Ansible roles and playbooks for deployment and teardown of Cisco SD-WAN on AWS and Azure.
- Overview
- Roadmap
- Requirements
- Installing this collection
- Using this collection
- Troubleshooting
- Useful Links
- Contact Information
- License
- Contributing
- Code of Conduct
- Releasing, Versioning and Deprecation
This repository includes:
aws_network_infrastructure
aws_controllers
aws_edges
aws_teardown
- cisco.sdwan_deployment.common`
azure_controllers
azure_edges
azure_teardown
azure_controllers
template_cloudinit
Ansible roles, which can be used to automate the deployment (and teardown) of SD-WAN systems on the AWS cloud.
In order to have more convenient way of handling next onboarding processes, the aws
and azure
roles are generating files via:
-
roles/common/tasks/generate_deployment_facts_controllers.yml
and -
roles/common/tasks/generate_deployment_facts_edges.yml
Path of this output file customizable via results_dir
results_path_controllers
and results_path_edges
variables in input config file.
Current coverage:
- Deployment on AWS
- Deployment on Azure
- Deployment of:
- vManage
- vBond
- vSmart
- cEdge
- Local installation via Ansible Galaxy
- Installation via git repository link
- Migration to CiscoDevNet/Cisco Open
- Separate role for cloudinit templating
- Share roles via Ansible Galaxy
Future Goals:
- Support for cluster deployment
- Provide AWX (web-based user interface)
- Deployment on GCP
- Enhance cloud-init configuration (complex bringup)
This collection is based on ansible-core==2.16.6
, see ansible-core-support-matrix.
Before you begin, ensure you have met the following requirements:
- You have installed Python 3.10 - 3.12
- You have an AWS or Azure account with the necessary permissions
- You have access to a Cisco SD-WAN AMIs on AWS or images on Azure
The python module dependencies are not installed by ansible-galaxy. They can be manually installed using pip:
pip install -r requirements.txt
In requirements.yml
inside your project add:
- name: [email protected]:cisco-en-programmability/ansible-collection-sdwan-deployment.git
type: git
version: main
Note: If you are not using full ansible installation, you might install also aws.collection
and azure.azcollection
by adding:
- name: amazon.aws
version: 6.5.0
- name: azure.azcollection
version: 1.19.0
to requirements.yml
inside your project.
At the end always run:
ansible-galaxy install -r requirements.yml
Note: Current solution supports topology that consist of vManage, vBond, vSmart and C8000V edge device.
There are configuration files which has been initially filled with values:
.playbooks/aws_sdwan_config.yml
.playbooks/azure_sdwan_config.yml
Both files are supplemented by config defaults from all roles.
NOTE: You can call the variables file any name, but remember to choose one option:
- include that name in playbook
- name: Deploy Cisco SD-WAN on AWS
hosts: localhost
roles:
- aws_network_infrastructure
- aws_controllers
vars_files:
- ./playbooks/aws_sdwan_config.yml
- or pass the variables by directly including your configuration file with:
ansible-playbook playbooks/aws_deploy_controllers.yml -e "@./playbooks/aws_sdwan_config.yml"
(notice @ that suggest we are reffering to the file)
To deploy Cisco SD-WAN on AWS or Azure, run the example playbook using roles:
For AWS:
aws_network_infrastructure
aws_controllers
aws_edges
For Azure:
azure_network_infrastructure
azure_controllers
azure_edges
Current version of this solution assumes that users will authenticate with their cloud providers in order to run ansible playbooks. See Useful Links.
We provided example playbooks that you can execute with:
ansible-playbook playbooks/aws_deploy_controllers.yml
ansible-playbook playbooks/aws_deploy_edges.yml
or
ansible-playbook playbooks/azure_deploy_controllers.yml
ansible-playbook playbooks/azure_deploy_edges.yml
For desired changes, please update configuration files.
To teardown the deployed system, run the example playbook using the aws_teardown
role or azure_teardown
.
ansible-playbook ./playbooks/aws_teardown.yml
or
ansible-playbook ./playbooks/azure_teardown.yml
If you want to teardown only specific ec2 instances (with their EiPs and NICs associated):
ansible-playbook ./playbooks/aws_teardown.yml -e "@instances_to_teardown.yml"
Where instances_to_teardown.yml
is path to file with definition:
teardown_specific_instances:
- "acich-ansible-cedge-111"
- "acich-ansible-cedge-222"
Role template_cloudinit
provide tasks that can generate cloudinit
(also known as userdata
) configuration, without deployment of any machines.
Examples usage of template_cloudinit
role can be taken from playbooks/template_cloudinit.yml
. Note, that in this example playbook, configuration file
is used from playbooks/template_cloudinit.yml
.
If your instances are up and running, and you can log to them via ec2 console, please verify that your ip address
is "allow-listed". See aws_allowed_subnets
in roles/aws_controllers/defaults/main.yml
to verify.
If vManage is not starting NMS service:
- check if your disk /opt/data is more than 20% free. Otherwise that case shutdown application as well
- remember to make sure the sdwan manager and other sdwan virtual machines are right sized for your deployment needs - cisco's server recommendations are available here: server-requirements
Note that azure collection python requirements include package uamqp
which can generate wheel issues.
For MacOS you migth install cmake: brew install cmake
and: pip install cmake
.
Then install working uamqp
package (which is below v1.6.9
) with: pip install uamqp==1.6.8
.
For any questions or concerns, please open an issue on this repository.
See LICENSE file.
See Contributing file.
See Code of Conduct file.
This collection follows Semantic Versioning. More details on versioning can be found in Understanding collection versioning.