I am writing this article to make you aware of Ansible usage with Cisco Nexus Dashboard/Nexus Dashboard Orchestrator.
I will write one for Terraform with NDO soon.
Previously, I had written an article Getting Started: Cisco MSO with Ansible which is still valid for the most part. However, a few things changed from then to now. At that time the article was written for using Ansible with MSO running on Service Engine.
There has been some fundamental changes since the days of SE/MSO that requires a few changes for Ansible Playbooks to work with ND/NDO:
Steps to make Ansible Playbook work with ND/NDO:
1) Ensure you have Ansible v2.9 or higher (ansible --version)
2) Ensure you have Python V3.x (if you need to install virtual environment with Ansible v2.9 with Python 3.x, please see: Getting Started: Cisco MSO with Ansible )
3) Install the ansible-galaxy collection for MSO ( ansible-galaxy collection install cisco.mso --force )
4) install the ansible-galaxy collection for ND ( ansible-galaxy collection install cisco.nd --force )
Below is a screenshot of my ansible version
5) Build your inventory file:
📗Please note:
- that in the below example, my ND OOB IP is 10.0.0.94
- I’m also forcing my python interpreter to use python3
(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat hosts
[nd]
nd1 ansible_host=10.0.0.94
[nd:vars]
ansible_connection=ansible.netcommon.httpapi
ansible_network_os=cisco.nd.nd
ansible_httpapi_validate_certs=False
ansible_httpapi_use_ssl=True
ansible_httpapi_use_proxy=True
ansible_python_interpreter=/usr/bin/python36) Test out a playbook directly targettng ND.
📗Note:
- In the below example the Ansible playbook is meant to execute directly targeting ND to get the ND Version
- I’m forcing the connection to use httpapi
- I’m using a remote user ( raddb is the domain configured on ND which uses radius. For local users, on ND, just comment out the login_domain and make sure that the username and password contain local users defined on ND)
- If you wanted to shield your password, you can use ansible vault, please see: Getting Started: Cisco MSO with Ansible
(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat nd-simpleQuery_remoteUser.yaml
- hosts: nd
gather_facts: no
connection: httpapi
tasks:
- name: Get ND version
cisco.nd.nd_version:
host: "nd"
username: "soumukhe"
password: "soumu101"
login_domain: "raddb"
validate_certs: false
state: query
#usage: ansible-playbook nd-simpleQuery_remoteUser.yaml -i hosts -vvvBelow Screenshot shows the result of running the playbook in my environment
7) Build or modify your existing MSO playbooks and you are ready to roll.
📗Note:
Please see the ansible collection index for MSO for reference
- In the below example the Ansible playbook is meant to execute directly targeting NDO to get the NDO Version
- I’m forcing the connection to use httpapi
- I’m using a remote user ( raddb is the domain configured on ND which uses radius. For local users, on ND, just comment out the login_domain and make sure that the username and password contain local users defined on ND)
- If you wanted to shield your password, you can use ansible vault, please see: Getting Started: Cisco MSO with Ansible
(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat simpleQueryNDO_remoteUser.yaml
- hosts: nd
gather_facts: no
connection: httpapi
tasks:
- name: Get MSO version from MSO >= 3.2
cisco.mso.mso_version:
host: "nd"
username: "soumukhe"
password: "soumu101"
validate_certs: "no"
login_domain: "raddb"
state: query
register: query_result
# usage: ansible-playbook simpleQueryNDO_remoteUser.yaml -i hosts -vvvBelow Screenshot shows the result of running the playbook in my environment
References: