AVIZ Support Overview

Network Assurance helps the NetOps team validate policy and security compliance checks before making a change in network configuration, an intelligent set of proactive and predictive techniques that validate the Network for readiness without error, conflicts, and disruptions

Aviz Support team is located across four timezones offering 24x7 SONiC and related product support for multi-vendor switches and ASICs. Using our support portal, we offer you to

• Collaborate with our SONiC experts to expedite your evaluations

• Speed up your SONiC troubleshooting SLAs to as low as 15 minutes regardless of the underlying Switch/ASIC platform

• Minimize operational delays by centralizing issues across multiple platforms

Users can reach out to customer support on

Supports Options are available:

• Integrated Chat

• Submit a Ticket

• Send an email to support@aviznetworks.com

Refer to the "" section of this document for more details

ONES Supportability

To connect with customer support users can choose the support option available on ONES-UI

• Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal

• Login to https://support.aviznetworks.com with your account credentials

• Click on the Downloads section, under ONES, click to download ONES Release 1.2

• Copy ONES Release 1.2 package (tar.gz) to ONES Application machine

Installation Overview

ONES Installation follows the below steps in the order sequence of;

• License Readiness

• Preparing and Installing ONES Application machine

• Installing ONES Agents on SONiC Switches for Orchestrator and Telemetry

• Enabling OpenConfig on non-SONiC Switches for Telemetry

License Readiness

The installer allows a default capability for managing 8 devices without a license. Beyond this, the following license key is required for proceeding with the Installation;

• ONES Application License (As per device count)

To obtain a license, contact support@aviznetworks.com providing the below details;

• License Duration - In Years (1-5)

• Devices Count - 8, 32, 64, 128, 256, 512 or 1024

• ONES installation ID

System Hardware Requirements – ONES Application

In the current release, ONES can support managing up to 1024 devices. For ONES Application Installation, the system hardware requirements vary based on the number of devices to manage;

System Software Requirements - ONES Application

Customer Firewall Configuration (Ports to be opened)

Network Switch (Managed Node) Configuration Requirement

• SSH is enabled

• Network Reachability from ONES Application

• OpenConfig feature is enabled (for non-SONiC Switches)

Browser Requirements for ONES Web User Interface access

• Google Chrome version 107 or later

• Mozilla Firefox version 106 or later

Introduction and Overview

Open Networking Enterprise Suite (ONES) is a Network Orchestration, Visibility, and Assurance solution for multi-vendor and multi-NOS operated Network Infrastructure. ONES provides a one-stop solution from delivering deep visibility into your datacenter networks to extending 24x7 support functions for SONiC. It also hosts a powerful analytics engine that assists users to identify network issues and troubleshoot their networks, in case of common network anomalies and disruptions.

ONES uses a YAML-based Device Discovery Template for adding switches and continuously collects streaming telemetry data from them to provide insights on;

• Data Center Inventory

• Network State

• Platform and System Health

ONES monitors various control and data plane metrics to provide these insights.

ONES orchestration provide network admins to automate the fabric configuration using configuration templates for provisioning physical interfaces, layer 3 configuration for building IP-CLOS fabric using BGP as a routing protocol including BGP-unnumbered, system services including NTP, SNMP, SYSLOG etc. ONES orchestration not only configures the fabric but also make sure the Fabric is operational by doing verifying the configuration at every stage.

ONES provides north bound API access for configurations originating from external orchestration tools.

Why do we need Network Orchestration?

Orchestration refers to tasks or actions required to achieve a set of objectives for your Network Infrastructure operations

A centralized application like ONES translates these objectives into a network configuration template, applies and monitors to validate the operational efficiency and functionality

Automated tasks are performed on your Network Fabric in a purposeful order and each step is verified for success before moving to the next

ONES Orchestration - Overview

ONES Orchestration function on the application lets you compose, deploy, and validate network configurations across any SONiC, be it a Community version or a Vendor distro.

