[MUSIC PLAYING] ROBB BOYD: DNA Center is the
network management and command center for DNA, Cisco's
intent based network for the enterprise. DNA Center is where
you go to provision and configure all
network devices, use advanced analytics
to proactively monitor, to troubleshoot, and
optimize your entire network. So many things that could
be very difficult, if not impossible, suddenly become
reality through a simplified point and click interface. Now, many of us have
different opinions about graphical interfaces. They can sometimes
feel a bit too smooth. Now personally, I like them. But I get how you
may feel that you're being forced through some
vendor's definition of what you need. Well, DNA Center
platform makes all of this available through
well documented APIs and SDKs. Mr. Hank Preston
is here to take us a little further
down the rabbit hole to show what kind
of things we can do. So welcome to TechWiseTV, Hank. HANK PRESTON: Thanks, Robb. I'm happy to be back. ROBB BOYD: Well,
I'm glad to have you back because we've been
talking a lot about this stuff. Things continue to change. You guys have opened the kimono,
so to speak, on so many things that we can do from a
programmatic and interactive perspective through
these APIs and SDKs. What do we need to know? HANK PRESTON: Exactly. Well, what I wanted to do is
to spend a little bit of time helping people realize
how you get started. People have DNA Center. They may be interested
in using the APIs. And so, let's take
a look at what it looks like for a
user trying to dive in. Sound good? ROBB BOYD: OK. HANK PRESTON: And
so you mentioned the graphical interface. And so what we've got here
is the graphical interface for DNA Center. ROBB BOYD: This is
the front door, right? HANK PRESTON: It is. ROBB BOYD: This
is how you get in. HANK PRESTON: It's
how we get in. And this is our
DevNet sandbox, which is available and open to
anybody to use to experiment. So even if you don't have it
yourself, you can use ours. ROBB BOYD: You're
saying we're seeing this version of DNA Center
running within the DevNet sandbox? HANK PRESTON: Exactly. ROBB BOYD: Ah, OK. OK. HANK PRESTON: And so when I
come into the interface here and I scroll down
a little bit, we see this new entry for platform. And this is the key element. This is what is opening
up DNA Center for all of the integrations
and API access. And the first place that I
always recommend folks go is this thing called
the API catalog, which is the interface that lists
out all of the different APIs that are available
that you can explore and learn about how to use. ROBB BOYD: Yeah,
the documentation is a huge part of
publishing APIs. Yeah? HANK PRESTON: It is. And honestly, that's the most
important part of any platform that you want to integrate with. Is understanding where
the API documentation is and how to use it. And we bake that right
into our platform here. So you can go ahead and dive in. And so you can see
in the APIs, they're organized by categories. So we've got operational
tools, site management, know your network, connectivity
pieces that are there. The first thing you
need to do whenever you want to work with a new API
is you have to authenticate. We sometimes skip over that
part when we think through it. But before we send
an API call off, we have to do the same thing
we do with an interface, which is log in. And so down here at
the bottom, we've got the authentication
information. And so we can take a look. And the way that you
do authentication with DNA Center platform is
similar to many other APIs. Is that you provide
your credentials. And then the platform gives
you a ticket, or a token, or a key that you would use. ROBB BOYD: Now,
this is really done because the same role based
access control that you would have in the GUI interface
with DNA Center is extended. So we're reading off same
active directory credentials or whatever in the organization. So if you're a developer who's
accessing these and writing APIs, you're still only
going to be allowed to execute what you're
allowed to execute when actual operations. HANK PRESTON: Exactly. Because that's the
important piece. It's one of the things that-- I remember one of
the first classes I ever gave to a customer
on authentication. He said well, we need to make
sure that people can only do what they're supposed to. And I'm like, of course you do. Whether it's through a
CLI or a GUI or an API, it's always important to
have that role based access. And so here we can see the
authentication API that's used. You provide the username
and password to log in. And then it issues you
back a ticket or a token. And then that is a
temporary credentials that allow you to
make these other API calls that are available. And so the token here, this
is where we get started. And then from there,
we can dive in and we can see some of the
other examples that are there. One of the first things
that I always like to do is what's in my network. What are my network devices? And so underneath, know your
network in the category. We can see that there's
categories for devices, networks, clients, and so on. So underneath know your
network, I can search down and I can see that
there's these API calls to retrieve all
your network devices and make the pieces. So a key part about
the API documentation is to learn about what
the format looks like. And so inside of
the documentation, it shows me that this
