Date post: | 17-Jul-2015 |
Category: |
Technology |
Upload: | hiroshi-ota |
View: | 1,468 times |
Download: | 5 times |
2
Self Introduction● @otahi
– A network engineer?● Charged in (mainly) DC internal network
– Sunday programmer● Weekends and early mornings only
– Favorite language● Ruby
3
Network Engineer?Type Related to How many people at this
study?SDN OpenFlow, OpenStack 20 people
Internet BGP 10 peopleIntranet WAN, Inter DC 15 people
DC internal Firewall, Loadbalancer,L2/L3 switch
30 people
Platform Service DNS, mail, proxy 20 people
Server Linux, Windows, 20 people
Application Web Service, MailService
10 people
4
What is Network Programmability?● SDN
– OpenFlow– OpenStack
● Configuration automation– NETCONF– Rest API– SSH
● Test automation– RSpec
6
Configuration Automation● “Configuration automation” gives:
– Reducing procedures to check– Reducing miss takes to configure– Reducing effort to configure devices
● Difficulties– Old network devices– Intermediate states
● They need procedures to configure– Affects network connectivity
7
Test Automation● “Test automation” gives:
– Confidence to change– Reducing double check!!
● Difficulties?:– Old network devices? → No problem– No time to change → No problem– Intermediate states? → No problem– Affects network connectivity? → No problem
8
How to Test?● You can test your network with tools
– Language: Ruby– Test framework: RSpec– Target servers: No Ruby needed
Testing server
Target server 1
Target server 2
Ruby & RSpec
tooltooltooltool
SSH/HTTP
(S)/D
NS
Target network
9
Example for Test ToolsType Test target Remarks
Serverspec Servers(static)
Infrataster Servers(dynamic)
Infrataster-plugin-dns(Rspec-dns)
DNS servers
Infrataster-plugin-firewall Firewalls Traget server needs:tcpdump, netcat
Lbspec Load Balancers(L4-L7) Target server needs:ngrep, netcat
Rspec-ssltls SSL/TLS
10
Serverspecdescribe host('target.example.jp') do
# ping
it { should be_reachable }
# tcp port 22
it { should be_reachable.with( port: 22 ) }
# set protocol explicitly
it { should be_reachable.with( port: 22, proto: 'tcp' ) }
end
11
Lbspecdescribe 'vhost_c:80' do
it { should transfer(['node_b', 'node_c']])).port(80) }
it { should respond('404') }
end
describe 'loadbalancer' do
it do should healthcheck('node_c')
.include('/test/healthcheck').from('192.168.1.10')
end
end
12
Infrataster-plugin-firewalldescribe server(:src) do
describe firewall(server(:dst)) do
it { is_expected.to be_reachable }
it { is_expected.to be_reachable.dest_port(80) }
it { is_expected.to be_reachable.tcp.dest_port(80) }
it { is_expected.to be_reachable.udp.dest_port(53) }
end
end
13
You can get test results$ bundle exec rspec
server 'src'
via firewall
should reach to server 'dst'
should reach to server 'dst' dest_port: 80
should reach to server 'dst' tcp dest_port: 80
should reach to server 'dst' udp dest_port: 53
Finished in 15.87 seconds (files took 0.58711 seconds to load)
4 examples, 0 failures
$
14
Try New Things
● Simple and regression → automation● Focus to complex and critical● Try new things and go home early!
Simple and regression test
Complex and critical test
Try new things
15
Future Development● TDD with SDN
– Test on SDN experimental environment– When “ALL GREEN” deploy to production
environment