As part of the initial release, ONES Orchestration supports to

• Create and configure CLOS topology for ToR, Leaf, Spine, and Super-Spine layers

• Apply and validate configurations pre- and post-deployment

• Compare running configs against applied configs at any point

ONES Orchestration use cases are configured using a set of pre-defined YAML-based templates on ONES Web User Interface

Overview

ONES Telemetry Collector(s) and Analytics bring truly unparalleled visibility across all your switches running SONiC (both community and vendor distros), regardless of the underlying ASIC. ONES front end (UI), will enable network admins to;

• Manage inventory of your network devices running SONiC on Broadcom, Cisco, Marvell, Nvidia ASICs

• View the topology of the entire fabric across multiple hardware platforms, and network operating systems

• Monitor traffic, system health, bandwidth utilization, & more

• Track Switch CPU/memory consumption, bandwidth, link failures, traffic errors, and more in real-time

• Proactively identify and resolve issues that may lead to network downtime

• Instantly connect to individual devices for maintenance and troubleshooting

Overview

ONES requires user to install the below agents on SONiC NOS to allow Network Orchestration and Visibility

• ONES Orchestrator Agent for Network Orchestration

• ONES Telemetry Agent for Telemetry Data Streaming (Network Visibility)

NOTE: for non-SONiC switches,

• OpenConfig feature on its NOS needs to be enabled for Network Visibility (Telemetry Data Streaming)

• Network Orchestration is not supported

ONES Application system - Installation Steps

• Enable super-user mode

user@ones-application:~$ sudo su

• Extract the contents of the downloaded ONES Installer tar.gz file to this folder

root@ones-application:~$ mkdir ONES-1.2

root@ones-application:~$ tar -xvf ONES-1.2.tar.gz -C ONES-1.2

• Go to ONES-1.2 folder on the server machine

root@ones-aplication:~$ cd ONES-1.2

• Run ones-installer.sh to Install the ONES application function

root@ones-application:~/ONES-1.2$ ./ones-installer.sh

1. By default, the installer has a license for 8 devices upto 30days

2. ONESv1.2 support SSL certificate integration

   1. User can choose YES if the User wants to integrate their own SSL certificate

1. The installation allows a user to enable DB backup

   1. Users can choose the local or remote location to backup the database

   2. By-Default application creates a database backup in every 86400 seconds(1 day), but user can modify it as per the requirement

NOTE: The system might have multiple IP addresses, so the user can use any one IP to access ONES-UI.

• Installation begins

• Access ONES Application Web GUI from a supported browser using https://<host-ip>

Activation:

• For Trail, user can choose Start A Trial (valid for 30days)

• For Activation, user can choose Activate License if the user has an activation key of any subscription

Start A Trail

• Use Default credentials as below;

  • Username: superadmin

  • Password : Admin@123

Login To ONES

• After Resetting the password use new credentials to login

• You will see the default Dashboard → Hardware view

Activate License

Get the Activation key

• Share ONES installation ID to the AVIZ support team

• As per PO, the AVIZ team will share the Activation key

• Paste the activation key and Activate

ONES provides the following subscriptions to manage and monitor the devices.

Overview

There are three primary components of ONES Application

• ONES Telemetry Collector(s) for Network Visibility

ONES is a support application for SONiC stack. It is designed for customer's engineering team such as SRE’s, HW and SW engineering teams for their daily network diagnosis and troubleshooting needs. In addition to that ONES exposes the API to integrate with external tools or customer homegrown applications.

This section describes how ONES authenticates users and secures communication.

Supported Matrix

On the ONES Application server, go to ONES-1.2/ones_fm_agent

root@ones-application:~$ cd /ONES-1.2/ones_fm_agent

Installation (Agent Install on multiple switches at the same time)

Hardware (Default)

The dashboard provides the NetOps with an overview of the data centre. It contains the entire hardware inventory of the network and shows the status whether these switches are streaming or not streaming.

ONES Application can be integrated in the network as a Virtual Machine(VM) Package

VM Packages

• QCOW2 Package: Qcow2 can be imported any KVM Hypervisor based application

• OVA/OVF Package: OVA can import in

  • VMware workstation/Fusion

  • ESXI Server

  • Virtual-Box

VM Package Upgrade

• QCOW2 & OVA, both packages are supported for an upgrade to latest version

To access the ONES application, use Server IP with HTTPS

https://<host-ip>

Use default credentials to login, refer Installing ONES Application page for default credentials

Overview

The monitor widget in ONES:

• Shows the complete topology view of the fabric

• The Topology view can be filtered by:

  • Region

  • Brick

• This page shows all the links and information connected to each other

• Low and high utilization of all components

• Input / Output errors on links

• ASIC detailed view of all managed devices

• BGP status

  • Neighbour Count

  • Neighbor status (Up/Down)

