Index
A
access tokens (OAuth 2.0), 181
accessibility as quality attribute, 32
accessing Pearson Test Prep software, 649–650
accountability as quality attribute, 32
ACI tenant deployment with Terraform, 496–501
ACID properties, 148
active recovery (hot standby), 47–48
admin processes in 12-factor application design, 242
administrative requirements for software architecture, 13
agent-based configuration management, 450–473
downloading and installing Puppet, 453–458
extracting information via Puppet, 459–463
NX-OS devices with Puppet, 465–469
Puppet platform support matrix, 451
Python scripts with Puppet, 463–465
agentless configuration management solutions, 450, 474–501
ACI tenant deployment, 496–501
configuring Ansible inventory, 481–482
downloading and installing Ansible, 474–481
modifying device configurations, 488–493
project-level inventory files in Ansible, 482–483
agrparse, 174
alpha testing, 22
Amazon Web Services (AWS)
Jeff Bezos’s API mandate, 136–138
analyzability as quality attribute, 33
Ansible, 334
as agentless solution, 450, 474–493
configuring inventory, 481–482
downloading and installing, 474–481
modifying device configurations, 488–493
project-level inventory files, 482–483
comparison with Terraform, 518–519
in evolution of application deployment, 221–223
with NETCONF and RESTCONF, 382
API keys, 180
Apigee, 147
APIs (application programming interfaces)
architectural styles
purpose of, 146
authentication, 337
authentication types, 139, 162, 179–181
components of, 132
objects, 134
definition of, 132
development
design considerations, 177–178
methods for, 162
purpose of, 162
headers, 139
idempotency, 337
Intersight
Jeff Bezos’s API mandate, 136–138
lack of, 135
Meraki
payload data formats, 338
performance
error handling/timeouts/rate limiting, 184–188
pagination, 162
streaming vs. pagination, 181–184
public/open, 140
RESTful APIs, 157–158. See also RESTCONF
constraints on, 157
enabling DNA center access, 630–631
enabling Firepower access, 582–583
enabling Webex access, 572–573
Firepower documentation, 583–585
HTTP status codes, 184
NETCONF APIs vs.159
operation types, 336
streaming APIs vs.181–184
uniform interfaces, 158
UCS Manager
enabling access, 611
web scraping as alternative, 135–136
APM (application performance monitoring) applications, 77
application containers
implementation, 534
Cisco DNA Center for application hosting, 538–547
Cisco IOx Local Manager for application hosting, 547–552
CLI for application hosting, 553–556
enabling application hosting framework, 536–537
validating prerequisites, 534–536
interaction with iPerf3, 556–563
management best practices, 563–565
platforms supporting, 533
use cases, 532
application deployment
CI/CD
integration deployment, 207–217
pipeline implementation, 201–203
DevOps, responsibilities of, 194–196
automated configuration management, 220–224
sysadmins compiling from source code, 218–220
DevOps vs.198
12-factor application design, 238–242
admin processes, 242
backing services, 240
build/release/run stages, 240
codebase, 239
concurrency, 241
configuration, 239
dependencies, 239
disposability, 241
logs, 242
port binding, 241
processes, 240
application design
API design considerations, 177–178
availability and resiliency in, 44–53
failure prevention, 50
requirements, 45
data velocity, 82
DIP (dependency inversion principle), 65–66
ISP (interface segregation principle), 64–65
LSP (Liskov’s substitution principle), 63–64
modularity and, 59
OCP (open-closed principle), 62–63
SRP (single responsibility principle), 61
definition of, 36
for performance
parallel processing, 72
trade-offs in, 69
security
12-factor application design, 238–242
admin processes, 242
backing services, 240
build/release/run stages, 240
codebase, 239
concurrency, 241
configuration, 239
dependencies, 239
disposability, 241
logs, 242
port binding, 241
processes, 240
application hosting
with Cisco DNA Center, 538–547
with Cisco IOx Local Manager, 547–552
application performance monitoring (APM) applications, 77
application programming interfaces. See APIs (application programming interfaces)
architectural decisions, 519–520
architectural styles (APIs)
purpose of, 146
architecture. See software architecture
atomic configuration management, model-driven vs.351–354
atomic network management, controller-based vs.303–305
atomicity as ACID property, 148
authentication
for APIs, 139, 162, 179–181, 337
RESTCONF and, 373
authenticity as quality attribute, 32
authorization. See also OAuth 2.0
authorization code flow (OAuth 2.0), 276–278
automated configuration management. See also SCM (software configuration management); streaming telemetry
agent-based solutions, 450–473
downloading and installing Puppet, 453–458
extracting information via Puppet, 459–463
NX-OS devices with Puppet, 465–469
Puppet platform support matrix, 451
Python scripts with Puppet, 463–465
