• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • staging-spine1: 10.15.1.11
  • staging-leaf1: 10.15.1.12
  • staging-leaf2: 10.15.1.13
  • staging-leaf3: 10.15.1.14
  • staging-ext-rtr: 10.15.1.15
  • prod-spine1: 10.15.1.18
  • prod-leaf1: 10.15.1.19
  • prod-leaf2: 10.15.1.20
  • prod-leaf3: 10.15.1.21
  • prod-ext-rtr: 10.15.1.22
  • GitLab
  • USER: pod01
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • staging-server1: 10.15.1.16
  • staging-server2: 10.15.1.17
  • prod-server1: 10.15.1.23
  • prod-server2: 10.15.1.24
  • Code-Server
  • Code-Server
  • Serials
  • Get Serial Numbers
Variables
Ansible Setup

Step 1 - Create Ansible Inventory File for NDFC Staging Fabric

The Ansible inventory file defines how Ansible will connect and authenticate with NDFC. 


touch ~/workspace/ndfclab/ansible/hosts.stage.yml
cat << EOF > ~/workspace/ndfclab/ansible/hosts.stage.yml
---
# Connection Information For Staging Fabric
#
# This file defines how Ansible will connect to NDFC
ndfc:
  children:
    stage:
      hosts:
        10.15.0.11:
          ansible_connection: ansible.netcommon.httpapi
          ansible_httpapi_use_ssl: true
          ansible_httpapi_validate_certs: false
          ansible_network_os: cisco.dcnm.dcnm
          ansible_user: admin
          ansible_password: cisco.123

EOF

The hosts.stage.yml file above defines how Ansible connects and authenticates with NDFC

  • ndfc.children.stage: This specifies the inventory data targeting the staging fabric
  • 10.15.0.11: This is the IP Address of the NDFC Controller
  • ansible_connection: Defines the base Ansible plugin used for connecting to the NDFC REST Interface
  • ansible_httpapi_use_ssl: Indicates you want to use a secure SSL connection to the NDFC controller
  • ansible_network_os: The value cisco.dcnm.dcnm tells Ansible that you want to connect to NDFC/DCNM
  • ansible_user: The username used when connecting to NDFC
  • ansible_password: The password used when connecting to NDFC

Use Ansible-Vault For Passwords

For this lab you are using a clear text password but a best practice is to use Ansible Vault for encrypting passwords!

Reference: Ansible Vault Documentation


Step 2 - Add Variable File fabric.yml under group_vars/stage/


A best practice in Ansible is to organize and store your variables that will be used by various playbooks. This file contains the variable data for the following:

  • Fabric settings for fabric type VXLAN_EVPN with all other settings using NDFC's defaults
  • Fabric device inventory information

This variable data and other variable files you create during this lab will be used in your playbooks throughout the lab.

Group Vars stage

This data file is stored in the group_vars/stage directory as it is specific data configuration for your staging or test fabric. When it comes time to deploy to production you will have a similar file in the group_vars/prod directory. 


touch ~/workspace/ndfclab/ansible/group_vars/stage/fabric.yml
cat << EOF > ~/workspace/ndfclab/ansible/group_vars/stage/fabric.yml
---

# ---------------------------------------------------------------- #
# Fabric Settings                                                  #
# ---------------------------------------------------------------- #
fabric_settings:
    DEPLOY: yes
    FABRIC_NAME: fabric-stage
    FABRIC_TYPE: VXLAN_EVPN
    BGP_AS: 65001
    GRFIELD_DEBUG_FLAG: Enable

# ---------------------------------------------------------------- #
# Local Fabric Information                                         #
# ---------------------------------------------------------------- #
fabric_inventory:
    - seed_ip: 10.15.1.11
      user_name: admin
      password: cisco.123
      max_hops: 0
      role: spine
      preserve_config: false
    - seed_ip: 10.15.1.12
      user_name: admin
      password: cisco.123
      max_hops: 0
      role: leaf
      preserve_config: false
    - seed_ip: 10.15.1.13
      user_name: admin
      password: cisco.123
      max_hops: 0
      role: leaf
      preserve_config: false

EOF