• Traffic View

  • input/output packets in million per sec

  • Errors and Discard packets per interface

NOTE: If all the managed devices have the same Region/Brick ID, we do not get any filter ribbon

Topology

• Navigate to Monitor >> Topology

• This shows the complete Topology view, how the devices are connected and to which role they belong to

• We can put the filters to check the customized view of the Diagram by: Region Availability Zone Brick ID

NOTE: we do not get filter ribbon if all devices belong to the same Region/Availability Zone/Brick ID

• We can also check Down Links to check the topology those are having links in the shutdown state as per Role

  • Super Spine

  • Spine

• Users can easily filter the view as per the Region, Availability zone and Brick ID

Links

This page gives a view to the user for all the possible connected links between devices with a few more capabilities

• Navigate to Monitor >> Links

• This page helps a user to get the best view of the number of connections between devices with speed and other manufacturer details

• This page gives the exact view of the interface name, interface speed, transceivers and admin & operator status

Links View with Filter Ribbon

• We can also have a filtered view of links

• Choose a specific Role and Region to filter

• let's choose:

Platform

This page shows the latest utilization of the devices with CPU & Memory utilization, Temperature & Voltage of PSU, and fan speed in RPM

• Navigate to Monitor >> Platform

Platform Status

Platform Status is reported for the following components

• Roles

• SKU/ASIC

• Ports/Max Speed

Customized View

• We can check the health of the device as per some customization

• We can filter the devices by:

  • Roles

Role-based Customization

• We can choose a role using the available Role-based option

• 4 Roles available

  • Super Spine

Region-based Customization

• We can choose a role using the available Region-based option

• Two roles available

  • San Jose

Role / Region based Customization

• We have the liberty to do the filtering by both combination Role-based and Region based at the same time

• As of now, we have two Region available

  • San Jose

Per Device Status

• This Platform Widget also gives the option to check the extended capability view of the device

• Apart from this monitoring view, we can also verify/check extended feature sets like:

  • PSU Current (A)

• When we choose a specific device we get an output like this

Device Info Ribbon

CPU Utilization (%)

• Here we get the complete status of CPU utilization with a time range A complete status What was the utilization from starting to end

• To check a specific time detail we can hover the cursor to any level

Memory Utilization (%)

• Now here we get the status of memory utilization of selected device

• To check a specific time detail with memory utilization, we can hover the cursor to any level

CPU Temperature (C)

• This template shows the status of CPU temperature in degree celsius

• Here we get the status of all the CPU and Core running on the device

• To check a specific time detail for all the CPU/Cores, we can hover the cursor on any level

• We can also check Per CPU Core details

• We can see here the customized view per CPU Core

Fan Speed (%)

• Here we get the status of the FAN speed percentage level across all fans available on the device

• To check a specific time detail we can hover the cursor on any level

• We can choose to view the customized view of a few fans at once

• Here we can see the output of fan1 and fan7 in this customized view

• When we move the cursor to check the exact status of fans at a particular time

PSU Temperature (C)

• This widget provides the status of the Power Supply Unit (PSU) temperature (in degree celsius) across all power supplies available on a particular device.

• To check a specific time detail we can hover the cursor on any level

• We can choose to view the customized view of a few PSUs at once

• In our case, we have 2 PSUs, so now let's choose one of them and check the output

• When we move the cursor to check the exact status of the PSU at a particular time

PSU Voltage (V)

• This widget provides the status of the Power Supply Unit (PSU) voltage across all power supplies available on a particular device.

• To check a specific time detail we can hover the cursor on any level

• Same we can check the customized view by choosing one or two PSUs

• Let us choose one of the PSU to check individual Voltage, so here we have taken PSU2 to check individual Voltage

PSU Current (A)

• This widget provides the status of the Power Supply Unit (PSU) current in Amperes, across all PSUs available on a particular device.

• To check a specific time detail, hover the cursor on any level

• Same here as per other power supply customized views we can also check the customized view here by choosing specific PSUs

PSU Power (W)

• Here we get the status of Power supply power in Watt across all power supply present on the device

• To check a specific time detail we can hover the cursor on any level

• We can also check the customized view of this

Services Running

• The best widget here for Services

• We can also check the total number of count of services running on the platform

• This graph shows the red colour bar, red colour show at what time one of the services went down

• To check a specific time detail we can hover the cursor on any level

• Here we get the name and count of all the services running on the platform

Services CPU Consumption (%)

• This widget shows us the CPU consumption percentage level of all services / per service.

