Enterprise network topologies have become increasingly complex as organizations struggle to manage components from different vendors, maintain 24/7 network availability, and just generally do more with less. Reliance on manual management of your network is not just time-consuming and error prone–it can impact your network performance, security, and reliability, as well as drain resource hours to determine root cause analysis. For your business, that means potential disruption of business operations, lower team productivity, higher operational costs, and less agility.
While network teams often worry about sacrificing control by using automation, the reality is that organizations who successfully adopt automation to manage their network operations are more compliant, expose fewer security attack surfaces, and experience higher network performance and reliability. Network administrators report more job satisfaction as they're able to resolve issues faster and are freed up to focus on more rewarding work.
IDC found that enterprises using automation see a 38% increase in network management team efficiency.
Let's explore a few foundational network automation tasks that every organization should be automating. For purposes of this blog, we'll demonstrate the automation of Cisco IOS devices, but this automation could easily be applied to Arista, Juniper or any other popular network devices supported by Red Hat's Ansible Content Collections.
We recommend the following four use cases because they:
- Deliver both business and technical value with relatively low risk to your network systems. See the interactive demo.
- Build a sequence of automation jobs that can be aggregated into a single seamless workflow for even greater efficiency.
- Expand and integrate with existing business critical ITSM systems, observability tools, as well as net-new AIOps workflows.
Note
If you are new to Red Hat Ansible Automation Platform, we strongly recommend our free Red Hat Ansible technical overview course.
Let's get started.
Use case #1: Network fact gathering
One of the first things new automators do with their networks is to introspect their network estate. Why? Because it is a valuable low risk read-only activity, and it is the basis for creating dynamic documentation (use case 2) or evaluating for configuration drift.
Let’s use the network.ios.facts.facts module provided by the Cisco IOS certified collection to gather all the information on your IOS devices which can then be saved to the Git repository you create for your project.
---
- name: Gather information from routers
hosts: cisco
gather_facts: yes
tasks:
- name: Gather router facts
cisco.ios.ios_facts:
register: cisco_facts
- name: Display router facts
ansible.builtin.debug:
var: cisco_factsExample Ansible Playbook for network fact gathering
Use case #2: Exporting network facts to a report or dynamic documentation
To help you simplify compliance and drift reporting, you can export your network data to a reporting tool such as Splunk, Grafana, etc., use a Jinja2 template to publish via HTML, or create a simple dynamic documentation / dashboard.
Ready to get started with the network fact gathering and reporting cases? Log in to read our Solution Guide - Network Fact Gathering and Reporting.
This will help you quickly and consistently make updates to your network in just minutes instead of days. You'll remove the errors common with manual configuration updates while consistently enforcing policies across devices. Network teams can be more efficient and productive as you improve your network reliability and security posture by keeping up with the latest network patches.
Use case #3: Network backup
Backing up your network is a critical step before making any device configuration changes. It ensures you can recover from any network issues or changes can be quickly rolled back to the previous configuration state.
Let’s write a playbook to back up your current network configuration and save it to the Git repository for your project. You can download the Ansible network.backup validated content collection and customize it for your specific environment. Then create a job template in Ansible Automation Platform using your network backup playbook project. Save your job template as Cisco network backup.
Example Ansible Playbook for network backup:
---
- name: Back up current Cisco IOS network configuration
hosts: cisco
tasks:
- name: Back up current Cisco IOS network configuration
cisco.ios.ios_config:
backup: yes
register: backup_output
- name: Display backup location
ansible.builtin.debug:
msg: "Configuration backed up to {{ backup_output.backup_path }}"Use case #4: Network configuration
Once you've compiled your network facts into a report and have run your network backup automation task, you're ready to make configuration changes.
Using automation for network configuration allows you to consistently make updates to your network in just minutes instead of days. You'll remove the errors common with manual configuration updates while consistently enforcing policies across devices. Network teams can be more efficient and productive as you improve your network reliability and security posture by keeping up with the latest network patches.
Refer to the Cisco IOS certified content collection for network configuration modules that are available for download from the Red Hat Hybrid Cloud Console. Examples of common network configuration examples include:
cisco.ios.ios_bgp_address_family: Configures and manages the attributes of BGP address family.cisco.ios.ios_bgp_global: Configures and manages the attributes of global BGPcisco.ios.ios_vlans: Configures VLANscisco.ios.ios_acls: Configures and manages the named or numbered ACLscisco.ios.ios_hostname: Provides declarative management of hostnamecisco.ios.ios_interfaces: Manages the interface attributes.cisco.ios.ios_logging_global: Manages the logging attributes.- Using any of the above modules, write a playbook to apply your network configurations and save to the Git repository for your project. Below is an example using the
ios_bgp_address_familyandios_ios_vlans modules.
Example Ansible Playbook for network configuration:
---
- name: Network configuration update
hosts: all
tasks:
- name: Configure BGP address
cisco.ios.ios_bgp_address_family:
config:
as_number: 65000
address_family:
- afi: ipv4
safi: unicast
neighbors:
- neighbor: 10.0.0.1
remote_as: 65001
activate: true
networks:
- prefix: 192.168.1.0
masklen: 24
- name: Configure VLANs
cisco.ios.ios_vlans:
config:
- name: Data
vlan_id: 10
state: active
- name: Voice
vlan_id: 20
state: active
- name: Management
vlan_id: 99
state: active
state: mergedImportant
Test your playbook in a test environment before deploying running in a production network. It’s also good practice to test the rollback/backup you created in Use Case #3 above in this test environment as well.
Next, create a job template for your project and save as Network configuration update, then select Launch to run the template.
Ready to get started with these network back up and configuration use cases? Read our Solution Guide - Network Backup and Configuration (login required).
Explore advanced network automation use cases
As you expand your adoption of automation, the value and benefits actually increase while the amount of effort required to maintain your network decreases.
Once you have tackled the basics of network fact gathering, compliance reporting, network backups, and basic configuration, you're ready to expand into more advanced forms of automation:
- Explore five great network automation use cases.
- Orchestrate existing network automation tasks into a seamless workflow.
- Integrate ITSM into your network workflows. Learn how Southwest Airlines tackled this use case.
- Implement event-driven NetOps levering your existing network observability and monitoring tools.
- Learn how to scale automation adoption across your organization.
