Introduction to Network Automation
HEPIA 2018/2019
Mickaël Hoerdt
Slides built from content in the “Network, Programmability and Automation” book from Jason Edelman
Content
- What is Network Automation ?
- Why Network Automation ?
- Type of Network Automation
What is Network Automation ?
Taking avantages of network equipements API
- Program routine or repetitive tasks by using scripts.
- Streamline network operation with code.
- What can be defined as code ?
- Where is the data, where is the logic ?
- Define your infrastructure with code.
- Build an abstract model of your network.
- Avoid snow flakes in your network.
- Centralize and version control all network configurations.
- Git repository should have authority on the network config.
- Build automatic tests before deploying a config to production.
Why Network Automation ?
To simplify the operational architecture
- When devices are configured one by one
- Error-prone, time-costly, hard to maintain.
- Each devices is uniquely configured by hand.
- Partial view of the network.
- When devices are configured by a single program (ex : Ansible)
- Devices are configured by a code.
- API majors must be stable over time.
- Configuration changes are reflected in the code.
- Global view of the network.
To produce predictible outcomes
- Automated configuration are auto-generated by a program.
- And code reviewed before applying them to the devices.
- Configurations is generated from a single program
- Manual configuration are handled by humans on the CLI.
- Any wrong typing of configuration creates service disruption.
- The more people work on the configs the less predictible it become.
To operate an Agile network
- Changes coming from the users/applications are accelerating
- BYOD, Mobility everywhere.
- Deploying new services should take minutes, not days.
Type of Network Automation
Network automation is not only about configuration management
- Devices provisionning
- Data collection
- Migrations
- Compliance
- Reporting
- Troubleshooting
Device provisionning
- Automate device configuration stored for initial device provisionning
- First : Create a data file which is vendor-independant, ie the syntax of the configuration does not depend from the vendor.
- parameters : VLANS, Hostname, NTP, Interface configuration, etc
- Second : Generate from the data file a configuration which is vendor-specific
- Example of data file : Yaml
Data collection
- Usually done with SNMP
- Limited to the available MIBS
- With an API
- Limited by the API and the code that process the data
Migrations
- If the configuration files are vendor independant
- Migration of a network infrastructure to another vendor is straighforward.
- Migration can be done gradually.
- Tests of your configuration can be done before going in production.
- But before starting to build automation in your network
- Document, Document and Document again.
- The steps to maintain the network must be clear enough to be understood without relying on proprietary interfaces.
- Very similar to a high level software specification
Compliance
- Similar to code quality compliance
- Example :
- Hostname should start with an uppercase.
- Remote vty should only be accessible by ssh.
Reporting
- Once you can get the configuration of the device which is structured and accessible from an API
- The data can be represented in the way you want.
- Example :
- a list of network interfaces and their neighbords can be displayed as a graph of nodes.
- Vlans configured in the network can be reported.
- Available/Seen hosts in the network according to the ARP cache table.
Troubleshooting
- First you must think about the way you troubleshoot before automating it.
- ping, traceroute, local IP routes.
Configuration Management
- Generated configurations can be stored and versionned in a repository
- They can be reviewed before testing them.
- They can be automatically tested before pushing them in production.
- gitlab for networks config
Lab time!