Ansible Collection - wwt.ansible_dnac
Ansible Modules for DNA Center
These modules provide declarative and idempotent access to configure the design elements of Cisco's DNA Center.
DevNet Code Exchange
This repository is featured on the Cisco DevNet Code Exchange.
Content
-
The webinar below was hosted by Redhat and delivered by Jeff Andiorio of World Wide Technology on 8/7/2018.
-
AnsibleFest 2019 Presentation
-
Additional slides providing an overview of the modules can be found here:
Included Modules
The documentation can be viewed using ansible-doc and will provide all of the details including examples of usage.
dnac_syslogdnac_snmpv2_credentialdnac_snmpdnac_ntpdnac_ippooldnac_groupdnac_dnsdnac_discoverydnac_dhcpdnac_device_rolednac_device_assign_sitednac_cli_credentialdnac_activate_credentialdnac_bannerdnac_archive_configdnac_del_archived_configdnac_netflowdnac_timezonednac_wireless_ssiddnac_wireless_provisiondnac_wireless_profile
Inventory Plugin
This collection also includes an inventory plugin enabling the use of DNA Center as the source of truth for inventory.
-
Install the collection
ansible-galaxy collection install wwt.ansible_dnac -
Configure the plugin by creating a file named
dna_center.yml. This is the plugin configuration file and I usually save it in a directory namedinventory.plugin: dna_center host: <your_dna_center> validate_certs: <true or false> use_dnac_mgmt_int: <true or false> username: <username> password: <vaulted password> -
Enable the plugin by editing
ansible.cfg[inventory] enable_plugins = wwt.ansible_dnac.dna_center -
Validate it works
ansible-inventory -i <path_to_dna_center.yaml> --graph --ask-vault-passExample output:
@all: |--@barcelona: |--@demo_environment: | |--@data_center_1: | | |--DC1-Border-INET.campus.local | | |--DC1-Border-MPLS.campus.local | | |--csr-atc-integration.campus.local | | |--dc1-nexus-7702.campus.local | |--@data_center_2: |--@fira: |--@tech_campus: | |--@bldg_56: | | |--@dnac: | | | |--dc1-9300-a.campus.local | | | |--dc1-9300-b.campus.local | | | |--dc1-9500-a.campus.local | | | |--prod-9800wlc-01.campus.local |--@the_cloud: | |--@aws: | | |--FNH-HOSP-0BMT-WLC1A.us-east-2.compute.internal |--@ungrouped: /development/wwt/ansible_dnac #
Geo Lookup Plugin
This collection includes a lookup plugin which performs a resolution of the location provided to return the latitude and longitude. When adding buildings in DNAC, an address is required as well as the lat/long of that address. In the UI this resolution is performed for you. This plugin provides that functionality in this collection.
Below is an example task using the geo plugin.
# DNA Center Create Buildings
- name: create buildings
dnac_site:
host: "{{ inventory_hostname }}"
port: '443'
username: "{{ username }}"
password: "{{ password }}"
state: "{{ desired_state }}"
name: "{{ item.name }}"
site_type: "{{ item.site_type }}"
parent_name: "{{ item.parent_name }}"
address: "{{ item.building_address }}"
latitude: "{{ lookup('wwt.ansible_dnac.geo',item.building_address).latitude }}"
longitude: "{{ lookup('wwt.ansible_dnac.geo',item.building_address).longitude }}"
loop: "{{ sites }}"
when: item.site_type == 'building'NOTE: The
geolookup plugin is completely optional. Alternatively, you could manually resolve the lat/long and include them in the task. See thednac_sitemodule documentation for more information.
Requirements
Ansible version 2.9 or later is required for installation using Ansible Collections.
This solution requires the installation of the following python modules:
- geopy to resolve building addresses and populate lat/long
pip install geopy - requests for http requests
pip install requests - timezonefinder for resolving the timezone based on physical address
pip install timezonefinder==3.4.2
Installation
These Ansible modules have now been packaged into an Ansible Collection.
STEP 1. Install the ansible_dnac collection
ansible-galaxy collection install wwt.ansible_dnacSTEP 2. Validation that the modules have been installed properly can be performed by executing:
ansible-doc wwt.ansible_dnac.dnac_dhcp
If the results show the module documentation your installation was successful.
vagrant@ubuntu-xenial:~/ansible-dnac-modules$ ansible-doc dnac_dhcp
> DNAC_DHCP (/home/vagrant/ansible-dnac-modules/dnac_dhcp.py)
Add or delete DHCP Server(s) in the Cisco DNA Center Design Workflow. The DHCP Severs can be different values \ at different
levels in the group hierarchy.
OPTIONS (= is mandatory):
= dhcp_servers
IP address of the DHCP Server to manipulate.
type: listExamples
The examples below set the common-settings in the DNA Center Design workflow. Additional examples are included in the module documentation. ansible-doc *module_name*
name: test my new module
connection: local
hosts: localhost
gather_facts: false
no_log: true
collections:
- wwt.ansible_dnac
tasks:
- name: set the banner
dnac_banner:
host: 10.253.176.237
port: 443
username: admin
password: *****
banner_message: "created by a new ansible module for banners"
- name: set the ntp server
dnac_ntp:
host: 10.253.176.237
port: 443
username: admin
password: *****
ntp_server: 192.168.200.1
- name: set the dhcp server
dnac_dhcp:
host: 10.253.176.237
port: 443
username: admin
password: *****
dhcp_server: 192.168.200.1
- name: set the dns server and domain name
dnac_dns:
host: 10.253.176.237
port: 443
username: admin
password: *****
primary_dns_server: 192.168.200.1
secondary_dns_server: 192.168.200.2
domain_name: wwtatc.local
- name: set the syslog server
dnac_syslog:
host: 10.253.176.237
port: 443
username: admin
password: *****
syslog_server: 172.31.3.237
- name: set the snmp server
dnac_snmp:
host: 10.253.176.237
port: 443
username: admin
password: *****
snmp_server: 172.31.3.237
- name: set the netflow
dnac_netflow:
host: 10.253.176.237
port: 443
username: admin
password: *****
netflow_collector: 172.31.3.237
netflow_port: 6007
- name: set the timezone
dnac_timezone:
host: 10.253.176.237
port: 443
username: admin
password: *****
timezone: America/ChicagoAuthor
Jeff Andiorio - World Wide Technology