Course Content
Packet Forwarding
0/2
Network Device Communication
Forwarding Architectures
Spanning Tree
An overview of how switches become aware of other switches and prevent loops.
0/2
Spanning Tree Protocol Fundamentals
Rapid Spanning Tree Protocol
Advanced Spanning Tree Tuning
0/2
Spanning Tree Topology Tuning
Additional Spanning Tree Protection Mechanisms
Multiple Spanning Tree Protocol (MST)
0/1
Multiple Spanning Tree Protocol
VLAN Trunks and EtherChannel Bundles
0/3
VLAN Trunking Protocol (VTP)
Dynamic Trunking Protocol (DTP)
EtherChannel Bundle
IP Routing Essentails
0/4
Routing Protocol Overview
Path Selection
Static Routing
Virtual routing and forwarding (VRF)
EIGRP
0/4
EIGRP Fundamentals
EIGRP Path Metric Calculation
EIGRP Failure Detection and Timers
EIGRP Route Summarization
OSPF
0/4
OSPF Fundamentals
OSPF Configuration
OSPF Default Route Advertisement
Common OSPF Optimizations
Advanced OSPF
The (OSPF) protocol scales well with proper network planning. IP addressing schemes, area segmentation, address summarization, and hardware capabilities for each area should considered when designing a network.
0/6
OSPF Areas
OSPF Link-State Announcements
Discontiguous Networks
OSPF Path Selection
OSPF Routes Summarization
OSPF Route Filtering
OSPFv3
0/3
OSPFv3 Fundamentals
OSPFv3 Configurations
IPv4 Support in OSPFv3
BGP
0/4
BGP Fundamentals
Basic BGP Configuration
BGP Route Summarization
Multiprotocol BGP for IPv6
Advanced BGP
0/6
BGP Multihoming
BGP Conditional Matching
BGP Route Maps
BGP Route Filtering and Manipulation
BGP Communities
BGP Path Selection
Multicast
0/5
Multicast Fundamentals
Multicast Addressing
Internet Group Management Protocol
Protocol Independent Multicast
Rendezvous Points
QoS
0/5
The Need for QoS
QoS Models
Classification and Marking
Policing and Shaping
Congestion Management and Avoidance
IP Services
0/3
Time Synchronization
First Hop Redundancy Protocol
Network Address Translation
Overlay Tunnels
0/4
Generic Routing Encapsulation (GRE) Tunnels
IPsec Fundamentals
Cisco Location/ID Separation Protocol (LISP)
Virtual Extensible Local Area Network (VXLAN)
Wireless Signals & Modulation
0/2
Understanding Basic Wireless Theory
Carrying Data over a Wireless Signal
Wireless Infrastructure
0/3
WLAN Topologies
Leveraging Antennas for Wireless Coverage
Pairing Lightweight APs and WLCs
Understanding Wireless Roam and Location Services
0/3
Roaming Overview
Roaming Between Centralized Controllers
Locating Devices in a Wireless Network
Authenticating Wireless Clients
0/4
Open Authentication
Authenticating with Pre-Shared Key (PSK)
Authenticating with EAP
Authenticating with WebAuth
Troubleshooting Wireless Connectivity
0/2
Troubleshooting Client Connectivity from WLC
Troubleshooting Connectivity Problems at the AP
Enterprise Network Architecture
0/2
Hierarchical LAN Design Model
Enterprise Network Architecture Options
Fabric Technologies
0/2
Software-Defined Access (SD-Access)
Software Defined WAN (SD-WAN)
Network Assurance
0/6
Network Diagnostic Tools
Debugging
NetFlow and Flexible NetFlow
Switched Port Analyzer (SPAN) Technologies
IP SLA
DNA Center Assurance
Secure Network Access Control
0/3
Network Security Design for Threat Defense
Network Access Control (NAC)
Next-Generation Endpoint Security
Network Device Access Control and Infrastructure Security
0/5
Access Control Lists (ACLs)
Terminal Lines and Password Protection
Authentication, Authorization, and Accounting (AAA)
Zone-Based Firewall (ZBFW)
Control Plane Policing (CoPP)
Virtualization
0/2
Server Virtualization
Network Functions Virtualization
Foundational Network Programmability Concepts
0/6
CLI
Application Programming Interface (API)
Data Models and Supporting Protocols
DevNet
GitHub
Basic Python Components and Scripts
Introduction to Automation Tools  
To provide a high-level overview of some of the most common configuration management and automation tools that are available.
0/3
Embedded Event Manager (EEM)
Agent-Based Automation Tools
Agentless Automation Tools
ENCOR Course
About Lesson

Agentless Automation Tools

the benefits and operations of the various agentless automation tools.

