BRKCRS 1452

BRKCRS-1450
Introduction to Catalyst
Programmability
Krishna Kotha, Technical Marketing Engineer

Agenda
• Why Programmability?
• Device Provisioning (PXE, ZTP, PnP)
• Data Models & Tools (YANG, YangSuite)
• Device APIs (NETCONF/RESTCONF/gNMI)
• Model Driven Telemetry (Dial-in, Dial-out)
• Python Scripting (On-Box, Off-Box)
• Application Hosting (VM, LXC, Docker)
• Config Mngt Tools (Ansible, Puppet)
• Conclusion
BRCKRS-1450 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Why Programmability?
Reduction of human error Enables Innovation
Easier Troubleshooting Time and money cost savings

IOS XE 16.x: Intent-based Network Operating
System
INTENT CONTEXT optimized for enterprise

networks
wired and wireless access,

Intent-based
Network Infrastructure aggregation, core, and WAN
open and flexible
IOS XE 16.x standards-based APIs
Session Focus
IOS XE 16.X enables…
Cisco Solutions 3rd Party Integration DIY Solutions
Cisco DNAC Standards Based Interoperability Custom Development
Model Driven Model Driven
Programmability Telemetry
Zero Touch Guest Shell

Policy Automation Analytics Provisioning (On Box Python)
SDN Controllers CI/CD Tools NMS Systems App Hosting
Intent-based Intent-based Intent-based

Network Infrastructure Network Infrastructure Network Infrastructure
IOS XE: Automating Network Device Lifecycle
Goal:
 Get devices into an operational state
Provisioning Automation Tools:
Goal:
 PXE, ZTP, PnP
 Continuously upgrade
network, incrementally  Python Scripting
and safely
Tools: Install
 Patching
 Config/Replace
Goal:
 Apply configuration to the
Upgrade Configure device
Goal: Tools:
 Add dynamic services,  Data Models
optimize behavior and
Optimize  Programmable Interfaces
trouble shooting
 Python Scripting
Tools:
 Operating Data Models
 Telemetry
Device Provisioning
Day 0 Provisioning Automation
updates New
16.5.1 16.5.1
Pre-boot Execution Zero Touch Cisco Network Plug

Environment (PXE) Client Provisioning and Play
Boot Server ZTP Server
PXE Booting ZTP Agent PnP Agent

ZTP script Switch PnP Agent Switch
Switch
Boot Image Network Device Device

Source
Programmable Open Open Open (via DNAC)
Interfaces
Ideal for heterogeneous / Optimized for Cisco networks

multi-vendor network environments (highly secure and scalable)
YANG Data Models
YANG Data Models
CLI YANG Models
Human Oriented Interface Machine Oriented Interface
YANG Data Models
Interface Model definition
“A Data-Model Explicitly and

precisely defines Data Structure,
Syntax and Semantics”
Model Driven Programmability
IOS XE Open Interface ”Stack”
NETCONF RESTCONF gNMI gRPC
YANG Data Models
Open Native
Intent-based
Network Infrastructure
Configuration and Operation
Device Features
SNMP
Interface BGP QoS ACL …
Automation: Data is King
Config-data Operational-data
• What the device is told to do • What the device is actually doing

• It is (currently) the way • It is (currently) what you get out of
you express intent SNMP and most show commands
Examples: Examples:
switch> show run interface Loopback0 switch> show interface Loopback0
switch(config)# interface Loopback0 ‘snmpget’ results
Who Defines YANG Models?
https://github.com/YangModels/yang
https://github.com/openconfig
IOS XE 16.x YANG Model Support
https://github.com/YangModels/yang/tree/master/vendor/cisco/xe
BRCKRS-1450 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Encoding Formats
Protocols Data Formats
NETCONF
RESTCONF NETCONF RESTCONF gNMI
gNMI
NETCONF RESTCONF gNMI XML JSON JSON

(XML) (XML/GBP) Encoding
Data Model
SSH HTTP HTTP/2
Device Features
XML vs JSON
lightweight, text-based, language-independent data interchange formats
<tag>value</tag> “key”: ”value”

