Network automation is the process of making configuration changes to your network devices using software tools and code rather than manually configuring each device one by one.
Using tools such as Ansible or Python for network automation, network engineers of today are automating repetitive tasks to ensure a more consistent predictable method of making network changes, provisioning new devices and scaling the support of their network.
Let’s go back 20 years. The life of a network engineer was very straightforward. We had some switches and a firewall and connected to each device with Putty made the change or provisioned the device directly on the command line or from a notepad file. The configuration was saved and that was it. On Monday if there was a problem with the network, questions would be asked of what has changed.
Network operations today are different, the amount of network devices is increasing by a massive scale, virtualization for network devices is the norm and IT staff to device ratio is also increasing.
We are being asked to do more and more with less.
Enter the new world of network automation.
Types of Network Automation
Use case #1
Let’s take the simple example of changing an NTP server address on 100 switches. You have a task from network operations to make this change today.
There are two ways to make this change.
- SSH to 100 switches and add the configuration and save.
- Use network automation to push the change to 100 switches.
Whilst there is nothing wrong with the first method of connecting to 100 switches, it does mean you have to make sure you have all the connection details for the 100 switches, you have to make sure you do every one and you also have to make sure that the configuration is the same on each switch. This does leave you open to human error as you cannot guarantee you will make the change 100 times 100% accurately.
Realistically if you make this change you are going to miss a few and make a few mistakes and probably forget to save the config on one switch.
Using a platform like Ansible you would have an inventory of your 100 switches, you would have a file that contained the configuration change you wanted to push, the change would be pushed with one line of code and you would get a report on the succcess of each device. For more information read Ansible hosts file example
You would know 100% that each device had the change added, the config was saved, the new and old config could be backed up and it only took you 10 seconds to do.
Compare this to connecting manually to 100 switches which is probably going to take a few hours!
Use case #2
Another use case for network automation is device provisioning. Let’s say you have 100 new switches to configure. Before network automation you would typically un-box each switch, boot it up, create the config in notepad and then paste onto the switch.
With network automation you can create an inventory of all the devices based on the mac address of the switch, connect all the switches to a provisioning network or into it’s final location in the data centre, when the switch boots it obtains an ip address and then the configuration of the device is pushed to the switch based on it’s mac address.
For this to work you do need to create the configuration templates first using your tool of choice, but once it is setup you can repeat the process for different devices.
For some devices this zero touch provisioning (ZTP) is not possible and you would have to get a basic config of management address and basic password information to enable the initial connectivity.
Whatever approach you take, this approach of configuring multilpe devices means you can guarantee that each device will be setup with 100% accuracy. This is perfect for setting up a new data center for example.
That is ensuring you have your network configuration templates setup correctly!
There’s a phrase going around in the network automation community: “To err is human; to propagate errors massively at scale is automation!”
Network automation is not a miracle cure for all issues. Just as you can make multiple changes at scale and save yourself hours of time, you can also very easily break your network infrastructure very quickly. With all automation comes caution.
You start with small steps with easy tasks like the ntp server example and then build up to production affecting changes.
Check out my post on Network Automation Tools in use today.
Network Automation Engineer
A lot of network engineers are worried that network automation is going to take their job away.
This is very far from the truth as what it’s actually going to do is free up your time from making repetitive changes and out of hours work and giving you more time to work on making the network better and working on future design optimizing rather than just keeping the lights on.
According to Cisco, 95% of all network changes are still being performed manually.
https://www.cisco.com/c/en/us/solutions/automation/network-automation.html#~why-automa
Network automation book
If you are looking for a good network automation book I can highly recommend reading this one:
https://www.amazon.co.uk/Network-Programmability-Automation-Next-Generation-Engineer-ebook/dp/B079K6HWQX
Other Relevant Articles:
- What tools do you need to automate your network?
- Check out my network automation tools list post.
- Check out my network automation tools list post.
- What is a network automation engineer?
- Read my what does a network automation engineer do post.
Cisco Certification Changes – get your Devnet certification in 2020