14. Cisco DNA Rest API Use
All right. So let me show you that how you can go and verify any of the API. So, once I log in inside the DNA here you can see the dashboard and it’s quite robust. You can go deep inside the DNA dashboard and you can see so many things here. So, what we want to do here that first of all, let me show you that where we’ll get the information about the API. So here you can go to the document section. Here you can see that you have the API references. You can open this particular page and you can get the information about the API. Let me open this and let me show you this particular page that once you open how it looked like. So here you can see that and develop by DevNet.
And then you can go and see the intent based APIs. And there are so many revisits and you can learn a lot from this place. So you have the sta APIs, how it is going to work, what are the methods we have like post, get, delete, et cetera. Each and everything you can go and understand from here in detail. So this is the documentation page for the DNA API. All right? So let me walk you through that. If you are doing this first time from where you have to go to enable it and then how to use it. So for that reason you can go and check the platform. Once you are inside the platform here you can see that you have the bundle. Now, in the bundle you can see bundles are easy to use feature set for consuming intent based API. So if you go and click there now here you can see that suppose your API Rest API is not active.
So what you have to do, you’ll get one button called enable. You can click there and it will get enabled. So for example, it ism service now is not enabled and other integrations are also going to see that not enabled. But our Restful API is enabled. If it is not, you can go and click Enable it now, once you do the enablement, then on the top you can see that you have the manage bundles and configuration. You can just go and verify the configuration as well. But if you want to check the Rest API, so for that you have to go inside the developer toolkit. Here you can see that you have the developer toolkit and API. You can go there and then you will get the Restful API related to authentication, know your network, site management, connectivity, operation, task policy, etcd. So suppose if I go here and click Know your Network and inside Know Your Network, you can go and check the site to policy, device, clients, user, et cetera, the site management. You can go and check the site management related stuff in policy. You can go and check the policy related stuff again you can see the color coding is also there. And that’s true for all these methods in most of the API runner. So for example estimated we have swagger where we are running the APIs. So here you can see that the green yellow forget and then put and then post and delete the red. Okay. So what I want suppose I want to know my network. And say for example if I go to topology inside topology. I want to know that what type of Vlanc I have. So here you can see this particular API will run. Let me go back. So here you can see that you have this get the VLAN. You can go and click here to this blue get VLAN detail. Or you have three dots. You can go here and then try it. Both is okay.
You can go to any of the place and click it. So now you can see that the public URL and you want to run this API. And success code is 200. That means correct. And then you are getting the response. So all the VLAN in your infrastructure you are able to get from here. If I go and click here also. So here you can see that this is the API. And again it is telling all these quotes that we have seen earlier. Then here you can see that root map option response and version. So here we have little bit much more output. And that is adding the moduleless schemas as well. Now again if you run it will go and reach to this place and you’ll get the output. So this is the way that we can go and execute the API. And we can go and check all different methods as well.
15. Embedded Event Management
Next important topic, we have event management. Now, this event management is actually onbox so that’s why it is embedded event management. What does it mean by onbox automation and the offbox frequency say onbox means that my device or my operating system has the cap capability to do n number of tasks. And yes, you can see that we can go and use TCL script, em scripts, we can write, we have POAP Power, on auto provisioning, smart install micros also people are using micros a lot and then the embedded Python programming as well. Whereas we can go and integrate with Rest, API, Rest, on STK software development kits, devop tools and Linux as well.
So both the features are there. But at this point of time suppose if you don’t have off box capability, even sister devices has that much capability and power that we can go and do the script and we can write the scripting. The important thing here is that when we are writing this script, say for example embedded event management script, what are the benefits we have? How we are going to get benefit from this? Here you can see that now the Em is quite powerful and we have more than 20 different type of events. Based upon that we can go and write the scripts.
