Infrastructure as Code

Run your network like an application

Infrastructure as Code (IaC) enables DevOps teams and system administrators to create and control the network through code, just like in the cloud.

Network Operations with IaC

Modern infrastructure tools (Terraform, Ansible, Kubernetes, Puppet, Chef) enable teams to define and deploy network infrastructure with ease, ensuring reliability and efficiency.

Intended network policy is pushed into git

See what is expected to change

Apply governance rules and review

Provision the network changes

New network state

Terraform Provisioning Example

Just like the public cloud…

Equivalent to a VPC, a tenant in your private cloud is isolated from other workloads and adheres to your stated security policy.

finance-app.tf

# Define a tenant
resource “tenant” “finance” {
security_mode = “default_allow“
enabled = “true“
vrf_vlan = 2
}

Workloads are isolated…

The tenant contains multiple services (virtual networks and subnets) that connect your physical servers while still isolating workloads.

# Define two services
resource “service” “finance_www” {
tenant           = “finance“
vlan             = 10
enabled = “true“
vnid             = 10010
prefix           = “10.0.0.0/24“
dhcp             = “enabled“
}

resource “service” “finance_backend” {
tenant           = “finance“
vlan             = 11
enabled          = “true“
vnid             = 10011
prefix           = “10.0.1.0/24“
dhcp             = “enabled“
}

So you can work with high level objects…

Group related services together into a template for more complex network configurations.

# Group the services into an eth-port-profile resource “eth-port-profile” “finance_app” { services = “finance_www, finance_backend“ }

To declaratively control your infrastructure.

Assign the group of services to a physical switch port and control the port settings.

# Assigns VLANs/VXLANs to ports
resource “port” “ethernet1” {
description      = “finance_server_1“
speed            = 40G
enabled          = “true“
eth_port_profile = “finance_app“
}

Satisfy your NetOps and DevOps requirements

Verity is ideal for networks operated via IaC due to its support for atomic-level change control as well as high-level service abstractions. NetOps and DevOps engineers can use their preferred toolset and control Verity in any manner they choose. There are two ends of the control paradigm:

Integrations

Verity provides an OpenAPI standards compliant REST API with full documentation via Swagger. Verity can be controlled with Terraform or OpenTofu using the custom provider available from the Terraform Registry. A native Ansible playbook for Verity is under development.

For more information, download the Solution Brief