This is a simpler version of the “Integrated DC Network, Infrastructure & Security Automation” use case that focuses solely on DCNM and vCenter networking automation, specifically the automation of a DCNM-based VXLAN EVPN fabric connecting to a VMware ESXi cluster with a Distributed Virtual Switch.
The Infrastructure-as-Code environment will require the following:
This example will then use the following on-premise domain managers. These will need to be fully commissioned and a suitable user account provided for Terraform to use for provisioning.
The DC Networking module makes the following assumptions:
The vCenter module makes the following assumptions:
https://github.com/cisco-apjc-cloud-se/ist-vcenter-dcnm
October 2021
In this example, both VLAN IDs and VXLAN IDs have been explicity set. These are optional parameters and can be removed and left to DCNM to inject these dynamically from the fabrics' resource pools. However if you chose to use DCNM to do this, Terraform MUST be configured to use a "parallelism" value of 1. This ensures Terraform will only attempt to configure one resource at a time allowing DCNM to allocate IDs from the pool sequentially.
Typically the parallelism would be set in the Terraform cloud workspace environment variables section using the variable name "TFE_PARALLELISM" and value of "1", however this variable is NOT used by Terraform Cloud Agents. Instead the variables "TF_CLI_ARGS_plan" and "TF_CLI_ARGS_apply" must be used with a value of "-parallelism=1"
October 2021 Due to an issue with the Terraform Provider (version 1.0.0) and DCNM API (11.5(3)) the "dcnm_network" resource will not deploy Layer 3 SVIs. This is due to a defaul parameter not being correctly set in the API call. Instead, the Network will be deployed as if the template has the "Layer 2 Only" checkbox set.
There are two workarouds for this
After deploying the network(s), edit the network from the DCNM GUI then immediately save. This will set the correct default parameters and these networks can be re-deployed.
Instead of the using the "Default_Network_Universal" template, clone and modify it as below. Make sure to set the correct template name in the terraform plan under the dcnm_network resource. Please note that the tag value of 12345 must also be explicity set.
Original Lines #119-#123
if ($$isLayer2Only$$ != "true") {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
Modified Lines #119-#125
if ($$isLayer2Only$$ == "true"){
}
else {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
{ "vcenter_dc": "CPOC-HX", "vcenter_dvs": "CPOC-SE-VC-HX", "dcnm_fabric": "DC3", "dcnm_vrf": "GUI-VRF-1", "cluster_interfaces": { "DC3-LEAF-1": { "name": "DC3-LEAF-1", "attach": true, "switch_ports": [ "Ethernet1/11" ] }, "DC3-LEAF-2": { "name": "DC3-LEAF-2", "attach": true, "switch_ports": [ "Ethernet1/11" ] } }, "cluster_networks": { "IST-NETWORK-1": { "name": "IST-NETWORK-1", "description": "Terraform Intersight Demo Network #1", "ip_subnet": "192.168.1.1/24", "vni_id": 32101, "vlan_id": 2101, "deploy": true }, "IST-NETWORK-2": { "name": "IST-NETWORK-2", "description": "Terraform Intersight Demo Network #2", "ip_subnet": "192.168.2.1/24", "vni_id": 32102, "vlan_id": 2102, "deploy": true } } }
In Terraform Cloud for Business, queue a new plan to trigger the initial deployment. Any future changes to pushed to the GitHub repository will automatically trigger a new plan deployment.
If successfully executed, the Terraform plan will result in the following configuration:
New Layer 3 VXLAN network(s) each with the following configuration:
New Distributed Port Groups for each VXLAN network defined above
Changes to the variables defined in the input variable files will result in dynamic, stateful update to DCNM. For example,
This is a simpler version of the “Integrated DC Network, Infrastructure & Security Automation” use case that focuses solely on DCNM and vCenter networking automation, specifically the automation of a DCNM-based VXLAN EVPN fabric connecting to a VMware ESXi cluster with a Distributed Virtual Switch.
The Infrastructure-as-Code environment will require the following:
This example will then use the following on-premise domain managers. These will need to be fully commissioned and a suitable user account provided for Terraform to use for provisioning.
The DC Networking module makes the following assumptions:
The vCenter module makes the following assumptions:
https://github.com/cisco-apjc-cloud-se/ist-vcenter-dcnm
October 2021 In this example, both VLAN IDs and VXLAN IDs have been explicity set. These are optional parameters and can be removed and left to DCNM to inject these dynamically from the fabrics' resource pools. However if you chose to use DCNM to do this, Terraform MUST be configured to use a "parallelism" value of 1. This ensures Terraform will only attempt to configure one resource at a time allowing DCNM to allocate IDs from the pool sequentially.
Typically the parallelism would be set in the Terraform cloud workspace environment variables section using the variable name "TFE_PARALLELISM" and value of "1", however this variable is NOT used by Terraform Cloud Agents. Instead the variables "TF_CLI_ARGS_plan" and "TF_CLI_ARGS_apply" must be used with a value of "-parallelism=1"
October 2021 Due to an issue with the Terraform Provider (version 1.0.0) and DCNM API (11.5(3)) the "dcnm_network" resource will not deploy Layer 3 SVIs. This is due to a defaul parameter not being correctly set in the API call. Instead, the Network will be deployed as if the template has the "Layer 2 Only" checkbox set.
There are two workarouds for this
After deploying the network(s), edit the network from the DCNM GUI then immediately save. This will set the correct default parameters and these networks can be re-deployed.
Instead of the using the "Default_Network_Universal" template, clone and modify it as below. Make sure to set the correct template name in the terraform plan under the dcnm_network resource. Please note that the tag value of 12345 must also be explicity set.
