Configuration Changes

Tactical changes

Making one-time, tactical configuration changes is a great place to move from automating network reconnaissance to automating changes to the network. A one-time change to the network or a tactical configuration change is throw-away work that will be done once. These are often tedious jobs when performed manually at scale. Oversights in design may be found in production, leading to required corrections. Perhaps legacy code has become outdated and needs to be replaced. Maybe standards or conventions were not followed, leading to a non-golden configuration. Net-new requirements, for example, of a new Dynamic Host Configuration Protocol (DHCP) server, frequently arise during day-to-day operations. Every organization is different, and each network has unique requirements and challenges.

Here are some opportunities for tactical, one-time changes that can be automated:

Application of standards or conventions

This can be a standard Network Time Protocol (NTP) server for all network devices to ensure the native VLAN is set correctly on all trunk ports.

Correcting errors

Opportunities for tactical, one-time changes arise if there are known problems on the network that have been put off. This is usually because of the scale of the change, or the lack of priorities, tedium, resources and an understanding of the amount of manual effort required. Often, it’s simply due to waiting for an automated solution to arrive.

Net-new projects

Draw a line in the sand and try to commit to automating all net-new project requirements that entail changes to the network.

We have a place for one-time tactical Ansible playbooks as part of the repository. These playbooks will become part of the larger network automation framework, and are available for cloning and repurposing. Examples of successful plays help others develop their own playbooks and code.