Chap 29 - Introduction to Automation Tools Flashcards

Question 1

Q

What is EEM?

Answer

A

Embedded Event Manager

Question 2

Q

What are 2 building blocks of EEM?

Answer

A

Events
Actions

Question 3

Q

What are 3 EEM debug commands?

Answer

A

debug event manager action cli
debug event manager all
debug event manager action mail

Question 4

Q

What is the EEM keyword used so that the output will include the output of any CLI commands that were issued in the applet?

Answer

A

$_cli_result

Question 5

Q

In EEM what does “file prompt quiet” do?

Answer

A

It disables the IOS confirmation mechanism that asks to confirm a user’s actions.

Question 6

Q

What are 4 common EEM email variables?

Answer

A

_email_server
_email_to
_email_from
_email_cc

Question 7

Q

What is the EEM command that causes an EEM applet to require manual execution?

Answer

A

event none

Question 8

Q

What is the command to manually run an EEM applet?

Answer

A

R1# event manager run

Question 9

Q

What is the command to manually run a TCL script?

Answer

A

tclsh flash:/ping.tcl

Question 10

Q

What is the command to view any text file?

Answer

A

more flash:ping.tcl

Question 11

Q

What are 6 configuration changes for which network operators leverage automation for?

Answer

A

Device name/IP address
QOS
ACLs
Usernames/passwords
SNMP settings
Compliance

Question 12

Q

What are 3 agent-based automation tools?

Answer

A

Puppet
Chef
Saltstack

Question 13

Q

What is Puppet?

Server/Client functions:
Language:
Push or Pull:
Collection of code or files:
Code deployed as:
Admin interaction:
Service installed on nodes:
Communication Server/Client:

Answer

A

Server/Client functions: Puppet Master / Puppet Agents
Language: Ruby-based Domain Specific Language
Push or Pull: Pull
Collection of code or files: Modules in PuppetDB
Code deployed as: Manifests
Admin interaction: Puppet console
Service installed on nodes: Puppet agent
Communication Server/Client: TCP SSL req. certificates

Question 14

Q

What 3 types of Cisco devices can Puppet be used with?

Answer

A

Catalyst switches
Nexus switches
UCS servers

Question 15

Q

What does Puppet do to helps an organization standardize its device configurations?

Answer

A

It can periodically verify the configuration on devices. If a configuration on a device has changed it can be alerted on as well as automatically put back to the previous configuration.

Question 16

Q

How do Puppet agents communicate with the Puppet master?

Answer

A

By using different TCP connections. Each TCP port uniquely represents a communications path from an agent running on a device or node.

Question 17

Q

What does Puppet allow for?

Answer

A

Puppet allows for the management and configuration of multiple device types at the same time.

Question 18

Q

What are the 3 installation types of Puppet?

Answer

A

Monolithic - up to 4000 nodes
Monolithic with compile masters - 4000 to 20,000
Monolithic with compile masters and standalone PostgreSQL - more than 20,000 nodes

Question 19

Q

What 2 things might operations staff need in large-scale Puppet deployments

Answer

A

Master of Masters (MoM) that manages the distributed Puppet masters and their associated databases
Compile Masters that are load-balanced Puppet servers that help scale the number of agents that can be managed.

Question 20

Q

What advantage is there in having a Puppet MoM?

Answer

A

It greatly simplifies the management of the Puppet environments.

Question 21

Q

What is the hierarchy of Puppet configuration?

Answer

A

Modules contain manifests
Manifests contain classes
Classes contain resources

Question 22

Q

What 3 things do Puppet modules contain?

Answer

A

Manifests
Templates
Files

Question 23

Q

What are Puppet Manifests, how are they sent to clients, and what is required to do that?

Answer

A

They contain the code that configures the clients or nodes running the puppet agent
Pushed to devices using SSL
Require certificates to be installed to ensure the security of the communications between master and agents

Question 24

Q

What is a Puppet Module?

Answer

A

A collection of files and directories that can contain Puppet manifests, as well as other objects such as files and templates

Question 25

Q

What is a Puppet Module and what does it leverage for communication to devices? called cisco_ios?

