1. Home
  2. Categories
  3. Coding Help
  4. Is there a network configuration management solution that doesn't suck?

Is there a network configuration management solution that doesn't suck?

  • izzion
    I survived the hour long Uno hand

    So, one of the initiatives we're trying to push at work is to be more "DevOpsy" for managing our network devices. Right now we have passive change tracking for our configurations - people submit a change request for non-rejection, log into the switches/routers, make changes, and then at the next XX:X0 the backup script comes along and picks up the new running-configuration, slogs it into the local Git repository, and pushes up to our VSTS repository for backup & change tracking.

    Works reasonably well (although I really should make the scripts that the scheduled task uses a wee bit more resilient to any difficulty and/or scream when they bomb out...), but we'd like to go to the further step where people actually commit the change to the repo first and then schedule the automated process to push it (after review/approvals). I futzed around with what a self-made Release Management script process would look like, but Cisco scripting looks like a bitch to take a patch file and output the terminal commands, configuration rollback flat out isn't supported on an ASA, and MikroTik scripting is Special as in Ed.

    So then I was like, well, why not see what 3rd party solutions are out there, and SolarWinds NCM seemed to get decent reviews & recommendations, so I started there and holy cow has it been a shit show (not to mention the price)...

    Does anyone have good NCM software that they are using and would recommend? Or an in-house developed process I can steal license for less than a virgin sacrifice?

    4 izzion 1 Reply
  • izzion
    I survived the hour long Uno hand

    @izzion
    Bumping this for Monday, in the hopes that someone has found a better solution to this problem.

    The Solarwinds method is... questionable. Their default config export includes the certificates on the system (rather than defaulting to export brief), though that's relatively straightforward to change. But their config import is to just run the entire config script from config t, which doesn't make it really viable for changing a live system. Might be good for quick redeploy of your backup config to a new switch if you're replacing a failure, but how often do you really do that compared to day to day management?

    Also, while i'm bitching... their UI is terrible. Way too many spots where they have an "Edit" which is to edit the title of the display box you're looking at, rather than to edit the settings of the device or edit the config you're looking at (and, in fact, if you drill all the way into a config, there is NOWHERE to edit that config, until you go back one page to the device summary / list of configs).

    2
Log in to reply