These modules provide declarative and idempotent access to configure the design elements of Cisco's DNA Center.
This repository is featured on the Cisco DevNet Code Exchange.
-
The webinar below was hosted by Redhat and delivered by Jeff Andiorio of World Wide Technology on 8/7/2018.
-
AnsibleFest 2019 Presentation
-
Additional slides providing an overview of the modules can be found here:
The documentation can be viewed using ansible-doc and will provide all of the details including examples of usage.
dnac_syslogdnac_snmpv2_credentialdnac_snmpdnac_ntpdnac_ippooldnac_groupdnac_dnsdnac_discoverydnac_dhcpdnac_device_rolednac_device_assign_sitednac_cli_credentialdnac_activate_credentialdnac_bannerdnac_archive_configdnac_del_archived_configdnac_netflowdnac_timezonednac_wireless_ssiddnac_wireless_provisiondnac_wireless_profile
This collection also includes an inventory plugin enabling the use of DNA Center as the source of truth for inventory.
-
Install the collection
ansible-galaxy collection install wwt.ansible_dnac
-
Configure the plugin by creating a file named
dna_center.yml. This is the plugin configuration file and I usually save it in a directory namedinventory.plugin: dna_center host: <your_dna_center> validate_certs: <true or false> use_dnac_mgmt_int: <true or false> username: <username> password: <vaulted password>
-
Enable the plugin by editing
ansible.cfg[inventory] enable_plugins = wwt.ansible_dnac.dna_center
-
Validate it works
ansible-inventory -i <path_to_dna_center.yaml> --graph --ask-vault-pass
Example output:
@all: |--@barcelona: |--@demo_environment: | |--@data_center_1: | | |--DC1-Border-INET.campus.local | | |--DC1-Border-MPLS.campus.local | | |--csr-atc-integration.campus.local | | |--dc1-nexus-7702.campus.local | |--@data_center_2: |--@fira: |--@tech_campus: | |--@bldg_56: | | |--@dnac: | | | |--dc1-9300-a.campus.local | | | |--dc1-9300-b.campus.local | | | |--dc1-9500-a.campus.local | | | |--prod-9800wlc-01.campus.local |--@the_cloud: | |--@aws: | | |--FNH-HOSP-0BMT-WLC1A.us-east-2.compute.internal |--@ungrouped: /development/wwt/ansible_dnac #
This collection includes a lookup plugin which performs a resolution of the location provided to return the latitude and longitude. When adding buildings in DNAC, an address is required as well as the lat/long of that address. In the UI this resolution is performed for you. This plugin provides that functionality in this collection.
Below is an example task using the geo plugin.
# DNA Center Create Buildings
- name: create buildings
dnac_site:
host: "{{ inventory_hostname }}"
port: '443'
username: "{{ username }}"
password: "{{ password }}"
state: "{{ desired_state }}"
name: "{{ item.name }}"
site_type: "{{ item.site_type }}"
parent_name: "{{ item.parent_name }}"
address: "{{ item.building_address }}"
latitude: "{{ lookup('wwt.ansible_dnac.geo',item.building_address).latitude }}"
longitude: "{{ lookup('wwt.ansible_dnac.geo',item.building_address).longitude }}"
loop: "{{ sites }}"
when: item.site_type == 'building'NOTE: The
geolookup plugin is completely optional. Alternatively, you could manually resolve the lat/long and include them in the task. See thednac_sitemodule documentation for more information.
Ansible version 2.9 or later is required for installation using Ansible Collections.
This solution requires the installation of the following python modules:
- geopy to resolve building addresses and populate lat/long
pip install geopy - requests for http requests
pip install requests - timezonefinder for resolving the timezone based on physical address
pip install timezonefinder==3.4.2
These Ansible modules have now been packaged into an Ansible Collection.
STEP 1. Install the ansible_dnac collection
ansible-galaxy collection install wwt.ansible_dnacSTEP 2. Validation that the modules have been installed properly can be performed by executing:
ansible-doc wwt.ansible_dnac.dnac_dhcp
If the results show the module documentation your installation was successful.
vagrant@ubuntu-xenial:~/ansible-dnac-modules$ ansible-doc dnac_dhcp
> DNAC_DHCP (/home/vagrant/ansible-dnac-modules/dnac_dhcp.py)
Add or delete DHCP Server(s) in the Cisco DNA Center Design Workflow. The DHCP Severs can be different values \ at different
levels in the group hierarchy.
OPTIONS (= is mandatory):
= dhcp_servers
IP address of the DHCP Server to manipulate.
type: listThe examples below set the common-settings in the DNA Center Design workflow. Additional examples are included in the module documentation. ansible-doc *module_name*
name: test my new module
connection: local
hosts: localhost
gather_facts: false
no_log: true
collections:
- wwt.ansible_dnac
tasks:
- name: set the banner
dnac_banner:
host: 10.253.176.237
port: 443
username: admin
password: *****
banner_message: "created by a new ansible module for banners"
- name: set the ntp server
dnac_ntp:
host: 10.253.176.237
port: 443
username: admin
password: *****
ntp_server: 192.168.200.1
- name: set the dhcp server
dnac_dhcp:
host: 10.253.176.237
port: 443
username: admin
password: *****
dhcp_server: 192.168.200.1
- name: set the dns server and domain name
dnac_dns:
host: 10.253.176.237
port: 443
username: admin
password: *****
primary_dns_server: 192.168.200.1
secondary_dns_server: 192.168.200.2
domain_name: wwtatc.local
- name: set the syslog server
dnac_syslog:
host: 10.253.176.237
port: 443
username: admin
password: *****
syslog_server: 172.31.3.237
- name: set the snmp server
dnac_snmp:
host: 10.253.176.237
port: 443
username: admin
password: *****
snmp_server: 172.31.3.237
- name: set the netflow
dnac_netflow:
host: 10.253.176.237
port: 443
username: admin
password: *****
netflow_collector: 172.31.3.237
netflow_port: 6007
- name: set the timezone
dnac_timezone:
host: 10.253.176.237
port: 443
username: admin
password: *****
timezone: America/ChicagoJeff Andiorio - World Wide Technology