Nemertes recently looked at how organizations with larger networks – particularly Cisco heavy networks – are implementing network automation. The results were a little surprising, as less than 20% use Cisco’s flagship network controller DNA Center and dashboard, which can automate the delivery and management of change.
On the other hand, more than 40% use their own automation solution using various forms of imperative scripts or programming (mostly Python), and about 50% use a different model instead of or in addition: declarative automation.
The idea of imperative programming is to write programs that are a series of instructions such as “Make A, then make B, then if X happens, make C otherwise E”. Most of the most widely used programming languages are required (C ++, C #, PHP and Python). The current trend for more network automation is for many networking professionals to dust off old programming skills or take them for the first time.
The effort is non-trivial for network staff who are not used to this style of programming or who simply find it difficult and joyless. These detailed instructions can be very time consuming and can consist of many steps for even a single configuration change. These steps can be time-sensitive (something 1 has to be done before something 2 has been done or something 1 cancels out the effects of something 2), as well as time-sensitive (something 2 can’t be done to a certain minimum. period of time after something 1 has happened or needs to be done some time after that). Also, the engineer as a programmer has to be so careful only what needs to be done everything this is necessary.
Some network staff find declarative approaches more appropriate. Declarative programming focuses on defining the desired outcome of the program, not on the steps that need to be taken to achieve it. HTML can be considered a declarative language – “This web page must have this text in this size and this image below and two buttons here and here to take users to pages B and C.” As can SQL – “The set data must contain all records that meet conditions A, B and C. “
Declarative approaches to network automation bear much of the burden of programming by network engineers. People can focus on how a device or service should be configured, instead of coming up with detailed instructions on how to properly achieve that configuration. That is, they can focus on statements such as “Ports 1 to 24 must be configured to 1Gbps full duplex. Ports 1 through 12 are in VLAN A. Ports 13 through 24 are in VLAN B. ”
A 2022 Nemertes network automation survey found that 33% of organizations surveyed use Ansible for network automation and 17% use Gluware. Ansible became famous mainly as a result of the growth of DevOps and the infrastructure paradigm as DevOps-related code. It uses a purely imperative model in its first versions, but about five years ago it added support for declarative models. Network teams see it as a means of automating network management in both data centers and branch / campus networks. Gluware has evolved specifically as a network automation tool and primarily for Cisco-oriented networks.
The declarative one relieves the workload of network engineers
The shift to declarative network automation models alleviates the burden on network teams, especially in the face of ever-evolving network operating systems. An engineer who doesn’t have to worry about updating the OS means that the commands needed to achieve a particular state have changed is an engineer who can focus more on making sure the desired state is still correct. and achievable. In addition, it can alleviate the burden of working on different platforms of network providers. Again, the focus may be on defining the status correctly, rather than on the complex differences between Arista vs. Cisco vs. Juniper command languages.
The downside, however, is that the organization must rely entirely on the platform to be able to properly configure the equipment on its network. This is usually a safe assumption for the largest vendors and their relatively new equipment, but it is not as safe for smaller vendors or older equipment or older versions of operating systems on older equipment. It is worth noting that in the Nemertes study, which focused on obtaining information on Cisco network management, only 25% of organizations had fully Cisco routing and switching. Most organizations had two or three suppliers.
So with the usual compromise of trust tools provided by vendors to tackle imperative automation behind the scenes, declarative automation offers a powerful tool for network teams to advance to the cause of greater automation without having to focus on to become procedural programmers in an imperative style.
Copyright © 2022 IDG Communications, Inc.