Overview

Use this feature to

• Create new users and roles

• Remove and suspend existing user one by one

• Remove and suspend multiple users at the same time

• Password reset of existing users

Only super admin or Enterprise admin can perform these actions

Users

• Navigate to User Management >> Accounts >> Users

• Initially, we get one default Admin User Credential

• In this view, we get the User status and Role given to it and the Last login time by the user.

• On this User tab, we can Add new users and can remove or suspend any existing users

Users - Add New

• Navigate to Accounts >> Users >> Add

• Admin can add

  • Profile picture

  • Username

"on the first login by the user with given details, ONES application prompt with a screen to rest the password

• Now User is ready to login with valid credentials

Users - Reset Password

• Navigate to Accounts >> Users >> Edit User >> Reset Password >> Yes

• Using Admin credentials you can reset the user password

• Click on Reset Password

• Submit & Save

• After this user can try login with the temporary password, on the first login, ONES application actively asks to change the password

Users - Remove User

• Navigate to Accounts >> Users >> ((Select Users you want to remove)) >> remove >> Yes

• We can remove multiple users at a time

• After this, the user will be removed from the database and cannot use credentials to login again

Users - Suspend User

• Instead of removing any user, we can also suspend the user

• Once we suspend a user it will not be removed from the database but it will be in an Inactive state in the database

• Later if we need we can restore the user to its active state

• Choose users & click on Suspend

Users - Restore User

• Navigate to Accounts >> Users >> ((Select Users you want to restore)) >> Restore >> Yes

Roles

• Navigate to Account >> Roles

• By default, the device comes with these 4 Roles

  • Super Admin

  • Enterprise Admin

Roles - Add User Roles

• Navigate to Accounts >> Roles

• Now let's add few extra permissions

  • Add/Remove Devices

Introduction and Overview

Open Networking Enterprise Suite (ONES) is a Network Orchestration, Visibility, and Assurance solution for multi-vendor and multi-NOS operated Network Infrastructure. ONES provides a one-stop solution from delivering deep visibility into your datacenter networks to extending 24x7 support functions for SONiC. It also hosts a powerful analytics engine that assists users to identify network issues and troubleshoot their networks, in case of common network anomalies and disruptions.

ONES uses a YAML-based Device Discovery Template for adding switches and continuously collects streaming telemetry data from them to provide insights on;

• Data Center Inventory

• Network State

• Platform and System Health

ONES monitors various control and data plane metrics to provide these insights.

ONES orchestration provide network admins to automate the fabric configuration using configuration templates for provisioning physical interfaces, layer 3 configuration for building IP-CLOS fabric using BGP as a routing protocol including BGP-unnumbered, system services including NTP, SNMP, SYSLOG etc. ONES orchestration not only configures the fabric but also make sure the Fabric is operational by doing verifying the configuration at every stage.

ONES provides north bound API access for configurations originating from external orchestration tools.

AVIZ Support Overview

Network Assurance helps the NetOps team validate policy and security compliance checks before making a change in network configuration, an intelligent set of proactive and predictive techniques that validate the Network for readiness without error, conflicts, and disruptions

Aviz Support team is located across four timezones offering 24x7 SONiC and related product support for multi-vendor switches and ASICs. Using our support portal, we offer you to

• Collaborate with our SONiC experts to expedite your evaluations

• Speed up your SONiC troubleshooting SLAs to as low as 15 minutes regardless of the underlying Switch/ASIC platform

• Minimize operational delays by centralizing issues across multiple platforms

Users can reach out to customer support on

Supports Options are available:

• Integrated Chat

• Submit a Ticket

• Send an email to support@aviznetworks.com

Refer to the "" section of this document for more details

ONES Supportability

To connect with customer support users can choose the support option available on ONES-UI

Overview

ONES Telemetry Collector(s) and Analytics bring truly unparalleled visibility across all your switches running SONiC (both community and vendor distros), regardless of the underlying ASIC. ONES front end (UI), will enable network admins to;

• Manage inventory of your network devices running SONiC on Broadcom, Cisco, Marvell, Nvidia ASICs

ONES is a support application for SONiC stack. It is designed for customer's engineering team such as SRE’s, HW and SW engineering teams for their daily network diagnosis and troubleshooting needs. In addition to that ONES exposes the API to integrate with external tools or customer homegrown applications.

