Network Infrastructure as Code Is Nothing New
Following “if you can’t explain it, you don’t understand it” mantra I decided to use blog posts to organize my ideas while preparing my Networking Infrastructure as Code presentation for the Autumn 2018 Building Network Automation Solutions online course. Constructive feedback is highly appreciated.
Let’s start with a simple terminology question: what exactly is Infrastructure as Code that everyone is raving about? Here’s what Wikipedia has to say on the topic:
Infrastructure as code (IaC) is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. […] The definitions may be in a version control system. It can use either scripts or declarative definitions, rather than manual processes, but the term is more often used to promote declarative approaches.
You might wonder where all the other things are that the Network Infrastructure as Code (NIAC) evangelists are talking about like automated testing, continuous integration, and continuous delivery. Guess what: they’re not even mentioned. I’m not saying they’re not useful (they are – and we already covered them in the automation course), but they are not part of IaC concept.
Now let’s go back to the definition. Does “managing and provisioning infrastructure through machine-readable definition files” sound familiar?
Are device configurations definition files? Of course – they define what the devices we’re applying them to should be doing. Are they machine-readable? Evidently. Does that mean that we had network infrastructure as code since the early days of Cisco software (even before it was called Cisco IOS)… or going even further, when we were still configuring IBM 3745 front-end processors? What do you think?
A bit of historical trivia
IBM 3745 ran Network Control Program operating system, and the configuration file was really a set of assembler macros that were compiled and linked with the rest of the operating system to get a bootable image. Changing device configuration required a reload… not unlike the way you had to do configuration replace on Nexus OS until software release 8.1.
Need More Information?
We talked about network infrastructure-as-code and continuous integration, delivery and deployment in the Network Automation Concepts webinar.
Could you please describe the difference between the 'declarative' and 'imperative' approach which is (by your opinion) not understood by Ivan.
"Is interesting to read that everything is not new to you. Maybe you're a traveller from the future." << or maybe I've been in this industry long enough to seen every hype once or twice. I understand that things don't look that way to you, and I have no problem with that.
"I think you don't know the difference between a declarative and imperative approach." << so please tell me where I went astray... after reading https://blog.ipspace.net/2018/06/what-is-intent-based-networking.html. I did a deeper dive in a webinar, but that would require actually investing something into this topic. I don't expect that.
"It's hard to do a declarative approach with Ansible and the nice network vendor APIs." << hehe, you guessed the topic of the next blog post :D You probably also missed https://blog.ipspace.net/2018/04/dont-get-obsessed-with-rest-api.html
"IaC applies more to cloud infrastructure (public and OpenStack) where the network plays a very small role." << I have no problem with that, but as soon as someone starts talking about "network infrastructure as a code" it's time for me to call bullshit.
"There's a good book (Terraform...) out there that gives you a good introduction to the topic." << I know you wouldn't believe it, but I actually read what some people believe to be THE book on the topic. http://shop.oreilly.com/product/0636920039297.do ... and found that it nicely confirms my views.
However, sometimes it helps to have a crisp definition of a misused term, and in the world dominated by vendor marketing, it's great to have a platform that enables anyone to chime in, and exposes all the ****fight in plain view.