Scaling the Facebook backbone through Zero Touch Provisioning (ZTP)

Zero Touch Provisioning is a method of configuring network devices through DHCP from a factory-blank state. In response to a DHCP-DISCOVER, a device is given eithe …

Zero Touch Provisioning is a method of configuring network devices through DHCP from a factory-blank state. In response to a DHCP-DISCOVER, a device is given either a configuration file or a configuration script to execute on the network device. For the scripted option, how the script executes and what it’s capable of varies by each vendor (so far) and by network role. After configuring itself, the device will typically reboot and voila, FIN! But, no, in real life we have other things to do before releasing a device to production. We also have had interesting problems of not being able to generate configuration prior to physically installing a device - so if you don’t have configuration pre-generated, how do you respond to a DHCP request with a configuration file? This problem led us to develop a workflow automation system wrapped around ZTP whereby ZTP is a step in the early portion of a workflow but not necessarily the beginning. By wrapping other automation steps before, during, and after, we were able to bring end-to-end automation to the provisioning space while greatly reducing errors and failures. In this talk, I am going to focus on how we provision our backbone devices using ZTP, dive deep into the workflow automation built to rid ourselves of endless MOPs (procedural documents executed by human technicians), briefly show the changes we made on our DHCP stack (ISC’s open-source DHCP server) to parse and respond to our various vendors with a per-device specific Python agent, and dive into our use of a Python agent running on-box.