cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4519
Views
2
Helpful
4
Replies

DNAC CLI Template

BlueyVIII
Level 5
Level 5

Hi,

I have a customer who has a large estate spread across multiple regions. We've set-up the Network Hierarchy to reflect the geographic locations and buildings.

Most of the switches across the whole network have config that is around 95% the same for consistency, however, there are some small regional differences for things such as L2 VLAN's, Regional Radius Servers, EIGRP config, etc

I was hoping to use DNAC Templates to help with this consistency and automation of onboarding going forward, by applying most of the config via CLI Template at an Organisation Level, with the region specific config applied via another template at the next level down in the hierarchy. However, it would appear that DNAC won't let me attach 2 network profiles to the same container in the hierarchy.

The Hierarchy is currently something like :-

  • Global -> Organisation (Where 95% of the config can be applied)
  • Global -> Organisation->Region A (Where I'd like to apply config specific to this region)
  • Global -> Organisation ->Region B (Where I'd like to apply config specific to this region)
  • Global -> Organisation ->Region C (Where I'd like to apply config specific to this region)

Is there a way I can do this with a hierarchy of simple template scripts, or will it need to be a fairly complex CLI Template script applied at the organisational level??

Hope that makes sense, would welcome guidance...

 

1 Accepted Solution

Accepted Solutions

Preston Chilcote
Cisco Employee
Cisco Employee

This should get you started with the basics:

https://github.com/kebaldwi/DNAC-TEMPLATES/tree/master/LABS/LAB-D-Composite-Template

To start simple, create a few composite templates (named "Site A", "Site B", Site C")(I think they need to be in the same Template Project) , one "Shared" Regular Template, and 3 site specific Regular Templates ("A-config", "B-config", "C-config".  Each composite will reference 2 regular templates, "Shared", and "A-config," for one the first Composite Template, then "Shared, and "B-config" for the second, and so on.

Then when it comes to creating network profiles, create a different network profile for each Site and reference the composite template name that maps to that site.

View solution in original post

4 Replies 4

Preston Chilcote
Cisco Employee
Cisco Employee

One of these tools should help.  For simplicity, I'm assuming all the hardware product families are the same:

1) Use composite templates.  Each Region gets it's own Network profile specifying a unique composite template.  Each composite template is built of the shared config and the special config.  That still lets you manage the shared config in a single place.

2) Use Tags.  Tag all the devices at Region A with a unique Tag (this is done in Inventory).  Keep the shared template untagged, but tag the "special" template with the same tag from Region A (this is done in the template properties).  Then when you go to provision, I believe DNA always apply an untagged template, plus any templates that match the tag of the device..

Thanks for the reply. I had considered the use of tags but my only concern is that it requires some discipline on behalf of the person provisioning the device, and if they forget to apply the correct tag the config wont be apply correctly. Unless there’s a way to force a tag on a device using policy (based on the site its provision to)??

Would you mind expanding on the idea of composite templates please. I’m fairly new to DNA centre and Velocity/Jinja scripting.

Thanks again…

Preston Chilcote
Cisco Employee
Cisco Employee

This should get you started with the basics:

https://github.com/kebaldwi/DNAC-TEMPLATES/tree/master/LABS/LAB-D-Composite-Template

To start simple, create a few composite templates (named "Site A", "Site B", Site C")(I think they need to be in the same Template Project) , one "Shared" Regular Template, and 3 site specific Regular Templates ("A-config", "B-config", "C-config".  Each composite will reference 2 regular templates, "Shared", and "A-config," for one the first Composite Template, then "Shared, and "B-config" for the second, and so on.

Then when it comes to creating network profiles, create a different network profile for each Site and reference the composite template name that maps to that site.

BlueyVIII
Level 5
Level 5

Thanks for that - really helpful and I think I have a way forward with Composite Templates!

My next challenge is creating a script that can identify the copper ports on a stack of 9300's (which could have up to 6 members, and a mixture of 24 and 48 copper ports on each member) so I can set an access and voice vlan for each of them.

If possible, I'd also like to determine if the Fibre Uplink ports on switches 1 & 2 are 1GBE or 10GBE so I can configure them as Trunks and create a port-channel automatically??

IMy scripting/programming experience is limited, so grateful for any help??