📘Cisco DevNet Associate (200-901 DEVASC)
Automation tools help engineers perform tasks such as:
- Deploying infrastructure
- Configuring network devices
- Managing cloud resources
- Automating repetitive operations
- Ensuring consistent configurations
Instead of manually logging into devices or servers, engineers write code or configuration files that automation tools execute.
1. Ansible
Overview
Ansible is an open-source automation tool widely used for configuration management, application deployment, and infrastructure automation.
It is popular because it is simple and agentless, meaning no software needs to be installed on managed devices.
Ansible uses SSH, APIs, or other protocols to connect to systems and apply configurations.
Key Capabilities of Ansible
1. Configuration Management
Ansible can configure servers, network devices, and applications automatically.
Example in an IT environment:
A network administrator can use Ansible to:
- Configure VLANs on multiple switches
- Deploy NTP settings on routers
- Configure SNMP monitoring across devices
Instead of configuring each device individually, Ansible runs a playbook and configures all devices automatically.
2. Infrastructure Automation
Ansible can automate the deployment of IT infrastructure components such as:
- Virtual machines
- Containers
- Network services
- Firewall configurations
Example:
Ansible can automatically configure:
- Linux servers
- Web servers
- Databases
- Network devices
This ensures all systems are configured the same way.
3. Application Deployment
Ansible can install and deploy applications across many servers.
Example in an IT environment:
An engineer can create an Ansible playbook that:
- Installs a web server
- Deploys application code
- Configures environment variables
- Restarts services
This ensures that every server runs the same application configuration.
4. Network Automation
Ansible supports many network platforms including Cisco devices.
It can automate:
- Router configuration
- Switch configuration
- Firewall policies
- Network validation checks
Example:
Ansible can configure:
- BGP routing
- VLAN creation
- Interface configuration
- Access control lists (ACLs)
on hundreds of network devices at once.
5. Agentless Architecture
One major capability of Ansible is that it does not require agents on managed devices.
This provides several advantages:
- Easy deployment
- No software installation on network devices
- Reduced maintenance
Ansible simply connects using SSH or APIs.
6. Playbooks and YAML
Ansible uses playbooks written in YAML.
A playbook defines:
- Tasks
- Configuration changes
- Automation workflows
Example tasks inside a playbook:
- Configure interface
- Install software
- Start services
These playbooks allow automation to be version controlled and reusable.
7. Idempotency
Ansible ensures idempotent operations.
This means:
Running the same playbook multiple times will not create duplicate or conflicting configurations.
If the desired configuration already exists, Ansible will not change anything.
2. Terraform
Overview
Terraform is an Infrastructure as Code (IaC) tool used to create, manage, and provision infrastructure resources.
Terraform is widely used for cloud infrastructure automation.
Instead of manually creating cloud resources, engineers write code that describes the infrastructure.
Key Capabilities of Terraform
1. Infrastructure as Code (IaC)
Terraform allows engineers to define infrastructure using configuration files.
These files describe resources such as:
- Virtual machines
- Networks
- Load balancers
- Storage systems
- Cloud services
Example in an IT environment:
A Terraform configuration can define:
- A cloud network
- Multiple virtual machines
- Firewall rules
- Storage volumes
Terraform then automatically builds the infrastructure.
2. Multi-Cloud Infrastructure Deployment
Terraform supports multiple cloud providers including:
- AWS
- Azure
- Google Cloud
- Private cloud platforms
This capability allows organizations to manage infrastructure across different platforms using a single tool.
Example:
A Terraform script could deploy:
- Virtual machines in AWS
- Databases in Azure
- Storage in Google Cloud
All from one automation configuration.
3. Infrastructure Provisioning
Terraform provisions infrastructure resources automatically.
Provisioning tasks include:
- Creating virtual machines
- Configuring networks
- Creating storage
- Deploying load balancers
Terraform communicates with cloud provider APIs to create these resources.
4. Desired State Management
Terraform uses a desired state model.