{
"ietf-interfaces:interfaces": {
<interfaces xmlns:=“[…]yang:ietf-interfaces”>
"interface": [
<interface>
{
"name": "eth0”,
<name>eth0</name>
"type": "ethernetCsmacd”,
<type>ethernetCsmacd</type>
"location": "0”,
<location>0</location>
"enabled": true,
<enabled>true</enabled>
"if-index": 2
<if-index>2</if-index>
}
]
</interface>
}
</interfaces>
}
Protocols:
NETCONF
RESTCONF
gNMI
NETCONF definition
“NETCONF is a protocol defined by the IETF to install, manipulate, and delete the
configuration of network devices”
IOS XE Protocol Stack

V 1.0 V 1.1 16.3.1 Extensions
Payload Content
• RFC 4741 1.0 • RFC 6241 – 1.1 • RFC 5277
Base NETCONF Base NETCONF Notifications
Protocol Protocol Get
• RFC 5717 Partial Operations
Locking
• RFC 4742 • RFC 6242 –
NETCONF over • RFC 6243 With
NETCONF over
SSH SSH defaults RPC Messages
• RFC 6020 YANG
SSH Transport
2006 2011
https://tools.ietf.org/html/rfc6241
Main NETCONF Operations
Main Operations Description
<get> Retrieve running configuration and device state information
<get-config> Retrieve all or part of specified configuration datastore
<edit-config> Loads all or part of a configuration to the specified configuration datastore
<delete-config> Delete a configuration datastore
<copy-config> Replace an entire configuration datastore with another
<commit> Copy candidate datastore to running datastore (ex: XR)
<lock> / <unlock> Lock or unlock the entire configuration datastore system
<close-session> Graceful termination of NETCONF session
<kill-session> Forced termination of NETCONF session
NETCONF Highlights
• Transactional
• Either all configuration is applied or nothing
• Avoids inconsistent state
• Both at Single Device and Network-wide level
• Error Management
• OK or error code
• Capability Exchange
ssh -p 830 [email protected] -s netconf
• Models Download from a Device
NETCONF Datastores
“A Datastore holds a copy of the configuration data that is required to
get a device from its initial default state into a desired operational state”
Running running-config
Start-up startup-config
Candidate work place for creating and manipulating configuration data
Running is the only mandatory Datastore
How to use Candidate?
Lock Lock Edit-config Commit to Unlock

Running Candidate Candidate Running Candidate &
Running
Enabling NETCONF: 3 Steps
C3850-1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
C3850-1(config)#aaa new-model
C3850-1(config)#aaa authentication login default local Enable AAA
C3850-1(config)#aaa authorization exec default local
C3850-1(config)#username admin password cisco
C3850-1(config)#line vty 0 15 Enable SSH

C3850-1(config-line)#transport input all
C3850-1(config)#netconf-yang Enable NETCONF

C3850-1(config)#
REST vs RESTCONF: not the same!
RESTCONF
REST NETCONF RESTCONF gNMI
YANG Data Models

GET
Open Native
POST
API PUT
DELETE
Device Features
SNMP
“A framework for client-server communications”

“REST-like protocol for accessing
YANG models”
RESTCONF definition
“REST-like protocol running over HTTP for accessing data defined

in YANG using Datastores defined in NETCONF”
• It defines how a YANG model is mapped to a RESTful interface
• Supports OPTIONS, GET, PUT, POST, DELETE operations
• Request and response in XML or JSON format
• HTTP[S] transport
• IETF Standard RFC8040
https://tools.ietf.org/html/rfc8040
RESTCONF vs NETCONF Operations
RESTCONF As compared to NETCONF

GET <get-config>, <get>
POST <edit-config> (operation=“create”)
PUT <edit-config> (operation=“create/replace”)
DELETE <delete-config> (operation=“delete”)
Enabling RESTCONF
Cat9k-1#conf t
Cat9k-1(config)#restconf Enable RESTCONF
Cat9k-1(config)#ip http secure-server Enable HTTP

server
gNMI: gRPC Network Management Interface
gNMI
Google
Network Management Interface
• Network management protocol

• Manage configuration and view
operational data of network devices
• Developed by Google
• Modeled using YANG
gNMI Operations
CAP Sent to Network Device on first connect

(capabilities)
Prefix Shortcut if Paths share root paths

GET Path(s) Defines what info is gathered
Data Type OPER, CONFIG, ALL
Like GET Prefix, Path(s)

SET
Type Update, Replace or Delete
Enabling gNMI: Insecure no-auth mode
Cat9k-1#conf t
Cat9k-1(config)# gnmi-yang Enable gNMI

Cat9k-1(config)# gnmi-yang server Config server
!By default gNMI listens on port 50052.

