• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND Web interface
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • staging-spine1: 10.15.1.11
  • staging-leaf1: 10.15.1.12
  • staging-leaf2: 10.15.1.13
  • staging-leaf3: 10.15.1.14
  • staing-ext-rtr: 10.15.1.15
  • prod-spine1: 10.15.1.18
  • prod-leaf1: 10.15.1.19
  • prod-leaf2: 10.15.1.20
  • prod-leaf3: 10.15.1.21
  • prod-ext-rtr: 10.15.1.22
  • GitLab Server
  • USER: pod01
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • staging-server1: 10.15.1.16
  • staging-server2: 10.15.1.17
  • prod-server1: 10.15.1.23
  • prod-server2: 10.15.1.24
  • Code-Server
  • address: https://10.15.0.161:8443/?folder=/home/pod01/workspace
Interfaces
Ansible Role

Ansible Role - [manage-interfaces]

In this part of the lab you will add vPC interfaces on leaf1 and leaf2 and two host facing interfaces for server1 and server2

Step 1 - Add Variable File interfaces.yml under group_vars/stage/

To manage the interfaces on the staging fabric, you will create a file that contains the interface variable data for vPC interfaces and access interfaces that you will provision to NDFC that will be configured on leaf1 and leaf2 when deployed.

Group Vars stage

This data file is going back to stored in the group_vars/stage directory as it is specific data configuration for your staging or test fabric. When it comes time to deploy to production you will have a similar file in the group_vars/prod directory. 


touch ~/workspace/ndfclab/ansible/group_vars/stage/interfaces.yml
cat << EOF > ~/workspace/ndfclab/ansible/group_vars/stage/interfaces.yml
---

interfaces:
  # --------------------
  # VCP Interface List
  # --------------------
  vpc:
    - name: vpc10
      type: vpc
      switch:
        - 10.15.1.12
        - 10.15.1.13
      deploy: false
      profile:
        admin_state: true
        mode: trunk
        peer1_members:
          - e1/5
        peer2_members:
          - e1/5
        pc_mode: active
        bpdu_guard: true
        port_type_fast: true
        mtu: jumbo
    - name: vpc20
      type: vpc
      switch:
        - 10.15.1.12
        - 10.15.1.13
      deploy: false
      profile:
        admin_state: true
        mode: trunk
        peer1_members:
          - e1/6
        peer2_members:
          - e1/6
        pc_mode: active
        bpdu_guard: true
        port_type_fast: true
        mtu: jumbo
  # ----------------------
  # Access Interface List
  # ----------------------
  access:
    - name: eth1/1
      type: eth
      switch:
        - 10.15.1.12
      deploy: false
      profile:
        admin_state: true
        mode: access
        speed: auto
        bpdu_guard: false
        port_type_fast: true
        mtu: jumbo
        access_vlan: 2301
        cmds:
          - no shutdown
        description: "VLAN 2301 Access Interface"
    - name: eth1/1
      type: eth
      switch:
        - 10.15.1.13
      deploy: false
      profile:
        admin_state: true
        mode: access
        speed: auto
        bpdu_guard: false
        port_type_fast: true
        mtu: jumbo
        access_vlan: 2302
        cmds:
          - no shutdown
        description: "VLAN 2302 Access Interface"

EOF

Step 2 - Open The Main Task File for the manage_interfaces Role

For the manage_interfaces role tasks, ensure you are in your VSCode Terminal and open the main.yml file found in the roles/manage_interfaces/tasks directory using the VSCode code keyword as before. 


code-server -r ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/main.yml

Step 3 - Add Tasks To Manage Interfaces on Leaf Switches

Copy the below tasks into the roles/manage_interfaces/tasks/main.yml file that uses various subtask imports for managing different types of interfaces in NDFC via Ansible. 



- ansible.builtin.debug:
    msg:
      - "----------------------------------------------------------------"
      - "+             Calling Role - [manage_interfaces]               +"
      - "----------------------------------------------------------------"
  tags:
    - mi_hosts
    - mi_vpc
    - mi_loopback
    - mi_all

- name: Include Tasks To Manage Host Facing Interfaces
  ansible.builtin.import_tasks: host_interfaces.yml
  tags:
    - mi_hosts
    - mi_all

- name: Include Tasks To Manage vPC Interfaces
  ansible.builtin.import_tasks: vpc_interfaces.yml
  tags:
    - mi_vpc
    - mi_all

- name: Include Tasks To Manage Loopback Interfaces
  ansible.builtin.import_tasks: loopback_interfaces.yml
  tags:
    - mi_loopback
    - mi_all

After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.

Warning

Be sure to save your file! Not saving will result in your code not executing.


