Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1031
Views
0
Helpful
2
Replies

Anisble ACI - How To Store/Run App Profile Configurations

PJ_Williams
Level 1
Level 1

‎02-03-2022 07:10 AM

Hi All

I've cerated a baisc Ansible playbook that will create the following:

- Tenent, VRF, App Profile, BD, BD Gateway Address, EPG, Contracts (Provider and Consumer for full mesh between EPG's), Conracts associate (prov/cons).

 

It does this from around 7 line of config in a VAR file where some values and dictionary are defined. 

The VAR file could be an application such as "Intranet" or "AD"

 

It works great but before I productionise I have a few questions around best practice. We really want to standardise on Ansible and Ansible Tower for production. That will be a challenge enough for most of our engineers.

 

At first I thought the above could be deined as Infra As Code, but it's not really. If the EPG name is changed, or a the L3 address for the BD is change, Ansible will create an additional resource - it has no way of knowing this is a replacement like Terraform might.

 

So my questions are:

1) How are people using an Ansible and ACI - As a one-time deployment tool or as IAAC and rebuilding based on the code when changes are made.

2) How might I store and deploy the various VAR files with Ansible Tower. A single template for each "app"? A single template and pass in an argument for the required VAR file to be deployed?

 

Any other suggestions around App Profile build in ACI would be appreciated. I'll try and attach my POC VAR file as an example later. 

 

Labels:
0 Helpful
2 Replies 2

Alexander Stevenson
Cisco Employee
Cisco Employee

‎07-10-2023 01:53 PM

Hi @PJ_Williams,

I'm seeing Ansible as a configuration tool in the networking space, although there are a lot of automation uses and also wrappers and plugins to prevent creation of duplicate resources. So, is simple terms, you can use something else in your pipeline to check diffs and existence of files and just use Ansible to make changes or creations - that seems like the easier way, although all or most of that can be done in Ansible as well.

0 Helpful

Ruben Cocheno
Spotlight
Spotlight

‎02-01-2024 06:50 AM

@PJ_Williams 

Are we good to close this?

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/
0 Helpful
Customers Also Viewed These Support Documents