The Power of Automation: Juniper Apstra's Impact on Private and Hybrid Clouds

0:00 [Music] coming to you from The Windy City Welcome to Let's Talk Shop a podcast

0:07 about all things cloud and Enterprise Tech listen to insights and guest

0:12 interviews with it thought leaders and professionals now here's your host Elias

0:19 kanaser welcome back everyone to another episode of let's talk shop

0:26 this one is interesting it's part two to a conversation we had with juniper a few

0:32 months ago about App Store now on this channel we talk a lot about public Cloud we talk a lot about multi-cloud we talk

0:38 a lot about hybrid cloud but I'm guilty I don't know if I talk enough about private cloud and some of

0:46 the advances some of the automation the optimizations that are happening on premises with private clouds especially

0:52 with a company like Juniper that essentially invented the whole idea of

0:57 intent based upon which all of this AI stuff is now is now being built so it is my great

1:05 pleasure to welcome again Kyle Baxter of juniper Kyle welcome back to the show

1:11 thank you it's a pleasure to be back and I'm excited to talk to everybody so as a reminder I am a senior product manager

1:17 here at Juniper my focus is on our apps for solution and as mentioned it is our

1:23 intent based networking solution for private clouds

1:29 that's awesome so today is going to be for those techies out there for those of you that know me I like to get my hands

1:36 dirty and I'm excited about this one because again we're doing a tech demo so I'm not going to take too much time

1:42 we're not going to talk a lot about it Kyle before I put up some bullet points of what you're going to accomplish in

1:48 this demo give us an overview a very quick overview of appstra for those of you that want to watch the earlier

1:55 um podcast that I had with Kyle I'm going to link it somewhere up here and in the description if you haven't watched it my recommendation would be

2:01 pause the video go watch that first or put it in your car on the train or whatever and then come back to this

2:07 there was a ton of information that was covered but if you were to give me the cliff notes version what would that be

2:13 yeah let's do it so um as I mentioned Astra is built on intent based design what that means is

2:22 instead of the network operator pushing config via the CLI or automating it with

2:30 um very deterministic types of tools whether it's ansible Python scripts or things like that abstra takes that and

2:37 turns it into intent so we allow the the operator to push their intent so an

2:43 intent could be something like I want to add a VLAN to my service you don't have to know what that what that means or

2:50 what the commands mean but it frees you up from having to be able to have that deep Network knowledge where you just

2:56 have to be able to understand what do you want your truly your network intended to do and then Astra determines

3:02 the how the other key thing that after really does is it determines the how for multiple vendors we are truly the only

3:10 pure multi-vendor solution that can work with with any of under whether it's Juniper whether it's Cisco Arista or or

3:18 Enterprise Sonic devices from companies like Dell we can determine how that Network gets deployed and operated via

3:26 that intent-based engine we also then and we'll see this we we collect information from the devices to be able

3:32 to know exactly what's going on in your network and we can compare that against your intent so that way we know

3:38 instantly if things are deviating from your tent and to make sure that your network is always operating as intended

3:44 so that way you reduce those mean times repairs or mean time to innocence because we always know the network gets

3:50 blamed first so that way we can say hey no the network was operating as expected we need to go look somewhere else so so

3:56 basically Chad GPT for the network yes all right so let me let me do this so

4:05 walk us through these bullet points this is everything you promise to accomplish in this demo correct yeah that's correct

4:11 so we're going to cover all these topics and I have a little sneak peek that I'm

4:16 going to show everybody at the end so stay tuned at the end there's one item on here that's not listed that's coming up in a couple of months that's going to

4:24 be available that I want to show you and you're going to be excited to see so make sure you stay for that but what we're going to show live today is how in

4:31 just a few clicks in a couple of minutes we'll deploy an entire fabric that's that's what I'm saying a tire fabric

4:37 because the way after in our and our goals with app store is to be able to make the the private Cloud operations as

4:45 easy as it is to manage when you're using public Cloud because everybody knows when you're monitoring public

4:50 Cloud it's a few clicks and you have a service up and running that's what we want with private cloud and that's what

4:55 we'll see we'll see how we deploy it in a couple clicks and then we'll see how we can catch issues directly so we'll

5:02 we'll see how we can catch you know cabling issues will conf catch um Rogue

5:07 config changes when somebody goes into the CLI and makes a manual change and isn't doing it through apps for his intent system we'll be able to catch

5:13 that and see that quickly we'll then see a little bit how we can do day two operations like deploying a new rack and

5:20 we'll see it in a multi-vendor fashion where we can pick the vendor and we'll see the config automatically

5:25 automatically built for us and then we'll see the the rollback capabilities

5:30 that we have so anybody that uses the Mac knows time machine we have a feature called time Voyager and so it's an

5:36 entire network rollback command are people familiar with the rollback command it does it for the entire

5:42 network and then we'll finish up with a little bit on intent based analytics and that is our engine that I that I

5:48 mentioned a little bit in the intro that is constantly analyzing devices from Telemetry and being able to compare that

5:56 against your intent and constantly monitor it and be able to alert you we'll see how we can build custom probes

6:01 based on that so with that I think just go ahead and get started

6:07 all right so you're promising a lot um I'm gonna hand this over to you

6:13 show me dazzle me Kyle let's do it let's do it so here we are

6:20 in abstra's interface there's nothing yet deployed you see it's welcome to app store let's build something and so as a