• Here we can see we have the option to check the consumption view of CPU

• To check a specific time detail we can hover the cursor on any level

• When we get this output we get a clear view of both CPU Utilization per service based

• We can also customise the view of this widget by choosing some specific application

• We have all the services button here to choose

• Again we can check the view of all the services we need

• So here is the view of only the BGP service

• We can see the CPU and Memory consumption for these 2 services

Services Memory Consumption (%)

• This widget shows us the Memory consumption percentage level of all services / per service.

• Here we can also check the consumption view of only Memory.

• To check a specific time detail we can hover the cursor on any level

• Here we get a clear view of Memory Utilization per service based

• We can also customise the view of this widget by choosing some specific application

• We have all the services button here to choose

• So here is the view of only the BGP service

ASIC

This page shows the view of ASIC Capacity and a few more details related to ASIC

• This widget Shows

  • Roles/Region per device

  • SKU and ASIC details per device

This ASIC Widget give us the control to get the output per Role and Region basis also

• Let's choose Leaf Role to get the customized view

• In the same way, we can customize the view by Region

Per Device Status

This widget gives us the capability to check the extended view of the Routes & ACL usage with a range of time

Click on any of the devices to get the extended view

BGP

This BGP Page shares the data of BGP neighbours present across managed devices

Neighbor View

This shows the status of the neighbour's details, the total number of neighbours, received routes, neighbour RID, BGP AS number & much more​​We have the option here to check the neighbour details and status of Routes​​We can click on neighbours to get more details about all neighbours connected

Per device status (Neighbour's & Announcement)

The user can get per-device status by choosing a particular Device

• Click on the device name to get the status

• This new page shows the status of BGP neighbours about UP and Down status

• On right side it shows the BGP announcements and the local prefixes present in BGP table

Customized view

• This page gives us the power to check neighbours as per Roles and Region-based

• Let's check how we can filter as per Role-based

• Here is the global view of all the Devices with BGP status

• After having only Leaf Roles here is the modified output

Traffic

• Using this widget we can check the input and output errors across all the devices

• This widget also shows the input and output packet per device

• Navigate to Monitor >> Traffic

• This page shows the information:

  • Bandwidth utilization in percentage

  • Input packets per second in millions

• This page shows the traffic drop rate per interface based and will be very useful while doing any troubleshooting for a traffic drop

• Using these details a user can check more details inside to fix the issue of dropping/discarding packets

Upgrade Process

• To upgrade any VM (QCOW or OVA)

  • Download the ONES installation package

  • Follow the to upgrade the ONES to New Version

• Navigate to Inventory

• This page gives the control to onboard the devices with two options

  • Add/Remove Devices using the YAML Editor

  • Upload the YAML file containing the device list

• Click on Add/Remove Devices

• Upload Device Inventory using YAML Editor

• Navigate to Inventory >> Devices >> Add/Remove Devices

• Make sure to use the correct indentation for the YAML files

• Make sure the Switch Name matches to Hostname of the switch

• Click Save & Apply

• ONES Application is now ready to manage the added devices

ONES User Interface - Features

• YAML-based Device Discovery

• Deep Telemetry for ASIC and Switch Hardware

• Device Inventory details on

  • Network Operating System (NOS)

  • Firmware versions - ONIE, BIOS, and CPLD

• Inventory Operations

  • Adding/Removing devices using YAML

  • Agent Status Monitoring

• Device Monitoring

  • Device Up/Down State based on Agent and Agent-less

  • Region and Zone Mapping

• Network Compliance with version checks on

  • Telemetry Agent

  • Orchestrator Agent

• Resource Trends

  • CPU and Memory Utilization

  • PSU and Fan Readings

• Topology View

  • Device Connectivity view across Roles and Location

  • Link/Connectivity Status

• Routing Protocol

  • BGP Neighbors

  • Advertised and Received Prefixes

• Orchestrator Use Cases

  • YAML-based Configuration push

  • Image Management via ZTP

• Licensing

  • Application License

  • Telemetry Agent License

• • Add/Edit/Delete User

  • Role Management

• API Access for configurations originating from External Orchestration Tools

ONES allows users to leverage pre-defined templates, and customize them for Ports, IPv4/IPv6 Routes, BGP-Unnumbered, and Switch Services (NTP, SNMP, SYSLOG, ZTP, etc.) functions

