Feeds

I want SDN and I want it now!

Laziness? Or automating the mundane?

Top 5 reasons to deploy VMware with Tegile

Sysadmin Blog A recent demonstration of Juniper's Software Defined Networking (SDN) showed a level of automation that makes me loathe the mundanity of my day job all the more.

Software defined networking is a collection of technologies that could free me to do far more business-critical things with my time, like research, automating more difficult-to-commoditize business processes, and so forth.

Indeed, it is automation that is at the heart of the matter: the business case for SDN is that of the improvements to health, sanity and pocketbook that automation of IT mundanities can bring. I'm tired of typing routes into Webmin. I'm tired of scripting. I'm tired of adding the MAC address of a new VM into DHCP, configuring the IDS, setting a password and opening ports for remote access.

Budget woes

The sign of a well run and adequately funded IT department is that common tasks are automated. This indicates both that the operations staff aren't dealing with so much outdated, broken or incompatible crap that their hair is constantly on fire and also that they spend their idle time solving problems instead of playing video games.

I automate where I can, but for several clients, everything is a band-aid on top of a band-aid on top of a band-aid. Something will break and cause us to make a change without proper change control and half the scripts will be thrown into chaos.

Worse, the brass could wander into the office to demand the moon on a stick for $24.99. Implementing said wild scheme will invalidate months of previous attempts to tackle the problem. A month's worth of meticulously crafted GPOs go out the window thanks to a business reorg, or a carefully crafted security plan is vetoed because everyone needs access to everything "just in case."

Vendor provided automation

If I could burn it all down and build it anew there are technologies today to help with automation that simply didn't exist 10 or 15 years ago. Puppet is my weapon of choice and if I had the time to build a new network from scratch, nothing would be allowed onto it without Puppet support. Automate early and automate everything.

Sadly, it is very rare that I gain access to that happy world of greenfield deployments. On most networks I don't have the tools to detect (let alone prevent) clandestine IT. What little automation I can reasonably get away with typically boils down to automating the parts of IT operations that other staff members don't ever see, let alone understand.

Automating automation

Cloud computing and mobile devices have made everyone think that IT is easy and sysadmins are just holding out on them. In some cases, our jobs have gotten easier. Compute and storage virtualization have made a significant impact. Networking, however, still eats way too much of my day. This is where SDN comes in.

SDN is basically a nice pushbutton interface that allows me to create everything necessary for a new virtual machine or physical server without actually putting any real thought into it. Choose a class of workload, push a button and poof: everything from VLANs to firewall rules, routing, VPNs, intrusion detection, port mirroring and so forth is configured.

It also takes care of things like switch reconvergence if the janitor pulls out the wrong cable, and it allows us to move from a world where every server change has to be meticulously planned to ensure it doesn't disrupt the network to one where we can just run the cable to the nearest switch and add more links between switches if a path starts looking full. The software will take care of the rest.

What I'm on about, in essence, is change management. More specifically, the lack thereof. Every business – regardless of size – that I work with increasingly wants IT to be able to adapt to change faster. Whether that's provisioning a new VM more rapidly or planning and executing a migration of the financials package to a new vendor, everything is demanded yesterday.

Automating automation

Before compute virtualization I maintained a massive library of imaging tools, automated install batch CDs, gigabytes of vendor hardware diagnostics, and terabytes of drivers. When a system would fail a complicated series of scripts would cast a spell on a RARball somewhere and a failed system would be reborn on backup hardware in three to six hours.

Today, VMware detects a failed host and 30 seconds later the VM is back up and running.

Before storage virtualization, moving a VM required powering it down, dragging it to centralized storage and then pushing it back up to the next host. Backups were multi-tentacled hydras that kept spawning new heads. Today I have storage vMotion, snapshots, replicas, and live-cloning.

I could write a series of scripts to automate everything network related that has been talked about in this article. I question if I could maintain them in the face of an ever-changing set of customer environments. More to the point, I really, really don't want to.

And that, in my mind, is the case for SDN. ®

Beginner's guide to SSL certificates

More from The Register

next story
Ellison: Sparc M7 is Oracle's most important silicon EVER
'Acceleration engines' key to performance, security, Larry says
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Lenovo to finish $2.1bn IBM x86 server gobble in October
A lighter snack than expected – but what's a few $100m between friends, eh?
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Hey, what's a STORAGE company doing working on Internet-of-Cars?
Boo - it's not a terabyte car, it's just predictive maintenance and that
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.