How to Prepare the Network

Let's learn how to prepare the network for the automation process.

We'll cover the following

Connectivity

Network connectivity is obviously a key element of the solution. Network engineers, server administrators, the IT security team, and network operations need to collaborate and determine the architecture for the network automation ecosystem. Communication dependencies exist between the network devices, and the Linux environment hosting Ansible. This guide is designed to help prepare any required firewall rules or traffic flows, depending on how the network is zoned. Often, servers or workstations that can reach network device management consoles are in a different or highly restricted zone on the network. They are separated from the operational zone devices like servers or workstations. We can also use a jump box methodology to create standardized all-in-one Windows or Linux hosts with Ansible installed. This method involves connecting from operational zone workstations to management workstations where administrative toolkits are hosted.

It is recommended to use device hostnames in the Ansible hosts file. This allows Domain Name System (DNS) resolution from the Linux environment to lookup the IP address of the network device it is trying to reach. Use hostnames where possible, instead of IP addresses, in the hosts file. Either populate the DNS server the Ansible host is using with the DNS records of the network devices or statically update the local hosts file in the Linux box itself. Again, DNS is recommended over a static Linux hosts file or using IP addresses in the Ansible hosts file.

Communication flow

Here are the communication flows required for network automation:

  Source    Port                             Destination
  --------- -------------------------------- -----------------
  Ansible   SSH (22)                         Network Devices
  Git       WebDev / SWebDev (8080 / 8443)   TFS

The network devices do not need to communicate with TFS, and Git does not need to communicate with the network devices. Place tools into the appropriate zones or open the appropriate firewall rules to permit these communications.

Get hands-on with 1200+ tech skills courses.