This is the companion repository for the book "Model-Driven DevOps: Increasing agility and security in your physical network through DevOps" (Amazon). It presents the code and a set of exercises that implements and demonstrates the concepts in the book. In this repo, you are encouraged to use and contribute to the code, submit issues for problems and feature requests, and start/participate in discussions.
Model-Driven Devops (MDD) is an IaC approach to automating physical infrastructure that focuses on data organization and movement into the network in a way that seeks to treat the network the same as other parts of the infrastructure. It focuses on using industry standard tools and DevOps methodologies implemented as a CI/CD pipeline to break down silos between network operations and the rest of the infrastructure. For example, this is a common flow in Cloud Operations:
Key to this flow is that all the data (Source of Truth) needed to configure the infrastructure is in the data file (CFT Template). Also, this is not a programmatic approach. If you want to configure something different, you add data to the Source of Truth as opposed to writing another Ansible playbook or Python script. We firmly believe that most network operators should not need to become programmers; however, they will have to learn a new skillset including APIs, data models, and data manipulation.
When fully implemented, MDD requires a similar skillset to cloud operations. That is, when a network operator wants to configure, validate, or test something new, they just need to know how to add data to the Source of Truth and manipulate schemas. Furthermore, MDD can fit into existing CI/CD pipelines as opposed to needing to operate the network infrastructure differently. This allows for a de-siloization of IT making it possible to leverage developers and DevOps Engineers across application development, cloud operations, and network operations. This is because the MDD pipeline looks the same as any other code (or IaC) pipeline:
This workflow allows for a group of network engineers and network operators to collaborate on a change, test that change, get approvals, then push that change into the production network. MDD's testing methodologies include linting the configuration data for typos, validating the configuration data for anything that would violate organization norms or create vulnerabilities, and then testing the result of that change in a network before deployment:
The goal is to find a bad configuration before it is pushed into the network.
This is the reference implementation for Model-Driven Devops as outlined in the book. While the book captures the reference implementation at a moment in time, the code in this repo will evolve while holding true to the core concepts presented in the book.
These exercises are provided to help get hands-on experience with the reference implementation. The book goes into depth on the individual steps as well as the core concepts behind them.