cisco.dnac.network_settings_workflow_manager module – Resource module for IP Address pools and network functions

Note

This module is part of the cisco.dnac collection (version 6.27.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.dnac. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.dnac.network_settings_workflow_manager.

New in cisco.dnac 6.6.0

Synopsis

  • Manage operations on Global Pool, Reserve Pool, Network resources.

  • API to create/update/delete global pool.

  • API to reserve/update/delete an ip subpool from the global pool.

  • API to update network settings for DHCP, Syslog, SNMP, NTP, Network AAA, Client and Endpoint AAA, and/or DNS center server settings.

Requirements

The below requirements are needed on the host that executes this module.

  • dnacentersdk >= 2.7.2

  • python >= 3.9

Parameters

Parameter

Comments

config

list / elements=dictionary / required

List of details of global pool, reserved pool, network being managed.

global_pool_details

dictionary

Manages IPv4 and IPv6 IP pools in the global level.

settings

dictionary

Global Pool’s settings.

ip_pool

list / elements=dictionary

Contains a list of global IP pool configurations.

cidr

string

Defines the IP pool’s Classless Inter-Domain Routing block, enabling systematic IP address distribution within a network.

dhcp_server_ips

list / elements=string

The DHCP server IPs responsible for automatically assigning IP addresses and network configuration parameters to devices on a local network.

dns_server_ips

list / elements=string

Responsible for translating domain names into corresponding IP addresses.

force_delete

boolean

Forcefully delete all IP pools from the global level of the global pool. The default value is false.

Choices:

  • false ← (default)

  • true

gateway

string

Serves as an entry or exit point for data traffic between networks.

ip_address_space

string

IP address space either IPv4 or IPv6.

name

string

Specifies the name assigned to the Global IP Pool.

Required for the operations in the Global IP Pool.

Length should be less than or equal to 100.

Only letters, numbers and -_./ characters are allowed.

pool_type

string

Includes both the Generic Ip Pool and Tunnel Ip Pool. Generic - Used for general purpose within the network such as device management or communication between the network devices. Tunnel - Designated for the tunnel interfaces to encapsulate packets within the network protocol. It is used in VPN connections, GRE tunnels, or other types of overlay networks.

Choices:

  • "Generic" ← (default)

  • "Tunnel"

prev_name

string

The former identifier for the global pool. It should be used exclusively when you need to update the global pool’s name.

network_management_details

list / elements=dictionary

Set default network settings for the site

settings

dictionary

Network management details settings.

client_and_endpoint_aaa

dictionary

Manages AAA (Authentication Authorization Accounting) for clients and endpoints.

pan_address

string

added in cisco.dnac 6.14.0

PAN IP address for the ISE server.

For example, 1.1.1.1.

primary_server_address

string

added in cisco.dnac 6.14.0

Primary IP address for the ISE/AAA server.

For example, 1.1.1.2.

protocol

string

Protocol for AAA or ISE server.

Choices:

  • "RADIUS" ← (default)

  • "TACACS"

secondary_server_address

string

added in cisco.dnac 6.14.0

Secondary IP address for the AAA server.

For example, 1.1.1.3.

server_type

string

Server type for managing AAA for client and endpoints.

Choices:

  • "AAA"

  • "ISE"

shared_secret

string

Shared secret for ISE Server.

Length of the shared secret should be atleast 4 characters.

dhcp_server

list / elements=string

DHCP Server IP address (eg 1.1.1.4).

dns_server

dictionary

DNS server details of the network under a specific site.

domain_name

string

Domain Name of DHCP (eg; cisco.com, cisco.net).

primary_ip_address

string

Primary IP Address for DHCP (eg 2.2.2.2).

secondary_ip_address

string

Secondary IP Address for DHCP (eg 3.3.3.3).

message_of_the_day

dictionary

Banner details under a specific site.

banner_message

string

Message for the banner (eg; Good day).

retain_existing_banner

boolean

Retain existing banner message.

Choices:

  • false

  • true

netflow_collector

dictionary

NetFlow collector configuration for a specific site.

collector_type

string

Type of NetFlow collector.

Supported values include ‘Builtin’ and ‘Telemetry_broker_or_UDP_director’.