6:27 refresher abstra is a virtualized machine so you install it as another

6:32 application and it will manage your network so let's go ahead and create a

6:38 blueprint we call them blueprints um because they're based on template

6:44 designs and that's how we get the speed of deployment and that's how we can get

6:49 the the known accuracy and resiliency and and speed

6:55 um to deploy so we'll create a new blueprint we'll give it a name and we have all sorts of templates that are in

7:02 here all the way up to if you want to see you know massive uh five-stage

7:07 design let's see I'll pick a really big one here and scare everybody you can see I have here I have a massive deployment

7:14 with you know super spine spines leaves generic devices crazy we're not going to do that one today but it takes about the

7:21 same amount of time to deploy so we'll pick a simple one just to show for today

7:27 and these templates in there are based on showing what are the devices what are

7:33 the connections and by devices I mean basically how many ports they have what

7:38 speeds they have so it's done in a generic vendor agnostic way so we can see we have a couple spines here a

7:45 couple leaves the dotted lines indicate racks so we have two racks with a couple

7:51 of servers attached to our Leaf devices pretty standard you know simple

7:56 three-stage ipclow Fabric and these are all based on on templates we have

8:01 several pre-built in the product you can also build your own in a few clicks whether you like a UI workflow or a drop

8:09 and drop drop and drag type of editor so we'll we'll create this and it it will scaffold our new blueprint and so it

8:18 will build everything we need to get started and we can see once we go into

8:24 our blueprint we have a couple of tabs to work in we'll come back to this dashboard and analytics tab in just a

8:30 second we're going to focus here in kind of the middle few tabs so we have a staged environment so this is think of

8:38 this as like your playground as the name indicates it's where you stage your changes you verify make sure everything

8:44 looks how you expect before you deploy to your active this is your production

8:50 we haven't deployed anything the way apps works is we always start in a staged environment and then uncommitted

8:57 is kind of what it sounds like it's what we haven't pushed to our active Tab and what is uncommitted and so we can see

9:03 here we have you know already it's you know built you know systems racks links all that information

9:10 but we still have a little bit information we have to give it before we can have a fabric up and running so we

9:16 have to tell it a couple of things from a resource perspective so these are things like asns and IPS we have

9:23 pre-built ones that we can use and we'll go ahead and use those but if you wanted to add your own you can if you have

9:30 specific requirements by all means use those and leverage them so we'll pick um

9:37 one of the defaults here and the great thing we can see as we're looking at pools we can see exactly how many we've

9:44 used so we picked a couple for the spines because we have two spines we've now used two out of that pool so we can

9:49 even see if we click on it you can see that it's you know it's available we have usage information so that way we

9:54 can track in real time how many were actually allocating so I'll do the same thing for the the leaves give it some

10:01 give everybody some IP addresses for um for loopback addresses and the

10:06 interfaces between our spines and leaves so pretty standard information like I

10:12 said if you wanted to build your own pools of ips and asns if you have unique requirements you can do that we're just

10:19 using the ones straight out of the box so we'll give everything some IPS so

10:25 we've done that now now you can see there's still some red around and the great thing about the the UI is you can

10:31 just literally follow where things are red and that directs you where to go so we look next and there's some devices

10:39 so in the templates that I that I mentioned earlier they're built on generic types of templates so it's just

10:47 saying I want the device to stay 48 ports and I want them to be 10 gig it's

10:52 not saying what vendor or what type of device it's very generic so this is where we start to say well what devices

10:59 do we actually want to use and so we're going to use all the same devices here for for this example I'm

11:05 going to show in a little bit how we can do it in a multi-vendor fashion but I'm just going to pick some juniper virtualized devices assign them to all

11:12 of them and update it so I've just told it what types of devices I haven't given it the

11:18 actual physical devices like what serial numbers or anything like that but what I can see now

11:23 is by assigning what types of devices it's now rendered exactly what the

11:29 config should look like so here in would we do that in like five minutes and a few clicks we've now built an entire

11:37 three-stage fabric obviously it's a simple example but we've we've built it

11:42 in a few clicks we can see already it's you know it's populated config this is real config host names you see

11:47 interfaces with speeds and mtus you can see that the bgp config so

11:54 anybody that's familiar with Junior's configuration they'll understand this and they could probably build it themselves but but why anymore we have

12:03 tools that can do it for you and figure it out so this is really I think um revolutionary

12:11 and exciting because you can build your entire fabric without ever having your

12:16 devices and see what the actual config is going to look like before you before the devices even arrive so we see a lot

12:23 of customers that they'll use this tool they'll stage everything and then as the hardware arrives they can then begin to

12:29 add it in and they know it's going to work because they've already pre-built their Network

12:34 how's it connecting to these devices and apis is what kind of security do you have to give it for to be able to

12:41 yeah or configure them great question so we connected the devices over the

12:47 management interfaces on the devices okay um and and then we have what we call an agent model so we have an agent

12:54 when the devices can an agent that lives a little a little is basically a python agent lives on the device we have secure

13:01 connections so it's all encrypted traffic um that we can then can communicate with the device so that's how we we push

13:07 config we can then get Telemetry off the device via that agent connection okay real quick I don't want to derail you

13:14 from the demo but this is just something that keeps coming up so this VM becomes

13:19 crucial to the network right so what happens if this VM goes down does the network go down do you have to build a

