From Building Network Automation Solutions
At a Glance
- High-intensity interactive online course;
- Jump-start your network automation career;
- Hands-on experience working on a solution to your own problem;
- 6 week course spread across ~2 months;
- Live discussion and guest speaker sessions;
- Design and coding assignments and group work;
- Final course completion certificate.
Building Network Automation Solutions is a 6 week highly interactive online course. You'll study the background technical material on your own, solve hands-on assignments, and participate in online discussions and live sessions. The course is split in 6 sections:
- Getting Started
- Easy Wins
- Data Models
- Changing Network Configurations or State
- Validation, Error Handling and Unit Tests
- Putting It All Together
The initial session of the course will focus on the big picture:
- Network automation services you might need
- Reusable components within these services
- Data sources (databases, text files… ) and single source of truth
- Data collection systems
- Monitoring and orchestration
We’ll prepare for our journey by revisiting a few oft-ignored truths:
- Learn to walk before you try to run - start with read-only access
- Don’t try to boil the ocean - solve one small problem at a time
- Create reusable building blocks instead of humongous conglomerates of code
- Get executive sponsorship and professional help
The non-programmers in the audience will also appreciate these topics:
- The need for computational thinking
- You’ll get lost without source code control and versioning
- Refactoring is inevitable - get used to it
- Error handling and unit tests are your friends
In the hands-on part of the course you’ll build your own lab, either using virtual devices or physical gear. If you decide to go with the virtual device approach, you can choose between Arista vEOS, Cisco VIRL, Cisco CSR, Cumulus VX, Juniper vSRX or Juniper vMX.
You’ll also get familiar with Git, create your own Github account and create your own exercises repository.
Let’s start with some easy wins that require read-only access to network devices and no data model apart from inventory of devices.
We’ll gather device facts through SNMP and generate software version reports, continue with gathering IP addresses and generating list of subnets configured in our network, collect ARP and MAC tables to build a comprehensive list of hosts visible in your network, and conclude with a simple validation script that will report devices with outdated software version.
You will be able to get the job done with information-gathering modules available in standard Ansible 2.2 distribution, the daredevils will use NAPALM or other third-party Ansible libraries.
You’ll be able to choose among these hands-on assignments:
- Create a device health report (CPU utilization, memory utilization…);
- Collect hardware inventory
- Collect ARP tables and create a list of hosts in each subnet
- Collect CDP/LLDP, OSPF or BGP neighbors and build a network topology diagram (requires Graphviz or Gephi)
- Collect device IP addresses and create DNS zone files
Data models are the crux of any successful network automation solution, and getting them just right is a mixture of science and art. The guidelines discussed in this section include:
- Abstract everything - focus on data that describe your requirements, not data that the device need to be configured
- Avoid data duplication - never store the same bit of information in two places
- Separation of infrastructure and service data - define a common data model describing network infrastructure, and separate data models for individual services
We’ll also talk about data stores (from text files to relational databases), discuss their pros and cons, and figure out how to use Ansible with external data stores.
Hands-on assignments for this section include:
- Build a simple data model for VLAN service;
- Create a data model for VXLAN-based data center fabric;
- Model a simple Service Provider service (Internet access or L3VPN);
All assignments require you to build a data model and a sample configuration template to verify the data model adequately describes your service.
We built a data model for our infrastructure and a sample service during Week 3 of the course, now it’s time to change the network state, either by generating and changing device configurations, or by using an API provided by a network controller or cloud orchestration system.
We’ll start with simple configuration templates, explore the benefits of Ansible roles, discover various mechanisms and libraries you could use to push the generated configurations to network devices, and figure out how to combine automated configuration deployment with manual checks and approvals. Hands-on assignments will include:
- Build and deploy a VLAN- or VXLAN-based data center service;
- Build ACLs or firewall rules and deploy them in your infrastructure (and use Capirca in multi-vendor deployments);
- Build router configurations for large-scale WAN deployment.
GIGO (Garbage-In-Garbage-Out) is one of the major sources of automation failures. A good automation solution should always validate the input data before starting automation tasks. It should also check the actual device state before making changes to the device configuration unless you’ve fully automated the configuration deployments.
This section will describe various approaches to data validation and error handling. We’ll also focus on unit tests - simple tests that verify the correctness of your code, and stress-test it using as many invalid inputs as possible - and figure out how to automate them as part of your deployment process.
In the hands-on part of this section you’ll add data validation and error handling to the configuration-generation playbook you created during Week 4, and create unit tests to test your new code with a variety of invalid inputs.
So far we’ve created data models using text files or relational databases, and Ansible playbooks that work, but produce hard-to-read garbage. It’s time for some eye candy.
We’ll discuss adding a wrapper around Ansible playbooks, using Ansible Tower, and adding a user-friendly GUI or CLI in front of your data sources.
If you want to attend this exciting course, there's just one more thing you have to do: register here.
I'm looking forward to meeting you in the virtual classroom.