Scribd
Upload
134 views66 pages

Programmability for Non-Coding Engineers

1. GET - Used to retrieve resource details from the system, such as getting a list of books from a library. 2. POST - Used to create a new object or resource, like adding a new book to a library. 3. PUT - Typically used to replace or update a resource, such as updating information about a book in the library.

Uploaded by

Harry H
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
134 views66 pages

Programmability for Non-Coding Engineers

1. GET - Used to retrieve resource details from the system, such as getting a list of books from a library. 2. POST - Used to create a new object or resource, like adding a new book to a library. 3. PUT - Typically used to replace or update a resource, such as updating information about a book in the library.

Uploaded by

Harry H
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

#CiscoLive

Programmability Skills for Engineers


Who Don't Want to Code

Hank Preston, Principal Engineer Learning and Certifications


ccie 38336 | devnet expert 20220001
@hfpreston
BRKOPS-1237

#CiscoLive
Cisco Webex App

Questions?
Use Cisco Webex App to chat
with the speaker after the session

How
1 Find this session in the Cisco Live Mobile App

2 Click “Join the Discussion”

3 Install the Webex App or go directly to the Webex space Enter your personal notes here

4 Enter messages/questions in the Webex space

Webex spaces will be moderated


by the speaker until June 9, 2023. https://ciscolive.ciscoevents.com/ciscolivebot/#BRKOPS-1237

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
#CiscoLive IBOOPS-1214 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Spreadsheet driven
automation
• Aw CRUD, we gotta talk a
little about APIs
• Source of Truth, it doesn’t
have to be you anymore
Agenda • pyATS - How to no-code
and automate networks
• Ansible the Hammer of
Network Automation

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Spreadsheet
driven
automation
Story Time
with Hank

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
“Network Engineering Runs on Spreadsheets”

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Device Configuration Standard
crypto isakmp policy 10
encryption aes
hash sha256
authentication pre-share
group 14

crypto ipsec transform-set <TRANS_SET> esp-aes esp-sha256-hmac

crypto isakmp key <PRESHARED_KEY> address <PEER_ADDRESS>

access-list <ACL_NUM> permit ip <LOCAL_NET> <LOCAL_MASK> <REMOTE_NET> <REMOTE_MASK>

crypto map <MAP_NAME> 10 ipsec-isakmp


set peer <PEER_ADDRESS>
set transform-set <TRANS_SET>
match address <ACL_NUM>

interface <OUTSIDE_INT>
crypto map <MAP_NAME>

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Creating the Access List Configuration

! Site 1 Access List


access-list <ACL_NUM> permit ip <LOCAL_NET> <LOCAL_MASK> <REMOTE_NET> <REMOTE_MASK>

! Site 1 Access List


access-list 100 permit ip 10.98.128.0 0.0.3.255 172.28.11.0 0.0.0.255

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Creating the Access List Configuration

! Site 2 Access List


access-list <ACL_NUM> permit ip <LOCAL_NET> <LOCAL_MASK> <REMOTE_NET> <REMOTE_MASK>

! Site 2 Access List


access-list 100 permit ip 172.28.11.0 0.0.0.255 10.98.128.0 0.0.3.255

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Using CONCAT Function in Excel to Create
Strings

=CONCAT("access-list 100 permit ip ",


VPNs[@[Side 1 Inside]]," ", VPNs[@[Side 1 Mask]], " ",
VPNs[@[Side 2 Inside]]," ", VPNs[@[Side 2 Mask]])

• Fill in the blank configuration creation


• Once formulas created, ”fill down” for other
rows / sites

Help info on CONCAT Function

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
CONCAT your CONCATs for Full Configs
Common Config Elements
=CONCAT('Common Info'!$C$2,
'Common Info'!$C$3,
B2, D2, C2, E2)

Per VPN Configurations

Tip! Don’t forget to add spaces and new lines where needed
#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Demo!
• MID – Pull characters out of a string
• REPLACE – Change characters in a
string

Other Useful • FIND – Locate a character in a


string
Functions • TRIM – Remove white space
• RAND / RANDBETWEEN – Provide
a random number
• Lots more!

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
• Business runs on
spreadsheets… not just
networking
• Formulas are WAY faster
Why should I care? and consistent than manual
• Double check, then triple
check results!
• But be careful you don’t go
too far…

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Aw CRUD, we
gotta talk a little
about APIs
In the beginning…
Humans were the
only users

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Software displays results
in User Interface (UI)

In the beginning…
Humans were the
only users

User asks for data or takes


action by interacting with UI

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
“It’s a way for two
pieces of software to
talk to each other”

What exactly IS an API?

