cisco.dnac.lan_automation_workflow_manager module -- Automate network discovery, deployment, and device configuration with LAN Automation in Cisco Catalyst Center.

Note

This module is part of the cisco.dnac collection (version 6.27.0).

To install it, use: ansible-galaxy collection install cisco.dnac. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.dnac.lan_automation_workflow_manager.

New in cisco.dnac 6.20.0

Synopsis

  • Configuring LAN Automation sessions in Cisco Catalyst Center for automated discovery of devices and their integration into the network.

  • Updating LAN Automation device configurations, including loopback addresses, hostnames, and link configurations.

  • Automatically stopping an ongoing LAN Automation session based on conditions like timeout or discovery device list completion, without explicitly calling the stop API.

  • Additionally, it provides functionalities to stop ongoing LAN Automation sessions and to handle PnP device authorization.

Requirements

The below requirements are needed on the host that executes this module.

  • dnacentersdk >= 2.9.2

  • python >= 3.9

Parameters

Parameter

Comments

config

list / elements=dictionary / required

A list containing detailed configurations for creating and stopping a LAN Automation session, and also for updating loopback addresses, hostnames, and link configurations for LAN automated devices. Each element in the list represents a specific operation to be performed on the LAN automation infrastructure.

lan_automated_device_update

dictionary

Configuration for updating device settings discovered through LAN Automation.

hostname_update_devices

list / elements=dictionary

List of devices to update with new hostnames.

device_management_ip_address

string / required

Management IP address of the device.

new_host_name

string / required

New hostname for the device.

dictionary

Add a new link between two devices.

string / required

Interface name on the destination device.

string / required

Management IP address of the destination device.

string / required

Name of the IP pool configured within LAN Automation, from which IP addresses will be allocated for the new link.

string / required

Interface name on the source device.

string / required

Management IP address of the source device.

dictionary

Remove an existing link between two devices.

string / required

Interface name on the destination device.

string / required

Management IP address of the destination device.

string / required

Interface name on the source device.

string / required

Management IP address of the source device.

loopback_update_device_list

list / elements=dictionary

List of devices to update with new loopback IP addresses.

device_management_ip_address

string / required

Management IP address of the device.

new_loopback0_ip_address

string / required

New Loopback0 IP Address for the device, sourced from the LAN pool associated with the device discovery site.

lan_automation

dictionary

Configuration for starting or stopping LAN Automation sessions.

device_serial_number_authorization

list / elements=string

A list of serial numbers of devices to be authorized during the session.

discovered_device_site_name_hierarchy

string / required

Site hierarchy where the discovered devices will be placed.

discovery_devices

list / elements=dictionary

A list of devices to be discovered during the LAN Automation session. If only a device list is provided without a timeout, stop processing will occur once all devices from the list are discovered. The maximum number of devices that can be provided for a session is 50. If both the discovery devices list and timeout are provided, the stop processing will be attempted whichever happens earlier. Users may choose to use the LAN Automation 'deleted' state to stop processing at any time.

device_host_name

string

Hostname of the device to be discovered.

device_management_ip_address

string

Management IP address of the device.

device_serial_number

string / required

Serial number of the device to be discovered.

device_site_name_hierarchy

string

Site hierarchy where the device will be placed after discovery.

discovery_level

integer

Depth of the discovery during LAN automation (e.g., Level 1-5 below the primary seed device).

Default: :ansible-option-default:`2`

discovery_timeout

integer

Timeout for device discovery during LAN Automation, in minutes. Until this time, stop processing will not be triggered. Any device contacting after the provided discovery timeout will not be processed, and a device reset and reload will be attempted to bring it back to the PnP agent state before process completion. The supported timeout range is in minutes [20-10080]. If both 'discovery_timeout' and 'discovery_devices' are provided, processing will stop based on whichever occurs earlier. Users can always use the LAN Automation deleted state to force stop processing.

host_name_prefix

string

Prefix used for auto-generating hostnames during the LAN Automation session.

ip_pools

list / elements=dictionary / required

A list of IP pools used during the LAN Automation session.

ip_pool_name

string / required

Name of the IP pool.

ip_pool_role

string / required

Role of the IP pool in the automation session, either MAIN_POOL or PHYSICAL_LINK_POOL.

Choices:

isis_domain_pwd

string

Password for IS-IS domain configuration.

launch_and_wait

boolean

Flag indicating whether the task should pause until the LAN Automation session completes before continuing to subsequent tasks. If set to false, the process will move to the next task immediately.

Choices:

multicast_enabled

boolean

Flag to enable multicast routing in the LAN Automation session.

Choices:

peer_device_management_ip_address

string

Management IP address of the peer device in the LAN Automation session.

pnp_authorization

boolean

Flag to enable Plug and Play (PnP) authorization for devices discovered during the session.

Choices:

primary_device_interface_names

list / elements=string / required

A list of interface names on the primary device to be used for LAN automation.

primary_device_management_ip_address

string / required

Management IP address of the primary or seed device in the LAN Automation session.

redistribute_isis_to_bgp

boolean

Flag to enable the redistribution of IS-IS routes to BGP.