This section describes how ONES authenticates users and secures communication.

Why do we need Network Orchestration?

Orchestration refers to tasks or actions required to achieve a set of objectives for your Network Infrastructure operations

A centralized application like ONES translates these objectives into a network configuration template, applies and monitors to validate the operational efficiency and functionality

Overview

There are three primary components of ONES Application

• ONES Telemetry Collector(s) for Network Visibility

• ONES Orchestrator for Fabric Configuration

• ONES Supportability

• ONES Security

Installation Overview

ONES Installation follows the below steps in the order sequence of;

• License Readiness

• Preparing and Installing ONES Application machine

• Installing ONES Agents on SONiC Switches for Orchestrator and Telemetry

• Enabling OpenConfig on non-SONiC Switches for Telemetry

License Readiness

The installer allows a default capability for managing 8 devices without a license. Beyond this, the following license key is required for proceeding with the Installation;

• ONES Application License (As per device count)

To obtain a license, contact support@aviznetworks.com providing the below details;

• License Duration - In Years (1-5)

• Devices Count - 8, 32, 64, 128, 256, 512 or 1024

• ONES installation ID

System Hardware Requirements – ONES Application

In the current release, ONES can support managing up to 1024 devices. For ONES Application Installation, the system hardware requirements vary based on the number of devices to manage;

System Software Requirements - ONES Application

Customer Firewall Configuration (Ports to be opened)

Network Switch (Managed Node) Configuration Requirement

• SSH is enabled

• Network Reachability from ONES Application

• OpenConfig feature is enabled (for non-SONiC Switches)

Browser Requirements for ONES Web User Interface access

• Google Chrome version 107 or later

• Mozilla Firefox version 106 or later

ONES provides the following subscriptions to manage and monitor the devices.

Supported Matrix

Cumulus & Arista platforms are considered by ONES as Agent-less and supports metrics available using NVUE and eOS APIs

Agent-based vs Agent-less

SONiC-based switches require ONES Agents (Agent-based) to be installed on the switch being monitored, as a pre-requisite for ONES Telemetry and Orchestrator based functions to work.

• ONES Telemetry Agent

• ONES Orchestrator Agent

Proprietary NOS like Arista EOS, Cumulus, and Cisco NX-OS does not require an ONES Agent and instead leverage (Agent-less) feature. OpenConfig extends APIs that provide Network Telemetry information about the resources being monitored via (gRPC Network Management Interface) protocol to the ONES Application

ONES does not support Orchestrator-based functions on Proprietary NOS (non-SONiC).

Agent requirements

• SSH access

• SONiC versions beyond 202012 or 202111 are supported

• Only x86 intel-based architectures are supported

• Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal

• Login to with your account credentials

• Click on the Downloads section, under

ONES Application system - Installation Steps

• Enable super-user mode

user@ones-application:~$ sudo su

Overview

ONES requires user to install the below agents on SONiC NOS to allow Network Orchestration and Visibility

• ONES Orchestrator Agent for Network Orchestration

To access the ONES application, use Server IP with HTTPS

https://<host-ip>

Use default credentials to login, refer page for default credentials

Upgrade Process

• To upgrade any VM (QCOW or OVA)

  • Download the ONES installation package

  • Follow the to upgrade the ONES to New Version

On the ONES Application server, go to ONES-1.2/ones_fm_agent

root@ones-application:~$ cd /ONES-1.2/ones_fm_agent

Installation (Agent Install on multiple switches at the same time)

