NETCONF, RESTCONF, YANG Demos (API vs CLI): David Bombal interviews Hank Preston (Part 2)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] [Music] Hank would it be possible for you to demo a lab on Biff net and show us you know what it can do and you know how it how it helps absolutely so I actually had let me go through so we'll actually start from here so we can see where we're going through so the lab that I'm going to use is let's see if it's is a lab focused on iOS XE programmability so topics that you can do against iOS platforms and so these typically are things like Netcom rest comp yang all of these areas that are there and so I clicked on it here and so we've actually got two variations of this lab one is a reservable lab and that's what i'm seeing here and so anybody and again completely free can come in here click the reserve button and you'll be in in just a few minutes you get an email with the login credentials for your own little sandbox lab which will have a CSR 1000v has a development workstation with development tools pre-loaded on it so that you can experiment with it but we also have a variation of this that's called our always-on lab and our always-on labs are just like they sound there's always available they're available directly over the internet without any kind of VPN the credentials are posted and you can use those to test an API call and we use a lot of our always-on labs for our learning labs that go through and so that's what I'm going to use here for this demo is the always-on variation of this and so the what I'm gonna go through here is we're going to work without any kind of VPN or connection and you can just take advantage of these so let me switch over and so I'm gonna start in postman and so postman if you're not familiar with it it's a it's a it's a free software though there's a optional subscription you can pay for additional features but most folks can get by with the free version of postman and it lets you send REST API calls to any type of an endpoint and what's nice about postman is you can save them as like bookmarks postman calls those collections of example API calls so that you can go through and so what I'm going to work through is I'll make the screen just a touch bigger so it's easier to see so I'm gonna be talking to one of our sandboxes and this is our always-on sandbox and so this URL here iOS - taxi - management Cisco comm on port 944 three and right there's the username and password these are all published right in our sandbox catalog is the device that I'm going to communicate with and this is a iOS device that supports rest comp and rest comp is a REST API protocol for the network and it's a standard protocol from the IETF I like to say that it's kind of the the natural evolution of SNMP and MIBs is when you swear you get net comp and you hang from and so here against this device I'm going to start out by just getting a list of all of the interfaces that are there and so up in postman I clicked on my bookmark or my collection item and we can see here's the API call and it's just HTTP to the IP address and port these little double curly brace things or variables that are pulling out of that environment that I saw and then we're going to target rest comp data and then we're gonna look for the IETF list of interfaces and if I send this off I get back right here in postman a JSON body that represents all of the the interfaces that are currently on this device in our sandbox and so as I mentioned this is our always-on sandbox and this Gigabit Ethernet one is the management interface which is why I put the description don't touch me on it and in general our users are pretty good about not touching that interface but all the rest of these are available for folks to go through and so you can see examples where this interface was configured by net comp and someone had pushed some config at it Gigabit Ethernet 3 it had somebody from router tricks com it looks like was doing some work off of the sandbox that's there and then you'll see all of these loop backs that say configured by rest comp because this sandbox is actually used as part of the rest comp learning lab that it's available on dev net so if you take my rest comp lab that I wrote you'll actually create some of these these types of configs that are there and so what's nice about this is this data comes back and what's called JSON format JSON is a standard data format that is very easy for to work with inside of a programming language when you get data back in JSON you can very easily say we'll give me the name of this interface give me the IP address of this interface the reason that this type of data formats so important in automation and programmability is if I had to parse through the clear text output if I were to just send a show IP interface to a device not every platform has the same basic layout of how that text goes through not and when you do a software update you might have a change in a variation does the subnet mask come back as a slash 24 does it come back as the 255 255 255 0 and those variations can run havoc on your automation routines which is why the push to API is that provide data in this structured format is so important because it's much much easier to absorb this and I can show you an example of that and so I'm going to switch over to a code snippet here and so the part that I want to focus in on is right here at the bottom and I'll even make it a little bit bigger so that we can see it but so what I want to focus in on is this part right here at the bottom and and in a future video we can dive into more of the code and kind of how all these pieces go through but the key element I want to look at is right here how I'm able to get things like the MAC address from this device it's a very easy representation this is the part that's important in the code and if you're new to Python you can just focus where I'm highlighting here I can get the MAC address of this device simply by saying ok off of the information from this device give me the physical address and that's what the IETF calls the MAC address I can get the the packet information very easily by saying from the statistics give me the in unicast packets and that's the value of that structured data if I want the name I can simply ask for the text of the name very simple to go through now if we compare that to how you would do this from a CLI perspective so I'm gonna switch over here and so now I'm looking at what's another Python code but