Welcome!

Microservices Expo Authors: Jason Bloomberg, Elizabeth White, Liz McMillan, Pat Romanski, Mehdi Daoudi

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, SDN Journal, @DevOpsSummit

@CloudExpo: Article

Automated Orchestration | @CloudExpo #SDN #DevOps #Microservices

In light of rapid changes to hardware and software, the standard way of managing configurations is no longer feasible

Creating a Customized Automated Orchestration Strategy

Large enterprises today are juggling an enormous variety of network equipment. Business users are asking for specific network throughput guarantees when it comes to their critical applications, legal departments require compliance with mandated regulatory frameworks, and operations are asked to do more with shrinking budgets. All these requirements do not easily align with existing network architectures; hence, network operators are continuously faced with a slew of granular parameter change requests, trying to meet ongoing network requirement changes without having the proper tools in place.

In light of rapid changes to hardware and software, the standard way of managing configurations through hop-by-hop or router-to-router management is no longer feasible. Network complexity today requires control of the entire environment from end to end, and the ability to apply policy changes with the utmost precision across a whole network. Let's consider the path to making these changes:

  • Is the device hard-wired or connecting wirelessly to the network?
  • Is the device on a corporate LAN or coming from a remote site?
  • Do they need access to public or private cloud (or both)?
  • What is the location of the end user's device, be it a laptop or a PC?
  • Will changes to the device involve other operations teams (think telco and VoIP)?

The change requests then must be fulfilled in line with the user's request and satisfy the network performance requirement of the application while having minimal effect on the other services running on the network.

The next problem is that, though it isn't unusual for teams to fall behind as the changes roll in, when operations is given a complex request, only to realize there is no current network documentation, the results can be disastrous. Often senior network architects, designers and engineers must collaborate to minimize potential side effects, which slows the process even more.

Trying to Make Changes on the Fly
Disruptions in corporate networks can be catastrophic to the business. Hence, all changes must undergo stringent verification and approval processes. Add in changes that must be made across domains - for example, security, disaster recovery, video and VoIP - and a disparate knowledge base between the different departments involved often leads to conflicting or incomplete change requests.

Complicating factors include, as an example, the lack of highly skilled "full-stack engineers," professionals who can program software and make configuration changes with networking on the fly, regardless of the application or the equipment. Operations personnel tend to be generalists, and without a detailed skillset, they must rely upon subject-matter experts who are well versed in various subsets of technology. Alternatively, they must wait on configuration changes to be released by the hardware or software vendor, or engage a contractor from a third party, a slow and painful process at best.

The majority of network projects incrementally evolve and enhance an existing network in the common "brownfield" approach. This is in contrast to the less-common "greenfield" scenario, where the engineers can pick the newest router or product with the most up-to-date feature set. The average replacement cycle is usually dictated by the manufacturer's support cycle, typically five to 10 years. Such a long cycle can create a significant mismatch of feature sets supported, since new firmware is issued every six to 12 months on average, and existing devices are only updated when necessary. Today, engineers can't think of each router or device as being the same but instead must consider what version of the firmware was installed, what hardware plug-in extensions have come and gone, and then mix and match configurations that work from end to end.

Many Obstacles
App performance today leaves no room for error, failure or downtime. This brings to mind the idea of rebuilding a jet engine while it's in flight. In fact, it's not just a single jet - it's more like fixing multiple jet engines from multiple manufacturers while in flight. Even when enterprises try to standardize deployed hardware, the situation can become untenable. With nearly 30 device types per vendor on the market, all featuring a variety of firmware, and two or three vendors in deployment, the numbers are stacking up. Given that each piece of equipment comes with a unique command line or user interface to successfully configure a device, it becomes a nightmare for even the savviest network engineer.

Today's multi-faceted cybersecurity landscape has made the security policy of a "vanilla" access list on a router a thing of the past. Simple firewalling and access control lists are no longer sufficient; they must be extended with more sophisticated intrusion detection and prevention systems. And using public internet transport for low-cost bandwidth requires additional layers of secured virtual networks.

Another significant challenge is capacity planning. Many companies are now leveraging Software as a Service (SaaS) and Infrastructure as a Service (IaaS) such as AWS and Azure. Network bandwidth usage and flow patterns have significantly changed, and are evolving rapidly with the introduction of additional services such as rollouts of Salesforce or Office 365, creating unique demands on networks that were originally designed for "internal use only" usage and security concepts. The reality is that adding new equipment to today's complex networks can't be done overnight.

Streamlining the Transition to Automation
As a way to help overcome these obstacles, some organizations are embracing a self-service IT portal to provide help desk functionality and auto-ticketing. However, these services are typically reserved for simpler, specific tasks, such as accessing a network drive or adding access to a printer, services that don't require a change to network functions.