Answer

A

It contains multiple manifests
Leverages SSH to connect to devices
Each of these manifests are used to modify the running configuration on Cisco Catalyst devices in some fashion

Question 26

Q

How are Manifests saved?

Answer

A

They are saved as individual files that have a file extension .pp.

Question 27

Q

What does Puppet use as its programming language?

Answer

A

Domain-specific Language (DSL) as its “programming language.”

Question 28

Q

What is Puppet Forge?

Answer

A

Puppet Forge is a free of charge community where puppet modules, manifests, and code can be shared.

Question 29

Q

What is Chef?

Server/Client functions:
Language:
Push or Pull:
Collection of code or files:
Code deployed as:
Admin interaction:
Service installed on nodes:
Communication workstation to Server:
Communication Server/Client:

Answer

A

Server/Client functions: Chef Server / Chef Clients
Language: Ruby DSL
Push or Pull: Pull
Collection of code or files: Cookbooks
Code deployed as: recipes
Admin interaction: workstation
Service installed on nodes: OHAI
Communication workstation to Chef Server: Knife cli
Communication Server/Client:

Question 30

Q

What code is Chef written in?

Answer

A

in Ruby and Erlang, but when it comes to actually writing code within Chef, Ruby is the language used

Question 31

Q

What is the Push model used by configuration management tools?

Answer

A

Push models push configuration from a centralized tool or management server,

Question 32

Q

What is the Pull model used by configuration management tools?

Answer

A

Pull models check in with the server to see if there is any change in the configuration, and if there is, the remote devices pull the updated configuration files down to the end device.

Question 33

Q

What are 6 ways Chef is similar to Puppet?

Answer

A

Both have free open-source versions
Both also have paid enterprise versions
Both manage code that needs to be updated/stored
Both manage devices that need to be configured
Both are ‘Pull’ models * Both function as a client-server model

Question 34

Q

How is Chef different from Puppet?

Answer

A

Chef’s structure, terminology, and core components are different from those of Puppet.

Question 35

Q

Compare the difference in terminology between Puppet and Chef.

Answer

A

Puppet Master = Chef server
Puppet agent = Chef client
Puppet module = Chef Cookbook
Puppet Manifest = Chef Recipe
Puppet console = Chef workstation

Question 36

Q

What is Knife in Chef?

Answer

A

The name of the command-line tool used to upload cookbooks to the Chef server.

Question 37

Q

What is the command to upload a cookbook to the Chef server?

Answer

A

knife upload (cookbookname)

Question 38

Q

Where can the Chef server be hosted?

Answer

A

Locally on the workstation
Remotely on a server
Hosted in the cloud.

Question 39

Q

What happens to create Chef code?

Answer

A

Created on the Chef workstation
Stored in a file called a recipe
Uploaded to the Chef server in order to be used in the environment.

Question 40

Q

What are the four types of Chef server deployments?

Answer

A

Chef Solo - server hosted on workstation
Chef Client and Server - distributed components
Hosted Chef - in the cloud
Private Chef - all components within the same enterprise

Question 41

Q

What is OHAI?

Answer

A

A service that is installed on the nodes that is used to collect the current state of a node and to send the information back to the Chef server through the Chef client service.

Question 42

Q

In Chef where are cookbooks stored?

Answer

A

On the Chef server.

Question 43

Q

What is a Chef Cookbook and what is it comparable to in Puppet?

Answer

A

A collection of recipes
Comparable to a module in Puppet

Question 44

Q

What is a Chef Recipe and what is it comparable to in Puppet?

Answer

A

Code being deployed to make configuration changes
Comparable to a manifest in Puppet

Question 45

Q

Which Chef component is responsible for all communications btw client and server?

Answer

A

The Chef client service that runs on the nodes is responsible for all communications to the Chef server.

Question 46

Q

What happens when a Chef node needs a recipe?

Answer

A

When a node needs a recipe, the Chef client service handles the communication back to the Chef server to signify the node’s need for the updated configuration or recipe.

Question 47

Q

What is the Kitchen in Chef?