agentless solutions, 450, 474–501
ACI tenant deployment, 496–501
configuring Ansible inventory, 481–482
downloading and installing Ansible, 474–481
modifying device configurations, 488–493
project-level inventory files in Ansible, 482–483
atomic vs. model-driven, 351–354
in evolution of application deployment, 220–224
imperative vs. declarative models, 448–449
provisioning vs.449
automation
APIs
authentication, 337
idempotency, 337
payload data formats, 338
RESTful APIs, 336
challenges addressed by, 313–329
accuracy of provisioning, 319–323
diversity of equipment and functionality, 314–316
proximity of management tools and support staff, 316
reducing operation expenses, 329
scalability in provisioning, 323–328
speed of provisioning, 317–318
in evolution of network management and software development, 6–7
in failure prevention, 50
IT service management and security, 343–344
Cisco solutions for, 335
network controllers, 334
autoscaling in application design, 42
availability
failure prevention, 50
requirements, 45
definition of, 249
availability monitoring of application containers, 564
AWS (Amazon Web Services)
Jeff Bezos’s API mandate, 136–138
B
backing services in 12-factor application design, 240
bandwidth, 66
basic authentication (APIs), 179
BCP (business continuity planning), 50–51
bearer authentication (APIs), 180
best practices
for application container management, 563–565
beta testing, 22
Bezos, Jeff, API mandate, 136–138
BGP-LS/FS (BGP Link-State/Flow Spec), 333
black-box design in modular design, 39
black-box testing, 23
blue-green deployment (CI/CD), 206
Branch and Pull Workflow (Git), 89–103
branches
pushing to origin repo, 97
current changes review, 94
pros and cons, 89
sample setup, 90
staged changes review, 94
branches (Git)
branch protection rules, 125–126
definition of, 121
Git Flow, 123
GitLab Flow, 123
list of, 122
selecting, 122
pushing
to forked repo, 114
to origin repo, 97
bug fixes, cost of, 60
bugs, definition of, 46
build stage (CI/CD), 204
business continuity planning (BCP), 50–51
business process management in evolution of network management and software development, 6
business requirements for software architecture, 12, 13
C
caching
for application performance, 70–71
cadence-based telemetry. See MDT (model-driven telemetry)
canary deployment (CI/CD), 206
capacity as quality attribute, 31
CAs (certificate authorities)
hierarchical structure of, 257
web application security, 257–260
CD (continuous delivery), 200
CD (continuous deployment), 200–201
CDNs (content delivery networks/content distribution networks), 188
CDTAO (cross-domain, technology-agnostic orchestration), 342–343
certificate path validation (CPV), 260
certificates
format of, 256
Chef
as agent-based solution, 450–451
described, 512
in evolution of application deployment, 221
choosing. See selecting
CI (continuous integration), 199–200
CIA (confidentiality, integrity, availability) triad, 248–249
CI/CD (continuous integration/continuous delivery (deployment)), 290
integration deployment, 207–217
to cloud-native applications, 213–217
pipeline implementation, 201–203
build, 204
release/deliver, 205
test, 205
cisco_node_utils Ruby gem, installing, 465
ciscopuppet module, installing, 463
CITEIS (Cisco IT Elastic Infrastructure Services), 315
CLI (command-line interface)
accuracy of provisioning, 319–323
on Ansible, 514
application hosting with, 553–556
definition of, 174
wrapper code for APIs, 174–177
Click
command creation, 175
group creation, 175
help function, 176
importing, 175
purpose of, 174
client credential flow (OAuth 2.0), 271–272
clients (APIs)
definition of, 138
close-session operation (NETCONF), 350
cloud availability deployment model, 52
cloud services in evolution of application deployment, 224–238
containers on serverless clouds, 227–234
cloud-native applications, integration deployment to, 213–217
clustering
code adaptation, cost of, 60
code comments as documentation, 79
code refactoring, cost of, 60
codebase
in 12-factor application design, 239
technical debt of, 520
coding standards for maintainability, 59
cohesion in modular design, 37–38
cold standby (spare recovery), 49
command-line interface (CLI). See CLI (command-line interface)
commands (Click), creating, 175
common toolsets for maintainability, 59
compatibility as quality attribute, 31
compiling from source code, 218–220
concurrency
in 12-factor application design, 241
confidentiality, definition of, 249
configuration
in 12-factor application design, 239
of MDT
configuration management, automated. See also SCM (software configuration management); streaming telemetry
agent-based solutions, 450–473
downloading and installing Puppet, 453–458
extracting information via Puppet, 459–463
NX-OS devices with Puppet, 465–469
Puppet platform support matrix, 451
Python scripts with Puppet, 463–465
