3.0 Network Device Programmability
MDT on CLI
"telemetry model-driven" "sensor-group" = what to stream "destination-group" = where to stream "commit"
gRPC
Google RPC uses HTTP/2
Netmiko
Python based SSH client useful for Day 1 operations
Requests
Python library which allows you to send RESTCONF APIs easily "import requests" get(), post(), delete()
How to run an Ansible playbook?
ansible-playbook <file.yml>
MDT on RESTCONF
can only be configured (dial out) <mdt-subscription> If it is periodic, it will have a period specified. If it is upon change, there will be no period specified.
MDT on NETCONF using RPC Response
can only be dynamic (dial in) sends a <subscription-result> element with a result string 200 = OK error-no-such-subscription: the specified subscription does not exist error-no-such-option: the request subscription is not reported error-insufficient-resources: a subscription cannot be created because there are too many subscriptions, the amount of data requested is too large, or the interval for a periodic subscription is too small
MDT on NETCONF using RPC sent Periodically
can only be dynamic (dial in) specified by two parameters: Period interval for which to report updates anchor time which is a reference point in time that can be used to calculate at which points in time periodic updates need to be assembled and sent
MDT on NETCONF using RPC sent On Change
can only be dynamic (dial in) update occurs whenever a change in the subscribed information is detected optional parameters: dampening period to specific interval which has to pass before successive update records for the same subscription are generated for a received change type to reduce the types of datastore changes for which updates are sent no sync on start to define whether or not a complete push update of all subscribed data will be sent at the beginning
gNMI
carried by gRPC network management interface mechanism to install, manipulate, and delete the configuration of network devices, and also to view operational data support for telemetry dial in Commands: capabilities = initial handshake to exchange capability info set = modifies data from server get = retrieves data on the server subscribe = control data subscription on server
Periodic / Cadence Telemetry
continually streams data at a configure cadence (interval) sends complete object set every time
ELK Stack
log analytics platform Elastisearch = search and analytics engine Logstash: stores info Kabana: visualization front end subscribe to information that is being published from the device publisher = network device subscriber = computer/collector uses Yang Model (paths-filter), which is referred to as a sensor path
Benefits of Telemetry Data
remote management traffic optimization proactive troubleshooting data visualization monitor and control
Stream
set of events that can be subscribed to, specified within the MDT statement
Yang-Push
stream option for IOS XE industry standard option can be used for periodic or upon change supports an XPath filter to specify what data is of interest
Yang-Notif-Native Stream
stream option for IOS XE uses Cisco XE's native technology can only be upon change supports an XPath filter to specify what data is of interest
On Change Telemetry
streams data only when a state transition occurs and thus optimizes data that is collected at the receiver asynchronous notifications uses patch syntax
Multithreading
Before: Each "bag" of data is requested by the MDT backend thread individually and sequentially With Multithreading: allows MDT requests to be sent in parallel to optimize overall performance
ZTP Process
Client sends DHCP Discover to DHCP Server with Option 60 (vendor) or Option 61 (device serial number) DHCP Server responds with Offer message which specifies DHCP 150 to identify the TFTP server IP and option 67 to identify the configuration file Client sends a TFTP read request to the TFTP server with the configuration file name TFTP server responds with the TFTP file download The file is renamed and downloaded to the client as "download_script.py" and is stored in Flash memory. The script is executed on client using guest shell. After this, the client has network connectivity.
