we're going to take a look at a topic from the ccna exam blueprint. That's exam 200-301, Specifically we're going to be talking about three configuration management tools, Puppet and chef and ansible, And if you look at that exam blueprint, It tells us we don't have to be able to configure or troubleshoot or really even thoroughly explain these. It says we have to be able to recognize the capabilities of these tools and that's what we're going to do in this article, Which is taken from our ccna article training series and as always, If you enjoyed the article, Please give me a like down below and Subscribe, So you don't miss any of our weekly content in our previous article, When we were talking about the devops life cycle, We said in the deploy phase.
We were pushing configurations out to our devices and we wanted to maintain consistency in our configuration across the devices and we wanted to have scalability. We didn't want to have to go to each device and one at a time do a configuration, And we said that for the exam cisco wanted us to know about three specific configuration management tools and those were puppet chef and ansible. We'Re going to consider those in this article at a high level, Specifically on the cisco exam blueprint.
We don't have to configure them. We don't need to know how to write to the configuration code that these tools are going to use. We just need to recognize what t can do for us and t all have the basic same purpose in life. T'Re going to be able to push configuration, Changes from some sort of a file that we have out to our managed devices like routers or switches, And specifically we're going to be focused on cisco nexus switches.
Those are switches that we typically see in a data center environment and the reason we're really going to be focused on those is two of these tools: puppet and chef t're, Going to require that something be installed. An agent has to be installed on the devices that we're managing and since cisco nexus allows us to install software, Because it essentially has a layer in the software that's running linux and we can install things on top of that linux platform. We'Re going to be able to install that agent and that's as opposed to our traditional cisco ios devices like our isr routers, Our cisco catalyst switches, But we'll see that ansible does not require an agent. We can just push instructions one way and let's dive into these.
Just a bit more beginning with puppet puppet is written in ruby and when people hear that t often think t have to be expert programmers in ruby in order to use puppet, That's really not the case. We just have to get comfortable with the configuration file structure and I'll, Give you a simple snippet here in just a few moments, But we don't have to be expert, Ruby, Programmers. So don't let that throw you off and within puppet we're, Going to declare different resources and say what type of resource it is. There's a couple of examples. A resource might be an interface that we're going to configure a resource might be an ospf process that we're going to run and the parameters or the characteristics that we want to assign to that resource is done with a class. A class is a set of common configuration settings, For example, A setting for an interface resource might be an ip address for that interface, And then we can take a collection of those common configuration settings and group them together in what's called a manifest.
This is the puppet code. This is what gets sent out to our devices. This manifest is going to accomplish a particular job and it's going to contain a collection of classes, And we probably have more than one manifest to do different jobs and we can store those in a repository called a module. And in order for this to work, We need to install a puppet server on a server and we have to install puppet agents on the devices that we're going to be managing and we'll need to do that.
To our cisco nexus switches as an example and what we can do is say, I want these switches to be in a particular state. I want them to have a specific configuration, In other words, And we can represent our intent for what state we want them to be in in one of those manifest documents that set of puppet instructions. And let's just say that the state we are after we're just calling state b and again, We don't need to worry about the syntax for the exam, But just to give you a simple example of what the configuration file might look like. Even though we're not ruby experts, I think we can read this pretty well. We see that we're configuring interface ethernet, One slash four.
We see that it's currently shut down because shutdown is set to true switchport mode is disabled. In other words, It's set as a routed port, It's being managed by puppet. That's our description, And we see that the ip address is 17216124 and we're not applying this specific configuration file to these switches. In this example, We don't want to assign the same ip addresses to all of our switches.
I just wanted to give you an example of the syntax that we might find inside of one of these manifests. But let's say that we've got this big, Manifest with all kinds of instructions and it represents the state. We want our devices to be in and we're just calling it state b as an example, And we can have bi-directional communication between the server and the agents that are running on these nexus switches and we can check to see what their states are and maybe the Top and bottom switches t're in state a t're in a different state than what we want. The middle switch it's in state b, So we don't need to do any configuration there, But what we can do is we can push out this manifest and make changes on those top and bottom switches so that t become compliant with the state.
