SDN - Where to start...

[EOS]

My boss has tasked me with "Figure out what this SDN thing is and show me some Proof of Concepts"

I'm pretty pumped to be able to devote my time to learning this for myself, and for the company.  We are a heavy Cisco shop with remote offices throughout the US.

Any suggestions out there on where the best places are to start, what you guys recommend, where to learn/research it?

[icecream-guy]

My boss has tasked me with "Figure out what this SDN thing is and show me some Proof of Concepts"

I'm pretty pumped to be able to devote my time to learning this for myself, and for the company.  We are a heavy Cisco shop with remote offices throughout the US.

Any suggestions out there on where the best places are to start, what you guys recommend, where to learn/research it?

youtube, and watch some videos  search 'SDN'

[that1guy15]

Your biggest hurdle is to actually nail down what SDN really is. Its become such a marketing term it can pretty much mean anything new these days. But there are several areas of you can focus in on depending on your needs or interest. Most of these are highly subjective and can be seen multiple ways, or I might not have the right view/grasp  of them ATM.

1) Data Center automation, controller based solutions, which can even be a broad term itself. Think of current wifi solutions and replace the APs with network devices.
Just to name a few:
-Cisco ACI - (controller based network fabric using APIC controller)
-VMWare NSX - (controller based network fabric within VMWare enviroment)
-Arista Cloudvision - (Controller based network mgmt using central server)
-Cumulus Linux - (linux based router/switch running on whitebox hardware or host servers)
-OpenStack - (https://www.openstack.org/)(Open Source controller for managing pretty much everything)
-Nuage Networks - (http://www.nuagenetworks.net/) (Controller based network mgmt using central server built on OpenStack)
-Apstra - (http://www.apstra.com/)(Controller based network mgmt using central server)

2) SD-WAN, which is automating the WAN connections and links to fine tune traffic patterns and policies
-Cisco iWAN
-Viptella
-SilverPeak
-Pretty much every vendor out there has branded a solution for SD-WAN. These are just the most popular.

3) Cloud Networking which builds parts or all of your infrastructure in a highly automated and accessible hosted solution.
-Amazon AWS
-Microsoft Azure
-Google Cloud platform

4) DevOps, which is scripting/automating operations aspects of your day-to-day either into workflows or mgmt tools. Or whatever the hell some people think this is. Im unsure at this point...
-Ansible - (automation framework allowing you to build "playbooks" to automate specific task into workflows)
-Python scripting - (Hello World)
-Build your own - (Notepad++ and get busy!)
-Programmers who think they know networking better than CCIEs
-Networking guy who think they can program

And to round out the list there is Docker which takes virtualization one step further and containerizes specific software or processes.
https://www.docker.com/


Now that you are fully up to speed on SDN please update your resume accordingly. 

[EOS]

Thank you both.

I've been searching around and reading up on it, but there's different ideas about what SDN is/should do for your environment.

@that1guy15 - Great breakdown.  That is insanely helpful to me right now!!   


...and that why i love these forums.   

[NetworkGroover]

Can't believe no one has mentioned https://www.sdxcentral.com/ yet.

Oh, that and start replacing all your Ciscos with all the Arista hotness. 

[that1guy15]

Can't believe no one has mentioned https://www.sdxcentral.com/ yet.

Oh, that and start replacing all your Ciscos with all the Arista hotness. 

I need to spend more time there. Not sure why I dont... Great resource.

[EOS]

Can't believe no one has mentioned https://www.sdxcentral.com/ yet.

Oh, that and start replacing all your Ciscos with all the Arista hotness. 

I need to spend more time there. Not sure why I dont... Great resource.

Fun Fact - My boss had a meeting/lunch with an Arista SE and Sales guy, and came back from it with this direction for me.  LOL

[NetworkGroover]

Hehe nice....

Aristas.... Aristas everywhere.... 

[wintermute000]

Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator

Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks

[burnyd]

Like others have said the hardest part is really figuring out what SDN is.  I would take what you do day to day and try to figure out how one would typically automate said jobs.  Like why in the world am I manually adding vlans and acls?

