In this part of the lab you will setup a vPC peer link between leaf1 and leaf2
setup_vpc RoleFor the setup_vpc role tasks, ensure you are in your VSCode Terminal and open the main.yml file found in the roles/setup_vpc/tasks directory using the VSCode code keyword as before.
code-server -r ~/workspace/ndfclab/ansible/roles/setup_vpc/tasks/main.yml
Copy the below tasks into the roles/setup_vpc/tasks/main.yml file that uses various Ansible built-in modules and dcnm_inventory.
The dcnm_inventory module performs a query against NDFC to get the state of vPC for the leaf switches. For the query to take place against NDFC,
some inline Jinja2 templating is used against your fabric_inventory variable data to create the expected list for the config element, which is the respective leaf switches.
Based on the query result, the setup_vpc flag is set to true or false. If the vPC pair is not configured between leaf1 and leaf2, the setup_vpc flag is set to true and the import_tasks module is used to call the setup_vpc_peer.yml file. The setup_vpc_peer.yml file contains the tasks to configure the vPC peer link between leaf1 and leaf2.
- ansible.builtin.debug:
msg:
- "----------------------------------------------------------------"
- "+ Calling Role - [setup_vpc] +"
- "----------------------------------------------------------------"
tags: vpc_all
- name: Query Fabric {{ fabric_settings.FABRIC_NAME }} Leaf1 and Leaf2 for vPC Configuration
cisco.dcnm.dcnm_inventory:
fabric: "{{ fabric_settings.FABRIC_NAME }}"
state: query
config: >-
{%- set seed_ip_list = [] -%}
{%- for switch in fabric_inventory | default([]) -%}
{%- if switch.role == 'leaf' -%}
{%- set _ = seed_ip_list.append(dict(seed_ip=switch.seed_ip)) -%}
{%- endif -%}
{%- endfor -%}
{{ seed_ip_list }}
register: query_result
tags: vpc_all
# The above inline Jinja2 template creates the list expected for the config element:
# - seed_ip: leaf1_seed_ip
# - seed_ip: leaf2_seed_ip
# Use flag variable 'setup_vpc' to track if you need to setup vpc.
# If it's already setup you can skip it
- name: Set Setup vPC Flag to Default True
ansible.builtin.set_fact:
setup_vpc: True
tags: vpc_all
- name: Set Setup vPC Flag to False If vPC Pair Is Already Configured
ansible.builtin.set_fact:
setup_vpc: False
when: item.isVpcConfigured == true
loop: "{{ query_result.response }}"
loop_control:
label: "{{ item.isVpcConfigured }}"
tags: vpc_all
- ansible.builtin.debug: msg="Setup vPC flag is - {{ setup_vpc }}"
tags: vpc_all
- name: Include Tasks To Create vPC Peers Between Leaf1 and Leaf2
ansible.builtin.import_tasks: setup_vpc_peer.yml
when: setup_vpc
tags: vpc_all
After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.
Be sure to save your file! Not saving will result in your code not executing.
setup_vpc_peer.yml Subtask File in the setup_vpc RoleFor the setup_vpc role tasks, ensure you are in your VSCode Terminal and open the main.yml file found in the roles/setup_vpc/tasks directory using the VSCode code keyword as before.
code-server -r ~/workspace/ndfclab/ansible/roles/setup_vpc/tasks/setup_vpc_peer.yml
setup_vpc_peer.yml for Managing vPC Peers
Copy the below tasks. The first task loops over your fabric_inventory and uses the dcnm_interface module
for each leaf switch to ensure the interfaces to be used for the vPC peer link are enabled as trunks on leaf1 and leaf2.
The second task uses the dcnm_vpc_pair module to create the vPC peers between leaf1 and leaf2. To get the proper leafs,
inline Jinja2 templating is used against your fabric_inventory variable data to create the expected list for the config element, by matching the leaf role with the selectattr.
Again, the dcnm_vpc_pair module has deploy set to false to stage the vPC pair configuration for deployment all at once.
---
- name: Enable Peer Link Interfaces as Trunks
cisco.dcnm.dcnm_interface:
fabric: "{{ fabric_settings.FABRIC_NAME }}"
config:
- name: eth1/8
type: eth
admin_state: true
switch:
- "{{ item.seed_ip }}"
profile:
mode: trunk
- name: eth1/9
type: eth
admin_state: true
switch:
- "{{ item.seed_ip }}"
profile:
mode: trunk
state: merged
ignore_errors: true
loop: "{{ fabric_inventory }}"
when: item.role == 'leaf'
no_log: true
- name: Create vPC Peers Between Leaf1 and Leaf2
cisco.dcnm.dcnm_vpc_pair:
src_fabric: "{{ fabric_settings.FABRIC_NAME }}"
deploy: false
state: merged
config: >-
{%- set vpc_leafs = fabric_inventory | selectattr('role', 'eq', 'leaf') -%}
{%- set vpc_peers = [dict(peerOneId=vpc_leafs[0].seed_ip, peerTwoId=vpc_leafs[1].seed_ip)] -%}
{{ vpc_peers }}
# The above inline Jinja2 template creates the list expected for the config element:
# - peerOneId: leaf1_seed_ip
# peerTwoId: leaf2_seed_ip
After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.
