Welcome!

Microservices Expo Authors: John Worthington, Pat Romanski, Stackify Blog, Automic Blog, Simon Hill

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, SDN Journal, @DevOpsSummit

@CloudExpo: Article

Automated Orchestration | @CloudExpo #SDN #DevOps #Microservices

In light of rapid changes to hardware and software, the standard way of managing configurations is no longer feasible

Creating a Customized Automated Orchestration Strategy

Large enterprises today are juggling an enormous variety of network equipment. Business users are asking for specific network throughput guarantees when it comes to their critical applications, legal departments require compliance with mandated regulatory frameworks, and operations are asked to do more with shrinking budgets. All these requirements do not easily align with existing network architectures; hence, network operators are continuously faced with a slew of granular parameter change requests, trying to meet ongoing network requirement changes without having the proper tools in place.

In light of rapid changes to hardware and software, the standard way of managing configurations through hop-by-hop or router-to-router management is no longer feasible. Network complexity today requires control of the entire environment from end to end, and the ability to apply policy changes with the utmost precision across a whole network. Let's consider the path to making these changes:

  • Is the device hard-wired or connecting wirelessly to the network?
  • Is the device on a corporate LAN or coming from a remote site?
  • Do they need access to public or private cloud (or both)?
  • What is the location of the end user's device, be it a laptop or a PC?
  • Will changes to the device involve other operations teams (think telco and VoIP)?

The change requests then must be fulfilled in line with the user's request and satisfy the network performance requirement of the application while having minimal effect on the other services running on the network.

The next problem is that, though it isn't unusual for teams to fall behind as the changes roll in, when operations is given a complex request, only to realize there is no current network documentation, the results can be disastrous. Often senior network architects, designers and engineers must collaborate to minimize potential side effects, which slows the process even more.

Trying to Make Changes on the Fly
Disruptions in corporate networks can be catastrophic to the business. Hence, all changes must undergo stringent verification and approval processes. Add in changes that must be made across domains - for example, security, disaster recovery, video and VoIP - and a disparate knowledge base between the different departments involved often leads to conflicting or incomplete change requests.

Complicating factors include, as an example, the lack of highly skilled "full-stack engineers," professionals who can program software and make configuration changes with networking on the fly, regardless of the application or the equipment. Operations personnel tend to be generalists, and without a detailed skillset, they must rely upon subject-matter experts who are well versed in various subsets of technology. Alternatively, they must wait on configuration changes to be released by the hardware or software vendor, or engage a contractor from a third party, a slow and painful process at best.

The majority of network projects incrementally evolve and enhance an existing network in the common "brownfield" approach. This is in contrast to the less-common "greenfield" scenario, where the engineers can pick the newest router or product with the most up-to-date feature set. The average replacement cycle is usually dictated by the manufacturer's support cycle, typically five to 10 years. Such a long cycle can create a significant mismatch of feature sets supported, since new firmware is issued every six to 12 months on average, and existing devices are only updated when necessary. Today, engineers can't think of each router or device as being the same but instead must consider what version of the firmware was installed, what hardware plug-in extensions have come and gone, and then mix and match configurations that work from end to end.

Many Obstacles
App performance today leaves no room for error, failure or downtime. This brings to mind the idea of rebuilding a jet engine while it's in flight. In fact, it's not just a single jet - it's more like fixing multiple jet engines from multiple manufacturers while in flight. Even when enterprises try to standardize deployed hardware, the situation can become untenable. With nearly 30 device types per vendor on the market, all featuring a variety of firmware, and two or three vendors in deployment, the numbers are stacking up. Given that each piece of equipment comes with a unique command line or user interface to successfully configure a device, it becomes a nightmare for even the savviest network engineer.

Today's multi-faceted cybersecurity landscape has made the security policy of a "vanilla" access list on a router a thing of the past. Simple firewalling and access control lists are no longer sufficient; they must be extended with more sophisticated intrusion detection and prevention systems. And using public internet transport for low-cost bandwidth requires additional layers of secured virtual networks.

Another significant challenge is capacity planning. Many companies are now leveraging Software as a Service (SaaS) and Infrastructure as a Service (IaaS) such as AWS and Azure. Network bandwidth usage and flow patterns have significantly changed, and are evolving rapidly with the introduction of additional services such as rollouts of Salesforce or Office 365, creating unique demands on networks that were originally designed for "internal use only" usage and security concepts. The reality is that adding new equipment to today's complex networks can't be done overnight.

