Network automation is a strategic focus in most organizations today. According to a recent survey*, 96% of respondents have some form of automation deployed in their network. The value of automation is typically associated with task-based activities such as configuration generation, configuration deployment, and archival. However, the success of automation is often impacted by use case complexity. Managing software upgrades can be cumbersome if handled on a manual basis, and in another survey**, just over 20% of participants agreed to have achieved software upgrade automation successfully.
Why are software upgrades challenging?
1. Heavy Code Automation
Ansible, Python, and other open-source tools are popular choices for network automation. These tools are easy to download and install and also have ample documentation and device support. Consequently, it’s easy to get started and realize ROI for simple use cases with open source tools. However, complexity increases with more advanced use cases. To develop an software upgrade automation framework, a network architect requires knowledge of various scripting platforms, numerous networking technologies and topologies, and device characteristics. Expecting network engineers to be proficient in all these diverse domains is unrealistic. Furthermore, versioning, troubleshooting, and release of production-grade automation scripts increase the level of automation complexity.
A Low code approach is essential to solving the aforementioned problems. Low code automation abstracts underlying technological complexities and provides the network engineer with a simple, intuitive drag and drop interface to manage the most complex use cases with ease. Low code enables network engineers to focus on the task at hand and prevents unnecessary delays and errors.
2. Task Oriented Automation
Today’s automation framework is heavily task oriented. Scripting languages and purpose-built solutions for configuration management, service provisioning, and network monitoring help to automate specific tasks in the method of procedure (MOP). They also help to automate some upgrade tasks such as detection and removal of large files to increase disk space, backup of current configuration to local and remote servers or install packages, and device rebooting. Although task-oriented automation offers some improvements in the speed and efficiency of the upgrade procedure, it still demands considerable human intervention which can lead to human error, inconsistent MOP execution, and non-compliant networks.
End-to-end automation is the key to automate complex procedures such as software upgrades. Automation must extend to the entire MOP and not just to a subset of tasks. MOP automation must also include automated pre-checks, automated post-checks, user forms, approval tasks, and timed background tasks. End-to-end automation must not only automate device tasks but also integrate with the network ecosystems such as ITSM solutions, IPAM, security solutions, and others to automate business processes. In a nutshell, end-to-end MOP automation ties various tasks and subtasks together into a seamless flow.
3. Non-Scalable Automation Framework
The real challenge lies in developing an extensible, customizable, and durable automation framework. It is relatively simple to develop scripts for a single vendor network containing 10 network devices. However, automating a vast network consisting of hundreds of network devices from multiple vendors and running multiple software versions is an entirely different story. Recently, Anuta Networks received a request for an end-to-end software upgrade automation. A large service provider needed to upgrade their entire network that comprised of thousands of devices. Given a historic, semi-automated method of upgrade, the service provider experienced a three-hour timespan to upgrade 100 devices with 4 network engineers working at full capacity. Their future goal is to employ automation to upgrade 500 devices in the same timeframe. To accomplish this objective, the software upgrade automation framework must be built with the latest technologies and a scalable microservices architecture. Building an extensible, flexible, and scalable framework requires substantial time and resource commitment, which may not be feasible for every enterprise. This was why Anuta Networks developed the ATOM automation platform.
Simplify Software Upgrades with Anuta ATOM Low Code MOP Automation
Anuta Networks ATOM low-code workflow automation capability enables network engineers to automate simple and complex MOPs. Workflow utilizes DevOps constructs and allows network engineers to create, update, and execute MOPs unique to their business needs. Workflow also follows BPMN2.0 industry standards and can be easily downloaded and updated in any BPMN compatible external tool as well.
Workflow automation provides the following benefits
Intuitive Drag and Drop Automation Builder
The ATOM platform includes a powerful workflow builder. It provides a low code method to creating, updating, testing, and deploying a custom MOP. Network engineers can easily drag decision logic elements from the toolbar and drop them into the workspace. The decision logic modules enable network architects to introduce various logic into the workflows. These include pre-created libraries, timer events, network events, ATOM closed-loop automation events, error events, decision gates, and user forms and approvals.
The ATOM platform provides extensive software upgrade automation workflows out-of-the-box to enable organizations get started quickly. Architects can simply drag and drop an IOS XE, IOS XR, JUNOS, or any other software upgrade workflow from the list and modify it to suit a specific requirement.
Easy Integration with Network Ecosystem
ITSM, OSS/BSS, Ticketing, Billing Solutions
ATOM Workflow automation has open APIs and can establish bidirectional communication with any entities in the network ecosystem. Northbound entities such as ServiceNow, BMC Remedy, Jira, or any other ITSM, ticketing, or billing solutions can trigger ATOM workflows using ATOM Workflow API. ATOM workflow also can invoke external APIs. This enables network administrators to achieve complete end-to-end automation. As an example, raising an incident ticket in ServiceNow can trigger the software upgrade automation workflow in ATOM. Subsequently, ATOM workflow can execute the software upgrade workflow as well as update the incident at logical steps. Upon completion of workflow, ATOM automatically closes the incident ticket as well.
Existing automation scripts and tools
ATOM workflows can also integrate with existing automation infrastructure. Network architects may have already developed a few exhaustive automation scripts over many months, which effectively perform specific tasks. ATOM eliminates the need to recreate the scripts and also effectively executes the existing automation directly from the workflow.