Step 4 - Add Tasks to host_interfaces.yml Subtask File for Managing Host-Facing Interfaces

This file contains the subtasks used to configure host facing interfaces for the Linux servers connected to leaf1 and leaf2. 


touch ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/host_interfaces.yml
cat << EOF > ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/host_interfaces.yml
---

- name: Create Host Facing Access Interfaces On Leaf Switches
  cisco.dcnm.dcnm_interface:
    fabric: "{{ fabric_settings.FABRIC_NAME }}" 
    config: "{{ interfaces.access }}"
    state: merged
EOF

Step 5 - Add Tasks to vpc_interfaces.yml Subtask File for Managing vPC Interfaces

This file contains the subtasks used to configure a vPC interface on leaf1 and leaf2. 


touch ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/vpc_interfaces.yml
cat << EOF > ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/vpc_interfaces.yml
---

- name: Create vPC Interfaces on Leaf Switches
  cisco.dcnm.dcnm_interface:
    fabric: "{{ fabric_settings.FABRIC_NAME }}"
    config: "{{ interfaces.vpc }}"
    state: merged
EOF

Step 6 - Add Empty Placeholder Subtask File for loopback_interfaces.yml

Just like the previous sections, you need to add an empty placeholder file for managing loopback interfaces that will be filled in with tasks later in this lab.

ansible.builtin.import_tasks: loopback_interfaces.yml 


touch ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/loopback_interfaces.yml
cat << EOF > ~/workspace/ndfclab/ansible/roles/manage_interfaces/tasks/loopback_interfaces.yml
---
EOF

Step 7 - Open the Top Level build_fabric.yml Ansible Playbook

Navigate back to your build_fabric.yml file by using the VSCode code command: 


code-server -r ~/workspace/ndfclab/ansible/build_fabric.yml

Step 8 - Add a line to call the manage_interfaces role under the roles: section of the playbook

Your build_fabric.yml file should already be populated from the previous section. With the file open, you only need to add the highlighted line, which should be line number 13 in your file. You can do this by highlighting the text in the lab guide and copying then pasting in your file or typing the line in your file. After one of those actions, press the return key such that there is a new line after where you entered - manage_interfaces.

Note:

Make sure you identation is correct and aligns with the previous item which should be:
- setup_vpc 


---
# This is the top level build playbook that runs the various
# Ansible roles that will be used to build out the fabric

- name: Build VXLAN EVPN Fabric on NDFC
  hosts: ndfc
  gather_facts: false

  roles:
    - create_fabric
    - add_inventory
    - setup_vpc
    - manage_interfaces # Add This Line Under The setup_vpc role from the previous section

After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.

Warning

Be sure to save your file! Not saving will result in your code not executing.

Step 9 - Execute Ansible Playbook

Make sure you are in the root Ansible directory 


cd ~/workspace/ndfclab/ansible

From the root ansible project directory execute the following command. 


ansible-playbook -i hosts.stage.yml build_fabric.yml --tags mi_hosts,mi_vpc

Upon a successful run of the playbook your output should look as follows: 

    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/create_fabric/tasks/manage_external_fabric.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_devices_poap.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_external_devices.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_interfaces/tasks/loopback_interfaces.yml is empty and had no tasks to include
    
    PLAY [Build VXLAN EVPN Fabric on NDFC] ********************************************************************************************************************************************************************
    
    TASK [manage_interfaces : ansible.builtin.debug] **********************************************************************************************************************************************************
    ok: [10.15.0.11] => {
        "msg": [
            "----------------------------------------------------------------",
            "+             Calling Role - [manage_interfaces]               +",
            "----------------------------------------------------------------"
        ]
    }
    
    TASK [manage_interfaces : Create Host Facing Access Interfaces On Leaf Switches] **************************************************************************************************************************
    changed: [10.15.0.11]
    
    TASK [manage_interfaces : Create vPC Interfaces on Leaf Switches] *****************************************************************************************************************************************
    changed: [10.15.0.11]
    
    PLAY RECAP ************************************************************************************************************************************************************************************************
    10.15.0.11                 : ok=3    changed=2    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Step 13 - Return to NDFC & Verify Interface Configuration is Pending

Return to your NDFC browser where you should be sitting on the Switches tab.

  1. Click the Interfaces tab in the top navigation bar

    2. When reviewing the Interfaces tab, it is expected to see interfaces in various status since a deployment has not taken place yet. Again, you will deploy to your switches in the deploy role. Following the remaining steps to verify the interface configuration is pre-staged in NDFC.



  2. In the Filter by attributes, in the drop down list select Interface, then repeat and select contains



  3. Then type vpc and hit enter

    4. Make sure Interfaces vPC10 and vPC20 are created between staging-leaf1 and staging-leaf2 and they are NA under Sync Status. These will change to In-Sync after the deployment role is completed later in the lab.




  4. Clear the current filter. Then in the Filter by attributes drop down select Interface, then select ==



  5. Then type in Ethernet1/1 and hit Enter

    6. Verify that the policy for interface Ethernet1/1 on leaf1 and leaf2 is set to int_access_host





Step 14 - Return to VSCode & Close All Open Tabs

On the keyword press Ctrl + K + W. This should close all open tabs to clear your workspace for the next section.



Continue to the next section to build out the Ansible overlay role for configuring VRFs and networks on the staging fabric.