{"id":37882982,"url":"https://github.com/cisco-en-programmability/ansible-collection-sdwan","last_synced_at":"2026-01-16T16:49:51.401Z","repository":{"id":230092848,"uuid":"777712531","full_name":"cisco-en-programmability/ansible-collection-sdwan","owner":"cisco-en-programmability","description":"This repository contains the necessary ansible playbooks for various SDWAN workflows","archived":false,"fork":false,"pushed_at":"2025-08-18T09:22:24.000Z","size":120,"stargazers_count":7,"open_issues_count":5,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-08-18T11:25:28.725Z","etag":null,"topics":["ansible","ansible-playbook","end-to-end","sdwan","workflows"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cisco-en-programmability.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-03-26T11:27:04.000Z","updated_at":"2025-08-18T09:22:20.000Z","dependencies_parsed_at":"2024-03-27T20:29:53.198Z","dependency_job_id":"abe96cd1-1bae-4119-b659-c976d5b0ef57","html_url":"https://github.com/cisco-en-programmability/ansible-collection-sdwan","commit_stats":null,"previous_names":["cisco-open/ansible-collection-sdwan","cisco-en-programmability/ansible-collection-sdwan"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/cisco-en-programmability/ansible-collection-sdwan","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco-en-programmability%2Fansible-collection-sdwan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco-en-programmability%2Fansible-collection-sdwan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco-en-programmability%2Fansible-collection-sdwan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco-en-programmability%2Fansible-collection-sdwan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cisco-en-programmability","download_url":"https://codeload.github.com/cisco-en-programmability/ansible-collection-sdwan/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisco-en-programmability%2Fansible-collection-sdwan/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28480081,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-playbook","end-to-end","sdwan","workflows"],"created_at":"2026-01-16T16:49:51.287Z","updated_at":"2026-01-16T16:49:51.366Z","avatar_url":"https://github.com/cisco-en-programmability.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cisco SDWAN aaC\n\n```text\n\n            ┌───────────────────────────────┐\n            │          cisco.sdwan          │\n            └───────▲───────────────▲───────┘\n                    │               │\n             ┌──────┘               └──────┐\n             │                             │\n ┌───────────┴──────────────┐    ┌─────────┴──────────┐\n │  cisco.sdwan_deployment  │    │ cisco.catalystwan  │\n └──────────────────────────┘    └────────────────────┘\n\n```\n\n[ansible-collection-sdwan](https://github.com/cisco-en-programmability/ansible-collection-sdwan) combine [SDWAN Deployment](https://github.com/cisco-en-programmability/ansible-collection-sdwan-deployment) and\n[Ansible Wrapper using catalystwan library](https://github.com/cisco-en-programmability/ansible-collection-catalystwan) collections inside one tool.\n\nLet users to fully deploy, onboard and upgrade their SD-WAN topology.\n\n## Table of Contents\n\n- [Overview](#overview)\n- [Requirements](#requirements)\n- [Installing this collection](#installing-this-collection)\n- [Using this collection](#using-this-collection)\n- [Troubleshooting](#troubleshooting)\n- [Containerized variant WIP](#containerized-variant-wip)\n- [Contributing](#contributing)\n- [Useful links and Getting Started](#useful-links-and-getting-started)\n- [License](#license)\n- [Code of Conduct](#code-of-conduct)\n- [Releasing, Versioning and Depracation](#releasing-versioning-and-deprecation)\n\n---\n\n## Overview\n\n[ansible-collection-sdwan](https://github.com/cisco-en-programmability/ansible-collection-sdwan) integrates the roles and modules from both repositories to create an automation workflow for Cisco SD-WAN.\nBy leveraging these Ansible resources, [ansible-collection-sdwan](https://github.com/cisco-en-programmability/ansible-collection-sdwan) empowers network administrators to:\n\n- Automate Deployment: Roll out and provision Cisco SD-WAN controllers and edge devices with minimal manual intervention using [SDWAN Deployment](https://github.com/cisco-en-programmability/ansible-collection-sdwan-deployment) roles.