Original Lines #119-#123
if ($$isLayer2Only$$ != "true") {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
Modified Lines #119-#125
if ($$isLayer2Only$$ == "true"){
}
else {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
{
"vcenter_dc": "CPOC-HX",
"vcenter_dvs": "CPOC-SE-VC-HX",
"dcnm_fabric": "DC3",
"dcnm_vrf": "GUI-VRF-1",
"cluster_interfaces": {
"DC3-LEAF-1": {
"name": "DC3-LEAF-1",
"attach": true,
"switch_ports": [
"Ethernet1/11"
]
},
"DC3-LEAF-2": {
"name": "DC3-LEAF-2",
"attach": true,
"switch_ports": [
"Ethernet1/11"
]
}
},
"cluster_networks": {
"IST-NETWORK-1": {
"name": "IST-NETWORK-1",
"description": "Terraform Intersight Demo Network #1",
"ip_subnet": "192.168.1.1/24",
"vni_id": 32101,
"vlan_id": 2101,
"deploy": true
},
"IST-NETWORK-2": {
"name": "IST-NETWORK-2",
"description": "Terraform Intersight Demo Network #2",
"ip_subnet": "192.168.2.1/24",
"vni_id": 32102,
"vlan_id": 2102,
"deploy": true
}
}
}
In Terraform Cloud for Business, queue a new plan to trigger the initial deployment. Any future changes to pushed to the GitHub repository will automatically trigger a new plan deployment.
If successfully executed, the Terraform plan will result in the following configuration:
New Layer 3 VXLAN network(s) each with the following configuration:
New Distributed Port Groups for each VXLAN network defined above
Changes to the variables defined in the input variable files will result in dynamic, stateful update to DCNM. For example,
This is a simpler version of the “Integrated DC Network, Infrastructure & Security Automation” use case that focuses solely on DCNM and vCenter networking automation, specifically the automation of a DCNM-based VXLAN EVPN fabric connecting to a VMware ESXi cluster with a Distributed Virtual Switch.
The Infrastructure-as-Code environment will require the following:
This example will then use the following on-premise domain managers. These will need to be fully commissioned and a suitable user account provided for Terraform to use for provisioning.
The DC Networking module makes the following assumptions:
The vCenter module makes the following assumptions:
https://github.com/cisco-apjc-cloud-se/ist-vcenter-dcnm
October 2021 In this example, both VLAN IDs and VXLAN IDs have been explicity set. These are optional parameters and can be removed and left to DCNM to inject these dynamically from the fabrics' resource pools. However if you chose to use DCNM to do this, Terraform MUST be configured to use a "parallelism" value of 1. This ensures Terraform will only attempt to configure one resource at a time allowing DCNM to allocate IDs from the pool sequentially.
Typically the parallelism would be set in the Terraform cloud workspace environment variables section using the variable name "TFE_PARALLELISM" and value of "1", however this variable is NOT used by Terraform Cloud Agents. Instead the variables "TF_CLI_ARGS_plan" and "TF_CLI_ARGS_apply" must be used with a value of "-parallelism=1"
October 2021 Due to an issue with the Terraform Provider (version 1.0.0) and DCNM API (11.5(3)) the "dcnm_network" resource will not deploy Layer 3 SVIs. This is due to a defaul parameter not being correctly set in the API call. Instead, the Network will be deployed as if the template has the "Layer 2 Only" checkbox set.
There are two workarouds for this
After deploying the network(s), edit the network from the DCNM GUI then immediately save. This will set the correct default parameters and these networks can be re-deployed.
Instead of the using the "Default_Network_Universal" template, clone and modify it as below. Make sure to set the correct template name in the terraform plan under the dcnm_network resource. Please note that the tag value of 12345 must also be explicity set.
Original Lines #119-#123
if ($$isLayer2Only$$ != "true") {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
Modified Lines #119-#125
if ($$isLayer2Only$$ == "true"){
}
else {
interface Vlan$$vlanId$$
if ($$intfDescription$$ != "") {
description $$intfDescription$$
}
{
"vcenter_dc": "CPOC-HX",
"vcenter_dvs": "CPOC-SE-VC-HX",
"dcnm_fabric": "DC3",
"dcnm_vrf": "GUI-VRF-1",
"cluster_interfaces": {
"DC3-LEAF-1": {
"name": "DC3-LEAF-1",
"attach": true,
"switch_ports": [
"Ethernet1/11"
]
},
"DC3-LEAF-2": {
"name": "DC3-LEAF-2",
"attach": true,
"switch_ports": [
"Ethernet1/11"
]
}
},
"cluster_networks": {
"IST-NETWORK-1": {
"name": "IST-NETWORK-1",
"description": "Terraform Intersight Demo Network #1",
"ip_subnet": "192.168.1.1/24",
"vni_id": 32101,
"vlan_id": 2101,
"deploy": true
},
"IST-NETWORK-2": {
"name": "IST-NETWORK-2",
"description": "Terraform Intersight Demo Network #2",
"ip_subnet": "192.168.2.1/24",
"vni_id": 32102,
"vlan_id": 2102,
"deploy": true
}
}
}
In Terraform Cloud for Business, queue a new plan to trigger the initial deployment. Any future changes to pushed to the GitHub repository will automatically trigger a new plan deployment.
If successfully executed, the Terraform plan will result in the following configuration:
New Layer 3 VXLAN network(s) each with the following configuration:
New Distributed Port Groups for each VXLAN network defined above
Changes to the variables defined in the input variable files will result in dynamic, stateful update to DCNM. For example,
Owner
Contributors
Categories
Products
IntersightProgramming Languages
HCLLicense
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View Community