13:26 reality resilience into this VM is there a SAS alternative to this VM talk to me a little bit about the VM yeah great

13:33 question so so the VM like I think you're you're right on it is um on-prem

13:39 it is as as a virtualized application the the what we do for um for kind of

13:47 that redundancy checks is a couple things so the way we push config is

13:52 we're not actively in the data plane so we're not in the actual Network tracker

13:59 like I said we're connected to the management plane and the management network of the devices so if for

14:05 whatever reason apps are in the VM that it's on goes goes down your actual

14:10 Network traffic isn't impacted right but you would probably still find Value in

14:16 some of the Telemetry stuff that we're seeing so there is still you know maybe a you know a loss of visibility so your

14:22 traffic could still be flowing but you don't really know then what's going on but it gives you time to recover so it

14:27 it doesn't know the whole network is okay okay good that's awesome so it doesn't take the whole day no no it's a

14:33 good question it comes up a lot and so we have strategies where we can can make sure we properly back up and then we

14:38 have restore capabilizer we can restore it and you know enter two so that way you can get that visibility back into

14:44 what's going on in your network okay so so we've we've staged everything

14:49 what we need to do is now push it to production so I am going to push to

14:54 production and we are um deploying our initial design

15:01 and I struggle to spell there we go and what this will do is this will now

15:08 push it to our production our active Tab and so we can now see we now have that

15:15 same fabric design in our active Tab and again it has all that same rendered

15:21 config that we expected we are not collecting Telemetry yet because we haven't actually as you can see we

15:27 haven't actually assigned a serial number to the device yet so that's the next stage but this like I said provides

15:33 a lot of value to be able to build and Stage your entire network before you get the devices

15:39 so now let's imagine the scenario your devices have finally arrived we have a

15:45 zero touch provisioning service to bring devices on board I'm not going to bore everybody watching device boot get an IP

15:52 address and initial config yeah let's imagine that happened and we

15:58 can see here I have five devices um that are I have the management IP

16:04 that I'm connected to I have the the device key I know what OS version they're running on and they are ready to

16:11 be used um and so so the that agent communication that we talked about earlier and how we talked to them that's

16:17 how we're communicating with the devices so I'm gonna go back to my blueprint

16:23 um go back to my staged and I'm going to now assign my devices

16:28 so this is where I then pick the the serial number that I want to use for each device so some of them I had

16:34 already labeled fairly nicely so I can just map them up um but let's let's make a a little

16:40 obvious mistake here and we'll see what happens here in a minute now normally we

16:46 would recommend people to just go to a ready State you can see these states on the right there's deploy ready drain

16:52 undeploy probably pretty self-explanatory deploy means we're ready for them to go live ready means we

16:57 want them to be in a ready state to kind of test their configuration that's normally how they would go drain that's

17:03 when we want to drain and get ready to undeploy to get rid of a dice whether it's uh maintenance or other needs but

17:09 I'm going to be I think I'm all good and just say I'm ready to just deploy all these devices go straight deploy I don't

17:16 need to test anything because I think I'm smart enough um so we'll we'll settle that and we see

17:23 now devices turn green um because we've now brought those under management the key to members and and we

17:29 get a lot of questions sometimes on this is we manage the the actual

17:34 um switches so you can see here the servers they're they're yellows they're they're unmanaged in a way you can bring

17:40 those into management but it doesn't add any value because we don't manage any configuration on say like a bare metal

17:45 or an esxi server hosting virtualized applications we don't manage that we do have Integrations with VMware that I can

17:53 touch on to get information to be able to make sure configuration is aligned but we've now

17:59 assigned our system IDs and so we can see here in our uncommitted tab it tells us exactly what we changed and as

18:06 expected we assign some system notes okay great we think we're all good so let's

18:12 um deploy our new gear we're ready to go live

18:17 so we'll hit deploy and what will happen is we'll now push the configuration to all of our devices

18:25 and so we'll see the active tab start to populate with information and we

18:31 immediately see things turn red oh what did we do and this is where this

18:38 intent-based analytics comes into play so like I said we're constantly getting information on the devices and analyzing

18:45 it against what was intended so we can instantly see here in our dashboard that

18:52 something happened some of the bgp sessions aren't what we expected cabling isn't what we expected

18:58 routes aren't what we expected now we can dig into all this you know one by

19:03 one but we can also look at what's probably the most obvious thing probably the cabling is probably the

19:08 first place we want to start with it's you know it's like you're working up the OSI stack so let's look at cabling and

19:15 so so I'm sure everybody remembers you know as kids or even now when you're looking at you know magazines or whatever and

19:20 you see those pictures where it's like spot the differences it's like you got to find you know what's the difference between the two pictures well you know

19:26 that's what's like troubleshooting in networking but what what after does is it it finds those differences so it

19:33 gives you the cheat sheet for those pictionaries where you're trying to look at the differences and it exactly says

19:38 and we can see here that we expected on Port two to see Spawn Two but we

19:44 actually saw let's find two and part one that's a problem so either we didn't

19:49 cable it up right or we probably picked the wrong devices in the wrong roles which is what we actually did so we can

19:59 easily fix that by going to back to our stage like say we always work in staging

20:04 to make our changes and we have what we can call we can get lldp data from that

20:10 agent that's connected to the devices so we can fetch our lldp data

20:15 um and what we ideally would have done is put the the devices in that ready State instead of trade to deploy and

