DevNet Associate Readout · 1/31/2020 · • 1.6 Identify the advantages of common design patterns (MVC and Observer) • 1.7 Explain the advantages of version control • 1.8 Utilize

Emerging Technologies team

21st January 2020

#CLEUR 2020

Technical Workshop NetAcadDEVNET ASSOCIATE Course

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Workshop Agenda

• The Why

• Business Drivers

• The What

• New DevNet Associate Software Topics

• The How

• NetAcad Course

• Limited Availability release

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Software defined solutions


“The Cisco Certified DevNet Associate is an individual

who performs an entry-level developer role

on Cisco platforms.”

Certified DevNet Associate


• Reduce Operation Cost (Opex)

• Increase speed/agility

• Reduce errors

• Increase Compliance

Create Network and IT Automation

Workflow

Automation Business relevance


• Create solutions for specific customers or market.

• Partner Increase revenue

• Reduce customer churn

App development Business relevance

Develop 3rd Party Solutions Built on Cisco Platforms


The IT Teamof the Future

World ofNetwork Engineers

World ofSoftware Developers


Real World

Examples of

Network

Programmability

and APIs© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential


4 Network Programmability Use-Cases

2 41 3

Automation

Disable all network

access ports after 30

days of inactivity.

Troubleshooting

CyberOps request

“Where is 10.1.2.3 in our

network?”

Restore manager’s

access - “err-disabled”

port.

Integrations

Implement a new network

change request

#NetDevOps


The IT Teamof the Future

World ofNetwork Engineers

World ofSoftware Developers


DevNet

Certifications



DevNet Associate Certification Topics – Quick Look


1. Software Development and Design (15%)

2. Understanding and Using APIs (20%)

3. Cisco Platforms and Development (15%)

4. Application Deployment and Security (15%)

5. Infrastructure and Automation (20%)

6. Network Fundamentals (15%)

DevNet Associate Topics

“The exam tests a candidate's knowledge of

software development and design including

understanding and using APIs, Cisco platforms

and development, application development and

security, and infrastructure and automation.”








DEVASC Topics - Known








DEVASC Topics - New


• 1.1 Compare data formats (XML, JSON, and YAML)

• 1.2 Describe parsing of common data format (XML, JSON, and YAML) to Python data structures

• 1.3 Describe the concepts of test-driven development

• 1.4 Compare software development methods (agile, lean, and waterfall)

• 1.5 Explain the benefits of organizing code into methods / functions, classes, and modules

• 1.6 Identify the advantages of common design patterns (MVC and Observer)

• 1.7 Explain the advantages of version control

• 1.8 Utilize common version control operations with Git• 1.8.a Clone

• 1.8.b Add/remove

• 1.8.c Commit

• 1.8.d Push / pull

• 1.8.e Branch

• 1.8.f Merge and handling conflicts

• 1.8.g diff

DEVASC Topics #1: Software Development and Design (15%)




JSONXML

YAML

• TAGs vs. Keys in double quotes, values and [ and { vs. Indentation













import yaml

def getDataFromYaml(file):

text = open(file).read()

data = yaml.safe_load(text)

return data

for f in ["data1.yaml", "data2.yaml"]:

print("Loading file {}.".format(f))

data = getDataFromYaml(f)

print("Datatype is: {}".format(type(data)))

print(data)



DEVASC Topics #2: Understanding and Using APIs (20%)

import json

import yaml

myFruits = [

{"type": "Orange", "count": 12 },

{"type": "Banana", "count": 5 }

]

print("Type of myFruits = {}".format(type(myFruits)))

print(myFruits)

open("data.json", "w").write( json.dumps(myFruits) )

open("data.yaml", "w").write( yaml.dump(myFruits) )

text = open("data.json").read()

data = json.loads(text)

print("Type of data = {}".format(type(data)))

print(data)

text = open("data.yaml").read()

data = yaml.safe_load(text)


print(data)

• import json• import yaml

• json.dumps( data )• Returns a text json representation of

the data• yaml.dump( data )

• Returns a text yaml representation of the data

• json.loads( text )• Tries to load text as json and returns a

python data structure• yaml.safe_load( text )

