Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Emerging Technologies team
21st January 2020
#CLEUR 2020
Technical Workshop NetAcadDEVNET ASSOCIATE Course
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Workshop Agenda
• The Why
• Business Drivers
• The What
• New DevNet Associate Software Topics
• The How
• NetAcad Course
• Limited Availability release
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Software defined solutions
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
“The Cisco Certified DevNet Associate is an individual
who performs an entry-level developer role
on Cisco platforms.”
Certified DevNet Associate
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Reduce Operation Cost (Opex)
• Increase speed/agility
• Reduce errors
• Increase Compliance
Create Network and IT Automation
Workflow
Automation Business relevance
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Create solutions for specific customers or market.
• Partner Increase revenue
• Reduce customer churn
App development Business relevance
Develop 3rd Party Solutions Built on Cisco Platforms
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The IT Teamof the Future
World ofNetwork Engineers
World ofSoftware Developers
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Real World
Examples of
Network
Programmability
and APIs© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
4 Network Programmability Use-Cases
2 41 3
Automation
Disable all network
access ports after 30
days of inactivity.
Troubleshooting
CyberOps request
“Where is 10.1.2.3 in our
network?”
Restore manager’s
access - “err-disabled”
port.
Integrations
Implement a new network
change request
#NetDevOps
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The IT Teamof the Future
World ofNetwork Engineers
World ofSoftware Developers
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DevNet
Certifications
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DevNet Associate Certification Topics – Quick Look
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Software Development and Design (15%)
2. Understanding and Using APIs (20%)
3. Cisco Platforms and Development (15%)
4. Application Deployment and Security (15%)
5. Infrastructure and Automation (20%)
6. Network Fundamentals (15%)
DevNet Associate Topics
“The exam tests a candidate's knowledge of
software development and design including
understanding and using APIs, Cisco platforms
and development, application development and
security, and infrastructure and automation.”
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Software Development and Design (15%)
2. Understanding and Using APIs (20%)
3. Cisco Platforms and Development (15%)
4. Application Deployment and Security (15%)
5. Infrastructure and Automation (20%)
6. Network Fundamentals (15%)
DEVASC Topics - Known
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Software Development and Design (15%)
2. Understanding and Using APIs (20%)
3. Cisco Platforms and Development (15%)
4. Application Deployment and Security (15%)
5. Infrastructure and Automation (20%)
6. Network Fundamentals (15%)
DEVASC Topics - New
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
• 1.2 Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
• 1.3 Describe the concepts of test-driven development
• 1.4 Compare software development methods (agile, lean, and waterfall)
• 1.5 Explain the benefits of organizing code into methods / functions, classes, and modules
• 1.6 Identify the advantages of common design patterns (MVC and Observer)
• 1.7 Explain the advantages of version control
• 1.8 Utilize common version control operations with Git• 1.8.a Clone
• 1.8.b Add/remove
• 1.8.c Commit
• 1.8.d Push / pull
• 1.8.e Branch
• 1.8.f Merge and handling conflicts
• 1.8.g diff
DEVASC Topics #1: Software Development and Design (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
DEVASC Topics #1: Software Development and Design (15%)
JSONXML
YAML
• TAGs vs. Keys in double quotes, values and [ and { vs. Indentation
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
DEVASC Topics #1: Software Development and Design (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
DEVASC Topics #1: Software Development and Design (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
DEVASC Topics #1: Software Development and Design (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.1 Compare data formats (XML, JSON, and YAML)
DEVASC Topics #1: Software Development and Design (15%)
import yaml
def getDataFromYaml(file):
text = open(file).read()
data = yaml.safe_load(text)
return data
for f in ["data1.yaml", "data2.yaml"]:
print("Loading file {}.".format(f))
data = getDataFromYaml(f)
print("Datatype is: {}".format(type(data)))
print(data)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.2 Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
DEVASC Topics #2: Understanding and Using APIs (20%)
import json
import yaml
myFruits = [
{"type": "Orange", "count": 12 },
{"type": "Banana", "count": 5 }
]
print("Type of myFruits = {}".format(type(myFruits)))
print(myFruits)
open("data.json", "w").write( json.dumps(myFruits) )
open("data.yaml", "w").write( yaml.dump(myFruits) )
text = open("data.json").read()
data = json.loads(text)
