Category: automation

In mid-May, I ran an onsite network automation workshop, and the manager organizing the workshop for his team invited me to a dinner with his peers. Not surprisingly, they wanted to hear about the topics covered in the workshop, and as soon as I mentioned Network-Infrastructure-as-Code several of them said “yes, that definitely needs to be covered.”

Whenever someone mentions intent-based networking I try to figure out what exactly they’re talking about. Not surprisingly, I get a different answer every single time. Confused by all that, I tried to find a good definition, but all I could find was vendor marketing along the lines of “Intent-based networking captures and translates business intent so that it can be applied across the network,” or industry press articles regurgitating vendor white papers.

Here’s a response I got from Simon Milhomme on my Why Is Network Automation So Hard article:

Someone left a comment on my Zero-Touch Provisioning post claiming how Big Switch Networks solved ZTP challenge using just IPv6 Link-Local Address and Neighbor Discovery instead of the complicated DHCP/TFTP/whatever sequence.

Here’s what he wrote:

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

Every now and then someone asks me “Why are we making so little progress on network automation? Why does it seem so hard?”

There are some obvious reasons:

• Tightly-coupled components and humongous blast radius;
• Lack of good tools and programming interfaces;
• Lack of transactional consistency (in some cases even simple commits);

However, there’s a bigger elephant in the room: every network is a unique snowflake.

Steve Krause created a full-blown network services deployment solution, including post-deployment validation of OSPF and BGP routing, while attending Building Network Automation Solutions online course (I prefer course attendees working on real-life problems instead of artificial ones).

Hope you’ll enjoy exploring it ;)

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

Tom Limoncelli wrote a great article about starting an automation journey from sysadmin perspective. Not surprisingly, his recommendations aren’t that far off from what I’m telling networking engineers in my network automation presentations, Network Automation 101 webinar, and introductory part of Building Network Automation Solutions online course:

More and more network devices support REST API as the configuration method. While it’s not as convenient as having a dedicated cmdlet, it’s possible to call REST API methods (and configure or monitor network devices) directly from a PowerShell script, as Mitja Robas demonstrated during the PowerShell for Networking Engineers webinar.

You’ll need at least free ipSpace.net subscription to watch the video.

This blog post was initially sent to the subscribers of my SDN and Network Automation mailing list. Subscribe here.

We’ve been told for years how we’re over-complicating networking, and how the software-defined or intent-based whatever will remove all that complexity and remove the need for networking engineers.

What never ceases to amaze me is how all these software-defined systems are demonstrated: each one has a fancy GUI that looks great in PowerPoint and might even work in practice assuming you’re doing exactly what they demonstrated… trying to be creative could result in interesting disasters.

When the Spring 2018 Building Network Automation Solutions online course started, we didn’t know whether we’d run another course in 2018, so we offered engineers who wanted to get an early start Believer price.

The wait is over: the autumn 2018 course starts on September 18^th. The schedule of the live sessions is already online, and we also have the first guest speakers. We’ll announce them in early June at which time you will no longer be able to get the Enthusiast price, so register ASAP.

David Barroso was sick-and-tired of using ZX Spectrum of Network Automation and decided to create an alternative with similar functionality but a proper programming language instead of YAML dictionaries masquerading as one. The result: Nornir, an interesting network automation tool formerly known as Brigade we discussed in Episode 90 of Software Gone Wild.

Listening to the networking vendors it seems that zero-touch provisioning is a no-brainer … until you try to get it working in real life, and the device you want to auto-configure supports only IP address assignment via DHCP, configuration download via TFTP, and a DHCP option that points to the configuration file.

As Hans Verkerk discovered when he tried to implement zero-touch provisioning with Ansible while attending the Building Network Automation Solutions course you have to:

Not long after I published the blog post arguing against physical appliances, Oven wrote a very valid comment: "But then you'd have 20 individual systems to manage, add licenses to for additional features, updates etc."

Even though the blog post (and the comment) was written in 2013, not much has changed in the meantime.

You probably know that fantastic feeling when you think your newly-discovered tool is a Hammer of Thor, capable of solving every problem (or at least crashing through it). I guess you’re also familiar with that sinking feeling when you’re trying to use your beloved hammer to whitewash a bikeshed.

Not surprisingly, the cruder the tool is, the quicker you’ll hit its limits, like when you try to do data processing in Jinja2 (hint: don’t).

A while ago Greg Ferro invited me for another fireside chat on Packet Pushers podcast. Hope you’ll enjoy our discussion.