Can I use Python for network automation?

The networks in data centers have become more complex through the use of virtualization technologies. On the one hand, virtualization reduces investments in servers and storage units. In return, however, operating costs increase as there are dozens or hundreds of virtual machines (VMs) and virtual local area networks (VLANs) that must be managed by IT departments with stagnant budgets and staff. The automated management of the server environment takes place via hypervisor technology - the network units that support the virtual environment are left out.

One way to reduce operating costs in a virtualized data center is to automate the network. A new generation of switches is available for this purpose, which, for example, support automation mechanisms through the use of scripting and thus form the basis for saving time and money. At the same time, automation has the side effect of reducing administrative errors based on human error. Scripts support the administrator in all areas: with configuration control and provisioning, with alert management (sending notifications), with monitoring to ensure compliance with quality specifications or in change management.

Below we list ten examples of how automation can be used to simplify administration in data centers and to reduce operating costs.

1. Bare metal provisioning
When commissioning a switch, it is necessary to configure the switch parameters, and in some cases also to update the switch network operating system. Most of this work is done manually. However, if several switches are to be installed, configuration and updates can be carried out automatically. This brings significant time savings and reduces the risk of configuration errors.

Servers have had the ability to configure themselves for many years; this process is known as a bare metal configuration. In the meantime, however, the manufacturers of network equipment have also implemented this capability in their switches. Similar to the servers, the switches automatically search the network for download options for configuration files and operating system updates. This simplifies the setup with standard configurations or the commissioning of several switches with identical settings.

Image 1: Automated bare metal provisioning via JumpStart - via a TFTP server
the switch automatically obtains its configuration data

This bare metal provisioning is offered, for example, by the S60 switch from Force10 Networks with JumpStart. JumpStart reduces the time required for configuration and helps to use standard configurations consistently. After installing a network switch, JumpStart automatically fetches an IP address from the DHCP server and loads configuration files and operating system images from a TFTP server. This eliminates the need to manually configure the switch.

2. Performance control
Administrators should monitor the essential network parameters in order to identify impending problems at an early stage and to be able to intervene before they become a reality. In order to avoid a drop in performance in the network, it is important, for example, to keep an eye on the processor and main memory utilization of the switches. If the load limits are reached, this should be reported to the network administrator so that he can determine whether the problem is fundamental, i.e. probably a recurring problem, or a one-off exception.

A simple script is sufficient to automate the monitoring of CPU and main memory usage. If defined limit values ​​are exceeded, this script generates a message to the network administrator. It can be determined whether this notification should take place every time the limit value is exceeded or only if a previously defined number of exceedances is made in a specified period. Scripts therefore give the network administrator the flexibility to define certain conditions under which a notification should be made.

Fig. 2: Controlled by scripts, the performance monitoring provides information when certain values ​​are not reached
System parameters automatically the administrator

3. QoS monitoring
In order to be able to guarantee an optimized working environment for the company, those responsible for the data center must monitor the QoS settings. One way of doing this is to check the number of dropped packets (incorrectly transmitted data packets). Although it is possible to determine this quality of service for each individual switch, administrators need a solution for the purpose of an overview to control the quality of service across the entire network.

This is made possible, for example, by the SmartScript component of the Force10 Open Automation Framework. It allows administrators to use Perl or Python to create a script that monitors the basic network parameters, such as the number of data packets lost. If this number exceeds a specified value, this is automatically reported to the administrator so that he can take corrective action.

4. Migration of VM and VLAN
Virtualized data centers allow VMs to be migrated from one server to another. During this process, to ensure the security and Quality of Service (QoS) of the network, it is important that the VLAN connected to the VM also migrates. Typically, before migrating the VM, the virtualization administrator instructs the network administrator to provision the VLAN for the new server. Depending on the size and complexity of the data center and the available human resources, processing can then take several days.

Page 1 of 2 Next page >>

June 2, 2011 / ln / Dietmar Holderle, Vice President EMEA, Force10 Networks