\n- Onboarding of Controllers and Edge Devices: Simplify the process of integrating controllers and edge devices into the Cisco SD-WAN fabric, using automated deployment with PnP (Plug-and-Play), using [ansible-collection-catalystwan](https://github.com/cisco-en-programmability/ansible-collection-catalystwan) modules and roles.\n- Workflow for Upgrades: Structured workflow that automates the upgrade process for controllers and edge devices. See [example playbook for upgrades](./playbooks/software_upgrades_with_remote_server.yml)\n- Workflows for backup and restore:\n  - Backup Device configuration (includes Device Templates, Policies, Feature Templates). See [backup device configuration](./playbooks/backup_restore/backup_device_configuration.yml)\n  - Restore Device configuration (includes Device Templates, Policies, Feature Templates). See [restore device configuration](./playbooks/backup_restore/restore_device_configuration.yml)\n  - Backup running config (cli templates). See [backup running config](./playbooks/backup_restore/backup_running_config.yml)\n  - Restore running config (cli templates). See [restore running config](./playbooks/backup_restore/restore_running_config.yml)\n\n[ansible-collection-sdwan](https://github.com/cisco-en-programmability/ansible-collection-sdwan) illustrates the power of Ansible's modularity and the significant benefits of using roles, custom modules, and collections for automating network operations. It stands as an indispensable resource for organizations looking to implement Infrastructure as Code (IaC) within their network infrastructure and embrace a more agile and DevOps-oriented approach to network management.\n\n## Requirements\n\nThis project utilizes a tech stack that includes Python, Ansible (and Ansible Galaxy), AWS cloud (Boto/Boto3, authentication with AWS CLI)\nAzure cloud (ansible azure collection) and finally Cisco SD-WAN.\nBelow you will find the necessary information to set up your environment.\n\nBefore you begin, ensure that you have administrative access to your machine to install the required software.\n\nSee section [Useful links and Getting Started](#useful-links-and-getting-started) for more in-depth documentation.\n\n### Operating System Requirements\n\nThis project is cross-platform and can be set up on the following operating systems:\n\n- Linux (Ubuntu, CentOS, Debian, etc.)\n- macOS\n- Windows (Note: Some tools might require Windows Subsystem for Linux (WSL) for full functionality)\n\n### Python requirement\n\nSupported version: Python \u003e=3.10+\n\n- Due to [ansible-core==2.16](https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix) requirement, this collection requires Python 3.10 or greater.\n\n### Cloud authentication requirement\n\nVerify that you have access to create resources with your provider:\n\n#### AWS\n\n- See [AWS Ansible Authentication docs](https://docs.ansible.com/ansible/latest/collections/amazon/aws/docsite/guide_aws.html#authentication) to learn more.\n\n- See [AWS CLI configuration](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) to learn more.\n\n#### Azure\n\n- See [Authenticating with Azure](https://docs.ansible.com/ansible/latest/scenario_guides/guide_azure.html#authenticating-with-azure)\n\n### PnP Portal requirement\n\nCurrent version of the full workflow for bringup SD-WAN assumes that users are familiar with [Cisco Plug and Play Portal](https://software.cisco.com/) and its requirements.\n\n- See example [Cisco Plug and Play Support Guide for Cisco SD-WAN Products](https://www.cisco.com/c/dam/en_us/services/downloads/SD-WAN_pnp_support_guide.pdf).\n\n---\n\n## Installing this collection\n\n### Install by cloning this repostiory - recommended way\n\nYou can install collection by first cloning this repository:\n\n```bash\ngit clone git@github.com:cisco-en-programmability/ansible-collection-sdwan.git\n```\n\nThen setting your python environment.\nRecommended way: use supported version of Python (\u003e=3.10) and set up your environment with:\n\n```bash\npython3 -m venv \u003cyour-venv-name\u003e\nsource \u003cyour-venv-name\u003e/bin/activate\npip install -r requirements.txt --no-deps\n```\n\nAnd then install ansible requirements:\n\n```bash\nansible-galaxy install -r requirements.yml\n```\n\n### Install with Ansible Galaxy\n\n***Note*** that when installing this collection with `ansible-galaxy` command, it will be placed inside your system collections path. That migth introduce additional complexity for using configuration files etc.