Ansible automation of repetitive network configurations
The manual configuration of the network and the implementation of repetitive requests took the two-person IT department many hours. Creating a tool to handle these tasks allowed for the automation of a part of the work and transfer it to the Help Desk department. Now you do not need a network specialist to connect a printer to the appropriate switch port or quickly find the desired device on the network. Qualified engineers gained time to solve advanced problems.
The Ansible-based architecture naturally breaks down complex automation into smaller and more understandable tasks.
The construction of subsequent modules will allow the client to quickly adapt to changing challenges and meet additional expectations.
Jacek Ozga, Senior Automation Engineer, Grandmetric
Client
Services
Technologies
A 5-fold increase in the speed of solving a single ticket
Handing over simple tasks to the Help Desk (e.g. connecting a printer on a free port, checking the status of ports on the device)
Network inventory from one place and facilitated management
Possibility of extending the tool with further functionalities, e.g. automatic drawing of network diagrams
An aggregate producer with factories all over Poland had a problem with managing the company-wide network. The lack of proper visibility of free ports on devices or the need to configure them from the command line meant that even simple and repetitive tasks such as enabling/disabling a port were transferred to the IT department. In addition, after reporting a problem with a device, the engineer had to manually search the database of network devices for the problem, which turned out to be quite a challenge given the scale of the enterprise.
The answer to the growing dissatisfaction of the IT department and the need to scale network management was a tool (application) that will automate device configurations and allow people who are not network engineers to perform simple tasks.
Basic functionalities of the application:
After meeting with the client, we understood that inaction would not only cause difficulties in managing the network but would intensify the growing dissatisfaction of the already overburdened IT staff.
Therefore, the primary goal of the project was to design the system so that the IT department could upload the configuration once, and the HelpDesk department could run it on many devices. This approach eliminated the need to use the command line, and knowledge of configuration commands and ensured scaling.
At this stage, the concept of the application and its initial sketch (mock-up) were created. Below are some selected screens from the mock-up.
Fig. 1 Configuration of a single switch – setting the port as the printer port
Fig. 2 Global configuration
Fig. 3 Searching for a device by MAC address
After getting the green light from the client and prioritizing, we moved on to detailed application planning. Here, the fact that designing and automating enterprise-class networks is something we deal with on a daily basis helped us a lot. Without hesitation, we included our network engineers in the design phase.
Having this in place, we were sure that the application’s operating mechanisms would be in line with good network practices, and that the development team would understand how the client would use the created tool.
At this stage we created:
We wanted the client to be able to use the first network configuration functionalities as soon as possible, so we approached programming in an iterative way. We started with building the highest priority functionalities, and then we regularly met with the client to demonstrate the operation of subsequent application modules.
An integral part of our work was also testing the tool in the Grandmetric network laboratory and on our infrastructure.
At this stage, we created:
From the architectural point of view, the project consists of three layers:
Below are screenshots of several sample screens from the created application.
Fig.4 VLAN Configuration
Fig.5 Switch port configuration with occupancy indication
Work on the project does not end for us after submitting the application. At the start-up stage, we provide intensive support and help client-side users to use the created tool.
The application automating configurations will be further developed by our team, which will give the client access to further functionalities and regular system updates.
Automating the configuration of networks and IT infrastructure is often the first step to digital transformation in network departments. We often encounter the desire to automate everything at once. It’s a tempting but ineffective prospect.
It makes no sense to automate a single switch or router, but it makes sense to automate the management of dozens.
Choosing the right areas for automation requires a thorough analysis of the possibilities, costs and profitability of the investment.
In client network automation projects, we deal with stakeholders both on the client side (business and network engineers) and on our side (development teams and Advanced Services). It can be quite a challenge to reconcile good network design practices with good software development practices. However, reconciling different perspectives is necessary to develop a high-quality solution.
Our primary automation tools were Ansible automation scripts (playbooks). Running them in virtual environments based on Docker containers allowed isolation between containers, ease of scaling and simplicity of deployment.
The latter was also influenced by the use of the CI/CD pipeline, thanks to which we automated the uploading of the latest software versions to our environment immediately after the developer approved changes in the repository.
The more complex the project, the more tests are needed to make sure everything works as it should. Regular meetings of the development team with Advanced Services engineers and customer representatives made it possible to verify the design assumptions and introduce the necessary improvements on an ongoing basis. In addition, automatic testing mechanisms allowed us to maintain high code quality, control naming conventions and efficient documentation creation.
Actions performed using the application are several times faster than configuring many devices manually, and additionally, allow you to avoid errors during manual configuration.
Mateusz Buczkowski
Software Development Lead, Grandmetric