CDL - Section 12 - Automating Infrastructure Flashcards
What is SDN?
The desegregation of the Control, Data, and Management planes from a network device.
What is IBN?
A controller-led network that translates biz intent into policies that can be automated and applied across the network.
What is the difference between SDN and IBN?
SDN: Software-defined networks focus on how a specific set of network devices should operate
IBN: intent-based networks are focused on what must be done to get to the final goal or biz outcome
What is a Northbound Interface?
What is a Southbound Interface
NB - REST API facing outside the network so apps & services can interact with the Controller. Responsible for comms between SDN controller & the services that run over the network
SB - layer of device drivers that the SDN controller uses to interact with physical and virtual devices in the network.
What are some examples of a Southbound API?
○ OpenFlow - allows direct access to, and manipulation of, the forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based)
○ NETCONF - It provides mechanisms to install, manipulate, and delete the configuration of network devices via remote procedure call (RPC) mechanisms; encoded in XML
○ RESTCONF - adds a REST API to NETCONF
○ OpFlex - uses a declarative SDN model. The controller, which, in this case, is called by its marketing name (APIC), sends a more abstract policy to the network elements
§ The controller trusts the network elements to implement the required changes using their own control planes.
○ REST - SW architecture style of the internet
§ REST APIs allow controllers to monitor and manage infrastructure through the HTTP and HTTPS protocols, with the same HTTP verbs (GET, POST, PUT, DELETE, and so on) that web browsers use to retrieve web pages
What piece of HW makes IBN possible?
Next-gen, fully-programmable ASICs
Modern, programmable OS (like IOS-XE)
What is Infra as Code (IaC)?
Does it use CLI?
Allows you to identify the state or outcome, produce instructions on how to accomplish the desired state, and then reuse, repeat, and evolve the template to meet needs as the environment grows.
** IaC is a way of defining, managing, and interacting with your physical and virtual resources by using machine-readable configuration files and scripts instead of an interactive GUI or CLI **
REVIEW: Tools in IaC
OS: Linux, Ubuntu, Red Hat
Programming Language: Ruby, Python
Config Mgmt: Ansible, Chef, Puppet
Continous Integration: Jenkins, CircleCl
Version Control: GitHub, Git, GitLab, BitBucket
What is Terraform?
A tool created by Hashicorp to aid the provisioning of your infrastructure. It uses “execution plans” written in code. These execution plans outline what will happen to the physical/virtual infra when you run your code.
What is the difference between Ansible, Chef, and Puppet when it comes to config mgmt?
Ansible is agent-less.
Chef/Puppet - require an agent present on a managed host.
What is Ansible Tower?
The GUI that is used for managing Ansible; also gives people RBAC/limited access depending on their function
REVIEW: Ansible Playbook Terms
○ Ansible Config - the file that governs the behavior of all interactions performed by the control node
○ Inventory File - you define all the entities you want to manage i.e Groups, Hosts, etc.
○ Playbook - a file, written in YAML, that contains one or more Plays.
○ Modules - extension of what can be done on the remote devices; there are many module files that come with Ansible (750+). Code that’s ready to perform an action on a managed device.
§ modules can be thought of as a small program pushed to and run on the managed device to achieve the desired configuration state of that device
§ Ansible connects to the CLIENT that connects to the remote devices via SSH/NETCONF/REST/etc.
○ Task - an action referencing a module. Tasks run in the order that they appear.
○ Ansible Tower - the GUI that is used for managing Ansible; also gives people RBAC/limited access depending on their function
What is an Ansible Playbook?
What is it written in?
The orchestration mechanism of Ansible; allows you to use Ansible for automation at a large scale.
Playbooks are a simple human-readable text file in YAML format, with keywords that Ansible recognizes as instructions.
Can define the desired final state and also orchestrate operations across multiple nodes.
What is an Inventory File in Ansible?
A collection of all your hosts that are managed by Ansible.
It is a simple plaintext file where you specify your hosts, logical groupings, and special variables for Ansible itself.
Review: CI/CD Pipeline
A CI/CD pipeline is a process of adding quality control and assurance to the creation, collaboration, testing, and final delivery of scripted changes to the production environment.
