The further you progress on your automation journey, the more you will understand that the environmental factors play an important role in the journey. For a recap on the environmental factors, have a look on my previous post. And as promised, in this post we will be covering the infrastructure elements required to help you throughout your automation journey.
In order to achieve success with network automation, you need to have the right infrastructure in place. However, what is the right infrastructure for you may not be the right infrastructure for me or somebody else. Why ? Because our goals with the automation journey may be very different. Consider the following example:
- Organisation A:
- Small organisation with a very simple network.
- Only need to perform configuration backups and few other network reports.
- Organisation B:
- Medium size organisation with a network that is growing rapidly in size and in complexity.
- Need to leverage automation because of the growing number of elements, redundant paths and systems.
While the same automation infrastructure that solves the problem for Organisation B can also solve the problem for Organisation A, the opposite is not true. Additionally, the cost of the infrastructure implemented to solve the problem of Organisation B may be prohibitive for Organisation A. In this post, I will cover a common infrastructure that all organisations will need to start with.
In this common infrastructure, there are five fundamentals: Linux servers, programming language toolkits, disk space, versioning control, and connectivity to the elements. Without these, you can’t even start.
- Linux Servers
Regardless of which automation you are developing and regardless of its size, you are going to need a Linux server to run the tools required by your automation. Linux comes in all forms, shapes and flavours. Pick your favourite one. My only suggestion on this front is: pick one that has a good package management system.
Any Linux distribution either based on Debian or RedHat will do the job very well. When choosing your Linux distribution, make sure you also choose a Linux distribution for containers. I will cover containers in future posts.
Another important point is whether these servers will be bare metal servers (BMS) or virtual machines. From the Linux and the automation that you are developing, this point usually makes no difference. However, it makes a huge difference in the fact that if you are using virtual machines, you now need to deal with the virtualisation infrastructure that is providing that virtual machine(s). Just to mention few options you have for this: KVM, OpenStack, Public Clouds, and VMWare. The virtualisation infrastructure itself is a Pandora’s box.
- Programming Language Toolkits
I will always argue that the best programming language is the one you know best. If you can develop network automation using your favourite language, then there is no reason to learn a new language. When you start to develop your automation to run in containers, it becomes much easier to choose the language you want because the container is a way to hide the internals of a system component.
These days, there is a lot of network automation being developed in Python. In the past, many (including me) used Perl. Go is a language that is gaining a lot of traction these days too. And I can’t forget to mention Bash. Bash seems to be always there regardless the programming language you choose.
Soon or later, you will find that managing dependencies is a big problem. That’s why containers gained a lot of traction in the last few years. It is a nice way to package your software with its respective dependencies. We will talk more about containers in future posts.
- Disk Space
Whether you are generating reports, versioning device configurations or collecting telemetry, you will need space to store all this information. The important thing here is to understand how much you need. It’s not about to find the precise amount in GB or TB. It is about understanding whether a local array in the server, or a small cluster of servers, a big data environment or offloading to a SaaS (storage-as-a-service) is required.
- Versioning Control
Do you still write code and use that button “Save As” to do your versioning control ? If you answered yes, consider learning and start using a versioning control system today. Please, don’t wait for tomorrow.
The most common versioning system these days is git. git itself deserves an entire post in order to cover just the basics. So, do yourself a favour (in case never heard about git or don’t use a versioning control system yet): learn git!
Versioning control is important for tracking changes and defects. It is very hard to remember why you wrote the code in one way or another a month later. Even worse if you have to identify who made a change in the code and why. It gets worse when you have geographically distributed development teams. git helps you with these and much more.
- Connectivity
Connectivity is a very important element of the automation infrastructure. Connectivity follows three principles: has to be reliable, has to be scalable and has to be secure. Connectivity is all about how you connect to your automation servers, how the servers connect to your network devices and how the servers are updated and maintained.
The main problem with communication in most of the infrastructures that I have seen is that the reliability and scalability are, usually, designed and managed by one group while security is managed by another group. These two groups often have different objectives. And when their objectives get in the way of delivering a reliable, secure and scalable communication infrastructure for automation, that’s where the problems start.
There is no doubt that security is very important. However, if you have to jump through two or three different servers in order to get to your automation server, something is wrong. On the same token, if you need to go through a tedious path in order to get your server’s packages updates, it is another sign that things won’t work well. When your developers and users start to do ssh tunnelling in order to have the connectivity they require, that means it has gone too far already.
Authentication, encryption, RBAC, Single-Sign-On (SSO), firewalls, proxies, and many others, are extremely important elements to deliver a world-class and secure environment. However, all these things must be almost transparent to the users and developers. If they are not, security is actually being a big road block. And soon or later, developers and users will start to look for ways around it so then they can get their job done.
Final Comments
In this post, I covered the most fundamental elements of any automation infrastructure. Without these elements in place, it will be hard to get the things right. As mentioned in the beginning, the important thing is to identify your target goals. Having that identification exercised before you start will certainly drive you towards the right direction. So, before you start to write your automation plan, make sure you write down first your automation goals. In the next post, I will cover the automation building blocks. Till there, happy reading!