agentless solutions, 450, 474–501
ACI tenant deployment, 496–501
configuring Ansible inventory, 481–482
downloading and installing Ansible, 474–481
modifying device configurations, 488–493
project-level inventory files in Ansible, 482–483
atomic vs. model-driven, 351–354
in evolution of application deployment, 220–224
imperative vs. declarative models, 448–449
provisioning vs.449
CONNECT requests, 336
consistency as ACID property, 148
console, network provisioning from, 291–294
constraints (limitations)
on RESTful APIs, 157
for software architecture, 10
containers. See also application containers
LXC (Linux Containers), 529–530
content delivery networks/content distribution networks (CDNs), 188
content layer (NETCONF), 349
continuous delivery (CD), 200
continuous deployment (CD), 200–201
continuous integration (CI), 199–200
controller-based network management, atomic vs.303–305
cookie authentication (APIs), 180–181
copy-config operation (NETCONF), 350
coupling
DIP (dependency inversion principle) and, 65–66
CPV (certificate path validation), 260
credentials. See IT secrets storage; OAuth 2.0; PKI (public key infrastructure)
cross-domain, technology-agnostic orchestration (CDTAO), 342–343
cross-site scripting (XSS), 264–266
culture in evolution of network management and software development, 8
cURL, RESTCONF GET operations with, 375–377
current changes (Git), reviewing, 94, 112
customizing exam modes, 650–651
D
data at rest, 251
data backup and replication for high availability, 51
data encoding
data in use, 251
data localization, definition of, 251
data privacy, definition of, 251
data sources (Terraform), 517
data sovereignty, definition of, 251
data velocity, 82
databases
selecting in application design, 79–83
data velocity, 82
declarative configuration management models, 448–449
delete-config operation (NETCONF), 350
deliver stage (CI/CD), 205
dependencies
in 12-factor application design, 239
in modular design, 38
dependency inversion principle (DIP), 65–66
deployment models for high availability, 51–53. See also application deployment
design. See application design
destination groups, creating, 398–399
device code flow (OAuth 2.0), 281–283
DevOps, 290
in evolution of network management and software development, 8
key practices in, 8
vs. SRE, 198
dial-in mode (streaming telemetry), 392
definition of, 394
dial-out vs.395
dial-out mode (streaming telemetry), 392
definition of, 394
dial-in vs.395
digital certificates. See certificates
DIP (dependency inversion principle), 65–66
disaster recovery, 47
disaster recovery planning (DRP), 50–51
disk space usage, EDT vs. MDT, 440–441
disposability in 12-factor application design, 241
distributed tracing, 77
application hosting with, 538–547
Docker
containers, 530–531. See also application containers
YANG Suite installation, 415–423
documentation
for application performance, 78–79
Intersight SDKs, 605
for maintainability, 59
researching sensor paths, 407
UCS Manager PowerShell SDKs, 622–628
UCS Manager Python SDKs, 617–622
DOM-based XSS, 266
downloading
Pearson Test Prep software, 649–650
DRP (disaster recovery planning), 50–51
durability as ACID property, 148
E
ECS (Elastic Container Service), 227–234
edge computing
application containers
Cisco DNA Center for application hosting, 538–547
Cisco IOx Local Manager for application hosting, 547–552
CLI for application hosting, 553–556
enabling application hosting framework, 536–537
implementation, 534
interaction with iPerf3, 556–563
management best practices, 563–565
platforms supporting, 533
use cases, 532
validating prerequisites, 534–536
benefits of, 527
virtualization technologies, 527–531
LXC (Linux Containers), 529–530
Type-1 hypervisors, 528
edit-config operation (NETCONF), 350
EDT (event-driven telemetry)
definition of, 390
MDT vs.434–441
EEM (Embedded Event Manager), 299–300
Elastic Container Service (ECS), 227–234
elasticity
in application deployment, 223
in application design, 43
EMSs (element management systems), 297–299
enabling
access
UCS Manager, 611
application hosting framework, 536–537
NETCONF
encoding (streaming telemetry)
definition of, 395
endpoints (APIs), definition of, 138
errors
definition of, 46
event streaming, definition of, 15
event-driven architecture, definition of, 15
event-driven telemetry (EDT)
definition of, 390
MDT vs.434–441
evolution
of application deployment methods, 218–238
automated configuration management, 220–224
sysadmins compiling from source code, 218–220
of network management and software development, 5–8
updating exams, 651
exponential backoff for application performance, 72–73
extensibility in application design, 62–63
Extensible Markup Language (XML), 338–340, 349, 395
external APIs, 145
extracting model support
with Python and NETCONF, 410–413
Extreme Programming (XP), 19, 20
F
facter utility (Puppet), 459–463
failures
