Fix POAP and PreProvision Workflows

[mikewiebe]

Related Issue(s)

Related Collection Role

• cisco.nac_dc_vxlan.validate
• cisco.nac_dc_vxlan.dtc.create
• cisco.nac_dc_vxlan.dtc.deploy
• cisco.nac_dc_vxlan.dtc.remove
• other

Related Data Model Element

• vxlan.fabric
• vxlan.global
• vxlan.topology
• vxlan.underlay
• vxlan.overlay
• vxlan.overlay_extensions
• vxlan.policy
• vxlan.multisite
• defaults.vxlan
• other

Proposed Changes

This update allows devices to be discovered using discovery mode, poap and pre-provision workflows. Previously the solution did not allow both poap and pre-provision in the same datafile.

Note:

• The poap.boostrap setting under the device is only used for POAP mode without pre-provision first. It is not used by a pre-provision or pre-provision + POAP workflow.

Test Notes

The following data model was used for testing these changes:

---

vxlan:
  topology:
    switches:
      - name: staging-leaf1
        serial_number: 9MGBD4LHN0O
        role: leaf
        management:
          management_ipv4_address: 10.15.9.12
          default_gateway_v4: 10.15.9.1

      - name: staging-leaf2
        serial_number: 9APUPKODH2Y
        role: leaf
        management:
          management_ipv4_address: 10.15.9.13
          default_gateway_v4: 10.15.9.1

      - name: staging-leaf3
        serial_number: 9BC3LNYBKZM
        role: border
        management:
          management_ipv4_address: 10.15.9.14
          default_gateway_v4: 10.15.9.1
        poap:
          # Bootstrap must be true to discover a device
          # that is in POAP mode.
          bootstrap: true

      - name: prod-leaf1
        # -------------------------------------------
        # Temporary Fake Serial Number
        # (Must Match SN under poap.preprovision)
        serial_number: 550K4YPFFFF
        # -------------------------------------------
        # Real device SN that needs to replace the
        # fake SN above when the device is available.
        #
        # serial_number: 96QBK4NUWK4
        # -------------------------------------------
        role: leaf
        management:
          management_ipv4_address: 10.15.9.19
          default_gateway_v4: 10.15.9.1
          subnet_mask_ipv4: 24
        poap:
          preprovision:
            model: N9K-C9300v
            # Matches fake serial number above
            serial_number: 550K4YPFFFF
            version: 15.5(2)
            modulesModel: [N9K-X9364v, N9K-vSUP]

TestCase 1:

State Before Running the Playbook

• staging-leaf1 and staging-leaf2 are reachable using the IP address
• staging-leaf3 and prod-leaf1 are in POAP mode

State After Running the Playbook
ansible-playbook -i hosts.stage.yml vxlan.yml --tags cr_manage_switches

• staging-leaf1 and staging-leaf2 are discovered and added to the fabric
• staging-leaf3 is discovered using POAP since poap.boostrap is true
• prod-leaf1 is pre-provisioned but stays in POAP mode since the device serial_number and poap.preprovision.serial_number match and they are using the fake temporary serial_number.

Rerun is idempotent

TestCase 2:

State Before Running the Playbook

• staging-leaf1, staging-leaf2 and staging-leaf3 are discovered and added to the fabric
• prod-leaf1 is pre-provisioned but still in POAP mode

Update the data model to change out the fake SN with the real SN for prod-leaf1

---

vxlan:
  topology:
    switches:
      - name: prod-leaf1
        # -------------------------------------------
        # Temporary Fake Serial Number
        # (Must Match SN under poap.preprovision)
        # serial_number: 550K4YPFFFF
        # -------------------------------------------
        # Real device SN that needs to replace the
        # fake SN above when the device is available.
        #
        serial_number: 96QBK4NUWK4
        # -------------------------------------------
        role: leaf
        management:
          management_ipv4_address: 10.15.9.19
          default_gateway_v4: 10.15.9.1
          subnet_mask_ipv4: 24
        poap:
          preprovision:
            model: N9K-C9300v
            # Matches fake serial number above
            serial_number: 550K4YPFFFF
            version: 15.5(2)
            modulesModel: [N9K-X9364v, N9K-vSUP]

This will trigger POAP for prod-leaf1

State After Running the Playbook
ansible-playbook -i hosts.stage.yml vxlan.yml --tags cr_manage_switches

• All devices are added to the fabric

Rerun is idempotent

Cisco NDFC Version

TestCase 3:

State Before Running the Playbook

• staging-leaf1, staging-leaf2, staging-leaf3 and prod-leaf1 are discovered and added to the fabric

Update the data model to comment out all switches and run the remove role

ansible-playbook -i hosts.stage.yml vxlan.yml --tags rr_manage_switches

All switches are removed properly

Checklist

• Latest commit is rebased from develop with merge conflicts resolved
• New or updates to documentation has been made accordingly
• Assigned the proper reviewers