Cisco UCS Agentless Configuration Management … · git clone cd ucsm-ansible sudo python install.py . Demo. UCS …

Cisco UCS Agentless Configuration ManagementAnsible or Microsoft DSC

John McDonough, Technical Leader – Developer Evangelist

DEVNET-2916

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#DEVNET-2916

• Cisco UCS Agentless Configuration Management - Ansible or Microsoft Desired State Configuration

• What is Angentless Configuration Management

• UCS – Ansible• Who / Where / What / How

• Install

• Demo

• UCS – Microsoft DSC• Who / What / Where / How

• Install

• Demo

• Conclusion

Agenda – DEVNET 2916

What is Agentless Configuration Management


What is Agentless Configuration Management

• Agentless Configuration Management

• Managed devices do not have an agent listening for updates

• Updates are pushed to managed devices

• Scripts or API calls are executed on the managed devices

• No timers are on the managed devices

• Control is maintained by the configuration management master

6DEVNET-2916

Author Configuration

Push Configuration

UCS Ansible


Who / Where / What

• Who

• UCS Ansible is currently maintained by UCS Engineering and some UCS TMEs, SEs, and DevNet DEs (Developer Evangelists)

• Where

• Github – ucsm-ansible – https://github.com/CiscoUcs/ucsm-ansible

• This will be changing beginning with the Ansible 2.5 release• New UCS Ansible modules will be added directly to the Ansible release

• Pre Ansible 2.5 UCS modules will gradually be deprecated and moved to Ansible repository

• What

• Current requirements• Python 2.7

• ucsmsdk, ucsm-ansible, ucsm_apis

8DEVNET-2916

https://github.com/CiscoUcs/ucsm-ansible


How – Module

9DEVNET-2916

cisco_ucs_ntp.py

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10DEVNET-2916

How – Playbook (yaml)

---

- hosts: localhost

connection: local

gather_facts: no

roles:

- common

- hosts: ucs

connection: local

gather_facts: no

tasks:

- name: enable ntp

cisco_ucs_ntp:

name: "{{ntp_server}}"

descr: Ansible managed NTP

state: present

ucs_ip: "{{ucs_ip}}"

ucs_username: "{{ucs_username}}"

ucs_password: "{{ucs_password}}"


Install

1. Ansible

sudo pip install ansible

2. ucsmsdk – the latest

git clone https://github.com/ciscoucs/ucsmsdk

cd ucsmsdk

sudo make install

3. ucsm_apis – the latest

git clone https://github.com/ciscoucs/ucsm_apis

cd ucsm_apis

sudo make install

4. ucsm-ansible modules

git clone https://github.com/ciscoucs/ucsm-ansible

cd ucsm-ansible

sudo python install.py


https://github.com/ciscoucs/ucsmsdk

https://github.com/ciscoucs/ucsm_apis

https://github.com/ciscoucs/ucsm-ansible


Demo

UCS PowerTool – Microsoft DSC


Who / Where / What

• Who

• UCS PowerTool is currently maintained by UCS Engineering

• Where

• cisco.com – UCS PowerTool Download, https://software.cisco.com/portal/pub/download/portal/select.html?&mdfid=286305108&flowid=79283&softwareid=284574017

• UCS PowerTool DSC module is packaged with UCS PowerTool as of version 2.X

• What

• Current requirements• Windows Desktop

• PowerShell

• UCS PowerTool

14DEVNET-2916

https://software.cisco.com/portal/pub/download/portal/select.html?&mdfid=286305108&flowid=79283&softwareid=284574017


How – UCS PowerTool and MOF Files

• UCS PowerTool

• Connect to UCS Manager perform Object Actions

• Managed Object Format MOF Files

• Declare Object Actions

15DEVNET-2916


How$ConfigData= @{

AllNodes = @(

@{

NodeName = "172.22.250.181"

PsDscAllowPlainTextPassword = $true

};

@{

NodeName = "172.22.250.183"

PsDscAllowPlainTextPassword = $true

};

);

}

Configuration AutoGeneratedDSCConfig

{

param(

[Parameter(Mandatory=$true)]

[PsCredential] $ucsCredential,

[Parameter(Mandatory=$true)

[string] $ucsConnectionString

)

Import-DSCResource -ModuleName

Cisco.Ucs.DesiredStateConfiguration one line

Node "172.22.250.181"

{

UcsManagedObject vlan200

{

Ensure = "Present"

ModifyPresent = $false

ClassId= "fabricVlan"

Dn = "fabric/lan/net-vlan200"

PropertyMap= "Id = 200 `nName = vlan200"

UcsCredentials = $ucsCredential

UcsConnectionString = $ucsConnectionString

Identifier = "vlan200"

}

Node "172.22.250.183"

{

UcsManagedObject vlan201

{

Ensure = "Present"

ModifyPresent = $false

ClassId= "fabricVlan"

Dn = "fabric/lan/net-vlan201"

PropertyMap= "Id = 201 `nName = vlan201"

UcsCredentials = $ucsCredential

UcsConnectionString = $ucsConnectionString

Identifier = "vlan201"

}

}

$connectionString = "Name=172.22.251.170"

$credential = Get-Credential

AutoGeneratedDSCConfig -UcsConnectionString

$connectionString -ConfigurationData $ConfigData

-ucsCredential $credential one line, creates

MOF files


Install

Demo

Conclusion

DevNet ZoneGet hands-on with APIs and SDKs in the

LEARN | CODE | INSPIRE | CONNECT

• Classrooms –Learn about a specific topic/technology

• Panels –Get inspired & interact with industry experts

• NEW! Hack, Defend and Win! –Embrace your inner hacker, then defend the network! Black Hat, White Hat Security Challenge

• Connected Women’s Event –Join Susie Wee on Monday for this event…followed by a DevNet Zone open house

• DevNet Sandbox –Explore free technology-packed 24x7 labs and play IoT foosball! Go for a 5-minute mini-hack challenge or complete all three in 15-minutes to win

• NEW! Application Developer Zone and Challenge –Win a special-edition t-shirt and bragging rights…complete a learning lab, a workshop, and an application developer demo

• Learning Labs –Find an open seat to start coding with self-paced tutorials (experts available)

• Demos –Exciting demos and inspiring partner solutions showcase

• Workshops – code with an instructor in a hands-on session

@CiscoDevNet | #DevNet| #CLEUR

In the DevNet Zone we offer:

Join DevNet!developer.cisco.com/join/CLEUR1

8

All DevNet members win a prize, visit the Info Desk to

learn more!

Hack, Defend, and Win!

Come play the Black Hat, White Hat Security Challenge in the DevNet Zone!

>>> Hack

>>> Defend

>>> Win

Embrace your inner hacker and try to access the network

Be the heavily-armed Cisco defender that saves the day

Collect your prize and claim your bragging rights

@CiscoDevNet

#DevNet | #CLEUR


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#DEVNET-2916


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

24DEVNET-2916

Thank you

Documents

Cisco UCS Agentless Configuration Management … · git clone cd ucsm-ansible sudo python install.py . Demo. UCS …