Streamlining the Transition to Automation
As a way to help overcome these obstacles, some organizations are embracing a self-service IT portal to provide help desk functionality and auto-ticketing. However, these services are typically reserved for simpler, specific tasks, such as accessing a network drive or adding access to a printer, services that don't require a change to network functions.

This is a good idea that doesn't quite fit the bill. IT helpdesk ticketing systems were designed to assign incoming change requests to the proper engineer, but even still, requests that are handled manually can take three to five days to implement if there is no new equipment. When equipment like a new circuit or router is involved, turnaround time can take 30 to 60 days or more and may require senior architects and networking engineers to implement.

Rome was not built in a day, and neither is a sound orchestration and automation plan.

However, here are a few tips on easing the transition:

  • Change your mind, change your organization. This transition does not need to be complicated; you just need the right tools and proper planning. Start by automating specific pain points, such as a QoS policy first. A small success will help in the progression of applying an automation strategy when you move to the next most painful solution.
  • Match your policy to your strategy. The higher-ups usually set the strategy, and it relates to network features like scalability, reliability, security etc. Beginning to roll out standard policies in your enterprise, starting from simple enforcement of standards for DNS and NTP to routing and tunneling, will go a long way. These policies define the rules for each so that centralized control and policy management can be enforced.  This is the start of taking control of your network.
  • Develop your model. No matter what device you are working on, you can implement abstraction and modeling of standard features and node and site configuration because these are vendor-agnostic. Consider what you want the network to do, then build it into the rule set to develop your model. Having models for network features, node types, site type and more will help tremendously when implementing the models in an automation/orchestration platform.
  • Understand your current configuration state. The challenging part here is getting started early. Conducting a discovery exercise on an existing network can be complex. Understanding exactly what the current configuration state is, based on an internal configuration management database or existing documentation vs. what is really there in terms of validating devices and firmware, can add to this complexity. Once the network is known, it is possible to deploy changes against your modeled functionality and migrate it to the desired state. After this is complete, it is essential to immediately protect the network against unauthorized changes, automatically monitoring the configuration state to ensure no other changes are applied.
  • Enable and maintain agility. User requirements and applications using the network are ever evolving. New sites are being deployed. Devices are being upgraded. To enable and maintain agility to service these requests, centralized model-driven automation and orchestration are necessary. This type of control of the network will ensure new devices are provisioned correctly. Policies and best practices must be maintained throughout the network. To enable this, engineering and operations must not be slowed down by automation and orchestration tools and must enable DevOps to quickly develop, test and deploy new features into the production network.

No two networks are alike; whether brownfield or greenfield, each one has its own complexities and challenges. Each team will explore their options and find what best serves their particular circumstances. Using the best practices above will help teams create a customized solution that aligns with the approved network model and serves all stakeholders.

