OpenNTI is a container packaged with all tools needed to collect and visualize time series data from network devices. Data can be collected from different sources:

• Data Collection Agent : Collect data on devices using CLI/Shell or Netconf
• Data Streaming Collector : Take all data streamed by Juniper devices as Input (Jvision, Analyticsd, network agent)
• Statsd interface : Accept any Statsd packets

It's pre-configured with all tools and with a default dashboard .. Send it data, it will graph it

Thanks to docker, it can run pretty much anywhere on server, on laptop ... on the device itself

More detailed description of a project can be found here (including a series of videos on how to use it):

The only requirement is to have docker installed on your Linux server/machine.
Instructions to install docker are available here

It's also available for Mac & Windows

OpenNTI is available on Docker Cloud and this project provide scripts to easily download/start/stop it.

git clone https://github.com/Juniper/open-nti.git
cd open-nti
./docker.start.sh

On Ubuntu, you'll have to add "sudo" before the last command

By default the container is named "open-nti_con" and is working in non-persistent mode, once you stop it all data are gone.
On Linux, it's possible to start the container in persistent mode to save the database outside the container, by using the startup script docker.start.persistent.sh. Persistent mode is not supported on Mac OS

All port numbers and names used by start/stop scripts are centralized in one file : open-nti.params, you can easily adapt this file with your own port numbers or names. It's mandatory if you are planning to run multiple instances of OpenNTI on the same server.

If you want to make some modifications, you can always build the container yourself using the script ./docker.build.sh.

The first time you run "./docker.build.sh", it will take 10-15min to download and compile everything but after that it will be very fast

For any issues please open an issue on Github.
For comments, suggestions or questions please use our google group

To participate, please:

- Fork the project
- Send us a pull request

Contributions are more than Welcome

Once the container is running, you can access :

• Graphical User Interface (Grafana) at http://hostip (Login: admin / Pwd: admin)
• Database admin interface (Influxdb) at http://hostip:8083 (Login: juniper / Pwd: juniper)
• Database REST API (Influxdb) at http://hostip:8088 (Login: juniper / Pwd: juniper / db : juniper)

By default the Data Streaming Collector accept data on ports :

• MX - Jvision : 50000
• QFX10K - Network Agent : 50010
• QFX5K - Analyticsd : 50020

MAC OSX users: If you want to run this container directly on MAC OSX you will need to install NAT rules to >forward ports from OSX to Docker VM.
There is a script which will add/delete rules automatically based on container name: >https://github.com/mpergament/docker-virtualbox-nat-macosx

To use the Data Collection Agent you need to provide few informations

For now, there are 2 dashboards predefined, one for the Data Collection Agent and one for the Data Streaming > Collector. in the future, these will be merged into a single dashboard.

data/hosts.yaml

In data/hosts.yaml you need to provide the list of devices you want to pull information from For each device, you need to indicate the name ane one or multiple tags (at least one).
Tags will be used later to know which credentials should be used for this device and which commands need to be executed

<hostA>: <tag1> <tag4>
<hostB>: <tag1> <tag4>
<hostC>: <tag2> <tag4> <tag5>
<hostD>: <tag1> <tag4>  <--- Those tags relate the Hosts with the credentials and the commands to use with

Example

mx-edge011: edge mx madrid bgp mpls
mx-agg011: agg mx madrid bgp isis
qfx-agg022: agg qfx munich bgp
qfx5100-02: tor qfx madrid isis

The default configuration assume that hosts defined in hosts.yaml can be resolved with DNS if your hosts doesn't have DNS entry, it's possible to indicate the IP address in the hosts.yaml file instead of the name

192.168.0.1: edge mx madrid bgp mpls

To avoid using Ip addresses in the dashboard, you can use the device hostname defined in the configuration instead of the value define in hosts.yaml by setting the parameter use_hostname to true in open-nti.variables.yaml

use_hostname: True

data/credentials.yaml

You need to provide at least one credential profile for your devices

jdi_lab:
    username: *login*
    password: *password*
    tags: tag1 tag2

data/commands.yaml

generic_commands:  <--- You can name the group as best fits you
   commands: |
      show version | display xml  <--- There is no limit on how many commands can be added into a group
      show isis statistics | display xml <-- Before adding a command, confirm that there is a related parser
      show system buffers
      show system statistics icmp | display xml
      show route summary | display xml
   tags: tag1 tag2

To collect data periodically with the Data Collection Agent, you need to setup a cron job inside the container.
As part of the project, open-nti is providing some scripts to easily add/remove cron jobs inside the container from the host.