Applicable from Cisco Catalyst Center version 2.3.7.6 onwards.

Choices:

  • "Builtin" ← (default)

  • "Telemetry_broker_or_UDP_director"

enable_on_wired_access_devices

boolean

Enable or disable wired access device. Applicable from Cisco Catalyst Center version 2.3.7.6 onwards..

Choices:

  • false ← (default)

  • true

ip_address

string

IP Address for NetFlow collector. For example, 3.3.3.1.

port

integer

Port number used by the NetFlow collector. For example, 443.

network_aaa

dictionary

Manages AAA (Authentication Authorization Accounting) for network devices.

pan_address

string

added in cisco.dnac 6.14.0

PAN IP address for the ISE server.

For example, 1.1.1.1.

primary_server_address

string

added in cisco.dnac 6.14.0

Primary IP address for the ISE/AAA server.

For example, 1.1.1.2.

protocol

string

Protocol for AAA or ISE server.

Choices:

  • "RADIUS" ← (default)

  • "TACACS"

secondary_server_address

string

added in cisco.dnac 6.14.0

Secondary IP address for the AAA server.

For example, 1.1.1.3.

server_type

string

Server type for managing AAA for network devices.

Choices:

  • "AAA"

  • "ISE"

shared_secret

string

Shared secret for ISE Server.

Length of the shared secret should be atleast 4 characters.

ntp_server

list / elements=string

IP address for NTP server under a specific site (eg 1.1.1.2).

snmp_server

dictionary

Snmp Server details under a specific site.

configure_dnac_ip

boolean

Configuration Cisco Catalyst Center IP for SNMP Server (eg true).

Choices:

  • false

  • true

ip_addresses

list / elements=string

IP Address for SNMP Server (eg 4.4.4.1).

syslog_server

dictionary

syslog Server details under a specific site.

configure_dnac_ip

boolean

Configuration Cisco Catalyst Center IP for syslog server (eg true).

Choices:

  • false

  • true

ip_addresses

list / elements=string

IP Address for syslog server (eg 4.4.4.4).

timezone

string

Time zone of a specific site. (eg Africa/Abidjan/GMT).

wired_data_collection

dictionary

Enables or disables the collection of data from wired network devices for telemetry and monitoring purposes.

Applicable from Cisco Catalyst Center version 2.3.7.6 onwards.

enable_wired_data_collection

boolean

Enable or disable wired data collection.

Choices:

  • false ← (default)

  • true

wireless_telemetry

dictionary

Enables or disables the collection of telemetry data from wireless network devices for performance monitoring and analysis.

Applicable from Cisco Catalyst Center version 2.3.7.6 onwards.

enable_wireless_telemetry

boolean

Enable or disable wireless telemetry.

Choices:

  • false ← (default)

  • true

site_name

string

The name of the site provided as a path parameter, used to specify where the IP sub-pool will be reserved. (eg Global/Chennai/Trill)

reserve_pool_details

dictionary

Reserved IP subpool details from the global pool.

force_delete

boolean

Forcefully delete all IP pools from the reserve level of the IP sub-pool. The default value is false.

Choices:

  • false ← (default)

  • true

ipv4_dhcp_servers

list / elements=string

Specifies the IPv4 addresses for DHCP servers, for example, “1.1.1.1”.

ipv4_dns_servers

list / elements=string

Specifies the IPv4 addresses for DNS servers, for example, “4.4.4.4”.

ipv4_gateway

string

added in cisco.dnac 4.0.0

Provides the gateway’s IPv4 address, for example, “175.175.0.1”.

ipv4_global_pool

string

IP v4 Global pool address with cidr, example 175.175.0.0/16.

If both ‘ipv6_global_pool’ and ‘ipv4_global_pool_name’ are provided, the ‘ipv4_global_pool’ will be given priority.

ipv4_global_pool_name

string

added in cisco.dnac 6.14.0

Specifies the name to be associated with the IPv4 Global IP Pool.

