Introduction
As the adoption of new enterprise-driven use cases, such as distributed enterprise, work-from-anywhere, and the shift to hybrid multi-cloud deployments, continues to rise, so does the level of complexity in network operations.
This complexity is particularly evident during site deployments, where network providers must navigate tight schedules while navigating various tasks such as device configuration, IP address allocation, and SD-WAN router provisioning. The importance of executing these tasks swiftly while ensuring precision cannot be overstated, as integrating multiple tools and controllers introduces a considerable risk of human errors.
To tackle these, multi-domain orchestration needs to evolve to enable faster deployment of services, simplification, and better structure. In the Cross Domain Automation use case series, we will explore another use case in this blog to examine how a Cisco SD-Access Branch can be automated using Anuta ATOM out-of-the-box workflows.
The process encompassing user input, Change Request creation, integration with Cisco DNA Center and vManage Controller, AWS deployment, security policy enforcement through Cisco Umbrella, and reachability tests creates smooth communication through tools like Cisco Webex Spaces. This unified cross-domain orchestration streamlines networking infrastructure and extends to cloud workload deployment.
The Four Pillars of ATOM's Cross-Domain Automation
The following components of ATOM play a crucial role in achieving cross-domain automation for site deployment–
ATOM Platform: A customized or extended version of the ATOM platform that includes deployment-related automation scripts and modules.
Integration: ATOM’s integration with other tools and systems used in the deployment process, such as version control systems (e.g., Git), continuous integration/continuous deployment (CI/CD) pipelines, and cloud platforms (e.g., AWS, Azure).
Workflow Automation: Defining and automating the workflows involved in site deployment, including– automation of code deployment, database migrations, content updates, and marketing campaign adjustments.
Monitoring and Reporting: Implement automated monitoring and reporting to ensure the deployed site performs well and meets desired objectives. This might involve tracking website traffic, conversion rates, and ad campaign metrics.
Site Deployment using ATOM
ATOM’s site deployment workflow supports Meraki-based and Cisco SD-Access branches. The identical workflow employed for onboarding a Cisco Meraki branch is utilized for deploying the Cisco SD-Access Branch.
ATOM – Cross Domain Automation Platform
Example: ATOM Cross-Domain Catalog
ATOM – Site Deployment Workflow
Once the branch deployment workflow is triggered, the network operator is presented with a user input form where he provides all the details required, such as site name and WAN router, etc., for provisioning the branch. Optionally, the operator can deploy AWS workloads and enable a Cloud Security policy.
The workflow can also be triggered from the OSS/BSS portal, providing all the required inputs.
ATOM – Site Deployment Input Form
ServiceNow – Change Request Created
Cisco DNA Center – IP Address Allocations
Cisco DNA Center – Onboard Router
Cisco DNA Center – Assign Router to the Site
Virtual network and L3 handoff interfaces are configured.
Cisco DNA Center – Virtual Network
Cisco DNA Center – Site Border Node L3 Hand Off
ATOM integrates with Cisco vManage Controller to provision the SD-WAN router to establish connectivity with the SD-Access branch. It executes pre-checks on the Cisco vManage Controller to ensure that the SD-WAN router is UP and the Secure Internet Gateway Tunnel is established between the router and Cloud Security Gateway – Cisco Umbrella.
ATOM fetches the WAN IP address for the SD-WAN router from Cisco DNA Center
ATOM configures the device and feature templates, i.e., Service_VPN, BGP, Interface, etc., on the Cisco vManage Controller associated with the SD-WAN router. Cisco vManage, in turn, generates the required configuration and pushes it to the SD-WAN router.
Cisco vManage – SD-WAN Router Configuration Template
Cisco vManage – VPN Interface Feature Template
Cisco vManage – BGP Feature Template
Post-checks are executed on the Branch and SD-WAN router via Cisco DNA Center and Cisco vManage Controller, respectively.
Cisco DNA Center – Post Checks
ATOM invokes terraform scripts to deploy Host VPC and EC2 workloads
AWS – Host VPC deployed
AWS – EC2 Instance deployed
ATOM – EC2 Instance Public IP
ATOM integrates with Cisco Umbrella to enable Firewall policy to establish connectivity between the SD-Access branch and AWS workloads.
Cisco Umbrella – Firewall Policy Enabled
ATOM executes reachability tests to ensure that the branch can access AWS workloads.
ATOM – Reachability Test Executed
ATOM wraps up the process by updating and closing the Change Request in ServiceNow and sending an email notification.
Email Notification on Successful Site Deployment
ChatOps tools like Cisco Webex Spaces are updated at major milestones. Similarly, the notes section in the Change Request is also updated.
Why a Unified cross-domain service orchestration?
As we explored this use case, it became evident that the key to success lies in integrating, automating, and coordinating various components and systems. Anuta ATOM connects the dots across diverse domains, from user input forms and change request management to seamless integration with Cisco DNA Center, vManage Controller, and AWS. It ensures not only the deployment of networking infrastructure but also extends to the deployment of cloud workloads and the enforcement of security policies through Cisco Umbrella.
Moreover, Anuta ATOM enhances reliability and confidence in the entire deployment process through its capabilities in performing post-deployment checks, invoking Terraform scripts, and conducting reachability tests. Utilizing collaboration tools like Cisco Webex Spaces and comprehensive documentation in the Change Request Notes section further ensures transparent communication and milestone tracking.
The Active Assurance module within ATOM takes on the crucial role of continuously testing and reporting on the overall health of the deployment process.
As a platform, ATOM continues to simplify, expedite, and organize intricate site deployment procedures. Stay tuned for a glimpse into additional use cases as we navigate the world of ATOM’s cross-domain automation.
Additional Contributors: Manisha Dhan