saku at ytti
Jun 6, 2012, 7:18 AM
Post #3 of 3
On (2012-06-06 06:57 -0700), vijay gill wrote:
Re: Trouble viewing slides for Automated Configuration and Validation of a Large Scale Network
[In reply to]
> A non-cut off version is here: http://sdrv.ms/MeQl1L
For me provisioning automatically has always been quite trivial problem,
system just has object representation of service with references to other
objects and then those objects are used to fill in blanks of config
Config snipset being rather flat ascii, maintained by people, not system.
Thus system really doesn't need platform specific intelligence.
What is difficult problem, is configuration conformance, as the
configuration you generate does not look the same after it has passed the
platforms parser for various extremely good reasons.
It looks like Microsoft has implemented parser for each vendor they use,
since without parser doing context sensitive repairs isn't going to happen.
This is huge chore, requires constant maintenance when new
services/products are added and when software are upgraded.
If you have enough scale I'm sure the work needed to do parsers is
However I think for most shops, it's not practical to have per-platform
parsers, so most shops probably don't have hard-guarantees of configuration
But if you ignore need for context sensitive repairs you can get hard
guarantees for configuration conformance without having platform specific
intelligence in system to either direction (out/in).
Out is solved as explained above, in you can solve by storing the object
based copy of config and then grabbing the config right after it passed
platform parser, now you know that this bit of config means this bit of
ascii data and you can keep verifying that they match.
When they don't match, you know something is off, but machine won't be able
to tell what. So system must have 100% coverage, nothing can be changed
outside system. But this isn't actually that hard to satisfy, once you
introduce 'alien objects' which are just raw-config-snipset punched into
the provisioning system.