Increasing the level of network automation is a common network resolution for many organizations we speak with. Today, about 70% of network configuration activities are manually-driven (which may not sound good, but at least it is down from 85% a few years ago). In addition to longer provisioning times, manual configuration changes are ripe for human error as we estimate that 2% of manual changes result in some form of error or anomaly.
At the same time, many organizations are having some success in their DevOps initiatives. However, networking and DevOps are often disconnected. To truly apply DevOps principles in the networking, we should deploy networking activities via an automated pipeline, which means to:
- Require that proposed network configurations and associated activities (validation, staging) be part of an automated pipeline.
- Mandate both prechange validation (checking for capacity, baselining configuration and performance, etc.) and postchange validation (reverification of prechange) as part of the pipeline
- Perform prechange validation activities either in nonproduction environments and/or by using tools (which could range from batfish to VIRL to GNS3 to Tesuto, etc.).
- Automate both the pre- and postvalidation tasks.
- Automate deployment of actual changes, but only deploying the relevant configurations (i.e., not forcing eight commands to a device if five of them are already present).
- If postvalidation checks fail, configurations should be rolled back to a prior known working state.
We recognize that this is dramatically different than the way most networking activities exist today which entails lots of manual checking, scripting and perhaps some task-automation (if we’re lucky) and includes limited (if any) pre-change validation. So how do we get there? Well start in a gradual fashion, focusing on new deployments versus attempting to retrofit legacy overnight. Focus on simple, repeatable tasks that are well-defined and well-understood, with clear processes and workflows associated with them. Initially, focus on automating nonchange activities first, such as troubleshooting, reporting, and pre- and postvalidation. Begin by automating in lower critical environments first, such as development, test, lab and staging. Then, iterate and grow, moving automation to more important environments.
For more information, refer to this published Gartner research:
Summary: Many enterprises carry high levels of technical debt in their networks, which limits network agility and increases unplanned downtime. To combat technical debt, I&O leaders should build an automated pipeline for common change requests, and make specific adjustments to NetOps culture.