Ansible Overview

  • capable of automating cloud provisioning, deployment of applications, configuration management.
  • Agentless, so no software needs installed on the client.
  • using SSH. • Can use built-in authorization escalation when it needs to raise the level of administrative control.
  • Sends all requests from a control station

Ansible Playbook Components

Components Description Use Case
Playbook A set of plays for remote systems Enforcing configuration and/or deployment steps
Play A set of tasks applied to a single host or group of hosts Grouping a set of hosts to apply policy or configuration to them.
Task A call to an Ansible module Logging in to a device to issue a show to retrieve output.
  • Ansible uses playbooks to deploy configuration changes or retrieve information from hosts.
  • a structured sets of instructions.
  • contains multiple plays, and each play contains the tasks that each player must accomplish.

Ansible Playbooks in YAML

  • Playbooks are written using YAML (Yet Another Markup Language).
  • Usually begin with a series of three dashes (—) and end with a series of three periods (…).
  • YAML uses dictionaries that are similar to JSON dictionaries as they also use key/value pairs.

Ansible CLI Commands

CLI tool that can be used to run playbooks or ad hoc CLI commands on targeted hosts. This tool has very specific commands that you need to use to enable automation.

CLI Command Use Case
ansible Runs modules against targeted hosts
ansible-playbook Runs playbooks
ansible-docs Provides documentation on syntax and parameters in the CLI
ansible-pull Changes Ansible clients from the default push model to the pull model
ansible-vault Encrypts YAML files that contain sensitive data

Configuration Example

  • Example 29-14 shows an alternative version of the ConfigureInterface.yaml playbook named EIGRP_Configuration_Example.yaml, with EIGRP added, along with the ability to save the configuration by issuing a “write memory.”
  • These tasks accomplished by leveraging the ios_command module in Ansible.
  • This playbook adds the configuration shown here to the CSR1KV-1 router.

Puppet Bolt

  • Puppet Bolt allows you to leverage the power of Puppet without having to install a puppet master or puppet agents on devices or nodes.
  • It connects to devices by using SSH or WinRM connections. Puppet Bolt is an open source tool based on the Ruby and installed as a single package.
  • Puppet Bolt allows you to execute a change or configuration immediately and then validate it.
  • There are two ways to use Puppet Bolt:
    • Orchestrator-driven tasks – can leverage the Puppet architecture to use services to connect to devices. is meant for large-scale environments.
    • Standalone tasks – for connecting directly to devices or nodes to execute tasks and do not require any Puppet environment or components to be set up in order to realize the benefits and value of Puppet Bolt.

Puppet Bolt Command Line

  • Individual commands can be run from the command line by using the bolt command run command name followed by the list of devices to run the command against.
  • After a script is built, execute it from the command line against the remote devices that need to be configured, using the command bolt script run script name followed by the list of devices to run the script against.

Puppet Bolt Command Line

  • Puppet Bolt tasks use an API to retrieve data between Puppet Bolt and the remote device.
  • Tasks are part of the Puppet modules and use the naming structure modulename::taskfilename.
  • Tasks called from the command line much like commands and scripts.
  • You use the command bolt task run modulename::taskfilename to invoke these tasks from the command line.
  • The modulename::taskfilename naming structure allows the tasks to be shared with other users on Puppet Forge.
  • A task is commonly accompanied by a metadata file that is in JSON format.
  • A JSON metadata file contains information about a task, how to run the task, and any comments about how the file is written.

SaltStack Salt SSH (Server-Only Mode)

  • SaltStack offers an agentless option called Salt SSH that allows users to run Salt commands without having to install a minion on the remote device or node.
  • The main requirements to use Salt SSH are that the remote system must have SSH enabled and Python installed.
  • Salt SSH can work in conjunction with the master/minion environment, or it can be used completely agentless across the environment.
  • By default, Salt SSH uses roster files to store connection information for any host that doesn’t have a minion installed.

Comparing Tools

Factor Puppet Chef Ansible SaltStack
Architecture Puppet masters and puppet agents Chef server and Chef clients Control station and remote hosts Salt master and minions
Language Puppet DSL Ruby DSL YAML YAML
Terminology Modules and Manifests Cookbooks and recipes Playbooks and plays Pillars and grains
Support for largescale deployments Yes Yes Yes Yes
Agentless version Puppet Bolt N/A Yes Salt SSH

 

 

Other useful information:

Join the conversation
Previous
Next