Blog

Simplify and Speed Up Network List Management 

April 29, 2020 · by Rafal Pieniazek and Petr Artamonov at Schuberg Philis, an Akamai Partner

Faster, Simpler Network List Management

As Akamai’s partner in the Netherlands, we at Schuberg Philis create, control, and change highly complex ecosystems that are critical to the world by developing IT solutions that meet the increasing standards of the incredibly innovative tech world. 

In this blog post, we’d like to share our experience automating Akamai network list management to deliver fast, simple, and secure solutions.

While managing network lists, we found it time-consuming and difficult to track changes. We wanted more visibility and control in this process such as: 

  • Auditability — Change notifications with details on who made the change (possible via Event Manager) as well as what was changed and the state before it was made
  • More details — Extra metadata per IP address such as owner and department
  • Delegation of control — Enabling granular control (read/write) of specific network list(s) and reducing change execution time by removing the middleman (See Figure 1)
flow chart
Figure 1. Standard network list management change process

Streamlining Network List Changes

We set out to create a more efficient and transparent list management solution, while still having full oversight and control of changes that people execute. To start, we followed best practices in IT and created “Akamai Netlist as a Code” by automating the process of performing a network list change.

flow chart
Figure 2. Streamlining the network list change process 

In Figure 2 (above), we analyze the complexity and time-consuming process of a simple change. Our goal was to make the same change in an automated, secure, and quick manner. The solution (Akamai Netlist as a Code) proposed in this blog focuses on open source tooling and is only one of many possible ways to achieve the end result. We introduced a Git repository connected with several services working together to enable the end user to make a change with minimal involvement from other teams. 

Automating List Management

Open source tools

We adopted the following open source tools as our primary solution components:  

Flow

You can implement the solution in the four steps below, which can be modified to meet your needs. 

  1. Create a GIT repository
    Create a new repository in your own version control system or clone our example repository available under https://github.com/apiheat/example-netlist-management.

  2. Query and save all network lists
    Using CLI, query for all network lists and save them to respective files. This can be done using the following commands:

    #create a folder
    > mkdir lists
    #query and populates lists
    > akamai netlist get all | jq -r '.networkLists[].uniqueId' | xargs -I{} sh -c "akamai netlist get by-id --id {} --includeElements | jq -r '.list|.[]' > ./lists/{}"

  3. Set up your pipeline
    An example repository contains a gitlab-ci.yaml configuration file that you can immediately use to  give you the following setup shown in Figure 3.

    UI
    Figure 3. Pipeline setup

    In this step, you can adapt the pipeline to fit different use cases. For example, you can associate it with your ticketing workflow using custom external systems (such as via webhooks). With this in mind, a commit message is directly related to a ticket which, when approved, will enable the pipeline to deploy directly to production.

    Figure 4. Example pipeline
    Figure 4. Example pipeline
  4. Perform changes
    To finalize the solution, perform the changes and watch the pipeline execute the actions. For example, the results of some changes are shown in Figure 5.
     

    Figure 5. Pipeline results
    Figure 5. Pipeline results

     

Consistent, Secure, and Simple List Management

This solution provides additional detail, control, and accountability in network list management and is easy to customize to meet your organization’s needs. By providing a high level of automation, we were able to achieve a consistent, secure, and easy method to manage our network lists.