• Nexus Dashboard
  • USER: admin
  • PASS: cisco.123
  • ND Web interface
  • Switch Login
  • USER: admin
  • PASS: cisco.123
  • staging-spine1: 10.15.30.11
  • staging-leaf1: 10.15.30.12
  • staging-leaf2: 10.15.30.13
  • staging-leaf3: 10.15.30.14
  • staing-ext-rtr: 10.15.30.15
  • prod-spine1: 10.15.30.18
  • prod-leaf1: 10.15.30.19
  • prod-leaf2: 10.15.30.20
  • prod-leaf3: 10.15.30.21
  • prod-ext-rtr: 10.15.30.22
  • GitLab Server
  • USER: pod30
  • PASS: c1sco.123
  • Gitlab
  • Test VM Login
  • USER: cisco
  • PASS: cisco.123
  • staging-server1: 10.15.30.16
  • staging-server2: 10.15.30.17
  • prod-server1: 10.15.30.23
  • prod-server2: 10.15.30.24
  • Code-Server
  • address: https://10.15.0.190:8443/?folder=/home/pod30/workspace
POAP
Ansible

Lab Check Point Time

Let's review what you have done so far in this Ansible lab section

  1. Created all of the roles/ansible file structure to build out a fabric
  2. Constructed Ansible Sub-Task files to Create the staging fabric
  3. Constructed Ansible Sub-Task files to add 1 spine and 2 leaf devices to the staging fabric
  4. Constructed Ansible Sub-Task files to manage vPC configuration and host facing interfaces
  5. Constructed Ansible Sub-Task files to add overlay VRFs and Networks to the staging fabric

Ansible Role - [add-inventory]

In this part of the lab you will add leaf3 as a border leaf using the NXOS Power On Auto Provisioning Feature (POAP)

Now you are going to start populating other task files that are included in the roles that you already created to extend the functionality and make the roles more powerful and complete.

The first task will focus on adding a new leaf device to your fabric but this time you are going to use the NXOS Power On Auto Provisioning (POAP) feature. This allows a NXOS device to be powered on and NDFC will automatically discover the device and add it to the fabric.

Later in this lab, leaf3 acting as the border leaf will be used to extend the fabric to an external fabric.


Step 1 - Return to VSCode & Close All Open Tabs

On the keyword press Ctrl + K + W. This should close all open tabs to clear your workspace for the next section.


Step 2 - Open the roles/add_inventory/tasks/add_fabric_devices_poap.yml subtask file

Over the next two sections, you will start populating the placeholer files and clearing up the [WARNING] messages seen when you have been executing your Ansible playbook.

You're going to revisit your add_inventory role and update the add_fabric_devices_poap.yml tasks to allow for POAPing switches into the fabric. Open the add_fabric_devices_poap.yml file in the roles/add_inventory/tasks directory. 


code-server -r ~/workspace/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_devices_poap.yml

Step 3 - Copy and Paste The Following Tasks Into The File



- name: Query Until POAP Switch Becomes Available
  cisco.dcnm.dcnm_rest:
    method: GET
    path: "/appcenter/cisco/ndfc/api/v1/lan-fabric/rest/control/fabrics/{{ fabric_settings.FABRIC_NAME }}/inventory/poap"
  register: result
  until: result.response.DATA | length > 0
  retries: 10
  delay: 1
  ignore_errors: true

- ansible.builtin.debug:
    msg: "Serial Number - {{ result.response.DATA[0].serialNumber }}"
  when: result.response.DATA | length > 0

- name: Set Switch Serial Number
  ansible.builtin.set_fact:
    leaf3_serial_number: "{{ result.response.DATA[0].serialNumber }}"
  when: result.response.DATA | length > 0

- name: Add Switches to {{ fabric_settings.FABRIC_NAME }} Using POAP
  cisco.dcnm.dcnm_inventory:
    fabric: "{{ fabric_settings.FABRIC_NAME }}"
    config: >-
      {%- set poap_inventory = fabric_inventory | selectattr('poap', 'defined') | list -%}
      {%- set _ = poap_inventory[0]['poap'][0].update({'serial_number': leaf3_serial_number}) -%}
      {{ poap_inventory }}
    state: merged
  when: result.response.DATA | length > 0
  # This is what the poap_config variable data looks like:
  # - seed_ip: 10.15.1.14
  #   user_name: admin
  #   password: cisco.123
  #   role: border
  #   poap:
  #     - serial_number: {{ leaf3_serial_number }}
  #       model: N9K-C9300v
  #       version: 9.3(8)
  #       hostname: staging-leaf3
  #       config_data:
  #         modulesModel: [N9K-X9364v, N9K-vSUP]
  #         gateway: 10.15.1.1/24

Take note that the role we are assigning to leaf3 is border since this leaf is a border leaf.

After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.

Warning

Be sure to save your file! Not saving will result in your code not executing.

