/suzieq

Using network observability to operate and design healthier networks

Primary LanguagePythonApache License 2.0Apache-2.0

integration-tests GitHub release (latest by date) GitHub Docker Image Version (latest by date) Docker Image Size (latest by date) Docker Pulls

SuzieQ -- Healthier Networks Through Network Observability

Would you like to be able to easily answer trivial questions such as how many unique prefixes are there in your routing table, or how many MAC addresses are there in the MAC tables across the network? How about more difficult questions, such as what changes did your routing table see between 10 pm and midnight last night, or which of your nodes have been up the longest, or which BGP sessions have had the most routing updates? How about being able to answer if your OSPF (or BGP) sessions are working correctly, or is all well with your EVPN? How about a quick way to determine the amount of ECMP at every hop between two endpoints? Do you wish you could easily validate the configuration you deployed across your network?

Do you login to every network node you have to figure out answers to a questions like these? Do you then struggle to piece the information together into a consistent whole across the various formats provided by various vendors? Do you wish you had an open source, multi-vendor tool that could help you answer questions like these and more?

If you answered yes to one or more of these questions, then SuzieQ is a tool that we think will be interesting to you. SuzieQ helps you find things in your network.

SuzieQ is both a framework and an application using that framework, that is focused on improving the observability of your network. We define observability as the ability of a system to answer either trivial or complex questions that you pose as you go about operating your network. How easily you can answer your questions is a measure of how good the system's observability is. A good observable system goes well beyond monitoring and alerting. SuzieQ is primarily meant for use by network engineers and designers.

SuzieQ does multiple things. It collects data from devices and systems across your network. It normalizes the data and then stores it in a vendor independent way. Then it allows analysis of that data. With the applications that we build on top of the framework we want to demonstrate a different and more systematic approach to thinking about networks. We want to show how useful it is to think of your network holistically.

An enterprise version of SuzieQ is also available. It has been deployed in production by multiple customers, and the company behind SuzieQ, Stardust Systems was named a "Cool Vendor" by Gartner for making network automation easy for enterprises.

Quick Start

Using Docker Container

We want to make it as easy as possible for you to start engaging with SuzieQ so we have a demo that has data included in the image. To get started:

  • docker run -it -p 8501:8501 --name suzieq netenglabs/suzieq-demo
  • suzieq-cli for the CLI OR
  • suzieq-gui for the GUI. Connect to http://localhost:8501 via the browser to access the GUI

When you're within the suzieq-cli, you can run device unique columns=namespace to see the list of different scenarios, we've gathered data for.

Additional information about running the analyzer (suzieq-cli) is available via the official documentation page.

To start collecting data for your network, create an inventory file to gather the data from following the instructions here. Decide the directory where the data will be stored (ensure you have sufficient available space if you're going to be running the poller, say 100 MB at least). Lets call this dbdir. Now launch the suzieq docker container as follows:

  • docker run -it -v <parquet-out-local-dir>:/home/suzieq/parquet -v <inventory-file>:/home/suzieq/inventory.yml --name sq-poller netenglabs/suzieq:latest
  • Launch the poller with the appropriate options. For example, sq-poller -D inventory.yml -n mydatacenter where mydatacenter is the name of the namespace where the data associated with the inventory is stored and inventory.yml is the inventory file in SuzieQ poller native format (Use -a instead of -D if you're using Ansible inventory file format).

Using Python Packaging

If you don't want to use docker container or cannot use a docker container, an alternative approach is to install SuzieQ as a python package. It is strongly recommended to install suzieq inside a virtual environment. If you already use a tool to create and manage virtual environments, you can skip the step of creating a virtual environment below.

SuzieQ requires python version 3.7.1 at least, and has been tested with python versions 3.7 and 3.8. It has not been tested to work on Windows. Use Linux (recommended) or macOS. To create a virtual environment, in case you haven't got a tool to create one, type:

python -m venv suzieq

This creates a directory called suzieq and all suzieq related info is stored there. Switch to that directory and activate the virtual environment with:

source activate

Now the virtual environment is alive and you can install suzieq. To install suzieq, execute:

pip install suzieq

Once the command completes, you have the main programs of suzieq available for use:

  • sq-poller: For polling the devices and gathering the data
  • suzieq-gui: For launching the GUI
  • suzieq-cli: For running the CLI
  • sq-rest-server: For running the REST API server

The official documentation is at suzieq.readthedocs.io, and you can watch the screencasts about SuzieQ on Youtube.

Analysis

SuzieQ supports Analysis using CLI, GUI, REST API, and python objects. For the most part they are equivalent, though with the GUI we have combined the output of multiple commands of the CLI into one page.

The GUI has a status page to let you know what the status of entities in your network. SuzieQ GUI status

The Xplore page lets you dive into what is in your network. Explore device

The CLI supports the same kind of analysis as the explore page. CLI device

More examples of the CLI can be seen in the docs and blog posts we've created.

Path

SuzieQ has the ability to show the path between two IP addresses, including the ability to show the path through EVPN overlay. You can use this to see each of the paths from a source to a destination and to see if you have anything asymmetrical in your paths. GUI PATH

Asserts

One of SuzieQ's powerful capabilities are asserts, which are statements that should be true in the network. We've only just started on asserts; what SuzieQ has now only demonstrates it's power, there's a lot more to be added in this space. interfaces assert

SuzieQ Data

SuzieQ supports gathering data from Cumulus, EOS, IOS, IOSXE, IOSXR, JunOS(QFX, EX, MX and SRX platforms and Evolved OS), Palo Alto's Panos (version 8.0 or higher), NXOS and SONIC routers, and Linux servers. SuzieQ gathers:

  • Basic device info including serial number, model, version, platform etc.
  • Interfaces
  • LLDP
  • MAC address table (VPLS MAC table for Junos MX)
  • MLAG
  • Routing table
  • ARP/ND table
  • OSPFv2
  • BGP
  • EVPN VNI info

We're adding support for more platforms and features with every release. See the documentation on details of specific tables and its NOS support.

We're also looking for collaborators to help us make SuzieQ a truly useful multi-vendor, open source platform for observing all aspects of networking. Please read the collaboration document for ideas on how you can help.

Release Notes

The official release notes are here.

Engage

You can join the conversation via slack. Send email to suzieq AT stardustsystems.net with the email address to send the Slack invitation to.

Additional Documentation & Screencasts

We've done some blogging about SuzieQ:

We've also been adding screencasts on Youtube.

SuzieQ Enterprise

SuzieQ also has a commercial offering, SuzieQ Enterprise. To know more about this and contact us, please visit the Stardust Systems website.