Network Automation Basics and Benefits

Introduction:

I have been working in the field of networking for the last 21 years but for the last 6-7 years it has been a drastic change in managing the networks since the invent of the network automation. It does not mean that network automation was not there before, but people started realizing that network can be managed through automation, and which reduces the efforts, increase efficiency and build a reliable network irrespective of the size and complexity of the network infrastructure. Network automation has emerged as a crucial solution to address many challenges which includes allowing network engineers to streamline their workflows, reduce errors, and improve operational efficiency. 

In this article I will dive deep into the fundamentals of network automation for network engineers and will explore the key concepts, benefits, popular tools, and practical scenarios with examples.

1. Understanding Network Automation:

Network automation is the process of performing various repetitive tasks such as devices configurations, monitoring and troubleshooting using either some scripts or software and tools in a network environment. Those who have started automation in their network infrastructure gets benefited by reducing efforts and time and allowing them to focus on strategic planning, optimization, and innovative projects. The key objective of network automation is to enhance network agility, improve reliability, and adapt quickly to changing business needs.

2. Benefits of Network Automation:

Network automation offers a myriad of benefits that positively impact network engineers and the organizations they serve:

a. Time and Resource Efficiency:

Automating repetitive tasks reduces the time and effort required for network management. Mundane chores like configuring devices, updating firmware, and backing up configurations can be automated, freeing up valuable time for network engineers to concentrate on critical issues and high-value projects.

b. Consistency and Accuracy:

Automated processes ensure uniformity and consistency across network devices. By eliminating human errors in configurations, network engineers can achieve a more stable and reliable network environment.

c. Rapid Deployment and Scalability:

Automation facilitates the swift and consistent deployment of network services. When new network devices are added, automation can efficiently configure them to match existing standards, reducing the time and effort required for expansion.

d. Reduced Downtime and Faster Troubleshooting:

Automated monitoring and self-healing features can proactively detect network issues and apply predefined remediation actions. This leads to reduced downtime, faster troubleshooting, and improved network availability.

e. Compliance and Security:

Network automation helps enforce security policies consistently across devices and ensures compliance with industry regulations and organizational standards.

3. Key Concepts in Network Automation:

a. APIs (Application Programming Interfaces):

APIs are essential building blocks of network automation. They allow different software systems to interact and exchange information. Network devices typically expose APIs that provide programmatic access to their configurations and status. By using APIs, network engineers can automate device configurations, collect real-time data, and interact with network devices in a standardized manner.

b. Configuration Management:

Configuration management is a core aspect of network automation. It involves creating, managing, and updating network device configurations automatically. With automation, engineers can apply consistent configurations across devices, enforce policies, and rapidly deploy services with predefined templates.

c. Orchestration:

Orchestration is the automation of end-to-end workflows that involve multiple network devices and services. It enables network engineers to design complex tasks that span across devices and execute them seamlessly. Orchestration enhances network efficiency, reduces manual intervention, and ensures the smooth functioning of interconnected services.

d. Monitoring and Telemetry:

Monitoring and telemetry provide real-time data about network performance and health. By using automation to collect and analyze telemetry data, network engineers gain valuable insights into network behavior and can take proactive measures to address potential issues before they impact network performance.

e. Self-Healing Networks:

Self-healing networks are an advanced application of automation. By implementing automated processes that detect and respond to network issues in real-time, network engineers can create a more resilient and robust network infrastructure. Self-healing networks lead to reduced downtime and improved network availability.

4. Popular Network Automation Tools:

Several powerful tools and frameworks are available to assist network engineers in their automation journey. Here are some of the most widely used ones:

a. Ansible:

Ansible is an open-source tool which is used for automation that allows network engineers to define and create tasks in a declarative language. With Ansible, tasks can be executed across multiple devices simultaneously, simplifying network automation and reducing operational overhead.

Example Scenario:

Let's consider a scenario where a network engineer needs to configure a set of switches with a specific VLAN configuration across different locations. If you use traditional manual approach, then this process would be time-consuming and error prone. However, with Ansible, the engineer can define a playbook (a set of tasks) that specifies the VLAN configuration and apply it to all switches simultaneously.

yaml

------

- name: Configure VLANs on switches

  hosts: switches

  tasks:

    - name: Create VLAN 10

      ios_command:

        commands:

          - vlan 10

          - name "Sales"

    - name: Create VLAN 20

      ios_command:

        commands:

          - vlan 20

          - name "IT"

    # Additional tasks for other VLANs and switch configurations

b. Python:

Python is a popular programming language extensively used in network automation. It offers numerous libraries and frameworks that aid in building automation scripts for interacting with network devices, parsing data, and performing tasks.

