I'm looking for some more guidance regarding CLI templates. These apparently need to be intent-based to work.

Thus far, we've configured 4 routers in our environment, but we've done this by setting the config directly in the router's CLI. As we have about 100+ routers in this entire project, we would want to use the CLI template.

The problem is, I haven't found much in terms of documentation, except this https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/System-Interface/systems-interfaces-book-xe-sdwan/cli-template.html 

However, it does not describe what exactly is the intent-based CLI syntax.

Right now, I have to edit a template, make a change, save the template, click on the three dots, attach to devices, select the device, click okay (i don't have variables just yet!), then be presented the config screen of the template and THEN i'll discover whether my change will be accepted or not.

Simple example snippet of our config:

TEST-DEVICE01#sh sdwan running-config
system
 gps-location latitude 1.11111
 gps-location longitude 1.11111
 system-ip             1.1.1.1
 site-id               999
 admin-tech-on-failure
 organization-name     "ORG"
 upgrade-confirm       15
 vbond ORG.viptela.net
!
no service pad
service password-encryption
service timestamps debug datetime msec
service timestamps log datetime msec
no service tcp-small-servers
no service udp-small-servers
hostname TEST-DEVICE01
<!other code omitted>

This is translated to the following 'intent' by the vManage when using the above steps and clicking the INTENT button:

system
 system-ip 1.1.1.1
 gps-location latitude 1.11111
 gps-location longitude 1.11111
 site-id 999
 admin-tech-on-failure
 organization-name "ORG"
 logging
  disk
   enable
omp
 no shutdown
 graceful-restart
!
security
 ipsec
  authentication-type ah-sha1-hmac sha1-hmac
 !
!
no service pad
no service tcp-small-servers
no service udp-small-servers
hostname TEST-DEVICE01
<!other code omitted>

Sure... okay..

The intent based config to make a basic config work (as per the URL) that I put in a template:

system
 host-name TEST-DEVICE01
 system-ip 1.1.1.1
 gps-location latitude 1.11111		
 gps-location longitude 1.11111
 site-id 999
 admin-tech-on-failure
 organization-name "ORG"
 logging
  disk
   enable
omp		
 no shutdown		
 graceful-restart		
security		
 ipsec		
  authentication-type ah-sha1-hmac sha1-hmac		

The above code is an adaptation from the code that is proposed in the URL I linked earlier. However, this code block is different from the 2nd code block in my post. So, I thought, let's copy some of that stuff from code block 2, so I'll end up with a device config closer to what is currently on our test devices.

Specifically, I'm talking about the diff between current and future config (after accepting) that I see when I apply the above template code from code block 3. As an example, when I move the hostname in the intent-based outside of system to match with what I see in the diff -and code block 2-, it completely breaks!!

Change to be more in line with code block 2 on the hostname:

system
 system-ip 1.1.1.1
 gps-location latitude 1.11111		
 gps-location longitude 1.11111
 site-id 999
 admin-tech-on-failure
 organization-name "ORG"
 logging
  disk
   enable
omp		
 no shutdown		
 graceful-restart		
security		
 ipsec		
  authentication-type ah-sha1-hmac sha1-hmac
host-name TEST-DEVICE01		

So now I have to jump through 5 hoops again just to edit the template and test another minor change.

I have 2 question about this whole ordeal:

1. Where is the verification of the config???? This is an absolute must-have feature! If intent-based is supposed to understand what I want, why does it not understand what I mean by hostname when I put it elsewhere in the file? Isn't the intent clear?
   I don't know what is the 'intent' config that the vManage give me about the current state of the device, but it does not work even when copy pasting it into a template. Copying the current sdwan running-config on the device doesn't either.
2. Is there any documentation out there, besides the aforementioned URL, regarding SDWAN intent config syntax? Perhaps some code verification tool???

Apparently, I'm supposed to figure it out with my magic wand and jump through 10 screens every time to test a single change. It's simply not doable!

This is taking a lot of precious time and will be a pain to manage in the future. Even if I get this stuff down, imagine how it will be for another (sys)admin that wants to make one minor adjustment. Just consider having to test 30 times a simple config change, just because there is no code validation.

Kr.