Anuta ATOM

Anuta ATOM User & Administration Guide

Table of Contents

Getting Started with ATOM

Intended Audience

This document is intended for Network Administrators & Operators that are using ATOM to perform Network management, configuration management, services automation and MOPs.

References

  • ATOM Deployment Guide – All aspects of ATOM Deployment including sizing and deployment process
  • ATOM User Guide – Master [This Document]
  • ATOM User Guide – Remote Agent Deployment Guide
  • ATOM User Guide – Performance Management & Alerting
  • ATOM User Guide – Network Configuration Compliance, Reporting & Remediation
  • ATOM API Guide – Discusses all external interfaces and integration flows
  • ATOM Platform Guide – Discusses Service model, Device model and Workflow development

ATOM Solution Overview

Following sections provide a brief overview of ATOM Features.

Configuration Management

ATOM provides Configuration management capabilities for a wide variety of devices. This includes configuration archival, scheduling, trigger driven configuration sync, configuration diff etc.,

Topology

ATOM provides topology discovery through CDP & LLDP. Topology can be displayed hierarchically using Resource Pools (Device Groups). Topology overlays Alarms and Performance information.

Collection & Reporting

ATOM supports collection of network operational and performance data through various protocols like SNMP, SNMP Trap, Syslog & Telemetry. Such information can be visualized in ATOM as reports or can be rendered on Grafana as Charts. Admin guide discusses Report customization in further detail.

Network Automation

ATOM provides Model driven Network automation for stateful services. Stateful services involve a Service model (YANG) and some business logic. Service model development is covered in ATOM Platform guide. Admin guide discusses how to deploy & operate a service.

Workflow & Low Code Automation

ATOM provides an intuitive graphical designer to design, deploy and execute simple or complicated network operations and procedures. It allows the administrator to configure pre-checks, post-checks and approval flow. Workflow creation flows will be covered in the ATOM Platform Guide. Admin guide discusses how to deploy & operate.

Telemetry & Network Analytics

In today’s economy, data is the new oil. Anuta’s ATOM helps organizations collect a massive amount of network data from thousands of devices and generate detailed in-depth insights that will help them deliver innovative applications and solutions to their customers. ATOM can collect network data from a variety of sources including model-driven telemetry, SNMP and Syslog. The diverse data format of each source is normalized to provide a single consistent view to the administrator. Grafana is packaged as part of ATOM to view historical data, observe patterns and predict future trends. Organizations can integrate their Big Data and AI platform with ATOM to generate business insights from the network element configuration and operational state.

Procedure to Create Native Telemetry Collection

  • Create a new Telemetry Collection
    • Provide the name of collection
    • Choose Junos as platform
    • Select the transport as UDP which we will auto select the encoding as compact GPB with Dial Out Mode
  • To configure resource filtering on device, select the filtering tab and choose the sensor name in dropdown & add regex pattern to configure
    • Select ALL option, if we have same resource filter across sensors
  • Once telemetry collection is provisioned, users can’t edit the entry.
    • Subscription is not required in this case.

Closed Loop Automation

Anuta ATOM allows administrators to define a baseline behavior of their network and remediation actions to be initiated on any violation of this behavior. ATOM collects a large amount of network data from multi-vendor infrastructure using Google Protobufs and stores in a time series database. ATOM correlation engine constantly monitors and compares the collected data with the baseline behavior to detect any deviations. On any violation, the pre-defined remediation action is triggered thereby always maintaining network consistency.

The solution simplifies troubleshooting by providing the context of the entire network. Customers can define KPI metrics and corrective actions to automate SLA compliance.

Multi-Vendor support

Anuta ATOM has the most comprehensive vendor support. It supports thousands of devices spanning across 45+ vendors and automates all the use-cases including Data Center Automation, InterCloud, Micro-Segmentation, Security as a Service, LBaaS, Campus/Access, Branch/WAN, IP/MPLS Edge, Virtual CPE, and NFV.

odel (YANG)

Multi Tenancy

ATOM supports Multi-Tenancy across organizations and Sub-Tenancy within an Organization.

