Professional Documents
Culture Documents
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#LTRCRT-2700
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Who are we?
Tony Roman Tom Bryan
• Learning@Cisco Content Engineer • Cisco Technical Leader, one of the
focused on Network creators of VIRL Personal Edition
Programmability and Cisco Modeling Lab
• DevOps professional turned • Software developer with a focus on
NetDevOps network simulation and tools for
engineers
• toroman@cisco.com
• tombry@cisco.com
• Twitter: @tbryan314
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Agenda
• Introduction
• Data Encoding, Data Models, APIs, and Transport
• Diving Deeper into RESTCONF
• Exploring RESTCONF on IOS-XE with Postman (Lab)
• Automating IOS-XE with RESTCONF while using Python requests
(Lab)
• Diving Deeper into NETCONF
• Automating IOS-XE with NETCONF using Python ncclient (Lab)
Introduction
Why are we here?
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
From CLI to API
The industry is transitioning to an API first model
• CLI is for humans
• APIs are for machine to machine communication
• APIs do not replace CLI
• APIs can have a profound impact on operations
• APIs facilitate operational efficiency
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
So many new terms…
…in this new world
Postman cURL
Model-Driven Text Editors
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
So many new terms…
…in this new world
Postman cURL
Model-Driven Text Editors
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Covering a subset of these today
Keep in mind the skills for the future network engineer are increasing
Linux
Python
Postman
Model-Driven Text Editors
YANG
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Cisco IOS XE APIs Overview
Accept NETCONF and RESTCONF requests and communicates directly to
configuration datastore(s).
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Objectives
• Understand what data models are and why they’re important
• Leave here knowing how to use Postman so you can explore any HTTP-based
API
• Become familiar with the basics of reading and executing Python scripts using
IOS-XE APIs
• Know enough to continue your IOS-XE API journey tomorrow
• Realize you must understand the basics of programmability sooner than later
• Understand you will not be an IOS-XE API expert in 4 hours
• Recognize learning takes time
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Breaking down Network APIs
Data Encoding
Data Models
Transport
Protocols
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Data Encoding
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Data Encoding
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Data Encoding: JSON & XML
{ <GigabitEthernet>
"Cisco-IOS-XE-native:GigabitEthernet": { <name>1</name>
"name": "1", <vrf>
"vrf": { <forwarding>MANAGEMENT</forwarding>
"forwarding": "MANAGEMENT" </vrf>
}, <ip>
"ip": { <address>
"address": { <primary>
"primary": { <address>10.0.0.151</address>
"address": "10.0.0.151", <mask>255.255.255.0</mask>
"mask": "255.255.255.0" </primary>
} </address>
} </ip>
}, <mop>
"mop": { <enabled>false</enabled>
"enabled": false </mop>
}, <negotiation>
"Cisco-IOS-XE-ethernet:negotiation": { <auto>true</auto>
"auto": true </negotiation>
} </GigabitEthernet>
}
}
JSON XML
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Data Encoding: JSON & XML
{ <GigabitEthernet>
"Cisco-IOS-XE-native:GigabitEthernet": { <name>1</name>
"name": "1", <vrf>
"vrf": { <forwarding>MANAGEMENT</forwarding>
"forwarding": "MANAGEMENT" </vrf>
}, <ip>
"ip": { <address>
"address": { <primary>
"primary": { <address>10.0.0.151</address>
"address": "10.0.0.151", <mask>255.255.255.0</mask>
"mask": "255.255.255.0" </primary>
} </address>
print
} response['Cisco-IOS-XE-native:GigabitEthernet']['ip']['address']['primary']['address']
</ip>
10.0.0.151
}, <mop>
"mop": { <enabled>false</enabled>
"enabled": false </mop>
},
print <negotiation>
response.findall('.//{http://cisco.com/ns/yang/Cisco-IOS-XE-native}address')[1].text
"Cisco-IOS-XE-ethernet:negotiation":
10.0.0.151 { <auto>true</auto>
"auto": true </negotiation>
} </GigabitEthernet>
}
}
JSON XML
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Data Encoding
• There needs to be structure behind what is communicated between systems
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Data Encoding
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
We now know machines communicate using
structured data.
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Data Models
What are Data Models?
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Data Models
Examples
• How do you describe a VLAN?
• VLAN ID
• VLAN name
• VLAN state
• …
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Data Models
Examples
• How do you describe a VLAN?
• VLAN ID – integer between 1 and 4096 ?
• VLAN name – string between 1 and N characters ?
