Itential Automation Gateway Demo Overview

As automation engineers, you spend a lot of time focused on building the best automations possible, using tools that fit the project and your skillset, and then pushing those automations to a Git repository. But it’s one thing to share a script or a Playbook with a team member who is familiar with Git and with building and modifying environments — it’s another to operationalize automation for operators to consume.

This demo explores Itential’s Automation Gateway and shows how it works.

You’ll get a firsthand look at the new Automation Gateway, which can be managed through a single binary on the CLI and acts as a central, dynamic execution platform for running automations (Python, Plans, and Playbooks alike). Then you’ll see how automation services can be delivered as a product catalog when connected to Itential Cloud for team members to consume.

In this demo, you’ll see:

  • How Itential Automation Gateway (IAG) works, and how you can use it to pull down automations from a Git repository and easily build services around them.
  • How IAG dynamically generates automation execution environments at runtime.
  • How published automation services can be exposed as products through Itential Cloud, allowing others to consume automations with no need for automation developers to spend time building and managing environments.

  • Demo Notes

    (So you can skip ahead, if you want.)

    00:00 Intro & Overview for NetDevOps
    01:10 Publishing an Automation as a Service with iagctl Command Interface
    02:24 Running a Service without Managing an Execution Environment
    03:15 Service Execution from CLI with Real-Time Update From Git
    03:43 Intro & Overview for Operators & Admins
    04:08 Managing New Users, Groups, & RBAC Features
    04:31 Onboarding a New Gateway into Itential Cloud
    05:53 Review List & Run an Automation without Managing an Execution Environment
    06:46 Review Output & Status of Completed Automation
    07:02 Real-Time Update & Execution

  • View Transcript

    Rich Martin • 00:03

    As automation engineers, you spend a lot of time focused on building the best automations possible using tools that make sense for the project, your skill set, and the network domain you focus on. Tools like Python, Ansible, and OpenTofu are standard, with the possibility of all new tools in the future. So your daily process looks a lot like this. Edit your automations, run your automations, test it out, make more changes, rinse, repeat, and when it’s done, you commit it and push it to your Git repository, making it simple for your NetDevOps team to pull down and set up in their own environments. But how do you operationalize all of these automations spread across multiple domains and teams, which use different tools, so that team members that don’t have the same skill set as developers can use them on a day-to-day basis? To solve this problem, you need a platform that can access the appropriate automations, build the correct execution environment, and enable teams, both developers and non-developers, to execute those automations in a way that’s simple, scalable, and secure. And that’s what Itential Cloud Automation Solution delivers to you. Every automation team can deploy their own on-premises clustered automation gateway, which can be managed through a single binary on the CLI, IAG CTL. Using this command, you can configure it to access your team’s Git repository, so it can access the proper automations and ensure that the correct version is always being used. Then, create services and link them to the automations in the Git repository. These have already been created, but we can create a new service now. Automation services can have a decorator associated with them, defined by a JSON schema, in order to define and validate inputs for the service. We can create one from an existing local file, like this, to define two inputs. A new service is defined by this command, which identifies the Git repo, directory, and the filename of the automation, as well as the decorator to use, along with a description and a tag.

    Rich Martin • 02:11

    You also define the type of automation this is, which is a Python script here, but Ansible and OpenTofu are also supported. Once that’s complete, you’ve created a new service, which will now appear in the service list, which means that you can now run the service directly through and using Automation Gateway, like this. When you execute a service this way, Automation Gateway dynamically pulls down the automation directory from Git, builds the appropriate execution environment using the requirements file in the repository, and then executes the automation and passes along the outputs to the user. While that may not be a big deal to an automation engineer who’s used to using tools like Git and building and modifying environments, think about the number of people on your team who don’t have that skill set or experience, who can now safely and securely run automations without you building and managing the execution environment for everyone. Once an automation service is created, automation developers can now focus on building automations, not platforms, using the same tools and the same processes they’re used to without requiring them to change anything. So when a developer updates an automation, every user who runs the service that is associated with that automation will have the new automation and assets as well as the proper environment required to run it every single time because the Automation Gateway is taking all of that burden off of you and your team. Once you’ve deployed the on-prem Automation Gateway server, you can easily connect it to the Itential Cloud by editing a configuration file on the server and then logging into your Itential Cloud account.

    Rich Martin • 03:55

    When you log in, you’ll see the operations portal, which gives you a quick way to run or schedule an automation, see when automations have recently been run, and see which automations are scheduled to be run in the future. As an administrator, I can easily set up a new user here, define their information and associate them with a group that has been defined. We also have a granular set of rules that can be enabled and disabled based off of your needs. Under gateways, you’ll see that we already have two gateways defined, an automation gateway for the security team and an automation gateway for the cloud team. These gateways are operated by those teams, referencing their own set of services built with automations leveraging different tools. Itential Cloud becomes the centralized portal with access to all of your organization’s deployed automation gateways. Adding a new gateway is a straightforward process.

    Rich Martin • 04:51

    First, click on the icon to add a gateway and fill out a unique name for this gateway, a description and a cluster ID. This is a unique ID set within the configuration file of the on-prem installed automation gateway. Automation gateway is also configured with a unique host name of the Itential Cloud service, so the connection is from on-premises to cloud and the cluster ID along with a matching security certificate identifies a valid gateway. Now we can upload the matching certificate, click next and save it. We can now provide access to different groups who should be using this gateway. Now let’s associate the correct certificate with this gateway and we are set and the gateway is configured and enabled. The automation section is where you can see all of the automation services available to you.

    Rich Martin • 05:55

    As an admin, I have access to all of these automations, but for other users, they may only have access to the automations from their specific domain’s gateway. We can filter by gateway, and see the automation services offered by the cloud team’s gateway, the security team’s gateway, and the services offered by the data center team’s gateway, which we just onboarded. From here, we can simply click on an automation to run it. Let’s run the GetInterfaceCounters service that we created earlier. Because it was created with a JSON decorator, that is now rendered as a form input field in Itential Cloud to help provide guardrails for inputs into an automation service. Clicking Run starts the process of executing the automation on the on-prem automation gateway it’s defined on. Clicking on Activity shows you what’s recently been completed, as well as what’s currently running and what has been scheduled.

    Rich Martin • 06:53

    As soon as the automation is complete, we get the results back, which we can view by clicking on the entry. So now, whenever a developer updates an automation, publishes it in their Git repository, Everyone using the Itential Cloud Automation Service will always have the latest version, pulled right and directly from the Git repository, along with the environment needed to run it successfully, all generated for them dynamically by the Itential solution, so they can focus on running, building, and maintaining the network more efficiently.

Operationalize Your Network Automations: Standardize, Execute, & Securely Share Infrastructure Automations (NFD 36)  
Video
Operationalize Your Network Automations: Standardize, Execute, & Securely Share Infrastructure Automations (NFD 36)
Watch Now  

Additional Resources

Video: AutoCon 2: The Automation Builder’s Dilemma On-Demand Webinar: Eliminate Script Chaos: How to Build & Share Automations at Scale with Itential Video: Packet Pushers Video Bytes: Centrally Manage & Execute Your Network Automations with Itential Standardize Automation Across Your Infrastructure with Itential Automation Gateway Blog: Operationalizing Network Automation: Lessons Learned (The Hard Way) Blog: Introducing Itential’s New Automation Service: Transforming How NetDevOps Teams Standardize, Execute, & Share Automations Blog: how does torero fit into my operational stack?