Ansible roles and playbooks for deployment and teardown of Cisco SD-WAN on AWS and Azure.
- Overview
- Roadmap
- Requirements
- Installing this collection
- Using this collection
- Troubleshooting
- Useful Links
- Contact Information
- License
- Contributing
- Code of Conduct
- Releasing, Versioning and Deprecation
This repository includes:
aws_network_infrastructureaws_controllersaws_edgesaws_teardown- cisco.sdwan_deployment.common`
azure_controllersazure_edgesazure_teardownazure_controllerstemplate_cloudinit
Ansible roles, which can be used to automate the deployment (and teardown) of SD-WAN systems on the AWS cloud.
In order to have more convenient way of handling next onboarding processes, the aws and azure roles are generating files via:
-
roles/common/tasks/generate_deployment_facts_controllers.ymland -
roles/common/tasks/generate_deployment_facts_edges.yml
Path of this output file customizable via results_dir results_path_controllers and results_path_edges variables in input config file.
Current coverage:
- Deployment on AWS
- Deployment on Azure
- Deployment of:
- vManage
- vBond
- vSmart
- cEdge
- Local installation via Ansible Galaxy
- Installation via git repository link
- Migration to CiscoDevNet/Cisco Open
- Separate role for cloudinit templating
- Share roles via Ansible Galaxy
Future Goals:
- Support for cluster deployment
- Provide AWX (web-based user interface)
- Deployment on GCP
- Enhance cloud-init configuration (complex bringup)
This collection is based on ansible-core==2.16.6, see ansible-core-support-matrix.
Before you begin, ensure you have met the following requirements:
- You have installed Python 3.10 - 3.12
- You have an AWS or Azure account with the necessary permissions
- You have access to a Cisco SD-WAN AMIs on AWS or images on Azure
The python module dependencies are not installed by ansible-galaxy. They can be manually installed using pip:
pip install -r requirements.txtIn requirements.yml inside your project add:
- name: git@github.com:cisco-en-programmability/ansible-collection-sdwan-deployment.git
type: git
version: mainNote: If you are not using full ansible installation, you might install also aws.collection and azure.azcollection by adding:
- name: amazon.aws
version: 6.5.0
- name: azure.azcollection
version: 1.19.0to requirements.yml inside your project.
At the end always run:
ansible-galaxy install -r requirements.ymlNote: Current solution supports topology that consist of vManage, vBond, vSmart and C8000V edge device.
There are configuration files which has been initially filled with values:
.playbooks/aws_sdwan_config.yml.playbooks/azure_sdwan_config.yml
Both files are supplemented by config defaults from all roles.
NOTE: You can call the variables file any name, but remember to choose one option:
- include that name in playbook
- name: Deploy Cisco SD-WAN on AWS
hosts: localhost
roles:
- aws_network_infrastructure
- aws_controllers
vars_files:
- ./playbooks/aws_sdwan_config.yml- or pass the variables by directly including your configuration file with:
ansible-playbook playbooks/aws_deploy_controllers.yml -e "@./playbooks/aws_sdwan_config.yml"(notice @ that suggest we are reffering to the file)
To deploy Cisco SD-WAN on AWS or Azure, run the example playbook using roles:
For AWS:
aws_network_infrastructureaws_controllersaws_edges
For Azure:
azure_network_infrastructureazure_controllersazure_edges
Current version of this solution assumes that users will authenticate with their cloud providers in order to run ansible playbooks. See Useful Links.
We provided example playbooks that you can execute with:
ansible-playbook playbooks/aws_deploy_controllers.yml
ansible-playbook playbooks/aws_deploy_edges.ymlor
ansible-playbook playbooks/azure_deploy_controllers.yml
ansible-playbook playbooks/azure_deploy_edges.ymlFor desired changes, please update configuration files.
To teardown the deployed system, run the example playbook using the aws_teardown role or azure_teardown.
ansible-playbook ./playbooks/aws_teardown.yml
or
ansible-playbook ./playbooks/azure_teardown.ymlIf you want to teardown only specific ec2 instances (with their EiPs and NICs associated):
ansible-playbook ./playbooks/aws_teardown.yml -e "@instances_to_teardown.yml"Where instances_to_teardown.yml is path to file with definition:
teardown_specific_instances:
- "acich-ansible-cedge-111"
- "acich-ansible-cedge-222"Role template_cloudinit provide tasks that can generate cloudinit (also known as userdata) configuration, without deployment of any machines.
Examples usage of template_cloudinit role can be taken from playbooks/template_cloudinit.yml. Note, that in this example playbook, configuration file
is used from playbooks/template_cloudinit.yml.
If your instances are up and running, and you can log to them via ec2 console, please verify that your ip address
is "allow-listed". See aws_allowed_subnets in roles/aws_controllers/defaults/main.yml to verify.
If vManage is not starting NMS service:
- check if your disk /opt/data is more than 20% free. Otherwise that case shutdown application as well
- remember to make sure the sdwan manager and other sdwan virtual machines are right sized for your deployment needs - cisco's server recommendations are available here: server-requirements
Note that azure collection python requirements include package uamqp which can generate wheel issues.
For MacOS you migth install cmake: brew install cmake and: pip install cmake.
Then install working uamqp package (which is below v1.6.9) with: pip install uamqp==1.6.8.
For any questions or concerns, please open an issue on this repository.
See LICENSE file.
See Contributing file.
See Code of Conduct file.
This collection follows Semantic Versioning. More details on versioning can be found in Understanding collection versioning.