Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.

Embodiments provide a system and method for building idempotent configuration management modules for cloud infrastructure services. Idempotency of a configuration management (CM) task in a CM plan is one of the mechanisms used to achieve repeatable and reliable automations of configuration management tasks. This helps DevOps and operations personnel reliably apply and maintain configuration of their systems.

This document relates to a process for managing remote devices within an organization. Upon receiving device state information from the remote device, a cloud-based management server can analyze the device state information of the remote devices, and categorize the remote devices into a number of categories that reflect each device's state with respect to co-management enrollment. The categories can be presented to a user in order to provide a comprehensive view of the state of various remote devices in relation to their co-management state. Various co-management enrollment actions can then be issued to the remote devices in order to enroll a device in co-management, or upgrade a co-management category associated with the device.

A tool is provided to generate one or more communication paths through one or more networks from a starting location to an ending location. The generated communication paths may be displayed for comparison by a user or computing device and, upon selection, the one or more networks may be configured or provisioned to instantiate a selected communication path in the networks. In particular, the selected communication path may be provided to one or more corresponding network configuration systems to communicate with the network devices in the communication path and alter the operating state of the network devices according to the communication path information. Some implementations of the network path tool may provide an auditing of diversity aspects of a network path or circuit that may receive network path information and display diversity audit information through any user interface utilized by the path computation tool.

An example computing system includes one or more processing units implemented in circuitry and configured to: process an intent for configuration of a plurality of managed network devices, the intent representing authorization of access to capabilities of applications accessible to users of the managed network devices according to roles assigned to the users; receive advertised capabilities from a new application accessible to the users; receive a request for authorization to one of the capabilities of the new application from one of the users; determine one of the roles assigned to the one of the users; determine whether the intent grants authorization to the one of the capabilities according to the one of the roles; and grant the one of the users access to the one of the capabilities when the intent grants authorization to the one of the capabilities according to the one of the roles.

A network management system may discover a plurality of network devices behind a network address translation device, such as a firewall. The network management system may receive a model of N network devices, generate a bulk activation configuration for the N network devices and commit the bulk activation configuration on a seed network device. The network management system may receive a request for a first connection from a first neighboring network device and may connect to the first neighboring network device. The first neighboring network device may have received the bulk activation configuration from the seed device. The network management system may determine whether the first neighboring network device is one of the N network devices and commit a second activation configuration on the first neighboring network device if it is one of the N network devices. A plurality of neighboring network device may be configured in this fashion.

Methods, systems, and articles of manufacture, including computer program products, are provided for configuration monitoring. In some embodiments, there is provided a method that includes: sending a container image to a second cloud platform hosting a production system, wherein the container image includes configuration instructions to configure monitoring of an application at the production system hosted at the second cloud platform and at least one value to be monitored at the application at the production system hosted at the second cloud platform; receiving at least one message including the at least one value indicative of a current state of the application and/or the cloud platform; comparing the at least one value to at least one threshold; and in response to the at least one value exceeding the at least one threshold, sending an alert message.

A network controller automatically adjusts a computer network based on the operational information of an industrial device. The network controller receives a notification from a network element in the computer network that the industrial device attached to the network element has an administrative shell. The administrative shell includes operational information describing the operation of the industrial device. The network controller retrieves the administrative shell from the industrial device. The network controller parses the operational information in the administrative shell to determine an intent for the industrial device, and adjusts the computer network based on the intent of the industrial device.

Provided are systems, methods, and computer products for interactive cable routing and planning optimization for customized hardware configurations. An example method includes receiving a set of cable characteristics and a set of user selections, in which the set of user selections are received via a graphical user interface (GUI). Identifying possible cabling routes for a hardware configuration based, at least in part, on available plug start and termination locations. Ranking each of the possible cabling routes based, at least in part, on a prioritized list of optimization criteria and the set of cable characteristics. Generating a suggested cabling configuration for one or more applications based, at least in part, on the set of cable characteristics, the set of user selections, and the ranking. Outputting the suggested cabling configuration to the user by at least providing a three-dimensional view of the suggested cabling configuration via the GUI.

Disclosed embodiments include systems and methods for filter-based composition of network device configuration including a database associating network devices in management with data points of interest, a network server that communicates over a network with the database and at least one network device in management, and a configuration filter module, stored at least in part on the network server, and including rules for configuring the at least one network device in management.