• strict warning: Only variables should be passed by reference in /var/www/sites/www.netomata.com/sites/all/themes/clean/template.php on line 126.
  • warning: Creating default object from empty value in /var/www/sites/www.netomata.com/sites/all/modules/moderation/moderation.module on line 110.
  • warning: Creating default object from empty value in /var/www/sites/www.netomata.com/sites/all/modules/moderation/moderation.module on line 110.
  • warning: Creating default object from empty value in /var/www/sites/www.netomata.com/sites/all/modules/moderation/moderation.module on line 110.

Netomata releases web-based Config Review Tool

Once you've used a tool like the Netomata Config Generator (NCG) to generate configs for a bunch of devices on your network, how do you convince yourself that those new configs are complete and correct and ready to deploy? How do you determine that the newly-generated configs differ from the old configs in only the ways that you want, and that you haven't inadvertently introduced unintended changes?

Wouldn't it be great if you could, say, compare the newly-generated configs to the original (hand-created) configs for those devices, or to the previous generated configs? And how cool would it be if there was some sort of "approval" mechanism wrapped around this, so that you could easily identify the files that had been reviewed and approved as good-to-go for installation?

We've got a tool for you!

We've just released the Netomata Config Review Tool, which addresses these issues. It is a simple web-based tool for reviewing NCG-generated config files and approving them for installation on devices. It is written in Ruby as a web CGI program; it should work fine on any web server that supports CGI programs, such as Apache. We're releasing it as open source under a GPLv3 license (the same as NCG).

This tool is an outgrowth of a recent consulting project that we did for Netflix, helping them install NCG and set it up to generate configs for the routers at their dozens of shipping hubs throughout the USA. We'd love to do a project like this for your organization, too!

How it works

For each device, the tool keeps track of 3 config files (if they exist):

  • Original: the config that the device was originally running (which was presumably created by hand)
  • Generated: the most recent config generated by NCG
  • Approved: the most recent generated config that has been "approved" via this process

For each device, this tool lets you:

  • View the Original, Generated, and (if it exists) Approved config
  • See diffs between pairs of configs:
    • Original => Generated
    • Generated => Approved
    • Original => Approved
  • Approve a Generated config (i.e., make it the Approved config for the device)
  • Unapprove a currently approved config (i.e., delete the Approved config for the device)

The tool does not (yet) install approved configs on devices; the assumption is that you will use a tool such as RANCID to do that, from the files in the "approved" directory.

How to get it

You can read all about it, see screen shots, and download the code at http://www.netomata.com/wiki/config_review_tool

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
8:38pm25Aug2010

Source of Variables

By contec

Hi Brent,

Great tool! I just started reading and reviewing the tool. I assume you keep track of all the variables used when these configurations are generated. For example if this is to be used for IaaS and the customer is leaving the service then the variables should be returned to a resource pool or to generate a remove script. I guess I am asking for something that NGC was not intended for since I see that this tool is great in building out a large set of configurations in bulk.

I'm also assuming I can use Ruby DBI to actually keep my variable pool state by putting this logic in with embedded ruby. Although this is not intended to be a NCCM tool, I've always had a need where I wish I can simply have CLI converted to a web services API with parameters. For example BMC BBNA has this simple capability which is the most important capability for us to automate the Data Center. Its this slim layer where we can convert a parameterized configuration to become a consumable web service and allowing me to repeat and keep track the configuration and resources (Vlan's, IP and etc.) to also be able to remove the provisioned resources is key.

For example one of basic services we are automating through BBNA is 300+ lines of configuration over more than 12 devices and more than 100 variables. It would be exciting if we can exchange thoughts on how we can do this with the combination with your tool.

We are able to demonstrate this with BMC and Infoblox-NetMRI, but I would want my customer's to be able to do this with open source tool sets like yours.

In Summary:

Can I store all the unique data in a database and utilize Ruby DBI to fill in the parameters?

Is this something that can allow a user to implement the templates via web interface and expose as a web service (SOAP or REST)?

Any comments are appreciated!

Thanks again for a great tool!

Charles

10:50am8Oct2010

Re: Source of Variables

By Brent Chapman

My apologies for the slow response; I somehow missed the notification about this comment. I'll do my best to answer your questions now, though.

Great tool! I just started reading and reviewing the tool. I assume you keep track of all the variables used when these configurations are generated. For example if this is to be used for IaaS and the customer is leaving the service then the variables should be returned to a resource pool or to generate a remove script. I guess I am asking for something that NGC was not intended for since I see that this tool is great in building out a large set of configurations in bulk.

Right, what you're calling "variables", I tend to think of as "resources"; things like IP addresses and subnets, VLANs, and so forth. NCG doesn't currently track resources per se; it's designed to generate configs for a particular object (device or service), but you have to tell it what resources have been allocated to that object. I've tried to make it easy to tell it that, though, through the tab-delimited neto_table files.

I'm also assuming I can use Ruby DBI to actually keep my variable pool state by putting this logic in with embedded ruby.

Yes, one of the reasons I chose Ruby was to enable things like that, though I haven't made any experiments in that direction yet.

Although this is not intended to be a NCCM tool, I've always had a need where I wish I can simply have CLI converted to a web services API with parameters. For example BMC BBNA has this simple capability which is the most important capability for us to automate the Data Center. Its this slim layer where we can convert a parameterized configuration to become a consumable web service and allowing me to repeat and keep track the configuration and resources (Vlan's, IP and etc.) to also be able to remove the provisioned resources is key.

For example one of basic services we are automating through BBNA is 300+ lines of configuration over more than 12 devices and more than 100 variables. It would be exciting if we can exchange thoughts on how we can do this with the combination with your tool.

Yes, NCG should be able to generate those configs. As discussed above, you need to manage those "variables" (or "resources") outside NCG, but you can have NCG use those variables to generate correct, complete, ready-to-install configs.

Can I store all the unique data in a database and utilize Ruby DBI to fill in the parameters?

I haven't tried that yet, but it's one of the ideas I've had in mind while developing the tool. At the very least, you can do some sort of export from your database to create neto_table files that NCG can use.

Is this something that can allow a user to implement the templates via web interface and expose as a web service (SOAP or REST)?

Not yet. One of the reasons I chose Ruby was to enable eventually using Rails to put a web interface on NCG, but I haven't started developing any of that code yet.

Thanks again for a great tool!

Charles

Thanks for your encouragement and insightful questions!

10:53am8Oct2010

Re: Source of Variables

By Brent Chapman

I should clarify that most of my answers, above, relate to the Netomata Config Generator (NCG) tool, not to the Web Config Review tool that was announced in the original blog post that these comments are attached to. The Web Config Review tool is a standalone tool, independent of NCG (though designed to be used in conjunction with NCG).