  • Multi-Tenancy – Supported on ATOM On-Premises & ATOM Silo/Dedicated Deployment on ATOM Cloud.
    • Tenants (Coke, Pepsi etc.,) are completely isolated from each other.
  • Sub-Tenancy – Supported on All ATOM Deployments – On-Premises, ATOM Cloud Silo/Dedicated and also ATOM Cloud Shared.
    • Data sharing across sub-tenants (Coke.east, Coke.west, Coke.it etc.,) is controlled by Tenant Admin.
    • By Default Data at a higher Level Tenant is Visible to the Sub-Tenants.
    • By Default, Data under a sub-tenant is visible to the Tenant
    • By Default, Data under a sub-tenant is not visible to other Sub-tenant
    • Example – Coke.east owns a resource (credential set or device etc.) and wants to share with sub tenants (Coke.west but not with Coke.it). In this case, ATOM Multi Tenancy Infrastructure provides a facility to share a resource with particular sub-tenants. Upon sharing the resources as required, each individual ATOM User interface will provide information on Resource sharing as shown below. This behaviour will be the same across all the resources in ATOM and will not be discussed specifically across features in the user guide.

Sample View of Resource being shared from Coke.east to Coke.west

Multi-Tenancy including Sharing, Wild Card usage to share across multiple Sub-tenants, Users within a Sub-Tenant and more details are discussed in ATOM Multi Tenancy & Sub-Tenancy

Viewing the Dashboard

Dashboard provides a simple, integrated, comprehensive view of the data associated with the resources managed by ATOM. Information about the devices, services, service approvals are available “at‐a‐glance” for the administrator.

Starting from the 7.x release, Dashboard, the landing page of ATOM, is organized into dashlets. A dashlet is an individual component that can be added to or removed from a dashboard. Each dashlet is a reusable unit of functionality, providing a summary of the feature or the function supported by ATOM and is rendered as a result of the custom queries written in DSL.

You can customize the look of the Dashboard, by adding the dashlets of your choice, and dragging and dropping (the extreme right corner of the dashlet) to the desired location on the dashboard.

Each dashlet contains the summary or the overview of the feature or the functionality supported by ATOM.

For example, the dashlet “Device” displays the summary of devices managed by ATOM.

Some of the statistics that can be of interest in this dashlet could be as follows:

  • Total number of devices
  • Number of online devices
  • Number of offline devices

These statistics can be gathered by ATOM and displayed in the corresponding dashlet depending on the DSL query written for each of them. You can save the layout containing the dashlets of your choice and set in a particular order.

Resource Management

ATOM Resource management involves device credential management, device onboarding through discovery or manual import, configuration archival, topology discovery & visualization, resource pools (device grouping), IP Address Management etc.,

Following table provides a quick summary of the activities that can be Resource Management activities.

If you want to..Navigate to …
Credential Sets, Credential Maps and DevicesResource Manager > Devices
Device DiscoveryResource Manager > Devices > Discovery
Visualize TopologyResource Manager > Network > Topology
Create & Visualize Logical & Hierarchical Network Device Groups/Resource PoolsResource Manager > Network > Resource Pools
Create physical locationsResource Manager > Locations

Device Management

Device Management involves onboarding of devices and working with Device inventory, Configuration, Monitoring & Alerts. Devices can be added Manually, through an API or Automated Discovery using CDP/LLDP.

All Device Mgmt activities can be performed from Device Explorer & Grid View. Following are the three main views for a Device.

  • Grid View – Grid layout of all Devices & and action on a device(s)
  • Tree View – Device Group based tree view of devices that provides a much easier way to toggle between devices and inspect various device characteristics.
  • Topology View – Devices can be visualized in a Topology view
  • Device Detail View – On Clicking a Device from Tree View or Grid View a detailed view of the device is presented. This is same as the view when a device is selected from the Tree view

Grid, Tree view & Topology Views can be toggled using the view selector button available at the bottom right hand side corner of the page.

