published

vManage APIs for Application Aware Routing Policies

This public repo contains python code that can be used to interact with the Cisco SD-WAN vManage REST API. The environment is pre-configured to access the Cisco DevNet Reservable Sandbox for SD-WAN fabric.You can edit the variables in the environment to point to your own vManage instance. The code contains REST API calls to authenticate, modify preferred color in Application Aware Routing policy. Cisco SD-WAN vManage 19.2.2.

Sandbox Image

Objective

  • How to use vManage APIs to edit Application Aware Routing Policy.

Requirements

To use this code you will need:

  • Python 3.7+
  • vManage user login details. (User should have privilege level to configure policies)

Install and Setup

  • Clone the code to local machine.
git clone https://github.com/ciscodevnet/sdwan-policy-automation.git
cd sdwan-policy-automation
  • Setup Python Virtual Environment (requires Python 3.7+)
python3.7 -m venv venv
source venv/bin/activate
pip3 install -r requirements.txt
  • YAML file vmanage_login.yaml with the Cisco SD-WAN Sandbox has been created You can edit the variables in the environment to point to your own vManage instance.

Example:

Yaml

  • To modify the preferred color in Application Aware Routing policy, run the script using command python modify-app-policy-color.py on macOS/Ubuntu env or py -3.7 modify-app-policy-color.py on windows env

  • Possible input values for the new transport color are as below

3g
biz-internet
blue
bronze
custom1
custom2
custom3
gold
green
lte
metro-ethernet
mpls
private1
private2
private3
private4
private5
private6
public-internet
red
silver
  • Input value for the App route policy name is Outlook-AAR-Policy if you are using the DevNet SD-WAN 19.2 Reserve Sandbox

Sample Outputs

AppOutput

Use Case

Application-Aware Routing policy is configured in vManage as a centralized data policy that maps the service-side application(s) to specific SLA requirements. The centralized policies provisioned in vSmart controller are pushed to relevant WAN Edge devices for enforcement. The defined policy consists of match-action pairs. The match statement defines the applications on a list or the type of traffic to match, and the action statement defines the SLA action the WAN Edge devices must enforce for the specified traffic.

Cisco SD-WAN Application-Aware Routing consists of three components:

  • Identification – Classify the traffic or application group of interest.
  • Application SLA Requirement – Defining the application SLA requirements.
  • Application-Aware Routing Policy – Policy maps the classified traffic to the transport tunnel based on the defined SLA requirement.

Step One:

  • Retrieve the existing policy definition using the API end point /template/policy/definition/approute/<aar-policy-definition-id>.
  • Run through the API response and modify the required fields. In this example, we are modifying the “preferredColor” key to the new color.
  • Now use the new AAR policy payload and run a PUT request using same API endpoint, such as: /template/policy/definition/approute/<aar-policy-definition-id>.
  • Once an AAR policy sequence is modified using a PUT request, vManage returns the affected master template ids for respective vSmart(s).

Step Two:

Using the affected master template id’s for vSmart devices, we retrieve the device-ids and input CSV variables for the vSmart template using these API endpoints in sequence:

  1. template/device/config/attached/<affected-master-template-id>
  2. /template/device/config/input

Now using the vSmart device CSV values we run a POST request on this API endpoint: /template/device/config/attachfeature. This call completes the vSmart policy update (which contains our AAR policy which was modified).

Step Three:

Finally we can monitor the process-id using the API endpoint: /device/action/status/<process_id> The process_id is part of the response from vManage for the POST request /template/device/config/attachfeature that you completed in Step Two.

When the status is "Done," it means vSmart policy has been updated successfully.

View code on GitHub

Code Exchange Community

Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
Disclaimer:
Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.