• VLAN state – enumeration of “down/up” or “shutdown/ no shutdown”
• …
This is defining the constraints of the data– the Data Model for a VLAN.
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
YANG
• It is a network-centric data modeling language
defined in RFC 6020 specifically built for
“network data”
• Initially built for NETCONF
• Now also used by RESTCONF and can be used
by any protocol
• Models configuration and operational state
data
• Provides syntax and semantics
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
YANG
Sample YANG Module
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
YANG
Open and Native YANG Models
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Transport
The properly structured and encoded data still needs
a way to get from point A to point B:
• SSH
• HTTP
• HTTPS
• TLS
• HTTP/2
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
APIs
Two most common types of network APIs
NETCONF REST (for network devices)
• Uses XML encoded data • Uses XML or JSON encoded data
• Data that is transported is modeled • Modeled either using YANG, XSD, JSD, or
either using YANG or XSD custom modeling language
• NETCONF on IOS-XE uses XML data • RESTCONF on IOS-XE uses XML/JSON data
that adheres to YANG models
that adheres to YANG models
• NETCONF protocol itself has network
centric features (cover some of these • IOS-XE produces their REST API using data
later) modeled from YANG RESTCONF
• Transported over SSH • Transported over HTTP/HTTPS
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Network Programmability Stack
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Diving Deeper into RESTCONF
Before RESTCONF…
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
REST
• If you understand how to work with a web browser, you understand
REST.
• Same HTTP Request Methods and Response Codes are used
HTML JSON/XML
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
REST
Create, Retrieve, Update and Delete (CRUD)
Create
Retrieve
Update
Delete
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
REST
HTTP Verbs
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
REST
HTTP Verbs in the context of network devices
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
REST
Common HTTP Response Codes
Success (2xx) Description Client Error (4xx) Description
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Constructing an API Request
• URL
• HTTP Verb
• GET, POST, PATCH, PUT, DELETE
• Body
• Used when making a configuration change. We’ll show a JSON Body soon.
• Headers
• Define the structure of the data being sent and desired to be received.
• Are you using JSON or XML?
• Authentication
• Your privileged level 15 credentials
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
IOS-XE RESTCONF Request 1
Retrieving the GigE1 Configuration
• URL – http://clus1/restconf/api/running/native/interface/GigabitEthernet/1/
• HTTP Verb
• GET
• Body
• N/A
• Headers
• Accept – application/vnd.yang.data+json
• Authentication
• Your privileged level 15 credentials
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
IOS-XE RESTCONF Response 1
Retrieving the GigE1 Configuration
{
"Cisco-IOS-XE-native:GigabitEthernet": {
"name": "1",
"vrf": {
"forwarding": "MANAGEMENT"
},
"ip": {
"address": {
"primary": {
"address": "10.0.0.151",
"mask": "255.255.255.0"
}
}
},
"mop": {
"enabled": false
},
"Cisco-IOS-XE-ethernet:negotiation": {
"auto": true
}
}
}
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
IOS-XE RESTCONF Request 2
Configuring GigE2
• URL – http://clus1/restconf/api/running/native/interface/GigabitEthernet/2/
{
• HTTP Verb
"Cisco-IOS-XE-native:GigabitEthernet": {
• PATCH "ip": {
"address": {
• Body
"primary": {
• "address": "10.2.0.151",
"mask": "255.255.255.0"
• Headers
}
• Content-Type – }
application/vnd.yang.data+json }
}
• Authentication
}
• Your privileged level 15 credentials
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
So…REST vs. RESTCONF?
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
RESTCONF
What is it?
• It’s an implementation of a REST API
• Model-driven API NETCONF
/YANG
• Functional sub-set of NETCONF
• Exposes YANG models via a REST API (URL)
RESTCONF
• Uses HTTP(S) as transport
• Uses XML or JSON for encoding
HTTP(S)
• Developed to use HTTP tools and programming
libraries
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
RESTCONF
Consuming the IOS-XE RESTCONF API
• Almost identical to using any other RESTful API
• Pay attention to the Accept and Content-Type Headers
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Consuming RESTful APIs
Utilities and Tools
Postman
Chrome Application
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
What is Postman?