Answer

A

It is a place where all recipes and cookbooks can automatically be executed and tested prior to hitting any production nodes.

Question 48

Q

What 4 testing frameworks does the Kitchen support?

Answer

A

Bash Automated Testing System (BATS)
Minitest
Rspec
ServerSpec

Question 49

Q

How do you know whether to choose Puppet or Chef?

Answer

A

It depends on the skillset and adoption processes of your network operations.

Question 50

Q

What is SaltStack?

Server/Client functions:
Language:
Push or Pull:
Servers Collection of client info:
Code deployed as:
Config Mgmt method:
Admin interaction:
Service installed on nodes:
Communication workstation to Server:
Communication Server/Client:

Answer

A

Server/Client functions: Masters/minions
Language: Python
Push or Pull: Push using SSH
Servers collection of client info: Pillars
Code deployed as: Salt Formulas in YAML or DSL
Configuration Mgmt: Reactors and Beacons Remote Execution System
Admin interaction: Python or Syndic GUI
Service installed on nodes: SaltStack Grains
Communication workstation to Server:
Communication Server/Client: 0MQ (Zero MQ), AES encryption

Question 51

Q

What is SaltStack built on?

Question 52

Q

What is one advantage of SaltStack being built on Python?

Answer

A

Since it is built on Python, and has a Python interface a user can program directly to SaltStack by using Python code.

Question 53

Q

What are Salt formulas?

Answer

A

the instructions or states that get sent out to the nodes that are written in YAML or a DSL.

Question 54

Q

What Distributed Messaging Platform does SaltStack use?

Answer

A

0MQ (ZeroMQ)

Question 55

Q

In general how is the SaltStack architecture different from Puppet and Chef?

Answer

A

SaltStack uses a concept of Systems which are divided into various categories.

Question 56

Q

Why is SaltStacks performance very fast?

Answer

A

SaltStack can run remote commands to systems in a parallel fashion.

Question 57

Q

Where is the SaltStack reactor and what does it do?

Answer

A

Sits on the Master
Listens for a minion’s beacon signifying there has been a change on the host that differ from the desired state or configuration

Question 58

Q

What is a SaltStack Beacon?

Answer

A

Lives in Minions
If a configuration changes on a node it tells the Reactor on the Master

Question 59

Q

What are 3 types of changes does the SaltStack Reactor listen for?

Answer

A

Command-line configuration
Disk/memory/processor utilization
Status of services

Question 60

Q

What are SaltStack minions?

Answer

A

The SaltStack agent

Question 61

Q

What is the Remote Execution System?

Answer

A

The process of the Beacon notifying the Reactor of any configuration changes.

Question 62

Q

What are SaltStack Grains?

Answer

A

The Grains interface derives information about the underlying system. It’s called Grains because it presents Salt with Grains of information.

Question 63

Q

How are the SaltStack Grains of information gathered?

Answer

A

This information is typically gathered by the salt-minion daemon.

Question 64

Q

What are SaltStack Pillars?

Answer

A

Pillars are tree-like structures of data defined on the Salt Master and passed through to minions. They allow confidential, targeted data to be securely sent only to the relevant minion. Pillar is information about a minion or many minions stored or generated on the Salt Master

Answer 64

A

It makes it possible to leverage the master of masters.

Answer 65

A

* Targets * Commands * Arguments

Answer 66

A

The target is the desired system that the command should run on.

Answer 67

A

It is possible to target the system by using the MinionID of a minion.

Answer 68

A

The asterisk * is a wildcard indicating all systems that are currently managed by SaltStack would be targeted.

Answer 69

A

When targeting you use a combination of the minion ID and the asterisk; for example, Minion* would grab any system that has a MinionID that starts with the word Minion.

Answer 70

A

An argument provides detail to the module and function that is being called on in the command.

Answer 71

A

It uses the module.function syntax followed by the argument.

Answer 72

A

salt ‘*’ cmd.run ‘ls -l/etc’

Answer 73

A

It gathers network information from all the disparate systems, such as the MAC address, interface names, state, and IPv4 and IPv6 addresses assigned to those interfaces.

