Today, network automation is critical — and network engineers who build automations with tools like Python can save significant time and effort while keeping up with increasing demand for network services. Often, though, the impact of these automations is limited in scope. Here’s a question we often ask network engineers:
Would you share your scripts with the engineers sitting next to you?
Sometimes, we get a ‘yes,’ with conditions—as long as they know not to run it on these certain devices, at certain times, etc. More often, though, it’s a ‘no.’ This puts a cap on the impact automations can have, limiting their scope to just the colleagues “you can trust” to run them. What happens when teammates want to share scripts with each other, or when someone is out?
This can be the first major speed bump for a network team on their automation journey. If automations are limited to just their authors, the team is still less efficient than they could be. And for people who don’t write as much code, it can feel like they’re not able to have the same kind of impact.
Itential Automation Gateway (IAG) is built to solve these challenges and empower teams to make the most of their automations by treating them as real assets. The platform provides a universal execution environment for Python, Ansible, and Terraform, with the ability to expose automations for both low-code consumption using JSON Schema for input validation and high-code consumption via API. These capabilities in conjunction with enterprise-grade security and access control features allow teams to make the most of the automations they build.
Sharing Scripts Powers Up Your Team
Imagine a network team where one person is very proficient with Python, while two others know a little bit but not a ton. Then, a recent hire is familiar with Ansible, but doesn’t know Python. And then there are a couple of engineers who don’t have strong coding expertise. How does that team leverage automation to maximum effect?
A lot of teams fit that description. Maybe not the specifics, but the outcome: a team with varied skillsets who can struggle with collaboration when it comes to automation efforts.
With the ability to share automations with IAG, the impact of a script one person builds can be felt across the entire team. The variable arguments required for a script can be presented as a form by defining a JSON Schema, allowing low-code engineers to participate in automation and verifying arguments are correct and consistent. And, crucially, automations built with different tools can coexist in the same team’s library. Python scripts, Ansible Playbooks, and Terraform plans can all be accessed through IAG and run by any authorized user.
In addition, API endpoints can be attached to individual automation scripts and exposed for northbound consumption. That means systems like ServiceNow or CI/CD pipelines can make calls to network automations via API, which can greatly accelerate network service delivery across an organization.
Sharing automations means better outcomes, faster resolutions, less repeated work, and a more consistent approach to performing networking activities.
But Wait, What About Risk?
Of course, there’s a reason why most network engineers answer ‘no’ to our question above. It’s easy to imagine a scenario where an automation is shared and someone ends up breaking something in the network, pushing config that’s not in compliance, or any number of other issues.
To enable teams to share automations without bringing it all crashing down around them, IAG provides several enterprise-grade features around security, authorization, access, and input validation so that automations can be shared with complete confidence.
Here’s how IAG enables network teams to control access to operational infrastructure:
- Encryption: Standards-based SSL/TLS to provide a secure, web-based execution interface for network automations.
- Authentication: Built-in features to validate users based on locally defined accounts, and the ability to integrate with an organization’s LDAP service for centralized account management.
- Authorization: Ability to define rules to control who can view, manage, and execute network automations.
- Auditing: Detailed logs on system access, changes, and automation execution.
- Input Validation: Script decoration with JSON Schema to define expected arguments and determine whether an automation should be run with a given user’s inputs.
Using a secure platform like IAG helps maximize the automations teams are building today by exposing them for consumption without risking the network.
Get the Most Out of Network Automation
Because Itential Automation Gateway (IAG) can bring disparate automation assets together for centralized management and execution, it’s a valuable platform for any network team pursuing automation. Teams can onboard automations and turn them into real assets — storing them in Git for version control, attaching RBAC and encryption, and turning them into APIs for wider consumption by authorized systems.
A universal execution environment means everyone on the network team can get the most out of network automation — whether they’re a Python superscripter or not. The features are designed to maximize collaboration for everyone — high-code and low-code — to be able to do more with less effort.
Would you share your script with the person next to you? With IAG, the answer is always yes.
Learn more about evolving on your network automation journey in this episode of Packet Pushers.
Rich Martin
Director of Technical Marketing ‐ Itential
Rich Martin is the Director of Technical Marketing at Itential. Previously, Rich has worked at several networking vendors as a both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.
