Network Automation at Scale

Executive summary

This showcase demonstrates network automation for hybrid and controlled training environments using:

• Declarative Ansible playbooks for repeatable changes.
• Programmatic Nornir workflows for more complex logic and testing.
• CI/CD integration for linting, dry-runs and safe rollouts.
• EVE-NG topologies for realistic but contained validation scenarios.

The focus is on patterns that transfer cleanly from controlled environments to production networks.

---

Case study – how this was used in practice

• Context: Multi-vendor network environment built on EVE-NG, with a requirement to show both breadth (many devices) and depth (safe changes, tests).

• Challenge: Manual CLI changes were slow, error-prone and hard to audit or repeat.

• Approach: Introduced a layered automation approach:

• Ansible for standardised changes (interfaces, routing, BGP, ACLs).
• Nornir for more advanced flows (tests, data collection, conditional logic).

• CI/CD integration to validate changes before touching the lab.

• Outcome: Faster, safer iterations in the environment, repeatable walkthroughs, and patterns ready to map into real enterprise networks.

Related decisions (for example):

• ADR-0201 – EVE-NG Network Lab Architecture
• ADR-0601 – Nornir and Ansible Hybrid Automation

---

Walkthrough

No public walkthrough video is linked for this showcase yet.

The showcase demonstrates:

1. A change defined in Ansible inventory and playbooks.
2. Automated validation using Nornir tasks and tests.
3. Safe rollout across lab devices in an EVE-NG topology.
4. Run records capture (pre/post state, diffs, logs).

---

Architecture

• Key components:
• EVE-NG with multiple lab topologies (for example core and branch variants).
• Ansible for declarative configuration.
• Nornir for programmatic workflows and tests.
• CI/CD for running checks on playbooks and Nornir tasks.

---

Implementation highlights

• Use of inventories to represent multiple labs and device roles.
• Safe patterns for pushing config, including diffs and dry-run support where possible.
• Programmatic tests (for example reachability, BGP sessions, interface state) expressed in Python via Nornir.
• Run records captured for each change set and validation pass.

---

Assets and source

• GitHub folder for this showcase:
  https://github.com/hybridops-tech/hybridops-docs/tree/main/docs/showcases/network-automation

• Automation code:

• showcases/network-automation/declarative-ansible/
• showcases/network-automation/programmatic-nornir/

• showcases/network-automation/jenkins-pipeline/

• Topologies:

• showcases/network-automation/topologies/ – EVE-NG definitions and diagrams.

Academy track (if applicable)

In the Academy, this showcase can be expanded into a set of labs where learners:

• Build a simple playbook and roll it out safely.
• Implement a Nornir-based validation flow.
• Compare manual vs automated approaches in terms of time and reliability.

---

Role-based lens (optional)

• Network Engineer: sees practical paths to move from manual CLI to automation.
• Platform / SRE: sees how network changes can be integrated into broader CI/CD practices.
• Engineering Manager / Hiring Manager: sees that automation is approached in a safe, testable and auditable way.

---

Back to showcase catalogue

• Back to all showcases