Getting Started with Network Automation
Earlier this month I had a productive discussion with a customer about getting started with network automation, and thought it'd be good to share some of the key thoughts. While this article addresses network automation, you can apply the same process when evaluating any new technology.
We started by discussing a few goals, then investigated the organization's network size and the network staff's capabilities. Does the organization want to use commercial products or build a system itself, based on open source tools? Does it have a good existing network management system? Does it need the ability to switch network hardware vendors?
The most important step is accurately defining the goals of network automation. I like to create a list of goals, with a few notes about each goal and its relative priority. An organization can only tackle one or two goals at a time, so making a long list isn't productive.
For the conversation with my customer, I created a list of likely candidates. The customer could then edit the list and determine relative priorities. My list of four possible goals is suitable for an organization just getting started with network automation.
- Initial provisioning -- This goal is likely to be valuable to an organization that needs to install a large number of devices, perhaps due to a hardware refresh program or a major expansion. However, working with one of the many vendors offering zero touch provisioning (ZTP) solutions can reduce the priority of this goal, even for organizations doing large rollouts. That said, its priority could be higher for organizations taking a multivendor approach.
- Configuration management -- Managing configurations includes checking for configuration drift, performing updates, and creating initial configurations. The value of this goal depends on whether the organization already uses a network change and configuration management (NCCM) solution and how well it functions.
- OS upgrades -- Upgrading network operating systems on a regular basis has become important in recent years due to the identification of security vulnerabilities in older code. Vendor solutions or an NCCM system may provide this capability already.
- Verify operational correctness -- Validate that the network is configured and operating as designed. Verify interface connectivity, route propagation, VLAN trunking, and other operational state against a network state source of truth such as NSoT or NetBox. This goal is valuable if the most common network problem is due to undetected human error or element failure.
We then talked about the customer's organization. How big and dynamic is the network? Is it planning to install a lot of new hardware as part of an expansion or refresh?
I also wanted to understand the mix of hardware vendors. Most vendor-provided network management systems only work with that vendor's hardware. A wide variety of hardware would increase the importance of a vendor-independent automation system. Does it make more sense to replace multiple vendors with a single vendor? Operational expense often overrides capital expense.
We then moved on to discuss the organization's ability to implement a network automation system. How many people could work on the system and what level of expertise do they possess? How important is the staff's ability to support the solution, especially in the event that a key staff member departs? In what timeframe does it need or would it like to have a solution? Will the staff be able to create the desired solution in the desired timeframe? Finally, is the financial budget sufficient for the project?
I couldn't answer the above questions, but the customer provided valuable information I could use to help drive the direction of the ensuing discussion about specific approaches. An organization with capable staff and a low financial budget might opt for a build-it approach using open source software. A large organization that has special requirements may also consider the build-it approach. But an organization with limited technical resources should probably be considering commercial products or consulting firms with expertise in automation. With sufficient resources, including time, reviewing the implementation of two separate systems, perhaps one commercial and one open source, might be advisable.
One important additional consideration is: Does the organization have a good, basic network management system? Network automation is more likely to succeed when an organization applies principles of good network management processes to it. This consideration is an evaluation of the organization's corporate culture. Adding technology to a culture that doesn't embrace it is a recipe for failure.
Continue to next page: Possible Approaches