New journey at Arista

burnyd · August 10, 2016, 09:17:35 AM

woot!

https://danielhertzberg.net/2016/08/10/a-new-journey-with-arista/

icecream-guy · August 10, 2016, 11:11:02 AM

congrats

deanwebb · August 10, 2016, 01:19:07 PM

And then there were two!!!

wintermute000 · August 10, 2016, 04:41:37 PM

+111111

Automating leaf/spine deployments with ansible = MIND BLOWING, esp. combined with python dynamic inventory

(OK you can do it too with JunOS or NXOS but in my mind it's an Arista 'signature' feature LOL)

Been doing validation for a N9K HLD lately and the engineers keep saying things like 'this is done just like Arista' instead of the other way round

Just get onto that EVPN feature stat, pls

Nerm · August 11, 2016, 12:50:47 PM

Congrats!

burnyd · August 11, 2016, 01:31:04 PM

Quote from: wintermute000 on August 10, 2016, 04:41:37 PM
+111111

Automating leaf/spine deployments with ansible = MIND BLOWING, esp. combined with python dynamic inventory

(OK you can do it too with JunOS or NXOS but in my mind it's an Arista 'signature' feature LOL)

Been doing validation for a N9K HLD lately and the engineers keep saying things like 'this is done just like Arista' instead of the other way round Just get onto that EVPN feature stat, pls

Yep Ansible is alot easier now with Jinja2 templates being built into Ansible 2.1 with the eos roles.

Yah you can do it with other vendors however, you can build topology specific leaf spine environments off of things like lldp and others if you are looking at bringing up an entire environment or at least adding day 2 stuff like additional leaf switches for more servers.

http://ztpserver.readthedocs.io/en/master/overview.html
https://github.com/arista-eosplus/ztpserver

About evpn yeah its a nice control plane I cant disagree there.

wintermute000 · August 11, 2016, 04:53:51 PM

TBH I'm not actually a fan of the new method - I can see how its easier and exposes all functionality without reliance upon individual roles/modules, however, I feel that it is a step in the wrong direction as it still relies on underlying CLI syntax and knowledge of - setting key/value pairs is much more aligned with the wider sysadmin world IMO - but again that's exactly how Juniper does it as well (except I think they wrap it in netconf). In any event it does work and work well. Protip if you haven't run into it already - it cares about indentations, which the official doco (ansible or arista) did not spell out - apparently the arista ansible team are working on highlighting this

I've look at the ZTP server smarts and it is pretty impressive, leaves APIC-EM's autodeploy in the dust which has zero automation logic or smarts (hey we have an API you can manually script your logic and then fire the bespoke notepad files into API, wow geeze thanks).

I can see though with EVPN why you'd want to take the time to do it 'properly' - the N9K documentation is full of 'what if' questions, we're working through an HLD now for EVPN DCI and my god the questions (esp in our market a lot of customers will not pay for a separate border leaf - most of the complexity arises from integrating separate aspects of leaf/spine, border leaf and DCI designs into what is basically a collapsed core / DCI border combined block - with all the gotchas around SVIs or no, routed interfaces or no, multicast boundaries, source from what, integration with existing STP, no PBB-EVPN so what does the split horizon in a Nexus vPC/VTEP (basically an Arista vVTEP), yada yada)

burnyd · August 12, 2016, 07:16:25 AM

Quote from: wintermute000 on August 11, 2016, 04:53:51 PM
TBH I'm not actually a fan of the new method - I can see how its easier and exposes all functionality without reliance upon individual roles/modules, however, I feel that it is a step in the wrong direction as it still relies on underlying CLI syntax and knowledge of - setting key/value pairs is much more aligned with the wider sysadmin world IMO - but again that's exactly how Juniper does it as well (except I think they wrap it in netconf). In any event it does work and work well. Protip if you haven't run into it already - it cares about indentations, which the official doco (ansible or arista) did not spell out - apparently the arista ansible team are working on highlighting this

Yah I would agree with you there doing dictionaries and then having certain values/key pairs to itterate on given if we are talking about python for the matter within a ansible role is the right way to do things because it eliminates any CLI its just wrapped in json at that point to communicate to the switch over api/eapi. However, the cli is already exposed. So anything int he cli can be done via the "new method" the old method individual roles would have to have came out per feature

. I dunno maybe as we become less cli dependent both can scale equally.

Quote
I've look at the ZTP server smarts and it is pretty impressive, leaves APIC-EM's autodeploy in the dust which has zero automation logic or smarts (hey we have an API you can manually script your logic and then fire the bespoke notepad files into API, wow geeze thanks).

Keep in mind Arista has been doing this a lot longer. I have watched this dramatically change an entire enterprise where it took days to get devices online into minutes.

Quote
I can see though with EVPN why you'd want to take the time to do it 'properly' - the N9K documentation is full of 'what if' questions, we're working through an HLD now for EVPN DCI and my god the questions (esp in our market a lot of customers will not pay for a separate border leaf - most of the complexity arises from integrating separate aspects of leaf/spine, border leaf and DCI designs into what is basically a collapsed core / DCI border combined block - with all the gotchas around SVIs or no, routed interfaces or no, multicast boundaries, source from what, integration with existing STP, no PBB-EVPN so what does the split horizon in a Nexus vPC/VTEP (basically an Arista vVTEP), yada yada)

Is the most common underlay for EVPN you have worked with PBB and not VXLAN? I would imagine its more vxlan same with DCI nothing wrong with PBB. Check into the whole cvx thing if you have time that is also another alternative.

NetworkGroover · August 12, 2016, 10:49:10 AM

Quote from: burnyd on August 10, 2016, 09:17:35 AM
woot!

https://danielhertzberg.net/2016/08/10/a-new-journey-with-arista/

Arista is lucky to have you, brosef. See ya at the next sales kickoff or SE summit, or maybe I'll see if I can swing by for new hire - I like to attend those every now and then.

deanwebb · August 12, 2016, 11:24:04 AM

Maybe y'all can catch up at the next Cisco Live.

NetworkGroover · August 12, 2016, 12:02:43 PM

Quote from: deanwebb on August 12, 2016, 11:24:04 AM
Maybe y'all can catch up at the next Cisco Live.

Yeah - they better be on the lookout for streakers with Arista flags....

SimonV · August 12, 2016, 02:22:04 PM

Congratulations, good luck on the new endeavour

that1guy15 · August 12, 2016, 03:35:25 PM

Congrats dude!!

NetworkGroover · August 12, 2016, 04:07:16 PM

Quote from: AspiringNetworker on August 12, 2016, 12:02:43 PM
Quote from: deanwebb on August 12, 2016, 11:24:04 AM
Maybe y'all can catch up at the next Cisco Live.

Yeah - they better be on the lookout for streakers with Arista flags....

I may even print out that troll face and wear it as a mask as well.

deanwebb · August 12, 2016, 04:24:44 PM

You'll look like a Johnny-come-lately. Trollface was the mascot for BSidesLV this year.