Network automation – yea baby
A long time ago, in Operations the world was very fragmented – web admins, sysadmins, database administrators. Now most people at good companies are generalists. Tools allow you to administrate all of the different programs in the same way. Specialists still exist, but for most day to day operations, specialists are unnecessary.
On the other side, traditional network engineers are in a world all on their own. Networking companies try to push this mindset, through interfaces and designs that de-emphasize interoperability and certification tracks which emphasize knowledge in single-vendor environments. Once someone has spent years and thousands of dollars on studying for their CCIE, there is a huge barrier to changing technologies and mindsets. The emphasis on certifications is just another way to reinforce the idea that network engineers are special and need to be held to a different standard.
We must learn from the Operations DevOps world. DevOps encourages the use of tools, quick turnover cycles, and intercommunication between teams in order to lower errors while deploying and encourage deployment. Tools allow developers and other technical colleagues to self-service their needs.
This new mindset is required to scale systems up to their current large state. Even medium sized companies may need to administer huge numbers of systems due to VMs and containerizing services in for security and helping to up the scale. Network engineers cannot be a single chokepoint in this environment. As well, network engineers should not have to spend the majority of their day assigning ports and vlans manually.
In the past few years, automation tools and network operating systems have finally become interoperable. Puppet Labs has led the charge with pushing custom agents for traditional network OS’es (like IOS and Junos), as well as partnering with newer operating systems that can run native agents (like EOS or Cumulus Linux).
Without tools, network changes are usually made manually at the command line. Even cut and pasting a known good configuration can incur errors… so many times in my life I’ve pasted a large configuration, only to have the buffers fill up and part of my configuration left out. Using network automation tools to commit changes to a central repository can ensure that manual errors are a thing of the past. Code reviews allow a second layer of protection and automated tests can prevent minor typos from bringing down your network. Automated configuration pushes ensure that no switch will be forgotten when pushing the latest firewall rule.
Long live the automated future!
Leslie Carr works for Cumulus Networks
Other posts in our women in tech week include:
Geeks do drink prosecco
Network filter bypass solutions