availability and recovery, 47–50
definition of, 46
prevention of, 50
Fargate, 227
fat interfaces, 64
fault detection, availability and, 46–47
fault monitoring in application containers, 564
fault tolerance as quality attribute, 32
faults, definition of, 46
FCAPS (Fault, Configuration, Accounting, Performance, and Security) model in evolution of network management and software development, 5
FDM (Firepower Device Management), 582
Fiddler, 147
file transfer methods, 297
File Transfer Protocol (FTP), 297
purpose of, 582
Firepower Device Management (FDM), 582
Firepower Management Center (FMC), 582
firewalls. See Firepower
five nines (availability), 45
fixed window (rate limiting), 187
Flash Card Mode (exam preparation), 650
flow control. See performance
FMC (Firepower Management Center), 582
Fork and Pull Workflow (Git), 104–120
branches
creating, 111
pushing to forked repo, 114
current changes review, 112
pros and cons, 105
sample setup, 105
staged changes review, 112–113
four nines (availability), 45
FTD (Firepower Threat Defense). See Firepower
FTP (File Transfer Protocol), 297
functional appropriateness as quality attribute, 31
functional correctness as quality attribute, 31
functional requirements for software architecture, 10–11, 12–13
comparison with nonfunctional, 12
relationship with nonfunctional, 29
functional stability as quality attribute, 31
functional testing, 23
future-proofing, cost of, 60
G
GDPR (General Data Protection Regulation), 251–252
get operation (NETCONF), 350
GET operation (RESTCONF)
get-config operation (NETCONF), 350
Git
definition of, 121
Git Flow, 123
GitLab Flow, 123
list of, 122
selecting, 122
features of, 88
Branch and Pull Workflow, 89–103
Fork and Pull Workflow, 104–120
GKE (Google Kubernetes Engine), 224–226
gNMI (gRPC Network Management Interface), 390, 392
GPB (Google Protocol Buffer), 396
Grafana
purpose of, 426
GraphQL, 147
gRPC (Google Remote Procedure Call)
as architectural style, 154–155
definition of, 390
in MDT, 397
H
HCL (HashiCorp Configuration Language), 494, 518
HEAD requests, 336
Health Insurance Portability and Accountability Act (HIPAA), 252
heartbeats for fault detection, 46
hello packets for fault detection, 46
help function (Click), 176
high availability. See availability
HIPAA (Health Insurance Portability and Accountability Act), 252
horizontal scaling in application design, 41–42
hot standby (active recovery), 47–48
HTTP status codes, 184
hybrid availability deployment model, 53
hybrid scaling in application design, 42
hypervisors
Type-1, 528
I
I2RS (Interface to Routing System), 333
IaC (Infrastructure as Code), 447–448
agent-based solutions, 450–473
IBN (intent-based networking), 305–306
ICMP echo/echo-reply for fault detection, 46–47
idempotency of APIs, 337
IETF RFC 5424 (Syslog), logging with, 75
IMDb API
imperative configuration management models, 448–449
implicit flow (OAuth 2.0), 275–276
importing Click, 175
INET data types, 366
InfluxDB
purpose of, 426
information security. See security
infrastructure. See also IaC (Infrastructure as Code)
integration deployment to, 207–213
atomic vs. controller-based networking, 303–305
intent-based networking, 305–306
element management systems, 297–299
file transfer methods, 297
technical debt of, 520
Infrastructure as Code (IaC), 447–448
agent-based solutions, 450–473
inside-out design (APIs), 178
installability as quality attribute, 33
installing
cisco_node_utils Ruby gem, 465
ciscopuppet module, 463
jq utility, 460
Telegraf, 428
integration deployment (CI/CD), 207–217
to cloud-native applications, 213–217
integration testing, 22
integrity
definition of, 249
as quality attribute, 32
intent-based networking (IBN), 305–306
interface segregation principle (ISP), 64–65
Interface to Routing System (I2RS), 333
interfaces in modular design, 39–40
interoperability as quality attribute, 30, 31
interpolation (Terraform), 517–518
purpose of, 601
SDK documentation, 605
inventory (Ansible)
inventory management for application containers, 563–564, 565
IOS XE, enabling NETCONF on, 355–356
IOS XR
IOx
described, 534
IOx Local Manager, application hosting with, 547–552
iPerf3, interaction with, 556–563
isolation
as ACID property, 148
in failure prevention, 50
ISP (interface segregation principle), 64–65
IT service management, automation and, 343–344
J
JDBC (Java Database Connectivity), 335
jq utility, installing, 460
JSON (JavaScript Object Notation)
as data encoding method, 396
K
keys. See IT secrets storage; OAuth 2.0; PKI (public key infrastructure)
kill-session operation (NETCONF), 350
KIND (Kubernetes in Docker), 214–215
Kubernetes
integration deployment in, 213–217
L
definition of, 67
high performance design, 69–73
side effects of, 69
laws governing privacy protection, 251–252
leaky bucket (rate limiting), 187
learnability as quality attribute, 32
limitations (constraints)