! gnmi-yang port 50052
Cat9k-1(config)# gnmi-yang port 50052 Opt. port
Enabling gNMI: Secure modes
Cat9k-1#conf t
Cat9k-1(config)# gnmi-yang Enable gNMI
Cat9k-1(config)# gnmi-yang secure-server

Config server
Cat9k-1(config)# gnmi-yang secure-trustpoint <<trustpoint name>>
! Configure secure-client-auth (optional):

Cat9k-1(config)# gnmi-yang secure-client-auth Opt. Auth
!By default secure gNMI listens on port 50051.

!Set the secure listen port (optional):
Cat9k-1(config)# gnmi-yang secure-port 50051 Opt. port
Model Based AAA (ietf-netconf-acm.yang)
Pre IOS XE 16.8.1 IOS XE 16.8.1+
Client Application Client Application
NETCONF or RESTCONF NETCONF, RESTCONF or GNMI

AAA
Server Access Control AAA
Intent-based
Intent-based
Network Infrastructure Model Network Infrastructure
Server
• Clients authenticated locally or via AAA • Clients authenticated locally or via AAA
• Clients authorized via Privilege Level 15 • Clients authorized via Access Control Model
• At any Privilege level
• Matching specific rule sets
Access Control Model Access Controls
RFC 6536 [ietf-netconf-acm.yang] Client Requests
Controls client requests and event
publications Protocol Data Node
Client YES YES
Operation Access
Access Controls: Request Allowed? Datastore Allowed?
or State
• Protocol operations Data Access
NO NO
• e.g.  rpc-name: edit-config
• Module name
• e.g.  Cisco-IOS-XE-native Events
• Data node
• e.g.  path: /native/hostname Event
Notification YES
Allowed?
• Notifications
• e.g.  name: ConfigChange NO
YANG Tools:
Pyang
YangExplorer
YDK
YANGSuite
Pyang Tool
“Tool to validate and navigate YANG Models”
schema tree YANG Model depth option
pyang -f tree [email protected] --tree-depth 4
https://github.com/mbj4668/pyang
YangExplorer
“A GUI driven tool to test NETCONF and RESTCONF
interfaces defined by YANG models”
• Load YANG models from device

• Browse YANG models
• Execute NETCONF or RESTCONF Operations
• Generate self-contained Python scripts
YangExplorer is Open Source

• Python scripts based on nccclient
https://github.com/CiscoDevNet/yang-explorer
YDK: YANG Development Kit
Any Model Any Transport Any Language
Wide support of Yang Models Support for NETCONF Support for Python
Open or Native and RESTCONF And C++ APIs
https://developer.cisco.com/site/ydk/
Demo
YANGSuite
Demoed
@ WoS
Model Driven Telemetry

Telemetry Hierarchy
Telemetry
SNMP NETFLOW Model Driven Telemetry

NETCONF
gRPC
gNMI
Legacy Data Transfer Mechanisms Insufficient for
Programmatic Environments
Where Data Is Created Where Data Is Useful
SNMP
syslog
CLI
• Interface up/down
• Instantaneous config Storage and
• Instantaneous topology Analytics
• Flow fingerprints
• Routes
Why Model Driven Telemetry is Important
SNMP Model Driven

Telemetry
UDP transport
TCP transport
potential to
miss events automate responses to
all events
Export enriched, consistent and concise data with context from

network devices for a better user and operator experience
Periodic or Structured Data Scalable Reduced CPU