Be sure to save your file! Not saving will result in your code not executing.
build_fabric.yml Ansible PlaybookUse the VSCode code command to open or navigate back to your build_fabric.yml file.
code-server -r ~/workspace/ndfclab/ansible/build_fabric.yml
setup_vpc Under the roles: Section of Main Playbook
Your build_fabric.yml file should already be populated from the previous section. With the file open, you only need to add the highlighted line, which should be line number 12
in your file. You can do this by highlighting the text in the lab guide and copying then pasting in your file or typing the line in your file. After one of those actions, press the
return key such that there is a new line after where you entered - setup_vpc.
- add_inventory
---
# This is the top level build playbook that runs the various
# Ansible roles that will be used to build out the fabric
- name: Build VXLAN EVPN Fabric on NDFC
hosts: ndfc
gather_facts: false
roles:
- create_fabric
- add_inventory
- setup_vpc # Add This Line Under The add_inventory role from the previous section
After successfully populating the file above, save the file using Ctrl+s on the Windows keyboard or by clicking File then Save.
Be sure to save your file! Not saving will result in your code not executing.
Make sure you are in the root Ansible directory
cd ~/workspace/ndfclab/ansible
From the root ansible project directory execute the following command.
ansible-playbook -i hosts.stage.yml build_fabric.yml --tags vpc_all
Upon a successful run of the playbook your output should look as follows:
[WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/create_fabric/tasks/manage_external_fabric.yml is empty and had no tasks to include
[WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_devices_poap.yml is empty and had no tasks to include
[WARNING]: file /home/cisco/Documents/ndfclab/ansible/roles/add_inventory/tasks/add_fabric_external_devices.yml is empty and had no tasks to include
PLAY [Build VXLAN EVPN Fabric on NDFC] ********************************************************************************************************************************************************************
TASK [setup_vpc : ansible.builtin.debug] ******************************************************************************************************************************************************************
ok: [10.15.0.98] => {
"msg": [
"----------------------------------------------------------------",
"+ Calling Role - [setup_vpc] +",
"----------------------------------------------------------------"
]
}
TASK [setup_vpc : Query Fabric fabric-stage Leaf1 and Leaf2 for vPC Configuration] ************************************************************************************************************************
ok: [10.15.0.98]
TASK [setup_vpc : Set Setup vPC Flag to Default True] *****************************************************************************************************************************************************
ok: [10.15.0.98]
TASK [setup_vpc : Set Setup vPC Flag to False If vPC Pair Is Already Configured] **************************************************************************************************************************
skipping: [10.15.0.98] => (item=False)
skipping: [10.15.0.98] => (item=False)
skipping: [10.15.0.98]
TASK [setup_vpc : debug] **********************************************************************************************************************************************************************************
ok: [10.15.0.98] => {
"msg": "Setup vPC flag is - True"
}
TASK [setup_vpc : Enable Peer Link Interfaces as Trunks] **************************************************************************************************************************************************
skipping: [10.15.0.98] => (item={'seed_ip': '10.15.30.11', 'user_name': 'admin', 'password': 'cisco.123', 'max_hops': 0, 'role': 'spine', 'preserve_config': False})
changed: [10.15.0.98] => (item={'seed_ip': '10.15.30.12', 'user_name': 'admin', 'password': 'cisco.123', 'max_hops': 0, 'role': 'leaf', 'preserve_config': False})
changed: [10.15.0.98] => (item={'seed_ip': '10.15.30.13', 'user_name': 'admin', 'password': 'cisco.123', 'max_hops': 0, 'role': 'leaf', 'preserve_config': False})
skipping: [10.15.0.98] => (item={'seed_ip': '10.15.30.14', 'user_name': 'admin', 'password': 'cisco.123', 'role': 'border', 'poap': [{'serial_number': '9IZOB1DARSA', 'model': 'N9K-C9300v', 'version': '9.3(8)', 'hostname': 'staging-leaf3', 'config_data': None, 'modulesModel': ['N9K-X9364v', 'N9K-vSUP'], 'gateway': '10.15.30.1/24'}]})
TASK [setup_vpc : Create vPC Peers Between Leaf1 and Leaf2] ***********************************************************************************************************************************************
changed: [10.15.0.98]
PLAY RECAP ************************************************************************************************************************************************************************************************
10.15.0.98 : ok=6 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
The vPC peering should now be pre-staged between leaf1 and leaf2 with one taking the Primary role and the other taking the Secondary role. Return to NDFC and verify.
In NDFC, you should still be on the Switches tab, if not:
You might see staging-leaf1 or staging-leaf2 taking the primary role. Your output does not have to match exactly.
On the keyword press Ctrl + K + W. This should close all open tabs to clear your workspace for the next section.
Continue to the next section vPC and access interfaces for the leaf switches in your fabric using Ansible.