Automation vs. Orchestration: What’s the Difference and How to Pick the Right Tool

Both automation and orchestration bring massive value to the business and the end-user while providing a single platform to the IT organization to help curb those dreaded “day-to-day operations” to tasks that truly provide value. On the surface they look to mean the same thing, and in some ways they may be. But in the context of IT, they are very different.


So what are these?

“Orchestrate, you mean create scripts, right? We already do that!”…Not exactly. Orchestration, or as I sometimes refer to it, integration, is the process of taking a “simple” task and creating a workflow. The basic idea of a workflow is taking the task at hand, breaking it down as much as you can, adding logic along with input(s), then outputting a value that is either an output of the logic, interaction, or possibly a Boolean value. I call it integration because orchestration in the context of IT is the process of “automating” explicit processes already in existence that take human interaction (and errors/fat fingers, etc.) every time that do not add value to the business. An often forgotten and neglected area that I see in almost every IT organization that benefits immensely from orchestration is any type of decommission/removal task.

Automation takes orchestration one step further. The automation layer will use everything from and relies heavily on the orchestration layer but adds functionality. A billing model (chargeback/showback), a business group model, and other integrations that will allow an end-user to request infrastructure, applications, and custom IT services. When (not if) you get to the stage where you want to automate, you will need to pick a tool – I won’t get into a specific one as they all serve a similar purpose, but settle on one as a company. This tool’s main purpose is to serve as a broker between the end-user and (the orchestrator) all of the systems that you have orchestrated. This tool will hold credentials, endpoint IPs, port numbers, and various other attributes needed to communicate with your external systems in an encrypted and secure fashion. You can then take those disparate systems and use them as building blocks to create your ‘X’aaS.

How would I use them?

Practical examples of automation and orchestration:

Orchestration: A very good, simple example of orchestration is requesting an IP. You may have inputs around a subnet, port group name, or server type along with credentials to gain access to the IPAM solution. The output is an IP that has been reserved in DNS and is ready to use in seconds. Within that process there have been various steps of logic taken in finding the subnets, verifying there is available capacity, reserving the IP, and sending the end-user that IP. There is also logic that if the flow fails for various reasons (e.g.,, out of capacity) the end-user will be notified with a useful error that can then be acted upon. On the decommission/removal task front, the aforementioned flow would have an orchestrated workflow to do the cleanup of the reserved resources; in this case, a DNS entry.

Automation: HRaaS (Human Resources as a Service) – An HR person logs into a portal and submits a request for a new employee. The only info she provided was the new username along with their first and last name. This process will reach out to LDAP to create the username, reach out to exchange to create a mailbox, send a request to the badging appliance to allow their LDAP GUID access to the building, and then finally send an email over to the badging department with their name, username, and GUID to make the badge so it is ready on the new employee’s first day.

The HR person wasn’t asked for port numbers or the GUID, and a ticket wasn’t dropped in someone’s lap halfway though the process to sit on for three days, either. Instead, the entire process was completed end-to-end and HR is only waiting on the physical badge to be created. Also, this process touched a few very important systems throughout the enterprise and no one was prompted for a username or password, as everything was managed by the disparate system owners.

So, what now?

Orchestrate, orchestrate, orchestrate!

Every IT organization should be using an orchestrator. Simply put, you can orchestrate tasks that take a human minutes or hours in (milli) seconds with 100% repeatability. Microsoft and VMware both have “free” orchestrators with their products: System Center Orchestrator and vRealize Orchestrator that is currently bundled with vCenter (Yes, vCenter)!

Pick a tool – One tool! I’ve seen IT organizations where the networking team is using one tool, the infrastructure teams are using two different tools, and the AppDev teams are using another tool, where there is obviously no strategic direction. These tools are usually not free and more importantly, the time it takes to train your team is a significant investment. So now, you have various teams in an organization learning different tools and all fighting to accomplish nearly the same thing.

Need help picking a tool or learning how to orchestrate? We spend hundreds of hours each year in the AHEAD Lab and Briefing Center evaluating technologies so you don’t have to. We can show you the ropes in our Automation and Orchestration briefing.


Subscribe to the AHEAD I/O Newsletter for a periodic digest of all things apps, opps, and infrastructure.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.