On-Change Load
NETCONF RESTCONF gRPC gNMI*

• Any YANG subtree on device
YANG Data Models
• Structured data Open Native
• XML encoding Configuration and Operation
• Periodic or On-change
Device Features
SNMP
* future
Publication and Subscriptions
Dial-in vs Dial-out
S S
Dial-in Dial-out
Dynamic Configured
P P
NETCONF RESTCONF gNMI* gRPC
YANG Data Models

Open Native
Intent-based
Device Features
SNMP
* future
Periodic subscription
t t t t t t t
gRPC Dial-Out CLI config example
telemetry ietf subscription 101

encoding encode-kvgpb
filter xpath /memory-ios-xe-oper:memory-statistics/memory-statistic
source-address 10.195.183.41
source-vrf Mgmt-vrf
stream yang-push
update-policy periodic 1000
receiver ip address 10.195.183.134 57500 protocol grpc-tcp
On-change subscription
t t t t t t t
Use Case: Monitoring
Demo
IOS XE Device
gRPC Dial-Out
Collector
Time Series DB
Monitoring
Python on IOS XE
Using Python with IOS XE Devices
“Off-Box” Python IOS XE “On-Box” Python IOS XE
16.5.1
Linux Server
Python
SSH/NETCONF
Python
IOS-XE Device
IOS
IOS IOS-XE Device
• scripts executed locally on switch:

scripts executed externally from switch:
• provisioning automation (ZTP)
• configuration management automation
• automating Embedded Event Manager
• telemetry / operational data
• application development
• controller use cases including APIC-EM /
Cisco Network PNP • IOT
Guest Shell
Virtualized Linux Environment On Your Switch
• Secure Linux shell environment
• On-box rapid prototyping Linux

applications
• Application Hosting
Guest Shell
• Disabled by default Linux Container
API
switch# guestshell enable
Network OS
Guest Shell (On-Box Python)
Fault/resource
isolation
Guest Shell
(CentOS 7) Local telemetry
Intent-based
processing
YANG / CLI / EEM
APIs Python
interpreter
Cisco IOS XE
Linux workflow
integration
Auto Back-up Use Case
“On-Box” Python and EEM
4 Python script creates a back-up file and sends it

to a tftp server
Catalyst 9300
1
2 User configures the device
Python script saved on the device
EEM
3 EEM Triggers on-box Python script

ChatOps Use Case
5 WebEx posts diff to room
WebEx
4 Python script diffs configs and sends diff to WebEx

Catalyst 9300
2 1
Python script saved on the device User made changes on the device
EEM
3 EEM Triggers on-box Python script

Application Hosting
Networking Today…
Fast multi-core x86

Storage expansion
Linux-based OS
Capable of multiple apps
Catalyst 9000
Application Hosting in the Enterprise
Cloud Gateways with

IT Operations & Security Agents & Serverless Edge Customer Specific
Monitoring Tools Functions Compute Applications
Consolidate Physical Reduce App Latency

Enhance Visibility & Derive New Insights
Infrastructure &
Security Enforcement and Respond
Optimize App Traffic
IOS XE Application Hosting
VMAN Cisco Application Framework (CAF)/IOx
VM VM VM LXC LXC
IOS XE
Custom
App
Kernel Kernel Kernel VM
IOS XE Kernel
Kernel
DNA-Advantage licensing is required on Cat9K

Characteristics of an IOx Container
App
network resources
IOx App
storage
console
certificates
https://developer.cisco.com/site/iox/
Virtual Machine Workflow
VM Convert Image
qemu-img convert -O qcow2
centos7.vmdk centos7.qcow2
4 Build the App

1 2 Disk Img
(Qcow2)
App Descriptor IOx Client
ioxclient package --name centos7 .

