This knowledge base has moved to the documentation site. Please visit the knowledge base here for the most up to date content. This site is no longer maintained.

[RETIRED]: Automation Modules for Cumulus Linux

Follow

WARNING! Cumulus Networks has deprecated its custom automation modules, in favor of the native modules developed by Puppet and Chef directly. Please read this article for more information.


 

Modules are specific pieces of code built into a DevOps tool to make them more robust, easier to drive and more specific to your situation. One of the best parts about Cumulus Linux is that modules are not required. Since Cumulus Linux is Linux, every built-in module just works.

That being said, Cumulus Networks has developed some modules to make automation even easier.

{{table_of_contents}}

Comparing Modules and Templates in Ansible

Ansible has a built-in module called a template that allows you to templatize any flat file in Linux for easy automation. Consider the following configuration:

The actual configuration is:

auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports bond0
  bridge-vids 1-200
  bridge-stp on

auto bond0
iface bond0
	bond-slaves glob swp1-4

Now compare the template against the module:

Template Module
vars: 
  bond0: "swp1-4"
  vids: "1-200"
  bridge_members: "bond0"

name: configuring /etc/network/interfaces
template: src=interfaces.j2 dest=/etc/network/interfaces
Here is the required template:
auto bridge
  iface bridge
  bridge-vlan-aware yes
  bridge-ports {{bridge_members}}
  bridge-vids {{vids}}

auto bond0
iface bond0
	bond-slaves glob {{bond0}}
name: configuring bridge
cumulus_bridge: name=bridge ports="bond0"
                alias_name="bridge" vlan_aware=true
                vids="1-200"

name: configuring bond0
cumulus_bond: name=bond0 slaves="swp1-4"
No template required!

Templates and built-in modules are great tools. There are many examples around the Web demonstrating all kinds of pre-built modules. And while a product-specific module sometimes makes more sense than a template, there is no requirement to use one over the other. With Cumulus Linux, you have the choice!

Cumulus Linux Modules with Examples

Here are examples with Ansible, Chef and Puppet Modules for Cumulus Linux.

cl-license Module

The cl-license module helps automate installation of the Cumulus Linux license which is required to make the front panel (hardware accelerated) switch ports function.

Ansible

cumulus_license:
   src: 'http://mgmtserver.corpnet.com/cumulus.lic'
   force: true
notify: reload switchd

Chef

cumulus_license 'corpnet' do
  source 'http://mgmtserver.corpnet.com/cumulus.lic'
  force true
  notifies :reload, "service[networking]"
end

Puppet

cumulus_license { 'license':
    src => 'http://mgmtserver.corpnet.com/cumulus.lic',
    force => true,
    notify => service[switchd]
}

cl-interfaces Module

The cl-interfaces module helps configure network ports like VLANs, trunks, access-ports and layer 3 information. Look at the examples below:

Ansible

cumulus_bridge: name=br0 ports=”swp11-12 swp32-33 bond0”
                alias_name=”vlan aware bridge” mtu=9000 vlan_aware=true
                vids=”1-300” mstpctl_treeprio=4096

cumulus_bond: name=bond0 slaves=”swp3-4” ipv4=”10.1.1.1/24”

cumulus_interface: name=br0.1 ipv4=”10.1.1.1/24”

cumulus_interface: name=swp33 speed=1000 alias_name=”only has vlans1-10”
                   vids: “1-10”

cumulus_interface: name=lo addr_method=’loopback’

cumulus_interface: name=eth0 addr_method=’dhcp’

Chef

cumulus_bridge 'br10' do
  ports ['swp11-12', 'swp32-33', ‘bond0’]
  alias_name 'vlan aware bridge’
  vlan_aware true
  vids “1-300”
  mtu 9000
  mstpctl_treeprio 4096
end
 
cumulus_bond 'bond0' do
   slaves ['swp3-4']
end

cumulus_interface 'swp33' do
  ipv4 '10.30.1.1/24'
  speed 1000
  alias_name ‘only has vlans 1-10’
end
 
cumulus_interface 'lo' do
   addr_method 'loopback'
end
 
cumulus_interface 'eth0' do
   addr_method 'dhcp'
end

Puppet

cumulus_bridge { 'br0':
    ports => ['swp11-12, 'swp32-33, ‘bond0’],
    alias_name => 'vlan aware bridge',
    mtu => '9000',
    vids => [‘1-300’],
    vlan_aware => true,
    mstpctl_treeprio => '4096'
}
cumulus_bond { 'bond0':
    slaves => ['swp3-4'],
    clag_id => 1
}
cumulus_interface { ‘br0.1:
   ipv4 => ‘10.1.1.1/24’
}
cumulus_interface { 'swp33':
   speed => '1000'
   alias_name => ‘only has vlans 1-10’
   vids => [‘1-10’]
}
cumulus_interface{ 'lo':
   addr_method => 'loopback'
}
cumulus_interface{ 'eth0':
   addr_method => 'dhcp'
}

cl-ports Module

The cl-ports module helps configure a single port into a set of breakout ports. 40Gb ports are capable of being split into 4 separate 10Gb connections using a breakout cable. Here is an example breakout cable:

Ansible

cumulus_ports:
speed_40g_div_4: ["swp1-4"]
      speed_10g: ["swp5-48"]
      speed_4_by_10g: ["swp49-50"]
      speed_40g: ["swp51-52"]           
notify: restart switchd

Chef

cumulus_ports 'speeds' do
   speed_40g_div_4 ["swp1-4"],
   speed_10g ["swp5-48"],
   speed_4_by_10g ["swp49-50"],
   speed_40g ["swp51-52"]
  notifies :restart, "service[switchd]"
end

Puppet

cumulus_ports { 'speeds':
speed_40g_div_4 => ["swp1-4"],
      speed_10g => ["swp5-48"],
      speed_4_by_10g => ["swp49-50"],
      speed_40g => ["swp51-52"]  
    notify => Service['switchd']
}

cl-interface-policy Module

The cl-interface-policy module helps enforce which interfaces can be configured on Cumulus Linux. For example, if a playbook is run, but sometime later an admin manually adds an access port to a VLAN, the cl-interface-policy module will enforce its configured policy the next time it is run and de-configure the manually added port. This way, configurations can be enforced and standardized across the network nodes.

Ansible

cl_interface_policy: allowed="lo eth0 swp1-33 br0 br0.1-10 bond0-10"
notify: reload networking

Chef

cumulus_interface_policy 'policy' do
  allowed ['lo', 'eth0', 'swp1-33', ‘br0’, ‘br0.1-10’, ‘bond0-10’ ]
  notifies :reload, "service[networking]"
end

Puppet

cumulus_interface_policy { 'policy':
   allowed => ['lo', 'eth0', 'swp1-33', ‘br0’, ‘br0.1-10’, ‘bond0-10’],
   notify => service['networking']
}

Comments

This support portal has moved

Cumulus Networks is now part of the NVIDIA Networking Business Unit! The NVIDIA Cumulus Global Support Services (GSS) team has merged its operations with the NVIDIA Mellanox support services team.

You can access NVIDIA Cumulus support content from the Mellanox support portal.

You open and update new cases on the Mellanox support portal. Any previous cases that have been closed have been migrated to the Mellanox support portal.

Cases that are still open on the Cumulus portal will continue to be managed on the Cumulus portal. Once these cases close, they will be moved to the Mellanox support portal.

Powered by Zendesk