rather than using the structured data format like rest comp or net comp which is what we've seen in the last example now I sent a CLI command off I sent where is it up here I sent a typical show running config interfaces command which is what you've probably sent it a CLI before and then what I have to do is actually use Python regular expressions to parse this clear text that came back through and so I sent this off to I think an iOS device and so okay I could get the interface name by looking for a line in the response that started with the word interface had a space and then had some piece of information I could get the description by doing the same thing and then I could get the IP address and mask by looking for a line that said IP address and then it had two pieces of data separated by a space now that may not seem that hard but keep in mind this will only work on an iOS device that happens to use this exact format if I were to try to send this in parse that information from a different device that maybe use slash notation instead of masking for an IP address this wouldn't work whereas by going to that structured data now I can just focus in on the information that I'm after and that's this key part we have to go through many of us start in automation in Python by doing things like this which is just shoving some CLI through Python onto our devices and that's a great place to start but I would say make sure that you you very quickly start to take that next step and learn about some of these other capabilities that are there because in the long run that's what it's going to take to do these things kind of for real in a production environment now that clearly begs the question we have to make sure that the software platforms on the hardware platforms we use support these interfaces and that's a discussion that's definitely worth having as well and can be challenging because not all of us have the equipment platform or the software versions with these interfaces so my general advice to folks is whenever possible use those interfaces that the newer interfaces that are available and only resort to the CLI when you must so what you're saying is like a REST API or a net conf API some devices also point out but a lot of traditional iOS devices don't so then you're kind of stuck with CLI scraping type thing like you're showing here but try and use net gun rest api is when you can use that right exactly exactly that's that should be the goal and in as I as I've worked with more and more enterprises doing this type of stuff in in real environments that's becoming important and so the the discussion I always start out with a when I sit down with a customer that first time and are trying to help them on their journey to network automation I always am faced with well we've got gear that's ten years old and we have to automate today like that's great we can do that and so we walk through examples like this where we're doing CLI examples ansible actually under the hood for the most most of what you're doing with ansible is actually shoving out CLI commands we've got options for those cases but by and large and the soonest I've had it happen is actually four weeks after a first meeting with a customer I was back and they mentioned this is so difficult the automation is so valuable but the CLI makes it so such a challenge and is adding in so many headaches that they they've actually started down this path to accelerate their refresh because they they've seen what's possible if they can go through and the value that their organization can get by adopting automation quicker is worth the cost of actually upgrading software and hardware across antistick because the the long benefit is there and and that happens so often we're we're not seeing anybody upgrade their switches today because they just happen to want a catalyst 9000 we're seeing people upgrade their networks because they need these new features and a very common new feature is this programmability element if I can go through and say you know what if you try to automate against your existing footprint of here I would say you need to give yourself six months just to get started and prove out and test all of your pieces because of the challenges you'll have but if you have these new platforms that are using these standard interfaces well you can cut your rollout time for that down and a half or into a third because it's much more consistent and the code becomes simpler and there's less debugging and troubleshooting necessary and that really is it never works on the first meeting because people don't believe you it it they have to put some they have to have some pain right they have to have fought with you know the good salesman thank you note a good salesman yeah honestly that's that's one of the reasons I moved to dev net is because I am NOT a good salesman I would much rather help people kind of go through their problems and and then try to push stuff like them and so I'm more than happy to go talk to somebody the first time and say okay let's let's enable you go through and then let them see some of these problems themselves because I know in the long run that they'll get there themselves and it's always easier when when you learn a lesson yourself than if someone tells you and I've got a young son and I see that all the time sorry I interrupted you you carry on so you would demonstrating this code so oh okay yeah so we've got these pieces of code so what we'll do is I'll switch back and we'll look at this example here so this is this is an example this one happens to use net comp because it just was the Python code that I had available and so this is gonna connect out to a device it's actually that same iOS device and and retrieve some information that's there and so if we run this code sample make this full screen so I'm gonna go ahead and run that code sample Python example two and so this will connect out to the device and very quickly give me the ability to print out all of the information about this this interface I can see it's Giga it's Gigabit Ethernet - it should just help me understand the sorry Hank to interrupt you the this code is running away and which way are we connecting to a live device is it yeah yeah so I ran this code on my laptop which is just a Mac running Python and the device that we're connecting to is actually that same always-on sandbox that we were looking at so I can I can show it prove it see is to an extent so here's Gigabit Ethernet - and we can see