20:21 check that lodp or sent the cabling map to the person not skip the best yeah not

20:27 skip the test or um or export the cabling map because we can export the cabling map and what's intended so that

20:33 way you could just export this print it out give it to the person that's actually going to the building to to rack and stack and and verify all the

20:41 cabins right um but we could have that checks for you and so we can immediately determine up

20:46 these ones right here we can see that um that that it was it it's on Port one but

20:52 we expected Port two and that's what lldp saying so in one simple click we

20:57 could update them all manually but one simple click we can just say update the cabling map we have to what we what we

21:04 expect and we can we can click um update it we'll now see that we've changed a

21:12 couple of links that's what we expected we update our links so now let's Commit This to fix

21:20 the cabling map and so we'll immediately see that we'll

21:28 start now resolving some issues so we're pushing that and we'll see it's spinning pushing all the config to the devices we

21:35 can see here on the top if you're we have a lot of devices you can see the devices as they get pushed and if any

21:42 fail we've now immediately seen that cabling problems

21:47 have been resolved now bgp and Route they sometimes take a couple minutes to stabilize so we'll watch this for for a

21:55 minute and watch it stabilize um but we can look at something else in a moment but I want to pause see if

22:00 there's any questions so far before we get into the next step I I loved the

22:08 idea of being able to troubleshoot cabling I mean you were talking in my mind I'm like hmm like it was just very

22:17 curious on on my part to figure out well how did you know this was even a cabling problem so that was super interesting uh

22:24 to me no I I think I'm good this looks great yeah excellent it looks like you're bringing public cloud

22:31 characteristics approaches automation intelligence and empowering the folks

22:38 that are trying to do this on premises using private clouds you're giving them the tools you're you're saying hey you

22:44 can do this as well and you mentioned this can be also done in conjunction with VMware so for those that have a

22:51 VMware environment on premises this integrates disconnects so if I take you on a quick tangent what is the

22:58 connection with VMware yeah so we have an integration with the VMware and so

23:03 there's what we call external systems and one of them is a virtual infra managers um I don't have one set up to show here

23:10 but uh you would create a virtual info manager and so you can see with B Center or nsxt and simply you know you enter in

23:18 you know address username login and what we can do is then once we get that information we can then get information

23:24 about where all your virtual applications are in the network or the virtual servers and the VMS

23:31 um and IP addresses and configuration and then what that allows us to do is this kind of it's a great question it

23:37 leads into a little bit of the IBA or intent based analytics question is we

23:43 have then probes um so a probe is a way we go out get information from the device and then we

23:50 put that into our intent based analytics engine that can then process it and do

23:55 some interesting information with it use the intent that we have and be able to analyze it and so we have a whole bunch

24:03 of probes available you can see things in here from you know device environment device system there's some drain there's

24:10 imbalances for ecmp ESI evpn Ones hot cold interfaces but what you were asking

24:16 about is on the VM the VMware integration specifically so you can see

24:21 here a couple of hypervisor ones so these are comparing what is configured

24:26 on the the VMware side whether it's vcenter or nsxt what's actually configured on your network and we can

24:32 see if there's mismatches for things like like MTU or or lag and and VLAN

24:39 configurations so we can see if there's mismatches in there so this you can see it create a probe to calculate vslan B

24:46 VLAN mismatches and we can we can automatically check and alert you on

24:52 those and we'll see a couple of these in action in just a second okay that's how we can have that information yeah sorry

24:58 one more quick question I don't to derailers from the demo back to it no I love it

25:03 um openstack is supported um no not openstack okay so what about

25:09 hopefully some of the cool announcements you're going to tell us towards the end but anything like a redshift like

25:16 um I don't know Azure stack anything any of those or is it just VMware at this

25:22 point it's it's VMware at this point that's where we see um our customers are primarily using

25:29 customers yeah yeah on on private clouds um I you know we occasionally see some

25:35 of the others that you asked about but they're very rare at this point yeah um so as is the market evolves sure we can

25:42 add other Integrations perfect okay um that's that's everything sorry for

25:47 the tangent no this is lovely I this is perfect so one of the other things I

25:53 wanted to show is um what happens if somebody goes into a

25:58 device and that's what I'm going to do right now in the background and actually configure something because the whole

26:04 point of apps is it's your single source of Truth it is where your intent is is built it is what's what's communicating

26:10 with the devices in in managing them but what if somebody goes into a device and

26:16 sets uh you know says I'm just I don't need to use this app store thing I know the CLI like the back of my hand I've

26:22 been doing this for 50 years like you know I know what I'm doing um you know don't give me a new tool whatever you know the the common reasons

26:30 they say so they say I'm just going to go in here and edit myself um and and and and just you know I'm

26:36 going to move on this way but that gets harder in larger organizations where you

26:42 have multiple people with their hands on it um to understand and keep track of all these changes because then your config

26:48 is basically in the hands of that one person so we can have the ability to check

26:54 because like I said we have that agent connection where we're constantly getting information from the device and we can then be able to quickly check and

27:01 so here in about a few seconds we'll see some red appear in the dashboard for where we caught a config deviation from

27:09 the device because we're constantly looking at the configuration to compare it against what we intended and what's

27:15 actually running on the device so this is that that you know the Pictionary kind of description I was talking about

27:20 earlier we're helping you find that needle in a haystack and so we'll see it