• Tries to load text as yaml and returns a python data structure




import dicttoxml # pip install dicttoxml

import xmltodict # pip install xmltodict

import xml.etree.ElementTree as ET

myFruits = [

{"type": "Orange", "count": 12 },

{"type": "Banana", "count": 5 }

]

print("Type of myFruits = {}".format(type(myFruits)))

print(myFruits)

open("data.xml", "wb").write(

dicttoxml.dicttoxml(myFruits, attr_type=False) )

# xmltodict

text = open("data.xml").read()

data = xmltodict.parse(text)


print(data)

print(data['root']['item'][0]['type'])

print(data['root']['item'][0]['count'])

# ElementTree

xml = ET.parse("data.xml")

root = xml.getroot()

print("Type of xml = {}".format(type(xml)))

print("Type of root = {}".format(type(root)))

print(root)

for elem in root:

for subelem in elem:

print("{} = {}".format(subelem.tag, subelem.text))

allItems = root.findall("item") #

https://docs.python.org/3/library/xml.etree.elementtree.html#elementtree

for item in allItems:

typeTag = item.find("type")

countTag = item.find("count")

print(typeTag.text)

print(countTag.text)

# think about NameSpaces, etc.


• 1.3 Describe the concepts of test-driven development


“make sure code performs required tasks correctly, giving back expected results in response to all inputs, without compromising solution stability, performance, or security, or causing other troublesome side effects”

Testing:• Unit testing (such as, classes, methods, functions, libraries, and so on) • Integration testing• Functional testing


• 1.4 Compare software development methods (agile, lean, and waterfall)


SDLC

“set of rules, steps, roles and principles”

• Waterfall

• Agile

• Lean


• 1.5 Explain the benefits of organizing code into methods / functions, classes, and modules



• 1.6 Identify the advantages of common design patterns (MVC and Observer)


MVC Observer


• 1.8 Utilize common version control operations with Git


git config --global user.name “Jozef J”

git config --global user.email “[email protected]”

git init

• Setup a local git repository

git add <files…>

• Add files to be tracked in the repository

git rm <files…>

• Remove files from the repository tracking

git commit –m “description of the commit”

• Commit the changes

git push

• Send local repository to remote server

git pull

• Pull data from the remote server

git diff

• Display the differences since last commit


• 1.8 Utilize common version control operations with Git


Branching and Merging

git branch <name>

• Send local repository to remote server

git checkout <branch name>

• Pull data from the remote server

git merge <branch name>

• Merge files into the current branch


• 2.1 Construct a REST API request to accomplish a task given API documentation

• 2.2 Describe common usage patterns related to webhooks

• 2.3 Identify the constraints when consuming APIs

• 2.4 Explain common HTTP response codes associated with REST APIs

• 2.5 Troubleshoot a problem given the HTTP response code, request and API documentation

• 2.6 Identify the parts of an HTTP response (response code, headers, body)

• 2.7 Utilize common API authentication mechanisms: basic, custom token, and API keys

• 2.8 Compare common API styles (REST, RPC, synchronous, and asynchronous)

• 2.9 Construct a Python script that calls a REST API using the requests library



• 2.8 Compare common API styles (REST, RPC, synchronous, and asynchronous)


synchronous asynchronous


• 3.1 Construct a Python script that uses a Cisco SDK given SDK documentation

• 3.2 Describe the capabilities of Cisco network management platforms and APIs (Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, and NSO)

• 3.3 Describe the capabilities of Cisco compute management platforms and APIs (UCS Manager, UCS Director, and Intersight)

• 3.4 Describe the capabilities of Cisco collaboration platforms and APIs (Webex Teams, Webex devices, Cisco Unified Communication Manager including AXL and UDS interfaces, and Finesse)

• 3.5 Describe the capabilities of Cisco security platforms and APIs (Firepower, Umbrella, AMP, ISE, and ThreatGrid)

• 3.6 Describe the device level APIs and dynamic interfaces for IOS XE and NX-OS

• 3.7 Identify the appropriate DevNet resource for a given scenario (Sandbox, Code Exchange, support, forums, Learning Labs, and API documentation)

• 3.8 Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment

• 3.9 Construct code to perform a specific operation based on a set of requirements and given API reference documentation such as these:

• 3.9.a Obtain a list of network devices by using Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, or NSO

• 3.9.b Manage spaces, participants, and messages in Webex Teams

• 3.9.c Obtain a list of clients / hosts seen on a network using Meraki or Cisco DNA Center

DEVASC Topics #3: Cisco Platforms and Development (15%)


• 4.1 Describe benefits of edge computing

• 4.2 Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)

• 4.3 Identify the attributes of these application deployment types

• 4.3.a Virtual machines

• 4.3.b Bare metal

• 4.3.c Containers

• 4.4 Describe components for a CI/CD pipeline in application deployments

• 4.5 Construct a Python unit test

• 4.6 Interpret contents of a Dockerfile

• 4.7 Utilize Docker images in local developer environment

• 4.8 Identify application security issues related to secret protection, encryption (storage and transport), and data handling

• 4.9 Explain how firewall, DNS, load balancers, and reverse proxy in application deployment

• 4.10 Describe top OWASP threats (such as XSS, SQL injections, and CSRF)

• 4.11 Utilize Bash commands (file management, directory navigation, and environmental variables)

• 4.12 Identify the principles of DevOps practices

DEVASC Topics #4: Application Deployment and Security (15%)








• 4.3 Identify the attributes of these application deployment types

• 4.3.a Virtual machines

• 4.3.b Bare metal

• 4.3.c Containers


Bare-

Metal

Virtual

Machines

Containers


• 4.4 Describe components for a CI/CD pipeline in application deployments

Continuous Integration, Continuous Deployment



• 4.5 Construct a Python unit test


myFruits = [{"type": "Orange", "count": 12 },{"type": "Banana", "count": 5 }

]

def getCount(fruit):for i in myFruits:

if i["type"] == fruit:return i["count"]

return False

import fruits

def test_getCount():

assert fruits.getCount("Orange") > 1

assert fruits.getCount("Banana") > 1

assert fruits.getCount("Cisco") == False

assert fruits.getCount("Cisco") == True

fruits.py fruits_test.py

c:\tmp>py.test

============================= test session starts =============================

platform win32 -- Python 3.6.5, pytest-5.3.2, py-1.8.1, pluggy-0.13.1

rootdir: C:\tmp

collected 1 item

fruits_test.py F [100%]

================================== FAILURES ===================================

________________________________ test_getCount ________________________________

def test_getCount():

assert fruits.getCount("Orange") > 1

assert fruits.getCount("Banana") > 1

assert fruits.getCount("Cisco") == False

> assert fruits.getCount("Cisco") == True

E AssertionError: assert False == True

E + where False = <function getCount at 0x0000024943C67F28>('Cisco')

E + where <function getCount at 0x0000024943C67F28> = fruits.getCount

fruits_test.py:7: AssertionError

============================= 1 failed in 10.99s ==============================

pip install pytest


• 4.6 Interpret contents of a Dockerfile


FROM ubuntu:16.04RUN apt-get update -y && apt-get install -y python-pip python-devCOPY requirements.txt /app/requirements.txtWORKDIR /appRUN pip install -r requirements.txtCOPY . /appENTRYPOINT [ "python" ]CMD [ "app.py" ]EXPOSE 5000/tcp

Dockerfile

# Build a container:docker build -t myPythonWebApp:latest .# at this point you can push the container to a container Registry, similar like the “ubuntu:16.04”

# Run the container mapping the internal container port 5000 to local port 80:docker run -d -p 80:5000 myPythonWebApp

This becomes “infrastructure as a code”


• 4.10 Describe top OWASP threats (such as XSS, SQL injections, and CSRF)


Src: https://xkcd.com/327/

Src: https://medium.com/iocscan/cross-site-request-forgery-csrf-f2134359a385

Src: https://www.geeksforgeeks.org/what-is-cross-site-scripting-xss/

https://xkcd.com/327/

https://medium.com/iocscan/cross-site-request-forgery-csrf-f2134359a385

https://www.geeksforgeeks.org/what-is-cross-site-scripting-xss/


• 5.1 Describe the value of model driven programmability for infrastructure automation

• 5.2 Compare controller-level to device-level management

• 5.3 Describe the use and roles of network simulation and test tools (such as VIRL and pyATS)