the description is configured by net comp if I switch back to postman and we actually look at Gigabit Ethernet - off of that command that we sent off to the live sandbox we can see there it is there you give it Ethernet - configured by Netcom okay so you're running that code in on your laptop at your house and you connecting over the Internet to this always-on Dave Annette sandbox it's an iOS V router type thing is that right like a virtual router yep and and then you go to what's what we're almost re going yep I can go to what we're all more comfortable with which is I'll go log into it with with SSH so that we can we can see it and so here I'm just s yeah for most of us if we don't see the CLI we wonder you know I'm with you so I'm gonna go ahead and login this guy I gotta go grab the password because I don't remember and here's a case where we want everybody to know these credentials because these sandboxes are available for everybody to use and so I just logged in with SSH to iOS XE management PSICOM now SSH on this one happens to run on port 80 and 181 because we had an add it through a firewall and so I'm onna csr 1000v and so if i look at show run interface Gigabit Ethernet 2 we can see this is that device that I just sent so I ran the CLI command and so here's what the CLI command comes back and shows and then the Python command I was able to run and grab that data but the data came back with Netcom in the structured fashion so I didn't have to parse through all of this information in the text and regular expressions or our string matching I could just say hey give me the interface or give me the description because they come back and that ability to grab it in that JSON textile format and what I noticed sorry to interrupt again is this doesn't show you the MAC address so if you want to get them activists you have to like show interface and the interface don't you whereas in your code I'm seeing that IP address and the MAC address correct because the the what I'm using in the code is I'm targeting let me figure out which windows in there is and so here let's just make sure it's the same so here's the MAC address that my code said was ends in ac30 and if I switch we should see the same thing it ends in ac30 so same device that's there now the way that the the net comp command that I'm using here is it's targeting an IETF data model it's a yang data model that represents an interface now those data models are available on github or that you can look at and so if I go over I'm actually going to look at it so LS - oh and so this file here IETF interfaces yang is a yang data model that the IETF puts out and says this is a standard way to describe an interface sisqó as well as many other most networking vendors support these data models so that we can go through and I can look at that and say PA so I'm going to display this data model in a format that's just easier to consume than looking at the the raw yang language which can be a bit of a bear so I'm gonna look at this data model using this tool called PA which is Python yang and it just lets you process and display data models in a more easy-to-read format yeah so I look at this and so what we were targeting here is this this section of the data model called interfaces state that I can dive into and so this was what we were reading out and we can see this this model has nothing to do with the CLI or the show command output this model is actually looking in at the underlying nature of how the device works and returning this information so it won't always match an exact CLI command but inside of here if I look at this and I target interfaces state I can see that each interface will have a name it'll have a type it'll have an admin status and it'll have a fizz that's the MAC address that comes through it'll have statistics and then I can go through and get the counters and things that are off of it and so this is the information that was requested by my Python code which let me read that out so if we keep this in mind where I can see again interface by the name I can see statistics all those details are there if I go back and I look at the actual Python code that represented this we can see right here I was looking at the name and then the text attribute and there's some intricacies on how the yang model works because the name happens to be the key of how we uniquely identify an interface which is why that little text piece is there but here's how we could get the statistics statistics and then in unicast packets I was able to pull that out of that same yang model by just targeting those very specific attributes and in yang we call those attributes Leafs which is all sorts of confusing for network engineers Eustace used to spine leaf architectures your leaf inside of the net comp is a bit different it just means an attribute and so we've got a phys-ed yes attribute that I can grab very easily hang can you go back to that output of the of the data model that's kinda like a mob is it yes so when we talk about when I teach people about net copying and a rest comp I always do it in relation to SNMP and MIBs because they the corollary is there and most of us are familiar with nibs in SNMP and so the myth is this structured model of information that we can request using SNMP and but they've got all of these really difficult to remember o IDs that we have to dive into to figure out what's there with SNMP we we get information about MIBs net comp and rest Kompany yang worked the same way yang is like this new standard nib it's it's a way to define information about your devices about your network that you're interested in and in this case we're looking at a standard model for an interface now that model the way you get that information is you have to go over some sort of a transport protocol you have to connect to a device and that's where net comp and rest comp come in with net comp and rest comp you can connect to a device and ask it to send you information and that information you'll ask for is going to be part is is related to a yang model and there are hundreds of yang models that represent different elements of a device if you're interested in our routing in the routing status if your interface interested in excuse me the physical attributes of a device how many cards are in it with is the power supply working like there are models that represent all of those that information as well that's great sorry I feel like I keep interrupting you but if you want to just flow that's