Step 4 - Execute build_fabric.yml Ansible Playbook

Make sure you are in the root Ansible directory and execute the bulid_fabric.yml playbook to query NDFC for the new serial number of the device you are adding to the fabric using POAP and then add the device to the fabric. 


cd ~/workspace/ndfclab/ansible

From the root ansible project directory execute the following command. 


ansible-playbook -i hosts.stage.yml build_fabric.yml --tags ai_poap

You playbook that includes POAP now should be running and look similar to the below: 

    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/create_fabric/tasks/manage_external_fabric.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_external_devices.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_interfaces/tasks/loopback_interfaces.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/resync_fabric.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/add_vrf_lite_vrfs.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/add_policies.yml is empty and had no tasks to include

    PLAY [Build VXLAN EVPN Fabric on NDFC] ********************************************************************************************************************************************************************

    TASK [add_inventory : ansible.builtin.debug] **************************************************************************************************************************************************************
    ok: [10.15.0.98] => {
        "msg": [
            "----------------------------------------------------------------",
            "+             Calling Role - [add_inventory]                   +",
            "----------------------------------------------------------------"
        ]
    }

    TASK [add_inventory : Query Until POAP Switch Becomes Available] ******************************************************************************************************************************************
    ok: [10.15.0.98]

    TASK [add_inventory : ansible.builtin.debug] **************************************************************************************************************************************************************
    ok: [10.15.0.98] => {
        "msg": "Serial Number - 9LYWYN8UWG7"
    }

    TASK [add_inventory : Set Switch Serial Number] ***********************************************************************************************************************************************************
    ok: [10.15.0.98]

    TASK [add_inventory : Add Switches to fabric-stage Using POAP] ********************************************************************************************************************************************
    [WARNING]: Managing fabric switches can take a while.  Please be patient...

This step will take around 10-12 mins to complete

This add_inventory role for POAP is doing the following:

  • The POAP process starts by assigning a temporary IP address to the switch via the DHCP protocol. Additional DHCP scope options are also provided to facilitate the configuration script download.
  • The switch, acting as a DHCP client, will use this information to contact the TFTP server (NDFC) to obtain the configuration script file.
  • The logic of the configuration script will download the software image, switch configuration and any other additional requirements from the network
  • Finally the switch will be added to the NDFC fabric, rebooted with the correct image and border leaf role configuration will be applied
Go ahead try the next step while the Ansible Script is running so you can see leaf3 getting added into NDFC.

Step 5 - Return to NDFC and Verify Switch Discovery with POAP

In NDFC, check the POAP process and switch inventory:

  1. Click Switches in the top navigation bar
  2. Take note that staging-leaf3 has appeared in the list of switches
  3. Take note that staging-leaf3 is being discovered



This is another good time for a cup of coffee or tea while the switch is added using POAP!

Upon a successful run of the playbook your output should look as follows: 

    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/create_fabric/tasks/manage_external_fabric.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_external_devices.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_interfaces/tasks/loopback_interfaces.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/resync_fabric.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/add_vrf_lite_vrfs.yml is empty and had no tasks to include
    [WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/manage_overlay/tasks/add_policies.yml is empty and had no tasks to include

    PLAY [Build VXLAN EVPN Fabric on NDFC] ********************************************************************************************************************************************************************

    TASK [add_inventory : ansible.builtin.debug] **************************************************************************************************************************************************************
    ok: [10.15.0.98] => {
        "msg": [
            "----------------------------------------------------------------",
            "+             Calling Role - [add_inventory]                   +",
            "----------------------------------------------------------------"
        ]
    }

    TASK [add_inventory : Query Until POAP Switch Becomes Available] ******************************************************************************************************************************************
    ok: [10.15.0.98]

    TASK [add_inventory : ansible.builtin.debug] **************************************************************************************************************************************************************
    ok: [10.15.0.98] => {
        "msg": "Serial Number - 9LYWYN8UWG7"
    }

    TASK [add_inventory : Set Switch Serial Number] ***********************************************************************************************************************************************************
    ok: [10.15.0.98]

    TASK [add_inventory : Add Switches to fabric-stage Using POAP] ********************************************************************************************************************************************
    [WARNING]: Managing fabric switches can take a while.  Please be patient...
    changed: [10.15.0.98]

    PLAY RECAP ************************************************************************************************************************************************************************************************
    10.15.0.98                 : ok=5    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Examine Playbook and Output Above

Take note of the serial number in the Ansible logs after running the last task. This serial number was stored using the ansible ansible.builtin.set_fact module and then passed in dynamically to the cisco.dcnm.dcnm_inventory module to add the leaf3 device using POAP!

Don't Move On Until The Playbook Completes!

You might be tempted to move to the next section but it's important that you wait until the playbook adding the switch with POAP completes.


Step 6 - Return to NDFC and Verify Switch is Discovered from POAP

  1. Verify staging-leaf3 is discovered and the Config Status should be in In-Sync




Step 7 - Return to VSCode & Close All Open Tabs

On the keyword press Ctrl + K + W. This should close all open tabs to clear your workspace for the next section.



Once complete, move on to the next section to use your new border leaf that you just POAP'd into the fabric to extend the fabric to an external fabric using VRF-Lite.