Roadmap: Network Automation Mastery

1. Overview

This roadmap defines a professional-grade network automation capability for:

Large-scale device configuration management (500+ devices)
Automated compliance checking and remediation
Infrastructure as Code for network devices
API-driven network operations (ISE, WLC, VyOS)
Cisco DevNet/Automation certification alignment

Cisco’s DevNet track is being renamed to Automation (effective Feb 2026), with new focus on AI-integrated automation infrastructure. This roadmap aligns with both existing netapi CLI patterns and emerging industry standards.

2. Architecture Vision

3. Current State

Component	Status	Notes
netapi CLI	OPERATIONAL	125+ pages documented, ISE/WLC/VyOS/IOS APIs
Python tooling	PARTIAL	7 CLI tools, stub modules need expansion
Nornir framework	PLANNED	Aethelred-Codex has patterns for 500+ devices
Ansible playbooks	REFERENCE	Codex contains ArgoCD/GHA/Jenkins automation
Device inventory	MANUAL	Need NetBox or structured YAML

Component

Status

Notes

netapi CLI

OPERATIONAL

125+ pages documented, ISE/WLC/VyOS/IOS APIs

Python tooling

PARTIAL

7 CLI tools, stub modules need expansion

Nornir framework

PLANNED

Aethelred-Codex has patterns for 500+ devices

Ansible playbooks

REFERENCE

Codex contains ArgoCD/GHA/Jenkins automation

Device inventory

MANUAL

Need NetBox or structured YAML

4. Phase 1: Foundation - Python Network Libraries

4.1. Objectives

Master core Python networking libraries
Establish consistent coding patterns
Create reusable connection management

4.2. Tasks

#	Task	Priority
1.1	Document Netmiko connection patterns (SSH, enable, config mode)	HIGH
1.2	Document NAPALM getters and configuration replacement	HIGH
1.3	Create Paramiko SSH examples for edge cases	MEDIUM
1.4	Establish error handling patterns (timeouts, auth failures)	HIGH
1.5	Build connection pooling for high-volume operations	MEDIUM
1.6	Document in domus-python: networking module	HIGH

#

Task

Priority

1.1

Document Netmiko connection patterns (SSH, enable, config mode)

HIGH

1.2

Document NAPALM getters and configuration replacement

HIGH

1.3

Create Paramiko SSH examples for edge cases

MEDIUM

1.4

Establish error handling patterns (timeouts, auth failures)

HIGH

1.5

Build connection pooling for high-volume operations

MEDIUM

1.6

Document in domus-python: networking module

HIGH

4.3. Success Criteria

10+ Netmiko examples (IOS, IOS-XE, NX-OS, ASA)
NAPALM configuration merge/replace examples
Error handling wrapper functions documented
Connection management best practices guide

5. Phase 2: Nornir for Scale

5.1. Objectives

Implement Nornir for 500+ device operations
Parallel execution with task results
Inventory management (hosts, groups, defaults)
Integration with existing netapi patterns

5.2. Architecture

5.3. Tasks

#	Task	Priority
2.1	Create Nornir inventory structure for home network	HIGH
2.2	Implement parallel config backup task	HIGH
2.3	Build compliance checking task (ACLs, VLANs, NTP)	HIGH
2.4	Create Jinja2 templates for standard configurations	MEDIUM
2.5	Integrate with netapi for ISE/WLC operations	MEDIUM
2.6	Document task patterns in domus-python	HIGH

#

Task

Priority

2.1

Create Nornir inventory structure for home network

HIGH

2.2

Implement parallel config backup task

HIGH

2.3

Build compliance checking task (ACLs, VLANs, NTP)

HIGH

2.4

Create Jinja2 templates for standard configurations

MEDIUM

2.5

Integrate with netapi for ISE/WLC operations

MEDIUM

2.6

Document task patterns in domus-python

HIGH

5.4. Success Criteria

Nornir inventory for all network devices
Parallel backup completing in <5 minutes
Compliance report generation automated
Reusable task library documented

6. Phase 3: Infrastructure as Code for Network

6.1. Objectives

Version-controlled network configurations
Git-based change management workflow
Automated deployment pipeline
Rollback capability

