What You’ll Learn

• How to apply the Cisco IOS XE Terraform provider
• How to create a VLAN using the Cisco IOS XE Terraform provider
• How to verify that the Terraform execution plan file was successfully applied to a Cisco IOS XE device

What You’ll Need

• Terraform and the Cisco IOS XE provider installed on a host that will apply changes to the device. See how to install Terraform.
• Access to a Sandbox (such as the DevNet IOS XE Sandbox)
  • Alternatively, if you have access to dCloud, you can use it here; lab name “Cisco Catalyst 9000 IOS XE Programmability & Automation Lab v1”.

Terraform is a cloud-native, open-source infrastructure provisioning tool similar to Red Hat Ansible. It is used widely in cloud deployments, such as managing Amazon Web Services (AWS) or Microsoft Azure infrastructure. Because Terraform is not tied to any particular cloud and was created by a trusted company (HashiCorp), the adoption of the tool has grown quickly in recent years. Terraform is a declarative tool, meaning that the Terraform files define the desired state, and then behind the scenes, the heavy lifting is done by Terraform to make the infrastructure mirror the desired state.

Cisco has multiple integrations with Terraform and Cisco products. The Cisco IOS XE Terraform provider utilizes RESTCONF plus YANG to configure devices, using a single binary file.

Terraform is a CLI-based tool and can be installed on Windows, Linux, or Mac.

After you install Terraform, create an execution plan file called terraform.tf. Put the contents as follows into the file in order to use Terraform to configure VLAN 511:

# Define the terraform provider to use
# See more at https://registry.terraform.io/providers/CiscoDevNet/iosxe/latest


terraform {
    required_providers {
        iosxe = {
        version = "0.1.1"
        source  = "CiscoDevNet/iosxe"
        }
    }
}

# Use the Cisco IOS XE Provider
provider "iosxe" {
    request_timeout = 30
    insecure = true # NOTE: Do not use insecure mode in production
}

# Adding VLAN
resource "iosxe_rest" "vlan_example_put" {
  method = "PUT"
  path = "/data/Cisco-IOS-XE-native:native/vlan/vlan-list=511"
  payload = jsonencode(
    {
    "Cisco-IOS-XE-vlan:vlan-list": {
          "id": "511",
          "name": "VLAN511"
      }
    }
  )
}

Configure RESTCONF

The Terraform provider for IOS XE uses RESTCONF behind the scenes to configure the network devices, so you will first need to enable the RESTCONF feature. To configure RESTCONF on the switch, issue the following commands:

configure terminal
restconf

Initialize Terraform

Now that your network device is ready to talk to Terraform using RESTCONF, and your Terraform plan is ready, you can enter your terraform init command in the Bash CLI in the same directory that you have the Terraform plan:

terraform init

Terraform will now ensure that all plug-ins that are needed are installed and map out the dependencies, while checking syntax and a few other things.

You are now ready to apply your plan in the Bash CLI (in the same directory):

terraform apply -auto-approve

Here is a GIF that shows the flow from start to finish. The left-hand side has the network device CLI (assuming RESTCONF is enabled), and the right-hand side shows the Terraform execution. Note that once the plan is applied, the new VLAN is present.

You Did It!

Thank you for completing this lab. You’re well on your way to becoming a Terraform and Cisco IOS XE automation expert!

Learn More

Any Cisco IOS XE feature that can be configured using RESTCONF can be set and automated leveraging the power of Terraform. Terraform can also be used to automate setting up the configurations on entire networks of Cisco devices.

Resources

• Terraform provider IOS XE GitHub
• Terraform registry
• Terraform with IOS XE intro video
• DevNet Snack Minute
• Terraform IOS XE blog