Link to my CBT Nuggets network automation course: learn.gg/adv-net Link to the script/configurations used in this demo: github.com/IPvZero/netconf-scrapli-eigrp
Hi John, Excellent video as always with your good self. I'm trying to find a way how once you have made the changes to the running config, you can then save the running config to startup via this method?
Thanks, Ken. Glad you found it useful :) YANG is probably the biggest obstacle in API based automation. To be honest, even though I can use it, I still have my reservations (as do many prominent people i've spoken with in private). I think it raises the barrier of entry a little bit too high and introduces problems of its own. Personally I'm more of a fan of how the server world implement automation and this is the direction Cumulus Linux are going - automate linux flat files and restart services. To me it's a more elegant solution.
@@IPvZero John couldn't agree more. This article from Ivan Pepelnjak says it all www.ipspace.net/kb/CiscoAutomation/070-netconf.html I think long term APIs wont be used for pushing configurations, remember SNMP anyone? It was originally designed for config push. SNMP MIBs, YANG data models, same thing as far as I'm concerned. The only aspect of the API I really like is the replace/declarative operation, very hard to achieve this with the CLI, but if it was a single file swap out like Linux, that would deal with that issue
@@kenmurphy4259 This is where I am at atm. YANG isn't even close to getting us standardisation right now. As it stands, the IETF models are bare so are pretty much unusable. OpenConfig is better but still don't have nearly enough feature coverage. So you're having to resort to vendor native models. So depending on the model you have to structure your config in completely different ways from device to device, depending on the model. This is just like the CLI syntax problem all over again, except with an extra layer of complexity thrown on top of it. YANG rules also present some serious implementation problems, imo. For example you can't perform an operation replace on a leaf-list object. So for example in the XE Native model a username is actually a leaf-list. So if you want to perform an operation replace - you can't. The only way to replace the username is to go one level higher, which is the entire native model. In effect, if you want to perform an operation replace on a username, you need to build a YANG structured data model for absolutely every piece of configuration on the box and simply replace the whole config. And if you leave anything out, by nature of a replace, it gets wiped. These kind of rules just make implementation cumbersome and inelegant. Whereas the server world has been automating way longer than us networking folks - and I feel they've got it pretty dialled.
Would you be able to explain how you generate the NETCONF XML config from the YANG model? YANG models look like the most confusing thing I've ever seen, I don't understand how you get from the YANG model to the XML config.
Hey, Joshua. Very understandable. YANG is certainly not easy and it's extremely common for people to struggle with this. I'm certainly going to be covering how to do it in depth in my CBT Nuggets course when I get to section dedicated to automating over NETCONF. Although, I might also throw together a short YT tutorial going over the main points of how to do it if I can find the time :) -John
I have a cloudmylab account, how do i duplicate the work you have done in this config on eveng? I would like to get good at automation as well. how do i set this lab up?
Hey Manoj. There's really not too much the lab. Two CSR routers, both with a MGMT ip address. And on each devices I put the commands to enable RESTCONF/NETCONF: username john priv 15 pass cisco restconf ip http server ip http authentication local ip http secure-server netconf-yang If you do that you'll have the same lab setup :)
Link to my CBT Nuggets network automation course: learn.gg/adv-net
Link to the script/configurations used in this demo: github.com/IPvZero/netconf-scrapli-eigrp
Brilliant video and great content!
Thanks, brother :)
Hi John, Excellent video as always with your good self.
I'm trying to find a way how once you have made the changes to the running config, you can then save the running config to startup via this method?
This is excellent stuff, thank you!!
Thanks, Adam :)
Boss! Awesome video
Thanks, brother :)
Thanks John for this great tutorial, I am wondering if you can make something using ansible ? I am trying to make this happen via ansible
Thanks for the video, did you write the Yang model for EIGRP in this template or did you pull it from an already defined model?
John, great video on NETCONF, I find YANG data models a challenge to untangle, these videos have pulled back the curtain.
Thanks, Ken. Glad you found it useful :)
YANG is probably the biggest obstacle in API based automation. To be honest, even though I can use it, I still have my reservations (as do many prominent people i've spoken with in private). I think it raises the barrier of entry a little bit too high and introduces problems of its own. Personally I'm more of a fan of how the server world implement automation and this is the direction Cumulus Linux are going - automate linux flat files and restart services. To me it's a more elegant solution.
@@IPvZero John couldn't agree more. This article from Ivan Pepelnjak says it all www.ipspace.net/kb/CiscoAutomation/070-netconf.html I think long term APIs wont be used for pushing configurations, remember SNMP anyone? It was originally designed for config push. SNMP MIBs, YANG data models, same thing as far as I'm concerned. The only aspect of the API I really like is the replace/declarative operation, very hard to achieve this with the CLI, but if it was a single file swap out like Linux, that would deal with that issue
@@kenmurphy4259 This is where I am at atm. YANG isn't even close to getting us standardisation right now. As it stands, the IETF models are bare so are pretty much unusable. OpenConfig is better but still don't have nearly enough feature coverage. So you're having to resort to vendor native models. So depending on the model you have to structure your config in completely different ways from device to device, depending on the model. This is just like the CLI syntax problem all over again, except with an extra layer of complexity thrown on top of it. YANG rules also present some serious implementation problems, imo. For example you can't perform an operation replace on a leaf-list object. So for example in the XE Native model a username is actually a leaf-list. So if you want to perform an operation replace - you can't. The only way to replace the username is to go one level higher, which is the entire native model. In effect, if you want to perform an operation replace on a username, you need to build a YANG structured data model for absolutely every piece of configuration on the box and simply replace the whole config. And if you leave anything out, by nature of a replace, it gets wiped. These kind of rules just make implementation cumbersome and inelegant. Whereas the server world has been automating way longer than us networking folks - and I feel they've got it pretty dialled.
Would you be able to explain how you generate the NETCONF XML config from the YANG model? YANG models look like the most confusing thing I've ever seen, I don't understand how you get from the YANG model to the XML config.
Hey, Joshua. Very understandable. YANG is certainly not easy and it's extremely common for people to struggle with this. I'm certainly going to be covering how to do it in depth in my CBT Nuggets course when I get to section dedicated to automating over NETCONF. Although, I might also throw together a short YT tutorial going over the main points of how to do it if I can find the time :)
-John
I have a cloudmylab account, how do i duplicate the work you have done in this config on eveng? I would like to get good at automation as well. how do i set this lab up?
Hey Manoj. There's really not too much the lab. Two CSR routers, both with a MGMT ip address. And on each devices I put the commands to enable RESTCONF/NETCONF:
username john priv 15 pass cisco
restconf
ip http server
ip http authentication local
ip http secure-server
netconf-yang
If you do that you'll have the same lab setup :)
@@IPvZero thanks John, saw your video to setup the environment
@@MK1985-z7k Brilliant. Have fun labbing then :)