• Enter device details (Management IP, Username, Password ) in device_info.csv

root@ones-application/ONES-1.2/ones_fm_agent:~$ vi device_info.csv

• Save the file

• Execute the installation script

root@ones-application/ONES-1.2/ones_fm_agent:~$ python3 deploy_fmcli.py "install"

• Verify the Installation success by running the fmcli command on individual devices

root@Switch:~$ sudo fmcli

On the Application machine, go to ONES-1.2/ones_t_agent folder

root@ones-application:~$ cd /ONES-1.2/ones_t_agent

Installation (Agent Install on multiple switches at the same time)

ONES User Interface - Features

QCOW Integration

Download Qcow2 Package

ONES Application can be integrated in the network as a Virtual Machine(VM) Package

VM Packages

• QCOW2 Package: Qcow2 can be imported any KVM Hypervisor based application

• Navigate to Inventory

• This page gives the control to onboard the devices with two options

Template Details: BGP IP-CLOS Config with 3-Stage in the given topology

• Devices used

  • 2- Spine Devices

  • 3- Leaf Devices

Topology

BGP-IP-CLOS Standard Template

Template Details: L2 VXLAN EVPN with MCLAG in the given topology

• Devices used

  • 2- Spine Devices

  • 4- Leaf Devices

  • 2- End Host

Topology

BGP-IP-CLOS VXLAN EVPN Asymmetric IRB with MCLAG Standard Template

Overview

Using this feature setting we can set the acceptable and critical percentage level for the following device components

This page gives the control over the widget refresh timer and user idle state

Users can set the manual timer to refresh all the widgets after a time interval (default is 30sec)

Users can set the timer after how many minutes of idle state the ONES-UI should be logout

• Thresholds we can set for Components

• CPU Utilization

• Memory Utilization

Thresholds

• Navigate to Settings >> Thresholds

• Change the values as per your requirements

• Update it to get these new settings live, after Save Changes, all these metrics will be reflected on devices metric pages under Inventory

System Control

• Navigate to Settings >> System

• Using this page, users can change the refresh interval in seconds for all the widget

  • In the dropdown menu, available intervals are:

    • 30 Seconds

Template Details: BGP IP-CLOS with MCLAG in the given topology

• Devices used

  • 2- Spine Devices

  • 4- Leaf Devices

  • 2- End Host

Topology

BGP-IP-CLOS-MCLAG Standard Template

Template Details: VXLAN L3 EVPN Symmetric IRB in the given topology

• Devices used

  • 2- Spine Devices

  • 4- Leaf Devices

  • 2- End Host

Topology

BGP-IP-CLOS VXLAN L3 EVPN Symmetric IRB Standard Template

Template Details: L2 VXLAN EVPN Config with given topology

• Device used

  • 2- Spine Devices

  • 3- Leaf Devices

  • 3- End Host

Topology

BGP-IP-CLOS VXLAN EVPN Asymmetric IRB Standard Template

Template Details: VXLAN EVPN Asymmetric IRB Config with given topology

• Device used

  • 2- Spine Devices

  • 3- Leaf Devices

  • 3- End Host

Topology

BGP-IP-CLOS VXLAN EVPN Asymmetric IRB Standard Template

Hardware (Default)

The dashboard provides the NetOps with an overview of the data centre. It contains the entire hardware inventory of the network and shows the status whether these switches are streaming or not streaming.

• After the Installation of ONES Application for the first time, the Dashboard is empty and Devices need to be onboarded for them to reflect

• Dashboard will be used to

  • monitor the status of an agent running on all the devices present

Components

• Navigate to Dashboard >> Components

Software

• Navigate to Dashboard >> Software

Interfaces

• Navigate to Dashboard >> Interfaces

• Using this page a user gets the status of

  • the cables utilized in the network

  • how many pairs of cable can be used for future topology (helps the admins in capacity planning)

Overview

The monitor widget in ONES:

• Shows the complete topology view of the fabric

• The Topology view can be filtered by:

