Network configuration management: Old tools, new tricks

With a few lines of your favorite scripting language, you could touch every machine in your environment without building anything new.

Network performance monitoring (NPM) tools have long been indispensible, used by network administrators of every variety, every day. They keep us out of trouble by generating alerts, help us quickly troubleshoot and close tickets and make quick work of historical analysis for capacity planning.

On the horizon is software-defined networking (SDN), which promises to accomplish two goals at once: create flexibility by virtualizing the network and provide standardized, application-based, non-command line interface (CLI) administration. But SDN is only just beginning to be used in everyday networks and it's easy to feel like you're missing out on the fun. Fortunately, you don't have to, because the NPM platform you already have may very well provide SDN-like network configuration management features you're not even aware of.

The welcoming glow

Admit it: As an admin there's a certain warm feeling that comes from the familiar green glow in PuTTY. With a big enough config you can go full screen and just bask in it, knowing that you're seeing the matrix encoded -- the undiluted reality of the system on the other end of a secure shell tunnel. More than that, you know that with a few keystrokes you can change the world, or at least tame the YouTube-fueled consumption of bandwidth generated by your users.

Many admins are increasingly delighted to discover there's considerable power waiting at their disposal.

The problem is at the scale of device management now common to admins, CLI is ever more painful. Today, even small IT organizations manage more devices with fewer staff than ever before.

With SDN, what we're really talking about is network programmability: taking the grunt work -- and hopefully fat-finger disasters -- out of the management process. SDN is a work in progress. Standards are being ratified, many vendors are working on solutions and there are plenty of articles on the topic. But what you might not have explored is that many of your existing network tools already provide abilities to programmatically manage your network.

It's easy to forget how features like personalization actually program our tools and that more mature tools provide APIs and even rich software developer kits (SDKs) to accomplish complex network tasks. For example, my firewall guru lives in Palo Alto. (Not the city, the firewall between us and The Yuck). He's customized his Web dashboards, charts and alerts and added rules that greatly simplify administration. He doesn't think of this as programming, but a decade ago this would be rocket science running on a special box. Now it's baked right into the device and it's always open on his workstation. (OK, I did change l=Palo Alto in his Active Directory account).

RTFM for fun and profit

The true undiscovered country, however, is your network monitoring and network configuration management (NCM) system. You've probably been using it for years and think of it as a dear, but read-only, friend. But over the course of those years it's quite possible that it's learned powerful new tricks that you might not have noticed in the release notes. These tricks might be as simple as configurable workflows and config automation you manage from the graphical user interface. In other cases, they're powerful APIs and even SDKs that let you easily create those amazingly cool autonomous processes you think of in the car on the way home. Yes, you'll have to open the manual, but a 1,700-page .pdf greps quite nicely with search.

Consider the possibilities. You've probably already configured automated nightly backups of your configs, including the IP addresses, CLI credentials and configuration details for each device. What if you wanted to make real changes or perform interactive CLI actions from internal alerts, external processes or enable complex delegated administration to external groups? At the same time, you don't want to muck about creating a new framework and access control.

Your NPM/NCM solution may already expose the tools to execute commands on your systems quickly, and best of all, reliably. With a few lines of your favorite scripting language you could touch every machine in your environment without building anything new. Do be sure to casually mention to your manager that you're also delivering these capabilities at no additional cost.

Is this approach OpenDaylight? No, at least not yet. But does it allow you to make your network programmable? You bet. Certainly your mileage will vary depending on the robustness of both the platform and its exposed programmable interfaces, but many admins are increasingly delighted to discover there's considerable power waiting at their disposal. Update to the latest version of your software, break out the manual and create a "Hello World" that renames an interface. Smile, then stay up way past your bedtime exploring your new superpowers.

About the author:
Patrick Hubbard is a
head geek and senior technical product marketing manager at SolarWinds. With 20 years of technical expertise and IT customer perspective, his networking management experience includes work with campus, data center, storage networks, VoIP and virtualization, with a focus on application and service delivery in both Fortune 500 companies and startups in high tech, transportation, financial services and telecom industries. He can be reached at Patrick.Hubbard@solarwinds.com.

This was first published in October 2013

Dig deeper on Network Management Software, Tools and Utilities

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close