27:26 here in just a second so we'll see this config deviation one right down here

27:31 that one should turn red there it goes so we we caught that and these are we

27:38 usually have them running every you know like minute so we're not overloading the devices um so we we caught it like I said we

27:44 showed that that that catch that Needle on the haystack and catch that differences so we can go straight to

27:50 that device and we can look at the config differences and you can see here there's all sorts of other information that that

27:58 we get so you can see things like um I'll deviate for a second because I think this is cool or we can see information about interfaces in the

28:04 expected States we can get Mac tables lldp information bgp lag routes host

28:12 names counters you can actually see packets flowing there's not much in this in my little lab here but back to that

28:20 config change so we actually can see here on the left here's what we intend to have on the

28:26 running configuration and here's what's actually running on the device so I can quickly go between diffs and we can see

28:33 here that hey some green stuff was added this exactly matches what I typed in was

28:38 added so then we can catch these and be able to flag and say hey something something happened Somebody went in

28:44 manually modified and we give you the choice of do you want to override it and apply

28:50 the the full intended config or do you want to accept the change so unless I give you the the chance to

28:57 interact here I'll give you the choice you get the a or b the red pill or the

29:03 blue pill however you want to look at it do you want to reapply the full config or do you want to say no no I want to

29:09 keep that VLAN and and keep it on uh on the device which one do you pick that's

29:14 equalizer you want to keep it let's keep the Villa all right all right let's do that and so

29:20 we then accept this as what is our now intended configuration so we'll accept

29:26 it and what this will do is it doesn't actually change anything on the device but now we've acknowledged that yes we

29:33 want that so now we've said this is our actual antenna config so if we go down

29:38 to that bottom that b Lane is still there and we've now turned everything back to

29:45 green so now it says yep there's no config deviation you told me that's what I wanted and even if I did a show vlans

29:52 on the device that VLAN is still there so this is that that power of what we're

29:58 constantly looking and monitoring the devices

30:04 very cool that's the IBN play correct that is that is the IBA a simple example

30:09 obviously there's you can see a lot more up you know options we could do but it's a it's a simple easy one to be able to

30:16 to show and understand so what I want to show is a little bit get into

30:21 you know ongoing day two operations and then that multi-vendor play that I talked about because in the beginning we

30:27 deploy this with just um Juniper devices but as I said in the beginning Appster

30:33 is multi-vendor so we don't have to live with that template forever so we get

30:38 also questions all the time it's like well what if I want to add a rack or add more servers you can do that and so

30:44 we'll we'll add a rack so we're going to add a rack and I'm going to pick a a a rack template that

30:52 we have again this is a simple one just for for the for the demo it has a single leaf and a couple of generic systems or

30:59 what we would think of as servers that are connected to that leaf so real simple example so we'll stage that new

31:07 rack and we'll see it now pop up in here we have another rack and then if I look at my topology

31:12 I see we have a whole new rack and again we have some some yellow and some red so just like we did before we follow the UI

31:20 in where it tells us to go to go make sure we get everything green so they go over here and we see up we have

31:27 a new Leaf device that we need to assign a device so we're going to pick a new device so again I'm going to give you

31:33 the choice what vendor would you like to see the configuration for Arista Cisco we've

31:40 already seen Juniper or a Sonic device so I'll give you the choice

31:46 let's go with Cisco Cisco all right um so we'll update that assignment

31:53 because now that we've told it what device it is when I go to that device I can see the rendered config so I don't

32:00 need to have a you know ccie from from Cisco that tells me how to configure you

32:05 know evpn vxlan on devices I just said hey I want to use the Cisco device that's what I got that's what I have on

32:11 hand you know maybe there's splice shortages for the other vendor so this freed me up because now I can then have

32:16 my private Cloud can now be multi-vendor I'm not locked into a specific vendor

32:21 which is really cool and you can see here there's you know same kind of config but in Cisco's format so we can

32:28 again see we have interfaces connected to our spines we have interfaces connected to those those

32:34 servers or generic systems on there we can see some other you know configuration on there here's the bgp

32:41 configuration it's a similar things but just in the Cisco format so we didn't

32:46 have to know how to configure a Cisco device versus a juniper device versus you know an Arista device or anything

32:53 like that if I even if I wanted to switch it I can switch it if I want to and say well actually

33:00 I wanted it to be a Dell device you know a Dell Sonic

33:05 device all right so let's update there and then we can immediately go see the

33:10 rendered config has changed into Sonic configuration so if anybody's ever seen Sonic

33:16 configuration this will look familiar if not welcome to Sonic and so you can see here same

33:21 configuration but just in Sonic's format so we didn't need to actually know how

33:26 to configure Sonic device all I know is I want a three-stage fabric I want you know this many servers and this many you

33:33 know spines and leaves and this is how I want to connect it after go figure out how to make that happen on the vendor

33:40 that I have yeah better being better boom and so again I can go here and I can see

33:46 am I uncommitted as expected I've added a rack I've added a couple systems and I've added links to connect that all

33:52 make sense so let's go and push this so push our new rack

33:59 and now we'll see this new rack deploy over on our active and again we didn't I

34:06 don't have an actual device to put to it but you can see this is kind of interesting it's a different color that's because we don't have a device

34:12 yet associated with it but we have already the connections so the configuration on spline 2 was updated

