Feeds

I want SDN and I want it now!

Laziness? Or automating the mundane?

HP ProLiant Gen8: Integrated lifecycle automation

Sysadmin Blog A recent demonstration of Juniper's Software Defined Networking (SDN) showed a level of automation that makes me loathe the mundanity of my day job all the more.

Software defined networking is a collection of technologies that could free me to do far more business-critical things with my time, like research, automating more difficult-to-commoditize business processes, and so forth.

Indeed, it is automation that is at the heart of the matter: the business case for SDN is that of the improvements to health, sanity and pocketbook that automation of IT mundanities can bring. I'm tired of typing routes into Webmin. I'm tired of scripting. I'm tired of adding the MAC address of a new VM into DHCP, configuring the IDS, setting a password and opening ports for remote access.

Budget woes

The sign of a well run and adequately funded IT department is that common tasks are automated. This indicates both that the operations staff aren't dealing with so much outdated, broken or incompatible crap that their hair is constantly on fire and also that they spend their idle time solving problems instead of playing video games.

I automate where I can, but for several clients, everything is a band-aid on top of a band-aid on top of a band-aid. Something will break and cause us to make a change without proper change control and half the scripts will be thrown into chaos.

Worse, the brass could wander into the office to demand the moon on a stick for $24.99. Implementing said wild scheme will invalidate months of previous attempts to tackle the problem. A month's worth of meticulously crafted GPOs go out the window thanks to a business reorg, or a carefully crafted security plan is vetoed because everyone needs access to everything "just in case."

Vendor provided automation

If I could burn it all down and build it anew there are technologies today to help with automation that simply didn't exist 10 or 15 years ago. Puppet is my weapon of choice and if I had the time to build a new network from scratch, nothing would be allowed onto it without Puppet support. Automate early and automate everything.

Sadly, it is very rare that I gain access to that happy world of greenfield deployments. On most networks I don't have the tools to detect (let alone prevent) clandestine IT. What little automation I can reasonably get away with typically boils down to automating the parts of IT operations that other staff members don't ever see, let alone understand.

Automating automation

Cloud computing and mobile devices have made everyone think that IT is easy and sysadmins are just holding out on them. In some cases, our jobs have gotten easier. Compute and storage virtualization have made a significant impact. Networking, however, still eats way too much of my day. This is where SDN comes in.

SDN is basically a nice pushbutton interface that allows me to create everything necessary for a new virtual machine or physical server without actually putting any real thought into it. Choose a class of workload, push a button and poof: everything from VLANs to firewall rules, routing, VPNs, intrusion detection, port mirroring and so forth is configured.

It also takes care of things like switch reconvergence if the janitor pulls out the wrong cable, and it allows us to move from a world where every server change has to be meticulously planned to ensure it doesn't disrupt the network to one where we can just run the cable to the nearest switch and add more links between switches if a path starts looking full. The software will take care of the rest.

What I'm on about, in essence, is change management. More specifically, the lack thereof. Every business – regardless of size – that I work with increasingly wants IT to be able to adapt to change faster. Whether that's provisioning a new VM more rapidly or planning and executing a migration of the financials package to a new vendor, everything is demanded yesterday.

Automating automation

Before compute virtualization I maintained a massive library of imaging tools, automated install batch CDs, gigabytes of vendor hardware diagnostics, and terabytes of drivers. When a system would fail a complicated series of scripts would cast a spell on a RARball somewhere and a failed system would be reborn on backup hardware in three to six hours.

Today, VMware detects a failed host and 30 seconds later the VM is back up and running.

Before storage virtualization, moving a VM required powering it down, dragging it to centralized storage and then pushing it back up to the next host. Backups were multi-tentacled hydras that kept spawning new heads. Today I have storage vMotion, snapshots, replicas, and live-cloning.

I could write a series of scripts to automate everything network related that has been talked about in this article. I question if I could maintain them in the face of an ever-changing set of customer environments. More to the point, I really, really don't want to.

And that, in my mind, is the case for SDN. ®

Reducing security risks from open source software

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.