Jason Davis is a distinguished engineer for the DevNet program in the Developer Relations organization at Cisco. His role is technical strategy lead for the DevRel organization as he collaborates with various Cisco business unit leaders, partners, customers, and other industry influencers. Jason is focused on automation, orchestration, cloud-native technologies, and network management/operations technologies. He has a tenured career working with hundreds of customers, worldwide, in some of the largest network automation and management projects and is sought out for consulting and innovative leadership. His former experience as a U.S. Army Signal Corps officer has provided insights to defense, government, and public-sector projects, while his extensive work in professional services at Cisco has spanned commercial, large-enterprise, and service provider segments. Most of his customer engagements have been in automotive, manufacturing, large retail, large event venues, and health care. Jason has achieved Cisco Live Distinguished Speaker Hall of Fame status and is an automation/monitoring lead for the network operations center (NOC) at Cisco Live events in the U.S. and Europe. He resides in Apex, North Carolina, and enjoys IoT projects, home automation, and audio/video technologies in houses of worship. Jason and his wife, Amy, have four children whom they homeschool and cherish daily. Jason is found on social media [...]

Hazim Dahir, CCIE No. 5536, is a distinguished engineer at the Cisco office of the CTO. He is working to define and influence next-generation digital transformation architectures across multiple technologies and verticals. Hazim started his Cisco tenure in 1996 as a software engineer and subsequently moved into the services organization focusing on large-scale network designs. He's currently focusing on developing architectures utilizing security, collaboration, Edge computing, and IoT technologies addressing the future of work and hybrid cloud requirements for large enterprises. Through his passion for engineering and sustainability, Hazim is currently working on advanced software solutions for electric and autonomous vehicles with global automotive manufacturers. Hazim is a Distinguished Speaker at Cisco Live and is a frequent presenter at multiple global conferences and standards bodies. He has multiple issued and pending patents and a number of innovation and R&D publications.

Stuart Clark, DevNet Expert #2022005, started his career as a hairdresser in 1990, and in 2008 he changed careers to become a network engineer. After cutting his teeth in network operations, he moved to network projects and programs. Stuart joined Cisco in 2012 as a network engineer, rebuilding one of Cisco's global networks and designing and building Cisco's IXP peering program. After many years as a network engineer, Stuart became obsessed with network automation and joined Cisco DevNet as a developer advocate for network automation. Stuart contributed to the DevNet exams and was part of one of the SME teams that created, designed, and built the Cisco Certified DevNet Expert. Stuart has presented at more than 50 external conferences and is a multi-time Cisco Live Distinguished Speaker, covering topics on network automation and methodologies. Stuart lives in Lincoln, England, with his wife, Natalie, and their son, Maddox. He plays guitar and rocks an impressive two-foot beard while drinking coffee. Stuart can be found on social media [...]

Quinn Snyder is a developer advocate within the Developer Relations organization inside Cisco, focusing on datacenter technologies, both on-premises and cloud-native. In this role, he aligns his passion for education and learning with his enthusiasm for helping the infrastructure automation community grow and harness the powers of APIs, structured data, and programmability tooling. Prior to his work as a DA, Quinn spent 15 years in a variety of design, engineering, and implementation roles across datacenter, utility, and service provider customers for both Cisco and the partner community. Quinn is a proud graduate of Arizona State University (go Sun Devils!) and a Cisco Network Academy alumnus. He is the technical co-chair of the SkillsUSA - Arizona Internetworking contest and is involved with programmability education at the state and regional level for the Cisco Networking Academy. Quinn resides in the suburbs of Phoenix, Arizona, with his wife, Amanda, and his two kids. In his free time, you can find him behind a grill, behind a camera lens, or on the soccer field coaching his daughter's soccer teams. Quinn can be found on social media [...] usually posting a mixture of technical content and his culinary creations.

