Automation can make any administrator's job infinitely easier. The trick, however, is figuring out where to start.
Whether your IT department manages a private, public or hybrid cloud, there are plenty of manual processes performed every day that could be fully automated. Today, we're going to help you on your automation journey by pointing out some of the basics you need to know to get started.
This includes scripting languages, potential places to start automating and tips on managing automation scripts once you have them in place.
The area of network automation that confuses people the most is figuring out which scripting language or languages you're going to need to achieve your automation goals. If your operating legacy network equipment, you don't have too many native options.
For example, network switches and routers that run the traditional Cisco IOS operating system can be automated using TCL scripts configured directly on the command line. For Cisco's more modern NX-OS, you can tap into the built-in Python APIs, which allows for a more feature-rich automation experience.
APIs are the true key to complex network automations.
The reason is that APIs provide direct "hooks" into infrastructure equipment's software that is perfect for automation purposes. With an API, you can pull relevant data out of a networking device, perform analysis, apply policies and then send configuration commands back to the device. Python is one of many scripting languages out there that is used for this.
Other popular scripting languages include Ansible, Puppet, Chef and Perl.
Most of these languages allow you to code whatever automation you desire. However, the methods used to achieve your goals will vary depending on what you are attempting to automate.
One thing to keep in mind is that natively supported APIs are going to yield a far easier path. You could script using more rudimentary methods such as screen- or CLI-scraping. But leveraging APIs is going to give you a far better and more reliable experience. That's why it's important to investigate what APIs your infrastructure equipment can integrate with directly.
What should I automate first?
Once you choose your automation scripting method, the next decision is what to actually automate.
For beginners, my advice is always to start with something useful -- yet easy to implement. One example would be to script a report that compares security policies on all routers, switches and firewalls. You may find that you are missing some critical configurations that render a network device vulnerable.
Once you get the hang of automation using scripting languages, the sky is the limit. Some other great examples of automation scripts include intelligent auto-provisioning of devices, user onboarding/offboarding and regular updating of machine-to-machine encryption keys.
Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.
One of the cooler tricks I've come across was the automation of SNMP monitoring for newly deployed servers in the cloud. As many readers know, it's easy to miss the deployment of a new server. If this server is not properly monitored for faults or outages, it stands the chance of being overlooked when failures occur. This can lead to a situation where an outage lasts much longer than it should.
To remedy this problem, automation scripts can be configured to scan for new servers on the private or public cloud. Once the new servers are discovered, pertinent information is then extracted from the server to build the network monitoring policies. This is a great example of a common network management issue that can be easily resolved using automation tactics.
Automation management tips
As you go down the path of network automation, you're going to quickly find that managing scripts and extracted data becomes a challenge if you don't manage it properly.
Organization is key.
One simple tip includes centralizing automation execution from a single location -- or a cluster for resiliency purposes. The last thing you want is to be managing automations from random servers across your network.
A second tip is to refrain from storing duplicate data that's used for automation purposes. Keeping duplicate data not only adds unnecessary bulk, it can create confusion and errors on scripts that pull from different sources of the same data.
Lastly, it's important that when writing network automation scripts, you write your code in a modular way so it can be easily re-used for different purposes. Doing so will significantly streamline future automation tasks and aid in troubleshooting processes that aren't functioning properly.
— Andrew Froehlich is the President and Lead Network Architect of West Gate Networks. Follow him on Twitter @afroehlich.