As my knowledge and experience in networking evolved, I came to the conclusion that too much freedom and too many features can be very dangerous, especially in the wrong hands. After all, who would give a Ferrari to a young driver?
The truth is that getting to the essence, removing the superfluous and using the right tools and in the right way, is a precious skill to be developed with continuous study, dedication and preferably under the right guidance. Often this could simply be the result of identifying requirements and turning them to a reference architecture, but too often design becomes an exercise in creativity and research of originality with the continuous research to be able to use up to the last available feature.
In recent years I have combined the search for simplicity with that of prototyping to make everything replicable and automatable. During my participation at the #NFD19, I had the opportunity to learn more about Apstra and meet a group of people for whom this mantra has been realized in the creation of their AOS "Apstra Operating System".
They just used some considerations:
AOS is designed to create and manage multivendor Clos IP Fabrics, in which a standard configuration is applied that makes extensive use of BGP and EVPN. The model used is not mandatory and can be modified to adapt to any different customer needs. But in this case, we would have to go back on questioning the starting idea, and in fact talking with Apstra team, they confirmed that customers eventually adopt the proposed configuration without modifications.
The advantages of this approach are such that discourage a change. The configurations are in fact:
- Made by experts and based on their greater experience
- Born to guarantee interoperability between different vendors
- Continuously verified to guarantee compatibility with the new releases of AOS and vendors.
This is my tweet during the event with the nice slide in which the CEO presents the result in the interoperability EVPN between Cisco and Arista.
This abstraction and simplified management therefore translate into a set of applications in which the resources available are defined in terms of devices, connections, addresses, AS numbers, and the intentions (or blueprints), namely the specificity of connectivity, visibility, security etc. AOS is concerned with translating them into configuration statements and applying them to the devices.
Automation of Automation
Automation is not just delegated to configuration management but is a fundamental component of the platform. In fact, a common platform is provided to customize and further automate the various devices. The thing that struck me is the possibility to create probes, which allow a pro-active monitoring of the infrastructure. On GitHub there is already a large collection of probes and users are encouraged to contribute. The automation is therefore automatable, as AOS itself. I leave to you to determine the level of recursion to which we have arrived :-).
AOS integrates a sophisticated management of telemetry, which also in this case normalizes the different vendors. The results of the active probes are integrated and also in this case it is possible to integrate automatic instruments. The preventive management of GBIC failures has been presented: the entire process of off-line transfer has been automated upon exceeding the established threshold values, the activation of a replacement request and subsequent replacement return.
It is not my goal to do a review of the platform, you can directly draw your conclusions from NFD videos available at the Tech Field Day portal, but I would like to share some thoughts:
Is it possible to simplify everything?
The reality is that in order to manage very large and intrinsically complex systems, simplicity is a requirement. But simplifying does not mean renouncing any of the necessary functionalities, rather rationalizing and reducing the features used to achieve the prefixed objectives.
What makes me think that Apstra get the right way?
It comes down to the maturity and scalability of the architecture and technology used: Clos fabric, BGP and EVPN are now the building blocks for each datacenter. If once were only the prerogative of large data centers, now it is also applicable on the small scale. I have already discussed my beliefs with highly qualified people here (Using EVPN in Very Small Data Center Fabrics), and also the data presented by Apstra show how their solution is spreading also in the enterprise market and not just among the big cloud providers.
The use of an abstraction layer (or intent), can eliminate the main obstacle represented by BGP knowledge and experience.
Are we going to meet a world that is all the same?
In reality, it is not what we have always looked for with the various IETF, ISO etc etc? Unfortunately, the transition from what has been defined to what has been achieved has introduced sometimes insurmountable incompatibilities or led to completely different implementations (Anyone TRILL?).
But moving from protocols to architectures, we introduce the "user" variable that too often ventures into original solutions "because I have unique needs" or simply as a result of a disorderly growth that miraculously works (Layer-2 + Any form of spanning tree).
Having a guide and a reference model which must be followed (especially for those without the skills) is certainly very useful.
Can I keep my uniqueness?
The wheel has already been invented! Let's try to think that the Clos networks theory was defined in 1953 and only in the last few years has it been applied in our networks. I believe that only now does networking begin to come out of its stone age and begin the transition from craftsmanship to industrialization. It is important to invest your resources in an intelligent way and in the search for the simplification and automation of work rather than the solution of problems for which ready and tested solutions exist. This means working at a higher level, exploiting automation and in this case with Apstra being able to do it transparently with more vendors.
Right now, the solution is confined to the datacenter, but I'm curious to discover the evolution and if it will decide to expand further into the enterprise world, how it will address the Campus and Wan themes.