?
Automation & Orchestration Infrastructure Automation
7 minute read

Cisco ACI Fabric Automation with Ansible

In order for us to scale our architect and engineering labor resources inside the ATC, we have automated our setups and teardowns of our Cisco ACI fabrics with Ansible automation.

In This Insight

In the Advanced Technology Center (ATC) at WWT, we (the ATC Lab Services team) have been asked to help customers evaluate Cisco's Application Centric Infrastructure (ACI) via our Proof of Concepts (POCs) for many years.  We've been through all of the iterations of Cisco ACI from "Single Fabrics", "Stretched Fabric", "Multi-Pod", to "Multi-Site".  

Because of all this activity with our customers, we are a bit unique in the fact that we build and customize Cisco ACI Fabrics over and over again for our customer POCs. In order for us to scale our architect and engineering labor resources inside the ATC, we have automated our setups and teardowns of our Cisco ACI fabrics with Ansible automation.

This ATC Insight centers around a video that one of our ATC Lab Architects, Dave Gratz, recorded to show the process of setting up a new ACI Fabric in an automated way using Ansible.

copy link

ATC Insight

High level of what is covered in the video

  • Fresh ACI Fabric cabled and ready to go
  • Ran setup script on the Cisco APIC
  • Waited 5-10 minutes
  • Ran Ansible Playbook or Script that kicked everything off and setup the ACI Fabric
  • Waited another 5-10 minutes
  • Able to Ping from a Windows 10 host in the ACI Fabric to its default gateway and the Internet (Google DNS IP address)
  • Total of 50 things were changed via Ansible automation to get this Cisco ACI Infrastructure up and running.
  • 18 different Ansible playbooks run in the specific template used in the video to deploy out the configurations to the Cisco ACI Fabric.

In the video:

Dave Gratz

Dave Gratz who is an WWT ATC Architect for the ATC Lab Services team who is focused heavily into data center technologies especially in the areas of network and security. He is a veteran of the ATC Lab Services team and has worked on several complex lab opportunities over the years with our customers.

 

A quick walk through of what is in the video:

The physical environment

Below is the environment that was used in this demonstration, and is one of several Cisco ACI Fabrics that we use in our customer Proof of Concepts (POCs). You can see the Windows 10 Host (bottom right) at 10.255.9.131 that was used to verify connectivity into the Cisco ACI Fabric (default gateway) and then through the Cisco ACI Fabric to the internet (Layer 3 Outbound to Google DNS).

The Cisco ACI Fabric used in the Advanced Technology Center (ATC) for this demonstration
The Cisco ACI Fabric used in the Advanced Technology Center (ATC) for this demonstration


Below is a screen scrape of Dave Gratz's screen showing the initial setup of the Cisco ACI Fabric through the Cisco Integrated Management Controller (CIMC), or what we like to call "the Sim-See".  Dave did not automate this portion of the build, but it is definitely possible, and we can show this in a later video.

Initial setup of Cisco ACI Fabric through the CIMC


Below is a screen scrape of Dave Gratz's screen just showing the Cisco APIC being reachable after some time waiting after the initial setup.

Cisco APIC after initial setup


Below is a screen scrape of Dave Gratz's screen showing the Cisco APIC before starting the Ansible script.  Notice that you do not see all of the leaf switches visible in the fabric membership, nor are they registered.

Cisco APIC before starting the Ansible script

 

Below is a screen scrape of Dave Gratz's screen showing the fact that he cannot ping the Windows 10 host default gateway at 10.255.9.129 and therefore he also cannot ping the internet at the Google DNS address 8.8.8.8.

Inability to ping the Windows 10 host default gateway at 10.255.9.129 and the internet at the Google DNS address 8.8.8.8.

 

Below is a screen scrape of Dave Gratz's screen showing our Ansible Tower instance in the Advanced Technology Center (ATC) and specifically the job Template he ran called "ACI - Deploy Fabric" which runs the Ansible scripts necessary to configure the Cisco ACI Fabric. 

Ansible Tower instance in the ATC

 

Below is a screen scrape of Dave Gratz's screen showing some of the specific within the Ansible ACI - Deploy Fabric job Template.

Ansible ACI - Deploy Fabric job Template

 

Below is a screen scrape of Dave Gratz's screen showing how he can adjust the variables in the Ansible scripts below in a text editor (Dave is using Sublime Text Editor to the right) where he has the template that can be modified with the variables.

How to adjust the variables in the Ansible scripts in a text editor

 

Below is a screen scrape of Dave Gratz's screen showing that the Ansible scripts are kicked off and running.

Running Ansible scripts

 

While the scripts are running, below is a screen scrape of Dave Gratz's screen showing the list of Ansible playbooks (all 18 of them) that run within this template to complete the configuration of the Cisco ACI Fabric.

Ansible playbooks

 

Below is a screen scrape of Dave Gratz's screen showing the Cisco APIC after the Ansible scripts are completed successfully.  You can see the nodes that are part of the Cisco ACI Fabric and have been registered.

Cisco APIC after the Ansible scripts are completed successfully

 

Below is a screen scrape of Dave Gratz's screen showing the amount of actual changes (50 total in orange text below) that Ansible needed to do in order to get the Cisco ACI Fabric configured properly.  All of this would have been manually done by Dave Gratz, and would have taken a lot more time if this was the case.

Actual changes Ansible needed for Cisco ACI Fabric to be configured properly

 

Below is a screen scrape of Dave Gratz's screen showing his ability to ping from his Windows 10 host successfully to the default gateway at ip address 10.255.9.129 and also the internet via the Google DNS ip address 8.8.8.8.

Ability to ping from Windows 10 host successfully to the default gateway at ip address 10.255.9.129 and the internet via the Google DNS ip address 8.8.8.8.

copy link

Expectations

Our expectation with this ATC Insight is to help our customers understand how the setup and configuration of Cisco ACI Fabrics can be automated by using Ansible.  This is the way we scale up and down Cisco ACI Fabrics inside the Advanced Technology Center (ATC).

copy link

Documentation

Please review the video embedded below. The video reviews the use of Ansible automation with one of our Cisco ACI Fabrics for initial configuration. The video is narrated by ATC Lab Services Architect Dave Gratz. 

0:42 Diagram depiction and layout
1:24 ATC Lab Services Use Case for automation with Ansible
2:18 Dave's Mac vs Windows debate reference (pretty funny)
2:30 CIMC access of APIC and walk through of initial setup script
3:38 Dave sounds like he is doing yoga poses while walking through demo LoL!
3:55 Able to ping the APIC
5:08 Able to reach APIC via GUI
5:50 Dave walks through Ansible Tower Template that runs his playbooks
7:33 Dave kicks off the Ansible script which starts the register process of ACI switches (or nodes)
8:18 Dave pauses Ansible script after initial register of the nodes because he needed to give APIC time to get everything registered and status finalized
9:10 Dave kicks of the second part of the script
10:41 Windows 10 workstation is able to ping default gateway
12:01 Windows 10 workstation is able to ping the internet (to Google IP address)