If you are in a network or infrastructure business, you have probably heard of the terms Network Automation and Network Orchestration (or Infrastructure Automation and Infrastructure Orchestration). It happens that both terms are used interchangeably, however this should not be the case. They aim to solve different problems, and their goals are different.
In this blogpost, I will try to briefly describe the differences, similarities, and purposes of each.
Let’s start with network automation.
Network automation – a short introduction
Network automation focuses on automating repetitive tasks that were once done by human operators. These can vary from Day0 tasks like initial provisioning all the way through to Day2 operational challenges, such as a device OS upgrade. The differences between Day0, Day1 and Day2 can be found here.
The goal of network automation is to reduce manual network tasks to improve efficiency and reduce human errors. As humans, we do make mistakes, especially when it comes to cumbersome, repetitive tasks. Computers are much better at it, so with network automation, we offload these types of tasks to them. For example, if a task is to be performed on the network or a network device, one can write a script, Ansible Playbook, or use any other tooling that allows for automating specific, well-defined steps to achieve an expected result.
Tools used in network automation
There are some well-known tools that are common when talking about network automation. Some examples of these tools are listed below.
Ansible: A configuration management tool that automates networking tasks with simple YAML playbooks.
Puppet: A tool for automating infrastructure and network configuration management.
Chef: An automation tool for infrastructure management, including network devices.
Terraform: Used to manage infrastructure through code, including networking resources.
NetBox: An open-source tool for managing network infrastructure, providing network automation and visualization.
Napalm: A Python library for network automation with multi-vendor support.
PyATS: A Python-based framework for automating and testing network devices.
Now that we know what network automation is, let's see how it is different from network orchestration.
What is network orchestration?
Network orchestration is basically focused on delivering some complex services that require multiple tasks to be executed, quite often in a specific order. The focus with orchestration is not as much on completing a task as on achieving a requested functionality that serves a certain purpose. An orchestration platform quite often works with multiple systems to achieve its goal and gets input from many different sources to assess the state of the service being delivered.
Network orchestration can be seen as the next step in network automation or as its more advanced form. Here, not only can we automate specific tasks, but we can automate entire processes. This is especially important from an end-user or customer point of view: with network automation, a user has to know which steps need to be completed and in what order. With orchestration, the steps and the order are part of a workflow, and the user only needs to know which workflow needs to be executed in order to achieve its goal. As for complex changes (and reversing such changes), it is not such a trivial task, and coordination of the execution of the steps is necessary. Having an orchestrator in place allows for it.
It is more difficult to list the solutions that offer orchestration capabilities - but they are quite often found in commercial products like Cisco NSO, Itential, VMware NSX, or custom-developed solutions that support certain deployments.
Key differences between network automation and orchestration:
Let’s try to summarize the differences between the two, which can be compared within these categories.
- Scope
Network automation focuses on automating individual tasks or configurations, whereas network orchestration is about managing and coordinating those tasks into larger workflows.
- Goal
While network automation’s goal is increasing efficiency and reducing human errors caused by manual intervention, network orchestration ensures smooth end-to-end automation and execution of consecutive tasks.
- Level of complexity
Automation can be used on simpler, task-specific processes, while orchestration handles more complex, cross-system processes that require coordination.
- Tooling
In network automation, open-source tools like Ansible, Terraform, or relatively simple scripts are usually used. Orchestration is more of a software platform, commercial, or custom solution to serve certain needs.
An example of a network automation task could be device configuration automation or device software update. For an orchestration, it could be provisioning resources needed to start a service that requires some changes on multiple devices and/or systems.
Network automation vs orchestration vs management
Sometimes, the question arises regarding the difference between network automation, network orchestration, and network management. To understand that, let’s discuss what network management is.
Network management is understood as a group of activities related to controlling and monitoring network infrastructure. This includes checking network health and performance and being able to perform troubleshooting when needed. The goal is quite simple: keep the network up and running, preferably in optimal conditions, meeting reliability, availability, and performance requirements. So, how do network automation and network orchestration fit into the picture?
Network automation and network orchestration can both be seen as means to achieve the target of network management, meaning a smoothly running network. As described above, the goals and scope of each of them are different, but they can both be a great help with network management. With network automation, tasks can be done faster, at scale, and in a more reliable way. On the other hand, orchestration platforms allow for better visibility of the state of a network, not only from a device or system point of view but also taking into account users’ or customers’ perspectives, thanks to its workflow approach.
Skills required for implementing network automation and network orchestration
Another angle to look at when discussing the differences in network automation vs orchestration are the skills needed to develop both solutions. At a first glance they may seem similar, to some extent they indeed are, but the devil is in the details. Let’s take a look at who builds and uses both types of solutions.
Network automation is a set of tools used mainly by network / DevOps engineers. As such, the tools need to serve a specific purpose, and automation, or solutions built on that, are quite narrow and well-defined. For example, an Ansible Playbook serves a certain purpose and is developed having that goal in mind. Its re-usability for different tasks is quite limited.
The skills needed to write such a playbook are:
- network and/or system knowledge and operational experience,
- experience with using some automation tools like Ansible,
- understanding of YAML.
For more advanced automation, Python is also very useful (but in a somewhat limited scope, more on the scripting than the software development side), and if one works with clouds, Terraform (and Go to some extent).
What is important to understand is the fact that for network automation, there is no need to have a software development background, as the complexity of the code is simpler than when an application is being created, and the skills needed can be learned on the job (with appropriate training and a helping hand). On the other hand, network experience is crucial because automation is so close to the actual devices and systems that engineers must know what they are doing.
A slightly different story is when it comes to network orchestration, where what actually is developed is the software. This can be a custom solution for specific internal needs or commercial software. In both cases, deep experience in software development is required, but an understanding of the domain and some operational experience is a great advantage. In fact, the orchestrator is a solution, sometimes a product, that interacts with a variety of systems and devices. Therefore it is necessary to understand how these systems or devices behave, so the developed software can interact in an appropriate way. To add to that, in production networks (as well as production infrastructures) there are procedures that must be kept, and an orchestration platform must be aware of them and allow for their enforcement.
So, from a software development perspective, an orchestrator is way more advanced than the scripts used in network automation and is usually built using proper software development processes. Of course, by no means should one be understood as better than the other — they serve a different purpose, and it is the purpose that dictates the choice and the right approach. For some infrastructures introducing an orchestrator is not necessary and would only add unnecessary complexity; for others, automation may not be enough.
Summary
Network automation and orchestration complement each other. Automation takes care of the execution of individual tasks, while orchestration ensures that these tasks are performed in the right order and are integrated effectively to provide end-to-end network services. In a simplified form, one can think of orchestration as an automation of network automation: we take a set of tasks, set them up in appropriate order, and run them one by one (or in parallel if possible) in order to achieve a workflow that once finished delivers a complex service for example.
In summary, automation is about automating specific actions, and orchestration is about coordinating those actions to ensure smooth, integrated network operations.
