Network Automation
Network Automation
Tailored automation solutions
Tailored automation solutions
Embedded Files
Design once, use over and over again – that’s automation.
In the case of networks, services to be automated are defined and designed at an abstract level. All possible details are left for automation to handle. Only conceptual, abstract elements remain visible to the daily user, while everything else is managed under the hood.
Automation saves time by eliminating the need to consider every detail in day-to-day operations.
We build network automation solutions with experience from multiple projects and several years.
We have automated networks built with devices from the following manufacturers:
Arista - switches
Cisco IOS XR - routers
Cisco SD-WAN - routers
Cisco Catalyst - switches
Cisco - wireless access points
Paloalto - firewalls
Examples of use cases we have automated include:
Examples of use cases we have automated include:
- provisioning branch offices (Routers, switches, and access points)
- creating virtual networks in a Leaf-Spine architecture (Switches and firewalls)
- creating virtual networks in an MPLS backbone (Routers and firewalls)
Below is a typical architecture of automation systems, presented from top to down.
Below is a typical architecture of automation systems, presented from top to down.
Abstract Network Services
Abstract Network Services
The most important aspect of automation is the abstraction of the services being automated. This hides the detailed information under the hood, leaving only the essential details in the abstracted service. These are often minimal, such as a unique name identifying the service. The automation includes logic that generates the required details from the abstract model and stores them.
Building abstractions almost always requires network environment-specific design and implementation.
Example:
An example of an abstracted service is a Virtual Network. It could consist of an MPLS network VRF, associated firewall connections, and MPLS sites. Such a setup can be created with very minimal input—often, just a name is sufficient. All the necessary detailed information, such as route-target values and IP addresses, is allocated by the automation system. These details should not need to be considered in daily operations, such as adding or removing virtual networks.
The intended state of the network
The intended state of the network
It is essential to construct a detailed target state of the network beneath the abstraction layer. The target state includes following elements:
Network devices and their ports
Connections between network devices
A database of IP addresses at the subnet level
IP addresses of individual ports on specific devices
VLAN IDs
AS numbers
Etc.
How all these are related to each other
The purpose of the intended state is to enable its complete delivery to devices at a later stage. Typically, it is built in a dedicated system known as a Single Source of Truth. The intended state is vendor agnostic.
Vendor specific configurations
Vendor specific configurations
The detailed intended state of the network is translated into a format supported by each device vendor in use.
There are differences between vendors in how well they support automation. Some vendors provide excellent API interfaces and libraries for automation, while for others, more custom development work is required.
Delivering configurations to network devices
Delivering configurations to network devices
The final step in automation is to deploy the generated configurations to the devices. This layer includes data validation and error handling.
Additionally, various pre-checks can be performed for the planned network changes. The configuration delivery pipeline can be integrated with test in simulated environment to ensure the changes do not cause unexpected disruptions when deployed into production.
There are also vendor-specific differences in this area. Some vendors provide solutions that handle a significant portion of these tasks.
Page updated
Report abuse