fine otherwise all I'll ask you no no it's good does that make sense on and the the midbass and a PE net comp yang correlation yes so like so just correct me if I'm wrong so a yang model is kind of like a map so you have a map for like an interface and a yang model for an interface and then in SNMP you would have SNMP that would talk to the device so an SNMP server would query a device and based on the map would return some information and here you doing something similar but you're using rest Kahn was it to connect to the device and pull back the information from the yang model is that correct yes that's that's correct now in the demos that I went through I've used both net comp and rest comp upon the piece but what's nice about those is I can target the same models the same yang models no matter which inter protocol I want to use and I like to demonstrate both because they each have value and and some people are more comfortable with one or the other as well as the fact that rest comp is a brand-new protocol and not as many devices support it as support net comp and so it is important at least right now for network engineers to be comfortable with both even if you prefer rest comp you do need to become comfortable with net comp because rest comp support is still building across the portfolio from Cisco as well as other vendors so I missed that so when you did the CLI Python script was was that net conf that was actually net cough because I happen to have that Python script ready but it's targeting the same device and the same information is what we did and post me in using a rest comp okay yeah so that that makes sense so in postman you were using rest conf on in Python you're using net conf so as a network engineer I should if I want to get into this just to step back a bit again you said that the problem with CLI scraping in other words where you send like show runs or show start or show interface mm-hm is that it differs from device to device and that when a device gets upgraded that could change and that would break your script so you want to move to an API or application programming interface type model and the languages to learn or the the protocols to learn so I say would be net conf and rest confuse is that kind of right that is spot-on David and and what's nice about learning net comp and rest conf and the associated models is there's also this push in the industry to have consistent models across platforms and vendors and so this model we're looking at here the IETF model came from the IET and it's supported on Cisco IOS nx-os as well as XR and I haven't looked for sure but I probably bet a significant amount of money that it's also supported on Arista and juniper and brocade and all of the devices that are taking these because it's an IETF standard there's also open config which is a it's not a hesitated word the use the word standard because open config isn't like the IETF what open config is is it's a a large group of very large organizations folks like Verizon and AT&T and Google and Cisco and juniper and these other ones and they're coming together to build models that are are standard across those and so you'll find open config support across multiple vendors and platforms as well on that side so if I write code using for example this I ETA F interfaces model I could target that same code to to any of the Cisco platforms as well as other vendor platforms and because the data coming back is all based on the same yang model I can my code will work no matter what platform I'm on that would never be the same if you were doing these getting this information through the CLI yeah so Hank can you go back to the the main div net page and kind of tell us because we're going to have to wrap up soon I suppose is and if I as a network engineer want to get started now so I'm right in the beginning which labs which courses would you suggest that is they like I wouldn't say learning path but kind of like which next steps could I take what are your recommendations that I should do so like after this call I want to do something now what would you recommend I do there's a fantastic question so we'll go through those and we can actually in the description in the information about the call we can send some links to some of these that'd be great so underneath underneath the learning tracks here if I jump back over to the learning tracks I would say let me find the one that I'm interested in we should be it so there's a couple of places we can go through and so I've scrolled down here and we can see I've got this introduction to dev net this is a great set of labs that will introduce you to Deb net some of the resources that are there and then we've also got this network programmability for a network engineers module that I would highly recommend folks take a look at and so if I look at this mop or this track you'll find that there's a lot of good content in here that will kind of walk you through some of these fundamentals and this first module that's in here is actually focusing in on model driven programmability and that's kind of that's what we're talking about we talked about net comp yang and rest comp it's model driven programmability and so we've got labs that will walk you through the fundamentals of that we've got the introduction to ACI programmability and X OS programmability Meraki lots of good examples that are in here so that you can dive into some of these topics to go through in addition to this one is we've got content on let me find it real quick so the other one that I think would be useful is if you're very new to programming and you haven't done a lot of coding yet we've put together this intro to coding fundamentals that will walk you through some of the basics of coding and api's Python fundamentals and basics and it's a very quick piece you can see it's only kind of it should only take you a couple hours this does not replace kind of a full-on Python course what what the intention of this module is it's just to kind of give you enough exposure so that you can feel comfortable reading and executing scripts and other labs and so you can go through this if you're if you've never seen any Python or you've never done anything else this is a great place to at least kind of get a bit of familiarity into some of these topics some of the basics of how to write a script where variables work how loops go through and then from that I always recommend folks go take like a full-on course through one of the many available