In this episode of ourongoing Catalyst Center Automation Series, our focus is on using multiple dynamic approaches to automating the network.We have previously, in the series, concentrated our efforts on specific concepts concerning automation. Still, in this Self-Paced Standalone Lab, we will start to combine various ideas to give you a more in-depth look at what is possible through automation provided by Catalyst Center. We will automate the access layer with Dynamic templates, which can auto-provision ports based on PoE events. During this lab, we will utilize various velocity templates discussed in Lab 7 to deal with specific use cases so that Catalyst Center provisioning can enable those use cases via automation. This enables you, the network administrator, with the capability to solve more types of configuration issues from Catalyst Center and to deal with the dynamics of an enterprise network.
Unlike the previous Labs in the series, this lab is a self-contained lab and has no dependencies on any of the previous labs. While you can add concepts from Labs 5 and 6 to this lab, it is designed to have no pre-configuration. It utilizes various automation techniques to show the complete art of the possible in a non-Software Defined Access approach.
Within this series, we cover the following;
This is an enablement-type lab, and it allows customers to reach beyond what they currently understand by trying new concepts, really pushing the boundaries of automation. We will cover various topics about template logic to solve multiple use cases during this lab. We cover some previous concepts with an in-depth focus on broadening their capabilities.
The concept of this lab is for you to build the environment from Discovery and PnP through to deployment. Allowing a safe place for you to try, modify, and get used to the various concepts and approaches.
The Lab is built for minimal intervention making use of things likeRest-APIrun viaPostmanwithin a collection runner to quickly configure Catalyst Center. This allows us to deploy Settings, Credentials, Discover Devices, Build Sites, Buildings, Floors, and assign the devices to those sites. This is a powerful example of what can be done, because it demonstrates how quickly you can get Catalyst Center up and running utilizingRest-APIusing just one tool.
For the Microsoft Windows environment, DNS and DHCP services are implemented using aPowerShell scriptfor speed of implementation. This allows us to quickly add DHCP Scopes and DNS Entries for the required services in the lab environment.
We use templates within the lab to configure all the hardware equipment, in preparation for the Plug and Playonboarding of the access switch, and then deploy the DayN Composite template to completely configure the switch in the most dynamic way possible allowing for the use of low-impact mode dependent on what type of device is plugged into the switch. All templates and projects for Catalyst Center in the lab are downloaded as JSON files and imported allowing for minimal set up time.
There are so many advanced configurations offered within the lab that time should be spent after set up to delve into and understand them all. Once you have mastered all these concepts you should be at the point where you can deal with most automation tasks demanded in modern enterprise networks.
The various topics we will touch on and deploy within the lab consist of the following:
We will cover the Topics above in several use cases to show the capability and flexibility of the templating engine within Catalyst Center. In this lab we utilize Velocity language. Similarly, we can utilize the Jinja2 language although not in this lab. These were the topics in the previous lab we covered which are relevant:
We will gain a practical understanding of the steps associated with setting up a Catalyst Center and an environment to support complex, advanced, regular templates to deliver device configuration during these labs. The labs aim to aid engineers in rapidly beginning using Catalyst Center automation and help them work towards a global template strategy. Additionally, these labs will give customers a permanent place to try out the regular and composite templates and include configurations for various use cases. Finally, this environment will enable engineers to reduce the time and effort needed to instantiate the network.
In these labs, we useAutoconf, a solution that manages port configurations for data or voice VLAN, quality of service (QoS) parameters, storm control, and MAC-based port security on end devices to deploy configuration in an automated way in the access layer of a network. Device classification is enabled when you enable theAutoconf feature using the autoconf enable
global configuration mode command. The device detection acts as an event trigger, which in turn applies the appropriate automatic template to the interface. When theAutoconffeature is enabled using the autoconf enable
command, the default Autoconf service policy is applied to all the interfaces. For more information about Autoconf. Autoconfand service-policies at this time cannot co-exist on the same interface and so for interfaces which have templates statically assigned to the interface with service-policy attachment for authentication we may employ other methods to make the interface Dynamic.
EEM scriptsuse some kind of event to trigger them. Within theEEM script, you can reconfigure interfaces, send event notifications via email and much more. In this lab we useEEM scriptsto reconfigure interfaces on a down event to a base closed authentication template, and modify them to low impact mode when a PoE Power up event is detected. The uses for such a script are numerous, and this lab covers one specific use case but an imaginative mind can come up with many other uses for such a feature.
Figure 2. EEM ScriptsSelf-Destructing EEM scripts are those that delete themselves on termination. Within theEEM script, code removes theEEM appletfrom the configuration, and then writes the configuration to NVRAM. The uses for such a script are numerous, and this lab covers one specific use case but an imaginative mind can come up with many other uses for such a feature.
