Step 1 - Create a new branch in your repo called new_overlay

You are going to create a new branch in your repo called new_overlay. This is a common practice to make changes to your code and validate those changes against your fabric in its own branch before merging them into your main branch.

git checkout -b new_overlay

Step 2 - Add A New Overlay Variables File

Since you have a central variable file for all of your VRFs and Networks, all you need to do is modify the file to add the new data. Normally you would open this file and add the new Networks but to make it easy we are going to replace the file you created earlier with the new Networks added in.

Step 3 - Add the Modified overlay.yml for Committing to the GitLab Repo

git add .

Step 4 - Double Check File Staged For Commit

git status .

The following file is staged for commit. Make sure your list matches the output below!

    On branch new_overlay
    Changes to be committed:
    (use "git restore --staged <file>..." to unstage)
            new file:   host_vars/msd-fabric-group/new_overlay.nac.yml

Step 5 - Commit Files to the GitLab Repo

git commit -m "Add new Overlay"

    [new_overlay 4948e62] Add new Overlay
    1 file changed, 57 insertions(+)
    create mode 100644 host_vars/msd-fabric-group/new_overlay.nac.yml

Step 6 - Push Files to the GitLab Repo new_overlay Branch

git push -u origin new_overlay

    Enumerating objects: 8, done.
    Counting objects: 100% (8/8), done.
    Delta compression using up to 8 threads
    Compressing objects: 100% (5/5), done.
    Writing objects: 100% (5/5), 734 bytes | 367.00 KiB/s, done.
    Total 5 (delta 3), reused 0 (delta 0), pack-reused 0
    remote:
    remote: To create a merge request for new_overlay, visit:
    remote:   http://10.15.0.159/Pod01_2025_01/LTRDCN-3439/-/merge_requests/new?merge_request%5Bsource_branch%5D=new_overlay
    remote:
    To 10.15.0.159:Pod01_2025_01/LTRDCN-3439.git
    * [new branch]      new_overlay -> new_overlay
    Branch 'new_overlay' set up to track remote branch 'new_overlay' from 'origin'.

Step 7 - Check to Make Sure the Lint Stage Was Run

As soon as the code was committed to the new_overlay branch, Ansible Lint validation was triggered. Return to your GitLab and navigate to Pipelines:

1. Click Build on the side menu
2. Then click Pipelines
3. Go into the new pipeline by clicking on the blue circle with a half moon icon or on the blue link titled Running

Only the lint stage is triggered when committing the code to the new_overlay branch, the green circle check icon indicates the pipeline succeeded



This shows the ansible_lint job ran successfully for the initial setup commit. If you want to see detailed logs of the job run you can click the ansible_lint job.




Click on the nac_validate job to open the detailed logs to see why this job failed.

Step 8 - Fix Semantic Error

From the detailed logs of the nac_validate job, you can see the following error:

"Semantic error, rule 201: Verify VRFs and Networks cross reference items (['Network (NaC-GitLab-Net01) is referencing VRF (NaC-GitLab-VRF01) which is not defined in the service model. Add the VRF to the service model or remove the network from the service model and re-run the playbook.'

This means that the NaC-GitLab-Net01 Network is referencing a VRF that does not exist in the service model. To fix this, we need to change vrf_name: NaC-VRF01 to vrf_name: NaC-GitLab-VRF01 in the new_overlay.nac.yml file.

sed -i 's/NaC-VRF/NaC-GitLab-VRF01/g' ~/workspace/ndlab/nac/host_vars/msd-fabric-group/new_overlay.nac.yml

Step 9 - Commit Files to the GitLab Repo

git commit -am "Fix semantic error"

    [new_overlay 753fe36] Fix semantic error in new Network
    1 file changed, 1 insertion(+), 1 deletion(-)

Step 10 - Push Files to the GitLab Repo new_overlay Branch

git push -u origin new_overlay

    Enumerating objects: 9, done.
    Counting objects: 100% (9/9), done.
    Delta compression using up to 8 threads
    Compressing objects: 100% (5/5), done.
    Writing objects: 100% (5/5), 419 bytes | 419.00 KiB/s, done.
    Total 5 (delta 4), reused 0 (delta 0), pack-reused 0
    remote:
    remote: To create a merge request for new_overlay, visit:
    remote:   http://10.15.0.159/Pod01_2025_01/LTRDCN-3439/-/merge_requests/new?merge_request%5Bsource_branch%5D=new_overlay
    remote:
    To 10.15.0.159:Pod01_2025_01/LTRDCN-3439.git
    6e2ad2f..71d0ba6  new_overlay -> new_overlay
    Branch 'new_overlay' set up to track remote branch 'new_overlay' from 'origin'.

