#CiscoLive

Driving your Cisco Multi-

Domain Intent-Based Network
Using Infrastructure as Code
Configure Cisco ACI, SDWAN and SDA with CI/CD pipeline

Lionel Hercot, Technical Marketing Engineer

@LHercot
PSODCN-1002

#CiscoLive
Agenda
• What is Infrastructure as Code
• Tools of the trade
• Demo
• Cisco IBN Providers and Collections

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Infrastructure as Code (IaC) – What/Why/How
• Automate the provisioning and management of the technology
stack
• Translate manual tasks into reusable, robust, distributable code
• Rely on practices that have been successfully used for years in
software development (version control, automated testing, release
tagging, continuous delivery, etc.)
• Benefits: much higher delivery speed; significant reliability boost

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
What is Ansible?
• Open-source Configuration Management Tool
• Commercial support from RedHat
• Declarative (when possible) and idempotent
• Can manage a wide range of systems:
• VMs, network devices, cloud instances, etc.

• Agentless
• Python server-side dependencies

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
What is Terraform?
• Open-source Infrastructure Provisioning Tool
• Commercial support from HashiCorp
• Declarative and idempotent
• Immutable infrastructure concept
• Can manage a wide range of systems:
VMs, network devices, cloud instances, etc.

• Agentless, single binary file

• Zero server-side dependencies

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Ansible or Terraform?
• Both Ansible and Terraform can coexist
• It’s not an either/or story
• Terraform can call Ansible for ad-hoc tasks after deploying a VM

• Terraform keeps state locally

• It knows what is configured vs desired end-state
• Can automatically destroy / recreate resources
• Ansible mutate the infrastructure
• Need to re-run everything
• Might need to create advanced controls to avoid long running scripts

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
CI/CD Pipeline
• Continuous Integration (CI)
• Practice of merging all developer changes to a shared repo several times a day
• It main include the creation and test of artifacts (executable, app, …)

• Continuous Deployment (CD)

• Approach to deliver new software functionalities frequently through automated
deployments
• Rely on Continuous Integration for tracking changes

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
What a CI/CD workflow looks like

Source Pipeline
User Code
Control Engine APP

1 2 3 4

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Common components of a CI/CD Pipeline

Code Source Control Pipeline / Orchestrator

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Let’s see it in action!
Use Case
User want to access a new App in the DC from either SDA or SDWAN

SDA
APIC

Users DC App

SDWAN
#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Cisco Pairwise Integrations

SDA ACI SDWAN ACI

APIC APIC

Security Group Mapping / Routing Quality of Services

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Use Case Single button to deploy all configurations using CI/CD pipeline

DevOps Code Git Pipeline

Engine

SDA

APIC

Users DC App

SDWAN

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Our Multi-Domain CI/CD pipeline
APIC
ACI

SDWAN

SDA

VMware

APP

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
 Cisco Intent-based Networking Collections

Network Data Center

ACI Multi Site
Cisco NXOS Cloud / Onprem
Assurance Network DNA Center Cisco IOS
Orchestrator
Engine Manager

80+ modules 80+ modules 45+ modules 6+ modules 5+ modules 100+ modules 34+ modules
in in in in in in in
cisco.nxos cisco.aci cisco.mso cisco.nae cisco.dcnm cisco.dnac cisco.ios

Available Today

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Cisco Intent-based Networking Providers

Data Center
ACI Multi Site DNA Center
Cloud / Onprem
Network
Orchestrator
Manager

Available Today

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
New DevNet Resources available!

New MSO Sandbox New Terraform Learning Labs

More Info on DevNet: https://developer.cisco.com/nexusapi/

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
 • Infrastructure as Code is a journey.
Start it today!
Key Takeaways • Cisco products are designed to be
automated
• Ansible and Terraform can work
together
• Go learn with our DEVNET learning
labs

PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Continue your education

Demos in the Cisco campus

Meet the engineer 1:1 meetings

Walk-in labs

Related sessions

#CiscoLive PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
 • ACI Ansible Modules Documentation Guide
https://docs.ansible.com/ansible/latest/scenario_guides/guide_aci.html

• Cisco DevNet Learning Labs

https://developer.cisco.com/learning/modules/ansible-aci-intro
https://developer.cisco.com/learning/modules/terraform-aci-intro
https://developer.cisco.com/learning/modules/ansible-mso-intro
https://developer.cisco.com/learning/modules/terraform-mso-intro

• Cisco DCN Collection / Providers GitHub Repos

https://github.com/CiscoDevNet/ansible-aci
https://github.com/CiscoDevNet/ansible-mso

References
https://github.com/CiscoDevNet/ansible-nae
https://github.com/CiscoDevNet/ansible-dcnm
https://github.com/CiscoDevNet/terraform-provider-aci
https://github.com/CiscoDevNet/terraform-provider-mso
https://github.com/CiscoDevNet/terraform-provider-dcnm

• Cisco Collections on Ansible Galaxy

https://galaxy.ansible.com/cisco

• Cisco Providers on Terraform

https://registry.terraform.io/namespaces/CiscoDevNet

• Demo Code GitHub Repository

https://github.com/lhercot/
https://github.com/ciscoecosystem/terraform-aci-community-samples

PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
 • Demo Videos
• All things Ansible for ACI
https://www.youtube.com/watch?v=XQtqwZfiBMg

• Composable Infrastructure with ACI and Terraform

https://youtu.be/5OJN4sOAQ2g

• Deconstructing DCN CI/CD Pipelines

https://youtu.be/_-Fe9_0nE6s

• Ansible for ACI and NAE in a pipeline

https://www.ciscolive.com/global/on-demand-
library.html?search=camillo#/session/1564528256105001e9zi

References (continued) • Making you network cloud native with Cisco ACI
and GitOps
https://youtu.be/VzYXCC4ExWE

• Codify Security in K8s w/ Terraform, GitOps & ACI

https://www.youtube.com/watch?v=VH1QWP1oxYg

• In-Fabric Auto-Scaling with Consul and Cisco ACI

https://www.youtube.com/watch?v=htNWDOChlXk

• Mind the Gap, Bridging Cloud and On-Prem

Infrastructures
https://www.youtube.com/watch?v=r2GhTKAHWCw

• Enabling Hybrid Network-as-Code with Cisco ACI

and HashiCorp Terraform
https://www.youtube.com/watch?v=f8VBVp7LKSw

PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
 • What’s new and exciting on Cisco ACI with
Red Hat Ansible Collections
https://blogs.cisco.com/datacenter/whats-new-and-
exciting-on-cisco-aci-with-red-hat-ansible-collections

• Why Cisco ACI with HashiCorp Terraform

really matters
https://blogs.cisco.com/datacenter/why-cisco-aci-with-
hashicorp-terraform-really-matters

References (continued)
• Plenty of Cisco Live recorded sessions
• Webinars
• Building an automated hybrid multicloud with Cisco ACI
and HashiCorp Terraform
• Cisco ACI with HashiCorp Terraform
• Introduction to Terraform and ACI
• Redefining the Intelligent Network with Cisco ACI and
HashiCorp Consul

PSODCN-1002 © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Thank you

#CiscoLive
#CiscoLive