So what does it mean? Before dealing more about this, let’s try to understand the architecture, let’s try to understand some more terms about Am. So first of all, and this is one of the most important thing we should understand that the architecture. So when we are talking about architecture, first thing we know that this is onbox, that is within the box, within the device first thing. Now this is modular and it consists of event detector. Event detector means that whenever you’re writing the Em script via CLI and second point is the CLI interface. So whenever you’re writing the script via the CLI interface or you are taking help from TCL language or tickle at that time based on event detector.
So what type of event detectors we have? For example based on syslog messages, based on certain other events nowadays we have 20 plus events. So let me quickly show you the events which you can go and write the program. So here you can see syslog timer, goal, XML, RF, SNMP, IPSLA, Oar, counter et cetera. So on the basis of these we can go and write the Em script. Now, those are termed as event detector. Then we have event manager server as well. And then the action that we are putting, those are called as a policy. So three terms event detector, event manager server and the policy. Detector, server and policy. We can go and use the CLI interface to write the policy. We have the policy scheduler as well means when this event will go and trigger and you may have multi threading triggers as well. So for example, high CPU case. Now it is reported that in a day two or three times the CPU of that particular device is going high or there is a spike. Now, it’s very difficult for engineer that you are there and you’re checking the device all the time. So when the CPU spike will come, you’ll go and run some commands and you’ll get the output rather than related to high CPU commands. So for example, four to five important commands we can put inside em script. Whenever the system will trigger a syslog message like ICPU at that time that script will run, it will execute three or four commands. Those commands will go store inside the file that you can go and use it for the travel serving purpose. Correct? Now we have lot much enhancement inside em script.
So we have enhancement in EEM email action, EEM security enhancement supporting MD five Shah one with the tickle policy. So we have the checksum, then we have enhancement in the resource management. So manually set the CPU memory EMQ thresholds. We have enhancement in the detectors as well. So more and more detector has been added. So for example IPV six routing event detector, syslog event detector and others as well. And now we have the em usability enhancement as well. So you can go and write, you can put those em script as per the use case. There is again one very important use case we have related to say for example security and Ice. The few of the customer they are writing em script. Suppose we know that Ice how it works.
You do the authentication and then you get the authorization. Suppose if your Ice server is unavailable at that time because you haven’t done the authentication, you’ll not get the authorization. So you can write a script that once the Ice is unavailable, so you can use IPS to check the ice is up or not. Suppose if it is down for example, or it’s not down, but unreachable for five to 10 seconds. Then automatically the ACS that we have over the interfaces, they will give, allow or permit any any. So again condition based policies and rules we can go and write depending upon what type of use case and what type of problem or troubleshooting we are doing it.
Now, here in the diagram you can see the architecture that we have the detectors, we have event management server inside that container we have application event detector, event detector again going to iOS subsystem. We can go and use TCL or tickle to create em script. Or we have option that directly. We can go and use the EMP climb policy that we are going to do in the next session. So let’s stop here and next section will go and create one high CPU related policy. To learn more, to understand more about em scripts.
16. Embedded Event Management Lab
We are going to understand one of the use case. So for example, in case of ICPU, so I’m going to write to a script. And in this case here you can see that the threshold is set to 80. Here it should be the production threshold. But in my case, I’ll make this 20 so I can get the alert. So once I get the alert, first of all, what type of alert I’m going to get. So I’ll get one syslog message like CPU rising threshold. Let me show you the diagram. First say I have only one switch here connected in the GNS. And then what I have done that I have used this configuration. So if you use this configuration, that means it will go and generate the Syslog message.
So I’m going to use this particular Syslog message to write my em script. So here you can see that I have this Syslog message and it should start with this. That’s the percentage. So here you can see that this is the Syslog pattern. What will happen? At the moment I will detect this. At the moment the system will detect this. So this em script will go and give message that high CPU detected. Then the device itself will enable. It will go and write these commands show process CPU sorted, CPU monitor, CPU history, CPU sorted, excluding zero, zero extended history, et cetera. And then these things will be go and it will write over flash and this CPU text file that again we can go and check.
