Feeds

I want SDN and I want it now!

Laziness? Or automating the mundane?

Choosing a cloud hosting partner with confidence

Sysadmin Blog A recent demonstration of Juniper's Software Defined Networking (SDN) showed a level of automation that makes me loathe the mundanity of my day job all the more.

Software defined networking is a collection of technologies that could free me to do far more business-critical things with my time, like research, automating more difficult-to-commoditize business processes, and so forth.

Indeed, it is automation that is at the heart of the matter: the business case for SDN is that of the improvements to health, sanity and pocketbook that automation of IT mundanities can bring. I'm tired of typing routes into Webmin. I'm tired of scripting. I'm tired of adding the MAC address of a new VM into DHCP, configuring the IDS, setting a password and opening ports for remote access.

Budget woes

The sign of a well run and adequately funded IT department is that common tasks are automated. This indicates both that the operations staff aren't dealing with so much outdated, broken or incompatible crap that their hair is constantly on fire and also that they spend their idle time solving problems instead of playing video games.

I automate where I can, but for several clients, everything is a band-aid on top of a band-aid on top of a band-aid. Something will break and cause us to make a change without proper change control and half the scripts will be thrown into chaos.

Worse, the brass could wander into the office to demand the moon on a stick for $24.99. Implementing said wild scheme will invalidate months of previous attempts to tackle the problem. A month's worth of meticulously crafted GPOs go out the window thanks to a business reorg, or a carefully crafted security plan is vetoed because everyone needs access to everything "just in case."

Vendor provided automation

If I could burn it all down and build it anew there are technologies today to help with automation that simply didn't exist 10 or 15 years ago. Puppet is my weapon of choice and if I had the time to build a new network from scratch, nothing would be allowed onto it without Puppet support. Automate early and automate everything.

Sadly, it is very rare that I gain access to that happy world of greenfield deployments. On most networks I don't have the tools to detect (let alone prevent) clandestine IT. What little automation I can reasonably get away with typically boils down to automating the parts of IT operations that other staff members don't ever see, let alone understand.

Automating automation

Cloud computing and mobile devices have made everyone think that IT is easy and sysadmins are just holding out on them. In some cases, our jobs have gotten easier. Compute and storage virtualization have made a significant impact. Networking, however, still eats way too much of my day. This is where SDN comes in.

SDN is basically a nice pushbutton interface that allows me to create everything necessary for a new virtual machine or physical server without actually putting any real thought into it. Choose a class of workload, push a button and poof: everything from VLANs to firewall rules, routing, VPNs, intrusion detection, port mirroring and so forth is configured.

It also takes care of things like switch reconvergence if the janitor pulls out the wrong cable, and it allows us to move from a world where every server change has to be meticulously planned to ensure it doesn't disrupt the network to one where we can just run the cable to the nearest switch and add more links between switches if a path starts looking full. The software will take care of the rest.

What I'm on about, in essence, is change management. More specifically, the lack thereof. Every business – regardless of size – that I work with increasingly wants IT to be able to adapt to change faster. Whether that's provisioning a new VM more rapidly or planning and executing a migration of the financials package to a new vendor, everything is demanded yesterday.

Automating automation

Before compute virtualization I maintained a massive library of imaging tools, automated install batch CDs, gigabytes of vendor hardware diagnostics, and terabytes of drivers. When a system would fail a complicated series of scripts would cast a spell on a RARball somewhere and a failed system would be reborn on backup hardware in three to six hours.

Today, VMware detects a failed host and 30 seconds later the VM is back up and running.

Before storage virtualization, moving a VM required powering it down, dragging it to centralized storage and then pushing it back up to the next host. Backups were multi-tentacled hydras that kept spawning new heads. Today I have storage vMotion, snapshots, replicas, and live-cloning.

I could write a series of scripts to automate everything network related that has been talked about in this article. I question if I could maintain them in the face of an ever-changing set of customer environments. More to the point, I really, really don't want to.

And that, in my mind, is the case for SDN. ®

Beginner's guide to SSL certificates

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?