print("Type of data = {}".format(type(data)))
print(data)
text = open("data.yaml").read()
data = yaml.safe_load(text)
print("Type of data = {}".format(type(data)))
print(data)
• import json• import yaml
• json.dumps( data )• Returns a text json representation of
the data• yaml.dump( data )
• Returns a text yaml representation of the data
• json.loads( text )• Tries to load text as json and returns a
python data structure• yaml.safe_load( text )
• Tries to load text as yaml and returns a python data structure
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.2 Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
DEVASC Topics #2: Understanding and Using APIs (20%)
import dicttoxml # pip install dicttoxml
import xmltodict # pip install xmltodict
import xml.etree.ElementTree as ET
myFruits = [
{"type": "Orange", "count": 12 },
{"type": "Banana", "count": 5 }
]
print("Type of myFruits = {}".format(type(myFruits)))
print(myFruits)
open("data.xml", "wb").write(
dicttoxml.dicttoxml(myFruits, attr_type=False) )
# xmltodict
text = open("data.xml").read()
data = xmltodict.parse(text)
print("Type of data = {}".format(type(data)))
print(data)
print(data['root']['item'][0]['type'])
print(data['root']['item'][0]['count'])
# ElementTree
xml = ET.parse("data.xml")
root = xml.getroot()
print("Type of xml = {}".format(type(xml)))
print("Type of root = {}".format(type(root)))
print(root)
for elem in root:
for subelem in elem:
print("{} = {}".format(subelem.tag, subelem.text))
allItems = root.findall("item") #
https://docs.python.org/3/library/xml.etree.elementtree.html#elementtree
for item in allItems:
typeTag = item.find("type")
countTag = item.find("count")
print(typeTag.text)
print(countTag.text)
# think about NameSpaces, etc.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.3 Describe the concepts of test-driven development
DEVASC Topics #1: Software Development and Design (15%)
“make sure code performs required tasks correctly, giving back expected results in response to all inputs, without compromising solution stability, performance, or security, or causing other troublesome side effects”
Testing:• Unit testing (such as, classes, methods, functions, libraries, and so on) • Integration testing• Functional testing
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.4 Compare software development methods (agile, lean, and waterfall)
DEVASC Topics #1: Software Development and Design (15%)
SDLC
“set of rules, steps, roles and principles”
• Waterfall
• Agile
• Lean
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.5 Explain the benefits of organizing code into methods / functions, classes, and modules
DEVASC Topics #1: Software Development and Design (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.6 Identify the advantages of common design patterns (MVC and Observer)
DEVASC Topics #1: Software Development and Design (15%)
MVC Observer
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.8 Utilize common version control operations with Git
DEVASC Topics #1: Software Development and Design (15%)
git config --global user.name “Jozef J”
git config --global user.email “[email protected]”
git init
• Setup a local git repository
git add <files…>
• Add files to be tracked in the repository
git rm <files…>
• Remove files from the repository tracking
git commit –m “description of the commit”
• Commit the changes
git push
• Send local repository to remote server
git pull
• Pull data from the remote server
git diff
• Display the differences since last commit
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 1.8 Utilize common version control operations with Git
DEVASC Topics #1: Software Development and Design (15%)
Branching and Merging
git branch <name>
• Send local repository to remote server
git checkout <branch name>
• Pull data from the remote server
git merge <branch name>
• Merge files into the current branch
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 2.1 Construct a REST API request to accomplish a task given API documentation
• 2.2 Describe common usage patterns related to webhooks
• 2.3 Identify the constraints when consuming APIs
• 2.4 Explain common HTTP response codes associated with REST APIs
• 2.5 Troubleshoot a problem given the HTTP response code, request and API documentation
• 2.6 Identify the parts of an HTTP response (response code, headers, body)
• 2.7 Utilize common API authentication mechanisms: basic, custom token, and API keys
• 2.8 Compare common API styles (REST, RPC, synchronous, and asynchronous)
• 2.9 Construct a Python script that calls a REST API using the requests library
DEVASC Topics #2: Understanding and Using APIs (20%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 2.8 Compare common API styles (REST, RPC, synchronous, and asynchronous)
DEVASC Topics #2: Understanding and Using APIs (20%)
synchronous asynchronous
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 3.1 Construct a Python script that uses a Cisco SDK given SDK documentation
• 3.2 Describe the capabilities of Cisco network management platforms and APIs (Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, and NSO)
• 3.3 Describe the capabilities of Cisco compute management platforms and APIs (UCS Manager, UCS Director, and Intersight)