BRKOPS-1237 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
My Software
Software returns System
results via API

Now software talks


to software

Your Software Software asks for


System data by interacting
with API

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
APIs aren’t
scary… you
already use
them
Command Line Interface (CLI)
Designed for Humans… so #!/usr/bin/expect -f

more a UI than API send "conf t\n"


expect "(config)#"
but...
send ”hostname my_switch\n"
• Network Management Systems expect "(config)#"
send "ntp server 10.10.10.101\n"
• Expect Scripts expect "(config)#"
send "ip domain-name domain.intra\n"
• Paramiko/Netmiko expect "(config)#"

• NAPALM send "end\n"


expect "#"
send "write mem\n"
expect "#"

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Simple Network
Management Protocol
(SNMP)

“designed as a
programmatic interface
between management
applications and devices”

https://tools.ietf.org/html/rfc3535

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Representational State Transfer (REST)
• API framework for simple web
services
• Another use for the HTTP
protocol
• Popular due to performance,
scale, simplicity, and reliability

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
RESTCONF

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
The URI: What are you Requesting?
https://router-01.example.com/restconf/data/Cisco-IOS-XE-native:native/hostname

Server or Host Resource

• Server or Host Response


{
• Resolves to the IP and port to "Cisco-IOS-XE-native:hostname":
connect to "csr1000v-1"
}
• Resource
• The location of the data or • JSON data returned
object of interest on the server
• Based on YANG model

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
HTTP Methods: What to do?
HTTP Verb Typical Purpose (CRUD) Description
Used to create a new object, or resource.
POST Create Example: Add new book to library
Retrieve resource details from the system.
GET Read Example: Get list of books from the library
Typically used to replace or update a resource. Can be used to
PUT Update modify or create.
Example: Update the borrower details for a book
Remove a resource from the system.
DELETE Delete Example: Delete a book from the library.

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Demo!
• IT System Integrations
• Understand and work with
automation peers
Why should I care? • Evaluate APIs from your
products and vendors
• APIs are cool, add it to
your resume!

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
• REST API Fundamentals
Learning Module on
Resources DevNet
• Introduction to RESTCONF
Learning Lab on DevNet

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Source of Truth,
it doesn’t have
to be you
anymore
Lookup
Desired State

How does Compare to


automation work? Current State

Do Something

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Lookup
Desired State

How does
automation Compare to
network Current State

engineering work?
Do Something

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
What types of data make up “Desired State”
• IP Addresses • Cables / Circuits
• Interface settings • Management Access
• VLANs • Status
• Software Versions • Standards
• Credentials • Application / Service Details
• Serial / Asset Numbers • Host Details
• Neighbors

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
• In your head
• In someone else’s head
• On a spreadsheet
Where is the data • On a network diagram
found? • Text docs and notes apps
• Paper notes and scrap
paper
• Within the network

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
#CiscoLive © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
#CiscoLive © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
Device Installation Workflow with Source of Truth

Add Gear to DHCP Provides IP Contact


Install, Cable,
Source of Truth and Deployment Deployment Server
Power on Gear
(SoT) Server (DS)

DS renders
DS/Gear updates Gear applies DS sends
bootstrap config
SoT with status bootstrap config bootstrap config
from SoT

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
• CSV Files
• YAML / JSON Files
Common • Git Repositories
Automation Source • APIs into Other
Applications
of Truth Options • IPAM / DCIM
• Secret Management
• Service Desk / CDB

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
#CiscoLive © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
• “Single” is a fantasy
• Goal should be ”single per
domain”
IPAM, DCIM, Secrets, etc
”Single” Source of

• It takes discipline to maintain


Truth Realities • Culture change - “Document
First”
• Go in phases and celebrate
success

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
pyATS – How to
no-code and
automate
networks
“Could you get me this
info from all of the
devices in the network?”

© 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Serial Numbers
• Interface status
• Routing table
“Could you get me this • ARP / MAC tables
info from all of the
devices in the network?” • Logs
• Etc
• Etc
• etc

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
We all have our cheats…

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
100%| █████████████████████████████████████████ | 1/1 [00:00<00:00, 1.89it/s]
+===========================================================================+
| Genie Parse Summary for rtr1 |
+===========================================================================+
Per device | Connected to rtr1 |
| - Log: output/ip_routes/connection_rtr1.txt |
results |---------------------------------------------------------------------------|
| Parsed command 'show ip route' |
| - Parsed structure: output/ip_routes/rtr1_show-ip-route_parsed.txt |
Command to Run | - Device Console: output/ip_routes/rtr1_show-ip-route_console.txt |
|---------------------------------------------------------------------------|

