The key goal of DevOps is to bring development and operations together, bound by a common set of practices. For this to become reality, developers need to think more like the operations team—focusing on stability and reliability—while operators need to think more like developers—focusing on agility and speed. But how widely can this be applied?
We say regularly the goal of application development is to deploy new features into production continuously—daily, weekly or monthly, if possible. But what about the production infrastructure itself? Can we apply DevOps practices to making changes to the production infrastructure on which these applications run?
Recently, I met with customers who want to implement DevOps practices to how they manage their operational network, applying continuous deployment to the production network. For example, they would like to design, test and then deploy new network services such as load balancing and firewalls into production immediately to enable new applications and services—actions that currently could take weeks or months. Is this kind of continuous deployment to be expected, or is it pushing DevOps too far?
Let’s look at how key concepts of DevOps might be applied to adding network services to a production enterprise network:
- Virtualize services: To enable rapid deployment of applications, it was first critical that they be enabled with virtualization and in the future, with containers to make them portable. We would need to apply this same approach to production network infrastructure if we expect to enable rapid deployment of new infrastructure. Unfortunately, there is no standard way to make physical network equipment portable. Of course, shifting heavily to software-defined networking (SDN) enables virtualization for free, but it doesn’t make even virtual network equipment “standard.” In the world of networking, there are a number of “standard” interfaces and modeling languages: SNMP, NetConf, Yang and TOSCA (though not originally designed for networking), to name a few. Using one of these standard interfaces, in combination with virtualization, potentially could enable the agility required for continuous deployment of network services.
- Automate: DevOps success depends on automating the entire process of development, test and deployment so the process can be continuous. The same level of automation would need to be provided throughout the process of designing, testing and deploying new network services onto production networks. Network testing is very similar to other types of hardware and software testing so most test automation frameworks can be applied. However, network testing requires automation of the environment setup, and it also requires traffic generation to test with realistic network conditions.
- Continuously deploy: While this is still a dream for many companies attempting to achieve DevOps nirvana, a key requirement for using DevOps for production network configuration is to be able to deploy new services continuously into a live production network. Most of the configuration management tools available today are good at configuring servers and software, but are more immature when it comes to configuring networks, which are far more complex and inter-dependent than a single server. A tool would be required that allows the configuration of the tested network to be deployed automatically in exactly the same way within a production network.
- Monitor Operation: A good DevOps practice monitors applications in production and uses that information in planning new services. While it would seem that network monitoring is quite mature, an open question is whether that data is useful in planning future network services for improved operation.
Sandboxes for Network DevOps
Sandboxes are tools for defining and testing infrastructure configurations (physical, virtual and application). A good sandbox allows users to model any infrastructure, including any type of network infrastructure. This model also can serve as a way to implement “virtual services.” Models can be created in Yang or TOSCA, and under the covers these models can automate access to network infrastructure using CLIs, SNMP and/or NetConf where appropriate. This allows network services to be defined and tested using a high-level model, rather than the low-level interfaces.
Sandboxes also address automation by providing a context for automating not just individual network components but also entire configurations and connectivity that are required for a “network service.” In addition, automation can encompass traffic generators and test tools as part of the testing process.
Sandboxes also are designed to set up and tear down a network service automatically so they can be used for continuous deployment of new services. The same automation used to create the sandbox for a network service also can be used to deploy it into production.
Finally, monitoring used in production also can be performed in the Sandbox to compare performance between testing environments and production so future services can be improved.
While applying DevOps to production infrastructure and services is challenging and immature, in principle it can provide significant improvements in the speed of deployment of new network services—and the applications that depend on those services.
About the Author / Joan Wrabetz
Joan Wrabetz is the Chief Technology Officer for Quali. Most recently, she was the vice president and Chief Technology Officer for the Emerging Product Division of EMC. Ms. Wrabetz holds an MBA from the University of California, Berkeley, an MSEE from Stanford University, and BSEE from Yale University. She has taught as an adjunct faculty member at the University of St. Thomas, St. Mary’s University, and at the Carlson School of Business at the University of Minnesota. She holds patents in load balancing, distributed systems and machine learning classification and analytics.