is a GET request. It's a REST API. I'm trying to
retrieve information. So that would be a GET request. If I wanted to
create something new, that would be a post or a put. And then inside, we can see that
there's different parameters that I can provide if
I want to filter down on particular types of devices
that are in there, as it goes through. Now we do have the ability
to generate code for it and try it now. But one of my
favorite places to go when I want to work
with a different API is a tool called Postman. Postman is a free utility. It's a free software
application that's you use by application
developers, code developers, or
just network engineers wanting to test stuff out. And so you can use Postman to
actually make these API calls and see how they work. ROBB BOYD: You know what? I learned about
Postman from you guys. Because I was taking
your 101 API training. And your REST training. And that's where I had
to download use Postman. And you're right, it is simple. It is basic. And it's just a
shout out to what DevNet can do for you from
a training perspective, if this stuff is a
little bit new for you. HANK PRESTON: Exactly. And that's one of the
pieces that goes through. And so here's the part where
that authentication piece that we talked about dives in. Before we can actually
retrieve our network devices, we have to
authenticate correctly. And so this first
API call I have, we can see here up at the
corner, it's a post request. And then it has the
URL that we're going to send information off to. And then we're providing
our username and password inside here. And we can see those kind of
in the middle of the interface. When I send this request
off, we will take a second, and we can see
that it comes back and it returns us back a token. Now that really long token,
that is our temporary key that we can use to
make API requests. ROBB BOYD: So we just need to
memorize that because we're going to use it. HANK PRESTON: Exactly. Do you have it? ROBB BOYD: Yeah, I got it. No, I got it. HANK PRESTON: Perfect. ROBB BOYD: I didn't have time to
test it now, but no, I got it. HANK PRESTON: All right. Well, I'll have you
repeat it back to me in just a second here. And so where that token is
used is on this next API call, where we're going to make
the request for our network devices. And so here
underneath headers, we can see that it's got this x
off token, is on the interface. ROBB BOYD: It's waiting
for that input from you. HANK PRESTON: It's
waiting for the input. So do you have it? You can read it off-- ROBB BOYD: Yeah, yeah. Go ahead and paste it in. I already gave it to you. We did it off camera. HANK PRESTON: Oh, we did the-- That's right. One of the nice
things about Postman is it's ability to make some
of these shortcuts. for us. ROBB BOYD: Oh, you
have it as a variable? HANK PRESTON: It's a variable. And so inside of Postman-- ROBB BOYD: Had I
know that, I wouldn't have gone to the trouble. HANK PRESTON: I know. It was really easy
if it goes through. So Postman saves that
off as a token variable. And so it's ready to go. And I can just go
ahead and hit send. When I hit send on
this, now it sends off the request for
the full list and I can see in this response all of
the different network devices that I have available. We can see that we've got an
ASR router in our sandbox. If I scroll down a
little bit farther, we'll see that we've
got a catalyst 9300 switch, specifically a
9,324 UX as it goes through. And I believe we have
a third device as well. We've got this other one
here, which is another 9300. So a very small network
fabric that goes through. ROBB BOYD: And [INAUDIBLE] this
kind of thing scales anything, right? Because really what
you've done here is you've kind of broken open
that GUI interface that normally would do this
for you within DNA Center. But now we can
start to customize. And then you can probably
add this to other tools that you may already be using? HANK PRESTON: Exactly. ROBB BOYD: Don't
want to jump your-- HANK PRESTON: No, no. That's a perfect
way it goes through. Because as a network
engineer trying to figure out how to leverage
this as part of my workflow. Now you mentioned that
the GUI interface. And lots of people are
going to spend a ton of time in the GUI interface
going through. But a lot of engineers
are also trying to figure out how to
use these tools as part of their own custom
workflow that goes in. ROBB BOYD: It's not building
your own personal GUI, right? It's still going to be a button
because you want it simple. But you don't want
to necessarily trust us to make it for you. HANK PRESTON: And there could
be repeated things that you want to do over and over again. So let's stick
with this API call that we've got here
about network devices. And let's see a use case
that we could do for this. So I'm going to
switch over here. Now I'm in a code window. And what I'm going
to run is I'm going to run a Python script
called devicelist.py. And so what this
Python script does is uses those same two
API calls we looked at. The authorized--
the authorization API to get a token. And then the device list
API to retrieve the devices from the system. And if I run this,
it will actually print out all of the details
about my network devices in a nice simple way that I
can dive in and take a look at. What's nice here is
now I've got my devices and I could take
the next step is it went through, no matter