This is a good idea that doesn't quite fit the bill. IT helpdesk ticketing systems were designed to assign incoming change requests to the proper engineer, but even still, requests that are handled manually can take three to five days to implement if there is no new equipment. When equipment like a new circuit or router is involved, turnaround time can take 30 to 60 days or more and may require senior architects and networking engineers to implement.

Rome was not built in a day, and neither is a sound orchestration and automation plan.

However, here are a few tips on easing the transition:

  • Change your mind, change your organization. This transition does not need to be complicated; you just need the right tools and proper planning. Start by automating specific pain points, such as a QoS policy first. A small success will help in the progression of applying an automation strategy when you move to the next most painful solution.
  • Match your policy to your strategy. The higher-ups usually set the strategy, and it relates to network features like scalability, reliability, security etc. Beginning to roll out standard policies in your enterprise, starting from simple enforcement of standards for DNS and NTP to routing and tunneling, will go a long way. These policies define the rules for each so that centralized control and policy management can be enforced.  This is the start of taking control of your network.
  • Develop your model. No matter what device you are working on, you can implement abstraction and modeling of standard features and node and site configuration because these are vendor-agnostic. Consider what you want the network to do, then build it into the rule set to develop your model. Having models for network features, node types, site type and more will help tremendously when implementing the models in an automation/orchestration platform.
  • Understand your current configuration state. The challenging part here is getting started early. Conducting a discovery exercise on an existing network can be complex. Understanding exactly what the current configuration state is, based on an internal configuration management database or existing documentation vs. what is really there in terms of validating devices and firmware, can add to this complexity. Once the network is known, it is possible to deploy changes against your modeled functionality and migrate it to the desired state. After this is complete, it is essential to immediately protect the network against unauthorized changes, automatically monitoring the configuration state to ensure no other changes are applied.
  • Enable and maintain agility. User requirements and applications using the network are ever evolving. New sites are being deployed. Devices are being upgraded. To enable and maintain agility to service these requests, centralized model-driven automation and orchestration are necessary. This type of control of the network will ensure new devices are provisioned correctly. Policies and best practices must be maintained throughout the network. To enable this, engineering and operations must not be slowed down by automation and orchestration tools and must enable DevOps to quickly develop, test and deploy new features into the production network.

No two networks are alike; whether brownfield or greenfield, each one has its own complexities and challenges. Each team will explore their options and find what best serves their particular circumstances. Using the best practices above will help teams create a customized solution that aligns with the approved network model and serves all stakeholders.

More Stories By Olivier Huynh Van

Olivier Huynh Van, CTO and Co-Founder, is the visionary inventor of Gluware technology and leads R&D for Glue Networks. Previously, he was the former CTO of Yelofin Networks, and has 20 years of experience designing and managing mission-critical global networks for ADM Investor Services, Groupe ODDO & Cie, Natixis, Oxoid and Deutsche Bank. Olivier holds a Master’s Degree in Electronics, Robotics and Information Technology from ESIEA in Paris, France.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
We have already established the importance of APIs in today’s digital world (read about it here). With APIs playing such an important role in keeping us connected, it’s necessary to maintain the API’s performance as well as availability. There are multiple aspects to consider when monitoring APIs, from integration to performance issues, therefore a general monitoring strategy that only accounts for up-time is not ideal.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
These days, change is the only constant. In order to adapt and thrive in an ever-advancing and sometimes chaotic workforce, companies must leverage intelligent tools to streamline operations. While we're only at the dawn of machine intelligence, using a workflow manager will benefit your company in both the short and long term. Think: reduced errors, improved efficiency and more empowered employees-and that's just the start. Here are five other reasons workflow automation is leading a revolution...
We have Continuous Integration and we have Continuous Deployment, but what’s continuous across all of what we do is people. Even when tasks are automated, someone wrote the automation. So, Jayne Groll evangelizes about Continuous Everyone. Jayne is the CEO of the DevOps Institute and the author of Agile Service Management Guide. She talked about Continuous Everyone at the 2016 All Day DevOps conference. She describes it as "about people, culture, and collaboration mapped into your value streams....
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
Did you know that you can develop for mainframes in Java? Or that the testing and deployment can be automated across mobile to mainframe? In his session and demo at @DevOpsSummit at 21st Cloud Expo, Dana Boudreau, a Senior Director at CA Technologies, will discuss how increasingly teams are developing with agile methodologies, using modern development environments, and automating testing and deployments, mobile to mainframe.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single-threaded, you can effectively identify hot spots in your serverless code. In his session at @DevOpsSummit at 21st Cloud Expo, Dave Martin, Product owner at CA Technologies, will give a live demonstration and code walkthrough, showing how ...
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
@DevOpsSummit at Cloud Expo taking place Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center, Santa Clara, CA, is co-located with the 21st International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is ...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.