Course Description

From Building Network Automation Solutions

Revision as of 08:42, 19 May 2018 by Ivan Pepelnjak (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

At a Glance

  • High-intensity interactive online course;
  • Jump-start your network automation career;
  • Hands-on experience working on a solution to your own problem;
  • 9 module course spread across ~3 months;
  • Live discussion and guest speaker sessions;
  • Design and coding assignments and group work;
  • Final course completion certificate.

Building Network Automation Solutions is a 9-module highly interactive online course. You'll study the background technical material on your own, solve hands-on assignments, and participate in online discussions and live sessions. The course is split into these modules:

Getting Started

The initial module of the course covers the big picture:

  • Network automation services you might need
  • Reusable components within these services
  • Data sources (databases, text files… ) and single source of truth
  • Data collection systems
  • Monitoring and orchestration

We’ll prepare for our journey by revisiting a few oft-ignored truths:

  • Learn to walk before you try to run - start with read-only access
  • Don’t try to boil the ocean - solve one small problem at a time
  • Create reusable building blocks instead of humongous conglomerates of code
  • Get executive sponsorship and professional help

The non-programmers in the audience will also appreciate these topics:

  • The need for computational thinking
  • You’ll get lost without source code control and versioning
  • Refactoring is inevitable - get used to it
  • Error handling and unit tests are your friends

In the hands-on part of the course you’ll build your own lab, either using virtual devices or physical gear. If you decide to go with the virtual device approach, you can choose between Arista vEOS, Cisco VIRL, Cisco CSR, Cumulus VX, Juniper vSRX or Juniper vMX.

You’ll also get familiar with Git, create your own Github account and create your own exercises repository.


Easy Wins

Let’s start with some easy wins that require read-only access to network devices and no data model apart from inventory of devices.

We’ll gather device facts through SNMP and generate software version reports, continue with gathering IP addresses and generating list of subnets configured in our network, collect ARP and MAC tables to build a comprehensive list of hosts visible in your network, and conclude with a simple validation script that will report devices with outdated software version.

You will be able to get the job done with information-gathering modules available in standard Ansible distribution (starting with version 2.2), the daredevils will use NAPALM or other third-party Ansible libraries.

You’ll be able to choose among these hands-on assignments:

  • Create a device health report (CPU utilization, memory utilization…);
  • Collect hardware inventory
  • Collect ARP tables and create a list of hosts in each subnet
  • Collect CDP/LLDP, OSPF or BGP neighbors and build a network topology diagram (requires Graphviz or Gephi)
  • Collect device IP addresses and create DNS zone files


Data Models

Data models are the crux of any successful network automation solution, and getting them just right is a mixture of science and art. The guidelines discussed in this section include:

  • Abstract everything - focus on data that describe your requirements, not data that the device need to be configured
  • Avoid data duplication - never store the same bit of information in two places
  • Separation of infrastructure and service data - define a common data model describing network infrastructure, and separate data models for individual services

We’ll also talk about data stores (from text files to relational databases), discuss their pros and cons, and figure out how to use Ansible with external data stores.

Hands-on assignments for this section include:

  • Build a simple data model for VLAN service;
  • Create a data model for VXLAN-based data center fabric;
  • Model a simple Service Provider service (Internet access or L3VPN);

All assignments require you to build a data model and a sample configuration template to verify the data model adequately describes your service.


Changing Network Configurations or State

In the previous module we created a data model for our infrastructure and a sample service. Now it’s time to change the network state, either by generating and changing device configurations, or by using an API provided by a network controller or cloud orchestration system.

We’ll start with simple configuration templates, explore the benefits of Ansible roles, discover various mechanisms and libraries you could use to push the generated configurations to network devices, and figure out how to combine automated configuration deployment with manual checks and approvals. You can choose between these hands-on assignments, or create a solution that fits your specific needs:

  • Build and deploy a VLAN- or VXLAN-based data center service;
  • Build ACLs or firewall rules and deploy them in your infrastructure (and use Capirca in multi-vendor deployments);
  • Build router configurations for large-scale WAN deployment.


Validation, Error Handling and Unit Tests

GIGO (Garbage-In-Garbage-Out) is one of the major sources of automation failures. A good automation solution should always validate the input data before starting automation tasks. It should also check the actual device state before making changes to the device configuration unless you’ve fully automated the configuration deployments.

This module describes various approaches to data validation and error handling. We’ll also focus on unit tests - simple tests that verify the correctness of your code, and stress-test it using as many invalid inputs as possible - and figure out how to automate them as part of your deployment process.

In the hands-on part of this section you’ll add data validation and error handling to the configuration-generation playbook you created during the previous module, and create unit tests to test your new code with a variety of invalid inputs.


Putting It All Together

So far we’ve created data models using text files or relational databases, and Ansible playbooks that work, but produce hard-to-read garbage. It’s time for some eye candy.

We’ll discuss adding a wrapper around Ansible playbooks, using Ansible Tower, and adding a user-friendly GUI or CLI in front of your data sources.


Network Infrastructure as Code

In this module we’ll discuss an interesting take on network automation: treating network infrastructure as code and using software development techniques to manage it.

The introductory part of this module will be part of the Autumn 2018 live course, in the meantime please enjoy a real-life case study presented by Mark Prior in Spring 2018 course.


Event Driven Automation

In the previous modules, you’ve learned how to create reports from data gathered from network devices, create device configurations from data models, automate device and service provisioning, and integrate individual components you built into a full-blown network services orchestration system.

It’s time to move to the next level: respond to significant events reported by your network in real time and adjust the network behavior accordingly. Welcome to the challenging world of Event-Driven Automation.

In this module, you’ll discover the unpleasant reality: it’s hard to define what an event is, and it’s hard to identify significant events based on plethora of messages the network devices are sending you in form of SNMP traps, SYSLOG messages or streaming telemetry. You’ll also find several tools you could use, and learn more about SALT, a tool that’s becoming more popular in complex automation environments that would be hard to handle with simple tools like Ansible.


Network Automation Tools

Guest speakers presenting in live course sessions described numerous interesting network automation tools. While the examples in this course usually use Ansible, don’t limit yourself to a single tool. After mastering it, start exploring the alternatives - they might be a better fit for your next challenge.


Next steps

If you want to attend this exciting course, there's just one more thing you have to do: register here.

I'm looking forward to meeting you in the virtual classroom.