Network automation is changing the face of the industry and advanced network configuration tools are driving the paradigm shift. From intention-based networking, or IBN, to automating change management, new tools are needed as networks become increasingly distributed and complex. Manual configuration is gradually giving way to new management strategies.
Policies for Network Configuration Tools
The question for many networking teams is, when is it best to start using automation and how should it be implemented? For many teams, the best place to start is to create configurations. Engineers don’t need to use a command line interface (CLI), and they can start thinking about device configurations from the perspective of the variables that distinguish different configurations.
A configuration management strategy will also depend on the type of automation system to be used. Configurations are not necessarily building blocks common to operations such as authentication, authorization and accounting, or the simple network management protocol. This can leave too many gaps.
Experienced Automation Engineers Identify Configuration Variables, Creating Larger Models in Jinja2 and Ansible, with fewer different variables. For example, using automation in a Cisco switch configuration, the VLAN ID, VLAN name, and IP address can be combined to create a virtual interface and VLAN definition. This approach, according to Terry Slattery, principal architect at NetCraftsmen, is much more powerful than dealing with the problem from a building block perspective.
Eventually, training new engineers to manually configure components may become less necessary beyond a simple baseline. But it will vary greatly from person to person. For some, manual configuration can be a good starting point for generating automation.
The advent of IBN, meanwhile, redefines the field of automation. IBN abstracts the CLI in favor of a graphical user interface that engineers can use to determine what they want to happen on the network, based on business needs.
Vendors including Cisco, Apstra, Veriflow, and Forward Networks, among others, are developing network configuration tools that harmonize with IBN. The goal is to reduce the number of hours required to configure networks.
Automation of change management
Individual configuration of network devices has long since become impossible for most networking teams. For most organizations, the next step was to create scripts with a series of CLI commands. However, creating and maintaining all of these scripts is time consuming and prone to errors.
This is especially true with the virtualization of network functions, mobile phones, virtual switches and bare-metal switches which have dramatically increased the size of modern networks. Change management tools have emerged to automate scripting and eliminate the need for network managers to recall a particular command syntax for each type of network device, according to industry expert David Jacobs.
Change management automation systems archive network configurations from previous updates. If a new update goes wrong, the network can quickly be reconfigured as before. Even the most recent device configuration can be quickly restored if a device stops working and needs to be replaced. These products scan the network, detect and report manual configuration changes. The scans also record an inventory of devices on the network.
Virtual Network Functions (VNFs) and virtual switches present new challenges for change management and automation tools. Unlike hardware, virtual machines can be created and then deleted when they are no longer needed; static network configuration tools no longer work. Tools like Ansible, Chef, and Puppet give IT teams the ability to automate and manage resident functions of virtual machines, including virtual switches and VNFs.
The role of SDN
Software-defined networking introduces a holistic approach to automated management, with network and server management treated as a combined effort. SDN controllers manage network resources, defining paths for packet flows between the source and the definition. Unlike traditional networks, Open Shortest Path First and spanning tree protocols no longer determine the route taken by packets.
In SDN systems, applications communicate unique bandwidth requirements and the controller configures the network to support the requirements. Static device configuration – either manually or via scripts – is no longer possible.
In this scenario, engineers responsible for change management must develop coding skills and work more closely with application developers to understand the resource requirements required for each application.