Introduction xxviii
Part I Software Development and Design
Chapter 1 Software Development Essentials 2
"Do I Know This Already?" Quiz 2
A Brief History of the Future 4
The Evolution 5
Automation, Orchestration, and DevOps 6
Software Architecture and Design 9
Architecture Requirements 10
Functional Requirements 13
Nonfunctional Requirements 13
Architectural Patterns 14
Software Development Lifecycle (SDLC) Approach 15
Software Development Models 17
Waterfall 17
Agile Software Development 18
Scrum 19
Extreme Programming 19
Kanban 19
Lean 19
Which Model? 20
Architecture and Code Reviews 21
Software Testing 22
Exam Preparation Tasks 23
Chapter 2 Software Quality Attributes 26
"Do I Know This Already?" Quiz 26
Foundation Topics 29
Quality Attributes and Nonfunctional Requirements 29
Brief Overview of the Most Common Quality Attributes 29
Measuring Quality Attributes 35
Modularity in Application Design 36
Benefits of Modularity 36
Modularity Coding Best Practices 37
Microservices and Modular Design 40
Scalability in Application Design 41
Horizontal Scalability 41
Vertical Scalability 42
Practical Scalability in Application Design 43
High Availability and Resiliency in Application Design 44
Failure or Fault Detection 46
Recovery: High Availability in Practice 47
Prevention 50
High Availability Planning and the Responsibilities of the Developer 50
High Availability Deployment Models 51
Exam Preparation Tasks 53
Chapter 3 Architectural Considerations and Performance Management 56
"Do I Know This Already?" Quiz 57
Foundation Topics 59
Maintainable Design and Implementation 59
Maintaining a SOLID Design 60
Single Responsibility Principle (SRP) 61
Open-Closed Principle (OCP) 62
Liskov's Substitution Principle (LSP) 63
Interface Segregation Principle (ISP) 64
Dependency Inversion Principle (DIP) 65
Latency and Rate Limiting in Application Design and Performance 66
Designing for Application Low Latency and High Performance 69
Architecture Trade-offs 69
Improving Performance 69
Design and Implementation for Observability 73
Logging 74
Metrics 76
Tracing 77
Good Documentation Practices: An Observability Reminder 78
Database Selection Criteria 79
Database Requirements Gathering 80
Data Volume 81
Data Velocity 82
Data Variety 82
Exam Preparation Tasks 83
Chapter 4 Version Control and Release Management with Git 86
"Do I Know This Already?" Quiz 86
Foundation Topics 88
Version Control and Git 88
Git Workflow 88
Branch and Pull Workflow 89
Pros 89
Cons 89
Sample Setup 90
Sample Branch and Pull Workflow 90
Fork and Pull Workflow 104
Pros 105
Cons 105
Sample Setup 105
Sample Fork and Pull Workflow 106
Git Branching Strategy 121
What Is a Branching Strategy? 121
The Most Important Factor When Selecting a Git Branching Strategy 122
Popular Git Branching Strategies 122
When to Use GitHub Flow 122
When to Use Git Flow 123
When to Use GitLab Flow 123
Recommended GitHub Settings 125
Configuring the PR Merge Button 125
Configuring a Branch Protection Rule to Require Code Reviews 125
Exam Preparation Tasks 127
Part II APIs
Chapter 5 Network APIs 130
"Do I Know This Already?" Quiz 130
Foundation Topics 132
What Are APIs? 132
Methods 133
Objects 134
Formats 134
APIs vs. No API 135
Web Scraping 135
Jeff Bezos's API Mandate: How the AWS API-Driven Cloud Was Born 136
Calling an API 138
What Is API Development? 144
API Architectural Styles 146
Selecting an API Style 147
HTTP/JSON 149
REST/JSON 150
Cache-Control 151
REST vs. RPC 152
gRPC 154
OpenAPI/Swagger 155
Network API Styles 157
NETCONF APIs 158
Exam Preparation Tasks 160
Chapter 6 API Development 162
"Do I Know This Already?" Quiz 163
Foundation Topics 165
Creating API Clients 165
Code Generation Client API Libraries for IMDb 165
Adding CLI Wrapper Code 174
Making Calls to IMDb Using a CLI Program 174
API Design Considerations 177
API Authentication Models 179
Flow Control (Pagination vs. Streaming) 181
Error Handling, Timeouts, and Rate Limiting 184
Caching 188
Exam Preparation Tasks 189
Part III Application Development, Deployment, and Security
Chapter 7 Application Deployment 192
"Do I Know This Already?" Quiz 193
Foundation Topics 194
The Evolution of Application Responsibilities 194
The Hybridization of Development and Operations 194
The Journey to DevOps 195
A Cultural Shift 196
The Emergence of the Site Reliability Engineer(ing) 196
