CCNA certification prep: Automation and programmability
What percentage of the exam focuses on automation and programmability?
The Automation and Programmability section is the smallest section, covering 10% of the CCNA exam. These topics appear in the CCNA exam for the first time in this version.
What topics are covered in this section of the exam?
The topics covered in this section introduce the concept of controllers, explain the difference between traditional networks and controller-based networks and provide an explanation of overlay, underlay and fabric that are used in software-defined networks. In addition to this, knowledge of REST APIs and various configuration management tools is required in order to succeed.
High-level overview of automation and programmability topics
How automation impacts network management
You will need to know the three planes that are used to describe how programmability works:
- Data plane
- Control plane
- Management plane
A few points are covered in this section:
- Data created by the controllers allows us to automate tasks
- With the help of new operational models, the configuration and operation of the devices becomes less prone to errors
- Collected data at the controller level allows advanced analytics processing, revealing clearer behavior of the network
- Reduced time to implement a new project
Traditional vs. controller-based networking (including SDN overview)
When a controller is used, these concepts appear:
- Southbound interface: The interface that the controller is using to reach network devices
- Northbound interface: This is the interface through which the controller is accessed so that its data is processed by other analytics/reporting/logging tools
Be aware of these three potential Cisco models:
- Software-Defined Access (SDA)
- Software-Defined WAN (SDWAN)
- Application-Centric Infrastructure (ACI)
Some advantages of controller-based networks are:
- Allowing the configuration of the network rather than per-device configuration
- Allowing automation through northbound APIs
- Allowing device configuration and operation through southbound APIs
Make sure you understand these terms:
- Overlay: The mechanisms used to create the VXLAN tunnels that transport the traffic between endpoints
- Underlay: The network of devices that provide IP connectivity between the nodes of the fabric
- Fabric: The combination of the underlay and overlay
Traditional vs. Cisco DNA Center-enabled device management
This section covers the Cisco SDA architecture and its components.
The underlay network has devices with the following roles:
- Fabric edge node: The device that is connected to endpoints
- Fabric border node: A device that connects the fabric with the outside world
- Fabric control node: A device that performs control plane functions for the underlay
For the overlay, you will need to know about:
- Data plane:
- VXLAN tunneling
- VXLAN encapsulation
- Control plane:
Also, you will need to know the roles that the DNA Center has:
- Controller in a network that uses Cisco SDA
- Management platform for traditional network devices
You have to know some of the differences between traditional management platforms and the Cisco DNA Center:
- Encrypted traffic analysis
- Device 360 and Client 360
- Network time travel
- Path trace
REST-based APIs (with interpreting JSON data)
This section covers topics as API, REST and JSON. You should be familiar with the attributes of the REST APIs. Among the three most important are:
- Client-server architecture
- Stateless operation
To be able to understand REST, make sure you are familiar with various types of variables: simple, list and dictionary.
The CCNA exam covers REST-based APIs that are based on HTTP, thanks to the similarity of the HTTP principles that are similar to the aforementioned REST attributes.
While some of the REST verbs name are self-descriptive, make sure you thoroughly understand the following concepts:
- POST: Create new data structures and variables
- GET: Read variables values
- PUT: Update or replace values of variables
- DELETE: Delete variables
Going further, you should know the components of an URI (Uniform Resource Identifier): protocol, hostname, path and query.
Among the data serialization languages, only JSON is covered on the CCNA exam. However, you should be aware that there are more, such as XML and YAML. For JSON, you should know how to interpret the key:value pairs, objects and arrays and how they interact between each other.
Configuration management tools: Chef, Ansible, Puppet
This section covers some of the most popular configuration management tools. All of the below are software packages and each of them have their own specifics in terms of:
- The file that lists the actions
- Protocol to reach the network device
- Agent or agentless model
- Push or pull model
Remember that Ansible uses an agentless architecture (you do not need to install anything on the managed device). The interaction between Ansible and the device happens over ssh/netconf. It uses a push model. Some of the files used by Ansible are:
Remember that Puppet uses a pull model and supports both agent-based and agentless architecture. Some of the files used by Puppet along with various components are:
- Resource, class, module
Keep in mind the difference between imperative language (that Ansible uses) and the declarative language (that Puppet uses).
Make sure you understand the difference between various deployment modes: client-server and chef zero.
Some of the files used by Puppet along with various components are:
Chef uses an agent architecture only and, just like Puppet, uses a pull model.
Where should I focus my study time?
The topics are new in the CCNA exam and the meat of the exam is still the traditional routing and switching basics. For the exam, detailed knowledge on these topics is not required. However, you will need to know about JSON, configuration management tools and REST. As for the DNA Center, it should be enough to know the components and how the control and data planes work.
This section is pretty light, compared to the other sections of the exam. However, it opens up a new world that, until this new version of the exam, was a cryptic and unknown world to network engineers.
As the networks become bigger and more complex and it is required to know precisely what traffic passes through the network, automation and programmability will become a major part of the day-to-day job of a network engineer.