Scripts provided:

• open-nti-start-cron.sh: Create a new cron job inside the container
• open-nti-show-cron.sh: Show all cron jobs configured inside the container
• open-nti-stop-cron.sh: Delete a cron job inside the container for a specific tag

To start cron job to execute commands specified above for specific tag every minute:

./open-nti-start-cron.sh 1m '--tag tag1'

To start cron job for more than one tag at the same time:

./open-nti-start-cron.sh 1m '--tag tag1 tag2'

To start cron job to execute commands specified above for specific tag every 5 minutes:

./open-nti-start-cron.sh 5m '--tag tag1'

To start cron job to execute commands specified above for specific tag every hour:

./open-nti-start-cron.sh 1h '--tag tag1'

To show all scheduled cron jobs:

./open-nti-show-cron.sh 'all'

To stop cron job for specific tag:

./open-nti-stop-cron.sh '--tag tag1'

If you want to configure the cron job yourself, open-nti use this command: /usr/bin/python /opt/open-nti/open-nti.py -s --tag

Currently the collector accept:

• Network agent (qfx10k) streams in JSON/UDP on port 50010
• Analyticsd (qfx5k) streams in JSON/UDP on port 50020
• Juniper Telemetry Interface (mx) streams in GPB/UDP on port 50000

it's important that all devices have the correct time defined, it's recommended to configure NTP everywhere

open-nti is using telegraf to support statsd
Statsd is a popular tool to send metrics over the network, it has been designed by etsy More information below :

• https://github.com/etsy/statsd/blob/master/docs/metric_types.md
• https://github.com/influxdata/telegraf/tree/master/plugins/inputs/statsd

Here is an example of how to insert statsd data into the Database

root@d3e82264a08b:/# echo "opennti,device=qfx5100,type=int.rx:100|g" | nc -w 1 -u 127.0.0.1 8125

opennti define the serie  
device=qfx5100,type=int.rx will be converted as tag1  
100 is the value  
g indicate gauge  

By default the dashboard is configured to display some "events" that are stored in the database into the serie "events" Their are multiple ways to record entry in the events serie

This feature is still experimental, some users observed delay between events and visualization in the dashboard if you are not seeing your event, try to increase the time windows.

open-nti will access events in the syslog format on port UDP 6000.
The goal is not to send all syslog but only relevant information like Commit or Protocol Flaps

To send only one syslog at commit time you can use the configuration below

set system syslog host 192.168.99.100 any any
set system syslog host 192.168.99.100 match UI_COMMIT_COMPLETED
set system syslog host 192.168.99.100 port 6000

It's possible to insert events with just a HTTP POST request to the database, here is an example using curl

curl -i -XPOST 'http://10.92.71.225:8086/write?db=juniper' --data-binary 'events,type=Error text="BGP Flap"'
curl -i -XPOST 'http://10.92.71.225:8086/write?db=juniper' --data-binary 'events,device=qfx5100-01,type=Commit text="Change applied"'

By default, only 1 container can run on the same server because of default parameters In order to run multiple container on the same Server, you need to customize the script "docker.start.sh" to :

• Change the container name
• Change the external ports the container is listening to

Below an example of start command that will allow multiple container on the same server

docker run -d  \
    -p 150000:50000/udp -p 150010:50010/udp -p 150020:50020/udp \
    -p 18083:8083 -p 18086:8086 -p 8080:80 -p 13000:3000 \
    juniper/open-nti /sbin/my_init

In this case I added "1" to each ports number

Any Grafana dashboard copied into the dashboards/ directory will be automatically loaded when the container startup If you want to replace the default dashboard, you can replace the existing .json file in the dashboards/ directory and rebuild the container with ./build script

To check if the container is running, execute

docker ps | grep open-nti_con

To force the container to stop, execute

 docker stop open-nti_con

To access the CLI of the container for debug , there are multi option 1 - Start the container in debug mode, you'll be directly on the CLI

./docker.debug.sh

2 - Start a SSH session using the insecure_key provided in the repo and the script "docker.cli.sh"

chmod 600 insecure_key
./docker.cli.sh

Once in CLI mode, you can check fluentd log If everything is all right, nothing would be print on this log.

tail -f /var/log/fluentd.log

• fluentd
• influxdb
• telegraf
• grafana
• nginx
• pyez

• Damien Garros
• Efrain Gonzalez
• Michael Pergament
• Pablo Sagrera Garcia