iPXE Process
DHCP Discovery issues by client to get an IP address using Option 60 (vendor) or Option 61 (device serial number) DHCP Server responds with DHCP Offer with TFTP Server and boot file (image to download) Client sends a TFTP Read Request with boot file name to the TFTP server TFTP Server responds with the TFTP file download
Controllers
DNA Center (Cisco) Network Service Orchestrator (Cisco, but works with third party) Open Daylight (standard)
Dynamic Subscription
Dial In subscriber requests to be added to streaming, cannot be modified but can be terminated configured via NETCONF subscriber and receiver are the same life is tied to session will need to be reinitiated after a SSO dynamic subscription ID collector dials in to the router
Configured Subscription
Dial Out streams data to more than one receiver receiver is not necessarily the subscriber can be modified or terminated at any time life is tied to running configuration - allows it to immediately reconnect after an SSO fixed subscription ID router dials out to collector configured via CLI, NETCONF or RESTCONF
MDT on NETCONF using RPC
<establish-subscription> <modify-subscription> <delete-subscription> can only be dynamic (dial in)
NCClient
NETCONF client for Python performs client to server connection, authentication, capability exchanges and connection manager manager module exposes NCClient functionality
ConnectHandler() (Netmiko)
Netmiko method initiates a connection with a device requires IP address, username, password, and device type information to successfully initiate
establish_connection() (Netmiko)
Netmiko method reinitiates connection in cases when a device is disconnected manually or automatically due to a connection timeout default is 60 seconds
send_config_set() (Netmiko)
Netmiko method sends 1 or a list of configuration commands to the device, must be String we do not need to specify "conf t", Netmiko handles that for us
send_config_from_file() (Netmiko)
Netmiko method applies a configuration file to the device
is_alive() (Netmiko)
Netmiko method determines if connection is alive, returns Boolean
disconnect() (Netmiko)
Netmiko method manually disconnects session
send_command() (Netmiko)
Netmiko method senda an operational show command to the device
Traditional Telemetry
PULL methodology data is only obtained upon request resource-intensive causing gaps in collected data and manual intervention
Modern Telemetry
PUSH methodology streams data from the device (data exporter) which can then be subscribed to from various data collectors
PnP
Plug and Play Cisco proprietary more centralized, "turn key" solution as it is highly scalable and secure uses optional cloud redirection server no client side DHCP needed image must be installed on the device because it boots from device use to centrally apply initial configuration and NOS
PnP Components
PnP Server = DNA Center PnP Agents are on the devices Network = IP connectivity between devices and DNA Center PnP Protocol (XML over HTTP using RPC)
PnP Process
PnP sends DHCP Discover to DHCP Server DHCP Server responds with option 43 which has DNAC IP address or DNS query to pnpserver.globo.com if the IP in unavailable Client sends a HTTP POST request to /pnp/WORK-REQUEST to PnP Server PnP Server sends HTTP Response with data Client downloads config from sent data PnP server adds device to DNAC inventory
iPXE
Preboot Execution Environment standards-based device boots from network OS from over the network, rather than a stored image uses DHCP (60/61) should be use when a device has no or an outdated network OS ideal for heterogenous / multi-vendor network environments
What module is needed for Ansible to work with SD-WAN?
URI
ZTP
Zero Touch Provisioning standards-based uses Python script and guest shell IOx container Image must be installed on device because it boots from device use to centrally apply initial config ideal for heterogenous / multi-vendor network environments
Day 0 Provisioning Methods
automate processes to bring up network devices into a functional state with minimal to no touch iPXE, ZTP or PnP
Manager Module (NCClient)
get_config() to retrieve all or a part of a specified configuration edit_config() to edit configuration delete_config() to delete configuration copu_config() to copy configuration lock() to lock unlock() to unlock close_session() kill session() get() Variables: server_capabilities client_capabilities session_id connected timeout async_mode raise_mode (will it raise errors)
Model-Driven Telemetry
network device pushes data out on interval or upon change
Cloud Redirection for PnP
optional server used when DHCP and DNS do not work Client sends DHCP Discovery to DHCP Server Server responds with no DHCP or DNS Cloud redirection can be enabled. Client targets devicehelper.cisco.com to Cloud Redirection Server to ask where DNAC is Cloud redirection server responds with DNAC IP Client establishes connection to DNAC using PnP protocol RPC
Ansible Variables
within Cisco IOS Facts - ansible_connection: how to connect, should be network_cli - ansible_network_os: what OS, should be IOS - ansible_user: username, should be cisco - ansible_pass: password, should be cisco - ansible_net_version: returns Ansible version - ansible_net_hostname: returns host name - ansible_net_config: returns running config - ansible_net_model: returns model name - ansible_net_serialnum: returns serial number of the device - ansible_net_image: returns the image file the device is running - ansible_net_all_ipv4_addresses: returns all IPv4 addresses configured on the device - ansible_net_all_ipv6_addresses: returns all IPv6 addresses configured on the device - ansible_net_neighbors: returns a list of CDP and LLDP neighbors - ansible_net_interfaces: returns a hash of all interfaces running on the system - ansible_net_memfree_mb: returns available free memory on device in Mb - ansible_net_memtotal_mb: returns total memory on device in Mb