If both ‘ipv4_global_pool’ and ‘ipv4_global_pool_name’ are provided, the ‘ipv4_global_pool’ will be given priority.

ipv4_prefix

boolean

ip4 prefix length is enabled or ipv4 total Host input is enabled

Choices:

  • false

  • true

ipv4_prefix_length

integer

The ipv4 prefix length is required when ipv4_prefix value is true.

ipv4_subnet

string

Indicates the IPv4 subnet address, for example, “175.175.0.0”.

ipv4_total_host

integer

The total number of hosts for IPv4, required when the ‘ipv4_prefix’ is set to false.

ipv6_address_space

boolean

Determines whether both IPv6 and IPv4 inputs are required. If set to false, only IPv4 inputs are required. If set to true, both IPv6 and IPv4 inputs are required.

Choices:

  • false

  • true

ipv6_dhcp_servers

list / elements=string

Specifies the IPv6 addresses for DHCP servers in the format. For example, “2001:0db8:0123:4567:89ab:cdef:0001:0001”.

ipv6_dns_servers

list / elements=string

Specifies the IPv6 addresses for DNS servers. For example, “2001:0db8:0123:4567:89ab:cdef:0002:0002”.

ipv6_gateway

string

Provides the gateway’s IPv6 address. For example, “2001:0db8:0123:4567:89ab:cdef:0003:0003”.

ipv6_global_pool

string

The ipv6_global_pool is a required when the ipv6_address_space is set to true.

It specifies the global IPv6 address pool using CIDR notation, such as “2001:db8:85a3::/64”.

In cases where both ipv6_global_pool and ipv6_global_pool_name are specified, ipv6_global_pool will take precedence.

ipv6_global_pool_name

string

added in cisco.dnac 6.14.0

Specifies the name assigned to the Ip v6 Global IP Pool.

If both ‘ipv6_global_pool’ and ‘ipv6_global_pool_name’ are provided, the ‘ipv6_global_pool’ will be given priority.

ipv6_prefix

boolean

Determines whether to enable the ‘ipv6_prefix_length’ or ‘ipv6_total_host’ input field. If IPv6 prefix value is true, the IPv6 prefix length input field is required, If it is false ipv6 total Host input is required.

Choices:

  • false

  • true

ipv6_prefix_length

integer

Specifies the IPv6 prefix length. Required when ‘ipv6_prefix’ is set to true.

ipv6_subnet

string

IPv6 Subnet address, example 2001:db8:85a3:0:100.

ipv6_total_host

integer

Specifies the total number of IPv6 hosts. Required when ‘ipv6_prefix’ is set to false.

Must specify a number of IPv6 IP addresses that is less than 256.

name

string

Name of the reserve IP subpool.

Required for the operations in the Reserve IP Pool.

Length should be less than or equal to 100.

Only letters, numbers and -_./ characters are allowed.

pool_type

string

Type of the reserve ip sub pool. Generic - Used for general purpose within the network such as device management or communication between the network devices. LAN - Used for the devices and the resources within the Local Area Network such as device connectivity, internal communication, or services. Management - Used for the management purposes such as device management interfaces, management access, or other administrative functions. Service - Used for the network services and application such as DNS (Domain Name System), DHCP (Dynamic Host Configuration Protocol), NTP (Network Time Protocol). WAN - Used for the devices and resources with the Wide Area Network such as remote sites interconnection with other network or services hosted within WAN.

Choices:

  • "Generic" ← (default)

  • "LAN"

  • "Management"

  • "Service"

  • "WAN"

prev_name

string

The former name associated with the reserved IP sub-pool.

site_name

string

The name of the site provided as a path parameter, used to specify where the IP sub-pool will be reserved.

slaac_support

boolean

Allows devices on IPv6 networks to self-configure their IP addresses autonomously, eliminating the need for manual setup.

Choices:

  • false

  • true

config_verify

boolean

Set to True to verify the Cisco Catalyst Center after applying the playbook config.

Choices:

  • false ← (default)

  • true

dnac_api_task_timeout

integer

Defines the timeout in seconds for API calls to retrieve task details. If the task details are not received within this period, the process will end, and a timeout notification will be logged.

Default: 1200

dnac_debug

boolean

Indicates whether debugging is enabled in the Cisco Catalyst Center SDK.

Choices:

  • false ← (default)

  • true

dnac_host

string / required

The hostname of the Cisco Catalyst Center.

dnac_log

boolean

Flag to enable/disable playbook execution logging.