On the Application machine, go to ONES-1.2/ones_t_agent folder

root@ones-application:~$ cd /ONES-1.2/ones_t_agent

Installation (Agent Install on multiple switches at the same time)

• Enter device details (Management IP, Username and Password ) in device_info.csv

root@ones-application/ONES-1.2/ones_t_agent:~$ vi device_info.csv

• Save the File

• Verify and Clean up old versions of Agents running

root@ones-application/ONES-1.2/ones_t_agent:~$ python3 ones_agent_uninstaller.py

• Execute the installation script can be used for installing telemetry agent on one or more devices in the data center.

root@ones-application/ONES-1.2/ones_t_agent:~$ python3 ones_agent_parallel_installer.py

QCOW Integration

Download Qcow2 Package

• Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal

• Login to with your account credentials

• Click on the Downloads section, under ONES, click to download ONES Release 1.2

• Copy ONES Release 1.2 package (qcow2) to KVM Hypervisor Server

Create the VM using GUI App virt-manager

If your host server has Ubuntu Desktop and virt-manager installed you can use it to deploy the VM. Make sure you can start the Virtual Machine Manager and that it connects successfully to the local hypervisor.

Creating a VM with virt-manager is very straightforward, Use the following steps to deploy the ONES-Application

• File -> New Virtual Machine -> Import existing disk image -> Forward

Now the ONES Application is ready to use

Console Access using RDP

Console Access using SSH to Server

Credentials to access ONES QCOW2 VM

OVA Integration

Download OVA Package

• Work with Aviz Sales/Support contact to create an account on Aviz Networks Support Portal

• Login to with your account credentials

• Click on the Downloads section, under ONES, click to download ONES Release 1.2

Credentials to access ONES OVA VM

You can onboard all the devices on the application and can get a complete view of all the populated tables

• The Inventory tab has the below mentioned features:

  • Custom OS upgrade: Upgrade the device OS with any customised image. You need to provide the correct path to ensure the OS is updated successfully

Template Details: BGP IP-CLOS with MCLAG in the given topology

• Devices used

Overview

Using this feature setting we can set the acceptable and critical percentage level for the following device components

This page gives the control over the widget refresh timer and user idle state

Users can set the manual timer to refresh all the widgets after a time interval (default is 30sec)

• Navigate to Configurations >> Devices

• Allows you to configure new devices

• Supports valid YAML files

Overview

Use this feature to

• Create new users and roles

• Remove and suspend existing user one by one

• Remove and suspend multiple users at the same time

• Password reset of existing users

Only super admin or Enterprise admin can perform these actions

Users

• Navigate to User Management >> Accounts >> Users

• Initially, we get one default Admin User Credential

• In this view, we get the User status and Role given to it and the Last login time by the user.

• On this User tab, we can Add new users and can remove or suspend any existing users

Users - Add New

• Navigate to Accounts >> Users >> Add

• Admin can add

  • Profile picture

  • Username

"on the first login by the user with given details, ONES application prompt with a screen to rest the password

• Now User is ready to login with valid credentials

Users - Reset Password

• Navigate to Accounts >> Users >> Edit User >> Reset Password >> Yes

• Using Admin credentials you can reset the user password

• Click on Reset Password

• Submit & Save

• After this user can try login with the temporary password, on the first login, ONES application actively asks to change the password

Users - Remove User

• Navigate to Accounts >> Users >> ((Select Users you want to remove)) >> remove >> Yes

• We can remove multiple users at a time

• After this, the user will be removed from the database and cannot use credentials to login again

Users - Suspend User

• Instead of removing any user, we can also suspend the user

• Once we suspend a user it will not be removed from the database but it will be in an Inactive state in the database

• Later if we need we can restore the user to its active state

• Choose users & click on Suspend

Users - Restore User

• Navigate to Accounts >> Users >> ((Select Users you want to restore)) >> Restore >> Yes

Roles

• Navigate to Account >> Roles

• By default, the device comes with these 4 Roles

  • Super Admin

  • Enterprise Admin

Roles - Add User Roles

• Navigate to Accounts >> Roles

• Now let's add few extra permissions

  • Add/Remove Devices

Configuring Devices

Most fabric orchestration solutions available today are complex and often difficult to understand. ONES provides simple and effective tools, such as predefined templates (YAML file), to configure data centers at scale. ONES allows a customized way of configuring devices that includes enhancements to the standard configuration.