3
https://github.com/CiscoDevNet/centos-vm-on-ios-xe
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Docker Workflow BRKCRS 2004
Dockerfile Build Docker Image
docker build -t perfsonar .
1 2
4
Deploy App DNA-C
3 Docker VM
Coming
Soon
App Lifecycle Management

IOx Client DNA-C
16.10
REST
REST
YANG
CLI WebUI
Models
REST
Cisco Application Framework (CAF)/IOx

VM VM VM LXC LXC
Custom
App
Kernel Kernel Kernel
Cat9K HW Resources
Memory CPU Storage
Platform (GB) (GB)
Cores vCPU
Catalyst 9300 2 1 2 120
Catalyst 9400 8 1 2 240/480/960
Catalyst 9500 8 1 2 120
Catalyst 9500 high-performance 8 1 2 240/480/960
Catalyst 9800 (Roadmap)
Catalyst 9K – SSD Storage
Cat 9300/9500 Cat 9400 Cat 9500
high-performance
USB 3.0 M2 SATA M2 SATA

120GB 240/480/960GB 240/480/960GB
Plug into
Back Panel Back Panel
removable SUP
App Hosting Production

Performance Monitoring Use Case
LXC demo
Iperf3
Cisco Application Framework (CAF)/IOx
Configuration
Management Tools
Configuration Management Tools
Desired State
(Intent)
configuration
CMT Server Device
• In use for years to automate servers

• Ensure software packages are installed, services running
• Becoming useful for managing networking devices as well

• Declarative model (intent): not scripting!
• Idempotency
• Agent vs Agent-less Architectures
Most Popular
Enterprise Customers Focused
Architecture: agent vs agent-less
TODAY
CLI
Intent NETCONF
gNMI
Puppet
config CLI
NETCONF RESTconf
Agent Parser
Data Model
LXC Device Features
Ansible Strengths
• Agentless
• Simple to install and get started
• Written in Python
• Servers, Application and Networking
• Roles, Variables, Templates
• Open Source
Ansible release 2.5 & 2.7
Cisco IOS/IOS-XE Core Modules
• ios_banner Manage multiline banners
• ios_command Run commands on remote devices
• ios_config Manage Cisco IOS configuration
• ios_facts Collect facts from remote devices
• ios_interface Manage Interface
• ios_logging Manage logging
• ios_ping Tests reachability
• ios_static_route Manage static IP routes
• ios_system Manage System attributes
• ios_user Manage of local users
• ios_vrf Manage VRF definitions
• ios_l2_interface Manage Layer-2 interface
• ios_l3_interface Manage L3 interface
• ios_linkagg Manage port channels
• ios_lldp Manage LLDP config
• ios_vlan Manage VLANs
• netconf_config Supports NETCONF connection
https://docs.ansible.com/ansible/list_of_network_modules.html#ios
Ansible Taxonomy
Role • Role: a set of Playbooks
Playbook • Playbook: repeatable standard config
Play • Play: a set of tasks
Task • Task: single action that references a module
Module • Module: reusable, standalone scripts
Architecture: agent-less + APIs Soon…
All Platforms
NETCONF RESTconf gNMI

CLI
Parser
Data Model
Device Features
* not committed by ISV (independent software vendor) © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuration Management Templates
Cisco Validated Design
https://github.com/CiscoDevNet/cvd-config-templates
Cisco DevNet
Cisco DevNet
• Learning Labs
• Sandboxes
• API Documentation
• Python, YDK, REST
• And More!
https://developer.cisco.com/
IOS XE on DevNet
https://developer.cisco.com/site/ios-xe/
DevNet Cat9K Sandbox
Cat9K Sanbox link
Conclusion
IOS XE Programmability Journey
Shipping! Shipping! Shipping! Shipping!
Shipping!
IOS XE 16.3 IOS XE 16.6 IOS XE 16.10 IOS XE 16.11

&16.5 IOS XE 16.8.1
 NETCONF Interfaces IOS XE 16.9.1
 Native and IETF  Model Driven  Model Driven
Telemetry  Kill Telemetry
YANG data models  Application Hosting Telemetry: gRPC
 Additional YANG  Programmable Subscription
 Preboot Execution  RESTCONF Interface transport
models Interface: Candidate  Model Driven
Environment (PXE)  GNMI Interface Configuration  gNMI: Wildcard Telemetry gRPC
 Zero-Touch  OpenConfig YANG  Additional YANG Support and
models  Additional YANG Dial out - Wireless
Provisioning models Namespace
models  Additional YANG
 Guest Shell (on-box  Additional YANG models
Python Scripting) models
 In Service Data-Model
Additions
 Additional YANG
models
May 2017 August 2017 April 2018 July 2018 November 2018 Roadmap
IOS XE Programmability Sessions @ CL Barcelona
Breakout Sessions:
BRKCRS-2451: Scripting Catalyst switches - tools and techniques beyond the

basics Jeff McLaughlin, Friday, Feb 01, 09:00 a.m. - 11:00 a.m.
BRKCRS-2004: Application Hosting and Model-Driven Telemetry on Open IOS XE

