Cisco ACI with Ansible
In this article, we will show you how to use Ansible to automate the provisioning and configuration of Cisco ACI devices. We will also provide some tips on how to get started with Ansible for Cisco ACI.
Before we get started, let’s take a look at some of the key features of Cisco ACI that make it an attractive SDN solution:
Single point of management: Cisco ACI provides a centralized point of management for the entire network. This makes it easier to provision and configure network devices, as well as to apply and enforce network policies.
Scalability: Cisco ACI is designed to be highly scalable. It can support up to 10,000 devices and 100,000 endpoints.
Multi-tenancy: Cisco ACI supports multi-tenancy, which means that multiple tenants can share the same physical infrastructure. This can help to improve resource utilization and reduce costs.
Security: Cisco ACI includes built-in security features that can help to protect the network from attacks.
Automation: Cisco ACI includes a number of features that can help to automate network tasks, such as network provisioning and configuration.
Now that we’ve seen some of the key features of Cisco ACI, let’s take a look at how to use Ansible to automate the provisioning and configuration of Cisco ACI devices.
The first thing you need to do is install Ansible on your control node. Ansible can be installed using the pip command:
pip install ansible
Once Ansible is installed, you need to create a file called hosts in the /etc/ansible directory. This file will contain a list of all the hosts that Ansible needs to manage. In our case, we will add the following entry to the hosts file:
[aci-devices] 10.1.1.1
Next, we need to create a file called cisco.yml in the /etc/ansible/playbooks directory. This file will contain the Ansible playbook that will be used to provision and configure the Cisco ACI devices.
The cisco.yml file should start with the following lines:
- name: Configure Cisco ACI devices hosts: aci-devices connection: local
These lines tell Ansible that the playbook is called “Configure Cisco ACI devices” and that it should be run on the hosts listed in the hosts file. The connection line tells Ansible to use the local connection type.
Next, we need to add some tasks to the playbook. The first task will install the aciSDK package on the Cisco ACI devices. This package contains a number of modules that can be used to interact with the Cisco ACI API.
The task should look like this:
- name: Install aciSDK aci_install: package: aciSDK
The next task will use the aci_rest module to configure the Cisco ACI devices. This module can be used to make REST API calls to the Cisco ACI API.
The task should look like this:
- name: Configure Cisco ACI devices aci_rest: url: “{{ aci_url }}” username: “{{ aci_username }}” password: “{{ aci_password }}” method: POST content-type: “application/json” body: | { “fvTenant”: { “attributes”: { “name”: “{{ tenant_name }}”, “descr”: “{{ tenant_description }}” } } }
In this task, we are using the aci_rest module to make a POST request to the Cisco ACI API. We are passing in a JSON body that contains the configuration for a new tenant.
The last task in the playbook will use the aci_config module to push the configuration to the Cisco ACI devices. This module can be used to push configurations to devices using either the CLI or the REST API.
The task should look like this:
- name: Push configuration to Cisco ACI devices aci_config: url: “{{ aci_url }}” username: “{{
