Anuta ATOM Overview
Anuta ATOM platform provides comprehensive end-to-end network automation, network monitoring, configuration and compliance management, network orchestration, and closed-loop automation for multi-domain and multi-vendor networks.
Key Features of ATOM Platform
Vendor Agnostic Platform: Anuta ATOM supports 45+ vendors across 150+ platforms. All major vendors, including Cisco, Juniper, Arista, F5, and others, are supported. Anuta ATOM provides SDK, enabling customers and partners to develop device models not supported by ATOM currently.
Automated Device onboarding: Network devices can be onboarded on ATOM either manually or automatically through seed and sweep mechanisms. ATOM also provides zero-touch provisioning through DHCP or PnP. Once onboarded, ATOM provides a complete device lifecycle and inventory management.
Configuration & Compliance management: Upon onboarding the devices, ATOM provides configuration management and automated compliance enforcement. ATOM periodically archives and versions device configurations. Any out-of-band changes are detected, notified, and remediated on approval. ATOM’s compliance policy builder enables the administrator to define and standardize configurations. Any violation of baseline behavior triggers automated remediation to fix non-compliance.
Service Orchestration: ATOM enables Service lifecycle management and service orchestration. L2VPN, L3VPN, Application delivery, or any custom service can be modeled and ordered using the ATOM platform.
Low Code Workflow Automation: ATOM provides an intuitive drag & drop framework to develop automation for even the most complex workflows such as software upgrades, Device RMA, network migration, troubleshooting, and diagnostic scenarios.
Performance & Network Health Monitoring: Anuta ATOM provides a single-pane-of-glass to monitor the entire network. ATOM can collect necessary device and network data through SNMP, SNMP Trap, Syslog, and streaming telemetry mechanisms. Operators can visualize the collected data through out-of-box and custom charts or share it with external databases.
Alert Routing & Suppression: ATOM supports alert deduplication, alert grouping, alert suppression, and alert routing. ATOM allows the grouping of similar alerts into a single notification. During significant outages, when many systems fail simultaneously, numerous alerts are triggered. Alert Manager in ATOM can be configured to group alerts by their cluster or alert name to send a single compact notification for similar alerts.
Closed-Loop Automation: ATOM enables closed-loop automation by relaying the monitoring platform’s feedback to the automation platform. Network administrators can set thresholds and alerts for network events. The ATOM platform can automatically trigger remediation workflows based on the network administrator’s approval on breach of thresholds.
APIs and Integrations: ATOM is an Open and API-driven platform. All operations in ATOM can be triggered through the ATOM’s self-service portal or APIs by northbound solutions such as OSS/BSS, ITSM, Ticketing/Billing, etc. ATOM workflow automation can invoke APIs from external entities such as ServiceNow, Jira, IPAM, etc.
RBAC & Multi-Tenancy: ATOM Supports Role-based access control and multi-tenancy, which will allow customizing privileges to various functions in ATOM. Workflow automation also supports similar access control rules where the workflows created by one user will not be seen by another unless explicitly assigned to them. RBAC policies also offer control over the execution of workflows.
Massively Scalable: The ATOM platform is built on the latest technologies. It is a microservices-based stateless platform that can scale horizontally to support thousands of devices with high throughput and low-latency. ATOM is componentized and enables the deployment of selected components essential for desired functionality.
HA & Full redundancy: ATOM Software is microservices-based, containerized, and runs on the Kubernetes platform. All components of ATOM, except for databases, are stateless. Databases contain state information and are in HA. ATOM components support the active-active cluster model.
Scope of this Guide
ATOM Trial Instance allows you to experience the following ATOM features.
- Multi-Vendor Resource & Configuration Management
- Service Orchestration
- Workflow Automation
- Compliance Management
Accessing the ATOM Cloud Instance
Visit the Anuta Networks website and request an ATOM Cloud Instance.
On requesting a free trial, you will receive a set of emails related to your account.
- The first email provides instructions to set your password.
- The second email provides instance URL and login details.
Access the instance URL and login with your credentials.
In case of any issues, please contact firstname.lastname@example.org.
Anuta ATOM Cloud Walkthrough
Before we test drive Anuta ATOM, let’s briefly examine the lay of the land.
