As products have become more specialized, they are appealing to an increasingly narrow and more sophisticated customer set. Firewalls are no longer meant for IT engineers, but firewall experts. SSL requires deep knowledge of SSL certifications. Such segmentation subsequently requires specialized expertise from IT personnel and poses a multidimensional challenge for hiring managers.
Not only do IT managers need to find personnel who can shift between areas of network infrastructure, such as managing a LAN to a WAN, but between domains as well, such as between applications, storage, and networks. “In many cases, it’s still challenging to find one individual who can go broad and deep,” says Pablo Espinosa, director of network engineering at Intuit. Espinosa built a team around full stack principles at Intuit.
This gap hasn’t gone unnoticed by the vendor community. Input from several ONUG member companies suggests that vendors will ease the transition to full stack by making their products more accessible to, and more easily controlled by, a broader audience. This is, in part, facilitated by the adoption of software-defined networks (SDN) across the enterprise. “By abstracting underlying physical transports, SD-WANs are moving networks closer to applications,” says Murtuza Attarwala, distinguished engineer at Viptela, a SD-WAN provider. An increasingly ubiquitous layer for the entire enterprise fabric – whether in the datacenter and branch or between them, across the campus and WAN – better positions application-savvy, full stack engineers knowledgeable about SDN in one area to understand another infrastructure domain.
The move to enable full stack personnel to reach between domains is occurring on a number of levels. At the most basic level, deployment, which has long been a challenge for non-specialists, is quickly becoming a non-issue.
The increased focus on rapid deployment is making the WAN, for example, more approachable. To varying degrees, SD-WAN vendors offer auto-configuration, shielding the full stack engineer from the network and security configuration complexity that historically typified WAN installations.
It’s not just the basic networking functionality that’s simplified, but also much of the ancillary complexity in delivering applications to the branch. “The flexible policy framework empowers full stack engineers to define behaviors governing network, security, and application SLA characteristics of the Wide Area Network delivery,” says Attarwala.
It should be noted that some degree of network engineering expertise is still required to configure the policies and rules downloaded into remote devices to enable auto-configuration. This is still far simpler, though, than historical branch configuration.
Management interfaces also play a big role in aiding the transition. Vendors continue to deliver arcane CLIs that appeal to specialists, but today the usability and functionality of their graphical interfaces is the focus. Viptela is a good example on this front. The company introduced their product with a Cisco-like CLI. The interface continues to be available for specialists, but the company also offers its graphical dashboard.
Programming the Network
As for programmatic control, all of the vendors are providing application programming interfaces (APIs) into their systems. “The goal is to develop new kinds of solutions, faster and easier, such as automated remediation of network outages,” notes Oliver Huynh Van, CTO and co-founder of Glue Networks.
Whereas monitoring platforms focus on data collection, analysis, and visualization, they are unable to orchestrate changes to the network. Not so with an orchestration system, such as Gluware. “With API integration between Gluware and network monitoring systems, automatic remediation of problems on the network becomes possible,” says Huynh Van. According to Huynh Van, Glue allows software engineers to integrate their systems with Gluware Control APIs without requiring any specific networking knowledge. With Gluware 2.0, Glue offers northbound and southbound APIs for integration with other IT systems.
IT integration is a common theme among ONUG members. “We have exposed our vPorts and application analytics, which allow users to automate and get visibility into physical and virtual networks along with applications,” says Sunay Tripathi, founder and CTO of Pluribus Networks, provider of a fabric clustering solution. “We also introduced higher level abstractions that allow cloud managers, such as OpenStack, to virtualize the network along with the rest of servers, storage, and cloud managers.
Full stack engineers can access Hewlett Packard Enterprise’s networking equipment through an “intent-based programmatic API,” says Rafi Tzadikario, vice president of switch software at Hewlett Packard Enterprise (HPE). “It allows the full stack engineer to easily write applications that leverage the infrastructure as a tool,” he says.
Deeper integration is also possible. “In the recently launched OpenSwitch, we allow the full stack engineer to tinker with the code at all levels – from the kernel, through the protocol stack, and all the way up to the network applications,“ says Tzadikario.
Efforts are also being made to simplify deployments across networking companies. Glue Networks, for example, introduced Gluware Lab last June. The company claims Gluware Lab allows network engineers to programmatically develop custom policies and configure network features on multi-vendor network equipment without traditional software programming skills or tools. The Gluware Lab automatically generates the necessary code.
There’s little question the emergence of full stack will bring about new changes in vendor offerings. But even all the improved interfaces and auto-configuration technologies can’t replace a smart engineer. “You still need someone who knows networking engineering principles,“ says Pablo Espinosa, “What’s changing is how you manage and maintain that environment.”