• 3.4 Describe the capabilities of Cisco collaboration platforms and APIs (Webex Teams, Webex devices, Cisco Unified Communication Manager including AXL and UDS interfaces, and Finesse)
• 3.5 Describe the capabilities of Cisco security platforms and APIs (Firepower, Umbrella, AMP, ISE, and ThreatGrid)
• 3.6 Describe the device level APIs and dynamic interfaces for IOS XE and NX-OS
• 3.7 Identify the appropriate DevNet resource for a given scenario (Sandbox, Code Exchange, support, forums, Learning Labs, and API documentation)
• 3.8 Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment
• 3.9 Construct code to perform a specific operation based on a set of requirements and given API reference documentation such as these:
• 3.9.a Obtain a list of network devices by using Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, or NSO
• 3.9.b Manage spaces, participants, and messages in Webex Teams
• 3.9.c Obtain a list of clients / hosts seen on a network using Meraki or Cisco DNA Center
DEVASC Topics #3: Cisco Platforms and Development (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.1 Describe benefits of edge computing
• 4.2 Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
• 4.3 Identify the attributes of these application deployment types
• 4.3.a Virtual machines
• 4.3.b Bare metal
• 4.3.c Containers
• 4.4 Describe components for a CI/CD pipeline in application deployments
• 4.5 Construct a Python unit test
• 4.6 Interpret contents of a Dockerfile
• 4.7 Utilize Docker images in local developer environment
• 4.8 Identify application security issues related to secret protection, encryption (storage and transport), and data handling
• 4.9 Explain how firewall, DNS, load balancers, and reverse proxy in application deployment
• 4.10 Describe top OWASP threats (such as XSS, SQL injections, and CSRF)
• 4.11 Utilize Bash commands (file management, directory navigation, and environmental variables)
• 4.12 Identify the principles of DevOps practices
DEVASC Topics #4: Application Deployment and Security (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.2 Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
DEVASC Topics #4: Application Deployment and Security (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.2 Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
DEVASC Topics #4: Application Deployment and Security (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.3 Identify the attributes of these application deployment types
• 4.3.a Virtual machines
• 4.3.b Bare metal
• 4.3.c Containers
DEVASC Topics #4: Application Deployment and Security (15%)
Bare-
Metal
Virtual
Machines
Containers
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.4 Describe components for a CI/CD pipeline in application deployments
Continuous Integration, Continuous Deployment
DEVASC Topics #4: Application Deployment and Security (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.5 Construct a Python unit test
DEVASC Topics #4: Application Deployment and Security (15%)
myFruits = [{"type": "Orange", "count": 12 },{"type": "Banana", "count": 5 }
]
def getCount(fruit):for i in myFruits:
if i["type"] == fruit:return i["count"]
return False
import fruits
def test_getCount():
assert fruits.getCount("Orange") > 1
assert fruits.getCount("Banana") > 1
assert fruits.getCount("Cisco") == False
assert fruits.getCount("Cisco") == True
fruits.py fruits_test.py
c:\tmp>py.test
============================= test session starts =============================
platform win32 -- Python 3.6.5, pytest-5.3.2, py-1.8.1, pluggy-0.13.1
rootdir: C:\tmp
collected 1 item
fruits_test.py F [100%]
================================== FAILURES ===================================
________________________________ test_getCount ________________________________
def test_getCount():
assert fruits.getCount("Orange") > 1
assert fruits.getCount("Banana") > 1
assert fruits.getCount("Cisco") == False
> assert fruits.getCount("Cisco") == True
E AssertionError: assert False == True
E + where False = <function getCount at 0x0000024943C67F28>('Cisco')
E + where <function getCount at 0x0000024943C67F28> = fruits.getCount
fruits_test.py:7: AssertionError
============================= 1 failed in 10.99s ==============================
pip install pytest
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.6 Interpret contents of a Dockerfile
DEVASC Topics #4: Application Deployment and Security (15%)
FROM ubuntu:16.04RUN apt-get update -y && apt-get install -y python-pip python-devCOPY requirements.txt /app/requirements.txtWORKDIR /appRUN pip install -r requirements.txtCOPY . /appENTRYPOINT [ "python" ]CMD [ "app.py" ]EXPOSE 5000/tcp
Dockerfile
# Build a container:docker build -t myPythonWebApp:latest .# at this point you can push the container to a container Registry, similar like the “ubuntu:16.04”
# Run the container mapping the internal container port 5000 to local port 80:docker run -d -p 80:5000 myPythonWebApp
This becomes “infrastructure as a code”
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 4.10 Describe top OWASP threats (such as XSS, SQL injections, and CSRF)
DEVASC Topics #4: Application Deployment and Security (15%)
Src: https://xkcd.com/327/
Src: https://medium.com/iocscan/cross-site-request-forgery-csrf-f2134359a385
