One of if not the most important components of network automation is the source of truth ( SoT ). The SoT holds all the configuration data which we use to manage our network. This allows us to generate accurate configurations, documentation, and reports. With the modern NetDevOps pipeline, the SoT is an essential requirement, and the first step on your journey. Therefore, as a result, your SoT is always what your running configs should look like. Want to see if someone went rogue and made a change outside the pipeline? Compare the running-config to the SoT.
Engineers have been using SoT’s for years. For instance, you probably used excel, configuration backups, and tribal knowledge. Those have worked, albeit not well, in the past. Excel was the network engineer’s best and worst friend. We’ve all seen the absolutely massive sheets with 40+ tabs full of interfaces, IP’s, peers, etc. Excel provides us no good way to programmatically update and retrieve this data, which is crucial. In addition, tribal knowledge is even worse at providing an interface to access data. In effect, it would require us to bring back sneakernet. These antiquated methods have gotten us this far, respect will be paid, but it’s time to move on.
NetDevOps Capable Source of Truth
In modern NetDevOps pipelines if we think of what source of truth to use NetBox always makes the shortlist. Netbox provides a simple and clean GUI for the user to use. In addition, it provides many useful components such as IPAM, DCIM, Circuits, Virtualization, and more. The most powerful part of NetBox is it’s vast API’s. As a result, this allows accessing the data in a programmatic, repeatable way. With its structured JSON results, we can quickly and easily take the data and make decisions, create the configuration, or generate reports. As well, NetBox has a very active community for when you need help.
One disadvantage I’ve found with NetBox is, while it’s very good at storing the data it’s designed for. When it comes to more complex configuration data ( routing protocols, firewall rules, etc) it doesn’t have the chops. In conclusion, I think NetBox is a great tool and a must for every pipeline. However, it needs to be used alongside a more robust SoT for our complex config directives.
When it comes to storing our more complex configuration directives YAML fills in the gaps of NetBox. Yaml is easy to read and the syntax is simple. It also provides us an easy way to interact with our automation. Specifically, Ansible, with the use of group_vars / host_vars we can load ansible facts easily from YAML files. One consideration when using YAML or any data-serialization SoT is to use a generic data structure. This means that don’t structure your data just for one vendor. Make the structure generic, this will make converting the data to configuration easier later.
A Database as a source of truth will be the most scalable solution. It provides us the ease of storing more complex data that YAML does. However, it also presents us with the opportunity to build a nice front end like NetBox. As a result of using a database we also have the most powerful opportunity for reporting. Do you need to know every interface that has an address in a specific subnet? Easy, run a query against the database. Two commonly used databases for our use case are MariaDB and Dolt. MariaDB is a mature and stable product. Dolt is the new guy on the block with powerful features. For instance, it has the power of versioning directly on the database. This allows us to fork our SoT, make changes, and then merge back to the master SoT. This can help simplify the pipeline by collapsing multiple components.
Having bad data in your SoT is going to create innumerable future issues. The importance of the SoT cannot be stressed enough and is the foundation of our NetDevOps pipeline. There isn’t a one size fits all solution. As a consequence, you will need to discuss with your team what works best for you. Strategic planning from the beginning with your pipeline is the key to success. If your company needs assistance in designing your solution contact us to get professional consultation from the pros!