• 5.4 Describe the components and benefits of CI/CD pipeline in infrastructure automation

• 5.5 Describe principles of infrastructure as code

• 5.6 Describe the capabilities of automation tools such as Ansible, Puppet, Chef, and Cisco NSO

• 5.7 Identify the workflow being automated by a Python script that uses Cisco APIs including ACI, Meraki, Cisco DNA Center, or RESTCONF

• 5.8 Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)

• 5.9 Identify the workflow being automated by a bash script (such as file management, app install, user management, directory navigation)

• 5.10 Interpret the results of a RESTCONF or NETCONF query

• 5.11 Interpret basic YANG models

• 5.12 Interpret a unified diff

• 5.13 Describe the principles and benefits of a code review process

• 5.14 Interpret sequence diagram that includes API calls

DEVASC Topics #5: Infrastructure and Automation (20%)


• 5.4 Describe the components and benefits of CI/CD pipeline in infrastructure automation



• 5.5 Describe principles of infrastructure as code



• 5.8 Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)


---

- hosts: apache

tasks:

- name: install apache2

apt: name=apache2 update_cache=yes state=latest

- name: enabled mod_rewrite

apache2_module: name=rewrite state=present

notify:

- restart apache2

- name: apache2 listen on port 8081

lineinfile: dest=/etc/apache2/ports.conf regexp="^Listen 80" line="Listen 8081" state=present

notify:

- restart apache2

handlers:

- name: restart apache2

service: name=apache2 state=restarted

webserver.yml

# Run the playbook:

ansible-playbook webserver.yml


• 6.1 Describe the purpose and usage of MAC addresses and VLANs

• 6.2 Describe the purpose and usage of IP addresses, routes, subnet mask / prefix, and gateways

• 6.3 Describe the function of common networking components (such as switches, routers, firewalls, and load balancers)

• 6.4 Interpret a basic network topology diagram with elements such as switches, routers, firewalls, load balancers, and port values

• 6.5 Describe the function of management, data, and control planes in a network device

• 6.6 Describe the functionality of these IP Services: DHCP, DNS, NAT, SNMP, NTP

• 6.7 Recognize common protocol port values (such as, SSH, Telnet, HTTP, HTTPS, and NETCONF)

• 6.8 Identify cause of application connectivity issues (NAT problem, Transport Port blocked, proxy, and VPN)

• 6.9 Explain the impacts of network constraints on applications

DEVASC Topics #6: Network Fundamentals (15%)


Break ;-)


NetAcad Course Considerations

*Direction Consideration


Slides removed from this section due to an early design phase…



Limited Availability Release



Limited Availability

• Currently targeting: Summer 2020

• Goal:• Enable the early adopting instructor’s community

• Collect constructive feedback (ideas, comments, bugs, etc.) on course quality, structure, length, hands-on labs, learning outcomes, etc.

• Collect best practices from implementations



How to Start Today?


DevNet Associate (200-901) Exam Topics


DevNet Associate (200-901) Exam Topics

CCNA

Covers many topics

including Python,

XML/JSON, APIs, REST,

YANG, NETCONF,

RESTCONF, DNA-C,

WebEx Teams

Are these already covered somewhere in NetAcad?


DEVASC vs. ETWs



ETWs

• 8h bite sized learning

• Hello world level

• Very hands-on workshops

• Little theoretical background

• Quick way to get excitement about APIs

• Goals:

• Expose CCNA students to single aspects of the Programmable Infrastructure

• Pave the way for the instructors towards the Programmable Infrastructure

• Our first offering in Programmable Infrastructure

ETWs vs. DEVASC

DEVASC course

• X hours full fledged course

• Certification aligned

• Theoretical deep-dive into various topics

• Lot of hands-on lab activities

• Project Based Learning framework

• Goals:

• Target new software audience, usable for CCNA students

• Get students ready to successfully pass the certification

• Our flagship offering in Programmable Infrastructure



Q&A

Documents

DevNet Associate Readout · 1/31/2020 · • 1.6 Identify the advantages of common design patterns (MVC and Observer) • 1.7 Explain the advantages of version control • 1.8 Utilize