34:19 with the interface for this new Switch even though there's nothing yet connected so we are already in stage and

34:25 ready to go for when that Hardware arrives now what happens if you want to roll

34:32 something back I mentioned earlier we have this time Voyager feature it's it's like time machine for your Mac or if

34:38 you're familiar with the junos rollback command it's rollback for your entire network so let's go look at this

34:44 time Voyager um feature and capability so we can see here we have save revision so all those

34:51 those descriptions I was giving we see our our initial design was deployed we got our new gear we fixed the cabling

34:57 and we pushed a new rack so we can save various different points and it auto

35:03 save some for us if we want to keep a revision longer we can click the little save button here and it'll keep this

35:09 version for as long as we have capacity because you can only keep so many saved

35:14 versions Right Now the default is five but you can increase that limit if you wanted to up to a hundred so you can

35:22 have a hundred of say versions that you want to be able to keep track of so you can have those points in time to jump to

35:30 so for example let's say well we push that new rack but actually we're not yet

35:35 ready for that service we need to roll back we need to do it quickly well you

35:40 know the the rack we could go back over here and we could you know manually do it and say all right let's uh find our

35:46 racks and and delete the rack and and it'll do it for us but um but maybe it's more involved than

35:52 that maybe we added some you know virtual networks and a whole bunch of other things it's like well we need to roll everything back and I need to do it

35:58 now so that's where this really comes into into play is we can see exactly what current version we're at and we can

36:06 jump to any version in time we want to instantly so let's go back up version so

36:12 we're going to jump to this reversion and again it pushes it to the stage because we don't push anything directly

36:18 to production we want to make sure we stage it first and that it's all working as expected so let's roll it back to

36:26 that staged version so now here we are in our staged we

36:32 notice that rack's gone that we added so now we're back to our our two racks as we want but in our active in our

36:40 production we still have that rack but this allows us in our stage to make sure okay that was truly what I expected that

36:47 was that I wanted this is where I want to get to we can you know have all the checks yep everything's all green we are

36:54 good to go we can see that yeah we remove those links that rack that system nodes we have accountability for what we

37:01 actually changed and we can say all right let's uh um let's roll

37:06 back the new rack as service was not ready

37:13 so we've now then rolled that back and we're now pushing that to our active so

37:19 now that that new Rack in our active tab is gone as expected so we have that

37:25 ability to then roll back and forward um in time and so we could even if we wanted to we could roll back to enroll

37:31 forward in a way whether however you think of it in time to that that new

37:36 rack that we added so we can jump around to different points that we want to so this is a huge value that we see and a

37:43 lot of customers love this capability to be able to have those save points and be able to quickly go to certain points

37:50 that they know are accurate in time so you know if you get that you know so we like to say we're doing this so that you

37:56 can you can push to production on Friday evening and make your dinner date and

38:01 have your Friday evening to yourself and not have to worry because that's usually the most scared thing is you know no everybody says don't push on production

38:08 on Fridays because you're going to get that call when you're at the bar at dinner you're doing whatever you're doing on Friday night

38:14 um you don't want to get that call that says hey the network broke yeah and you're not going to give you the tools yeah yeah yeah who wants to come back

38:22 and you know and fix it um so this is where this this truly helps is you know if that happened you

38:27 could roll it back but hopefully it will never happen because we have all these checks and capabilities ahead of time to

38:34 be able to verify everything is working as expected very cool it's like a time machine on on Apple it's like less than

38:41 the configuration on Windows it's snapshots on storage so now we have it for the network so super cool yeah yeah

38:50 um so I'm gonna just dab a little bit in um the intent based analytics um a little bit more in depth so we can kind

38:56 of see how that works um so we have like I said probes do we

39:02 have some that you can see that are turned on by default I didn't actually say these these just came with it with that blueprint when I deployed it and

39:08 they were turned on for me we can say things like system Health traffic imbalances that are on there by default

39:15 system Health we can look at what it's doing it's actually getting things like

39:20 disk utilization CPU utilization on all the systems

39:26 um and even things like memory and what it's looking at is is you can create

39:31 these and and build these is where do I want my thresholds to be so do I want my threshold you can see right here it's at

39:38 80 is my threshold and I'm way below the threshold but if something crossed 80 percent I can have it then flag that and

39:44 say hey that's a violation of my intent because my intended stays on want my memory below 80 percent so that way I

39:51 can know and say oh hey Leaf two all of a sudden had issues and is now exceeding

39:56 you know memory usage and I need to go look at something to understand what's going on maybe there's you know burst of

40:01 application that's consuming a whole bunch of bandwidth or maybe something's actually happened on that switch that we need to go address and reroute traffic

40:08 to to make sure our services continue to meet our slas and work as expected

40:14 so I I talked a little bit about how you can add new probes um if if for those that watch the first

40:21 video they probably remember a story I talked about where we with our Optical probe we're able to catch

40:27 um probes or opticals that are failing before they go out and the way we do

40:33 that is we can monitor thresholds similar to like the memory and CPU we're looking at the the optical States and so

40:42 we can see things in here that we're looking at from an optical perspective on those cables to look at you know

40:48 sending and receiving power and bias and temperature and voltage all these things

40:53 you know that we wanted to stay within certain bounds and if they violate those bounds we know it's violated our intent

41:00 and we can know that hey these these Optics probably looking like they're going bad you're going to need to