what I'm after as we go in. ROBB BOYD: Is this an
example of basically, where you're starting to move into-- because sometimes you look
and code can be overwhelming. And the responses
that you get back. But we've been moving
towards this idea of structured responses so that
can be read by another machine to be able to do something
more [INAUDIBLE].. Is this a structured response? HANK PRESTON: Exactly. So what I've actually done here
is the way that the structured response is-- the
key part of that-- I'm going to flip over
here to Postman again. This bit of JSON data, which
is what this data format is. This is the structured response. And so this comes back
from DNA Center platform and gives us a format that
can be used by our code. And in my case, it
was the Python code. And now, my use
case was I didn't need every bit of detail. I didn't need to know the
error code that was there. I didn't need the
collection status. ROBB BOYD: So the
Python script is going to pull out just what you want? HANK PRESTON: Pulls
out the piece. ROBB BOYD: Keeps it simple. HANK PRESTON: Exactly. So that's where in here,
all of this information that I printed to the screen
for us to read, for my use case. What's the basic list
of devices I have? What are the families? What are the IP addresses, the
platforms, the software version that they're running? I can report that
really quick and easy. So say my boss was
asking me, hey, are we consistent across our
entire network on platforms? ROBB BOYD: That old question. HANK PRESTON: Real
quick and easy. Now I can say well,
we've actually got one here that's a
little bit out of sync. It must have got updated
for some reason or another. ROBB BOYD: Readdress
it, run it it again. Because you build it once, run
it as many times as you want. HANK PRESTON: Exactly. ROBB BOYD: I like it. HANK PRESTON: Now,
this is a simple use case that goes through. My favorite use case
for these types of APIs come into making my job as
a network engineer easier. And so I want to go
through one of the workshop types of use cases I talk with
my customers all the time. So we sit down and they say
Hank, what's a great way to get started here? And I'm like well, you guys
all work help desk tickets occasionally, right? ROBB BOYD: Yeah, we sure do. HANK PRESTON: Everybody does. You know, I don't care if
you're a lead architect, a senior engineer,
at some point, you're going to have to
pick up a help desk ticket. And we all have
this list of things that we want to do whenever
we get a help desk ticket. We have to gather information. And in a manual
fashion, sometimes when I worked help desk, I might take
45 minutes, an hour, two hours, depending on what the ticket
was to gather all the details so that I could start to dive in. ROBB BOYD: Prepping. HANK PRESTON: Exactly. What if we could use
automation in these APIs to take that 45
minutes to two hours and immediately cut that
down to just a few seconds to go through? ROBB BOYD: Why do I
guess you're going to show me a good way to do it? HANK PRESTON: That is the idea. ROBB BOYD: So ultimately,
you're a lazy coder. Aren't you? You do this because
you just want to work less, which
is not a bad-- HANK PRESTON: No. ROBB BOYD: I mean, I think
that's a goal we should all have. HANK PRESTON: I think that's
a valid point on this. Some people ask
me Hank, does this mean network engineers are
going to become developers? My answer is yes. But you're not becoming
a software developer. You're becoming a
network developer. We're using these tools
to make our lives easier, just like we've used every
other tool that's there. ROBB BOYD: That's
a good distinction. Don't throw away that network
knowledge, by any means. HANK PRESTON: Exactly. So I've got a
second script here. This is my troubleshoot
Python script. And we can see, I'm providing
two pieces of information. This is a source and
destination IP address. Because the vast
majority of tickets I used to get when I was
working help desk was hey, I can't walk from here to here. And so my steps. What do I want to do when
I want to go through? Well, OK. I've got two IP addresses. What are the Mac addresses
for these devices? What switches are
they plugged into? What VLANs are they on? ROBB BOYD: It's the path, yeah. HANK PRESTON: Are any
errors on those interfaces? What path through the
network does it go? Like all this information. Traditionally, this would take
a long time to figure out. We'd have to drill through
all these different pieces. ROBB BOYD: It's tying up a
human for a period of time that could be used elsewhere. HANK PRESTON: Exactly. But with the APIs for
DNA Center Platform, I can actually pull
together things like network information, host information. There's a feature inside
of DNA Center platform called path trace, which
actually says, from this point to this point, what's the
path across the network. And so we can use all of the
APIs in DNA Center Platform to get all of that information
that I normally would have to go and get myself. And then quickly output it. So my script finished. Let's actually
scroll up and kind of see what type of information
my script gathered for me as we went through. So I'm going to scroll. Find the top of it
here at some point. There it is. It gives basically everything
I would want as a help desk engineer about this
troubleshooting ticket. And so we can see it ran
