Cisco DevNet Evolving Technologies Study Guide Nicholas Russo — CCIE #42518 (EI/SP) CCDE #20160041 March 13, 2021 1 Abstract Nicholas Russo holds active CCIE certifications in Enterprise Infrastructure and Service Provider, as well as CCDE. Nick authored a comprehensive study guide for the CCIE Service Provider version 4 examination and this document provides updates to the written test for all CCIE/CCDE tracks. Nick also holds a Bachelor’s of Science in Computer Science, from the Rochester Institute of Technology (RIT) and is a frequent programmer in the field of network automation. Nick lives in Maryland, USA with his wife, Carla, and daughters, Olivia and Josephine. For updates to this document and Nick’s other professional publications, please follow the author on his Twitter, LinkedIn, and personal website. Technical Reviewers: Angelos Vassiliou, Leonid Danilov, and many from the RouterGods team. This material is not sponsored or endorsed by Cisco Systems, Inc. Cisco, Cisco Systems, CCIE and the CCIE Logo are trademarks of Cisco Systems, Inc. and its affiliates. All Cisco products, features, or technologies mentioned in this document are trademarks of Cisco. This includes, but is not limited to, Cisco IOS, Cisco IOS-XE, Cisco IOS-XR, and Cisco DevNet. The information herein is provided on an “as is” basis, without any warranties or representations, express, implied or statutory, including without limitation, warranties of noninfringement, merchantability or fitness for a particular purpose. Author’s Notes This book was originally designed for the CCIE and CCDE certification tracks that introduced the “Evolving Technologies” section of the blueprint for the written qualification exam. Those exams have since been overhauled and many of their topics have been moved under the umbrella of Cisco DevNet. This book is not specific to any certification track and provides an overview of the three key evolving technologies: Cloud, Network Programmability, and Internet of Things (IoT). Italic text represents cited text from another not created by the author. This is often directly from a Cisco document, which is appropriate given that this is a summary of Cisco’s vision on the topics therein. This book is not an official publication and does not have an ISBN assigned. The book will always be free. The opinions expressed in this study guide and its corresponding documentation belong to the author and do not necessarily represent those of Cisco. My only request is that you not distribute this book yourself. Please direct your friends and colleagues to my website where they can download it for free. I wrote this book because I believe that free and open-source software is the way of the future. So too do I believe that the manner in which this book is published represents the future of publishing. I hope this book serves its obviously utility as a technical reference, but also as an inspiration for others to meaningfully contribute to the open-source community. Copyright 2021 Nicholas Russo http://njrusmc.net 2 Contents 1 Cloud 7 1.1 Introduction..............................................7 1.2 Infrastructure, platform, and software as a service (XaaS).................... 13 1.3 Performance, scalability, and high availability........................... 15 1.4 Security implications, compliance, and policy........................... 17 1.5 Workload migration.......................................... 18 1.6 Compute virtualization........................................ 19 1.6.1 Virtual Machines....................................... 19 1.6.2 Containers with Docker Demonstration........................... 20 1.6.3 Python Virtual Environments (venv) for Refactoring.................... 28 1.7 Connectivity.............................................. 32 1.7.1 Virtual Switches....................................... 33 1.7.2 Software-Defined Wide Area Network (SD-WAN Viptela Demonstration)........ 33 1.7.3 Software-Defined Access (SDA).............................. 37 1.7.4 Software-Defined Data Center (SD-DC).......................... 38 1.8 Virtualization functions........................................ 40 1.8.1 Network Functions Virtualization infrastructure (NFVi).................. 40 1.8.2 Virtual Network Functions with NFVIS Demonstration.................. 41 1.9 Automation and orchestration tools................................. 47 1.9.1 Cloud Center......................................... 47 1.9.2 Digital Network Architecture Center (DNA-C) Demonstration.............. 48 1.9.3 Kubernetes Orchestration with minikube Demonstration................. 53 1.9.4 Amazon Web Services (AWS) CLI Demonstration.................... 59 1.9.5 Infrastructure as Code using Terraform........................... 