Written by:  

Vincent Ritzer

The latest network tools: Cumulus Linux

What if your enterprise network could have the same architecture as AWS, Google Cloud, Azure and Facebook? These days, that means Cumulus. It promises to be the first open system to facilitate web-scaling for both large and small enterprises. Because we at Itility like to stay on top of the latest developments, we invited Cumulus for a brief demonstration. After less than two hours, our stack engineers were unanimously excited about this new technology.

Cumulus Who?

Cumulus is the “new kid on the network block” with Cumulus Linux. This is a Linux based on the Open Network OS that allows you to use any network equipment you want: from HPE to Mellanox and from Dell to Edgecore and Penguin. Goodbye Vendor lock, because you can install Cumulus Linux as new software on this hardware. From that moment on, this data center equipment offers you the same functionality as your Linux servers: administration, monitoring, and automation with the tools you know and love.

Even more important is the fact that you can benefit from the features that are already part of the Linux kernel. Whereas others tend to use their own software to control the hardware, Cumulus utilizes existing Linux components. Anything you then program in the software is copied directly to the hardware. Whether you prefer to use Python, Ruby or Bash, the possibilities are endless. And if you want to use techniques such as VxLAN or BGP, the requisite drivers and software are a standard part of Cumulus Linux. A growing number of companies use Cumulus Linux to operate various segments, sizes, and verticals. The tool has therefore amply demonstrated its effectiveness.


The advantages of CumulusVX

Connecting different systems with software that is not tied to any specific hardware offers a range of advantages. Whereas changes had to be made box by box in the past, you can now implement them across your entire network with a single command. Testing is also made easier with the help of CumulusVX. This tool allows you to create a test environment for your proposed data center, for example via an automated pipeline. CumulusVX is a 100% virtual copy of Cumulus Linux, so it behaves in exactly the same manner. A complete demo environment is available to run on your own system via Vagrant and Virtualbox.

Testing without hardware

At the moment, you need hardware to test a complete environment. A demonstration proves how easy the test process becomes without hardware. A change was implemented via a Git repository, to which a pipeline is connected that communicates with the build servers. These build the environment using an Ansible script and conduct various tests to validate the configuration. Once that was done, the virtual environment was broken down and the changes were pushed to the production environment. The variables that were changed manually for the purposes of the demonstration can also be supplied in JSON via a front end. 

Network change in minutes

Spinning up VMs is commonplace in the software world and especially in the network world. At the moment, we prepare a network change with 1,000 runbooks and checks – as well as 9 pairs of eyes. For normal code, you are used to including these changes, but that is not how things are done in the network world. Until now, that is.

BGP unnumbered for compact interface templates

Normally, when you build an IP fabric, you run into the problem of having to configure a ton of IP addresses on all links, which then also require management. A configuration template needs to be abstract. Cumulus offers that functionality with the addition of BGP unnumbered. This means you no longer have to configure IP addresses in the interface. Instead, you use the IPv6 addresses that are already there. This makes it far easier to set up your backbone interface. This is an addition to the RFC of MP-BGP that is fully supported by Cumulus Linux.

In order to make the template configuration as clean as possible, you want to keep the amount of manual configuration to a minimum. You configure a neighbor statement for each neighbor, which only needs to refer to the interface. When defining variables, you do not need remote addresses, which makes the configuration much easier to read.

Everything set up at once

The BGP unnumbered results in a simplified setup process. This also applies to your VLAN Bridges. In Linux, each Bridge is a separate VLAN. VLAN-aware Bridge ensures that you only have to configure a single STP, which includes multiple VLANs. The same model is used for the VxLAN VNI interfaces. 

Troubleshooting at the speed of light with NetQ

Perhaps we are getting ahead of ourselves, but the troubleshooting process will become a lot easier and faster if you used the paid NetQ application. This appears to be a useful addition, because our stack engineers breathed a collective sigh of relief during the demonstration. For example, it is exceptionally easy to find out where a MAC address lives. If you want to know how something moves through the network from a leaf, a single command will tell you everything you need to know. In the past, you had to go through each box in turn. Another example is the infamous MTU mismatch: what used to be an agonizing task is now taken care of in mere seconds. You can track the history of your changes as well, which gives you retrospective insight into what the same trace looked like two hours ago. This even allows you to simulate the effects of a malfunction in a specific node. 


If you use other systems than Linux, you might expect an interactive CLI (command line interface). Cumulus offers the NCLU, or network command line utility. That means you can use any commands that start with “net” to configure devices and execute show commands. Take “net show interface all,” for example. It results in an overview similar to what “show interface brief” would offer on an nx-os device. The information is retrieved directly from the various files and the active configuration, only in a net overview. The interface is highly intuitive and offers tab completion and a help feature in the context you are working in.


Easy to learn

It is clear that we are excited about this technology. How hard is it to learn how to use Cumulus? First of all, it is important to have in-depth knowledge of layer 2 and 3. Cumulus offers a crash course for this. Things become easier after that. Once again, CumulusVX means you do not need any expensive equipment to conduct tests. It offers a virtual copy of your network environment that is identical to your physical configuration. After downloading it, you can immediately develop a tool in Vagrant. You can test using six spines and thirty leaves and set up your hardware configuration and CI/CD. Next, you can push the configuration to your physical production or cloud environment via automation.

When is Cumulus Linux unsuitable?

The open system offers a wealth of opportunities, but you have to be able to handle all that freedom. It can easily become overwhelming. Cumulus connects to more than seventy systems, of which predefined sets are available. You know how it goes, though: if you have a choice, you want to make that choice yourself. It is therefore advisable to set aside plenty of time to select the systems you want to work with. 

Interesting option for the future?

Our motto at Itility is “try before you buy.” However, after everything we have seen, we cannot wait to get our hands on this new technology. We already see a ton of opportunities to save valuable time. The possibility of moving towards infra-as-code in the network world is a particularly promising feature. 


backBack to overview

Want to stay updated?