Download to read offline
Ansible DNA Center Inventory Plugin
- 1. DNA Center +Ansible Inventory Plugin Jeff Andiorio Technical Solutions Architect
- 2.
- 3. Why? multi-OEM Environments Exploit Ansible Investment Single Source of Inventory Power of DNA Center
- 4.
- 5. Network Infrastructure C:> C:>C:> C:> C:> C:> DNA Center as a Platform • App to App • Deploy intent • State or health • Higher-level orchestration • Self-service portal
- 6. What is anInventory Plugin YAML File INI File CMDB ... “Inventory plugins allow users to point at data sources to compile the inventory of hosts that Ansible uses to target tasks” Source of Truth
- 7. Network Infrastructure DNA Centeras a Source of Truth • DNAC Network Discovery • Ansible Inventory Plugin • Extend Automation Capability
- 8. Inventory Plugins@all: |--@collab_labs: | |--@heim_home: || |--Heim-Home-Router.campus.local |--@demo_environment: | |--@data_center_1: | | |--DC1-Border-INET.campus.local | | |--DC1-Border-MPLS.campus.local | | |--csr-atc-integration.campus.local | | |--dc1-nexus-7702.campus.local | |--@data_center_2: | | |--DC2-Border-INET.campus.local | | |--DC2-Border-MPLS.campus.local | | |--dc2-nexus-7702.campus.local | |--@small_branch: |--@tech_campus: | |--@bldg_56: | | |--@dnac: | | | |--dc1-9300-a.campus.local | | | |--dc1-9300-b.campus.local | | | |--dc1-9500-a.campus.local | | | |--prod-5520wlc-01 |--@teleworkers: | |--@bart_home: | | |--Bart-Home-Router.campus.local | |--@bill_home: | | |--Bill-Home-Router.campus.local |--@ungrouped: | |--prod-9800wlc-01.campus.local dna_center plugin Quick Look
- 9. When: role issearch(‘ACCESS’) --- - name: Deploy ISE dot1x hosts: "{{ host_groups }}" gather_facts: no vars: # Radius Settings for Dot1x client_radius_group: dna-3-dot1x. radius_server_name: 'dna-3-ise’ radius_server_ip: '192.168.91.158’ DNA Center Plugin in Action Deploy Port Config in non-SDA Run Playbook Inventory Ansible Inventory Plugin Execute Playbook Executed Based on Role Pulls and compares config If Changes, push config
- 10. Take-aways • Use theAnsible Inventory Plugin for DNA Center • Facilitates broader Automation Strategy • Harness the power of Cisco DNA Center • Complement that power with Ansible Automation Capabilities For a Demo of the Plugin: <insert video link>
Editor's Notes
- #2 Hi. I'm Jeff Andiorio. Technical solutions architect with world wide technology. Today I am going to talk to you about extending the awesome capabilities of Cisco’s DNA Center platform with Ansible from Redhat.
- #3 Cisco’s DNA Center is the latest network controller released by Cisco to drive the automation and assurance of campus networks based on Cisco products. Cisco’s DNA Center Assurance provides the monitoring, analytics and insights into how the network is functioning. Basically, is it doing what we expect it to be doing. The Automation component provides workflow based, prescriptive automation of several parts of the campus network including wireless, campus fabric, software image management, quality of service and more. Like most network management systems it also contains a discovery mechanism to add the devices to be managed dynamically through means such as LLDP, CDP, and IP Ranges. This last part is at the center of this discussion today. Ansible is gaining significant popularity with regards to network automation due to the number of network automation related modules, the flexibility, and relative ease of adoption. The playbooks are written in a structured text format called YAML (yet another markup language) which is largely defined by indentation and what space. Super ease to read and create for newbie!
- #4 Why Added the two together? Whether you are an existing Ansible customer or have an environment where multiple OEM platforms are in play, combining these two solutions provide a power automation solution plus extremely rich analytics with Cisco DNA Center Assurance. Some of the benefits that you will gain by combining these systems are: multi-OEM automation. Ansible has rich network automation modules that are mature and easy to use. Exploit existing investment in Ansible. If you are already an ansible house, this merger provides tons of value in enhancing ansible with Dynamic device discovery, simplified work flows for automating things like software image management, Day0 deployments with PnP, extremely intuitive QoS with Application Policy Flexibility to automate solutions that are not already defined in DNA Center. It is worth noting that Cisco DNA Center does provide the same templating language (Apache Velocity) that was used in Cisco Prime infrastructure to customize CLI configurations. This is a topic for another time and definitely has its merits.
- #5 Think about your production network...does it have only a single OEM? Are there multiple technical and/or functional domains that are managed independently? The world we live and operate in is not confined to a single technology domain or OEM. Our automation strategy shouldn’t ether. Technology domains either already have or are moving to providing centralized management controllers Orchestrating an workflow across this domains requires a higher level automation strategy
- #6 This discussion focuses on the campus network domain from the previous slide which shows Cisco’s DNA Center as the controller for that area. This provides us a critical piece of an automation strategy for the campus. Cisco introduced the concept of DNA Center as a Platform last year which essentially means they are publishing the REST APIs to allow you to interact with the network through the DNA Center controller in new ways. There are many ways these APIs can be consumed including higher level orchestration like creating a service now catalog for self-service automation of DNA Center or monitoring apps that provide a window into the performance of the network say from a mobile device.
- #7 Like any automation platform, Ansible needs to know what devices it is automating. Ansible refers to this as an inventory and the sources can be many things from YAML files, INI files, dynamic inventory scripts written in the langage you choose or inventory plugins. Inventory plugins allow users to point at data sources to compile the inventory of hosts that Ansible uses to target tasks.
- #8 That leads us to this concept. I have developed an inventory plugin for DNA Center that allows you to utilize DNA Center and all of the awesomeness that it includes but also extend the automation strategy using Ansible. This inventory plugin consumes the DNA Center inventory dynamically at runtime replicating the geographical hierarchy you have created and additionally builds some of the necessary variables for playbook consumption. Network Hierarchy, Settings (variables), etc.. Defined in DNAC Discovery Performed by DNAC Ansible Dynamic Inventory Plugins Develop broader automation strategy across multiple technology domains and OEMs.
- #10 Run playbook Ansible-playbook pulls inventory from DNA Center Execute playbook against specified hosts/groups (uses dna center constructs) Conditionally execute based on device role (dna center attribute) Compare running config to proposed config – are there changes No changes? Return green Yes changes? Push config return status