Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Incremental SDN: Automating network device configuration

Ethan Banks | Sept. 10, 2014
Automation is a logical next step in the SDN migration journey.

Puppet is a model-driven configuration tool that relies on a client-server architecture to deliver configurations from the controlling server to the client device being configured.

In the network world, this is a challenge in that a Puppet server needs to talk to a Puppet agent running on the client system. The requirement for an agent has ruled out many network devices, as Puppet agents simply aren't available for most network gear. The initial drive for Puppet in the network space was to extend the functionality of a tool already deployed in many enterprises to manage servers. Why use a different tool for network device configuration if Puppet is available and already being used by the organization?

Puppet uses its own human-friendly language that allows people to describe how they want a device configured. The Puppet server translates that manifest into a configuration suitable for that device, generating a catalog. The Puppet agent polls the Puppet server periodically to retrieve any new catalogs, and make the required changes.

Puppet can be used to configure a limited number of Cisco devices, as well as certain devices from Juniper, F5, Mellanox, Arista, and presumably others. Note that "Puppet support" does not mean that every network device function will necessarily be supported by Puppet. In fact, most network engineers find that the functions they can actually configure via Puppet are limited.

Puppet is available in both open source and commercial variants.

Ansible.  Similar to Puppet in overall scope, Ansible is growing in popularity in part because the design is an agentless push architecture. Ansible interacts with a remote network device via SSH, NETCONF, or other means as specified in the module written for the remote device. SSH is used frequently, although this is not something the Ansible consumer has to be overly concerned with. The module handles the work of getting the intended configuration to the remote device, whatever the means.

Network engineers describe what they would like the network configuration to be using playbooks. Playbooks are written in an easy-to-read language called YAML. Just like Puppet is limited in what specific network functions it supports, Ansible is limited by the functions described in a device's module.

In addition to its agentless nature, Ansible is gaining popularity due to reported ease of use and flexibility. Like Puppet, there are both open source and commercial flavors of Ansible.

A few other tools network engineers find useful as they look to automate their network configurations include:

Github, a free-to-use online repository for code that includes a versioning system. Of late, Github has been the go-to site to obtain code related to network configuration automation. Cisco, Arista, Juniper, Mellanox, and other network vendors maintain freely available code that supports configuration of their network devices or integration with cloud computing platforms such as OpenStack.


Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.