\n\nYou can install this collection with the Ansible Galaxy CLI (requires `ansible` package installed)\n\n```bash\nansible-galaxy collection install cisco.sdwan\n```\n\nThe python module dependencies are not installed by ansible-galaxy. They can be manually installed using pip.\nRecommended way: use supported version of Python (\u003e=3.10) and set up your environment with:\n\n```bash\npython3 -m venv \u003cyour-venv-name\u003e\nsource \u003cyour-venv-name\u003e/bin/activate\n```\n\nAnd then install python requirements:\n\n```bash\npip install -r requirements.txt --no-deps\n```\n\n\u003c/br\u003e\u003c/br\u003e\n\n***Note***: For python packages installation troubleshooting see [python-packages-installation](#5-python-packages-installation)\n\nVerify that your ansible version is using python modules from vevn by using test playbook:\n\nFor AWS:\n\n```bash\nansible-playbook playbooks/aws/test_env.yml\n```\n\nFor Azure:\n\n```bash\nansible-playbook playbooks/azure/test_env.yml\n```\n\nIf playbook finished without any failed tasks, environment is ready for next tasks.\n\nIf requirements have been installed and tasks returned information about missing packages, please see [Troubleshooting](#troubleshooting)\n\n## Using this collection\n\n### Ansible Vault prerequisite\n\nIn this section, suggested usage of Ansible Vault with Vault password stored in files is presented.\nWhile not mandatory, it is recommended to utilize Ansible Vault for securing sensitive data such as credentials and secret keys.\nAnsible Vault provides encryption capabilities that help in maintaining the security of your secrets within your playbooks.\nHowever, the management of secrets is ultimately at your discretion, and you may employ any other method that aligns with your security policies and operational practices.\nFeel free to use any other manager to encrypt `pnp_username` and `pnp_password` variables.\n\n#### Using Ansible Vault to securely provide PnP Portal credentials\n\nFirst, create file with ansible-valut password that will be used to secure your vault.\nExample file: `vault-password.txt`, created with content:\n\n```txt\nmysafepassword\n```\n\nThen, supply values for pnp credentials in pnp_credentials.yml file. For azure you can use `playbooks/azure/pnp_credentials.yml`\nand for aws `playbooks/aws/pnp_credentials.yml`.\n\nEncrypt the pnp credentials file with your valut password by running:\n\n```bash\nansible-vault encrypt --vault-password-file=vault-password.txt playbooks/azure/pnp_credentials.yml\n```\n\nFrom now, `playbooks/azure/pnp_credentials.yml` or `playbooks/aws/pnp_credentials.yml` file will be encrypted.\n\nIn order to run playbook that requires pnp_credentials, users have to specify path for ansible vault password file.\nExample:\n\n```bash\nansible-playbook playbooks/azure/non-existing-exmple.yml --vault-password-file=vault-password.txt\n```\n\n### Configuration file\n\nFull deployment and onboarding comes with predefined configuration file, that will bringup 3 controllers and all edge devices\nconfigured in PnP portal. It's user responsibility to ensure that PnP Portal configuration is correct and fautless.\n\nConfiguration file is located in:\n\n- for Azure: `playbooks/azure/sdwan_config.yml`\n- for AWS: `playbooks/aws/sdwan_config.yml`.\n\nPlease complete all fields marked as `null`.\n\nPlease see [Prerequisites for Deploying Cisco SD-WAN Controllers in AWS\n](https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/controller-aws.html#Cisco_Concept.dita_f1fa60cb-2f60-4350-ae74-1090073ca4be) and\n[Deploy Cisco SD-WAN Controllers in AWS: Tasks](https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/controller-aws.html#Cisco_Concept.dita_cf1bc9b2-5641-4ebc-b571-20849085bde4) in order to learn more about prerequisites and AMI Images on AWS.\n\nAdditional step: verify that your configuration file include all required variables, by running this pre-check playbook:\n\nAWS:\n\n```bash\nansible-playbook playbooks/aws/test_variables.yml --vault-password-file=vault-password.txt\n```\n\nAzure:\n\n```bash\nansible-playbook playbooks/aws/test_variables.yml --vault-password-file=vault-password.txt\n```\n\n### Final run\n\nFinally, run full playbook, depending on your cloud provider:\n\n```bash\nansible-playbook playbooks/azure/full_deploy_and_configure.yml --vault-password-file=vault-password.txt\n```\n\n```bash\nansible-playbook playbooks/aws/full_deploy_and_configure.yml --vault-password-file=vault-password.txt\n```\n\n---\n\n## Troubleshooting\n\nFollow these steps to troubleshoot common issues:\n\n### 1. Verify Your Ansible Version and Virtual Environment\n\nActivate your virtual environment and run the command:\n\n```bash\n(example-venv) ➜  cisco.sdwan git:(master) ✗ ansible --version\n```\n\nCheck that the 'ansible python module location' points to your virtual environment, for instance: `/Users/myuser/Work/cisco.sdwan/example-venv`.