1.) Find a programming language.  Python is probably the easiest one out there. I would highly suggest learning things like paramiko or interacting with an API.  This is all vendor driven.
2.) Find some blogs where ansible is used.  Ansible is very powerful without knowing much of a programming language.
3.) Begin to explore outside of your realm with things like Docker,NSX etc
4.) linux,linux,linux,linux,linux

I think I am 2+ years into this SDN thing.  I still do not have a 100% clear definition on what it is.  Check out some of these blog posts I have done in the past few months of SDN like topics....
https://danielhertzberg.net/2016/05/09/arista-ztp-basics/
https://danielhertzberg.net/2016/08/08/network-continuous-integration-using-jenkinsjinja2-and-ansible/

[burnyd]

Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator

Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks

lulz you said powershell.

[that1guy15]

Oh sure if @burnyd gets to shamelessly promote his blog so will I!!!

I have a series on my blog to cover some of the current trends in DC networking. Im kinda just getting it rolling but have had to set it aside for other projects. Check it out and hopefully new post will be coming soon.

http://blog.movingonesandzeros.net/2016/05/current-trend-in-networking-series.html

[deanwebb]

Oh sure if @burnyd gets to shamelessly promote his blog so will I!!!

I have a series on my blog to cover some of the current trends in DC networking. Im kinda just getting it rolling but have had to set it aside for other projects. Check it out and hopefully new post will be coming soon.

http://blog.movingonesandzeros.net/2016/05/current-trend-in-networking-series.html

... all these blogs, including burnyd's and That1guy15's, are available in the blog section of this forum!

[wintermute000]

Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator

Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks

lulz you said powershell.

Preaching to the choir (Python/Ansible FTW) but in all seriousness, its not that bad LOL - in fact its pretty darned powerful (too powerful... heard some real horror stories re: the fact its not typed!)

The main scenario re: automating NSX configuration with powershell vs python + RESTAPI is simple practicalities - its easier to ask the already heavily MS enterprise shops we typically deal with: have you installed powercli, usually yes,  ok here we go. Vs can I have a linux server, with python install, and pip all these extra things, oh its proxied so we need to ask for proxy permissions / FW permissions and oh that means it has to go to security for approval and wait our policy is to maintain our own internal repos whaddaya mean your internal repo only has version XYZ, oh oops linux servers are in a different zone so we'll have to punch FW rules, but wait the vcenter admins aren't comfortable with some stinkin nix neckbeard hitting his valuable API calls with strange and alien JSON.... AARGH


Whilst on that topic: they better fix that thing whereby to edit an object you need to send a payload defining the whole damned object again. Leading to ugly hacks like this


https://richdowling.wordpress.com/2015/07/15/automating-nsx-from-powercli/


OTOH there is plenty of spadework being done by others in powershell land, that appears to be the focus from Vmware guys


http://thatcouldbeaproblem.com/?p=893
http://virtualize-automate.com/wp/index.php/2016/03/18/getting-started-powernsx/

[burnyd]

Learn python and one of ansible/puppet/chef. Now. Everything exposes python API or though use python for RESTAPI and you need to be across an orchestrator

Unless you go with an NSX heavy shop in which case powershell makes more sense though they do offer python hooks

lulz you said powershell.

Preaching to the choir (Python/Ansible FTW) but in all seriousness, its not that bad LOL - in fact its pretty darned powerful (too powerful... heard some real horror stories re: the fact its not typed!)

The main scenario re: automating NSX configuration with powershell vs python + RESTAPI is simple practicalities - its easier to ask the already heavily MS enterprise shops we typically deal with: have you installed powercli, usually yes,  ok here we go. Vs can I have a linux server, with python install, and pip all these extra things, oh its proxied so we need to ask for proxy permissions / FW permissions and oh that means it has to go to security for approval and wait our policy is to maintain our own internal repos whaddaya mean your internal repo only has version XYZ, oh oops linux servers are in a different zone so we'll have to punch FW rules, but wait the vcenter admins aren't comfortable with some stinkin nix neckbeard hitting his valuable API calls with strange and alien JSON.... AARGH


Whilst on that topic: they better fix that thing whereby to edit an object you need to send a payload defining the whole damned object again. Leading to ugly hacks like this


https://richdowling.wordpress.com/2015/07/15/automating-nsx-from-powercli/


OTOH there is plenty of spadework being done by others in powershell land, that appears to be the focus from Vmware guys


http://thatcouldbeaproblem.com/?p=893
http://virtualize-automate.com/wp/index.php/2016/03/18/getting-started-powernsx/

You can interact with the NSX API via httplib because its all just XML.

https://github.com/burnyd/NSXBuild

That is one of the first scripts I have ever wrote.  Its f'n terrible.  I would have written it way better today after another year plus of experience at this point.