on RESTful APIs, 157
for software architecture, 10
Linux Containers (LXC), 529–530
Linux VM
YANG Suite installation, 415–423
Liskov’s substitution principle (LSP), 63–64
load balancing in application design, 41–42
lock operation (NETCONF), 350
logging. See also monitoring
for application performance, 74–76
definition of, 73
Python levels of, 75
with Syslog (IETF RFC 5424), 75
logs in 12-factor application design, 242
loose coupling. See coupling
low-level documentation, 79
LSP (Liskov’s substitution principle), 63–64
LXC (Linux Containers), 529–530
M
maintainability
DIP (dependency inversion principle), 65–66
ISP (interface segregation principle), 64–65
LSP (Liskov’s substitution principle), 63–64
modularity and, 59
OCP (open-closed principle), 62–63
SRP (single responsibility principle), 61
as quality attribute, 33
manual usage of NETCONF, 358–364
MDT (model-driven telemetry)
configuring
definition of, 390
dial-in/dial-out comparison, 395
EDT vs.434–441
sensor path selection, 407–413
extracting NETCONF capabilities with Python, 410–413
manually extracting NETCONF capabilities, 408–410
public documentation for, 407
YANG model investigation via YANG Suite, 414–423
mean time between failures (MTBF), 45
mean time to repair (MTTR), 45, 47
measurability of nonfunctional requirements, 29, 35–36
purpose of, 592
merge button settings (Git), 125
messages layer (NETCONF), 350–351
metrics
for application performance, 76–77
definition of, 73
microservices
definition of, 14
mobile application security, 262–266
model-driven configuraiton management, atomic vs.351–354
model-driven telemetry (MDT). See MDT (model-driven telemetry)
model-view-controller (MVC), definition of, 15
modifiability as quality attribute, 30, 33
modularity in application design, 36–41
definition of, 36
maintainability and, 59
monitoring. See also logging; streaming telemetry
application containers, 564
for application performance, 73–79
with Embedded Event Manager, 299–300
evolution from SNMP to streaming telemetry, 386–391
for fault detection, 46
MTBF (mean time between failures), 45
MTTR (mean time to repair), 45, 47
multiprocessing, 72
multithreading, 72
MVC (model-view-controller), definition of, 15
N
naming conventions for maintainability, 59
native models, 366
NETCONF, 334. See also RESTCONF
definition of, 322
content, 349
operations, 350
transport, 351
management solutions with, 382–383
mapping to RESTCONF operations, 372–373
in MDT, 396
extracting capabilities with Python, 410–413
manually extracting capabilities, 408–410
network APIs. See APIs (application programming interfaces)
network controllers, 334
network management
atomic vs. controller-based networking, 303–305
intent-based networking, 305–306
network management systems (NMS)
in evolution of network management and software development, 5
with NETCONF and RESTCONF, 382–383
proximity of tools and support staff, 316
network operations center (NOC) in evolution of network management and software development, 6
network programmability, definition of, 329–332
configuration management vs.449
element management systems, 297–299
file transfer methods, 297
Network Services Orchestrator (NSO), 382
new features and upgrades, cost of, 60
Nginx, 186
NMS (network management systems)
in evolution of network management and software development, 5
with NETCONF and RESTCONF, 382–383
proximity of tools and support staff, 316
NOC (network operations center) in evolution of network management and software development, 6
nonfunctional requirements for software architecture, 11–12, 13–14, 29–36
architectural decisions, 519–520
comparison with functional, 12
stages of, 35
nonrepudiation as quality attribute, 32
northbound APIs, 135
NoSQL (nonrelational) databases, 80
NSO (Network Services Orchestrator), 382
NX-OS devices
O
OAS (OpenAPI Specification), 155–156, 165
authorization code flow, 276–278
client credential flow, 271–272
resource owner password credential flow, 272–274
three-legged authorization, 269–270
two-legged authorization, 268–269
object-oriented design (OOD)
for maintainability, 59
objects (APIs), 134
observability for application performance, 73–79
OCP (open-closed principle), 62–63
ODBC (Open Database Connectivity), 335
OMI (Open Management Infrastructure), 334
on-premises availability deployment model, 52
OOD (object-oriented design)
for maintainability, 59
open APIs, definition of, 140
Open Web Application Security Project (OWASP), 249, 262–266
open YANG models, 366
OpenAPI Specification (OAS), 155–156, 165
open-closed principle (OCP), 62–63
OpenFlow, 333
open-source solutions, purpose of, 444
OpenStack, 334
operability as quality attribute, 32
operation expenses, reducing, 329
operational lifecycle of devices, 315
operations layer (NETCONF), 350
optimization, cost of, 60
OPTIONS requests, 336
orchestration
in evolution of network management and software development, 6–7
