Maxim_Kazmin - Fotolia
Enterprise Management Associates
Published: 01 Aug 2014
In the era of cloud computing and mobility, businesses are demanding more agility from their IT organizations. Many silos within IT have responded to this demand. Virtualization has transformed server and storage operations. DevOps has aligned systems administration with application development and helped IT deliver services to the business faster. But the network is still finding its way.
The networking industry has responded to this need for agility with software-defined networking (SDN) and other initiatives aimed at streamlining operations, but those initiatives are far from mature. In the meantime, network engineers can take matters into their own hands by learning network programming skills, which may make them more agile in network management today and prepare them for the future, whether that future involves SDN, DevOps or bare-metal switches.
"I didn't get it two years ago when I started reading about SDN and heard people saying that the network is fragile and not as advanced as virtualization. But if all these people were saying it, there was probably something to it," says Brandon Mangold, principal architect with United Airlines. "They're right. The network is fragile, and the way we do networking does kind of suck -- the way we buy these monolithic boxes and manage them in a very rudimentary way."
Jason Edelman, a network engineer with a large systems integrator, thinks DevOps tools like Ansible, Chef and Puppet, which are mostly used by system engineers and application developers, could evolve into the network management platforms that he and his peers have been craving for years. These tools are available both as commercial products and open source projects. Network engineers who know how to program can help turn the open source software into something they can use.
"There are no modern tools in the network space. It's still a box-by-box paradigm out there," Edelman says. Too many network management tools rely on protocols like SNMP, he says, and there is only so much one can do with those interfaces.
In his spare time, Edelman has been using the programming language Python to write Ansible modules that connect with the One Platform Kit (onePK) APIs on Cisco switches. He documents the work on his blog, hoping to generate more interest in the platform from his peers. "There is a real need for [these tools]," he says.
"It's about getting the right data into the engineer's hands," Edelman adds. "A lot of tools out there have a lot of bells and whistles and are displaying a lot of traditional SNMP data for up/down [status] and stuff like that. But when you can extract more relevant data, then the data has that much more in context to the person consuming it. Maybe it's about redisplaying certain things or calling a variable by a different name. But it's just putting it into better context."
Not everyone needs to be writing modules for a DevOps platform, he says. And not everyone needs to be a programmer, but the more programming skills engineers know, the more valuable they are to their organizations.
A little scripting goes a long way
Networking pros don't need to become software engineers, but if they want higher-paying jobs, it doesn't hurt to learn enough Python or Perl to write some basic scripts. And if a network administrator learns how to think like a software developer -- if not necessarily code like one -- even better.
"Automation through programmability should, in theory, improve our consistency," says Bob McCouch, a network architect with a network consulting company. "In my opinion, this is going to be more about scripting and not [about] becoming a software engineer because I need to manage a switch."
Network management tools are generally lousy. Many of them are difficult to install and maintain. They are often proprietary and support only a single vendor, and they often lack scalability and reliability. Many engineers give up and instead rely on the command-line interface (CLI) to manage individual switches. An increasing number of network engineers stretch the limitations of those tools by writing scripts in TCL, Perl, Python or other languages. They aren't writing sophisticated software, just scripts that allow them to scale certain tasks, such as reconfiguring multiple switches using a screen scraping of CLI commands.
"Even if it's as simple as a little bash [Bourne Again Shell] script or awk, or some very simple programming language to make your life easier, [scripting is] a necessity," says Joe Rogers, senior network engineer at the University of South Florida. "There isn't a day that goes by that I don't sit down and do something, even if it's just a little awk script to select lines or columns out of a line of text and rearrange them to suit me. But I'm not expecting my engineers to write an open network management system from scratch."
About 50% to 75% of the engineers who work for Rogers know some basic scripting, just enough to get through certain tasks. He doesn't care what language they use, as long as they can script enough to be more efficient with their work. And while many of them can do the basics of scripting today, he would like to see them learn to do more.
Going beyond basic scripts
Simple scripting in awk and bash is one thing. Advanced Linux network programming skills and knowledge of more sophisticated languages like Python require more effort to learn, but they are becoming more important. Yet regardless of how many languages they master, network engineers will find that knowledge won't get them far if they don't understand how it fits into the bigger picture.