Fabrizio Maccioni, Wednesday, Jan 30, 11:00 a.m. - 12:30 p.m.
BRKEWN-2050: Improving network visibility with wireless streaming telemetry

Jeremy Cohoe, Tuesday, Jan 29, 05:00 p.m. - 06:30 p.m.
DEVNET-2415: Operational Dashboarding with Wireless Streaming Telemetry

Jeremy Cohoe, Thursday, Jan 31, 02:00 p.m. - 02:45 p.m.
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
cs.co/ciscolivebot#BRKCRS-1450
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations
Don’t forget: Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com
Continue Your Education
Demos in Meet the Related

Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings
Thank you

BRKCRS 1452

Uploaded by

Copyright:

Available Formats

BRKCRS 1452

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKCRS 1452

Uploaded by

Copyright:

Available Formats

BRKCRS-1450

Krishna Kotha, Technical Marketing Engineer

Reduction of human error Enables Innovation

Easier Troubleshooting Time and money cost savings

INTENT CONTEXT optimized for enterprise

wired and wireless access,

open and flexible

IOS XE 16.x standards-based APIs

Zero Touch Guest Shell

Intent-based Intent-based Intent-based

Pre-boot Execution Zero Touch Cisco Network Plug

PXE Booting ZTP Agent PnP Agent

Boot Image Network Device Device

Ideal for heterogeneous / Optimized for Cisco networks

Human Oriented Interface Machine Oriented Interface

“A Data-Model Explicitly and

NETCONF RESTCONF gNMI gRPC

YANG Data Models

• What the device is told to do • What the device is actually doing

NETCONF RESTCONF gNMI XML JSON JSON

Interface BGP QoS ACL …

<tag>value</tag> “key”: ”value”

IOS XE Protocol Stack

<get-config> Retrieve all or part of specified configuration datastore

<edit-config> Loads all or part of a configuration to the specified configuration datastore

<delete-config> Delete a configuration datastore

<copy-config> Replace an entire configuration datastore with another

<commit> Copy candidate datastore to running datastore (ex: XR)

<lock> / <unlock> Lock or unlock the entire configuration datastore system

<close-session> Graceful termination of NETCONF session

<kill-session> Forced termination of NETCONF session

• Models Download from a Device

Candidate work place for creating and manipulating configuration data

Running is the only mandatory Datastore

Lock Lock Edit-config Commit to Unlock

C3850-1(config)#line vty 0 15 Enable SSH

C3850-1(config)#netconf-yang Enable NETCONF

YANG Data Models

“A framework for client-server communications”

“REST-like protocol running over HTTP for accessing data defined

• It defines how a YANG model is mapped to a RESTful interface

• Supports OPTIONS, GET, PUT, POST, DELETE operations

• Request and response in XML or JSON format

• IETF Standard RFC8040

RESTCONF As compared to NETCONF

POST <edit-config> (operation=“create”)

PUT <edit-config> (operation=“create/replace”)

DELETE <delete-config> (operation=“delete”)

Cat9k-1(config)#restconf Enable RESTCONF

Cat9k-1(config)#ip http secure-server Enable HTTP

• Network management protocol

CAP Sent to Network Device on first connect

Prefix Shortcut if Paths share root paths

Like GET Prefix, Path(s)

Cat9k-1(config)# gnmi-yang Enable gNMI

!By default gNMI listens on port 50052.

Cat9k-1(config)# gnmi-yang port 50052 Opt. port

Cat9k-1(config)# gnmi-yang Enable gNMI

Cat9k-1(config)# gnmi-yang secure-server