output values (Terraform), 517
outside-in/user interface design (APIs), 178
OWASP (Open Web Application Security Project), 249, 262–266
ownership in evolution of network management and software development, 6
P
pagination, 70, 162, 181–184, 337–338
parallel processing
for application performance, 72
parity in 12-factor application design, 241–243
partner APIs, 145
passive recovery (warm standby), 48
patterns (software architecture), 14–15
PCEP (Path Computation Element Protocol), 333
PCI DSS (Payment Card Industry Data Security Standard), 252
PDIOO (planning , design, implementation, operation, and optimization) model, 288–289
Pearson Cert Practice Test Engine, 649
Pearson Test Prep software
Premium Edition, 651
updating, 651
performance
of APIs
error handling/timeouts/rate limiting, 184–188
pagination, 162
streaming vs. pagination, 181–184
in application design
parallel processing, 72
trade-offs in, 69
as quality attribute, 30
performance efficiency as quality attribute, 31
performance monitoring of application containers, 564
performance optimization, cost of, 60
performance testing, 23
picking. See selecting
PII (personally identifiable information), 250
ping for fault detection, 46–47
pip, installing Ansible via, 476–481
PKCE flow (OAuth 2.0), 278–280
PKI (public key infrastructure), 254–262
certificate revocation, 256–257
hierarchical structure of, 257
web application security with TLS, 257–260
planning for high availability, 50–51
playbooks (Ansible), 483–487, 488–493
port binding in 12-factor application design, 241
portability as quality attribute, 33
Postman, 146
DNA Center documentation, 633–635
Firepower documentation, 584–585
Intersight documentation, 603–605
RESTCONF GET operations with, 377–382
PowerShell, UCS Manager documentation, 622–628
practical applications. See use cases
practical scaling in application design, 43–44
Practice Exam Mode (exam preparation), 650
predictive analytics in failure prevention, 50
Premium Edition of Pearson Test Prep software, 651
updating exams, 651
prerequisites, validating, 534–536
prevention
cost of, 60
of failures, 50
problem prevention, cost of, 60
processes in 12-factor application design, 240
programmability, definition of, 329–332
project-level inventory files in Ansible, 482–483
protobufs, 396
Protocol Buffer (Protobuf) IDL (Interface Definition Language), 154–155
providers (Terraform), 517
provisioning networks, 290–291
configuration management vs.449
element management systems, 297–299
file transfer methods, 297
public documentation. See documentation
public key infrastructure (PKI). See PKI (public key infrastructure)
publisher/subscriber (pub/sub) model, definition of, 15
Puppet, 334
as agent-based solution, 450–473
downloading and installing, 453–458
extracting information, 459–463
Puppet platform support matrix, 451
described, 512
in evolution of application deployment, 221
with NETCONF and RESTCONF, 383
push model in streaming telemetry, 391–392
pushing branches (Git)
to forked repo, 114
to origin repo, 97
Python
DNA Center authorization, 637–639
DNA Center documentation, 635–637
extracting model support with, 410–413
installing Ansible via pip, 476–481
Intersight authorization, 606–611
Intersight documentation, 605
logging levels, 75
UCS Manager documentation, 617–622
Q
quality attributes. See nonfunctional requirements for software architecture
R
rate limiting
for application performance, 71–72
recoverability as quality attribute, 32
recovery, availability and, 47–50
reducing operation expenses, 329
redundancy, recovery and, 47–50
reflected XSS, 265
refresh tokens (OAuth 2.0), 181, 280–281
regulations governing privacy protection, 251–252
relational databases, 80
release stage (CI/CD), 205
reliability as quality attribute, 30, 32
remote-procedure call (RPC)
definition of, 147
gRPC, 390
REST vs.152–154
replaceability as quality attribute, 33
representational state transfer. See REST (representational state transfer)
requirements
for database selection
data velocity, 82
for software architecture, 10–14
architectural decisions, 519–520
availability, 45
business, 12
comparison of functional and nonfunctional, 12
constraints (limitations), 10
nonfunctional, 11–12, 13–14, 29–36, 519
resiliency
availability requirements, 45
failure prevention, 50
as quality attribute, 30
resource owner password credential flow (OAuth 2.0), 272–274
resource utilitization as quality attribute, 31
resources (Terraform), 517
response time (RT). See latency
respositories (Git). See Git
REST (representational state transfer). See also RESTCONF; RESTful APIs
definition of, 147
RPC vs.152–154
RESTCONF
authentication, 373
definition of, 371
GET operations
management solutions with, 382–383
in MDT, 396
protocol stack, 372
constraints on, 157
DNA Center
Firepower
HTTP status codes, 184
NETCONF APIs vs.159
