Cisco DevNet Associate: Network Automation, APIs, and Software Development for Network Engineers

DevNet Associate tests software development basics in the context of network automation. Version control with Git: clone repositories, commit changes, push to remote, pull updates, create branches, merge branches — the basic workflow every developer uses. Key commands: git init, git clone, git add, git commit -m 'message', git push, git pull, git branch, git checkout, git merge. Python for network automation: write scripts using Python 3, import standard libraries (json, requests, sys, os, re), handle exceptions (try/except for network errors), format output (f-strings, JSON pretty print — json.dumps(data, indent=2)). Software development methodologies: Agile iterative development, Scrum for team coordination, CI/CD pipelines for automated testing and deployment of automation code. Testing: unit tests (test individual functions — Python unittest or pytest), integration tests (test multiple components together), mock testing (simulate network device responses without real hardware — useful for CI pipelines).

REST APIs are the primary interface for network automation. REST principles: stateless (each request contains all necessary information), client-server architecture, cacheable responses. HTTP methods in REST: GET (retrieve data — read-only), POST (create new resources), PUT (replace a resource completely), PATCH (update part of a resource), DELETE (remove a resource). HTTP status codes: 200 (OK), 201 (Created), 204 (No Content — success but no body), 400 (Bad Request — invalid syntax), 401 (Unauthorised — missing or invalid credentials), 403 (Forbidden — authenticated but not authorised), 404 (Not Found), 429 (Too Many Requests — rate limiting), 500 (Internal Server Error). Authentication: API keys (simple token in header — X-Auth-Token), Bearer tokens (JWT in Authorization header), Basic Auth (Base64-encoded username:password in Authorization header), OAuth 2.0 (client credentials flow for machine-to-machine). Data formats: JSON (JavaScript Object Notation — key-value pairs, arrays, human-readable, most common for REST APIs), XML (hierarchical tags, used by older network APIs and NETCONF), YAML (indentation-based, used by Ansible playbooks and Kubernetes manifests). Python requests library: requests.get(url, headers={'Authorization': 'Bearer TOKEN'}) — response.json() parses JSON response.

Modern network devices expose configuration via standardised protocols. NETCONF (Network Configuration Protocol): SSH-based, uses XML for data encoding, YANG data models define what can be configured (RFC 6241). Operations: get (retrieve operational data), get-config (retrieve configuration), edit-config (modify configuration), commit (apply changes — candidate datastore model), lock/unlock (exclusive access), copy-config, delete-config. RESTCONF (RFC 8040): HTTP-based alternative to NETCONF — uses YANG models but REST-style HTTP verbs and JSON or XML encoding — easier for application developers than NETCONF. gRPC and gNMI: Google's remote procedure call framework — used for high-frequency network telemetry streaming (Cisco Model-Driven Telemetry) — binary Protocol Buffer encoding, much faster than polling for real-time metrics. YANG models: hierarchical data models that define the structure and constraints of network device configuration and state. YANG modules are identified by a namespace and module name — Cisco, OpenConfig, and IETF publish standard modules. Use pyang to validate and display YANG models.

DevNet Associate tests several Cisco platform APIs. Cisco Meraki Dashboard API: cloud-managed networking REST API — authenticate with an API key, manage organisations, networks, and devices programmatically. Common endpoints: GET /organisations, GET /networks/{networkId}/devices, GET /devices/{serial}/clients. Meraki webhooks: HTTP POST to your server when alerts occur (network events, client connections). Cisco Webex API: messaging and collaboration platform — bots send messages to rooms, read messages, respond to events via webhooks. Personal access tokens for development, OAuth 2.0 for production integrations. Common uses: ChatOps — send network alerts to Webex rooms, allow engineers to query device status by chatting with a bot. Cisco DNA Center (DNAC/Catalyst Center) APIs: intent-based networking platform — manage sites, devices, network configuration policies via REST. Site discovery, device inventory, issue detection, and network assurance all accessible via API. DevNet Sandbox: free-to-use remote lab environments for practising with all Cisco platforms — essential exam preparation.

Network automation tools: Ansible for network automation (agentless, SSH or API connections, YAML playbooks — network modules for Cisco IOS, NX-OS, ASA, Meraki, and hundreds of others — use ios_command, ios_config, nxos_config modules), Python with Netmiko (multi-vendor SSH library — simplifies sending commands to Cisco, Juniper, Arista, and others — sends CLI commands and parses output), NAPALM (Network Automation and Programmability Abstraction Layer with Multivendor support — provides a unified API across vendor CLI and API interfaces). Infrastructure as Code for networking: define network configuration in version-controlled files, apply through automation pipelines, audit configuration drift (actual vs intended). Containerisation for network automation: Docker to package automation scripts and dependencies — ensures consistent execution across development, CI, and production environments. Cisco network simulation: Cisco Modeling Labs (CML) for network topologies, DevNet Sandbox provides access to shared and reserved lab environments.