Src: https://www.geeksforgeeks.org/what-is-cross-site-scripting-xss/
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 5.1 Describe the value of model driven programmability for infrastructure automation
• 5.2 Compare controller-level to device-level management
• 5.3 Describe the use and roles of network simulation and test tools (such as VIRL and pyATS)
• 5.4 Describe the components and benefits of CI/CD pipeline in infrastructure automation
• 5.5 Describe principles of infrastructure as code
• 5.6 Describe the capabilities of automation tools such as Ansible, Puppet, Chef, and Cisco NSO
• 5.7 Identify the workflow being automated by a Python script that uses Cisco APIs including ACI, Meraki, Cisco DNA Center, or RESTCONF
• 5.8 Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)
• 5.9 Identify the workflow being automated by a bash script (such as file management, app install, user management, directory navigation)
• 5.10 Interpret the results of a RESTCONF or NETCONF query
• 5.11 Interpret basic YANG models
• 5.12 Interpret a unified diff
• 5.13 Describe the principles and benefits of a code review process
• 5.14 Interpret sequence diagram that includes API calls
DEVASC Topics #5: Infrastructure and Automation (20%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 5.4 Describe the components and benefits of CI/CD pipeline in infrastructure automation
DEVASC Topics #5: Infrastructure and Automation (20%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 5.5 Describe principles of infrastructure as code
DEVASC Topics #5: Infrastructure and Automation (20%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 5.8 Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)
DEVASC Topics #5: Infrastructure and Automation (20%)
---
- hosts: apache
tasks:
- name: install apache2
apt: name=apache2 update_cache=yes state=latest
- name: enabled mod_rewrite
apache2_module: name=rewrite state=present
notify:
- restart apache2
- name: apache2 listen on port 8081
lineinfile: dest=/etc/apache2/ports.conf regexp="^Listen 80" line="Listen 8081" state=present
notify:
- restart apache2
handlers:
- name: restart apache2
service: name=apache2 state=restarted
webserver.yml
# Run the playbook:
ansible-playbook webserver.yml
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• 6.1 Describe the purpose and usage of MAC addresses and VLANs
• 6.2 Describe the purpose and usage of IP addresses, routes, subnet mask / prefix, and gateways
• 6.3 Describe the function of common networking components (such as switches, routers, firewalls, and load balancers)
• 6.4 Interpret a basic network topology diagram with elements such as switches, routers, firewalls, load balancers, and port values
• 6.5 Describe the function of management, data, and control planes in a network device
• 6.6 Describe the functionality of these IP Services: DHCP, DNS, NAT, SNMP, NTP
• 6.7 Recognize common protocol port values (such as, SSH, Telnet, HTTP, HTTPS, and NETCONF)
• 6.8 Identify cause of application connectivity issues (NAT problem, Transport Port blocked, proxy, and VPN)
• 6.9 Explain the impacts of network constraints on applications
DEVASC Topics #6: Network Fundamentals (15%)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Break ;-)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
NetAcad Course Considerations
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Slides removed from this section due to an early design phase…
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Limited Availability Release
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Limited Availability
• Currently targeting: Summer 2020
• Goal:• Enable the early adopting instructor’s community
• Collect constructive feedback (ideas, comments, bugs, etc.) on course quality, structure, length, hands-on labs, learning outcomes, etc.
• Collect best practices from implementations
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How to Start Today?
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DevNet Associate (200-901) Exam Topics
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DevNet Associate (200-901) Exam Topics
CCNA
Covers many topics
including Python,
XML/JSON, APIs, REST,
YANG, NETCONF,
RESTCONF, DNA-C,
WebEx Teams
Are these already covered somewhere in NetAcad?
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DEVASC vs. ETWs
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ETWs
• 8h bite sized learning
• Hello world level
• Very hands-on workshops
• Little theoretical background
• Quick way to get excitement about APIs
• Goals:
• Expose CCNA students to single aspects of the Programmable Infrastructure
• Pave the way for the instructors towards the Programmable Infrastructure
• Our first offering in Programmable Infrastructure
ETWs vs. DEVASC
DEVASC course
• X hours full fledged course
• Certification aligned
• Theoretical deep-dive into various topics
• Lot of hands-on lab activities
• Project Based Learning framework
• Goals:
• Target new software audience, usable for CCNA students
• Get students ready to successfully pass the certification
• Our flagship offering in Programmable Infrastructure
*Direction Consideration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Q&A