Multi-Vendor Network Service Orchestration

Rapidly Design, Automate and Orchestrate Complex Network Services for Physical and Virtual Network Devices

Chef, Puppet & Ansible Network Automation

Chef, Puppet & Ansible Network Automation

November 02, 2016 | Technology



Background:


Chef, Puppet and Ansible are ideally suited for Run-book automation for simple and repetitive tasks. Many enterprises have successfully deployed one of these 3 tools for server automation. They typically bought an enterprise license that covers unlimited nodes. So, at the surface, it makes economic sense to use the same tools for networking. But as you read below, this sort of short-term thinking will result in longer delays and opportunity costs.

Network Automation with Chef, Puppet & Ansible

What are Chef, Puppet and Ansible?


  • Open Source Configuration Management tools with large community of developers

  • Proven in Compute & Server Provisioning

  • Currently focused on 3 areas:
                i. Configuration Automation using workflow
                ii. Testing and Validation of Network state
                iii. Continuous Compliance Check.

  • Just started to expand into network space
    Puppet: Arista, Cisco, Citrix, F5, Cumulus, Juniper and Huawei
    Chef: Cisco NX-OS, ACI
    Ansible: Arista, A10, Cisco, Citrix, Cumulus, F5 and Juniper
  • Why use Chef, Puppet or Ansible?


  • Same tool infrastructure can be used to automate compute, storage  and network

  • Effective for simple and repetitive tasks such as changing passwords, changing SNMP settings, shutting down interfaces and backing up configurations

  • They have REST API to integrate with customer OSS/BSS or self-service portals
  • Disadvantages of Chef, Puppet or Ansible for Network Automation:


  • Very limited availability of the target platforms that support python or ruby runtime

  • No Concept of Service Chaining

  • No Transaction capabilities & Roll-back support

  • No Multi-tenancy

  • Have to use CLI scraping for un-supported  platforms such as IOS.

  • No Topology Discovery

  • No Support for discovery of existing services

  • Scalability yet to be proven in Networking Arena

  • Puppet and Chef require agents in devices

  • Puppet and Chef rely on Ruby which raises concerns about security, performance and RAM consumption on network devices.

  • Network admin still has to maintain the playbooks  when software is upgraded or if the API changes

  • No Support for Virtual Appliances or SDN Controllers
  • Anuta NCX Advantages


  • NCX offers a standards based Network Orchestration Platform –Pluggable, High Available, Scalable & Extensible

  • NCX has out-of-the-box YANG based Device, Service and network models to support Data Center use cases, Public and Private Cloud use cases, Physical,Hybrid and Virtual Branch/WAN Edge use cases, Cloud VPN, Traditional and NFV based use cases, SD-WAN, Campus use cases such as Campus Connectivity and Complete Campus network Orchestration; IP/MPLS Backbone, Telco use cases, IMS, EPC, Metro Ethernet, Wholesale Services, Optical

  • NCX has built-in support for both Multi-Tenant Deployments or Shared Deployments, Comprehensive Resource Management, Capacity Planning and Forecasting, Service Availability, Thresholds and Forecasting Resource Segmentation into Resource Pools, IPAM and Other Resource allocation

  • NCX portal supports multi-tenant administration to enable MSPs to offer automation in a SaaS model

  • NCX distributed server/agent architecture proved scalability for production networks
  • Summary


  • Config Management Tools are still in their infancy with limited networking vendor support

  • YANG is gaining significant mindshare and momentum with vendors and customers

  • Anuta NCX delivers vendor neutral, extensible and maintainable services using model driven, layered and abstraction approach

  • Anuta NCX platform is proven in production networks
  • – Kiran Sirupa, November 2nd, 2016

    Tags