On every login, you will be presented with an ATOM Cloud info page. The page provides you with all essential information related to ATOM Cloud instance and agent health, license details, support information, and documentation links.
The menu bar on the left helps you traverse through various ATOM features.
ATOM dashboard provides you with a quick summary of all essential metrics. You can add new widgets or create new dashboards as required.
See here to learn more about viewing and customizing the dashboard.
With this essential knowledge in place, let’s try out a few ATOM features.
Exercise 1: Resource and Configuration Management
ATOM can onboard network devices across 45+ vendors and 150+ platforms. (See the list of all supported devices). This trial instance has devices across Cisco, Juniper, Palo Alto, BigIP, Fortigate, and Infoblox.
Click on devices at the menu bar to see a list of all devices onboarded to your instance.
You can now see a list of all devices onboarded to your ATOM platform.
Click on the device grid icon on the bar at the bottom right corner to view device inventory in a tabular view.
View Device Inventory
Let’s take a look at one of the devices.
Click the first virtual CSR device.
Click on the summary tab to view device inventory including, device type, OS version and interface, and compliance status.
View Archived Configurations
The next tab will display a list of archived configurations. ATOM periodically archives device configurations. The status of each retrieval is also displayed.
Select any configuration to view.
You can tag every archived configuration. You can use this tag to restore configuration at a later point in time. Provide a tag name at the right bottom corner and then save the changes.
View Configuration Diffs
Select the following two configurations from the timeline and click on compare icon on the toolbar to view the difference between them.
View Configuration Data
The config data button in the configuration tab provides you with a simplified view of the device configuration. The entire configuration of the device is modeled into related items. This view is available for CLI and Yang/NetConf based devices.
Let’s check for all VLANs configured in this device. To view all VLANs in the current device, click on the “Config Data” button. Scroll down in “Config Elements” and click on “VLANs.”
Summary & Next Steps
Through this exercise, you learned ATOM’s resource and configuration management capabilities.
Some of the key capabilities are listed below.
|Resource Management||Configuration Management|
Exercise 2: Service Orchestration
ATOM provides service lifecycle management for multi-vendor devices. ATOM provides numerous out-of-box services. Custom services specific to business interests can also be developed using ATOM SDK.
In this exercise, we will be provisioning, modifying, and deleting L3 and EVPN services.
Provisioning L3 Service on a Cisco Router
In the menu, Click on automation and then services.
Go to the service catalog and click on the L3 service card.
This page displays all L3 service instances. You can see an existing L3 service.
Create a new service
Let’s create another L3 Service. Click on “+” to create a new l3 service.
Entering Form Details
You are now provided with a form. ATOM will provision a new L3 service based on the details provided in this form. Enter the details as below and submit.
You can also import a template with prefilled form values(see below)
|Name||Trial L3 Service|
|Device ID||Select a vCSR from the dropdown|
|Ipv6-Address||Leave it blank|
|Ipv6-Prefix-Length||Leave it blank|
Importing a form template
ATOM allows operators to import an existing template. Download the L3 service template from here and import it.
Most of the form values are prefilled. Enter device and interface configuration and submit.
View task progress
Open the tasks view to monitor the progress.
We can see our service is being provisioned. The progress bar shows that it’s 50% done.
To view the details of the task, click on the three dots and then select details.
In the task details pane, you can view the logs and the commands that are yet to be provisioned.
Refresh the task list to retrieve the latest status of the task.
Once the task is completed, close the task panel and refresh the service view.
To view provisioned commands, follow the steps as described in this section.
Verify the service creation
ATOM automatically pulls configuration from the device after provisioning the service. To verify the service has been provisioned successfully, go to the archived configuration tab described in this section.
In this archive, you can see that the last entry is related to the operation “Create: L3 Service”.
Compare the last two configurations to verify if the correct configurations were provisioned in the device.
Modify existing service
Let’s try modifying the service configuration. Follow the steps described in this section to return to the L3 service summary view. Here we can now see an entry for the previously provisioned service.
To modify the service, select the row and click on edit.
In the displayed form, modify VLAN from 522 to 600 and submit the form.
This triggers a modification request, and ATOM modifies the VLAN on the device.
Delete the service
Now let’s proceed to the final step of a service lifecycle – Service Deletion.
To delete the service, select the row and click on delete.
