Execution
Change via the pipe

In this section we are going to show you the complete integration that you built to push changes in the Ansible data structures that will then push the configuration to the ACI fabric.

From a top level view the diagram to the right shows what you will perform following and would be the standard way of pushing configuration changes into the ACI fabric utilizing this method that is also known as Infrastructure as Code. All changes go through the SCM (GIT) to be evaluated, verified and then pushed into production.

This is software disciplines applied to the network infrastructure.

Note

For the next steps proceed to the Visual Studio Code IDE interface.

Step 1 - Add a network element for ACI

In this step you will add a new EPG into your configuration files that are now part of this GIT repository. In the editor find the file apic.yml under host_vars/ directory and open it by double-clicking on it. We are going to make a simple silly change by adding a new EPG to your previously created list called database2 that will allow us to see the complete flow of changes from the SCM to the ACI fabric.


          - name: database2
            bd: database
            description: POD22 Database2 EPG

Step 2 - Commit changes and push into GitLab

You now have to commit the changes into the GIT.


git commit -a -m "Add new EPG"

And now you can run the git push command to push the changes into the repository.


git push

And this should push these changes into the repository server.

Note

For the next steps proceed to the GitLab web page interface.

Step 3 - Create Merge Request

In the GitLab webpage interface:

You need to click on </> Code menu to select the Merge Requests option which will present you with the screen below.


For which you will click on the New merge request button.

Then the following screen will be presented to you. You will select the develop branch as the source branch and the main as the target branch. Then click on the Compare branches and continue button.


For the title you can enter Add new EPG and then click on the Submit merge request.

And click on Merge to complete.


You can click on the pipeline number to follow the execution

Click on the pipeline link to see the execution of the pipeline.


When you click on deploy it will present the log of the execution of the pipeline.


In the logs of the execution you shoud see that ansible now ran and detected that it needed to make a change in ACI to push the configuration change that was defined in code.

You can see that the TASK shows as changed which means that it did a change in the ACI fabric.

You should see in the log that Ansible did a change for the database2 EPG.

TASK [apic : CREATE EPG(S)] ****************************************************
ok: [apic -> localhost] => (item={'tenant': 'aciproglab22', 'ap': 'POD22_APP', 'bd': 'web', 'epg': 'web', 'desc': 'POD22 WEB EPG'})
ok: [apic -> localhost] => (item={'tenant': 'aciproglab22', 'ap': 'POD22_APP', 'bd': 'database', 'epg': 'database', 'desc': 'POD22 Database EPG'})
changed: [apic -> localhost] => (item={'tenant': 'aciproglab22', 'ap': 'POD22_APP', 'bd': 'database', 'epg': 'database2', 'desc': 'POD22 Database2 EPG'})
PLAY RECAP *********************************************************************
apic                       : ok=7    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0 

Conclusion

In this section you have seen how to use a CI/CD pipeline to push changes into the ACI fabric using Ansible and GitLab. Now image how this can be used in your network operations. Instead of having to log into the ACI fabric and make changes manually, you can utilize this method to push changes in a controlled manner, with the ability to review and test these.

In the following chart:

You can see a high level view of the flow of changes that you just performed. With the SCM (GIT) being the source of truth for the configuration that you can use this tool for access control. You can control who has access to the primary branch where automation is controlled, making it such that only after merge requests are approved and tested, the changes are pushed into production.

This is what we know as software principles applied to the network infrastructure. This is the way that the industry is moving towards, also known as Infrastructure as Code (IaC). This methodology also allows for different implementations that can benefit you. One of these options is the exciting new technology for automation developed in Cisco called Net as Code which simplifies the proces by removing the necesity of developing and manaaging code.