6.2. GitOps Workflow

6.3. Tasks

#	Task	Priority
3.1	Establish Git repository structure for network configs	HIGH
3.2	Create Jinja2 template library (switch, router, firewall)	HIGH
3.3	Implement pre-commit hooks for config validation	MEDIUM
3.4	Build GitHub Actions deployment pipeline	HIGH
3.5	Create rollback automation	MEDIUM
3.6	Document in domus-infra-ops runbooks	MEDIUM

#

Task

Priority

3.1

Establish Git repository structure for network configs

HIGH

3.2

Create Jinja2 template library (switch, router, firewall)

HIGH

3.3

Implement pre-commit hooks for config validation

MEDIUM

3.4

Build GitHub Actions deployment pipeline

HIGH

3.5

Create rollback automation

MEDIUM

3.6

Document in domus-infra-ops runbooks

MEDIUM

7. Phase 4: API Integration Expansion

7.1. Objectives

Extend netapi with new device types
Add event-driven automation (pxGrid, webhooks)
Integrate with observability stack

7.2. Integration Matrix

System	Current State	Target State
ISE	ERS, MnT, DataConnect documented	Add pxGrid real-time events
WLC	RESTCONF basics	Full client lifecycle automation
VyOS HA	VYOS-API + SSH operational	Zone policies, NAT, VRRP automation (replaced pfSense 2026-03-07)
Switches	SSH commands	RESTCONF/NETCONF native
Vault	PKI operations	Transit encryption for configs

System

Current State

Target State

ISE

ERS, MnT, DataConnect documented

Add pxGrid real-time events

WLC

RESTCONF basics

Full client lifecycle automation

VyOS HA

VYOS-API + SSH operational

Zone policies, NAT, VRRP automation (replaced pfSense 2026-03-07)

Switches

SSH commands

RESTCONF/NETCONF native

Vault

PKI operations

Transit encryption for configs

7.3. Tasks

#	Task	Priority
4.1	Implement ISE pxGrid subscription for real-time events	MEDIUM
4.2	Add NETCONF support to netapi for IOS-XE	MEDIUM
4.3	Create event-driven automation examples (CoA triggers)	LOW
4.4	Integrate with Prometheus for metrics collection	LOW

#

Task

Priority

4.1

Implement ISE pxGrid subscription for real-time events

MEDIUM

4.2

Add NETCONF support to netapi for IOS-XE

MEDIUM

4.3

Create event-driven automation examples (CoA triggers)

LOW

4.4

Integrate with Prometheus for metrics collection

LOW

8. Phase 5: Certification Alignment

8.1. Cisco Automation Track (formerly DevNet)

Effective February 2026, Cisco DevNet certifications transition to the Automation track:

CCNA Automation (entry)
CCNP Automation (professional)
CCIE Automation (expert)

Focus shifts to AI-integrated automation infrastructure.

8.2. Study Path

Level	Topics	Home Enterprise Practice
CCNA Automation	Python basics, REST APIs, Ansible intro	netapi CLI, basic Nornir tasks
CCNP Automation	Nornir, NAPALM, CI/CD, testing	Full GitOps workflow, compliance checking
CCIE Automation	Architecture design, scale, AI integration	500+ device management, ML-driven analytics

Level

Topics

Home Enterprise Practice

CCNA Automation

Python basics, REST APIs, Ansible intro

netapi CLI, basic Nornir tasks

CCNP Automation

Nornir, NAPALM, CI/CD, testing

Full GitOps workflow, compliance checking

CCIE Automation

Architecture design, scale, AI integration

500+ device management, ML-driven analytics

9. Work Applicability

This roadmap directly supports work enterprise requirements:

Scale: 500+ device management patterns
Compliance: Automated policy validation
Change Management: Git-based workflow
Integration: ISE/WLC/switch automation
Career: Cisco Automation certification path

Patterns validated in home enterprise deploy directly to work infrastructure.

10. Related Documentation

11. External Resources

12. Revision History

Date	Author	Changes
2026-02-11	EvanusModestus	Initial roadmap creation from Aethelred-Codex analysis

Date

Author

Changes

2026-02-11

EvanusModestus

Initial roadmap creation from Aethelred-Codex analysis