Event-driven automation (changing network state and/or configuration based on events) is the holy grail of network automation. Imagine being able to change routing policies (or QoS settings, or security rules) based on changes in the network.
We were able to automate simple responses with on-box solutions like Embedded Event Manager (EEM) available on Cisco IOS for years; modern network automation tools allow you to build robust solutions that identify significant events from the noise generated by syslog messages, SNMP traps and recently streaming telemetry, and trigger centralized responses that can change the behavior of the whole network.
As with any complex solution, it’s hard to get event-driven automation right. You have to define what significant events are, how to identify them based on reports sent by network devices, and what the response should be. Just to give you an example:
- A major link has gone down. Should we react immediately or should we wait? How long should we wait?
- A few seconds later the link is reestablished. Should we close the incident or wait to see what happens next?
- The link has flapped several times in the last 10 minutes. How often should it flap before we take it out of service? Do we have redundancy in place so we can take the link out of service, or should we continue using the obviously-broken link because there is no alternative?
- Let’s say we decide to take the link out of service and report the problem to the carrier. What should we do if we get a subsequent failure on a redundant path?
As you can see, it’s relatively easy to define some of these elements (for example, link flap dampening has been implemented in Cisco IOS quite a while ago), while others (what to do after a failure on redundant link) probably require a human intervention. Event-driven automation is thus always a mix of human-machine interactions that’s hard to turn into a shrink-wrapped product that you could deploy and forget.
The only alternatives are to (A) ignore this challenge or (B) build a solution from smaller building blocks. If you decide to go down the latter path, check out the event-driven network automation section of the Building Network Automation Solutions course, as well as all the other course modules that will help you design and implement the overall network automation solution you need.
The next live session of the course starts in February 2019, but you don’t have to wait that long. Register now and start your automation journey immediately.