Credential Management

ATOM provides multiple functions like Provisioning, Inventory Collection etc. Function like Provisioning can be various ways – Payload (CLI vs YANG or Other) over a Given Transport (SSH, Telnet, HTTP(S), etc.,). For example, based on the use case ATOM Workflow Engine can use various Payload + Transport mechanisms to perform Provisioning actions. ATOM helps accomplish this using:

  • Credential Sets – Define the Transport/Connectivity & Authentication to the devices
  • Credential Profile – Maps Credential Sets to various functions in ATOM

This addresses various scenarios, some as follows:

  • Reuse of same SNMP Credentials across the entire Network, while retaining Device/Vendor Specific Transport for Provisioning.
  • Inventory Collection Via SNMP for a Given Vendor/Device vs Telemetry for another
Credential Sets

Following section provides guidance on how to configure device credentials in ATOM.

  • Navigate to Resource Manager > Devices > Grid View(Icon) > Credential Sets
  • Create/Edit a Credential Set
  • Name: Enter a string that will be used to identify the Credential Set
  • Description: Enter a description w.r.t the created Credential Set(Optional)

SNMP Transport credentials:

Select Transport type as “SNMP” can view below option

  • SNMP version: Select the version of SNMP that should be used for device communication
  • SNMP Read Community String: Enter the string that is used by the device to authenticate ATOM before it can retrieve the configuration from the device
  • SNMP Write Community String: Enter the string that is used by the device to authenticate ATOM while writing configuration to the device
  • Timeout: Enter the time taken for the response from the device in seconds.
  • Number Of Retries: Enter the number of times the SNMP request is sent when a timeout occurs.

CLI Device(SSH/TELNET) Transport Credentials:

Select Transport type as “SSH/TELNET”

  • User name: Enter a string that should be used to login to the device
  • Password: Enter a string that used be a password for logging into the device
  • Enable Password: Enter a password to enter into the privilege exec mode of the device.
  • Mgmt-VRF-Name: Enter the name of the management VRF configured on the device. This will be used by ATOM to retrieve the audit logs from the device.
  • Port Number: Enter the number of the port on the device that should be used for communication with ATOM
  • Command Execution Wait Time: Enter the number (in millisecs) that ATOM should wait for the consecutive commands to be executed on the device. Enter any number between 10 to 30000.
  • CLI Configure Command TimeOut: Enter the time (in seconds) that ATOM should wait for the command line prompt on the device to appear. Enter any between 1 to 1200.
  • Max Connections: Enter the number of max connections that can be opened for a given device at any time.

API Device Transport Credential:

Select Transport type as “HTTP_HTTPS / GRPC”

  • User name: Enter a string that should be used to login to the device
  • Password: Enter a string that used be a password for logging into the device
  • Port Number: Enter the number of the port on the device that should be used for communication with ATOM.
  • Max Connections: Enter the number of max connections that can be opened for a given device at any time.

GRPC Transport credential:

Credential Profile

By default, ATOM has the following out of the box functions:

  • Config Provisioning
  • SNMP
  • Telemetry
  • HTTP provisioning
  • NETCONF provisioning

Navigate to Resource Manager > Devices > Grid View(Icon) > Credential Profile

  • Here, provide the name of credential profile, description and add the transport credentials by choosing the appropriate functions.

  • Below is the snapshot to attach the credential set with function.

Credential profile payload in XML:

Credential Maps

Credential Map allows users to map multiple Credentials Profiles to an IP-Address range. This addresses the following use cases:

  • Device Discovery – When ATOM needs to Perform Discovery using SNMP Sweep or CDP/LLDP. Since devices are yet to be onboarded, explicit assignment is not available.
  • Credential profile is mandatory when onboarding a device.

When ATOM needs credentials for a device and explicit Device to Credential Profile is not available, ATOM will cycle through the IP Address range and use the first credential profile that works. The successful Credential Profile is mapped to the device. This process is repeated whenever ATOM is unsuccessful communicating with the device using the current assigned credential profile.

To create a Credential Map:

  • Navigate to Resource Manager > Devices > Grid View(Icon) > Credential Maps
  • Create/Edit Create Credential Map:
  • Name: Enter a name for the Credential Map
  • Start-IP-address: Enter an IP address in the range from which ATOM starts the sweep for locating the devices.
  • End-IP-address: Enter an IP address in the range beyond which ATOM will not continue the sweep for locating the devices.
Note: The Start and the End IP address are the range of IP addresses of the devices.
  • Credential Profile: Select one or more Credential Profiles shown.