operation types, 336
streaming APIs vs.181–184
uniform interfaces, 158
Webex
retries, recovery and, 49
reusability as quality attribute, 33
reviewing
current changes (Git), 94, 112
staged changes (Git), 94, 112–113
revoking certificates, 256–257
rollbacks, recovery and, 50
rolling deployment (CI/CD), 206
RPC (remote-procedure call)
definition of, 147
gRPC, 390
REST vs.152–154
RT (response time). See latency
S
SaltStack in evolution of application deployment, 221
sanity checks for fault detection, 47
Sarbanes-Oxley Act of 2002 (SOX), 252
scalability
in network provisioning, 323–328
of streaming telemetry, 391–392
SCM (software configuration management). See also automated configuration management
Ansible
comparison with Terraform, 518–519
definitions and standards, 510–511
in evolution of application deployment, 220–224
list of systems, 512
for maintainability, 59
Terraform
comparison with Ansible, 518–519
scope in modular design, 38
SDKs (software development kits). See also clients (APIs)
DNA Center
Firepower, enabling access, 582–583
Intersight
documentation, 605
Meraki
UCS Manager
additional resources, 628
PowerShell documentation, 622–628
Webex
SDLC (software development lifecycle)
software architecture in, 510
SDN (software-defined networking), 290, 329–335
atomic networking vs.303–305
Cisco solutions for, 335
contributing protocols and solutions, 333–334
error reduction in, 68
in evolution of network management and software development, 7
network controllers, 334
northbound/southbound APIs, 135
secrets. See IT secrets storage
Secure Copy Protocol, 297
Secure File Transfer Protocol (SFTP), 297
security
in API development, 162, 179–181
of application containers, 564
in evolution of network management and software development, 5
for network provisioning, 293–294
authorization code flow, 276–278
client credential flow, 271–272
resource owner password credential flow, 272–274
three-legged authorization, 269–270
two-legged authorization, 268–269
certificate revocation, 256–257
hierarchical structure of, 257
web application security with TLS, 257–260
selecting
API architectural styles, 147–148
databases in application design, 79–83
data velocity, 82
Git branching strategies, 122
extracting NETCONF capabilities with Python, 410–413
manually extracting NETCONF capabilities, 408–410
public documentation for, 407
self-testing for fault detection, 46
sensor groups, creating, 400, 404–405
sensor paths
extracting NETCONF capabilities with Python, 410–413
manually extracting NETCONF capabilities, 408–410
public documentation for, 407
server load balancing in application design, 41–42
serverless clouds, containers on, 227–234
servers (APIs), definition of, 138
serviceability as quality attribute, 30
service-level agreement (SLA), 45
service-oriented architecture (SOA), definition of, 14–15
sessions (streaming telemetry), definition of, 394
SFTP (Secure File Transfer Protocol), 297
Simple Network Management Protocol (SNMP)
in evolution of network management and software development, 5
Simple Object Access Protocol (SOAP), definition of, 148, 335–336
simple ping for fault detection, 46–47
single responsibility principle (SRP), 61
site reliability engineering (SRE), 196–198, 290
DevOps vs.198
six nines (availability), 45
SLA (service-level agreement), 45
sliding window (rate limiting), 188
SNMP (Simple Network Management Protocol)
in evolution of network management and software development, 5
transition to streaming telemetry, 386–391
SOA (service-oriented architecture), definition of, 14–15
SOAP (Simple Object Access Protocol), definition of, 148, 335–336
software architecture
application design
availability and resiliency in, 44–53
application performance
parallel processing, 72
trade-offs in, 69
definition of, 9
architectural decisions, 519–520
business, 12
comparison of functional and nonfunctional, 12
constraints (limitations), 10
nonfunctional, 11–12, 13–14, 29–36, 519
in software development cycle, 510
software configuration management (SCM). See also automated configuration management
Ansible
comparison with Terraform, 518–519
definitions and standards, 510–511
in evolution of application deployment, 220–224
list of systems, 512
for maintainability, 59
Terraform
comparison with Ansible, 518–519
software developers, definition of, 5
software development
costs associated with, 60
methodologies and frameworks, 318
software development kits (SDKs). See SDKs (software development kits)
software development lifecycle (SDLC)
software architecture in, 510
software development models, 17–21
Extreme Programming, 19
Kanban, 19
Lean, 19
Scrum, 19
software engineers, definition of, 5
software quality. See nonfunctional requirements for software architecture
software-defined networking (SDN). See SDN (software-defined networking)
DIP (dependency inversion principle), 65–66