Chrome Application
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Postman
Exploring HTTP-Based APIs
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Lab 1: Exploring RESTCONF with
Postman
Lab 2:
Automating IOS-XE with RESTCONF
using Python
Challenge 1 and 2
Diving Deeper into NETCONF
NETCONF
NETCONF is an IETF network management protocol designed
specifically for configuration management
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
NETCONF
Protocol Stack
Layer Example
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
NETCONF
Data Stores
• Target of Operations <running>
• May hold an entire copy of the configuration
• Not all data stores are supported by all devices
• Running config is the only required data store <startup>
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
NETCONF
NETCONF over SSH
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
NETCONF
NETCONF over SSH
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
NETCONF
NETCONF over SSH
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
NETCONF
NETCONF over SSH
<?xml version="1.0"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
</capabilities>
</hello>]]>]]>
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
NETCONF
NETCONF over SSH
<?xml version="1.0"?>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get>
<filter type="subtree">
<native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
<interface>
Client connects to NETCONF SSH sub-system
<GigabitEthernet>
<name>1</name>
</GigabitEthernet>
</interface>
Server responds with Hello that includes
</native>
</filter>NETCONF supported capabilities
</get>
</rpc>
Client responds with supported capabilities
]]>]]>
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
NETCONF
NETCONF over SSH
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
NETCONF
Inside the Protocol Stack for IOS-XE
Layer Example
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
NETCONF
Inside the Protocol Stack for IOS-XE
XML Encoding
Layer Example <?xml version="1.0"?>
<rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<copy-config>
Content XML Documents (YANG, etc.)
<source> Message is <rpc>
<url>file://candidate.cfg</url>
</source>
Operations <get-config>, <get>, <target>
<copy-config>, Operation is copy-config
<candidate/>
<commit>, <validate>, <lock>,
</target>
<unlock>, <edit-config>, <delete-
</copy-config>
</rpc>
config>* ]]>]]>
Messages <rpc>,<rpc-reply>
Protocols SSHv2
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
NETCONF
Inside the Protocol Stack for IOS-XE
XML Encoding
Layer Example <?xml version="1.0"?>
<rpc message-id="1" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<copy-config>
Content XML Documents (YANG, etc.)
<source> Message is <rpc>
<url>file://candidate.cfg</url>
</source>
Operations <get-config>, <get>, <target>
<copy-config>, Operation is copy-config
<candidate/>
<commit>, <validate>, <lock>,
</target>
<?xml version="1.0"?>
<unlock>, <edit-config>, <delete-
</copy-config>
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
</rpc>
config>* ]]>]]> <get>
<filter type="subtree">
Messages <rpc>,<rpc-reply> <native xmlns="http://cisco.com/ns/yang/Cisco-IOS-XE-native">
<interface>
<GigabitEthernet>
Protocols SSHv2 <name>1</name> Operation is get
</GigabitEthernet>
</interface>
</native>
</filter> Content is everything else
</get>
</rpc> inside the operation
]]>]]>
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Consuming NETCONF APIs
Utilities and Tools
if __name__ == "__main__":
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Lab 3: Automating IOS-XE with
NETCONF using Python
Challenge 3
Summary
• IOS-XE uses model driven APIs: RESTCONF/YANG and NETCONF/YANG
APIs
• YANG models supported on IOS-XE are both Cisco and industry standard
• RESTCONF will be supported by TAC in 16.6 and later
• Use Postman to get started exploring the RESTCONF API
• Using RESTCONF is just like using any other HTTP API (remember check your
headers)
• Use NETCONF if you’re integrating with other devices that also support
NETCONF or you need features that NETCONF offers that RESTCONF doesn’t
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#LTRCRT-2700
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
Network Programmability Cisco Education Offerings
Course Description Cisco Certification
Developing with Cisco Network Programmability Provides Application Developers with comprehensive curriculum to Cisco Network Programmability
(NPDEV) develop infrastructure programming skills; Developer (NPDEV) Specialist
Addresses needs of software engineers who automate network Certification
infrastructure and/or utilize APIs and toolkits to interface with SDN
controllers and individual devices
Designing and Implementing Cisco Network Provides network engineers with comprehensive soup-to-nuts curriculum Cisco Network Programmability
Programmability (NPDESI) to develop and validate automation and programming skills; Design and Implementation
Directly addresses the evolving role of network engineers towards more (NPDESI) Specialist Certification
programmability, automation and orchestration
Programming for Network Engineers (PRNE) Learn the fundamentals of Python programming – within the context of Recommended pre-requisite for
performing functions relevant to network engineers. Use Network NPDESI and NPDEV Specialist
Programming to simplify or automate tasks Certifications
Cisco Digital Network Architecture This training provides students with the guiding principles and core None
Implementation Essentials (DNAIE) elements of Cisco’s Digital Network Architecture (DNA) architecture and its
solution components including; APIC-EM, NFV, Analytics, Security and
Fabric.
LTRCRT-2700 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Thank you