the troubleshooting script for source IP to destination IP. It went in the DNA
Center platform and said, give me all of the
details about the source host. Well, we don't have
DNS resolution set up in our sandbox. So I don't know the host name. But I do know it's
a wired device. I know what switch
it's plugged into. That's the management
IP address. I know the port on that
switch it's plugged into. What VLAN. That device's Mac address. ROBB BOYD: What's
interesting to me, is you scroll through
all of this stuff. What I'm thinking is I think
the normal process, especially for anyone who's used to working
in the command line interface, is we know how to
do all these things. There's not an issue
of knowledge here. But usually what we're doing is
we're copying and pasting stuff into a notebook, in
Notepad, and then trying to put it all together. So this gave it to
you all at once. And it's all in one place. And I imagine it's also
structured a certain way? HANK PRESTON: It could be. So when I wrote the
script, I wrote this script to just print out to the screen
with all the information I need. But all of the
details behind this are in that
structured JSON data. So I could dump that out to a
report in some place as well. And so we've got our
source information. I've got the same information
about the destination. So it's also a wired device. I've got its Mac address. I went in and said, OK, the
network connection details for the source host. What's the host
name of that device? What type of platform is it? What's the software version? It's been up for 236 days. Not too shabby on that side. That device is
currently reachable. No errors. I even dove into the
attached interface. This source device is plugged
into a 10 gigabit ethernet 101. It's a physical interface. It's currently up and up. I can see the media
that's plugged into it. ROBB BOYD: So you can really
go through and immediately begin to eliminate? OK. Because troubleshooting
is virtually just saying, out of 1,000 things
this could be, let me get it down
to the one source that I potentially care about. And so quickly you
get through that. HANK PRESTON: So
we get host detail. We get interface detail. And then down here at the
bottom, this is where it ran-- we call it flow analysis. That's kind of the technical
term for path trace. But it went through and said OK,
for this source to destination, it was five hops. The first and last top
are the two end devices. So it shows me every
hop along the way. Hop one, it starts at this
particular access switch. It shows me the
ingress interface. Where did the traffic
come into the switch? And then it shows me
the egress interface, which interface on the switch
did it leave from the switch. And then it connects
to hop two, which is the spine switch
or the distribution switch in the network. Same thing. What interface on the
distribution switch did it come in? What interface does it go out? And then finally, hop 3. The final switch it hits. Where did it come in? And then what
interface did it go out to finally reach the device? This type of a script can save
the help desk or an operations engineer hours. Because these are the
types of information that they have to gather
for every troubleshooting ticket as they come through. That's why for me,
a network engineer, in these types of platform,
APIs are so important. ROBB BOYD: And correct
me if I'm wrong, but I believe we also
have a lot of third party integration where it's really
not unreasonable to expect that you would tie this into
a process that's kicking off on your behalf. As you take that
call and suddenly, the call of the person
explaining their issue automatically kicks
off a process that gets bundled with that call. If it gets escalated
to secondary support, you've got all that
information for them. They don't even have to ask
now anymore, potentially, because that information is
already going to be grabbed. HANK PRESTON: Exactly. That's actually a great point. One of the things that
DNA Center Platform offers is not just what we
call northbound APIs. These type of REST
APIs that we can use. It also has integrations
to other platforms. And so we've got bundles
that are packaged up with DNA Center Platform
that lets you integrate it with things. And one of the first
bundles that came out was for a common help desk and
ITSM system from Service Now. Cloud based provider. And so to your exact point,
as issues come through, DNA Center and Service
Now can actually automatically communicate
to keep help desk tickets up to speed. All of the information
be added with that. And that's a feature
of DNA Center Platform and what we would call
the east-west integration as it goes through. ROBB BOYD: Which actually
kind of reminds me-- one thing is you don't have
to develop all of this stuff from scratch. You guys share what you do. Your peers share what you do. When we do stuff with Service
Now, those become packages. So you build on those things. And you can see all the detail. So you could really
break it apart. So if someone else
does something clever and its close to what
you want, you got a good start. HANK PRESTON: Yeah. So let's talk a little bit
about the sharing that's there. Let's say you're interested
in using some of these pieces and you want to get started. And so there's a few
things that we've built to make this easier. We've already talked
about the sandbox that we have up in DevNet. But we also have documentation. So it's important. You want to go check out all