Suspend, Resume, Rollback Upgrades on Demand
The ATOM platform provides numerous operational features. Network professionals may need to suspend workflows at specific checkpoints. Consider a case where the operator has executed an IOS XR upgrade and simultaneously observes an image server failure. ATOM workflow enables the operator to suspend or pause the workflow at its current execution point, remediate the image server failure, and then resume the workflow. The platform also allows operators to rollback upgrades on failures. Rollback can be triggered on-demand or automatically as part of the upgrade workflow.
OS upgrade method of procedure is usually quite lengthy and complicated. Step by step representation of these procedures in a Microsoft Word or Excel does not provide sufficient visibility given it is difficult to discern, interpret, share, and follow such MOPs. ATOM provides a visual representation of the entire MOP and enables administrators to download the procedure as an intuitive picture. The workflow diagram subsequently renders a step-by-step visual documentation of the entire MOP which is simple to grasp and comprehend.
Multiple MOP Versions
As MOPs evolve over a period of time, various versions of the same workflow need to coexist in the network. Legacy devices may use older versions of the workflow while newer devices may use the latest versions. The ATOM platform enables administrators to store and visualize all versions of workflow and acts as a central repository for all MOPs.
Multi-Vendor, Scalable Platform
MOPs vary for every platform. An IOS XR platform has a completely different upgrade process relative to a Junos platform. The ATOM platform also supports 45+ vendors across 150+ platforms and is preloaded with numerous out-of-box software upgrade automation templates. Software upgrade templates are based on vendor reference guides and follow best practice recommendations from each vendor. The platform also enables network operators to upgrade multi-vendor devices simultaneously. Upon execution of a software upgrade automation workflow, ATOM can detect the device platform and run the appropriate upgrade workflow automatically.
The ATOM platform is built on a web-scale microservices architecture that enables parallel execution of workflows. Thus, network operators can instantiate software upgrade automation workflows on multiple devices simultaneously. The ATOM Workflow also has advanced monitoring and debugging capabilities that empowers operators to audit, troubleshoot and report the status of workflow execution on each device independently.
Workflows also introduce many checks and balances in the process, thereby delivering robust network assurance.
Software Upgrade Automation Example: JUNOS upgrade with Anuta Networks ATOM
This workflow example is an out-of-box software upgrade automation template for a Juniper router. The template consists of more than 50 steps and more than 200 operations. It consists of pre-checks, post-checks, user approval and form input, post-upgrade validation, automated validation, and rollbacks on errors. The thick boxes in the workflow diagram are sub-workflows that are triggered by this main workflow. In this example, the workflow is triggered manually. Workflows in the ATOM platform can be triggered manually or through events. These events could represent network events, such as an SNMP trap from a device or events generated by ATOM’s closed-loop automation framework.
The upgrade procedure is comprehensive and involves the following steps:
Step 1: The first step of the workflow is to gather essential information needed to instantiate a software upgrade. The workflow presents a form to the operator to collect information such as device IPs that need to be upgraded, device credentials, image server details, and configuration backup location. Workflows also perform sanity checks on user input and highlight any invalid details.
Step 2: In the next step, the workflow performs numerous pre-checks. First, it checks the status of the device and validates the software version. It then audits the disk space available in the device. If the available space is less than the recommended value, the workflow deletes the cache and other non-essential large files. If the space is still insufficient, workflow lists all files that occupy significant storage to the operator and waits for sufficient disk space to be allocated before proceeding.
Step 3: Workflow backs up the existing configuration locally and to a remote server.
Step 4: Additional pre-checks follow. This final set of pre-checks consists of around 50 commands that verify various aspects of device and network configuration such as verification of SNMP configuration, outstanding alarms, hardware configuration, ISIS & BGP configurations, and subscriber profiles.
Step 5: Workflow contacts the image server and uploads corresponding upgrade images to the device.
Step 6: In this step, the workflow seeks operator approval to reboot the device. Upon receiving approval, workflow generates temporary and transient configurations before performing the final upgrade.
Step 7: Workflow performs an ISSU upgrade in this step and upgrades JUNOS and JSU images. Any error during the software upgrade procedure triggers a rollback automatically. Rollback procedure includes running pre-checks (Step 4), downgrading ICEAA package, ISSU downgrade to the previous version, and finally, post-check validations (Step 8)
Step 8: This step performs post-update validations. The validations include running all pre-checks again (Step 4) to remediate any error that may arise.
Step 9: This step upgrades the ICEAA package. This sub-workflow performs post-validations, and any error triggers a rollback procedure.
Step 10: After executing all upgrades, workflow rollbacks the transient configurations. Workflow also performs a secondary JSU upgrade at this stage.
Step 11: Finally, the workflow runs post-checks to validate the status of the software upgrade process and performs a rollback or remediation procedures in case of errors. Upon a successful procedure completion, the workflow performs a cleanup by removing any stale files and configurations.
Anuta Networks ATOM provides a powerful low-code workflow builder that is ideal for most software upgrade automation scenarios. The workflow builder simplifies the creation and updating of the workflow without compromising the extensibility and customizability of the platform. Workflow integrates with existing automation, ITSM solutions, OSS/BSS, IPAMs, security managers, and network devices from 45+ vendors. ATOM’s intuitive drag and drop low code interface also simplifies and accelerates development of workflows and increases the breadth of automation in the network. A software upgrade automation procedure as mentioned above could potentially lead to a significant increase in productivity and thereby enable faster rollout of services and a better customer experience. Automating end-to-end MOPs eliminate manual time-consuming processes, mitigates human error, and can significantly reduce operating expenses.
* Juniper State of the Art networking survey (SONAR) 2019
** NetDevOps Survey 2019