41:05 replace them pretty soon and that's one of the customer stories I talked about in the first video is we can then help

41:12 predict when things are going to go wrong with these capabilities of all the data we're getting and analyzing

41:21 so one thing I just want to quickly show and I'm going to I'm gonna I'm gonna bounce to another

41:27 um system is if you wanted to create your own probes

41:33 um so we have like I showed that list of all the ones that come out of the box that you can just turn on and enable but what if you want to create your own this

41:40 is a new feature that we just announced and released that you can build those in there and so what I'm going to just show

41:48 quickly is a new probe that I've created and so I'm going to go to probe and so

41:54 there's a command um in in junos and probably similar in other vendors where it's called show BFD

42:01 sessions and it shows you know sessions that are up and down and so what I've done is I've built a new probe that uses

42:09 that command because we can use any CLI show command says if you can run a CLI show command and get information and

42:15 that information is valuable for you pull that in here and we can then do more than just get that value because

42:22 what we have behind the scenes and after is what we call a graph database that understands relationship information

42:28 because if you ever run show bft session it just shows up or down values for a

42:34 specific interface and but what we can do with Astra is say let's actually add

42:40 more value because all we get when we run show VIP session is a neighbor and a state but with after in that graph

42:47 database behind the scenes we can then say all right what is that interface actually for it's for this external

42:53 router what interface is it on on the local and the remote interface so we know exactly what and we can add more

43:01 context and information to it and then we can even do things like count the

43:07 numbers that are that are up or down in this case we want to know ones that are down and so we can see on Leaf one there

43:14 was a count of 10 sessions but six of them are down well we can then create ranges and say I

43:23 want to alert when there is more than one session down because that would be

43:29 considered a problem in my network and so we can create those alerts and have

43:35 dashboards and alerts sent when certain thresholds get encountered and so when I

43:42 go to my analytics dashboard I've even created a dashboard for that BFD session and real simply I can see oh look at

43:49 this I got two leaves that have an anomalous value that isn't what I expected

43:55 and you can see here that they've now crossed thresholds I've raised alarms so

44:00 similar to that config deviation and others we were looking at earlier my dashboard now shows that I have

44:07 anomalies that are not intended so this is how you can in the new Aster version

44:12 be able to build probes based on any CLI show command because we always get

44:18 questions like well I have this unique use case and I you know I look at the CLI and these show commands how do I add

44:24 that in well we've added that capability to be able to bring that to abstra so you can tie those commands in and build

44:31 custom probes in a real easy way

44:36 very cool so very cool I've got uh one question but I'm gonna hold off

44:41 yeah okay well I I talked a little bit earlier at the beginning that I have a sneak peek

44:47 of a new feature that's coming up yeah yeah so we have a new version

44:53 coming out in a couple months it's going to be Appstore four two one we've just launched our 420 version of abstra that

44:59 everything you saw today you'll be able to use and see and and leverage but we

45:05 have a new feature coming out that's going to solve a major Gap so we saw how abstra can understand what's going on in

45:13 your network guarantee it's working as intended but what about the applications

45:19 in your network because that's usually what you're you're having in your network and what you care about the

45:25 network working as intended or you know the devices are you know you know working in the CPUs and memories and all

45:30 that's work as intended routes are going where they expected the config is what you expected that's great but if the applications aren't working what does

45:37 that matter that's where you want to spend your time and so that's what we're bringing in our 421 release a capability

45:44 to get flow data from the devices to be able to

45:49 understand exactly what's going on at the application Level in your network so

45:55 we're getting this from from s flow net flow ipfix or IFA any of those protocols

46:00 we're getting that information and then being able to visualize that information

46:05 so I have a little video that I want to show so it's going to be a little sneak

46:12 peek here of what is coming so what we're looking at here is a whole new

46:18 dashboard of information about what's going on in your network like I said

46:24 we're getting this all from flow data information and so we have several

46:29 different dashboards that we can see we we can go through things like top in for talkers course Services we can see

46:35 potential threats we can see flow diagrams graphs on all the flows

46:40 geography where they're going where the traffic and interfaces are going

46:45 so all sorts of interesting data but let's let's look at an example of what

46:52 we can do so imagine you're looking at you want to look at a specific service like SSH so

46:59 we can filter on SSH and we immediately see all the views change but we see that

47:04 there's some resets in there resets usually aren't good on SSH so we can

47:10 filter on resets and as we go to the different dashboards you see those filters stay there on the top and that

47:17 way then we can then go to different views on the data that we care about in this case we're looking at SSH reset

47:23 commands and we can look at a flow and be like well why did this one have an SSH reset and we can understand what's

47:29 going on so let's look at another example we've cleared the the filters and let's say we

47:36 get a lot of reports of of poor bandwidth that we're not you know the internet's low what do we do then well

47:43 we know our Network's operating as attended but let's look at the flow data we can then pick the ports that are in

47:48 the interfaces that are are that are facing the the internet traffic and we can then analyze and look what's going

47:55 on so we want to go look at who's actually using Oliver bandwidth so we can look at top talker Services apps and

48:02 filter on those in this case we're just going to look at the top talkers and we can see somebody's using almost three

48:08 gigabytes of traffic that's our case and when we look at what's going on where they're going we go into something that

48:14 looks a lot like Netflix so we so we've isolated that somebody's streaming movies and that's what's

