and deploy the package
Creating a Service Package
Create a Service Skeleton
Configure Sample Service
using Cisco NSO CLI
Create Service Template
(XML)
Create Service Model
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
Skeleton File (YANG)
1.

§  ncs-make-package --service-skeleton template-based trunk
Create a package skeleton

4.  Create the service model in YANG
using Cisco NSO CLI
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
2.

§  devices device dell0 config force10:interface Vlan 10 tagged
GigabitEthernet0/11
§  devices device catalyst1 config ios:interface GigabitEthernet 0/23
switchport mode trunk switchport trunk allowed vlan 10
§  Commit dry-run outformat native
§  Take this as an input to get the XML template
Configure the Service via NCS

(XML)
(YANG)
Service Model
(YANG)
Service
Template (XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
3.

§  show full-configuration devices device dell0 config force10:interface
Vlan | display xml
§  show full-configuration devices device catalyst1 config ios:interface
GigabitEthernet 0/23 | display xml
§  Same Output like the commit dry run in the step before!
XML Template

2.  Use the Cisco NSO CLI to configure
a sample service
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
(YANG)
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
4.

list endpoint {
key device;
leaf device {
type leafref {
path "/ncs:devices/ncs:device/ncs:name";
}
}
leaf interface {
type string;
}
}
leaf vlan {
type uint16;
}
Create the Yang Model

2.  Use the Cisco NSO CLI to configure
a sample service
(XML)
(YANG)
Service Model
(YANG)
Service Template
(XML)
Compile & Deploy the
Service
Service Template
Skeleton File (XML)
Service Model
using Cisco NSO CLI
5.

ncs_cli -C -u admin
packages reload
services trunk myservice endpoint catalyst0 interface 0/2 endpoint dell0
interface GigabitEthernet0/12 vlan 12
top
show full-configuration services trunk
commit dry-run outformat native
Compile and reload the package

§  Service design goal is simplicity for the operator :
§  Minimum set of parameters for the service (optimization)
§  Strict enforcement of parameters to minimize human error (standardization)
§  Thorough testing of service configuration and all possible service options to
ensure robustness of the solution
§  NSO and YANG provide modularity and flexibility for service designers
Summary

§  NCS is very simple to install and start operating
§  It is very simple to personalize NCS thanks to the use of standard languages such as
YANG and XML templates, plus its network emulator ncs-netsim…
§  NCS can centrally manage devices using all its northbound interfaces using its
device manager
§  NCS can automate service provisioning thanks to its service manager
§  The PODs will be available until Friday noon for your access
§  You can access more self-guided labs at examples.ncs folder in your installation
Conclusion from NCS Lab

§  Demos in the Cisco Campus
§  Walk-in Self-Paced Labs
§  Table Topics
§  Meet the Engineer 1:1 meetings
Continue Your Education

NCS: NEtwork Control System Hands-on Labs

More Related Content

What's hot

What's hot (20)

Similar to NCS: NEtwork Control System Hands-on Labs

Similar to NCS: NEtwork Control System Hands-on Labs (20)

More from Cisco Canada

More from Cisco Canada (20)

Recently uploaded

Recently uploaded (20)

NCS: NEtwork Control System Hands-on Labs