When true and dnac_log_file_path is provided, - Create the log file at the execution location with the specified name.

When true and dnac_log_file_path is not provided, - Create the log file at the execution location with the name ‘dnac.log’.

When false, - Logging is disabled.

If the log file doesn’t exist, - It is created in append or write mode based on the “dnac_log_append” flag.

If the log file exists, - It is overwritten or appended based on the “dnac_log_append” flag.

Choices:

  • false ← (default)

  • true

dnac_log_append

boolean

Determines the mode of the file. Set to True for ‘append’ mode. Set to False for ‘write’ mode.

Choices:

  • false

  • true ← (default)

dnac_log_file_path

string

Governs logging. Logs are recorded if dnac_log is True.

If path is not specified, - When ‘dnac_log_append’ is True, ‘dnac.log’ is generated in the current Ansible directory; logs are appended. - When ‘dnac_log_append’ is False, ‘dnac.log’ is generated; logs are overwritten.

If path is specified, - When ‘dnac_log_append’ is True, the file opens in append mode. - When ‘dnac_log_append’ is False, the file opens in write (w) mode. - In shared file scenarios, without append mode, content is overwritten after each module execution. - For a shared log file, set append to False for the 1st module (to overwrite); for subsequent modules, set append to True.

Default: "dnac.log"

dnac_log_level

string

Sets the threshold for log level. Messages with a level equal to or higher than this will be logged. Levels are listed in order of severity [CRITICAL, ERROR, WARNING, INFO, DEBUG].

CRITICAL indicates serious errors halting the program. Displays only CRITICAL messages.

ERROR indicates problems preventing a function. Displays ERROR and CRITICAL messages.

WARNING indicates potential future issues. Displays WARNING, ERROR, CRITICAL messages.

INFO tracks normal operation. Displays INFO, WARNING, ERROR, CRITICAL messages.

DEBUG provides detailed diagnostic info. Displays all log messages.

Default: "WARNING"

dnac_password

string

The password for authentication at the Cisco Catalyst Center.

dnac_port

string

Specifies the port number associated with the Cisco Catalyst Center.

Default: "443"

dnac_task_poll_interval

integer

Specifies the interval in seconds between successive calls to the API to retrieve task details.

Default: 2

dnac_username

aliases: user

string

The username for authentication at the Cisco Catalyst Center.

Default: "admin"

dnac_verify

boolean

Flag to enable or disable SSL certificate verification.

Choices:

  • false

  • true ← (default)

dnac_version

string

Specifies the version of the Cisco Catalyst Center that the SDK should use.

Default: "2.2.3.3"

state

string

The state of Cisco Catalyst Center after module completion.

Choices:

  • "merged" ← (default)

  • "deleted"

validate_response_schema

boolean

Flag for Cisco Catalyst Center SDK to enable the validation of request bodies against a JSON schema.

Choices:

  • false

  • true ← (default)

Notes

Note

  • SDK Method used are network_settings.NetworkSettings.create_global_pool, network_settings.NetworkSettings.delete_global_ip_pool, network_settings.NetworkSettings.update_global_pool, network_settings.NetworkSettings.release_reserve_ip_subpool, network_settings.NetworkSettings.reserve_ip_subpool, network_settings.NetworkSettings.update_reserve_ip_subpool, network_settings.NetworkSettings.update_network_v2,

  • Paths used are post /dna/intent/api/v1/global-pool, delete /dna/intent/api/v1/global-pool/{id}, put /dna/intent/api/v1/global-pool, post /dna/intent/api/v1/reserve-ip-subpool/{siteId}, delete /dna/intent/api/v1/reserve-ip-subpool/{id}, put /dna/intent/api/v1/reserve-ip-subpool/{siteId}, put /dna/intent/api/v2/network/{siteId},

  • Does not support check_mode

  • The plugin runs on the control node and does not use any ansible connection plugins instead embedded connection manager from Cisco Catalyst Center SDK

  • The parameters starting with dnac_ are used by the Cisco Catalyst Center Python SDK to establish the connection

Examples

- name: Create global pool
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - global_pool_details:
        settings:
          ip_pool:
          - name: string
            pool_type: Generic
            ip_address_space: string
            cidr: string
            gateway: string
            dhcp_server_ips: list
            dns_server_ips: list