Step 11 - Check to Make Sure the Lint Stage Was Run

As soon as the code was committed to the new_overlay branch, Ansible Lint validation was triggered. Return to your GitLab and navigate to Pipelines:

1. Click Build on the side menu
2. Then click Pipelines
3. Go into the new pipeline by clicking on the blue circle with a half moon icon or on the blue link titled Running

Again, only the lint stage is triggered when committing the code to the new_overlay branch, the green circle check icon indicates the pipeline succeeded



After fixing our error, all three jobs in the lint stage ran successfully. If you want to see detailed logs of the job run you can click on any of the jobs.

Step 12 - Create a Merge Request (Also known as a Pull Request)

Now you need to create a merge request to verify/test the new Networks configuration against the NDFC staging environment fabric.

1. Click Merge requests on the side menu
2. Then click the blue New merge request button located in the center of the page




3. Select new_overlay as Source branch
4. Select main as Target branch
5. Then click Compare branches and continue




6. Change the Title of this merge request to Fix semantic error in new Network and leave the rest of the fields with the default settings
7. Then click Create merge request




8. Click the Pipeline number or the blue circle with half moon icon to navigate to pipeline page

Step 13 - Wait Until Pipeline Completes

1. Wait until your pipeline completes.
2. Click the !# link in the text Related merge request !# to merge new_overlay (The link is !1 in the screenshot below).

Step 14 - Merge the Request

To open the merge request page:

1. Click the blue Merge button




2. Once your code is merged, a new CD pipeline is triggered (#475 in this screenshot). Click the Pipeline number or the blue circle with half moon icon to navigate to the pipeline page. Ensure you click on the new pipeline that is currently running and not the previous pipeline that has already passed.

Step 15 - Wait Until the Pipeline is Finished

Wait until the pipeline is finished:

This step will deploy the new VRF and new Networks to all the Fabrics

You have now modified your Fabric by updating your source code and then using the CI and CD pipelines to deploy the changes!

Step 16 - Login to Nexus Dashboard and verify the new Networks on your msd-fabric-group

In your browser, navigate back to your NDFC instance.

1. From the Overview page, click Fabrics




2. Then click on the Fabric Groups tab.
3. Click on the msd-fabric-group




4. Click the Segmentation and security tab in the top navigation bar
5. Click the Networks tab in the sub-navigation bar
Verify you still see the new Networks NaC-GitLab-Net01 and NaC-GitLab-Net02.
6. Click NaC-GitLab-Net01 to review the Network details




7. Click Network Attachments
8. Confirm NaC-GitLab-Net01 is deployed and attached as expected to your switches




9. Click VRF
10. Confirm NaC-GitLab-VRF01 is associated to NaC-GitLab-Net01
11. Click the close (X) button in the top right corner of the window




12. Click NaC-GitLab-Net02 to review the Network details




13. Click Network Attachments
14. Confirm NaC-GitLab-Net02 is deployed and attached as expected to your switches




15. Click VRF
16. Confirm NaC-GitLab-VRF01 is associated to NaC-GitLab-Net02
17. Click the close (X) button in the top right corner of the window




18. Click the VRFs tab in the sub-navigation bar
Verify you see the VRF NaC-GitLab-VRF01.
19. Click NaC-GitLab-VRF01 to review the VRF details




20. Click VRF Attachments
21. Confirm NaC-GitLab-VRF01 is deployed and attached to your switches




22. Click Networks
23. Confirm NaC-GitLab-Net01 and NaC-GitLab-Net02 are associated to NaC-GitLab-VRF01 and deployed to your switches
24. Click the close (X) button in the top right corner of the window




25. Review your fabric Overview to see the new VRF and Networks deployed to your fabric

Step 17 - Review All Pipelines Run As Part of Lab

Review all pipelines run as part of this lab.

1. Click Build on the side menu
2. Then click Pipelines

Congratulations on completing the lab!

• You successfully explored Network as Code's (NaC's) VXLAN as Code for Nexus Dashboard (ND) to model and deploy a VXLAN fabric, Site1, including external connectivity with an External fabric using Infrastructure-as-Code (IaC) principles.


• You learned about NaC's data model and modeled a second VXLAN fabric, Site2, in preparation for a multisite deployment.


• You then modeled two Inter-Site Network (ISN) fabrics in preparation to connect Site1 and Site2 VXLAN fabrics via VXLAN multisite.


• You culminated your local development by modeling a complete VXLAN multisite fabric with two sites connected via ISN fabrics using Infrastructure-as-Code (IaC) principles through NaC.


• You successfully added a new overlay to your VXLAN multisite deployment using GitLab CI/CD pipelines integrated with NaC, demonstrating the power of Infrastructure-as-Code (IaC) for network management.

Thank you for attending Cisco Live 2026!!