Hi All,
Let’s say we have 500 network devices and we use ansible or nornir.
If we deploy it from let’s say single configuration management server that single would be single point of failure or let’s say single point of security hit ?
What are other strategy to manage such scenario such as doing regular backup of devices and storing running config in some sort of storage ?
Thanks and regards,
Parth
Hi All,
Let's say we have 500 network devices
I'm sure there are people here who would not describe that as "massive" 
and we use ansible or nornir.
If we deploy it from let's say single configuration management server that
single would be single point of failure
Keep a mirror of your ansible server and its configuration. Either machine can
then perform updates and installations. There's no reason ansible and its
configuration needs to exist on only one machine.
or let's say single point of security hit ?
Your ansible server should not be exposed to access from the Internet.
Your ansible server needs to connect to your managed servers, but it does not
need to be reachable by any external system.
What are other strategy to manage such scenario such as doing regular
backup of devices and storing running config in some sort of storage ?
Taking backups of devices which are managed / installed by ansible is probably
a good idea, but is entirely outside the scope of what ansible needs to do
(other than perhaps install the backup system).
As for "storing running config", that depends very much on what your managed
servers are doing, and how you would intend to recover if one went down, got
corrupted, caught fire, or became unreachable.
Ansible is a configuration management system. Backups and high availability
are separate topics with separate tools.
Antony.
Thanks Antony. I assumed 500 devices as an example. I saw a vedio from redhat about 10000 devices management using ansible it can be considered as massive and makes sense 
What solution you would prefer for taking backups of network devices ?
Please define "devices"
Until we know that - what O/S are they running, what can be installed on them,
what network connectivity & bandwidth do they have... there is no simple
answer.
Even once we do know that, there's probably no simple answer, but at least
people can start to make potentially useful suggestions
Antony.
I am obviously talking about network devices here
Here is video which I am referring to if you haven’t walkthrough - https://www.youtube.com/watch?v=HtMeDbGEylU
What is a "network device"? Do you mean routers, switches, SANs, firewalls,
web servers, mail servers, DSL modems...?
I ask simply because the term "network device" is (to me, at least) very non-
specific, and can basically mean anything which is connected to a network or
forms part of a network.
Antony.
Me referring this as a generalized network devices management with ansible same as video description. My question was generalized if we have 10k network device what should be configuration management strategy evolved. It wasnt specific to particular vendor or switch or router etc…
Ref :- https://www.youtube.com/watch?v=HtMeDbGEylU
Ansible allows network management across virtually any device platform. Any network device can be managed via SSH or an API. We took this cutting-edge network automation to scale with a customer’s global network infrastructure, giving them the ability to manage nearly all of their network devices at one time.
Me referring this as a generalized network devices management with ansible
same as video description. My question was generalized if we have 10k
network device what should be configuration management strategy evolved.
Oh, sorry, I thought we were talking about a backup mechanism for whatever
these network devices were.
Alright…not a problem. Thanks Antony for prompt response 