  • Region

  • Brick

• This page shows all the links and information connected to each other

• Low and high utilization of all components

• Input / Output errors on links

• ASIC detailed view of all managed devices

• BGP status

  • Neighbour Count

  • Neighbor status (Up/Down)

• Traffic View

  • input/output packets in million per sec

  • Errors and Discard packets per interface

NOTE: If all the managed devices have the same Region/Brick ID, we do not get any filter ribbon

Topology

• Navigate to Monitor >> Topology

• This shows the complete Topology view, how the devices are connected and to which role they belong to

• We can put the filters to check the customized view of the Diagram by: Region Availability Zone Brick ID

NOTE: we do not get filter ribbon if all devices belong to the same Region/Availability Zone/Brick ID

• We can also check Down Links to check the topology those are having links in the shutdown state as per Role

  • Super Spine

  • Spine

• Users can easily filter the view as per the Region, Availability zone and Brick ID

Links

This page gives a view to the user for all the possible connected links between devices with a few more capabilities

• Navigate to Monitor >> Links

• This page helps a user to get the best view of the number of connections between devices with speed and other manufacturer details

• This page gives the exact view of the interface name, interface speed, transceivers and admin & operator status

Links View with Filter Ribbon

• We can also have a filtered view of links

• Choose a specific Role and Region to filter

• let's choose:

Platform

This page shows the latest utilization of the devices with CPU & Memory utilization, Temperature & Voltage of PSU, and fan speed in RPM

• Navigate to Monitor >> Platform

Platform Status

Platform Status is reported for the following components

• Roles

• SKU/ASIC

• Ports/Max Speed

Customized View

• We can check the health of the device as per some customization

• We can filter the devices by:

  • Roles

Role-based Customization

• We can choose a role using the available Role-based option

• 4 Roles available

  • Super Spine

Region-based Customization

• We can choose a role using the available Region-based option

• Two roles available

  • San Jose

Role / Region based Customization

• We have the liberty to do the filtering by both combination Role-based and Region based at the same time

• As of now, we have two Region available

  • San Jose

Per Device Status

• This Platform Widget also gives the option to check the extended capability view of the device

• Apart from this monitoring view, we can also verify/check extended feature sets like:

  • PSU Current (A)

• When we choose a specific device we get an output like this

Device Info Ribbon

CPU Utilization (%)

• Here we get the complete status of CPU utilization with a time range A complete status What was the utilization from starting to end

• To check a specific time detail we can hover the cursor to any level

Memory Utilization (%)

• Now here we get the status of memory utilization of selected device

• To check a specific time detail with memory utilization, we can hover the cursor to any level

CPU Temperature (C)

• This template shows the status of CPU temperature in degree celsius

• Here we get the status of all the CPU and Core running on the device

• To check a specific time detail for all the CPU/Cores, we can hover the cursor on any level

• We can also check Per CPU Core details

• We can see here the customized view per CPU Core

Fan Speed (%)

• Here we get the status of the FAN speed percentage level across all fans available on the device

• To check a specific time detail we can hover the cursor on any level

• We can choose to view the customized view of a few fans at once

• Here we can see the output of fan1 and fan7 in this customized view

• When we move the cursor to check the exact status of fans at a particular time

PSU Temperature (C)

• This widget provides the status of the Power Supply Unit (PSU) temperature (in degree celsius) across all power supplies available on a particular device.

• To check a specific time detail we can hover the cursor on any level

• We can choose to view the customized view of a few PSUs at once

• In our case, we have 2 PSUs, so now let's choose one of them and check the output

• When we move the cursor to check the exact status of the PSU at a particular time

PSU Voltage (V)

• This widget provides the status of the Power Supply Unit (PSU) voltage across all power supplies available on a particular device.

• To check a specific time detail we can hover the cursor on any level

• Same we can check the customized view by choosing one or two PSUs

• Let us choose one of the PSU to check individual Voltage, so here we have taken PSU2 to check individual Voltage

PSU Current (A)

• This widget provides the status of the Power Supply Unit (PSU) current in Amperes, across all PSUs available on a particular device.

