Automation and Programmability in Networks with JSON and REST APIs

Automation and Programmability

MODULE 9 Topics

• 9.1 Network Automation Overview
• 9.2 Software Defined Networks
• 9.3 JSON
• 9.4 REST APIS
• 9.5 Management Mechanisms
• 9.6 AI in Network Operations
• 9.7 Review

O ONetwork Management Automation Infrastructure as Code

9.1 Network Automation Overview

Network Management Automation The use of software and tools to automate the configuration, monitoring, management, and maintenance of network devices and infrastructure The goal is to improve efficiency, reduce human errors, enhance network performance, and ensure consistent application of policies across the network

• Faster configuration
• Real-time monitoring
• Easier expansion
• Optimized resource usage
• Rapid threat response
• Compliance

Low costs Network Automation Better Network Control Fewer Errors More Effective Staff High Uptime Increased Agility

O Onfrastructure as Code (laC) Both sides Managing and provisioning computer data centers through machine-readable definition files

◦ Rather than physical hardware configuration or interactive configuration tools ◦ Most effective when underlying infrastructure is IaaS or PaaS Separates configurations, policies, profiles, scripts, and templates from the hardware or software on which they are deployed . These items can then be stored, shared, revised, and applied in the same manner as code Utilizes the core best practices of DevOps ◦ version control, virtualized tests, continuous monitoring Your infrastructure is treated the same way that any other code would be

O OInfrastructure as Code Example REPOSITORY TEMPLATES SCRIPTS POLICIES I I - 0 </> A vmware® . CISCO Puppet openstack" NETWORK SECURITY APP INFRA STORAGE 0 0 0 1.

9.2 Software Defined Networks

Traditional Networks Software Defined Networks Control and Data Planes Northbound / Southbound APIs SDN Overlay - Underlay FabricTraditional Networks Traditional networks consist of multiple individual network devices, such as routers, switches, and firewalls Control and data planes are tightly integrated into each network device Each device is configured and managed separately Configuration and policy enforcement are done manually on each device Managing a large network can be complex and time-consuming Policies and configurations are often static and hard to change

O OSoftware Defined Networks (SDN) AKA Controller-based Networking Uses a separate software controller to manage multiple network devices Configurations are dynamically and automatically applied

◦ Policy is enforced from a single location ◦ Easier to manage large and complex networks

O OTraditional vs. Software-defined Network Traditional Network Switch Control Plane Data Plane Software-Defined Network Programmable Switch Controller Machine

O OSide 2 Control and Data Planes Separate functions that are run on different devices Control Plane: · Routing and switching decisions Side 1 Application Layer Business Applications API API API Control Plane SDN Control Software Network Services Control Data Plane Interface (OpenFlow) Data Plane Network Device Network Device Network Device Network Device Network Device

◦ Policy enforcement ◦ Implemented as software in a virtual machine, or as an appliance Data Plane: ◦ Actual forwarding of packets . Executes the decisions made by the control plane ◦ Implemented as a specialized switch or router

O(Application Programming Interface) Northbound / Southbound APIs

• Allow SDN Controller to coordinate with automation tools · Ansible, Terraform, DNAC, Splunk, VMware, ServiceNow, SolarWinds, etc. . Typically RESTful APIs Allow the SDN controller to communicate with and control the hardware devices Application Orchestration Firewall Accounting Load Balancer Northbound API SDN Controller Southbound API Switch Switch