Device Onboarding

Devices can be onboarded into ATOM using an API, Manually through User Interface of Discovery using CDP/LLDP.

Discovering Devices

Devices discovery is covered in section – Device Discovery

Adding Device Manually

We may have scenarios where device discovery is not viable. Some reasons below:

  • Lack of support for Layer 2 discovery support on the device
  • Operational/Administrative reason to not use LLDP/CDP
  • SNMP Sweep discovery is not suitable – IP Address Range are not well defined, contiguous or some other reasons

Before you begin, it’s mandatory to define Credential Sets & Credential Profiles.

To Add/Edit a Device:

  • Navigate to Resource Manager > Devices (Grid View)
  • Add – Select Add action
    • IP address: Enter the IP address of the device
    • Credential Profile: Select the Credential Profile of the device
    • Driver name: Driver can be selected for API devices.
    • Latitude & Longitude: is a measurement on a globe or map of location north or south of the Equator on devices
  • Modify – Select Device & Select Edit action
  • Delete – Select one/more device(s) and Select Delete Action

Upon device addition, ATOM will perform the following:

Added Devices are shown in Devices grid and Device status will be shown in Green if device is SNMP reachable and ATOM is able to work with the device successfully.

Device Views

ATOM has 3 views for the devices – Tree (Device Explorer), Topology and Grid.

  • Tree View:

  • Topology View

  • Grid View:

Device Explorer

Device explorer view will provide the devices, its associated config and observability elements in logical hierarchy. This view contains the available device-groups and its associated devices . By default, all the devices are part of AllDevices Group.

Device group will have all the corresponding device details Each group and node will have the following sections:

  • Summary : It provides the device platform, version, serial number, current operating OS, Device hardware health, Interface summary, Config compliance violations and Active alerts and recent activity.
  • Configuration : it provides the entire summary of config related operations.
    • Config Archive : It shows the each config retrieval, type, retrieval & parsing status.
    • Changelog : provides the summary of change in configuration such as number of lines added, deleted or modified and at what time & corresponding changes.
    • Config Data : it will provide the entire config tree through YANG models parsing. This is not applicable for any device group as they can have heterogeneous models based on the grouping criteria & provisioning interface such as ATOM abstract device models, OC or Native models.
  • Monitoring : It contains all possible templates & charts through inheritance from its group or node level. It will show the default template by default as its monitoring summary. Refer Monitoring Guide for more details.
  • Alerts : It will show the all active alerts and its history by default. Alert filter view is also available to search & prioritise the alerts. Refer Alerting Guide for more details.

Each device-group view will have a Summary dashboard which can be customizable.

Device Actions

ATOM supports common actions on Device. These actions can be performed from Device Grid view on one or more devices or from within the Device specific view and will be discussed in Device Summary section.

Jobs & Subscriptions

Various Collection & Diagnostics jobs can be invoked.

  • Navigate to Devices > select one or more devices
  • Click on the Jobs and select the job to run
    • Jobs action -> Run Device Inventory
    • Jobs action -> Run Extended Inventory
    • Jobs action -> Run Topology Inventory
    • Jobs action -> Retrieve Configs
    • Jobs action -> Run Diagnostics
    • Jobs action -> Run Policy
    • Jobs action -> Run Profile
  • Click on the Subscriptions to configure Syslog Subscription on the Devices
    • This will result in ATOM being configured as a Syslog receiver and is a configuration change on the device.

Exporting Device Information

You can export the device information of the devices either in the XML or JSON format.

  • Navigate to Resource Manager > Devices > Grid View(Icon) > Devices
  • Select one or more devices
  • Click the View/Download button and select either the XML or JSON
VTY Sessions

This is used to view the active vty sessions.

  • Navigate to Resource Manager > Devices > Grid View(Icon) > Devices
  • Select any device
  • Click the VTY Sessions button

Default Jobs

Below are the jobs which run during the device onboarding process in the mentioned order.

