While today’s networks are comprised of many different domains, the data center is still a critical part of an enterprise’s infrastructure. Data centers are intricate systems with thousands, of individual components. It’s the central location of all data and information storage, processing, and distribution of your network. As a result, making any changes to a data center network can be a daunting task requiring multiple teams, approvals, and processes.
Planning and implementing changes to provide network access to application owners can take days, weeks, or even months. In today’s always on world, that’s no longer an option. Protocols like VXLAN and BGP-EVPN have been widely deployed to provide a reliable and efficient network environment that can keep pace with the rate of change with applications, but many teams are still using manual processes to access data from IT systems to make VXLAN configurations changes using CLI on data center devices.
Network teams must find a way to build end-to-end automations for VXLAN configuration or they risk being trapped in an endless backlog of manual changes.
Why Manual VXLAN Changes are Inherently Complex & Error-Prone
Throughout my career supporting enterprise and service provider organizations, I’ve had conversations with customers who struggle with many aspects of VXLAN changes; change management planning, dealing with bottlenecks during the IP address management process, and change approvals. Ensuring that all application requirements are correctly submitted is also a significant challenge because many requests are submitted using excel sheets that are sent back and forth (and back… and forth…) over email, and errors during this process are prevalent and quite frankly inevitable. Manual configurations are the final piece of the complex puzzle. Most data center configurations, particularly on VXLAN fabrics, are complex, and standardization is virtually impossible due to a lack of configuration templatizing and the variability between implementation resources.
Since data center engineers are tasked with hundreds of changes per week, it’s become very difficult if not near impossible for them to keep up with demand.
Teams know they need to automate but are still running into roadblocks. Data center network controllers fail to deliver on the promise of end-to-end automation. For starters, most domain controllers are very rigid and vendor specific, making it difficult to deviate from what they were originally programmed to do. The ability to modify configuration templates and add/remove steps from the change process is frequently lacking (it could take up to 6 – 9 months for a feature request!). Controllers also lack the integration capabilities to make API calls to IPAM systems, change management systems and send notifications to stakeholders.
With this lack of automation support and flexibility, how can teams start to build any meaningful automation?
How Itential Helps Automate VXLAN Changes from Start to Finish
To successfully create automations for VXLAN changes, we must examine the process from start to finish. This begins with the request driven by the application owner or a northbound system via API, then requests IPAM tools to fulfill subnet planning/allocations, and finally integration with notification systems such as Slack or Teams to inform the user when the change has been successfully completed.
The Itential Automation Platform is the only solution that provides the tools and capabilities needed to templatize VXLAN configuration in a standardized and repeatable way while also providing all the integrations necessary to automate this process end-to-end.
Itential can automate these processes from start to finish by providing an API-first framework with support for hundreds of Pre-Built Adapters and pre-defined APIs incorporated into our workflow canvas that make it very simple to create end-to-end workflows – from initiating a request through a change management system or a user-driven input form, integrating with systems of record, IPAM, updating tickets, and sending notifications.
The ability of Itential to render Jinja2 configuration templates, combined with Itential Automation Gateway (IAG), a standalone application that allows Itential to communicate with network devices via CLI, is the ideal combination for overcoming the challenges that network domain controllers simply cannot support.
Recently, I demoed this very use case, showcasing exactly how Itential does this. It’s a very powerful and repeatable use case that integrates a user-driven VXLAN data center subnet configuration request, along with port allocation, automatic allocation of an IP subnet and VLAN ID using NetBox’s IPAM service, full automation of the configuration process using Itential and IAG with pre- and post-checks validations of the Control Plane, and finally integrating into notification systems to let the user know their request has been completed.
You can watch the full demo here or learn more about Itential’s automation solution for data center networks here.