SRE Responsibilities and Tenets 197
SRE vs. DevOps 198
Continuous Integration/Continuous Delivery (Deployment) 198
Continuous Integration (CI) 199
Continuous Delivery: One of the CDs 200
Continuous Deployment: The Other CD 200
CI/CD Pipeline Implementation 201
Pipeline Components 203
Build 204
Test 205
Release/Deliver 205
Deploy 205
Adding Deployment to Integration 207
Deploying to Infrastructure (Terraform + Atlantis) 207
Deploying Applications (Flux + Kubernetes) 213
Application Deployment Methods over Time 218
The 2000s: Sysadmins, Terminals, and SSH 218
The 2010s: Automated Configuration Management 220
The 2020s: The Clouds Never Looked So Bright 224
Managed Kubernetes (e.g., GKE) 224
Containers on Serverless Clouds (e.g., AWS ECS on Fargate) 227
Serverless Functions (e.g., AWS Lambda) 234
Software Practices for Operability: The 12-Factor App 238
Factor 1: Codebase 239
Factor 2: Dependencies 239
Factor 3: Config 239
Factor 4: Backing Services 240
Factor 5: Build, Release, Run 240
Factor 6: Processes 240
Factor 7: Port Binding 241
Factor 8: Concurrency 241
Factor 9: Disposability 241
Factor 10: Dev/Prod Parity 241
Factor 11: Logs 242
Factor 12: Admin Processes 242
Summary 243
Exam Preparation Tasks 243
Chapter 8 Security in Application Design 246
"Do I Know This Already?" Quiz 247
Foundation Topics 248
Protecting Privacy 250
Personally Identifiable Information 250
Data States 250
Laws, Regulations, and Standards for Protecting Privacy 251
Storing IT Secrets 252
Public Key Infrastructure (PKI) 254
Certificate Revocation 256
Hierarchical Multiple CA Infrastructure 257
TLS, PKI, and Web Applications Security 257
Browser Security Issues 261
Securing Web and Mobile Applications 262
Injection Attacks 263
Cross-Site Scripting 264
OAuth Authorization Framework 266
How Does OAuth Work? 266
OAuth 2.0 Two-Legged Authorization 268
OAuth 2.0 Three-Legged Authorization 269
Additional OAuth Authorization Code Grant Types 271
OAuth 2.0 Client Credentials 271
Resource Owner Password Credential Flow 272
OAuth 2.0 Implicit Flow 275
OAuth 2.0 Authorization Code Flow 276
OAuth 2.0 PKCE Flow 278
Refresh Token Flow 280
OAuth 2.0 Device Code Flow 281
Exam Preparation Tasks 283
Part IV Infrastructure and Automation
Chapter 9 Infrastructure 286
"Do I Know This Already?" Quiz 286
Foundation Topics 288
Network Management 288
Methods of Network Provisioning 290
CLI/Console 291
SNMP 294
File Transfer Methods 297
Element Management Systems 297
Embedded Management 299
Zero-Touch Provisioning (ZTP) 300
Atomic or SDN-Like/Controller-Based Networking 303
Advanced Concepts - Intent-Based Networking 305
Summary 307
Exam Preparation Tasks 307
Chapter 10 Automation 310
"Do I Know This Already?" Quiz 311
Foundation Topics 313
Challenges Being Addressed 313
Differences of Equipment and Functionality 314
Proximity of Management Tools and Support Staff 316
Speed of Service Provisioning 317
Accuracy of Service Provisioning 319
Scale 323
Doing More with Less 329
Software-Defined Networking (SDN) 329
What Is SDN and Network Programmability? 329
Approach 330
Nontraditional Entities 331
Industry Impact 331
New Methods 331
Normalization 332
Enabling Operations 332
Enabling Career Options 332
Use Cases and Problems Solved with SDN 332
Overview of Network Controllers 334
The Cisco Solutions 335
Application Programming Interfaces (APIs) 335
REST APIs 336
API Methods 337
API Authentication 337
API Pagination 337
Payload Data Formats JSON XML 338
XML 338
JSON 340
Cross-Domain, Technology-Agnostic Orchestration (CDTAO) 342
Impact to IT Service Management and Security 343
Exam Preparation Tasks 344
Chapter 11 NETCONF and RESTCONF 346
"Do I Know This Already?" Quiz 346
Foundation Topics 348
Catalyst for NETCONF 348
Content 349
Operations 350
Messages 350
Transport 351
Atomic and Model-Driven Configuration Management 351
How to Implement NETCONF 354
Enabling NETCONF on IOS XE 355
Enabling NETCONF on IOS XR 356
Enabling NETCONF on NX-OS 357
Basic Manual Use of NETCONF 358
YANG Models 365
The Evolution with RESTCONF 371
The RESTCONF Protocol Stack 372
RESTCONF Operations 372
RESTCONF and Authentication 373
RESTCONF URIs 373
Performing a RESTCONF GET Operation with cURL 375
Performing RESTCONF GET Operations with the Postman Utility 377
Management Solutions Using NETCONF and RESTCONF 382
Exam Preparation Tasks 383
Chapter 12...