At World Wide Technology, our IT department is implementing APIC-EM and I'm helping with the initial deployment. I have an APIC-EM instance running in our Advanced Technology Center (ATC), and I'll be using this for training the IT network operations staff. There are initial router configuration updates required for the Cisco APIC-EM features to work properly. I'll use Cisco ISR G2 routers to demonstrate APIC-EM device discovery. I need the required configuration updates applied to these routers.
The lab is only 4 routers, how long would it take to SSH and apply the changes? I have an existing Ansible playbook in our enterprise GitHub server which configures IOS or IOS-XR routers via FTP. As a challenge to myself, I decided to update the four routers using Ansible Tower rather than applying the changes manually.
To accomplish this, I need to do the following:
Create the IOS configuration file template for the changes required by APIC-EM
Create a playbook to reference the template and list the routers
Define a project and job template in Ansible Tower
Initiate the job from the template.
The job executed successfully on the first initiation, applying the configuration to all routers.
The playbook is rather straight forward. The credentials for the routers are encrypted using Ansible Vault and stored in Git as well.
The point of this exercise is to adjust your mindset that even for minor changes, automate it! Once you have a few jobs, job templates and playbooks configured, you will be surprised how little time it takes to automate configuration changes. It is a matter of viewing your network not through the lens of SSH and the CLI, rather as a configuration file and automation dashboard.
Now that APIC-EM can initiate a network discovery, we can use it as a reference inventory for future network updates.