channels that are on that but this will get you started on some of those pieces I think those are those are good learning labs to take and then if you want to sit back and kind of listen to more the video course that I mentioned the network programmability basics video course is another great resource that folks can take and go through and once again I'll just continue to say it all of these resources are completely free there's no cost to take it take advantage of any of these pieces you know I mean I think I should we should highlight this I mean this like intro to coding fundamentals or the the some of the other labs you're actually using Cisco gear so it's not just like a like some other Python courses which are just based on servers or something else these are you actually get to interact with Cisco equipment in these labs is that right yeah so it is so the coding fundamentals this is one of those ones where as I mentioned earlier we were talking about learning Python on how to do it and sometimes there's benefits and not necessarily I mean so weighed down in the networking pieces initially we've considered that when we wrote these so you'll see a little bit of networking in here but you'll also see a lot of examples that that are just kind of generic examples going through and that but when you go into the introduction to model driven program ability which happens to be the next module that's listed here all of these will be using Python or the API skills against Cisco infrastructure that's all hosted in our labs and so these labs actually use that same always-on sandbox that our other demos and examples of use today so with the always-on that means you don't have to reserve a lab you just access it but there are some labs which you have to reserve where you get more devices something like that is that right it is let me find this is the full sandbox catalog and come punting you guys yeah but it's a great resource man oh no I please do I mean we love the pieces that are there and so what I've opened up here is the full sandbox catalog and so you'll see our sandbox is organized by categories and so you can dive into different colors that are there but you'll notice some of these say reserved and some of them say always on a reservable sandbox when you reserve it that's yours it'll be a dedicated sandbox just for you you'll get a VPN credentials to connect into it admin credentials to everything and it's yours for the length of your reservation always on sandboxes our simulator I'm not they're not always they're not necessarily simulators but they are shared sandboxes that are always on and that's right we'll try the DNA Center one that one should be up so the these are all the labs we'll see some of them say reservable some of them say always-on and so I'm gonna scroll down to one of our new ones which is our DNA Center always on sandbox and so if I click on this lab what we'll see is it'll actually show me a topology diagram of what this sandbox looks like and so I'll zoom it out a little bit so we can see we've got a DNA Center it's got the public internet because that's how we get into it but there's an ASR there's a several catalyst switches and then there's a couple of hosts providing traffic on the sandbox and then over on the side I can see all of the connectivity information so it gives me a URL and then credentials dead net user Cisco one two three exclamation point and so if I go ahead and I open this up and outside of the fact the DNA Center doesn't like Safari we can go ahead and log in and again I got those credentials right from the sandbox page I don't want to save them and this will let me log directly in and so this URL sandbox DNA seed Cisco comm is available anywhere David if you wanted to you could log into it as well right now and it'll give you access to a real DNA Center that's available out there this DNA Center is actually running the relief fueled trial code of with DNA Center platform which is the API capabilities baked into DNA Center for integration for northbound api's and so you can come into the sandbox and you can take a look at all of the capabilities that are there so for the API is as an example underneath developer toolkit we've got api's and this will show you the different api's that are available for DNA Center and you can run these so underneath know your network I can get a list of the device I can see how to get the devices that are available so all the API calls that are there and so these are the types of capabilities and so we've got Sam boxes for DNA Center we've got them for ACI we've got them for iOS and nx-os and if you are also studying voice and you want a complete call manager system or sorry Communications Manager system or contact center we've got Sam boxes for those as well and the only difference between the always on the reservable are those always on ones are shared and so sometimes the credentials you get may not be full admin credentials and we always tell people remember these are shared environments so kind of respect other folks that may be using them at the same time that's brilliant hank unfortunately it looks like we've run out of time so I just wanted to say thanks very much for you know spending some time with me and sharing all this knowledge and I just want to make the point so that everyone knows this Hanks mentioned many many terms in this call and that's just the beginning Hanks fortunately been kind enough to say that he'll join me for many calls so if you have questions please send tweets to Hank and to me on Twitter or make comments below this video let us know what you want to learn and Hank again thanks so much for your time and for you know for demonstrating all this stuff so thanks absolutely thanks for having me and I look forward to our next one where we can dive deeper into a topic and hopefully we'll get some feedback from the audience on kind of what they'd like to hear next so that's great thanks so much Cheers [Music]

Info

Channel: David Bombal

Views: 16,981

Rating: 4.9264708 out of 5

Keywords: Python, Python or CCNA, Python or Ansible, NetDevOps, Net-DevOps, DevOps, Cisco Python, Python Cisco, Cisco Ansible, NETCONF, RESTCONF, Cisco NETCONF, Cisco RESTCONF, Cisco Automation, Network Automation, Network Programmability, Cisco DevNet, DevNet, Learn Python, Learn Ansible, Learn NETCONF, Cisco APIs, APIs, Cisco API, Cisco API Router

Id: o3CaEaVfCP0

Channel Id: undefined

Length: 32min 58sec (1978 seconds)

Published: Mon Aug 13 2018