Now the use case is this, that this will happen at the time of trigger and what is the trigger and what is the detector? Detector is Syslog. Syslog will generate message and then this script will go and run correct. So let me copy and paste this configuration to the switch. I’ll go to the switch and here we can go and write this. Now I should have all these commands configuration that we are putting here supported in the device. Now what will happen? We’ll wait for next trigger. So at the moment the trigger will happen, you will see that all those configurations will be written over Flas and the CPU hicpu TXT. Now, if I go and check the flash now, say for example show flash and include high. So at the moment I don’t have any trigger. And that’s the reason we don’t have this file there I CPU kits. Now we can go and check. So process CPU started. What’s the CPU? Okay, CPU spike is 1 minute 34%, five minute 30% more than that. And what’s the condition that we have put that we can go and check? Sure. And section process. Alright. So here you can see that CPU process total rising 20%. And then all the process related command that we have given inside the em script, it is like this. Okay, so let’s wait for the trigger. So although we are waiting and trigger is not coming. So what I will do, I’ll go and change the process CPU so you can see the command as well threshold and then when it is asking about type, I can go and give process related rise say rising 20 interval.
I can go and give five is the minimum enter instead of giving total, total means that it was two major process plus interrupt means the hardware process and then the traffic that was the interrupt. So High CPU, you can think that two function or two component. Whenever we are measuring the High CPU, if you go and put total here so it will calculate both the things, it will calculate the interrupt plus the process and then it will give the output. Now here you can see that high CPU has been detected. Here you can see 64%, ten, et cetera. So one is the process, other one is the interrupt process and interrupt. Now if you go and check show flash and the high. So we should have that text file in the yes you can see text file in the flash and then if you want to check that so we can go and check high CPU like this which is the trigger. Iuse having this much different processes are there so that’s the one output further we can go and check the others as well. So whatever we have put inside the em script, you can go here and check and then at least we can get the idea that what happened to trigger this particular event. So which particular process or maybe interrupt causing to trigger this event? All right, that’s the way we can run this event.
You can also practice this in your GNS environment. And I have taken only one switch, but you can create one loop related to Http or maybe so many SNMP Paul or maybe some sort of Dos attack related to traffic or maybe VGP high traffic utilization. Those things can be simulated and then you can check that which particular process or interrupt is causing the problem in the lab environment. All right, so let’s stop here.
17. Agent vs Agentless Tools
This is the last session for this particular course. We have to understand the agent and agent tool such as safe puppet ansible and solidstrack. So let’s start understanding this thing. Before understanding this, let’s quickly do the revision that what about the other aspect to configuring the device? So we know that we started our career as a CLI network engineer. So we used to type the commands, copy paste in the notepad and then creating same type of configuration, changing certain IP interfaces et cetera. And then we are putting that notepad configuration to rest of the devices. Then there is evolution of GUI. So for example one of the good example for GUI based networking device is for example Sysqua Ice or maybe as a firewall ASDM those are very popular.
And now if you compare the security appliances related to networking router and switch devices, you’ll find that in security appliances you have to do so many things that are very difficult to do via claim. It’s time consuming and there are chances of error as well. So then there is evolution of GUI. If you see in the market at present, you’ll find that few of the vendors even though they are not supporting CLI so for example VMware VeloCloud, there you have option either you can configure via GUI or API, those options are there. So like that the evolution of networking happened that we moved from CLI to GUI and API. And now when we are talking about API then we have the integration with third parties as well. Now these API, they can use the methods such as Sshttp or Https to manage the devices.
And when we are managing the devices with the API the biggest advantage we have is that we can manage any number of devices with same type of API or same type of calls or the routine calls et cetera. That is although it’s not possible with the CLI because whenever we are talking about CLI the scale is missing, the scalability factor is not there in CLI. So that’s why the company’s organization enterprise network they are looking for the solution where the scale will be there. Now in the same line we’ll find that again there are several evolution. So there is evolution in the virtualization world. Here you can see in the list that we have enterprise system operations.
