Intend Based Networking Close Loop Automation life cycle
An intend based automation life cycle is depicted as below.
IBN workflows defined as below:
- Define the intent.
- Translate intent into a series of prescriptive network changes.
- Verify that the changes are valid before deploying them.
- Deploy the verified changes.
- Monitor network state to ensure continuous compliance with the intent.
Key characteristics of IBN system
An ideal IBN system has two main characteristics.
- Intend fulfilment
- Intend assurance
Intend fulfilment:
IBN fulfilment fulfils mainly two things, you say what you want and IBN will fulfil your requirement. Accuracy and consistency is the key thing in translating of intend to working service.
- Reference Design (RD): A reference design template should be available in IBN system. Reference design is basically set of standard policy or rule that fulfil a particular intend. For example, if we want to build L3 VPN service, a reference design is applied for it. The reference design knows about variables, design options, internal process rules, and configuration syntax for all supported vendors, and validators for checking the resulting configuration is needed.
- Abstractions: An IBN includes a database of abstractions, such as details of the generic kinds of devices required to fulfil your intent. For example, number of switches, ports and port speed etc. irrespective of vendor.
- Inventory: IBN system must have inventory database. Devices are selected from available inventory to fulfil intend requirement. Inventory includes devices, IP pool, AS number and VLAN details.
- Blueprint: IBN system must have blueprint. A blueprint pull everything together from the reference design, the abstraction, the inventory, and the existing network state to push a valid, verified, repeatable service to your network.
Intend assurance:
Intend assurance is another key part of IBN system. A service has to be verified after deployment and need to check continuously if intend is remain fulfilled or service is in working condition always. The validators in the reference design are essential for providing assurance before a service is deployed, while it is being deployed, and for the full length of time the service remains deployed.
- Idempotency: Networks and services evolve over time; hence the effect of any changes that you make today will not be same after a month. An IBNS must have current insight into the network so you can expect any two or more identical changes you make, at any time in the life cycle, have the same result.
An idempotent is the task we do repetitively and get same results.
Single Source of Truth (SSoT): A single source of truth work as a one man army to collect data from entire network and provide network insights to IBN system. The blueprint takes information from other IBN module and look into the network state that is provided by the single source of truth and acts accordingly.
Idemptency is not possible without SSoT
- Simple pane of glass: You must have heard of single pane of glass in many marketing sales slide. Single pane of glass provide information about entire network but if we wanted to know about specific network then we need simple pane of glass along with single pane of glass. Benefit of simple pane of glass is in troubleshooting and finding RCA quickly.
- Speak the truth: A true IBN system fulfils expressed intend as well as assure intend compliance throughout the life cycle irrespective of vendor. This is not possible without having SSoT in IBN system.