Network Field Day 23: Apstra Manages Your Datacenter Fabric

This blog discusses the #NFD23 Apstra presentations. 

My overall take on Network Field Day 23 (“NFD23”) can be found on the NetCraftsmen blog page. I’m following that up with vendor-specific blogs on LinkedIn, summarizing what I found noteworthy and with more links to videos, etc. The goal is to inform you about the technology while enabling you decide which NFD23 vendor presentations you might want to watch!

Update: Since this article was first drafted in November 2020, Juniper has indicated intent to acquire Apstra! 

About Apstra

Thanks to Network Field Day, I’ve been tracking Apstra since its early days. Interesting company!

TL;DR: The Apstra product manages multi-vendor datacenter switch fabrics, with a focus on simplicity. The presentations covered some new/recent features. 

In terms of features, well, what I know best is the Cisco space. The datacenter fabric management choices in the Cisco orbit are: CLI, DCNM, and ACI. When discussing a new datacenter design with a customer I usually go over the attributes of each of these choices with the customer, to determine best match to customer requirements. 

I see Apstra’s positioning as somewhat similar to Cisco ACI (control small or large fabrics), but with different emphases. 

One factor that may favor Apstra is simplicity. ACI is well on its way to becoming a cloud and Kubernetes control and policy platform, with ensuing complexity. 

Apstra (currently) is for managing your physical datacenters, be they in-house or private cloud (i.e. rented switches and servers somewhere). Apstra emphasizes its operations focus. 

Apstra happened to present the same day as Cisco presented about NSO. I’ll blog about Cisco / NSO separately. NSO appears to be a good bit more CLI, configuration / template, and code branch focused, but with capabilities to configure a broader range of devices and use cases. And a matching learning curve! Apstra’s network centricity, apparent simplicity, and operations support stand out in comparison. 

The Case for Apstra

Here are some key attributes of Apstra’s datacenter operating system:

• Enterprise datacenter products automation (including some VMware interaction), with other use case coverage being added
• Intent-based EVPN VXLAN, MLAG, and DCI (datacenter interconnect), focus on adding additional EPVN features
• Eliminate EVPN datacenter configuration complexity
• Single Source of Truth (SSOT)
• Provides a system view / perspective, versus configurations or per-device
• Automatically does continuous validation via telemetry
• Stores configurations, validation results, and telemetry in repository
• Supports config rollback, diffs
• Heat map / display headroom
• Greatly improves reliability, “eliminates” outages
• Multi-vendor (Cisco, Arista, Dell, Juniper, Nvidia/Cumulus, & SONiC switches) 

The Presentations

The presentation started with the “sales pitch” – the product features etc. Which I covered above, supplemented via some recent articles (see References below). 

The following screen capture indicates Apstra’s take on things. 

The presentation then went into EVPN, configuration audits, end to end view of the network as a system, etc. Followed by a demo showing 2 datacenters (small ones for demo purposes). The demo showed breaking one of the two networks and how to discover the problem using Apstra, by determining what was affected and what changed.  

The following screen captures from the demo show the two Apstra blueprints (sites) side by side: Austin and Edinburgh. The first is included to give you some idea of the “dashboard” look and feel. 

The next screen capture shows a bit more of the various kinds of monitoring that Apstra does automatically. 

The right side of the above gives some idea of the different types of assurance monitoring Apstra is doing. 

The demo continued walking through creating an outage (mis-configuration) and tracking it down. Well worth watching to get to understand the GUI better!

Rollbacks and Time Voyager

The presentation eventually shifted to rollbacks and Time Voyager, comparing commits and state at various times. Configuration (service changes are tied to telemetry and analytics (assurance), all automated. Within seconds. Telemetry is rebuilt on the fly, within seconds. 

A demo of Time Voyager was part of this discussion. By way of explanation: Apstra’s modeling / storage is graph-based. 

The following screen capture explains Time Voyager. 

Note that you can do diff on commits, across separate branches. 

For more, please watch the video(s), which can be found via the NFD Apstra page (links elsewhere in this article). 

Product

Some items about the product were then covered:

• AOS is distributed as a VM. Lightweight. 
• "No" latency sensitivity (?!!!)
• Can manage multiple blueprints (networks). 
• (See also later discussion) Blueprints have been tested to around 2000 devices. 
• Can do up to five stage fabrics
• RBAC
• Can lock down so Ops support staff can troubleshoot but not make changes (if desired)

Visualize Traffic Trends

Apstra can display an automatically generated network diagram between any two points, and superimpose traffic stats (“heat”)! This was demonstrated using a somewhat larger topology. Real-time versus time series views are available.

This capability gets traffic stats every 10 seconds, and the web display refreshes every 30 seconds. You can “dial that down” if you wish. This is done in scalable fashion. 

See the recorded video for details and a lot more looks at the traffic / diagram options. 

SONiC

Apstra provides SONiC support, enabling enteprises to operationalize SONiC in their datacenters. Apstra has a full Apstra SONiC distro available. 

The presentation went into some more details about SONiC, partnering, etc. 

After some discussion, there was (of course, it’s NFD!) a demo of SONiC on a five node network. Since Apstra is intent based, configurations are rendered from the intent, not stored per se. The demo included toggling the OS on Arista switches from EOS to SONiC. 

Conclusions

Apstra looks like an interesting choice well worth considering if you’re building a datacenter VXLAN EVPN fabric and looking for simplicity and/or multi-vendor support. 

References

Blogs and recorded videos from NFD23 about Apstra are available – just follow the link at the beginning of this sentence!  In particular, you can check out what other NFD23 delegates had to say about the products above, or watch the videos for more detail. 

If you want to start viewing other video recordings of NFD23, follow that NFD23 link and click on the appropriate vendor icon. That’ll take you to a page listing the videos available as well as blogs, both for NFD23 and prior Tech Field Day events. 

There is a good recent Apstra article covering much of the above topics here. Also here.

Comments        

Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on deeper discussion via comments. Thanks in advance! 

Disclosure statement

Hashtags: #NetCraftsmen #TheNetcraftsmenWay #CiscoChampion #NFD23

Twitter: @pjwelcher

LinkedIn: Peter Welcher