66 1.9.6 Flask Application Monitoring with Prometheus...................... 78 1.10 References and Resources..................................... 86 2 Network Programmability 87 2.1 Data models and structures..................................... 87 2.1.1 YANG............................................. 87 2.1.2 YAML............................................. 91 2.1.3 JSON............................................. 91 2.1.4 XML.............................................. 92 2.2 Device programmability....................................... 93 2.2.1 Google Remote Procedure Call (gRPC) on IOS-XR using iosxr grpc.......... 93 2.2.2 gRPC on IOS-XR using grpcio and Manual Compilation................. 100 2.2.3 gRPC Network Management Interface (gNMI) on IOS-XR using gNMIc........ 111 2.2.4 Python paramiko Library on IOS-XE............................ 119 2.2.5 Python netmiko Library on IOS-XE............................. 121 2.2.6 NETCONF using netconf-console on IOS-XE....................... 122 2.2.7 NETCONF using Python and jinja2 on IOS-XE...................... 126 2.2.8 REST API on IOS-XE.................................... 128 2.2.9 RESTCONF on IOS-XE................................... 133 2.3 Controller based network design.................................. 134 2.3.1 SDN Models......................................... 134 2.3.2 Centralized SDN using OpenFlow and Faucet....................... 139 2.4 Configuration management tools and version control systems.................. 145 2.4.1 Agent-based Summary................................... 145 2.4.2 Agent-less Summary..................................... 147 2.4.3 Agent-less Demonstration with Ansible (SSH/CLI).................... 147 2.4.4 NETCONF-based Infrastructure as Code with Ansible.................. 150 2.4.5 RESTCONF-based Infrastructure as Code with Ansible................. 155 Copyright 2021 Nicholas Russo http://njrusmc.net 3 2.4.6 Agent-less Demonstration with Nornir........................... 159 2.4.7 Version Control Overview.................................. 165 2.4.8 Git with Github........................................ 166 2.4.9 Git with AWS CodeCommit and CodeBuild........................ 168 2.4.10 Subversion (SVN) and comparison to Git......................... 176 2.4.11 Network Validation with Batfish............................... 181 2.4.12 Data Validation with JSON Schema............................ 189 2.5 References and Resources..................................... 196 3 Internet of Things 198 3.1 IoT Technology Stack........................................ 198 3.1.1 IoT Network Hierarchy.................................... 200 3.1.2 Data Acquisition and Flow.................................. 201 3.2 IoT standards and protocols..................................... 202 3.3 IoT security.............................................. 205 3.4 IoT Edge and Fog Computing.................................... 207 3.4.1 Data Aggregation....................................... 207 3.4.2 Edge Intelligence....................................... 210 3.5 References and Resources..................................... 211 4 Blueprint v1.0 Legacy Topics 212 4.1 Cloud................................................. 212 4.1.1 Troubleshooting and Management............................. 212 4.1.2 OpenStack components with PackStack Demonstration................. 212 4.1.3 Cloud Comparison Chart.................................. 222 4.2 Network Programmability...................................... 222 4.2.1 SDN Controllers....................................... 222 4.2.2 DevOps methodologies, tools and workflows....................... 224 4.2.3 Basic Jenkins Setup Demonstration............................ 226 4.3 Internet of Things........................................... 233 4.3.1 Performance, Reliability, and Scalability.......................... 233 5 Glossary of Terms 234 List of Figures 1 Public Cloud High Level.......................................8 2 Private Cloud High Level.......................................8 3 Virtual Private Cloud High Level...................................9 4 Connecting Cloud via Private WAN................................. 11 5 Connecting Cloud via IXP...................................... 12 6 Connecting Cloud via Internet VPN................................. 13 7 Comparing Virtual Machines and Containers........................... 20 8 Viptela SD-WAN High Level..................................... 35 9 Viptela Home Dashboard...................................... 35 10 Viptela Node Summary....................................... 36 11 Viptela Event Logging........................................ 36 12 Viptela Flow Exploration....................................... 37 13 Viptela VoIP QoS Policy....................................... 37 14 Cisco ACI SD-DC