of the API documentation code samples and things like that. So up on DevNet,
developer.cisco.com/dnacenter will give you this page where
you can go ahead and learn all about the different integrations
and pieces that are available in DNA Center Platform. And so you can see the
solutions all over the place. We've got our documentation,
our help guides. All of those are available. And then if you want
to get started quick, DevNet has always
had learning labs. It's one of the first
platforms we had. And we've got learning
labs for DNA Center itself. And so you can come up to
our learning lab system and explore the
labs that are there. They'll walk you through
making some of these API calls. You can see right here,
the path trace that we just used in flow analysis. We'll walk you through those. And our sandbox can be
used so that you don't have to do this on your own. Here's the catalog
of sandboxes that we have available up on DevNet
for people to use immediately. The one we've been working
with is this first one that's always on. Which as the name would
imply, is always on. Yep. And it doesn't require
any VPN access. So if as you're
exploring the APIs or you want to take
a look at the GUI, see some of the
documentation, you can go ahead and take a look
at our online one that's always available. Log in with our
credentials that are there. But if you want one
that's dedicated, that you can dive
in a little bit deeper, have full admin control,
not just role based access, you can see we have a series
of these hardware reserveable labs. You reserve one. It becomes dedicated for you. You can use it as
long as you need it. So now you've got
your learning labs, you've gone through
our documentation and you've built some amazing
troubleshooting script or report for your manager. The next thing
that you want to do and the call to action I'll
give all of our viewers is go check out code
exchange up on DevNet. Code exchange. Developer.cisco.
com/codeexchange. There are two E's
in the middle there. And what you'll find
is a place where we've kind of
pulled together all of the different
types of repositories that are up on GitHub that
tie to Cisco technology. And people ask me sometimes
Hank, why did DevNet build a new front end for GitHub? And the quick answer I have
is well, when you go to GitHub and you search for
iOS, you're probably not going to find Cisco iOS. You're going to
find something else. ROBB BOYD: There's a lot
of other iOS out there. HANK PRESTON: There's a
few others that are there. And so up on code
exchange, you can drill into the specific
information you're after. We've even got a button here
for DNA Center Platform. The DNA logo. And so when you click on this,
it'll actually filter us down. I think I turned it off. There we go. Click on it. We can see it's highlighted
in blue, so it's active now. ROBB BOYD: It just gives
you those that responded-- HANK PRESTON: And it
shows me that are there. If I'm interested, hey,
I'm a Python programmer. I'm a Python programmer. That's pretty much all
I work in these days. I can sort down and say, just
show me the Python examples. And then I can drill
in and see some of the examples that are there. Now, code exchange is
not this walled garden of examples from myself
and the rest of the folks at DevNet and at Cisco. Anybody can submit an
example into code exchange. So take that script
that you wrote, come over to code exchange,
hit the submit button, provide your GitHub repo, give
us some information about it. And then we'll go
ahead and make sure that it meets some really
simple requirements. Number one, is it useful? Do we look at the
code and say yup, somebody could find this useful. And the second
one is you do have to have a licensed file
attached to the code, so that we know
what the rights are. Most of these are going
to be open source. But they don't have
to be open source. You just have to specify
the license that's there. Go ahead and submit
your project, and then it can show up in the
catalog along with the rest of the ones that we have. ROBB BOYD: Nice. Sharing is caring. I think I heard you
say that earlier. HANK PRESTON: Absolutely. ROBB BOYD: But that's
important obviously, to how we grow
faster and how we can continue to share knowledge. Because that's actually how
you guys have gotten so big, so fast. As well-- is there anything
else we need to understand here? HANK PRESTON: No. I think we've covered
the basics of it. Check out the resources and
start building some code. ROBB BOYD: So
developer.cisco.com. This is all DNA
Center Platform, which sometimes if you don't
scroll down enough, you may not realize that
all this is open to you. Because DNA Center was built
as a micro services container based platform. We're just now making all that
available through these APIs and SDKs. HANK PRESTON: Exactly. ROBB BOYD: Hank,
thank you so much. HANK PRESTON: Perfect. ROBB BOYD: Guys, thank
you for watching as well. Obviously, if you have not
started playing with DevNet, you are missing out. Because we need
programming skills along with those network skills. It's not either or. It's both. Because that's what we're
going to need going forward. So guys, thank you for
watching TechWiseTV. Big thanks to DevNet. And of course, letting
Hank Preston come play with us as well. We'll see you on the next one. [MUSIC PLAYING]