Say, for example, VMware v center. Microsoft System Center. We realize BMC, HP what is happening that we have the orchestration tool you can say or you can say the management tool to manage the virtual system or virtual machine. So for example VMware V Center where you have the hypervisors again I’ll go back. So the physical system on top of that you have hypervisor, on top of that you can have guest operating system. Now suppose if you have N number of infrastructure like this, then you can go and manage VMware V Center. So from VMware we manage V Center you can go and manage N number of ESXi. Now this in should be some limited number, but you can manage more number of systems, likewise Microsoft or Viral.
Now this is the enterprise system operation. Then on the other hand, if you go and check Cisco solution, cisco has their own Cisco ACI application centric infra to do the automation for the data center. Then SBN controllers. Then Cisco has one automation engine. Then we have NSO Network Service Orchestration. Then we have application policy infra, we have a PCM. These are the Cisco solutions that we have means to overall manage everything from the either GUI or API. All options are there. Then here in the bottom you can see that we have open source software as well. And they are also big and popular. So we have Ansible, which is very easy to understand and do the configuration. Puppet Chef, salt stack. Python ruby, these are come under open source software. Now, the important category here is that we have agents versus agent list orchestrator or management tool.
Now what is agent based? So here you can see the Puppet Chef and soil stack. Actually they are agent based tool. So how they are working is that you have service. So you have service somewhere and then you have a small agent located at different locations. Now, when we are having agents at different different locations, so those agents, they are local obviously. And they are taking the configuration, they are taking the management things, they are taking the stuff, they are taking the input. Now those agents at different locations, they are going to communicate with the server. And as for the server programming, as for the server rulebase, they will go and react.
Now that rulebase that we have in the server in terms of programming language and here the programming language is Ruby, R-U-B-Y. They are generally termed as a cookbook. So here you can see that the agent would be running on all servers which have to configure it. The agent will pull the cookbook from the masters. So you have created the policy to the master and masters. So all the agents will go and push the rulebook or the cookbook or policy from the master and then they can react. Now you can find there is community also and the URL link also. If you want to know and learn more about Safe, you can go and check. Now the next similar type of orchestration or management tool we have is Puppet. Puppet is also Ruby based.
So what’s the difference between Safe and Puppet is that Safe cookbooks are more developer centric while Puppet is developed by keeping system admins in mind. So in case of manageability you’ll find Puppet is managed or the system admins in mind. While they wrote this Puppet orchestration tool. Now both the Puppet and SIF, they are based on agent and server. So agents will go actually and pull the cookbook or playbook or the policy from the Master and then they will work again.
For more information, you can go and check the Puppet Forge. Or these are the links again. The third thing is the salt strap. Now here you can see Puppet and safe and Puppet. Salt is doing the same thing. Same manner means the architecture is same. But there is one big difference in this. Instead those agents, they are going and asking or they are pulling the cookbook from the Master. Now here there is freedom for the agents that they can go and contact with other agents as well. And they can pull the cookbook or the rulebook from the other agents as well. So what does it mean? It means that the Safe and Puppet, they are very much have an spoke type of architecture.
But when we are talking about Salt Stack, this is something like full mesh any to any type of architecture. So any spoke can communicate with any other spoke and take the information. And that’s why Salt Stack is very fast with compared to Puppet and Chef. Now, the final orchestration tool we have here is the Ansible. This is also one of the popular tool, orchestration or management tool we have. Ansible is one of the programming language like Python. But it’s quite popular because it’s very easy. It’s using YAML format, yet another Markup language to do the configuration, to do the programming. And the difference between Puppet Shift and solidstrack is that the Ansible is endless. Since this is a list, that means it’s lightweight and you can see the use cases with Ansible. That Ansible is also supporting n number of vendors. Since it’s multi vendor supported. And it’s very lightweight, it’s very easy to use, it’s very easy to code, and that’s the popularity of ansible ancient is quite a popular orchestration and management tool. All right, so let’s stop here.
