homeblogpuppet labs cisco bring automation to data center networking

Puppet Labs & Cisco Bring Automation to Data Center Networking

I am a technical marketing engineer at Cisco, the worldwide leader in networking. This week, we announced (with Puppet Labs) our plans to enable Puppet Enterprise support for our Nexus Data Center switches. This integration goes deeper than just one announcement: Cisco increased its investment in Puppet Labs as part of the recently closed $40 million round. Together, Cisco and Puppet Labs are transforming network automation.

It’s an important development because today, network device management often lags behind server management. While sysadmins can spin up servers and virtual machines in just minutes, setting up networking equipment in a data center can take days, or even weeks. Reconfiguring can be slow, too. You don’t want network device configuration to be the gating factor when you’re trying to quickly deliver or update applications.

That’s why Cisco is integrating with Puppet Enterprise. Puppet Labs is the leader in configuration management for sysadmins, so it makes sense to make Puppet available to network administrators as well. With Puppet, network admins can now spin up and provision networking gear as quickly as sysadmins can spin up servers. Plus, they can integrate networking workflows with server workflows, and coordinate with sysadmin colleagues.

To understand why this makes such a difference, it’s good to know what the network team in a data center deals with. Configuring new network equipment, and reconfiguring it as application delivery requirements continually change, requires NetOps to write scripts and use a specialized (and large) set of commands. It’s a manual, complex process that, like one-off scripting in IT ops, is highly prone to error. If anyone happens to change a keyword, type something incorrectly, or fail to close a bracket, that error breaks the script. Network admins then have to go back through the script, searching for the error. It’s a slow and frustrating process, and worse, these unplanned outages spread frustration beyond the NetOps team to deployment teams, and to the business managers who have targets to meet.

Integrating Puppet with Cisco devices will offer network admins the same advantages their colleagues in IT operations have enjoyed for years: portability, a simpler interface with systems, the ability to simulate changes, and better collaboration with colleagues in other technical teams.


Things constantly change in the data center, and dynamic configuration tools really help when VLAN configurations change, for example, or port channels. When you have to make these changes on the fly, and to multiple devices, Puppet can help you push those out quickly, and without errors. The code is customized as needed, based on dynamically collected data, so a single set of Puppet classes will replace a device-specific bootstrapping process, and can make rapid changes across multiple devices, without errors.

Freedom from the CLI

Network admins have to learn a large set of commands to use the command line interface (CLI) that’s standard in networking. Once Nexus devices can be managed with Puppet, with its simple declarative language that abstracts out these commands, network admins will be free to spend more time on data center topology design. They’ll also have more time to learn newer technologies that let them level up. Too many network admins never get the opportunity to learn all the great features of Cisco devices — for example, performance routing, which lets you route and load-balance based on link utilization, SLAs and other metrics. Freeing network admins from the CLI will give them the opportunity to do more strategic planning and management.


Puppet’s simulation mode, or “no-op” as it’s commonly called, lets you check on the ramifications of configuration changes without actually making them. It’s a far better way to test than taking down your data center periodically.

Collaboration and communication

Puppet is often cited as one of the core tools for DevOps, because it allows developers and sysadmins to standardize configurations across all environments in the software development and delivery pipeline. Puppet management of Cisco devices will enable network admins to work more easily with the other technical teams. Puppet also integrates with a wide range of other tools, again enabling greater collaboration.

More about DevOps

The DevOps revolution started with developers and system administrators about five years ago. Now it’s mature enough to help NetOps teams do their work more efficiently, too.

While it’s true DevOps relies as much on culture as on tools, a standardized, shared toolchain really helps boost speed, efficiency and collaboration. DevOps tools also move you into the realm of the software-defined data center. When configuration code is managed like software — checked into a version control system and tested with a continuous integration system — the results are dramatic: improved code quality and more successful deployments.

Puppet Labs’ 2014 DevOps report, based on survey data gathered from more than 9,200 administrators and managers, revealed that adopting DevOps practices and tools increases velocity, reduces outages and speeds time to recovery when outages do occur. Business managers are taking notice: The most mature DevOps teams achieve the best business outcomes, helping their companies meet and exceed business targets.

If you’re in network operations and you’re evaluating Puppet (and other DevOps tools) you might find yourself worried about relinquishing explicit control of low-level changes to a shared automation tool. I’d encourage you to look at it another way: Now you can uplevel and become a strategic player in the data center, turning it from a cost center to a business asset. And who doesn’t want to be more essential to the business?

Jason Pfeifer is a technical marketing engineer at Cisco Systems.

Learn More