In the first installment in this series, we covered why network automation is needed. Once you’ve decided to start with a network automation project, selecting the right tools is the next step. So which tools should you choose? It really depends on what you’re trying to achieve. For example, a finish carpenter may select tools based on precision, reliability, and longevity; an artisan, on the other hand, might choose tools that allow him or her to focus more on the vision than the implementation details. This is solid criteria for your network automation tool selection as well.
For network automation, there are many tools from which to choose. To help you understand which tools might work best for you, it’s typically beneficial to experiment with different tools in brief evaluations. Counter-intuitively, evaluations that do not go as hoped are the most valuable. Why? They help clarify important requirements for choosing the best tool. Another factor to consider when choosing your tools is the presence (or absence) of an accessible community to help you learn and succeed on your journey.
In this article, we’ll focus on some popular and well-established tools with great communities: Git for managing versions of files; the Python scripting language; then Ansible and Netmiko. We’ll also mention some other worthy tools for network automation along the way.
Git is one of the most popular source-code control management (SCM) tools that's readily available on many platforms. You might ask, “Why do I need an SCM?” As more and more of your environment becomes represented as some sort of code---in the form of configuration files, configuration templates, and scripts, to name a few examples---a SCM becomes very important. For one, it enables you to take advantage of processes programmers have used for years: comparing different versions, managing who has access to read or modify those files, reverting to backups, and efficiently reviewing proposed changes. Second, when combined with GitHub or GitLab to store your repository on a remote server, you gain very friendly tools for collaborating with others and backing up your work.
Python has developed a strong following in the network field. Python’s certainly not the only scripting language; there are other scripting languages such as Ruby, Groovy, and Perl, to name a few. Think of a scripting language as the “duct tape” of automation, holding everything together. You want a scripting language that’s easy to read and use. Python was developed in the early 1990s as a general-purpose scripting language designed for readability. Like other scripting languages, it's interpreted, meaning it doesn't need to be compiled before running a script.
To help build your scripts, there are more than 100,000 pre-made modules you can use to simplify your work, allowing you to focus on your goal instead of implementing every function from scratch. One example is Netmiko. Netmiko handles the uniqueness of SSH to many types of network devices, so you don't have to deal with this effort in your own scripts. Virtualenv lets you manage Python environments on a per-project basis, eliminating the need for administrator credentials to install or update modules and streamlining work with different projects that might require different modules or different versions of the same module.
Beyond scripting languages, general-purpose configuration management and IT automation systems are extremely powerful, were developed to automate a wide range of tasks in the IT world, and are supported by huge communities. The majority of businesses with more than a few servers to manage are using at least one of these tools. Some of the big players in this space include Ansible, Chef, and Puppet. The core of these tools are open-source and free to try or use in production. Additional features, graphical user interfaces, etc. are available for a fee.
Chef and Puppet use a Ruby-like Domain Specific Language (DSL) that defines a "contract" with a server or network device. You specify files and packages that should exist, configuration state, and services that should be running or not. The tools handle the dirty work of how to ensure that contract is enforced. Ansible can be used in the same way as Chef or Puppet, and adds more general-purpose automation in its core as well. With these tools, you can group devices by function, or "role," and map configuration settings to roles so you have fewer unique points to manage. Ansible does not require an agent be installed on the device being managed--it uses SSH so you can get started rapidly. This can make Ansible a good choice for applying configuration management tools to network automation.
Finally, templates are another great tool in the network automation toolbox. Templates let you define content -- of a file or a network device configuration, for example -- with embedded syntax from simple variable substitution to conditional logic and loops. Embedded Ruby (ERB) and Jinja2 are two common template formats. Jinja2 is an especially popular choice, given its close ties to Python and Ansible; Jinja2 templates can be used directly from Python scripts or combined with higher layer tools like Ansible. If you take some time to analyze your network device configurations, you’ll soon notice how much configuration is duplicated across multiple devices, differing only by a few items such as IP addresses and hostnames. This makes templates ideal to reduce maintenance and increase consistency.
Just as the right tools in a carpenter’s toolbox contribute to the quality and success of a project, it's important to select quality tools that will enable and simplify your automation. We've selected some tools with which to begin: Git, Python, and Ansible, among others. The next article in this series will dive into steps to get started with these tools. Then, the final article in the series will address some of the cultural aspects of embracing automated workflows.
You can learn more about automation from Jere Julian and Scott Lowe live and in person at their half-day workshop at InteropITX, "Hands-On Practical Network Automation." The workshop will cover how to get started with network automation, and experts will help guide participants. Twin Bridges Technology Founder Kirk Byers, who teaches Python to network pros, and Matt Oswalt, software engineer at StackStorm, are co-presenters. Don't miss out! Register now for InteropITX, May 15-19 in Las Vegas.
Jere Julian, DevOps for Networking Evangelist and Extensibility Engineer for Arista Networks, has more than 20 experience in networking and automation. Scott Lowe, Engineering Architect at VMware, is a blogger, speaker, and best-selling author with more than 20 years of experience in the IT industry.