6.7 Automation and Programmability — Comprehensive Review
Key Takeaways
- SDN separates control plane from data plane; the controller is the brain that programs network devices.
- Northbound APIs (REST) connect apps to the controller; Southbound APIs (NETCONF/RESTCONF) connect controller to devices.
- Ansible (agentless, SSH, YAML) is for Day-2 config management; Terraform (declarative, HCL) is for Day-0 provisioning.
- REST APIs use HTTP methods: GET=read, POST=create, PUT=update, DELETE=remove; responses are JSON.
- AI/ML in networking: predictive AI forecasts failures, generative AI creates configs, ML detects anomalies.
Automation and Programmability — Comprehensive Review
This review consolidates all automation topics into a quick-reference format for exam preparation.
Key Comparisons
Traditional vs. Controller-Based Networking
| Aspect | Traditional | Controller-Based (SDN) |
|---|---|---|
| Control plane | Distributed (each device) | Centralized (controller) |
| Configuration | CLI per device | API/policy-based |
| Scalability | Limited | Excellent |
| Consistency | Variable | High |
| Visibility | Per-device | Network-wide |
Ansible vs. Terraform vs. Puppet
| Feature | Ansible | Terraform | Puppet |
|---|---|---|---|
| Agent | Agentless (SSH) | Agentless (API) | Agent-based |
| Language | YAML | HCL | Puppet DSL |
| Model | Push, procedural | Declarative | Pull, declarative |
| State file | No | Yes | Yes (server) |
| Best for | Network config | Infrastructure provisioning | Server config |
TACACS+ vs. RADIUS
| Feature | TACACS+ | RADIUS |
|---|---|---|
| Protocol | TCP 49 | UDP 1812/1813 |
| Encryption | Full packet | Password only |
| AAA separation | Yes | No |
| Best for | Device admin | Network access (802.1X) |
Exam Quick Reference
SDN layers: Application → (Northbound API) → Controller → (Southbound API) → Infrastructure
HTTP methods: GET (read), POST (create), PUT (update/replace), PATCH (update/partial), DELETE (remove)
HTTP status codes: 2xx = success, 4xx = client error, 5xx = server error
JSON syntax: { } = object, [ ] = array, keys are strings in double quotes
Cisco DNA Center (Catalyst Center): Intent-based networking controller — automates provisioning, monitors with AI/ML, enforces policies
NETCONF vs. RESTCONF:
- NETCONF: Uses XML, SSH transport (TCP 830), YANG data models
- RESTCONF: Uses JSON or XML, HTTPS transport (TCP 443), YANG data models
On the Exam: The automation domain is 10% of the exam but is considered the "newest" material. Many candidates under-prepare for it. Focus on concepts: SDN layers and APIs, REST API methods, JSON reading, Ansible vs. Terraform differences, and AI/ML use cases. You won't need to write code, but you need to understand the concepts.
Which HTTP method would you use to create a new VLAN via a REST API?
Which tool uses YAML playbooks and connects to network devices via SSH without requiring agent software?
In the SDN architecture, which API direction connects applications to the controller?
A Terraform configuration defines "resource aws_vpc main" with a specific CIDR block. What happens if you run "terraform apply" twice without changing the configuration?
What is the difference between NETCONF and RESTCONF?
Cisco DNA Center (Catalyst Center) provides which type of networking?
You've completed this section
Continue exploring other exams