Understanding Cisco Network Automation

Introduction

In today’s fast-changing tech world, network automation is a must for companies that want to be more efficient, cut costs, and keep their networks up and running. Cisco, a top company in the networking tech space, has put together a set of tools and techniques to make network automation easier for IT pros to manage complex networks with more ease and precision. This article, “Understanding Cisco Network Automation,” takes a closer look at the key elements of network automation within the Cisco ecosystem.

The article starts off by laying the groundwork with some basic concepts like data encoding formats, how Python fits into automation, and why Linux, Bash, APIs, and source control are important. It then looks at some of the key tools and technologies that are used to automate Cisco networks, including Ansible, YANG models, NETCONF, RESTCONF, and model-driven telemetry. It also covers some more advanced topics related to infrastructure automation, such as Cisco Network Services Orchestrator (NSO).

Automation Basics

Cisco network automation is built on some key technologies and concepts that make it easier to manage and operate complex networks. If you want to make the most of Cisco’s automation tools, it’s important to understand the main components that drive these processes.

Data encoding formats are important in network automation because they define how data is structured and shared between systems. Cisco often uses three main formats: XML, JSON, and YAML.

  • XML (eXtensible Markup Language): XML is a common format in Cisco’s network setups, especially with protocols like NETCONF (Network Configuration Protocol). Its structured format makes it perfect for detailed representations of network configurations, which is great for tasks where precision is key. Cisco devices typically use XML to exchange configuration data, which helps maintain consistency across different network environments.
  • JSON (JavaScript Object Notation): JSON is becoming more popular in Cisco’s automation tools, especially when working with REST APIs. It’s lightweight, easy to read, and can be understood by both humans and machines. JSON is especially useful for web-based applications and APIs, like Cisco’s RESTCONF (RESTful Configuration Protocol), where its simplicity and flexibility make data exchange and integration more efficient.
  • YAML (YAML Ain’t Markup Language): YAML is another user-friendly data format used in Cisco’s network automation, particularly in tools like Ansible for configuration management. YAML’s straightforward syntax is easier to read and write than XML or JSON, making it a popular choice for configuration files in network automation scripts.

Python is the go-to for network automation because it’s simple, versatile, and has a lot of libraries. Cisco has built Python into lots of its automation platforms and tools, which makes it easier for network engineers to automate repetitive tasks, manage configurations, and troubleshoot networks. Cisco even offers Python libraries. Python’s ability to interact with network devices using protocols like NETCONF and RESTCONF makes it a total must-have for modern network automation in Cisco environments.

The ability to work with Linux and Bash scripts is a must for anyone looking to automate networks, especially in the Cisco ecosystem. A lot of Cisco’s network devices run on Linux-based operating systems, and the Command-Line Interface (CLI) is often the quickest way to interact with these devices.

Bash is a Unix shell and command language that’s great for automating tasks directly on Cisco devices. It lets network engineers write scripts that can automate configuration changes, deploy updates, and perform system checks across multiple devices. If you want to make the most of Cisco’s automation tools, you’ve got to get to grips with Linux and Bash. Many of Cisco’s own tools and platforms are built on these technologies, so it’s a must.

APIs (Application Programming Interfaces) are like bridges between different software applications, allowing them to communicate and work together. In the context of Cisco network automation, APIs are used to interact with network devices programmatically, automating tasks that would otherwise require manual effort.

Cisco has a few different APIs for network automation, like the Cisco DNA Center API, Cisco Meraki Dashboard API, and Cisco NSO API. These APIs let engineers automate all kinds of tasks, from managing configurations to monitoring and troubleshooting. For instance, the Cisco DNA Center API lets you automate network provisioning, policy enforcement, and analytics. Meanwhile, the Meraki Dashboard API gives you programmatic access to Meraki devices, so you can manage cloud-based networks.

Network Automation Tools

Cisco offers a wide range of tools and technologies to facilitate network automation, making it easier for network engineers to manage complex systems, reduce manual workload, and increase overall efficiency. In this chapter, we will explore key tools and concepts, including Ansible for network automation, YANG models, the NETCONF and RESTCONF protocols, model-driven telemetry, and secrets and key management. Each of these tools plays a critical role in the Cisco network automation landscape, enabling the creation of scalable, reliable, and secure networks.

Ansible is an open-source automation tool that’s very popular in the Cisco community because it’s simple and powerful. It allows network engineers to automate things like configuration management, application deployment, and task handling across network devices. Cisco has integrated Ansible into its platforms, providing specialized modules for managing Cisco devices such as routers, switches, and firewalls.

These Ansible modules make it easier to do things like configure interfaces, manage VLANs, and set up routing protocols. By using these modules, network engineers can automate complex configurations, ensure consistency, and reduce the risk of human error. Ansible’s playbook-based approach lets you automate multiple tasks in a single script that can run on multiple devices simultaneously. This is especially helpful in large Cisco networks, where doing everything manually would take forever and likely result in errors.