\n\n### 2. Correct Ansible Version Pointing to the Wrong Virtual Environment\n\nIf Ansible is pointing to the wrong virtual environment, modify the `sdwan_config.yml` configuration file. Add this line:\n\n```yml\nansible_python_interpreter: \"/\u003cpath-to-your-venv\u003e/bin/python\"\n```\n\nReplace `\u003cpath-to-your-venv\u003e` with the correct path.\n\n### 3. Update Ansible Collections\n\nTo update your Ansible collections, run the following command:\n\n```bash\nansible-galaxy collection install -r requirements.yml --upgrade\n```\n\n### 4. Double-Check Ansible Collection Installation Location\n\nAnsible defaults to installing the collection in `~/.ansible/collections`. This can cause problems if you're using the wrong collection version. Ensure your collection version is correct if you run into issues.\n\n### 5. Python packages installation\n\nPython packages requirements are formed to include all dependencies.\nTherefore if you face issues with installation, note that there is known confict:\n\n```log\n    The user requested packaging\n    catalystwan 0.31.2 depends on packaging\u003c24.0 and \u003e=23.0\n    azure-cli-core 2.34.0 depends on packaging\u003c22.0 and \u003e=20.9\n```\n\nsolved by using: `pip install -r requirements.txt --no-deps` command.\n\n---\n\n## Containerized variant WIP\n\nSection Under Construction!\n\n---\n\n## Useful links and Getting Started\n\n### Python\n\n- [Download Python](https://www.python.org/downloads/)\n- [Getting Started with Python](https://docs.python.org/3/using/index.html)\n\n### Virtual Environment (venv)\n\nTo manage dependencies, it is recommended to use Python's built-in `venv` module to create a virtual environment.\n\n- [Creating Virtual Environments](https://docs.python.org/3/library/venv.html)\n\n### Ansible\n\n- [Install Ansible](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)\n- [Getting Started with Ansible](https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html)\n\n### Ansible Galaxy\n\nAnsible Galaxy provides pre-packaged units of work known as roles, and it can be used to share and use content with Ansible.\n\n- [Using Ansible Galaxy](https://galaxy.ansible.com/docs/)\n\n### Ansible Vault\n\n- [Protecting sensitive data with Ansible vault](https://docs.ansible.com/ansible/latest/vault_guide/index.html)\n\n### AWS CLI\n\n- [Installing AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html)\n- [Configuring the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html)\n\n### AWS Authentication\n\n- [Understanding and Getting Your Security Credentials](https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html)\n- [Configuring AWS Credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html)\n\n### Azure Authentication\n\n- [Authenticating with Azure](https://docs.ansible.com/ansible/latest/scenario_guides/guide_azure.html#authenticating-with-azure)\n\n### Cisco SD-WAN\n\n- [Cisco SD-WAN Overview](https://www.cisco.com/c/en/us/solutions/enterprise-networks/sd-wan/index.html)\n- [Cisco SD-WAN Documentation](https://www.cisco.com/c/en/us/support/routers/sd-wan/products-installation-and-configuration-guides-list.html)\n\n---\n\n## License\n\nSee [LICENSE](./LICENSE) file.\n\n## Contributing\n\nSee [Contributing](./docs/CONTRIBUTING.md) file.\n\n## Code of Conduct\n\nSee [Code of Conduct](./docs/CODE_OF_CONDUCT.md) file.\n\n## Releasing, Versioning and Deprecation\n\nThis collection follows Semantic Versioning. More details on versioning can be found in [Understanding collection versioning](https://docs.ansible.com/ansible/latest/dev_guide/developing_collections_distributing.html#understanding-collection-versioning).\n\nNew minor and major releases as well as deprecations will follow new releases and deprecations of the Cisco Catalystwan SDK, a Python SDK, which this project relies on.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisco-en-programmability%2Fansible-collection-sdwan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcisco-en-programmability%2Fansible-collection-sdwan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisco-en-programmability%2Fansible-collection-sdwan/lists"}