Chef, Puppet & Ansible Network Automation
Chef, Puppet and Ansible are ideally suited for Run-book automation for simple and repetitive tasks. Many enterprises have successfully deployed one of these 3 tools for server automation. They typically bought an enterprise license that covers unlimited nodes. So, at the surface, it makes economic sense to use the same tools for networking. But as you read below, this sort of short-term thinking will result in longer delays and opportunity costs.
What are Chef, Puppet and Ansible?
- Open Source Configuration Management tools with large community of developers
- Proven in Compute & Server Provisioning
- Currently focused on 3 areas:
i. Configuration Automation using workflow
ii. Testing and Validation of Network state
iii. Continuous Compliance Check.
- Just started to expand into network space
Puppet: Arista, Cisco, Citrix, F5, Cumulus, Juniper and Huawei
Chef: Cisco NX-OS, ACI
Ansible: Arista, A10, Cisco, Citrix, Cumulus, F5 and Juniper
Why use Chef, Puppet or Ansible?
- Same tool infrastructure can be used to automate compute, storage and network
- Effective for simple and repetitive tasks such as changing passwords, changing SNMP settings, shutting down interfaces and backing up configurations
- They have REST API to integrate with customer OSS/BSS or self-service portals
Disadvantages of Chef, Puppet or Ansible for Network Automation:
- Very limited availability of the target platforms that support python or ruby runtime
- No Concept of Service Chaining
- No Transaction capabilities & Roll-back support
- No Multi-tenancy
- Have to use CLI scraping for un-supported platforms such as IOS.
- No Topology Discovery
- No Support for discovery of existing services
- Scalability yet to be proven in Networking Arena
- Puppet and Chef require agents in devices
- Puppet and Chef rely on Ruby which raises concerns about security, performance and RAM consumption on network devices.
- Network admin still has to maintain the playbooks when software is upgraded or if the API changes
- No Support for Virtual Appliances or SDN Controllers
Anuta NCX Advantages
- NCX offers a standards based Network Orchestration Platform –Pluggable, High Available, Scalable & Extensible
- NCX has out-of-the-box YANG based Device, Service and network models to support Data Center use cases, Public and Private Cloud use cases, Physical,Hybrid and Virtual Branch/WAN Edge use cases, Cloud VPN, Traditional and NFV based use cases, SD-WAN, Campus use cases such as Campus Connectivity and Complete Campus network Orchestration; IP/MPLS Backbone, Telco use cases, IMS, EPC, Metro Ethernet, Wholesale Services, Optical
- NCX has built-in support for both Multi-Tenant Deployments or Shared Deployments, Comprehensive Resource Management, Capacity Planning and Forecasting, Service Availability, Thresholds and Forecasting Resource Segmentation into Resource Pools, IPAM and Other Resource allocation
- NCX portal supports multi-tenant administration to enable MSPs to offer automation in a SaaS model
- NCX distributed server/agent architecture proved scalability for production networks
- Config Management Tools are still in their infancy with limited networking vendor support
- YANG is gaining significant mindshare and momentum with vendors and customers
- Anuta NCX delivers vendor neutral, extensible and maintainable services using model driven, layered and abstraction approach
- Anuta NCX platform is proven in production networks
– Kiran Sirupa, November 2nd, 2016