Chef, Puppet & Ansible Network Automation


Chef, Puppet and Ansible are ideally suited for Run-book automation for simple and repetitive tasks. Many enterprises have successfully deployed one of these 3 tools for server automation. They typically bought an enterprise license that covers unlimited nodes. So, at the surface, it makes economic sense to use the same tools for networking. But as you read below, this sort of short-term thinking will result in longer delays and opportunity costs.

What are Chef, Puppet and Ansible?

  • Open Source Configuration Management tools with large community of developers
  • Proven in Compute & Server Provisioning
  • Currently focused on 3 areas:
    i. Configuration Automation using workflow
    ii. Testing and Validation of Network state
    iii. Continuous Compliance Check.
  • Just started to expand into network space
    Puppet: Arista, Cisco, Citrix, F5, Cumulus, Juniper and Huawei
    Chef: Cisco NX-OS, ACI
    Ansible: Arista, A10, Cisco, Citrix, Cumulus, F5 and Juniper

Why use Chef, Puppet or Ansible?

  • Same tool infrastructure can be used to automate compute, storage  and network
  • Effective for simple and repetitive tasks such as changing passwords, changing SNMP settings, shutting down interfaces and backing up configurations
  • They have REST API to integrate with customer OSS/BSS or self-service portals

Disadvantages of Chef, Puppet or Ansible for Network Automation:

  • Very limited availability of the target platforms that support python or ruby runtime
  • No Concept of Service Chaining
  • No Transaction capabilities & Roll-back support
  • No Multi-tenancy
  • Have to use CLI scraping for un-supported  platforms such as IOS.
  • No Topology Discovery
  • No Support for discovery of existing services
  • Scalability yet to be proven in Networking Arena
  • Puppet and Chef require agents in devices
  • Puppet and Chef rely on Ruby which raises concerns about security, performance and RAM consumption on network devices.
  • Network admin still has to maintain the playbooks  when software is upgraded or if the API changes
  • No Support for Virtual Appliances or SDN Controllers

Anuta ATOM Advantages

  • ATOM offers a standards-based Network Orchestration Platform –Pluggable, High Available, Scalable & Extensible
  • ATOM has out-of-the-box YANG based Device, Service and network models to support Data Center use cases, Public and Private Cloud use cases, Physical,Hybrid and Virtual Branch/WAN Edge use cases, Cloud VPN, Traditional and NFV based use cases, SD-WAN, Campus use cases such as Campus Connectivity and Complete Campus network Orchestration; IP/MPLS Backbone, Telco use cases, IMS, EPC, Metro Ethernet, Wholesale Services, Optical
  • ATOM has built-in support for both Multi-Tenant Deployments or Shared Deployments, Comprehensive Resource Management, Capacity Planning and Forecasting, Service Availability, Thresholds and Forecasting Resource Segmentation into Resource Pools, IPAM and Other Resource allocation
  • ATOM portal supports multi-tenant administration to enable MSPs to offer automation in a SaaS model
  • ATOM distributed server/agent architecture proved scalability for production networks


  • Config Management Tools are still in their infancy with limited networking vendor support
  • YANG is gaining significant mindshare and momentum with vendors and customers
  • Anuta ATOM delivers vendor-neutral, extensible and maintainable services using model-driven, layered and abstraction approach
  • Anuta ATOM platform is proven in production networks

About Author

You will also like...