ISP (interface segregation principle), 64–65
LSP (Liskov’s substitution principle), 63–64
OCP (open-closed principle), 62–63
SRP (single responsibility principle), 61
source code, compiling from, 218–220
southbound APIs, 135
SOX (Sarbanes-Oxley Act of 2002), 252
spare recovery (cold standby), 49
SQL (Structured Query Language) databases, 80
SRE (site reliability engineering), 196–198, 290
DevOps vs.198
SRP (single responsibility principle), 61
staged changes (Git), reviewing, 94, 112–113
standards of privacy protection, 251–252
stored XSS, 264
streaming telemetry
MDT
dial-in mode configuration, 402–406
dial-in/dial-out comparison, 395
dial-out mode configuration, 398–402
EDT vs.434–441
sensor path selection, 407–413
YANG model investigation via YANG Suite, 414–423
Telegraf, installing, 428
stress testing, 23
Structured Query Language (SQL) databases, 80
Study Mode (exam preparation), 650
subscriptions
definition of, 395
substitutability in application design, 63–64
sysadmins in evolution of application deployment, 218–220
Syslog, logging with, 75
Syslog-NG utility, running in application container, 559–563
system requirements for software architecture, 13
system testing, 23
system upgrades, recovery and, 49–50
T
Tail-f Systems, 382
technical requirements for software architecture, 13–14
Telegraf
installing, 428
purpose of, 426
telemetry. See streaming telemetry
Terraform
as agentless solution, 450, 493–501
ACI tenant deployment, 496–501
comparison with Ansible, 518–519
in evolution of application deployment, 221
integration deployment to infrastructure, 207–213
updating exams, 651
test stage (CI/CD), 205
testability as quality attribute, 30, 33
TFTP (Trivial File Transfer Protocol), 297
three nines (availability), 45
three-legged authorization (OAuth 2.0), 269–270
TIG stack. See Grafana; InfluxDB; Telegraf
time series databases (TSDB), 80–81
time-based telemetry. See MDT (model-driven telemetry)
timeouts
recovery and, 49
time-series metrics. See metrics
TLS (Transport Layer Security), 162, 251, 257–260
token authentication (APIs), 180
token bucket (rate limiting), 187
tracing
for application performance, 77–78
definition of, 74
transport (streaming telemetry)
definition of, 395
transport layer (NETCONF), 351
Transport Layer Security (TLS), 162, 251, 257–260
Trivial File Transfer Protocol (TFTP), 297
TSDB (time series databases), 80–81
12-factor application design, 238–242
admin processes, 242
backing services, 240
build/release/run stages, 240
codebase, 239
concurrency, 241
configuration, 239
dependencies, 239
disposability, 241
logs, 242
port binding, 241
processes, 240
two nines (availability), 45
two-legged authorization (OAuth 2.0), 268–269
Type-1 hypervisors, 528
U
additional resources, 628
enabling access, 611
PowerShell SDK documentation, 622–628
purpose of, 611
Python SDK documentation, 617–622
Unified Computing System Manager. See UCS Manager
uniform interfaces in RESTful APIs, 158
unit testing, 22
unlock operation (NETCONF), 350
updating Pearson Test Prep software, 651
URIs (Uniform Resource Identifiers), 134, 150, 373–374
URLs (Uniform Resource Locators), 150
usability as quality attribute, 30, 32
usability testing, 23
use cases
for application containers, 532
definition of, 13
user error protection as quality attribute, 32
user interface aesthetics as quality attribute, 32
user requirements for software architecture, 13
user stories, definition of, 13
users (APIs), definition of, 138
V
validating
gRPC dial-in configuration, 405–406
variables (Terraform), 517
VCS (version control system). See version control
velocity of data, 82
verifying dial-out configuration, 401–402
version control
Git
Branch and Pull Workflow, 89–103
features of, 88
Fork and Pull Workflow, 104–120
for maintainability, 59
vertical scaling in application design, 42–43
virtualization
LXC (Linux Containers), 529–530
Type-1 hypervisors, 528
in evolution of network management and software development, 6
visibility in 12-factor application design, 242
W
warm standby (passive recovery), 48
waterfall model, 17–18, 20, 318
web application security
enabling REST API/SDK access, 572–573
white-box testing, 23
Branch and Pull Workflow, 89–103
current changes review, 94
pros and cons, 89
pushing branches to origin repo, 97
sample setup, 90
staged changes review, 94
Fork and Pull Workflow, 104–120
branch creation, 111
current changes review, 112
pros and cons, 105
pushing branches to forked repo, 114
sample setup, 105
staged changes review, 112–113
X
XML (Extensible Markup Language), 338–340, 349, 395
XP (Extreme Programming), 19, 20
XSS (cross-site scripting), 264–266
Y
YANG models, 334
EDT vs.434–441
extracting support for
with Python and NETCONF, 410–413
investigation via YANG Suite, 414–423
management solutions for, 382
in MDT and EDT, 390
public documentation for, 407
Z
ZTD (zero-touch deployment), 449