48:20 causing the the network to be slow for the internet now another example here that we can

48:27 look at is things like core services so DNS DHCP radius ldap ntp those kinds of

48:34 core Services those are traditionally based on requests and response types of

48:39 information and they ideally should match so the number of requests and responses should be equal if they're not

48:45 that's an indication of a problem and we can highlight those really quickly and we can look at certain time intervals

48:51 like predefined time rules like last 12 hours or you can see dragging and dropping and picking a specific area to

48:58 say what's going on and we can see there's some Reds in there nothing's really too bad but if it was we would be

49:05 able to pinpoint exactly the time it happened and so then if you know somebody's opening up a bunch of tickets and said hey my applications weren't

49:11 working at you know at 2 pm today we can go back and look at oh there was a bunch of DNS failures at 2PM that was our

49:17 cause we now have isolated and reduced that that mean time to repair of what's

49:22 going on in the network and understanding and troubleshooting and finding those needles in the haystack so

49:28 we are really excited to bring this we've been asked you know a lot of questions on this and you know where we were going

49:34 and so we are we're excited to be able to bring this later this year to be able to add this to the abstra solution

49:43 it's almost like application aware Network it is it's it's fascinating I

49:48 mean I I'd love to see where it's more automated even where I don't even have to dig into it it's just gonna tell me

49:55 hey a click here to fix or at what point do you think and again this is purely

50:01 speculation we can get to a point where it's truly application aware and I don't know if if the instance the application

50:07 is is hungry for more memory or CPU you can trigger a configuration change even

50:13 within within the application Am I Dreaming or do you feel like this is something in our future

50:19 no I I think it is something that is possible in the next year or two that we can get to because you can kind of see

50:26 where we're building to it you know what we're showing is we can now easily collect things and and show things like

50:32 you know the simple you know cabling mismatch you can see and take it to the next level is just go go fix it for me

50:39 um and address it so that way you know you don't even have to have you know operator look at it for things that you

50:45 know are pretty obvious and and that is where we are we are looking at intending to to add to

50:52 um because you know everybody's talking about you know AI um we don't want to just you know slap on you know chat GTP to it and say yeah

50:59 we've added AI it's like no no that's it's not AI we want to bring true AI value where we can you know not just

51:05 automate and and look at it from the intent base but then add AI to then solve problems based on all this

51:10 information we have and we can leverage and then bring it to that next level because that's truly the Holy Grail of

51:17 of network operations is you just you know you deploy it and it just it just works and you never even have to touch

51:24 it that's where we want to get to and where we're looking at driving the future so so absolutely I think that is

51:30 is where we're going to take the the product and the vision going forward to truly simplify operations for for the

51:37 network operators I'll put you on the spot so for me this

51:42 was a fascinating demo but in my mind I kept thinking why can't I do this across

51:49 public Cloud providers like this would be fascinating to do across I don't know

51:54 either yes Azure it would be fascinating to across AWS in Google if you don't have an answer it's okay

52:01 just tell me why I can't do this in the cloud maybe yet maybe that maybe that I should maybe I should just add yet to

52:07 that yeah yeah so we're laser focused on and

52:13 on making sure that we get the private data center use case right and we we optimize that experience

52:20 um so so sure we could we do that yes but we don't want to deliver you know

52:26 half-baked you know products we want to deliver you know best in the industry products and that's where we're focused

52:31 on making sure we we provide the best operations capable where I probably look

52:37 at things of where could I combine those capabilities together with managing my public Cloud managing my private Cloud

52:44 what we're seeing some of the industry and some customers looking at things is how can I use the apis from appstra and

52:51 integrate into terraform um we have it we have a terraform provider um so if you anybody wants to just look

52:58 up abstra terraform you'll go directly to the site we have a terraform provider that leverages the the apis from abstra

53:04 and can then tie that into a true Network devops experience and that's

53:09 that's where we're seeing probably more the the push where we see a lot of customers looking at that direction

53:15 um when they're wanting to automate this experience across different um platforms networks um even public

53:21 private Cloud things like that is leveraging things like terraform to be able to to push the intent to multiple

53:28 different systems so then they can manage it that way and do it in a truly you know network devops type of

53:34 experience that's probably where we see more the direction going rather than having a single control point that

53:40 manages your your data private data center manages your wireless manages your your Wan manages your public Cloud

53:47 it's more tie those in with things like like terraform or other types of integration types of tool sets

53:55 Kyle you're always awesome on the show thank you so much for this demo this was an amazing demo I'm gonna do I'm gonna

54:02 say let's do this again but maybe later later once we have the new version and

54:07 then you've got something else to tell us after the new version so that we're always we're always you know Finding you

54:14 know cool stuff out but um this was really cool um I love the intent based stuff the

54:19 analytics are great in here um I love the rollback capabilities the last known git configuration I think

54:25 that's that's really cool the cabling I think is probably one of my favorite demos is that one I was thinking about

54:31 that since you sent me those bullet points I'm like Ah that's probably the one that I'm gonna be most interested in

54:38 so super cool demo thanks for spending some time with me and um we're gonna do this again soon definitely I look

54:44 forward to it thank you and thank you everybody for watching folks I'm gonna put a bunch of links down in the

54:50 description on on abstra on some of the other demos that you can find on some downloads some white papers Etc so make

54:58 sure you check that out and we will see you in the next one take care now [Music]

55:05 foreign