  • Device Inventory : It gathers the Platform, OS Version through SNMP and gets the Device to ONLINE. If the platform is not found in ATOM then check Platform guide on
  • Device Extended Inventory : It collects the Serial Number, Interface performance, health, availability etc.,
  • Device Diagnostics : ATOM will perform the reachability check through Ping, SNMP and Telnet/SSH if they are applicable.
  • Base Config Pull or Config Retrieval : It will retrieve the configuration and persist in the database. Configuration will be collected if the credential function is set to Config SNAPSHOT or any of the PROVISIONING functions. Build data model flag is used to parse the configuration into YANG entities from the specified config source snapshot.

Below is the example, to backup cli and netconf xml config and parse the xml version.

Config Type column will show us the source of config retrieval.

All the above operations can be customized for any platform as required and scheduled similar to other collection jobs.

Device Summary

Device summary view provides a quick snapshot of important device attributes including Alarm summary, interface summary, recent configuration change history and health.

Device Summary also provides access to most popular device actions and quick links to frequently used activities.

  • Navigate to Devices > select a device
  • Click on the Device > Summary> to view the details associated with each attribute.

Configuration Management

Configuration Archive

ATOM Collects Device configuration periodically as configured in Jobs->Configuration or upon a config change event from the device. To trigger configuration collection through config change notification, ATOM should be configured to receive config change notification through SNMP Trap or Syslog.

  • To view Device(s) Configuration – Navigate to Devices > select a device(s)
  • Click on the “Configuration > Archive” Tab
  • Select an Entry in the Grid
  • In Details view – CLI/XML Configuration is displayed

Configuration Diff

Configuration differences across various revisions can be viewed by selecting two versions from the Configuration archive grid.

  • To view Device(s) Configuration – Navigate to Devices > select a device(s)
  • Click on the “Configuration > Archive” Tab
  • Search configuration grid using tags or other attributes
  • Select two configuration revisions
  • Click on “Compare” to launch configuration diff view

Configuration Tagging

Configuration version can be tagged using user provided flags or tags. This can be used for filtering and comparison of configuration revisions.

  • To view Device(s) Configuration – Navigate to Devices > select a device(s)
  • Click on the “Configuration > Archive” Tab
  • Select an entry from the configuration revision grid
  • Click on “Update Tags”
  • Enter one or more tags in the lower right of the configuration details view

Configuration Change Log

Configuration archive provides full comparison of device configuration changes across revisions. ATOM provides another view to see only config modifications only.

This can be enabled from Admin Settings.

  • Administrations > System> General settings> Admin settings
  • Edit “Admin Settings
  • Set “generate-config-inventory-event to true

Config change history for devices can be tracked as follows:

  • Navigate to Devices (Tree View) > select device(s)
  • Click on the “Configuration” Tab
  • Click on the “Change Log” Tab

Configuration Change Management – Create/Update/Delete

Configuration archive discussed in the “Configuration Management” section provides a Read-Only view of Device CLI configuration. Additionally, ATOM provides Model driven configuration for create, update & delete. This includes the following:

  • Discovery of Device configuration
  • Show a tree view of the configuration
  • Create/Edit/Delete of Device configuration

Configuration Editing can be done from “Config Data” view:

  • To view Device Configuration – Navigate to Devices > select a device
  • Click on the Configuration> Config Data Tab
  • From the Tree view select a node and possible operations are shown on the right hand side

Note: Create/Edit/Delete from here will send configuration instructions to the device. ATOM should be set to interactive mode from the Administration page.

Device Inventory (SNMP)

All Device inventory collected through SNMP Collection job is shown in Entities view. Following provides guidance on

  • To view Device Configuration – Navigate to Devices > select a device
  • Click on the “Monitoring” Tab
  • Collected data will be shown under MIB-name

Adding Unmanaged devices

Some devices, with feature capabilities such as L2 only, L2 and L3 both, L3 only, can be manually added to the Devices table. Such devices are not managed by ATOM and it does neither generate configurations nor push any configurations on them. Multiple unmanaged devices can be on‐boarded into the resource pool and each such device can be used during service instantiation.