While not covering all the aspects of IBNS 2.0, we cover the configuration that we may implement in order to allow for automating host onboarding within anon-SD-Access campus network. These concepts while not built into a formal UI within Catalyst Center for legacy networks allow organizations that wish to automate their infrastructure the chance to automate.
The format of the code within all these sections of the lab is in an easy copy-to-paste window allowing you to import them into Catalyst Center simply by pasting them into the editor.
Within DCLOUD, several sandbox-type labs are available. These self-contained environments are there to allow you to use them as you please within the time scheduled. In addition, this allows us a place to start practicing various concepts without fear of impacting production environments.
As a result, we hope to demystify some of the complexities of setting up automation and help guide customers through the caveats. Therefore, to aid customers in the transition toward automation, we have put together a set of small helpful labs within a GitHub repository. In this way, these self-guided labs provide a glimpse into the fundamentals of building velocity templates and offer examples that you can download and expand from. In addition, thesample templates and JSON files supplied are for easy import into Catalyst Centers' template editor for quicker adoption. Lastly, some scripts are ready-made excerpts of code that allow you to build the environment to test.
In this practical lab, Dynamic Automation, we step by step delve into advanced automation methods and ways to utilize them to solve various use cases. Second, we provide answers and explanations to many of the questions that come up during automation workshops. We hope that you find the information both helpful and informative.
To help customers succeed with Cisco Catalyst Center automation, you may utilize the above labs as they have been designed to work within DCLOUD's Cisco Enterprise Networks Hardware Sandbox Labs in either:
The DCLOUD labs allow you to run these labs and gives an environment to try the various code samples. You may choose to develop and export your code for use in production environments. Also, this gives you an environment where you can safely POC/POV methods and steps without harming your production environments. The DCLOUD environment also negates the need for shipping equipment, lead times, and licensing issues needed to get moving rapidly. Please do adhere to the best practices for the DCLOUD environment when using it.
The environment allows for a web-based browser client for VPN-less connectivity. Additionally, there is AnyConnect VPN client connectivity for those who prefer it. Choose the Cisco Enterprise Network Sandbox. Additionally, you may choose from our San Jose and RTP Facilities labs by either selecting US East or US West. To access this or other content, demonstrations, and labs in DCLOUD, please directly work with your Cisco or Partner Account Team. Your Account teams will schedule the session and share it for you to use. Once booked, follow the guide within GitHub to complete the tasks adhering to the best practices of the DCLOUD environment.
The Dynamic Automation,lab content is located within the existing DNAC-TEMPLATES repository to give a one-stop-shop for all the necessary tools, scripts, templates, and code samples. Within it are seven labs, which build upon the tutorials to test the methods in a lab environment. The repository was featured in a previous post on Cisco Blogs about Catalyst Center Templates earlier in May 2021.
The previously named DNAC Template LABS within theDNAC-TEMPLATESGitHub repository aim to guide you through the typical steps required to enable the various automation tasks delivered by Catalyst Center. This lab will give examples of templates used in Catalyst Center that we can modify for our use and test on equipment within the LAB environment. Additional information within the lab provides a well-rounded explanation of Automation methods with Templates. Lastly, the lab allows for customers to use Catalyst Center workflows to practice deploying Onboarding, DayN Templates, and Application Policy automation on both Wired and Wireless Platforms.
The goal of this lab is for it to be a practical guide to aid engineers to rapidly begin using Catalyst Center automation and help them work towards a deployment strategy. Additionally, this lab will give customers a permanent place to try out the configurations for various use cases. Finally, this environment will enable engineers to reduce the time and effort needed to instantiate the network.
As a result, you will gain experience in setting up Plug and Play onboarding and templates and utilizing all features. Additionally, you will use advanced templating methods and troubleshooting tools. These may help during faultfinding to determine what is failing in a deployment.
Please use this menu to navigate the various sections of this GitHub repository. Within the multiple folders are examples and explanation readme files for reference. There are now two sets of labs, and these are being continually expanded upon.
This newer and more modular lab approach is designed to deal with and includes concepts from the legacy labs in a newer more modular format.
In this section you will continue to find all the existing labs which deal with specifics in separate easy to do labs.
We will share additional labs and content in an ongoing effort to fulfill all your automation needs with Catalyst Center.
In conclusion, if you found this set of labs and repository helpful,
please fill in comments and feedback on how it could be improved.
We'd love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco on social!
Check out our Cisco Networking video channel
Subscribe to the Networking blog