Build a source of truth into your network automation strategy

Many network automation approaches rely on a source of truth repository to provide data on network behavior. But building this automation database isn't always easy.

The quest for a single source of truth in a network automation strategy could be compared to finding the legendary holy grail -- idealistic but unlikely to happen realistically.

A source of truth is a system of record that describes how the network should behave in terms of configuration, documentation and policy, according to Shamus McGillicuddy, senior analyst at Enterprise Management Associates (EMA). The source of truth repository monitors the network state -- how the network behaves -- and uses compiled data to feed the automation tools an enterprise has in place, enabling it to adapt as the network changes.

Sources of truth vary as widely as enterprises' automation strategies, depending on specific automation use cases, goals and approaches. For example, one source of truth might accumulate data from a configuration management tool, while others gather data from inventory information or IP address management tools.

Ideally, network teams should have only one source of truth repository to limit the potential for conflicting input or redundant information. But a single source of truth is often unrealistic because the data the automation tools need to compile rarely lives in one place, McGillicuddy said.

"The realistic expectation is to understand that you're probably not going to be able to build a single source of truth to support your automation," McGillicuddy said.

In EMA's "Enterprise Network Automation for 2020 and Beyond" report, the research firm queried 250 IT professionals from North America and Europe to gauge their experience with network automation. While most respondents said a source of truth was necessary to accomplish their network automation strategy, 73% said they used multiple data repositories that compiled different types of information.

Best practices to create a source of truth

If a single source of truth is so hard to build, how can network teams create a source of truth they can maintain in the future? First, network teams should identify their automation initiative and assess what data is relevant to make that approach effective, McGillicuddy said.

If you don't have a good source of truth, then you don't really know what's going to happen when you push the change or allow change to the automation platform.
Shamus McGillicuddySenior analyst, EMA

The key is to identify which data is important and figure out how to maintain it for quality, timeliness and accessibility, he said. Teams should then dig into how they can access and manage that data in order to create the source -- or sources -- of truth.

"This is the data the automation we plan to do will need -- where does it live? How can we make sure it's good data? How can we explore that data, see what state it is, clean it up and maintain it to keep it strong?" McGillicuddy said.

Next, network teams should ensure they don't have conflicting sources of data, as they could have a couple repositories that contain different types of information, such as device configurations or security policies. Teams with multiple repositories should double-check that those repositories don't contain the same data. If they do contain similar information, teams should identify which repository is the authoritative source of truth.

"You have to identify where the authoritative source of data on that particular topic is located," McGillicuddy said. This authoritative source of truth will contain the data that drives the automation, while the secondary repositories contain only related data. Teams must update the authoritative source of truth repository when changes occur to provide valid information.

Tools to build a source of truth

When building a source of truth repository, enterprises have options. Some teams create homegrown automation platforms they can customize with open source software, like NetBox or Git. While this custom option might meet certain requirements, it can take a long time to create, and it's more difficult to maintain, McGillicuddy said.

Most enterprises probably aren't starting from scratch, however, so they have existing standards and files they can use to compile the information they need.

"Look at the current configurations of your devices," he said. "Are they documented? Where are they stored? Is there a source of truth for it, and can you verify that the configuration standards match reality?"

After assessing that information, teams can generate a report to guide them as they establish the desired standards for the network. Many teams have existing Excel spreadsheets and configuration files they can use to manually gather the necessary data.

Many vendors also offer off-the-shelf automation tools that have preintegrated sources of truth. These tools automatically collect the required network data, but they can have a limited scope that doesn't meet all automation use cases, such as troubleshooting or security response, McGillicuddy said.

Overall, McGillicuddy advised teams to understand the data they need for their network automation strategy and to keep it updated so it remains accurate. Without accurate data, teams won't be able to trust their sources of truth and the resulting automation processes.

"If you don't have a good source of truth, then you don't really know what's going to happen when you push the change or allow change to the automation platform," he said.

Next Steps

Best practices for DIY network automation

Dig Deeper on Network management and monitoring

Unified Communications
Mobile Computing
Data Center