To add an Unmanaged device, do the following:

  • Navigate to Resources > Devices > Add Device
  • In the Create device screen, select the Unmanaged option

Enter values in the following fields:

  • Host Name: Enter a name for the device
  • Device Capability: Select one or more capabilities from the available list.

For example, if you want the device to behave as a L3 device, choose L3Router from the list.

  • Device Type: Select the category of the device that it belongs to. 3. Add network connections between the null device and it’s peer device as follows:
  • Source Interface: Select the interface, on the null device, from which the network connection should originate.
  • Peer Device: Select the device, managed by ATOM, as the peer device.
  • Peer Interface: Select the interface on the peer device where the network connection should terminate.

Adding Dummy devices

In some scenarios, you may have to create devices for which configurations are created as a part of a service but are not pushed to any actual device. These logical entities are termed Dummy Devices and they do not have any real world counterparts with a pingable IP address.

Monitoring

ATOM enables you to create Assurance profiles to facilitate 24×7 uptime of your network. Closed loop automation (CLA) framework allows you to define policies and remediation actions in violation of those policies.

ATOM collects operational & performance metrics from multiple data sources such as SNMP, SNMP traps, Syslog and Streaming Telemetry and stores them in a time-series database.

Following are the different activities on the metrics:

  • Visualize Data Using Charts & Reports
  • Alerts against thresholds defined on the Metrics
  • Alert Dashboards – Collection of Predefined & User Defined Dashlets
  • Alert Routing to Email, Slack etc.,
  • Actions on Alerts
  • Closed Loop Automation Actions on the Alerts

Please refer to “ATOM User Guide – Performance Management & Alerting” for further details.

Network Topology

Network Connections

Network connectivity is discovered between devices using Layer 2 discovery protocols – CDP & LLDP. In cases where CDP/LLDP is not supported or enabled on the device, Network connections can be added Manually using Network connections .

NOTE: Network connections should be added manually between the devices that have LACP port channels configured on them.

To add a Network Connection, do the following:

  • Go to Resource Manager > Network
  • Click Network Connections and click Add.
  • In the Create Network Connection screen, enter the values in the following fields:
  • Unique ID: This is a system‐generated ID for a network connection.
  • Source Device: Select a Device (origin of the network connection)
  • Source Interface : Enter a name for the interface on the source device
  • Destination Device: Select a Device (the end of the network connection)
  • Destination Interface: Enter a name for the interface on the destination device. A Network Connection is established between the interfaces of the source and the destination devices.

Network Topology

All the devices for each of which network connections are available are displayed in the topology view.

Resource Pools

A resource pool is a logical abstraction for flexible management of resources managed by ATOM. A resource pool can contain child resource pools and you can create a hierarchy of shared resources. The resource pools at a higher level are called parent resource pools. Users can create child resource pools of the parent resource pool or of any user‐created child resource pool. Each child resource pool owns some of the parent’s resources and can, in turn, have a hierarchy of child resource pools to represent successively smaller units of resources.

Resource pools allow you to delegate control over the resources of a host and by creating multiple resource pools as direct children of the host, you can delegate control of the resource pools to tenants or users within the organizations.

Using resource pools can yield the following benefits to the administrator:

  • Flexible hierarchical organization
  • Isolation between pools, sharing within pools
  • Access control and delegation

Creating a Resource Pool

  • Navigate to Resource Manager > Network > Resource Pools
  • In the right pane, click the Add Resource Pool button to create a Resource Pool
  • In the Create Resource Pool, enter values in the fields are displayed: .

  • Name: Enter a name for the resource pool
  • Description: Enter some descriptive text for the created resource pool
  • Available for Services: Select this option if the resource pool can be used for creating services.
  • Parent Resource Pool: Select a resource pool that should act as the parent for this resource pool that is being created.
  • Location: Select the name of the site or the geographical location where this resource pool should be created. See the section, “Locations” for more information about creating Locations and Location types.
  • Deploy: Select this option if the resource pool should be deployed or used in services.

Adding Devices to a Resource Pool

  • Click the created resource pool to add the required devices to it.

Select Resource pool > Add Devices

  • All the devices available in ATOM are displayed in the left pane.
  • Click Add to include the required devices in the resource pool