O OCisco DNA Center SDN Controller Example Insights 30% of your clients in your network are Wifi6 capable. Your Network Infrastructure is 20% ready for Wifi6. Consider the following changes: (1) Upgrade your WLC code to 8.10 to improve your Wifi6 software readiness by 40% . (2) Consider upgrading your AP hardware to C9120 to improve client experience Learn more. Wi-Fi6 Network Readiness Your Network is 20% Wi-Fi enabled · Wi-Fi6 Enable · Wi-Fi6 Disable · OS Ready . OS Upgrade Needed 100 APs . Wi-Fi 6 APs · Non Wi-Fi 6 APs View Details Top N Locations by Wi-Fi6 Readiness LATEST TREND Network Client SJC04 is 80% Wi-Fi 6 enabled SJC04 SJC17 Locations SJC32 Client Protocol · Wi-Fi 6 . 11ac 500 Clients · 11n · Legacy 0 20% 40% 60% 80% 100% Wi-Fi 6 Readiness Network Client View Details View Details Usage Distribution by MCS Rate O LATEST TREND 20% of Usage Distribution on Wi-Fi 6 network has best MCS Rate index Good 1-25% 26%-50% 51%-75% 76%-100% Usage Distribution Percentage MCS Rate Index Fair . Wi-Fi 6 . 11ac @ 11n O O Client Distribution by Protocol LATEST TREND Capability Association 10% of clients are associated on to the Wi-Fi6 network Association SJC03 SJC21SDN Overlay - Underlay · A virtual (logical) network built on top of an existing physical network · Often uses tunneling/VPNs to create the overlay · The physical infrastructure of specialized routers, switches, and other hardware · Actually transports the data Overlay Underlay OFabric A mesh of connections between network devices (access points, switches, routers, etc.) Acting as one unit, the mesh transports data to its destination A controller manages both the overlay and the underlay of the fabric /SAN/Fabric sw-isola-204/VSAN0001 (segmented @ sw-isola-220) [admin@localhost] - Fabric Manager 3.0(0.350) File View Zone Tools Server Help Advanced Logical Domains Fabric sw-isola-204 A CFS Configuration + All VSANS VSAN0001 (segmenter Confic Confic Last Last Owner Command Result IP Address User Name Merge Owner Master Attributes sw-isola-204 |noSelection enabled enable noSelection running success fcFabric ipl A < sw-isola-220 noSelection enabled enable noSele ... running success fcFabric ipl > Physical Attributes A + Switches + ISL 10000000000001756-46 - End Devices Hosts 100000000000-150048 1 - Device Alias DPVÌ 1000:10:000000-03-00 4 İSCSI iSNS SAN Volume Controller SSM Features Flow Statistics SAN Fabric c-186 Fabric sw172-22-46-153 Fabric sw-isola-204 Log Events 154507 All fabric switches participate in CFS Cisco MDS 9000 Family Fabric Manager SAN/Fabric sw-isola-204/V/SAN0001 (segmented @ sw-isola-220) End Devices Device Alias + VSAN0001 (down,seg Switch Admir Oper Global Action View as VSAN0002 (down,seq A 100090000005 Storage 100000000000000 Cisco UCS 6300 Series Fabric Interconnects O PerformanceFabric vs. Traditional Architecture Fabric Traditional Topology · Spine-leaf · Flatter topology provides consistent latency and bandwidth · Three-tier · Single-path nature · Less redundancy · Partial mesh · Offers multiple paths Traffic Pattern · East-West traffic optimization . North-South traffic optimization · Server-to-server · Server-to-storage · Traffic predominantly flows between internal and external network Scalability / Flexibility · Scale horizontally · Add more leaf & spine switches · Scaling is more difficult due to hierarchical nature Management / Automation · SDN central control · Manual configuration and management

9.3 JSON

JSON Overview

JSON Data JSON Objects JSON Arrays JSON ExamplesWhat is JSON? JavaScript Object Notation A text-based, lightweight scripting notation for exchanging data · Easy for humans to read and write Easy for machines to parse and generate ◦ · Uses familiar programming conventions, but is independent of any particular programming language Has many use cases including: · Web development, mobile apps, software development, network management and automation, database data serialization, IoT, cloud computing, logging and analytics, machine learning and AI

OJSON Data In JSON, the data can be organized in a variety of ways "string": "Hello, World!", 'number": 42, 'object": {"key": "value"}, "array": [1, 2, 3], "boolean": true, 'null": null

O OJSON Objects JSON Objects are collections of key : value pairs enclosed in curly braces Each key is a string Each value can be a string, number, Boolean, array, or another object { "hostname": "Router01" 'interface": "GigabitEthernet0/1", status": "up", description": "Main uplink to ISP" { "hostname": "Router1", "enabled": true, "port": 8080 }

}

JSON Arrays

Arrays are ordered lists of values enclosed in square brackets [] Each value can be a string, number, Boolean, array, or object [ router" switch" AP" ]

O OJSON Example #1 Same Side This entire data structure is an array The array is a list of three objects Each object has two key : value pairs Key : Value Key : Value [ Object {"load balancer": "LB13", "port": "fe9/2"}, Object {"firewall": "FW20", "port": "e2/28"}, Object {"router": "R41", "port": "te7/27"}, ]

O OJSON Example #2 This structure is an object The object has one key : value pair The key is "Interfaces" The value is an array of interface names { "Interfaces": ["ethernet0/3", "ethernet0/4", "ethernet0/5"] }

O OJSON Example #3 Side 1 Side 2 { "interfaces": { name": "GigabitEthernet0/1", description": "Uplink" }, { name": "GigabitEthernet0/2" "description": "Downlink" } ] }

• This object has one key/value pair
• The key is "interfaces"
• The value is an array of two objects
• Each object in the array has two key/value pairs inside: · name
• description

9.4 REST APIS

REST API Resources

REST API Authentication REST HTTP Format CRUD CRUD Examples REST API vs CLIWhat is an API? Application Programming Interface A set of protocols, tools, and definitions that allow software applications to communicate with network devices and services Usually accessible as a web URL/URI (e.g. https://api.example.com/users/123) Cisco provides a range of APIs . These enable developers and network administrators to automate tasks, integrate systems, and enhance the functionality of their network infrastructure

O O