[RETIRED]: Automation Modules for Cumulus Linux

Follow

WARNING! Cumulus Networks has deprecated its custom automation modules, in favor of the native modules developed by Puppet and Chef directly. Please read this article for more information.


 

Modules are specific pieces of code built into a DevOps tool to make them more robust, easier to drive and more specific to your situation. One of the best parts about Cumulus Linux is that modules are not required. Since Cumulus Linux is Linux, every built-in module just works.

That being said, Cumulus Networks has developed some modules to make automation even easier.

{{table_of_contents}}

Comparing Modules and Templates in Ansible

Ansible has a built-in module called a template that allows you to templatize any flat file in Linux for easy automation. Consider the following configuration:

The actual configuration is:

auto bridge
iface bridge
  bridge-vlan-aware yes
  bridge-ports bond0
  bridge-vids 1-200
  bridge-stp on

auto bond0
iface bond0
	bond-slaves glob swp1-4

Now compare the template against the module:

Template Module
vars: 
  bond0: "swp1-4"
  vids: "1-200"
  bridge_members: "bond0"

name: configuring /etc/network/interfaces
template: src=interfaces.j2 dest=/etc/network/interfaces
Here is the required template:
auto bridge
  iface bridge
  bridge-vlan-aware yes
  bridge-ports {{bridge_members}}
  bridge-vids {{vids}}

auto bond0
iface bond0
	bond-slaves glob {{bond0}}
name: configuring bridge
cumulus_bridge: name=bridge ports="bond0"
                alias_name="bridge" vlan_aware=true
                vids="1-200"

name: configuring bond0
cumulus_bond: name=bond0 slaves="swp1-4"
No template required!

Templates and built-in modules are great tools. There are many examples around the Web demonstrating all kinds of pre-built modules. And while a product-specific module sometimes makes more sense than a template, there is no requirement to use one over the other. With Cumulus Linux, you have the choice!

Cumulus Linux Modules with Examples

Here are examples with Ansible, Chef and Puppet Modules for Cumulus Linux.

cl-license Module

The cl-license module helps automate installation of the Cumulus Linux license which is required to make the front panel (hardware accelerated) switch ports function.

Ansible

cumulus_license:
   src: 'http://mgmtserver.corpnet.com/cumulus.lic'
   force: true
notify: reload switchd

Chef

cumulus_license 'corpnet' do
  source 'http://mgmtserver.corpnet.com/cumulus.lic'
  force true
  notifies :reload, "service[networking]"
end

Puppet

cumulus_license { 'license':
    src => 'http://mgmtserver.corpnet.com/cumulus.lic',
    force => true,
    notify => service[switchd]
}

cl-interfaces Module

The cl-interfaces module helps configure network ports like VLANs, trunks, access-ports and layer 3 information. Look at the examples below:

Ansible

cumulus_bridge: name=br0 ports=”swp11-12 swp32-33 bond0”
                alias_name=”vlan aware bridge” mtu=9000 vlan_aware=true
                vids=”1-300” mstpctl_treeprio=4096

cumulus_bond: name=bond0 slaves=”swp3-4” ipv4=”10.1.1.1/24”

cumulus_interface: name=br0.1 ipv4=”10.1.1.1/24”

cumulus_interface: name=swp33 speed=1000 alias_name=”only has vlans1-10”
                   vids: “1-10”

cumulus_interface: name=lo addr_method=’loopback’

cumulus_interface: name=eth0 addr_method=’dhcp’

Chef

cumulus_bridge 'br10' do
  ports ['swp11-12', 'swp32-33', ‘bond0’]
  alias_name 'vlan aware bridge’
  vlan_aware true
  vids “1-300”
  mtu 9000
  mstpctl_treeprio 4096
end
 
cumulus_bond 'bond0' do
   slaves ['swp3-4']
end

cumulus_interface 'swp33' do
  ipv4 '10.30.1.1/24'
  speed 1000
  alias_name ‘only has vlans 1-10’
end
 
cumulus_interface 'lo' do
   addr_method 'loopback'
end
 
cumulus_interface 'eth0' do
   addr_method 'dhcp'
end

Puppet

cumulus_bridge { 'br0':
    ports => ['swp11-12, 'swp32-33, ‘bond0’],
    alias_name => 'vlan aware bridge',
    mtu => '9000',
    vids => [‘1-300’],
    vlan_aware => true,
    mstpctl_treeprio => '4096'
}
cumulus_bond { 'bond0':
    slaves => ['swp3-4'],
    clag_id => 1
}
cumulus_interface { ‘br0.1:
   ipv4 => ‘10.1.1.1/24’
}
cumulus_interface { 'swp33':
   speed => '1000'
   alias_name => ‘only has vlans 1-10’
   vids => [‘1-10’]
}
cumulus_interface{ 'lo':
   addr_method => 'loopback'
}
cumulus_interface{ 'eth0':
   addr_method => 'dhcp'
}

cl-ports Module

The cl-ports module helps configure a single port into a set of breakout ports. 40Gb ports are capable of being split into 4 separate 10Gb connections using a breakout cable. Here is an example breakout cable:

Ansible

cumulus_ports:
speed_40g_div_4: ["swp1-4"]
      speed_10g: ["swp5-48"]
      speed_4_by_10g: ["swp49-50"]
      speed_40g: ["swp51-52"]           
notify: restart switchd

Chef

cumulus_ports 'speeds' do
   speed_40g_div_4 ["swp1-4"],
   speed_10g ["swp5-48"],
   speed_4_by_10g ["swp49-50"],
   speed_40g ["swp51-52"]
  notifies :restart, "service[switchd]"
end

Puppet

cumulus_ports { 'speeds':
speed_40g_div_4 => ["swp1-4"],
      speed_10g => ["swp5-48"],
      speed_4_by_10g => ["swp49-50"],
      speed_40g => ["swp51-52"]  
    notify => Service['switchd']
}

cl-interface-policy Module

The cl-interface-policy module helps enforce which interfaces can be configured on Cumulus Linux. For example, if a playbook is run, but sometime later an admin manually adds an access port to a VLAN, the cl-interface-policy module will enforce its configured policy the next time it is run and de-configure the manually added port. This way, configurations can be enforced and standardized across the network nodes.

Ansible

cl_interface_policy: allowed="lo eth0 swp1-33 br0 br0.1-10 bond0-10"
notify: reload networking

Chef

cumulus_interface_policy 'policy' do
  allowed ['lo', 'eth0', 'swp1-33', ‘br0’, ‘br0.1-10’, ‘bond0-10’ ]
  notifies :reload, "service[networking]"
end

Puppet

cumulus_interface_policy { 'policy':
   allowed => ['lo', 'eth0', 'swp1-33', ‘br0’, ‘br0.1-10’, ‘bond0-10’],
   notify => service['networking']
}
Have more questions? Submit a request

Comments

Powered by Zendesk