Avatar

In part 1 of this NetDevOps Series we talked about the need for network programmability. Here, in part 2, let’s dive into …

What is Programmability?

Computers are great at bulk-work, but if you want your computer to talk to your infrastructure and do something, you will need a machine-to-machine interface or API (Application Programming Interface): an interface designed for software pieces to interact with each other.

By 2020, only 40% of network operations teams will use the command line interface (CLI) as their primary interface, which is a decrease from 75% in 2Q18. (Source: Gartner, 2018 Strategic Roadmap for Networking)

Network Programmability uses a set of software tools to deploy, manage, and troubleshoot network devices and controllers via APIs, gathering data and driving configurations to enhance and secure application delivery. This software can be on-box or off-box, and work on-demand or event-driven.

We can ask an API to:

  • Take some action
  • Provide us with some piece of information
  • Store some piece of information

We use these machine-to-machine APIs to make simple requests to our infrastructure, which in aggregate, enable us to complete powerful tasks.

For example, you might use APIs to make simple requests like…

  • Get the status for interface X
  • Get the last-change time for interface X
  • Shutdown interface X
  • Set the description of interface X to “Interface disabled per Policy”

… and that way complete a powerful task like: “Disable all ports that have been inactive for 30 days.”

Sure, you could do this manually, but wouldn’t it be better to codify the process (write it once) and then let your computer run this task whenever you need it done?

Besides this, information included in API responses should be formed by data structures that can be programmatically readable by machines (and ideally also by humans). Classic CLI responses are human-readable text, but very difficult to be interpreted by a machine, that needs to be parsed with great difficulty before being able to leverage the included information.

If you need information from your infrastructure, ask for it. Using a machine-to-machine API means your request will complete, your data retrieved in a programmatic data structure, or you will receive notification to the contrary. All done in a way that enables you to automate the interaction. APIs make it easy to send requests to your infrastructure, but what makes it easy to codify the processes?

Why Coding

Coding is the process of writing down instructions, in a language a computer can understand, to complete a specific task.

Let’s consider a simple codified process that we are asking a computer to follow:

  • For each switch in my network…
    • For each interface in the switch…
      • If the interface is down, and hasn’t changed states in more than thirty days, then:
        • Shutdown the interface
        • Update the interface description to mention why it’s been shut down
for switch in my_network:
    for interface in switch:
        if interface.is_down() and interface.last_change() > thirty_days:
            interface.shutdown()
            interface.set_description("Interface disabled per Policy")

This is essentially the process that you, as a human, would go through to complete the same task. By taking the time to codify it (write it down in a machine interpretable language), you can now ask the computer to do the task whenever you need it done. You, the human, are providing the intelligence (what needs to be done and how it should be done), while letting the computer do the boring and repetitious work (which is what it does best).

While the code sample above is a snippet of a larger script, and is calling other functions (like interface.last_change() and interface.shutdown()), implementing the utility functions is straightforward and the code shown is actual valid Python code that would complete the task. The core logic is that simple.

What has changed?

APIs and programming languages aren’t new, so, why the recent hype?

Well… they have matured!

Modern Programming Languages & Tools

Modern programming languages like JavaScript, Python, Go, Swift, and others are less cumbersome and more flexible than their predecessors. It used to be that you had to write 10,000 lines of C++ code to do anything useful, but with these modern languages (and packages and libraries available from their developer communities) you can do powerful things in less than 300 lines of code. Which is probably shorter, or on par with, most Cisco IOS configurations that you have worked with.

These languages, when combined with other modern developer tools (eg. Git repositories, Package management systems, Virtual environments, Integrated Development Environments) equip you with powerful development tools that enable you to automate your tasks and processes and begin creating your own set of powerful tools and workflows.

While these tools are great, and are now bringing rich value to the systems engineering discipline, we are also benefiting from another maturing area of the software development industry.

Online Communities

In the past, when you set out to create some script or program, you often had to start from scratch, working with low-level standard libraries included with your programming language and toolset of choice. This created a high barrier to entry (and massive global repetition) as software developers had to write the same heavy lifting modules to get common tasks done. Take for example making a HTTPS web request, where they had to write code to:

  • Open a TCP connection on port 443
  • Handle TLS negotiation and exchange certificates
  • Validate the certificates
  • Manage the TCP connection (and any connection pooling)
  • Format HTTP requests
  • Interpret HTTP responses

That is a lot of work when all the developer wanted to do was to get or send some data to / from some remote server. This is the reason why engineers left this work to software developers.

Now, thanks to the Open Source community, social code-sharing and collaboration sites like GitHub, and public package repositories, the developer communities around these new modern programming languages are building and sharing Open Source software libraries that help to encourage reuse and reduce duplicate work. Leveraging these community-created libraries can save you tremendous amounts of time and effort, and they enable you to focus your time and effort on what you want your code to do: your codified process.

NetDevOps Series Part 2

You can make a HTTPS request without much personal investment, because of the work done by these online communities.

$ pip install requests
Collecting requests
Using cached
<-- output omitted for brevity -->
$ python
>>> import requests
>>> requests.get("https://api.github.com")
<Response [200]>

What you are seeing here:

  • We installed a community library from a public package repository ( pip install requests )
  • We entered a Python interactive shell ( python )
  • We imported the library into our Python code ( import requests )
  • We made a HTTPS request to https://api.github.com and it was successful ( <Response [200]> )

Starting with installing the requests package on our machine, in four typed lines in a terminal we were able to download and install the package and use it to make a HTTPS request (without having to think about the steps involved with making the HTTPS request).

Now that languages and tools have evolved to be useful for infrastructure engineers, APIs have become easier to work with.

API Maturity

Gone are the days where it took an expert programmer to work with a product API. Previous API standards like SOAP proved themselves to be not so simple, and easier to use API models like RESTful APIs have taken their place.

Now, thanks to RESTful APIs and standardized data formats like JSON, you can make requests of your infrastructure with the same ease these modern programming languages provide.

In my next posts we will explore some of the required coding essentials. See you next week, stay tuned!

Any questions or comments please let me know in the comments section below. Or reach me on Twitter or LinkedIn.

Join DevNet: access the learning labs, docs, and sandboxes you need for network automation. And check out this expert-led, video course for learning network programmability basics.