We want everybody to be in that's an example of what puppet can do for us. Chef is very similar. Chef is also written in ruby. The terminology we use is a little bit different since we're using the metaphor of being a chef and cooking. We say that our configuration instructions are contained in recipes and a recipe is going to be configuration instructions for a specific task like creating a one q trunk, For example, And we can have a collection of recipes to go into.
Can you guess a cookbook, We're gonna put those in a cookbook, That's a collection of recipes and there actually is a cookbook. That's called the cisco cookbook and we can install that on our chef server and just like puppet. We need to have an agent on these nexus switches, We're going to install a chef client.
That's going to be our agent that we put on these switches. Now we can have bi-directional communication and even though we don't have to do coding or interpret code on the exam, Here's a sample of what a configuration might look like again. I think we can interpret this without being ruby experts. In the top example, We're going into ethernet one slash one, And it looks like we have an ip address of 19216811 with a slash 24 subnet mask we're. Bringing it up administratively, Because shutdown is set to false switchport mode is disabled, Meaning.
This is a routed port and then we've got ethernet one slash two we're bringing it up. Administratively, Its switchport mode is access. So this is not a routed port. This is an actual switchport and we're signing it to vlan 200. That's just a simple example of the kind of code that we might find in the instructions that we're pushing out to our devices now.
The third example is ansible, And this is the one that really stands apart from the other two, The other two used a server and agents on the managed devices. This is going to be an agentless model and again the terminology is a bit different. We'Re going to have what's called a playbook, That's going to be our configuration instructions and the configuration instructions are written in a language called yaml yaml and when I first saw that my guess was that that stood for yet another markup language but and I've double checked.
This with many many resources, Because it just seems wrong, But this is actually from the official site. This is what yaml stands for. It stands for yaml ain't, Markup language that doesn't seem grammatically correct to me.
Does that bother anybody? It bothers me, But I'll try to ignore it, Move on but yaml. That's how we're going to write our configuration instructions using that command, Syntax and then we're going to have an inventory. That's a list of devices that we're going to apply our configuration to what we're going to do is take that playbook and run it against our inventory and again, The big distinction between ansible and the other two tools we talked about puppet and chef. No agent is going to be required now, Let's take a look at what this yaml configuration might look like, And this is just a simple example. This is not an example.
We would be applying to these cisco nexus switches, But here I think it's pretty readable. We see that we're applying a description of engineering interface and an ip address of 10551 with an ip address of 255255255192, We're applying that to a parent interface of interface, Gigabit ethernet 1 and we're applying an ip helper address of 1011100 to a couple of parent items. Those items are interfaces gigabit, Ethernet, 1 and gigabit ethernet 2 and as a review, Here's the ansible process. We'Ve got a playbook with a set of configuration instructions.
We'Ve got an inventory which is a list of devices and we're going to run that playbook against that inventory and our server or just basic machine. It doesn't have to be a high powered server. Again, It's going to send those configuration instructions using secure shell.
One way out to our managed devices and it's going to be applied on those devices, No agent required. That's what I want you to know for the exam about puppet chef and ansible. As you start getting more into these in the real world, You'll see that there are some exceptions to what we just discussed. For example, There is such a thing as agentless puppet there's an option to do what's called a chef push where we can push instructions out to a device, That's not managed by an agent.
We could use puppet, For example, With traditional cisco ios devices by having a puppet proxy, So there are lots of different things that we can do beyond what we've talked about here. But this is the high level overview that I want you to know for the exam again. To summarize, We've talked about three configuration management tools, The goals being we want scalability and we want consistency in our configuration and we want the ability to do quick deployments. Two of those tools, Puppet and chef required that we had agents installed on the managed devices, And we said those are going to be typically cisco, Nexus switches because t are actually running linux and we can install the agents on top of that linux platform running inside.
Of our cisco nexus switches - and we said we could ultimately use ansible ansible is going to be able to push configuration changes using secure shell out to devices without those devices having to have an agent installed, And that's a look at our three configuration management tools that We need to know for this exam . You
With the CCNP 300-835 Dumps, preparing for your actual certification exam becomes easy. You can use these exam questions to determine your readiness for certification. The certification is challenging, and some assistance goes a long way. Not only may you take this test numerous times, but you can also demonstrate that you comprehend the ideas presented on the certification exam.