More Stories By Olivier Huynh Van

Olivier Huynh Van, CTO and Co-Founder, is the visionary inventor of Gluware technology and leads R&D for Glue Networks. Previously, he was the former CTO of Yelofin Networks, and has 20 years of experience designing and managing mission-critical global networks for ADM Investor Services, Groupe ODDO & Cie, Natixis, Oxoid and Deutsche Bank. Olivier holds a Master’s Degree in Electronics, Robotics and Information Technology from ESIEA in Paris, France.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
identify the sources of event storms and performance anomalies will require automated, real-time root-cause analysis. I think Enterprise Management Associates said it well: “The data and metrics collected at instrumentation points across the application ecosystem are essential to performance monitoring and root cause analysis. However, analytics capable of transforming data and metrics into an application-focused report or dashboards are what separates actual application monitoring from relat...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
DevOps teams have more on their plate than ever. As infrastructure needs grow, so does the time required to ensure that everything's running smoothly. This makes automation crucial - especially in the server and network monitoring world. Server monitoring tools can save teams time by automating server management and providing real-time performance updates. As budgets reset for the New Year, there is no better time to implement a new server monitoring tool (or re-evaluate your current solution)....
The benefits of automation are well documented; it increases productivity, cuts cost and minimizes errors. It eliminates repetitive manual tasks, freeing us up to be more innovative. By that logic, surely, we should automate everything possible, right? So, is attempting to automate everything a sensible - even feasible - goal? In a word: no. Consider this your short guide as to what to automate and what not to automate.
Cavirin Systems has just announced C2, a SaaS offering designed to bring continuous security assessment and remediation to hybrid environments, containers, and data centers. Cavirin C2 is deployed within Amazon Web Services (AWS) and features a flexible licensing model for easy scalability and clear pay-as-you-go pricing. Although native to AWS, it also supports assessment and remediation of virtual or container instances within Microsoft Azure, Google Cloud Platform (GCP), or on-premise. By dr...
Let's do a visualization exercise. Imagine it's December 31, 2018, and you're ringing in the New Year with your friends and family. You think back on everything that you accomplished in the last year: your company's revenue is through the roof thanks to the success of your product, and you were promoted to Lead Developer. 2019 is poised to be an even bigger year for your company because you have the tools and insight to scale as quickly as demand requires. You're a happy human, and it's not just...
"Opsani helps the enterprise adopt containers, help them move their infrastructure into this modern world of DevOps, accelerate the delivery of new features into production, and really get them going on the container path," explained Ross Schibler, CEO of Opsani, and Peter Nickolov, CTO of Opsani, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. Thi...
It’s “time to move on from DevOps and continuous delivery.” This was the provocative title of a recent article in ZDNet, in which Kelsey Hightower, staff developer advocate at Google Cloud Platform, suggested that “software shops should have put these concepts into action years ago.” Reading articles like this or listening to talks at most DevOps conferences might make you think that we’re entering a post-DevOps world. But vast numbers of organizations still struggle to start and drive transfo...
The nature of test environments is inherently temporary—you set up an environment, run through an automated test suite, and then tear down the environment. If you can reduce the cycle time for this process down to hours or minutes, then you may be able to cut your test environment budgets considerably. The impact of cloud adoption on test environments is a valuable advancement in both cost savings and agility. The on-demand model takes advantage of public cloud APIs requiring only payment for t...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, discussed how by using ne...
While we understand Agile as a means to accelerate innovation, manage uncertainty and cope with ambiguity, many are inclined to think that it conflicts with the objectives of traditional engineering projects, such as building a highway, skyscraper or power plant. These are plan-driven and predictive projects that seek to avoid any uncertainty. This type of thinking, however, is short-sighted. Agile approaches are valuable in controlling uncertainty because they constrain the complexity that ste...
"We're developing a software that is based on the cloud environment and we are providing those services to corporations and the general public," explained Seungmin Kim, CEO/CTO of SM Systems Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The cloud revolution in enterprises has very clearly crossed the phase of proof-of-concepts into a truly mainstream adoption. One of most popular enterprise-wide initiatives currently going on are “cloud migration” programs of some kind or another. Finding business value for these programs is not hard to fathom – they include hyperelasticity in infrastructure consumption, subscription based models, and agility derived from rapid speed of deployment of applications. These factors will continue to...
"This all sounds great. But it's just not realistic." This is what a group of five senior IT executives told me during a workshop I held not long ago. We were working through an exercise on the organizational characteristics necessary to successfully execute a digital transformation, and the group was doing their ‘readout.' The executives loved everything we discussed and agreed that if such an environment existed, it would make transformation much easier. They just didn't believe it was reali...
"CA has been doing a lot of things in the area of DevOps. Now we have a complete set of tool sets in order to enable customers to go all the way from planning to development to testing down to release into the operations," explained Aruna Ravichandran, Vice President of Global Marketing and Strategy at CA Technologies, in this SYS-CON.tv interview at DevOps Summit at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
We just came off of a review of a product that handles both containers and virtual machines in the same interface. Under the covers, implementation of containers defaults to LXC, though recently Docker support was added. When reading online, or searching for information, increasingly we see “Container Management” products listed as competitors to Docker, when in reality things like Rocket, LXC/LXD, and Virtualization are Dockers competitors. After doing some looking around, we have decided tha...
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
"Codigm is based on the cloud and we are here to explore marketing opportunities in America. Our mission is to make an ecosystem of the SW environment that anyone can understand, learn, teach, and develop the SW on the cloud," explained Sung Tae Ryu, CEO of Codigm, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Many enterprise and government IT organizations are realizing the benefits of cloud computing by extending IT delivery and management processes across private and public cloud services. But they are often challenged with balancing the need for centralized cloud governance without stifling user-driven innovation. This strategy requires an approach that fundamentally reshapes how IT is delivered today, shifting the focus from infrastructure to services aggregation, and mixing and matching the bes...