• To check a specific time detail, hover the cursor on any level

• Same here as per other power supply customized views we can also check the customized view here by choosing specific PSUs

PSU Power (W)

• Here we get the status of Power supply power in Watt across all power supply present on the device

• To check a specific time detail we can hover the cursor on any level

• We can also check the customized view of this

Services Running

• The best widget here for Services

• We can also check the total number of count of services running on the platform

• This graph shows the red colour bar, red colour show at what time one of the services went down

• To check a specific time detail we can hover the cursor on any level

• Here we get the name and count of all the services running on the platform

Services CPU Consumption (%)

• This widget shows us the CPU consumption percentage level of all services / per service.

• Here we can see we have the option to check the consumption view of CPU

• To check a specific time detail we can hover the cursor on any level

• When we get this output we get a clear view of both CPU Utilization per service based

• We can also customise the view of this widget by choosing some specific application

• We have all the services button here to choose

• Again we can check the view of all the services we need

• So here is the view of only the BGP service

• We can see the CPU and Memory consumption for these 2 services

Services Memory Consumption (%)

• This widget shows us the Memory consumption percentage level of all services / per service.

• Here we can also check the consumption view of only Memory.

• To check a specific time detail we can hover the cursor on any level

• Here we get a clear view of Memory Utilization per service based

• We can also customise the view of this widget by choosing some specific application

• We have all the services button here to choose

• So here is the view of only the BGP service

ASIC

This page shows the view of ASIC Capacity and a few more details related to ASIC

• This widget Shows

  • Roles/Region per device

  • SKU and ASIC details per device

This ASIC Widget give us the control to get the output per Role and Region basis also

• Let's choose Leaf Role to get the customized view

• In the same way, we can customize the view by Region

Per Device Status

This widget gives us the capability to check the extended view of the Routes & ACL usage with a range of time

Click on any of the devices to get the extended view

BGP

This BGP Page shares the data of BGP neighbours present across managed devices

Neighbor View

This shows the status of the neighbour's details, the total number of neighbours, received routes, neighbour RID, BGP AS number & much more​​We have the option here to check the neighbour details and status of Routes​​We can click on neighbours to get more details about all neighbours connected

Per device status (Neighbour's & Announcement)

The user can get per-device status by choosing a particular Device

• Click on the device name to get the status

• This new page shows the status of BGP neighbours about UP and Down status

• On right side it shows the BGP announcements and the local prefixes present in BGP table

Customized view

• This page gives us the power to check neighbours as per Roles and Region-based

• Let's check how we can filter as per Role-based

• Here is the global view of all the Devices with BGP status

• After having only Leaf Roles here is the modified output

Traffic

• Using this widget we can check the input and output errors across all the devices

• This widget also shows the input and output packet per device

• Navigate to Monitor >> Traffic

• This page shows the information:

  • Bandwidth utilization in percentage

  • Input packets per second in millions

• This page shows the traffic drop rate per interface based and will be very useful while doing any troubleshooting for a traffic drop

• Using these details a user can check more details inside to fix the issue of dropping/discarding packets

• Enable Super-user mode

  user@ones-application:~$ sudo su

• Navigate to the GA directory on the Server

Template Details: VXLAN L3 EVPN Symmetric IRB with MG-LAG in the given topology

• Devices used

From the ONES Application

• Enable Super-user mode

  user@ones-application:~$ sudo su

On the Application server, go to GAv1.1/ones_fm_agent

root@ones-application:~$ cd /GAv1.2/ones_fm_agent

• Enter device details (Management IP, Username, Password and License key) on device_info.csv

Template Details: VXLAN EVPN Asymmetric IRB with MCLAG in the given topology

• Devices used

Configuring Devices

Most fabric orchestration solutions available today are complex and often difficult to understand. ONES provides simple and effective tools, such as predefined templates (YAML file), to configure data centers at scale. ONES allows a customized way of configuring devices that includes enhancements to the standard configuration.