At the virtual 2020 Enterprise Connect, Terry Slattery, a Principal Architect at advanced network consulting firm NetCraftsmen laid out a network automation framework for IT departments considering the switch.
Automation is a promising thought, but also one which enterprise managers are understandably cautious about implementing.
Here is a rough framework for figuring it all out for your company or organization.
Step 1 – Identify goals
- C-level exec buy in (improve roi, agility/competitive advantage)
- goals: verify network functionality, increase consistency, facilitate troubleshooting
- Maintain and improve network security
- goals: identify network infrastructure security holes, quickly alleviate problems
Step 2 – Plan transition
People: learned to configure one box at a time, culture change required, executive support and budget
Process: develop automation processes, transition from manual to automation
Technology: new tools required, open source or commercial
What to use: Open Source or Commercial?
Requirement: at least two people should be fluent in the technology
Open source: total cost of ownership similar to commercial product despite lower cost of entry; longer implementation good for slower orgs
Commercial: higher entry cost, faster, easier implementation
- show steady progress without serious mistakes
- create/modify processes as needed
- it’s ok to start with open source and move to commercial (and vice versa); refactoring code improves processes
- automation should help the business; don’t do it just because everyone else is doing it
Step 3: education
- buy-in from entire team is critical
- educate team: transition from per-box configuration
- learn how to use the tools
- reserve plenty of time for learning how to use the tools
Step 4: standardized network designs
Avoiding snowflake designs
- unique, complex configurations
- difficult automation & troubleshooting
- unpredictable results
Using building block designs
- standardize configurations, bills of materials, monitoring and troubleshooting
- lowers test lab costs because you only have certain parts of network that need to be tested
Step 5: use NetOp checklists
Create lists of network state.
- automate verification daily and before/after changes
- use a network source-of-truth database
- start small and simple, expand over time
Use things like:
- interface status & error counters
- network neighbors & traffic distribution
- routing neighbors & critical routes
Step 6: use testing to reduce risk
Adopt processes from DevOps.
Create a test environment that mirrors production.
- virtual, physical, or combo
- must match key constructs of the production network
- app developers do this to increase quality
Step 7: Crawl — Simple, Read-Only tasks
Learn how to apply the tools.
Develop aids to operational tasks.
- identify exceptions to network standards
- monitor configuration drift, know what changed
- create a desired network state database
- validate that desired network state exists
Determine how processes change with automation, don’t automate a process you don’t understand.
Step 8: Simple configuration updates
Make simple config changes, NTP, VTY, SNMP, password changes.
Build configs for manual installation.
Develop new processes for automation, creating pre-change and post-change state validation, and developing/using a test environment.
Step 9: Run — Complex changes
Increase complexity of changes:
- QoS, MPLS, VXLAN, etc.
- comprehensive network source-of-truth
- automate change testing
- convert processes to use automation
The final step?
Step 10: Extend automation to other systems!