Example Scenario:

Suppose a network engineer wants to automate the backup of router configurations regularly. A Python script can be created to connect to routers, issue the appropriate commands, and save the configurations to a centralized server or cloud storage.

python

-------

import paramiko

def backup_router_config(ip, username, password):

    ssh_client = paramiko.SSHClient()

    ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

    ssh_client.connect(ip, username=username, password=password)

    ssh_client.exec_command("show running-config")

    # Parse the output and save the configuration to a file

    # ...

    ssh_client.close()

# Usage:

backup_router_config("192.168.1.1", "admin", "secretpassword")

c. NETCONF/YANG:

NETCONF (Network Configuration Protocol) and YANG (Yet Another Next Generation) data modeling language are standards for network device configuration and management. They enable programmatic access to network devices using XML-based data models.

Example Scenario:

Consider a scenario where a network engineer needs to automate the configuration of access control lists (ACLs) on multiple routers. With NETCONF/YANG, the engineer can use standardized data models to define the ACL configurations and apply them to multiple routers consistently.

xml

-----

      permit-ssh

      permit

      192.168.0.0/24

      any

      tcp

      22

d. SaltStack:

SaltStack is an automation and configuration management tool that uses a master-minion architecture. It is known for its speed and scalability, making it ideal for large-scale network automation.

Example Scenario:

Suppose a network engineer needs to push configuration changes to a large number of switches. With SaltStack, the engineer can define a state file that describes the desired configuration and apply it to the minion devices simultaneously.

yaml

------

# /srv/salt/top.sls

base:

  'switch*':

    - configure_switch

# /srv/salt/configure_switch.sls

configure_switch:

  network.system:

    - name: vlan

    - value: 100

e. Nornir:

Nornir is a Python automation framework designed explicitly for network engineers. It provides flexibility and extensibility for network automation tasks.

Example Scenario:

Suppose a network engineer needs to retrieve the ARP table information from multiple routers and switches. Using Nornir, the engineer can create a script that connects to each device, executes the appropriate command, and collects the ARP data.

python

---------

from nornir import InitNornir

from nornir.plugins.tasks import networking

nr = InitNornir(config_file="config.yaml")

def get_arp_table(task):

    result = task.run(task=networking.napalm_get, getters=["arp_table"])

    arp_table = result[0].result["arp_table"]

    # Process and store the ARP table data

    # ...

nr.run(task=get_arp_table)

5. Best Practices for Network Automation:

a. Start Small:

Begin with simple automation tasks and gradually build complexity. Starting small allows network engineers to gain confidence and experience in automation practices.

b. Version Control:

Implement version control (e.g., Git) to track changes to automation scripts and configurations. Version control ensures a history of changes, simplifies collaboration, and enables easy rollbacks if needed.

c. Testing and Validation:

Adopt rigorous testing procedures to validate automation scripts before deploying them in production. Test scripts on a non-production network or utilize network simulation tools to ensure correct behavior.

d. Documentation:

Thoroughly document automation workflows, scripts, and configurations. Proper documentation aids in knowledge sharing, troubleshooting, and onboarding new team members.

e. Security:

Adhere to secure coding practices when developing automation scripts. Apply the principle of least privilege when granting automation access to network devices, ensuring that only authorized actions are performed.

6. Example Scenario: Automating Configuration Backups:

Let's explore a practical example of automating configuration backups using Ansible:

Step 1: Inventory File:

Create an Ansible inventory file (inventory.yaml) containing the network devices you want to back up:

yaml

------

all:

  hosts:

    router1:

      ansible_host: 192.168.1.1

    router2:

      ansible_host: 192.168.1.2

  vars:

    ansible_network_os: ios

    ansible_user: admin

    ansible_password: mysecretpassword

Step 2: Ansible Playbook:

Create an Ansible playbook (backup_configs.yaml) to back up the configurations:

yaml

------

- name: Backup Configurations

  hosts: all

  tasks:

    - name: Backup running-config

      ios_command:

        commands:

          - show running-config

      register: config_output

    - name: Save configurations to files

      copy:

        content: "{{ config_output.stdout[0] }}"

        dest: "backup/{{ inventory_hostname }}_running-config.txt"

Step 3: Running the Playbook:

Execute the playbook using the ansible-playbook command:

bash

------

ansible-playbook -i inventory.yaml backup_configs.yaml

The playbook connects to each device, retrieves the running configuration, and saves it to a file in the backup directory. After running the playbook, you will have a backup of each device's configuration.

Conclusion:

Network automation has become an essential skill for network engineers as networks continue to grow in complexity and scale. By understanding the fundamentals of network automation, including its benefits, key concepts, popular tools, and best practices, network engineers can elevate their efficiency and contribute more strategically to their organizations' success. Through practical examples and scenarios, we have seen how automation tools like Ansible, Python, NETCONF/YANG, SaltStack, and Nornir can streamline network management tasks, improve consistency, and help network engineers meet the challenges of the digital age. Embracing network automation is not only a competitive advantage but a necessity for building and managing resilient, scalable, and future-ready networks.