I recently embarked on an automation project in an attempt to automate certain procedures that are necessary to onboard an edge node to an SDA fabric. The idea, which was mentioned in an earlier post, was to automate the following:
-Add device to inventory in DNAC
-Assign NAD to site in DNAC
-Update unique NAD fields in ISE so that authz policies were not conflicting
-Provision device to fabric
-Provision interfaces for host onboarding for user devices and closed auth template
At the moment the first three tasks have been successfully completed, and tested. Unfortunately, there is a current bug relating to the siteNameHierarchy field that is needed in order to leverage other APIs that Cisco is aware of and tracking that creates an issue with task/phase 4 (Provision device to fabric). I have yet to attempt to tackle task 5 since hitting the bug, and the api throttling concerns. See attached for a scrubbed version of code that completes the first three tasks. We have found that this saves a decent amount of time and decreases user interaction with the DNAC admin gui. However, due to tasks 4/5 not being completed there are two manual steps needed which include an admin provisioning the NAD to fabric, and configuring interfaces for onboarding purposes via the DNAC gui. Also, the code was written with python 2.7, there are fields that will need to be tweaked to meet other environments, and this was built specific to our requirements. My hope is that sharing this will assist others wishing to utilize DNAC APIs to automate processes, and hopefully get others working on similar automation projects to share some of their findings from their adventures :)
Note: Script works when an edge node is deployed to field with already configured underlay configs. Also, be careful when tweaking ISE json fields as you may encounter issues with overwriting NAD information already received in ISE from DNAC via pxgrid after assigning to site. Lastly other items will be unique in DNAC db such as site id.
DNAC ver: 1.3.1.3
ISE ver: 2.4p9
