Phase 5: API/DevOps Integration

Phase 5: API/DevOps Deep Integration

This phase runs in parallel with topology building β€” not sequentially after it. Every topology is API-enabled from first boot.

RESTCONF / NETCONF (IOS-XE, IOS-XR, NX-OS)

  • YANG model exploration via ncclient capabilities exchange

  • Key models: ietf-interfaces, Cisco-IOS-XE-native, openconfig-interfaces

  • Progression: Postman collections → Python scripts → Ansible playbooks

gNMI Streaming Telemetry

  • gnmic subscribe against IOS-XE and Arista for interface counters, BGP state

  • Pipe to Prometheus on k3s (existing stack) via gnmic Prometheus output

  • Grafana dashboards for lab device telemetry

Ansible Automation

  • Dynamic inventory from EVE-NG REST API

  • Config backup, compliance checks, VLAN provisioning across all vendors

  • Playbook-per-vendor comparison (same task, different Ansible collections)

  • Collections: cisco.ios, cisco.iosxr, cisco.nxos, cisco.asa, arista.eos, junipernetworks.junos

pyATS / Genie

  • Testbed YAML for EVE-NG topologies

  • learn, parse, diff workflows

  • Pre/post change validation

EVE-NG REST API

  • Automate lab start/stop/wipe via EVE-NG’s own API

  • Topology-as-code: export/import lab definitions

  • Script to spin up predefined topologies on demand

SecOps APIs (kvm-01 Topologies)

Product API Capabilities

FMC

REST API β€” policy deployment, object management, event retrieval

ISE

ERS API + OpenAPI β€” endpoint management, policy sets, SGT

ISE pxGrid

WebSocket pubsub β€” real-time session data, TrustSec context

ASA

REST API β€” running-config, NAT rules, VPN sessions

9800 WLC

RESTCONF β€” AP management, client monitoring

Documentation Deliverables

Repo What

domus-automation-ops

Ansible playbooks, EVE-NG inventory templates

domus-netapi-docs

API endpoint patterns per vendor, Postman collections

domus-captures

Worklogs documenting API exploration sessions