YANG (Yet Another Next Generation) is a language for modeling the configuration and state data of network devices. Cisco extensively uses YANG models in its automation solutions to standardize the representation of device configurations. These models help network engineers consistently manage and automate configurations across devices and platforms.

Cisco’s commitment to YANG is demonstrated by its support for these models across many of its devices and protocols, such as NETCONF and RESTCONF. YANG models make it easier to automate tasks by providing a clear, machine-readable version of the network’s configuration and operational state. This allows automation scripts to be used across different hardware and software, resulting in more reliable and predictable results.

NETCONF (Network Configuration Protocol) and RESTCONF (RESTful Configuration Protocol) are two important protocols used in Cisco network automation to interact with devices. Both use YANG models to manage configuration data, but they work differently and are used in different situations.

  • NETCONF is designed specifically for network configuration. It helps to install, modify, and delete configurations on devices. Cisco devices support NETCONF, allowing engineers to automate configuration tasks across multiple devices. The protocol ensures that changes are consistent and can be rolled back if something goes wrong, reducing the risk of problems that could cause network downtime.
  • RESTCONF is a more modern way to configure network devices using the principles of REST (Representational State Transfer). It allows engineers to interact with devices using HTTP methods, making it easier to integrate with web-based tools and applications. RESTCONF is especially useful when APIs are preferred for automation tasks, providing an easy and scalable way to manage configurations.

Model-driven telemetry is a modern approach to network monitoring that provides the real-time data collection and analysis critical to maintaining the health and performance of Cisco networks. Unlike old-school monitoring methods that check devices at intervals, model-driven telemetry continuously streams data from network devices to central collectors.

Cisco’s model-driven telemetry uses YANG models to define what data needs to be collected, ensuring that the data is structured and consistent. This helps network engineers gain deeper insight into network performance, quickly identify problems, and automatically respond to potential issues. By adding model-driven telemetry to their automation strategies, Cisco users can increase network reliability and performance, reduce downtime, and improve overall efficiency.

 

Infrastructure Automation

Infrastructure automation represents the next level of efficiency and scalability in Cisco network automation. By automating the deployment, configuration, and management of network services, organizations can significantly reduce the time and effort required to maintain complex network environments. This chapter explores three key areas of infrastructure automation within the Cisco ecosystem: orchestrating network services with Cisco Network Services Orchestrator (NSO), network automation testing with pyATS, and advanced automation techniques for integration into a NetDevOps pipeline.

Cisco Network Services Orchestrator (NSO) is a powerful tool for automating and managing network services in multi-vendor environments. NSO provides a model-driven approach to service orchestration, enabling the automation of network services from a single interface. With Cisco NSO, network engineers can automate the provisioning of network services and ensure that changes are applied consistently and efficiently across all network devices.

A key feature of NSO is its ability to interact with a wide range of network devices and technologies through its model-driven architecture. By defining network services as models, NSO enables automated service provisioning, reducing the risk of human error and ensuring that network configurations comply with organizational policies. In addition, NSO supports rapid service provisioning and rollback, making it an essential tool for maintaining agility in network operations.

Cisco’s pyATS (Python Automated Test System) is an essential tool for ensuring the reliability of network automation processes. Designed specifically for network testing, pyATS enables engineers to automate the verification of network configurations and deployments. By simulating real-world scenarios, pyATS helps identify potential problems before they impact the production environment, making it a critical component of any automation strategy.

With pyATS, engineers can create and execute automated test cases that check for configuration errors, performance bottlenecks, and other potential problems. This proactive approach to testing ensures that network changes are implemented smoothly, reducing the risk of outages or service interruptions. Seamlessly integrated with other Cisco automation tools, pyATS increases the overall stability and reliability of automated networks.

As networks become more software-driven, it is increasingly important to integrate network automation into a NetDevOps pipeline. NetDevOps applies DevOps principles to networking, emphasizing continuous integration, deployment, and automated testing. Cisco tools and platforms, such as those available through the DevNet ecosystem, support the seamless integration of these practices into network operations.

By using Cisco automation tools within a NetDevOps pipeline, organizations can automate not only network configurations, but also the entire network management lifecycle. This approach accelerates the deployment of network changes while maintaining high quality standards, resulting in more agile and resilient network operations. Cisco resources make it easier for network engineers to adopt and scale NetDevOps practices, ensuring that their networks can keep pace with the evolving demands of modern IT environments.

Conclusion

Cisco Network Automation is a powerful approach to managing and optimizing complex networks. By mastering key tools such as Ansible for automating configurations and Cisco NSO for orchestrating network services, network engineers can significantly improve efficiency and reduce the risk of errors. These technologies enable the consistent and reliable deployment of network changes, ensuring that networks remain agile and resilient.

For those interested in deepening their network automation expertise, Cisco offers a range of specialized courses that cover everything from basic automation concepts to advanced implementation techniques. These courses provide the skills needed to effectively use automation tools in real-world Cisco environments, making them invaluable for professionals who want to stay ahead of the curve in the ever-evolving field of network engineering.