This triggers a deletion request, and ATOM deletes the selected L3 service.
Provisioning EVPN VXLAN Service on a Juniper Router
Go to the service catalog as described in this section and click on EVPN VXLAN service.
Click on “+” to create a new service.
Fill the form with details as shown below and submit.
|create-vrf||Select the checkbox|
Summary & Next Steps
Through this exercise, you learned ATOM’s service automation and orchestration capabilities.
Some of the key service orchestration capabilities are listed below.
Check out the user guide to learn more on these topics.
Exercise 3: Workflow Automation
ATOM Workflow Automation allows you to automate simple and complex method-of-procedures. The entire end-to-end procedure, including pre-checks, post-checks, and approvals, can be automated using this feature. ATOM provides a Workflow Builder to design and develop workflows. Workflow Builder is out-of-scope of this trial.
In this lesson, we’ll execute a workflow that automatically upgrades a Juniper MX device.
Juniper MX Upgrade Automation
Please refer to the Juniper vMX Workflow Automation use-case guide to get a detailed understanding of the upgrade capabilities.
In the menu, Click on automation and then Workflows.
Go to the Workflow catalog and click on the Juniper MX Upgrade Workflow.
You will now enter the workflow summary page. Here you can visualize the entire workflow, all instances of the workflow and their corresponding statuses, and the workflow version.
Start a new workflow
Execute this workflow by clicking the “start” button on the toolbar
Enter a name for this workflow instance and click on “start.”
You can now see an active instance in the instances section.
Click on the instance to see more details about the instance.
The workflow task that is currently being executed is highlighted in yellow. The upgrade workflow is waiting for input from the user (see the little human icon in the box? ).
Enter Workflow Form Details
Click on Actions (present at the bottom of the page) to view all claimed and unclaimed tasks.s
Select the tasks and click on “claim.”
Unselect “Un Claimed” to view all claimed tasks
Select the claimed task and complete it
You will now be presented with a form to collect all relevant data for the workflow. Most of the details are prefilled for this trial instance. Select the “vMX_SMU” device in the Device-Id and submit the form.
Follow the instance summary, and the workflow moves from 1 task to the next. This process should take few minutes.
The workflow will pause once again just before rebooting the vMX device to seek reboot approval.
Claim the task and open the approval form as described in this section.
Approve the request and submit the form.
Once approved, the workflow will proceed and upgrade the vMX router.
Summary & Next Steps
Through this exercise, you learned ATOM’s Workflow Automation capabilities.
Some of the key workflow automation capabilities are listed below.
Check out the user guide to learn more on these topics.
Exercise 4: Compliance Enforcement
ATOM enables operators to design global compliance policies. ATOM provides several out-of-box compliance policies that you can readily utilize in their network. ATOM also enables you to develop any custom use-cases specific to your business.
Go to the menu and select “config compliance” to view a list of all compliance policies.
This instance has three out-of-box policies.
- Clock Synchronization
- Disable CDP LLDP on Public IP Interfaces
- Interface Configuration
Compliance policies are a collection of rules and conditions on the success or failure of rules. Let’s look at a few policies to understand them better.
Compliance policy for CLI based devices
Select “Clock Synchronization” policy and click on edit
The policy has two rules.
Let us examine each rule. Select Clock template and click on edit.
Simple Rules and Conditions
Any Rule has four sections. The first section, “Basic Information,” contains the rule description.
Next, select all platforms applicable to this rule. We have selected this rule to apply to all cisco devices.
We have no rules variables for this rule. We’ll come back to it soon.
In the last tab, we will add conditions and corresponding actions. We have added a single condition. Select the condition and click on edit.
Here we have entered the condition to check in the “value” field.
This condition is matched, and appropriate action is taken on success (condition match) or failure (condition not-matched). In case of a match, we do not take action for this condition. For a non-match, we have described the corrective action to be taken.
Variables in Rules and Conditions
Let’s now review NTP Template Rule. The rule structure is the same as the “Clock Template” for the most part. You will see a difference in the condition & action section. Let’s go to the “Condition & Actions” tab.
You will see that the “NTP Template” rule has three conditions. Select the “Check NTP ACL” condition and click on edit.
The “Value” field has 2 variables – ntp_primary_server & ntp_secondary_server. Variables are covered in do