Answer 74

A

* Ansible * Puppet Bolt * SaltStack SSH (Server-only mode)

Answer 75

A

* Owned by Redhat * An automation tool that is capable of automating cloud provisioning, deployment of applications, and configuration management.

Answer 76

A

* Consistent * Secure * Highly reliable * Minimal learning curve

Answer 77

A

Ansible communicates using SSH for a majority of devices, and it can support Windows Remote Management (WinRM) and other transport methods to the clients it manages.

Answer 78

A

No, Ansible doesn’t need an administrative account on the client. It can use built-in authorization escalation such as sudo when it needs to raise the level of administrative control.

Answer 79

A

* It could be a laptop or a server sitting in a data center * The control station is the computer used to run Ansible and issue changes and send requests to the remote hosts * All Ansible requests come from the control station

Answer 80

A

* It allows for easy ramp-up for users who aim to create new projects * It sets the stage for long-term automation initiatives and processes to further benefit the business.

Answer 81

A

* Prepare * Plan * Design * Implement * Observe * Optimize

Answer 82

A

* structured sets of instructions * A set of plays for remote systems * For example, Enforcing configuration and/ or deployment steps

Answer 83

A

A set of tasks applied to a single host or a group of hosts

Answer 84

A

A call to an Ansible module

Answer 85

A

YAML (Yet Another Markup Language)

Answer 86

A

Ansible YAML files usually begin with a series of three dashes (—) and end with a series of three periods (…).

Answer 87

A

Add comments in YAML by beginning lines with a pound sign (#).

Answer 88

A

Indent and begin each item with a dash and a space ( - )

Answer 89

A

YAML key/value pairs don’t need quotes.

Answer 90

A

YAML Lint is a free online tool you can use to check the format of YAML files to make sure they have valid syntax.

Answer 91

A

* ansible - runs modules against targeted hosts * ansible-playbook - runs Playbook * ansible-docs - Provides docs on syntax and parameters in the CLI * ansible-pull - Changes Ansible clients from the default push model to the pull model * ansible-vault - Encrypts YAML files that contain sensitive data

Answer 92

A

Ansible uses an inventory file to keep track of the hosts it manages.

Answer 93

A

* PLAY * TASK * PLAY RECAP

Answer 94

A

ios_command module

Answer 95

A

Puppet Bolt allows you to leverage the power of Puppet without an Agent * Connects with SSH or WinRM connections * Open source tool * based on Ruby language

Answer 96

A

* Used for pushing configuration, installing apps and for managing services * Tasks are sharable * allows you to execute a change or configuration immediately and then validate it.

Answer 97

A

* Orchestrator-driven tasks * Standalone Tasks

Answer 98

A

Orchestrator-driven tasks can leverage the Puppet architecture to use services to connect to devices. This design is meant for large-scale environments.

Answer 99

A

Standalone tasks are for connecting directly to devices or nodes to execute tasks and do not require any Puppet environment or components to be set up in order to realize the benefits and value of Puppet Bolt.

Answer 100

A

By using the command ‘bolt command run’ (command_name) followed by the list of devices to run the command against.

Answer 101

A

bolt script run (script_name)

Answer 102

A

* It copies the script into a temporary directory on the remote device * Executes the script * Captures the results * Removes the script from the remote system

Answer 103

A

bolt task run (modulename:: taskfilename)

Answer 104

A

Standard file naming convention “modulename:: taskfilename”

Answer 105

A

bolt task show (modulename:: taskfilename)

Answer 106

A

* Agentless * Remote systems need SSH and Python installed *

Answer 107

A

* Connects to remote system * Installs a lightweight version of SaltStack in a temp directory * Then optionally delete the temporary directory and all files upon completion, leaving the remote system clean.

Answer 108

A

* When time is of the essence * When some users use Salt frequently

Answer 109

A

* How the tools are used * The skills of the operations staff who are adopting them.

Brainscape's Knowledge GenomeTM

Chap 29 - Introduction to Automation Tools Flashcards

Brainscape's Knowledge Genome^TM