Engineers define the desired infrastructure state in configuration files.
Terraform then compares:
Current infrastructure state
vs
Desired infrastructure state
It automatically performs actions to match the desired state.
5. Execution Planning
Terraform generates an execution plan before making changes.
The plan shows:
- What resources will be created
- What resources will be modified
- What resources will be deleted
This allows engineers to review changes before applying them.
6. State Management
Terraform maintains a state file.
The state file keeps track of:
- Created infrastructure resources
- Resource relationships
- Configuration changes
This state allows Terraform to update infrastructure safely.
7. Reusable Modules
Terraform supports modules, which allow reusable infrastructure configurations.
Example:
An engineer can create a reusable module for:
- Deploying a standard network
- Creating a secure VM
- Deploying a load balancer
Modules simplify large infrastructure deployments.
3. Cisco NSO
Overview
Cisco Network Services Orchestrator is a network automation and service orchestration platform used to automate network service provisioning and configuration across multi-vendor networks.
It is designed specifically for large-scale network automation.
Key Capabilities of Cisco NSO
1. Network Service Orchestration
Cisco NSO automates the deployment of network services across multiple devices.
Examples of network services:
- VPN services
- MPLS services
- L3 connectivity
- Data center networking services
Instead of configuring each router manually, NSO deploys services automatically.
2. Multi-Vendor Device Support
Cisco NSO can manage devices from multiple vendors.
Examples:
- Cisco routers
- Juniper routers
- Nokia networking devices
- Other supported platforms
This allows automation across heterogeneous networks.
3. Model-Driven Architecture
Cisco NSO uses data models such as:
- YANG models
- Network service models
These models define how services and configurations should be structured.
This approach enables model-driven programmability, which is a key concept in modern network automation.
4. Transaction-Based Configuration
Cisco NSO performs atomic transactions.
This means configuration changes are applied in a safe and consistent way.
If an error occurs during configuration:
- The entire transaction is rolled back
- Devices return to the previous configuration
This prevents partial configuration errors.
5. Service Abstraction
Cisco NSO allows engineers to define services at a high level.
Example:
Instead of configuring:
- multiple routers
- multiple interfaces
- routing protocols
An engineer defines a service template, and NSO automatically applies the necessary configurations to all devices.
6. Network Service Lifecycle Management
Cisco NSO manages the full lifecycle of network services, including:
- Service creation
- Service modification
- Service deletion
- Service monitoring
This capability is essential for service provider networks.
7. Integration with APIs and Automation Tools
Cisco NSO provides APIs that allow integration with:
- Python automation scripts
- CI/CD pipelines
- Network orchestration systems
This enables automated service deployment through programmatic interfaces.
Comparison of Ansible, Terraform, and Cisco NSO
| Tool | Primary Purpose | Key Use |
|---|---|---|
| Ansible | Configuration automation | Configure servers and network devices |
| Terraform | Infrastructure provisioning | Create and manage cloud infrastructure |
| Cisco NSO | Network service orchestration | Automate network services across devices |
Example Automation Workflow in an IT Environment
An organization might use all three tools together:
- Terraform provisions infrastructure:
- Creates virtual networks
- Deploys virtual machines
- Ansible configures systems:
- Installs applications
- Configures operating systems
- Applies network settings
- Cisco NSO deploys network services:
- Configures VPN services
- Automates routing services
- Manages network connectivity across devices
This layered automation approach helps manage large-scale infrastructure efficiently.
Key Exam Points to Remember (DEVASC)
For the Cisco DevNet Associate exam, remember:
Ansible
- Agentless automation tool
- Uses YAML playbooks
- Automates configuration management and application deployment
- Works with servers and network devices
Terraform
- Infrastructure as Code tool
- Creates and manages cloud infrastructure
- Uses desired state configuration
- Maintains state files
Cisco NSO
- Network service orchestration platform
- Uses YANG data models
- Supports multi-vendor networks
- Provides transaction-based configuration