Choices:

config_verify

boolean

Set to true to verify the LAN Automation config after applying the playbook config.

Choices:

dnac_api_task_timeout

integer

The maximum time to wait for a task to complete on Cisco DNA Center for LAN Automation.

Default: :ansible-option-default:`604800`

dnac_debug

boolean

Indicates whether debugging is enabled in the Cisco Catalyst Center SDK.

Choices:

dnac_host

string / required

The hostname of the Cisco Catalyst Center.

dnac_log

boolean

Flag to enable/disable playbook execution logging.

When true and dnac_log_file_path is provided, - Create the log file at the execution location with the specified name.

When true and dnac_log_file_path is not provided, - Create the log file at the execution location with the name 'dnac.log'.

When false, - Logging is disabled.

If the log file doesn't exist, - It is created in append or write mode based on the "dnac_log_append" flag.

If the log file exists, - It is overwritten or appended based on the "dnac_log_append" flag.

Choices:

dnac_log_append

boolean

Determines the mode of the file. Set to True for 'append' mode. Set to False for 'write' mode.

Choices:

dnac_log_file_path

string

Governs logging. Logs are recorded if dnac_log is True.

If path is not specified, - When 'dnac_log_append' is True, 'dnac.log' is generated in the current Ansible directory; logs are appended. - When 'dnac_log_append' is False, 'dnac.log' is generated; logs are overwritten.

If path is specified, - When 'dnac_log_append' is True, the file opens in append mode. - When 'dnac_log_append' is False, the file opens in write (w) mode. - In shared file scenarios, without append mode, content is overwritten after each module execution. - For a shared log file, set append to False for the 1st module (to overwrite); for subsequent modules, set append to True.

Default: :ansible-option-default:`"dnac.log"`

dnac_log_level

string

Sets the threshold for log level. Messages with a level equal to or higher than this will be logged. Levels are listed in order of severity [CRITICAL, ERROR, WARNING, INFO, DEBUG].

CRITICAL indicates serious errors halting the program. Displays only CRITICAL messages.

ERROR indicates problems preventing a function. Displays ERROR and CRITICAL messages.

WARNING indicates potential future issues. Displays WARNING, ERROR, CRITICAL messages.

INFO tracks normal operation. Displays INFO, WARNING, ERROR, CRITICAL messages.

DEBUG provides detailed diagnostic info. Displays all log messages.

Default: :ansible-option-default:`"WARNING"`

dnac_password

string

The password for authentication at the Cisco Catalyst Center.

dnac_port

string

Specifies the port number associated with the Cisco Catalyst Center.

Default: :ansible-option-default:`"443"`

dnac_task_poll_interval

integer

The interval, in seconds, to poll for task completion.

Default: :ansible-option-default:`30`

dnac_username

aliases: user

string

The username for authentication at the Cisco Catalyst Center.

Default: :ansible-option-default:`"admin"`

dnac_verify

boolean

Flag to enable or disable SSL certificate verification.

Choices:

dnac_version

string

Specifies the version of the Cisco Catalyst Center that the SDK should use.

Default: :ansible-option-default:`"2.2.3.3"`

state

string

The state of Cisco Catalyst Center after module completion.

Choices:

validate_response_schema

boolean

Flag for Cisco Catalyst Center SDK to enable the validation of request bodies against a JSON schema.

Choices:

Notes

Note

  • When waiting for the LAN automation session to complete, the timeout and the list of devices to be discovered will initially be considered. If neither a timeout nor a device list is provided, LAN automation will continue running until stopped.

  • To stop a LAN automation session, execute the same details in the 'deleted' state. Only the seed device IP is required to terminate the session.

  • PnP authorization will be performed if device authorization has been selected in Catalyst Center. LAN automation will continue running until the provided serial numbers are authorized, continuously checking the status of the devices. If PnP authorization is enabled without a list of devices for either authorization or discovery, the module will not wait for the LAN automation task to complete. However, if a device is in an Error state or authorization is not checked on Catalyst Center, the playbook will keep running until the state of the device is active or reached the timeout value.

  • SDK Method used are ccc_lan_automation.lanautomation.lan_automation_start_v2 ccc_lan_automation.lanautomation.lan_automation_stop ccc_lan_automation.lanautomation.lan_automation_device_update ccc_lan_automation.lanautomation.lan_automation_active_sessions ccc_lan_automation.lanautomation.lan_automation_status ccc_lan_automation.lanautomation.lan_automation_log ccc_lan_automation.devices.get_device_list ccc_lan_automation.devices.get_interface_details ccc_lan_automation.deviceonboardingpnp.authorize_device ccc_lan_automation.deviceonboardingpnp.get_device_list

  • Does not support check_mode

  • The plugin runs on the control node and does not use any ansible connection plugins instead embedded connection manager from Cisco Catalyst Center SDK

  • The parameters starting with dnac_ are used by the Cisco Catalyst Center Python SDK to establish the connection