100%| █████████████████████████████████████████ | 1/1 [00:00<00:00, 2.00it/s]


+===========================================================================+
| Genie Parse Summary for rtr2 |
+===========================================================================+
pyats parse "show ip route" \ | Connected to rtr2 |
| - Log: output/ip_routes/connection_rtr2.txt |
--testbed-file testbed.yaml \ |---------------------------------------------------------------------------|
| Parsed command 'show ip route' |
--output output/ip_routes | - Parsed structure: output/ip_routes/rtr2_show-ip-route_parsed.txt |
| - Device Console: output/ip_routes/rtr2_show-ip-route_console.txt |
|---------------------------------------------------------------------------|

100%|█████████████████████████████████████████| 1/1 [00:00<00:00, 2.05it/s]

Network Inventory +===========================================================================+


| Genie Parse Summary for rtr3 |
Captured Output +===========================================================================+
| Connected to rtr3 |
| - Log: output/ip_routes/connection_rtr3.txt |
|---------------------------------------------------------------------------|
Per Device Results | Parsed command 'show ip route' |
| - Parsed structure: output/ip_routes/rtr3_show-ip-route_parsed.txt |
- Parse = JSON Data | - Device Console: output/ip_routes/rtr3_show-ip-route_console.txt |
|---------------------------------------------------------------------------|
- Console = Raw Data

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Demo
• Collect network baselines
pyATS can do • Quickly find differences
much more • Create robust network tests
(does require coding)

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
• pyATS home on DevNet
Resources • pyATS CLI Hands On Lab

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Ansible – The
Hammer of
Network
Automation
• OpenSource Infrastructure as
Code tool
• Low barrier of entry into
automation
Why Ansible? • Coding skills not needed
• Very popular -> Lots of
examples
• Broad network automation use
cases

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
- name: Side 2 Config
loop: "{{ vpns.list }}"
loop_control:
label: "{{ item.vpn_name }} Side 2"

Ansible, it isn’t
vars:
vpn_name: "{{ item.vpn_name }}"
preshared_key: "{{ item.preshared_key }} "

“code”… it’s just


source_network: "{{ item.side_2_inside }}"
source_mask: "{{ item.side_2_mask }} "
destination_network: "{{ item.side_1_inside }}"

YAML 🙂 destination_mask: "{{ item.side_1_mask }}"


tunnel_destination: "{{ item.side_1_public_ip }}"
tunnel_interface: "{{ item.side_2_outside }} "

ansible.builtin.template:
src: ios-vpn.j2
dest: configs/{{ item.vpn_name }}-side2-config.txt

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Maybe I’m ready to try
something new…

Another approach to the Spreadsheet


Driven Automation
BRKOPS-1237 © 2022 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
CSV

CLI

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Demo!
• Apply configurations
directly to devices
Ansible can do • Complex workflows
much more • Manage network, compute,
storage, cloud, etc at once

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
• Ansible on DevNet
• Ansible Core Docs
• Reading from CSV
Resources • Using Jinja Templates

• Jinja Template
Documentation
• Demo Example Code

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
In closing…
Programmability…
Nothing to be
afraid of!

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
• Spreadsheet driven automation
• Aw CRUD, we gotta talk a little about APIs

What did we • Source of Truth, it doesn’t have to be you


anymore

cover? • pyATS - How to no-code and automate


networks
• Ansible the Hammer of Network
Automation

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Hank Preston
• Stay in touch:
• Webex/Email: [email protected]
• Twitter: @hfpreston
• Blogs: https://blogs.cisco.com/author/hankpreston

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Fill out your session surveys!

Attendees who fill out a minimum of four session


surveys and the overall event survey will get
Cisco Live-branded socks (while supplies last)!

Attendees will also earn 100 points in the


Cisco Live Challenge for every survey completed.

These points help you get on the leaderboard and increase your chances of winning daily and grand prizes

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
• Visit the Cisco Showcase
for related demos

• Book your one-on-one


Meet the Engineer meeting

• Attend the interactive education


with DevNet, Capture the Flag,
Continue and Walk-in Labs

your education • Visit the On-Demand Library


for more sessions at
www.CiscoLive.com/on-demand

BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Thank you

#CiscoLive
Gamify your Cisco Live experience!
Get points for attending this session!

How:
1 Open the Cisco Events App.

2 Click on 'Cisco Live Challenge’ in the side menu.

3 Click on View Your Badges at the top.

4 Click the + at the bottom of the screen and scan the QR code:

#CiscoLive BRKOPS-1237 © 2023 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
#CiscoLive

You might also like