Building network automation solutions

9 module online course

Start now!

Hygiene of Network Automation

David Gee decided to talk about hygiene of network automation in the Spring 2019 Building Network Automation Solutions online course, and (not surprisingly) Christoph Jaggi wanted to know more:

You highlight the hygiene of automation. What is it and why does it matter?

Hygiene is the important but boring bit of automation most beginners and amateurs pass by.

Imagine for a moment you are a surgeon about to perform an operation. Your pre-operation routine involves putting on hygienic scrubs, washing one’s arms and hands and even putting on a hair net to stop any of your hair from falling into your patient.

Being an automation designer isn't that different. Workflows created should be mechanically sympathetic to the environment they’re being ran in.

Mechanical sympathy is a term coined by Jackie Stewart, one of the best F1 racing drivers. He believed the best drivers had enough understanding of how their car worked so they could work in harmony with it.

A hygienic designer will consider support for integrations against target nodes early on and figure out if it’s possible to use a single data notation like JSON, or if there needs to be a system domain-specific language which abstracts the differences. A hygienic approach allows data to flow and ebb like a stream through procedural or declarative management of infrastructure and services.

Hygiene is often linked to strategic design, where some up front time investment delivers yields of more than the input. Culturally, this is much harder than the tactical approach where heroes are revered. Tactical thinking results in horrid hacks to make square pegs fit round holes and constant fire-fighting as the control-plane substrate changes over time. It can be avoided and this doesn’t have to be the de-facto mode of operation.

Mechanical sympathy is also an interesting topic. In programming, one might create data structures to fit perfectly on to cache lines. In automation where performance gains in nanoseconds isn’t the game, data notation is important. Imagine a workflow that gathers, transforms and posts data to a south-bound interface that only accepts JSON. Designing the workflow to be mechanically sympathetic to JSON will reduce friction within the workflow and will leave it readable and maintainable.

Without a hygienic approach, chaos and complexity move up the stack. Small teams that consider hygiene can manage complex workflows with high success rates. Common patterns are reused, reducing the workflow development time and, thanks to a solid approach, workflows are quickly and thoroughly debugged.

Hygiene is the uncool part of automation.

What is your recommended approach to automation?

I always state that to be an automation master, learn to create the best flow charts and use clear, concise and reusable language throughout the design phase. If you can show your creations to your children or grandparents and they understand, consider it a good job.

It’s always tempting to get hooked on a tool or platform and it’s always exciting to watch your early creations perform magic. If you can view tools as just that and remember each tool has a set of jobs it excels at, your workflows can take on the hardest of challenges.

There is a saying in automation circles: automation gifts you with the hard stuff because the easy stuff is automated away. By understanding your subject area in depth and adopting a hygienic and mechanically sympathetic approach, the difficulty bar can be dropped, thereby allowing you to rise to the toughest of automation challenges.

Sounds interesting? Register for the Building Network Automation Solutions online course to learn more.

Even more information

We covered numerous concepts David mentioned in previous sessions of the network automation course:


  1. Isn't about top-down approach - do automation for the business purpose to align with strategic business goals (e.g automate to generate consistent configuration files for all devices when you want to add new VPN branch)? At the high level you think about VPN branches - you may even have DSL which allows "add" / "remove" VPN sites. But the work flow associated with "adding" / "removing" VPN branches is automated.
    I have been using this approach for many years.

    Otherwise you automate just to automate uncorrelated pieces without high level goal, and you enjoy small successes (e.g. "I was able to collect logs"). Yes, this might be useful but it is not always worth the effort spent on automation.

    I think that automation with higher level of abstraction (above the device' level) makes real sense...
    1. Totally agree with you (and that's where I want the network engineers to be after completing the automation online course). Unfortunately the journey through the broccoli forest of despair (to paraphrase @cloudtoad) is long and arduous.

      I'm also guessing you're perfectly aligned with David's thinking ;)
  2. This comment has been removed by a blog administrator.
Add comment