Starting Automation

Information gathering

There may be immediate needs for an automated solution. While it may be tempting to jump right into making automated changes to the network, it is strongly recommended to begin with information gathering. Spend time breaking down the network into the building blocks of enterprise design and logical functions.

For example:

• Enterprise lab network

  • Core

  • Distribution

  • Access

• Enterprise campus network

  • Core

  • Distribution

  • Access

• Enterprise data center

• Enterprise WAN

• Enterprise DMZ / Public Access Zone (PAZ)

• Public and private clouds

Hardware platforms and software versions

To select the required Ansible modules and identify differences in configuration syntax, further break down the network into hardware platforms and software versions. Code differences exist between platforms for the same commands or configurations.

Now that configurations are being automated with a goal of idempotency, coding for the sometimes-subtle differences in running-configurations across the various platforms and software versions in the enterprise is a necessity. The more standardized the platforms across the network, the more uniform the code becomes.

Here is an example of a network hardware audit:

• IOS — Catalyst 6500

• IOS — Catalyst 4500

• IOS — Catalyst 3850

• IOS — Catalyst 3750

• IOS — Catalyst 3560

• IOS — Catalyst 2960

• NXOS — Nexus 7K

• NXOS — Nexus 5K

• IOS — ISR 881

Identify common features

Start thinking about various common functions or features enabled on the network. Note any commonalities amongst groups of devices by platform, IOS, or function. This will help identify patterns in the configurations to help in writing templates later.

For example:

• Core Layer:

  • Catalyst 6500 platforms

  • Virtual Switching System (VSS)

  • Unique QoS model

  • VLANs

  • VRFs

  • OSPF/EIGRP/Static routing

  • Port-channels

  • Physical interfaces

  • Virtual interfaces

    • IP addresses

• Distribution layer:

  • Catalyst 4500 platforms

  • VSS

  • Standardized QoS model (MQC)

  • ACLs

  • VLANs

  • VRFs

  • OSPF/EIGRP/Static routing

  • Physical interfaces

  • Virtual interfaces

    • IP helpers

    • IP addresses

• Access layer:

  • Catalyst 3850 platforms

    • QoS model same as 4500 (MQC)

    • Stackwise technology

    • Power stacking

  • Catalyst 3750 platforms

    • Unique QoS model (MLS)

    • Stackwise technology

    • Power stacking

  • Catalyst 3560 platforms

    • QoS model same as 4500 (MQC)

  • Catalyst 2960 platforms

    • Unique QoS model (MLS)

  • ACLs

  • VLANs

  • Physical interfaces

    • Various profiles

    • Wireless Access Points

    • PoE devices

    • Spanning-tree protocol settings

    • VLAN

    • Voice

    • QoS

    • Security

  • Virtual interfaces

  • Default gateways

• IOS and NXOS global configuration enterprise standards:

  • Banners

  • AAA

  • RADIUS

  • NTP

  • DNS

  • SNMP

  • Syslog

  • Archive

  • Boot version

  • Standard global configurations

As expertise improves, identify other candidates for future automation to expand the scope of coverage. Most devices will follow the same methodology used to automate network devices.

Other candidates include:

• Data center networking

• Load-balancers

• Firewalls

• Network appliances/controllers

• Storage devices

• Cloud

• Windows servers

• Linux servers