Examples

- name: Start a LAN Automation session without waiting for it to finish
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automation:
          discovered_device_site_name_hierarchy: "Global/USA/SAN JOSE"
          peer_device_management_ip_address: "204.1.1.2"
          primary_device_management_ip_address: "204.1.1.1"
          primary_device_interface_names:
            - "HundredGigE1/0/2"
            - "HundredGigE1/0/29"
          ip_pools:
            - ip_pool_name: "underlay_sub"
              ip_pool_role: "MAIN_POOL"
            - ip_pool_name: "underlay_sub_sj"
              ip_pool_role: "PHYSICAL_LINK_POOL"
          multicast_enabled: true
          redistribute_isis_to_bgp: true
          host_name_prefix: "San-Jose"
          isis_domain_pwd: "cisco"
          discovery_level: 5
          discovery_timeout: 40
          discovery_devices:
            - device_serial_number: "FJC27172JDW"
              device_host_name: "SR-LAN-9300-IM1"
              device_site_name_hierarchy: "Global/USA/SAN JOSE/BLD23"
              device_management_ip_address: "204.1.1.10"
            - device_serial_number: "FJC2721261A"
              device_host_name: "SR-LAN-9300-IM2"
              device_site_name_hierarchy: "Global/USA/SAN JOSE/BLD20"
              device_management_ip_address: "204.1.1.11"
          launch_and_wait: false
          pnp_authorization: false

- name: Start a LAN Automation session with device authorization and waiting for the task to complete
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automation:
          discovered_device_site_name_hierarchy: "Global/USA/SAN JOSE"
          peer_device_management_ip_address: "204.1.1.2"
          primary_device_management_ip_address: "204.1.1.1"
          primary_device_interface_names:
            - "HundredGigE1/0/2"
            - "HundredGigE1/0/29"
          ip_pools:
            - ip_pool_name: "underlay_sub"
              ip_pool_role: "MAIN_POOL"
            - ip_pool_name: "underlay_sub_sj"
              ip_pool_role: "PHYSICAL_LINK_POOL"
          multicast_enabled: true
          redistribute_isis_to_bgp: true
          host_name_prefix: "San-Jose"
          isis_domain_pwd: "cisco"
          discovery_level: 5
          discovery_timeout: 40
          discovery_devices:
            - device_serial_number: "FJC27172JDW"
              device_host_name: "SR-LAN-9300-IM1"
              device_site_name_hierarchy: "Global/USA/SAN JOSE/BLD23"
              device_management_ip_address: "204.1.1.10"
            - device_serial_number: "FJC2721261A"
              device_host_name: "SR-LAN-9300-IM2"
              device_site_name_hierarchy: "Global/USA/SAN JOSE/BLD20"
              device_management_ip_address: "204.1.1.11"
          launch_and_wait: true
          pnp_authorization: true
          device_serial_number_authorization:
            - "FJC27172JDW"
            - "FJC2721261A"

- name: Stop a LAN Automation session
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: deleted
    config:
      - lan_automation:
          discovered_device_site_name_hierarchy: "Global/USA/SAN JOSE"
          primary_device_management_ip_address: "204.1.1.1"

- name: Update loopback for LAN Automated devices
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automated_device_update:
          loopback_update_device_list:
            - device_management_ip_address: "204.1.3.160"
              new_loopback0_ip_address: "91.1.2.6"
            - device_management_ip_address: "204.1.2.163"
              new_loopback0_ip_address: "91.1.2.5"

- name: Update hostname for LAN Automated devices
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automated_device_update:
          hostname_update_devices:
            - device_management_ip_address: "204.1.1.1"
              new_host_name: "SR-LAN-9300-im1"
            - device_management_ip_address: "91.1.1.6"
              new_host_name: "Test"

- name: Add link for LAN Automated devices
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automated_device_update:
          link_add:
            source_device_management_ip_address: "204.1.1.1"
            source_device_interface_name: "HundredGigE1/0/2"
            destination_device_management_ip_address: "204.1.1.4"
            destination_device_interface_name: "HundredGigE1/0/5"
            ip_pool_name: "underlay_sj"

- name: Delete link between LAN Automated devices
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automated_device_update:
          link_delete:
            source_device_management_ip_address: "204.1.1.1"
            source_device_interface_name: "HundredGigE1/0/2"
            destination_device_management_ip_address: "204.1.1.4"
            destination_device_interface_name: "HundredGigE1/0/5"

- name: Apply loopback and hostname updates for LAN Automated devices
  cisco.dnac.lan_automation_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    config_verify: false
    state: merged
    config:
      - lan_automated_device_update:
          loopback_update_device_list:
            - device_management_ip_address: "204.1.1.160"
              new_loopback0_ip_address: "10.4.18.101"
          hostname_update_devices:
            - device_management_ip_address: "91.1.3.2"
              new_host_name: "SR-LAN-9300-SJ"
            - device_management_ip_address: "204.1.1.5"
              new_host_name: "SR-LAN-9500-SJ"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

dnac_response

dictionary

A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK

Returned: always

Sample: :ansible-rv-sample-value:`{"response": {"taskId": "string", "url": "string"}, "version": "string"}`

Authors

  • Luna Aliaj (@majlona)

  • Madhan Sankaranarayanan (@madhansansel)