Skip to content

What is Network as Code?

Network as Code is a methodology that applies DevOps principles to network management, through declarative data models, allowing teams to automate and manage network configurations through plain YAML files. Building on the idea of simplifying automation, Network as Code is designed for network engineers who want to focus on intent, not code. It lets you describe your desired network state in clear, human-readable terms, no deep scripting or programming required.

Network as Code simplifies and abstracts complex network orchestration tasks, so users don’t need to worry about intricate details like dependencies, references, or looping logic. With an easy-to-use, opinionated data model and a library of tested, maintained modules, you can spin up entire network fabrics in minutes, simply by describing their intended configuration in straightforward text, without needing deep API or object model knowledge.

This approach is particularly beneficial for teams that want to leverage the power of automation without getting bogged down in the complexities of traditional programming. By focusing on intent and using a declarative model, Network as Code empowers network engineers to manage their infrastructure more efficiently, reducing the time and effort required to implement changes and ensuring consistency across deployments.

Once you have adopted the approach for one technology, you can easily extend it to other architectures and products, re-using the exact same methodology and tools.

apic:
tenants:
- name: prod
vrfs:
- name: prod-vrf
bridge_domains:
- name: 10.1.100.0_24
vrf: prod-vrf
subnets:
- ip: 10.1.100.1/24
application_profiles:
- name: vlans
endpoint_groups:
- name: vlan100
bridge_domain: 10.1.100.0_24
static_ports:
- node_id: 101
port: 1
vlan: 100

Even though the examples above are specific to different technologies, the underlying principles of Network as Code remain consistent. The focus is on defining the desired state of the network in a clear, text-based, declarative manner, allowing for easy automation and management across various platforms and architectures.

First Steps

Now lets explore how to get started with Network as Code. We will use ACI as an example, but the principles apply to other technologies as well.

  1. Download the Terraform binary for your platform from the Terraform downloads page. There is no need to install it, just download the binary and place it in your PATH.

  2. In a newly created project directory, create a YAML file named aci.nac.yaml with the following content:

    apic:
    tenants:
    - name: NAC
    vrfs:
    - name: VRF1
    - name: VRF2

    This file describes a simple ACI configuration with two VRFs under a tenant named NAC.

  3. Create a file named main.tf in the same directory as the YAML file with the following content:

    module "aci" {
    source = "netascode/nac-aci/aci"
    version = "1.0.1"
    yaml_files = ["aci.nac.yaml"]
    manage_tenants = true
    }

    This is the only Terraform configuration required. We make use of a module nac-aci which is published on the Terraform Registry, which we point to our previously created YAML file and enable the manage_tenants flag to enable the management of tenants using the module.

  4. We haven’t yet provided the credentials to connect to the APIC controller. We could put them in the main.tf file, but to avoid exposing them in clear text we can also make use of environment variables to provide them. Set the following environment variables in your terminal:

    Terminal window
    export ACI_URL=https://10.1.1.1
    export ACI_USERNAME=<username>
    export ACI_PASSWORD=<your_password>
  5. Initialize the Terraform project by running the following command in your terminal:

    Terminal window
    terraform init

    This will download the necessary provider and module dependencies directly from the Terraform Registry.

  6. Once the initialization is complete, you can apply the configuration by running:

    Terminal window
    terraform apply

    In a first step this command will show you a plan of what will be created, and you can confirm the changes by typing yes. After that, Terraform will create the tenant and VRFs as specified in the YAML file.

Congratulations! You have successfully created your first Network as Code configuration for ACI using Terraform. You can now extend this configuration by adding more resources, such as bridge domains, application profiles, and endpoint groups, all defined in a similar declarative manner. You can explore the different data models available for various technologies in the Data Models section.