"I'm not sure if it is as simple as between those who have programming knowledge and those who do not, but I think it will be between those who truly understand the intricacies of network design and operations, and those who will effectively be the consumers of point-and-click tools," says Dale W. Carder, senior network engineer at the University of Wisconsin, Madison. "Today, because of the sorry state of configuration management paradigms -- particularly screen scraping -- I think this does correlate with those who can script and those who cannot. If you can't script today, you really can't be as effective."
When Carder's team is hiring a new network engineer or administrator, the hiring manager looks for scripting skills and Linux knowledge, he says. His organization encourages everyone in network engineering and operations to know at least some scripting. Similarly, Rogers says he expects future network engineers at the University of South Florida will need more sophisticated programming skills to keep up.
"If I were hiring a new engineering position, [Python skills] wouldn't be a hard requirement, but I would expect you to be able to do some basic coding in Python," Rogers says. "It will become more of a hard requirement as time goes on, particularly with SDN and other technologies coming along."
United Airlines' Mangold is taking an online course on Python that goes beyond teaching him basic scripting tips and tricks. It's teaching him how to adopt algorithmic thinking. He says it's hard work.
"It's really frustrating," he says. "You go from being a really good network engineer to being a terrible programmer. It's really demoralizing. A lot of people don't want to do it because they don't want to start over."
But when it came time to pursue a second CCIE certification, such as CCIE data center, or learn programming, Mangold chose the latter. He doesn't want to be a software developer, and he doesn't just want to write scripts to configure his switches. But he does suspect that networking vendors will open up more programmatic interfaces on their equipment, especially as SDN advances. He's also studying how SDN controllers and OpenFlow work, and exploring how to write applications on an SDN controller.
"As an architect, I have to make sure I have a three- to five-year vision. I can see us deploying SDN controllers and some OpenFlow switches. I'm hedging my bets," Mangold says. "If the VMwares and Cumuluses and these other vendors make the network a commodity layer and it's all about software, then I'll be in a good position. If they're wrong, I'm still a CCIE and I'm still learning networking. I still do that every day -- BGP and OSPF and spanning tree and FabricPath. None of that stuff is changing, and I already know it."
Get the data you need
Engineers who know how to code will be able to do more with their infrastructure, especially as some vendors are adding APIs and direct access to programmable hardware. Cisco, for instance, offers Python support on many of its Nexus switches now, in addition to its onePK APIs.
This increased programmability makes the whole idea of programming "more approachable for the rest of us who have not already been doing it for 10 years," says McCouch, the network architecture consultant.
"I think we're going to get better at automating things [with programming]," he says. "The idea is that I'm making the script to build this thing better, so over time I improve my quality and my repeatability on everything I do."
Scripting also enables engineers to customize their network management tools in a way that meets their specific needs, Rogers says.
"I think users want more control than what vendors are able to code themselves. You may want to monitor the state of a CPU and react in some way when it goes to an unacceptable value, or you may want to monitor the state of an interface and change the way the system operates when that interface goes down," Rogers says. "It's difficult for vendors to code something that will suit everybody, so if they can put an event management system with a nice programming language into their product, they've just opened the door so that you can do whatever you need to do. The vendor has given you the tools, and it's up to you to write and do what you need to do with them."
Beyond DevOps platforms, network engineers have the opportunity to write code for SDN controllers and related platforms, which could deliver similar value. "It comes down to having a platform that has a good foundation on its own, but has the capability to be customized as well," Edelman says.
Whether they write modules or apps or just write some code directly on a switch, engineers should explore how programming skills can help them get more out of their infrastructure. There are plenty of opportunities to explore, and Edelman hopes that switch vendors open their platforms further to allow engineers with programming skills to do more.
"Over the next six months or year, there is going to be a need to keep doing what a few of us are doing … to educate the community on what tools are out there," Edelman says. "Right now some network engineers are not even aware of tools like Puppet, Chef and Ansible. I'm not saying these are the right tools for the network space, but the more we can start thinking like DevOps engineers, it will help the way we approach networking in the future."
A series of technical books on shell scripting