OpenMSA: A devops framework for the network admin
Ubiqube's CTO Hervé Guesdon talks to El Reg
Interview In February, network automation company Ubiqube released another network management framework into the open source world. The Register spoke to CTO Hervé Guesdon to understand the company's hopes for its OpenMSA tools.
OpenMSA is the Open Modelling and Simulation architecture, and Guesdon described it as a way of presenting network management as microservices rather than proprietary blobs.
He said there's a market need, in spite of a plethora of both proprietary and open initiatives to present APIs to try and integrate multivendor management. That's because network management systems suffer the bloat common to so much software: most of their features are untouched by most users, most of the time.
“If you look at the network vendors' solutions, their management platforms – the main objective is to show the richness of the solutions”, Guesdon said, “so they will expose all the parameters, the more the better.”
That's not always what the industry wants. “Today, people are looking for automation, deployment, and service management.
“As a vendor, you are delivering a firewall service, and you want to expose 20 parameters for one firewall rule. But as a service provider, I may only need five parameters.”
The result, Guesdon said, is that for network and security pros, it's hard to pursue a devops approach, because the solutions are “very IT-centric”.
“OpenMSA is a framework where networking and security engineers can do devops without having to learn development. You can easily design and model the features you want to manage”, with OpenMSA downloads for capabilities like service assurance.
The reason for opening the environment and publishing it on GitHub, Guesdon said, was to build a community where others, including vendors, can design microservices libraries for capabilities such as “slicing and dicing device configuration” in the same way as application microservices break once-monolithic software into modules.
Ubiqube's head of marketing Ariane Sunder added that it's a way to get around network administrators having “37 screens to log into”.
“There's often no system that can handle the physical devices, as well as their software, as well as configuration … the OpenMSA community is trying to help ease that pain from the service provider perspective, as well as from the developer perspective.”
As devices are added to the community repository, they get easier to integrate, she said.
Day two management
Another context for OpenMSA, Guesdon explained, is “day two change management”, the ability to implement customer change requests easily.
“If you want to add a rule, a new VLAN for example, you should be able to do that very easily”, he said.
A lot of network devices focus on fast installation, automatically loading devices with their first configuration, a point at which “you don't really need agility or service intelligence”.
On the second day, when the network admins need to configure customer services, they're faced with different languages (NETCONF and YANG, for example), as well as vendor APIs.
With multiple vendors, “Even if you are betting on standardisation like NETCONF and YANG, you will see different data models even if two devices are claiming the same management.”
That's not just a pain for net admins – it gets in the way of building customer self-care solutions.
Guesdon said providers like AWS and Microsoft Azure make it easy to spin up new VMs, because it's right there in the Web portal. That simplicity maximises the cloud provider's revenue.
“The networking and security industry must learn from that”, he said, and provide a solution that not only orchestrates changes, but automates them and, by extension, the customer self-care.
That's another part of what Ubiqube had in mind in creating an open solution: “The only way to do that … is to build a community.
“That made it a no-brainer to open the platform so we could broaden the community, and the more users we have the more customers we all have as well.”
The OpenMSA community site is here. ®
Sponsored: Becoming a Pragmatic Security Leader