IPAM-As-Code

IP Address Management (IPAM) is often considered a necessary evil by most IT and Operations Engineers. Every time a new virtual instance in the cloud or on prem is instantiated, or an old fashioned server is deployed, both an IP address and DNS name need to be assigned...every time. Of course, the assigned IP address must be unique at least within a given routing domain, and the DNS name must be uniquely resolvable to enable users and other machines to connect with it. Beyond their respective uniqueness requirements, these core configuration elements must also be relevant to their respective deployment realms, such as subnet and DNS domain, so just any old assignment won't do. In addition, with the speed of today's business demanding a highly dynamic rate of change in creating, realigning or destroying virtual instances across a multi-cloud network, the assignment process must be always available and instantly responsive to not impede your business velocity.

While assigning IP addresses and DNS names using manual methods such as spreadsheets is doable albeit cumbersome if not error-prone when addressing the first two requirements for uniqueness and context, they collapse under the third requirement for highly available and highly responsive assignment performance. An automated IP and DNS assignment process is needed with the ability to modularly plug into your IT and Operations flows to successfully meet this third requirement, not to mention the first two. Clearly a performant, scalable API-driven solution with a reliable repository is required to fortify your infrastructure-as-code approach, supplying IPAM-as-code capabilities. 

When using terraform, Ansible, Service Now or any infrastructure or provisioning system, the incorporation of the IP and DNS assignments eliminates the manual process of consulting a spreadsheet or even non-integrated IPAM repository. These systems can request an IP and DNS assignment during flow execution by invoking your IPAM system's API, virtually obscuring your IPAM system to the joy of most IT and Operations Engineers! Finally, no more IPAM! 

Well, not so fast. While the mundane process of manual assignment vanishes, you'll still require visibility and some controls. You'll need to be able to track assignments and to assure adequate addressing capacity for each of your addressing domains. For example, you may need to manage assignments and capacity across multiple public cloud services, internal data centers, branch offices, SDWAN-connected sites, and remote and home workers. With a comprehensive IPAM solution you can maintain a cross-domain perspective spanning these diverse network environments through a single pane of glass, all while evanescing during the provisioning process.

IPControl from Diamond IP is a performant, scalable, REST API-driven solution with a reliable repository and a pervasive perspective to enable you to plug into any programmable API environment for automation, while providing comprehensive IP and DNS visibility. Diamond IP solutions offer the broadest, most flexible IPAM solutions, from enabling IPAM-as-code as highlighted here, to IPAM-as-service with our managed services and everywhere in between as well as extensive DNS security solutions. Please contact me to learn more about how to make your IPAM disappear!

Comments

Popular posts from this blog

Handy AAAA filter in BIND 9.8

Inglorious DDI

BIND 9.8.0 Adds DNS64 Support - Part 2 - How is it configured?