- name: Create reserve an ip pool
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - reserve_pool_details:
      - site_name: string
        name: string
        pool_type: LAN
        ipv6_address_space: true
        ipv4_global_pool: string
        ipv4_prefix: true
        ipv4_prefix_length: 9
        ipv4_subnet: string
        ipv6_prefix: true
        ipv6_prefix_length: 64
        ipv6_global_pool: string
        ipv6_subnet: string
        slaac_support: true

- name: Create reserve an ip pool using global pool name
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - reserve_pool_details:
      - name: string
        site_name: string
        pool_type: LAN
        ipv6_address_space: true
        ipv4_global_pool_name: string
        ipv4_prefix: true
        ipv4_prefix_length: 9
        ipv4_subnet: string
        ipv6_prefix: true
        ipv6_prefix_length: 64
        ipv6_global_pool_name: string
        ipv6_subnet: string
        slaac_support: true

- name: Delete reserved pool
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: deleted
    config_verify: true
    config:
    - reserve_pool_details:
      - site_name: string
        name: string

- name: Delete Global Pool
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{ dnac_host }}"
    dnac_port: "{{ dnac_port }}"
    dnac_username: "{{ dnac_username }}"
    dnac_password: "{{ dnac_password }}"
    dnac_verify: "{{ dnac_verify }}"
    dnac_debug: "{{ dnac_debug }}"
    dnac_version: "{{ dnac_version }}"
    dnac_log_level: "{{ dnac_log_level }}"
    dnac_log: true
    state: deleted
    config_verify: true
    config:
    - global_pool_details:
        settings:
            ip_pool:
            - name: string

- name: Manage the network functions
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - network_management_details:
      - site_name: string
        settings:
          dhcp_server: list
          dns_server:
            domain_name: string
            primary_ip_address: string
            secondary_ip_address: string
          ntp_server: list
          timezone: string
          message_of_the_day:
            banner_message: string
            retain_existing_banner: bool
          netflow_collector:
            ip_address: string
            port: 443
          snmp_server:
            configure_dnac_ip: true
            ip_addresses: list
          syslog_server:
            configure_dnac_ip: true
            ip_addresses: list

- name: Adding the network_aaa and client_and_endpoint_aaa AAA server
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - network_management_details:
      - site_name: string
        settings:
          network_aaa:
            server_type: AAA
            primary_server_address: string
            secondary_server_address: string
            protocol: string
          client_and_endpoint_aaa:
            server_type: AAA
            primary_server_address: string
            secondary_server_address: string
            protocol: string

- name: Adding the network_aaa and client_and_endpoint_aaa ISE server
  cisco.dnac.network_settings_workflow_manager:
    dnac_host: "{{dnac_host}}"
    dnac_username: "{{dnac_username}}"
    dnac_password: "{{dnac_password}}"
    dnac_verify: "{{dnac_verify}}"
    dnac_port: "{{dnac_port}}"
    dnac_version: "{{dnac_version}}"
    dnac_debug: "{{dnac_debug}}"
    dnac_log: true
    dnac_log_level: "{{ dnac_log_level }}"
    state: merged
    config_verify: true
    config:
    - network_management_details:
      - site_name: string
        settings:
          network_aaa:
            server_type: ISE
            pan_address: string
            primary_server_address: string
            protocol: string
          client_and_endpoint_aaa:
            server_type: ISE
            pan_address: string
            primary_server_address: string
            protocol: string

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

response_1

dictionary

A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK

Returned: always

Sample: {"executionId": "string", "executionStatusUrl": "string", "message": "string"}

response_2

dictionary

A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK

Returned: always

Sample: {"executionId": "string", "executionStatusUrl": "string", "message": "string"}

response_3

dictionary

A dictionary or list with the response returned by the Cisco Catalyst Center Python SDK

Returned: always

Sample: {"executionId": "string", "executionStatusUrl": "string", "message": "string"}

Authors

  • Muthu Rakesh (@MUTHU-RAKESH-27) Madhan Sankaranarayanan (@madhansansel) Megha Kandari (@kandarimegha)