What is Network as Code?

Network as Code is a methodology that applies DevOps principles to network management, through declarative data models, allowing teams to automate and manage network configurations through plain YAML files. Building on the idea of simplifying automation, Network as Code is designed for network engineers who want to focus on intent, not code. It lets you describe your desired network state in clear, human-readable terms, no deep scripting or programming required.

Network as Code simplifies and abstracts complex network orchestration tasks, so users don’t need to worry about intricate details like dependencies, references, or looping logic. With an easy-to-use, opinionated data model and a library of tested, maintained modules, you can spin up entire network fabrics in minutes, simply by describing their intended configuration in straightforward text, without needing deep API or object model knowledge.

This approach is particularly beneficial for teams that want to leverage the power of automation without getting bogged down in the complexities of traditional programming. By focusing on intent and using a declarative model, Network as Code empowers network engineers to manage their infrastructure more efficiently, reducing the time and effort required to implement changes and ensuring consistency across deployments.

Once you have adopted the approach for one technology, you can easily extend it to other architectures and products, re-using the exact same methodology and tools.

apic:
  tenants:
    - name: prod

      vrfs:
        - name: prod-vrf

      bridge_domains:
        - name: 10.1.100.0_24
          vrf: prod-vrf
          subnets:
            - ip: 10.1.100.1/24

      application_profiles:
        - name: vlans
          endpoint_groups:
            - name: vlan100
              bridge_domain: 10.1.100.0_24
              static_ports:
                - node_id: 101
                  port: 1
                  vlan: 100

sdwan:
  edge_feature_templates:
    banner_templates:
      - name: FT-EDGE-BANNER-01
        description: Base banner template
        motd: No message today

  sites:
    - id: 100
      routers:
        - chassis_id: C8K-40C0CCFD-9EA8
          model: C8000V
          device_template: DT-DC-C8000V-01
          device_variables:
            site_id: 200
            system_ip: 10.0.0.1
            system_hostname: SD-DC-C8KV-01

vxlan:
  global:
    name: nac-ndfc1
    bgp_asn: 65001
    route_reflectors: 2
    anycast_gateway_mac: 12:34:56:78:90:00
      dns_servers:
        - ip_address: 10.0.0.2
          vrf: management

  topology:
    switches:
      - name: netascode-spine1
        serial_number: 99H2TUPCVFK
        role: spine
        management:
          default_gateway_v4: 10.1.1.1
          management_ipv4_address: 10.1.1.21
        routing_loopback_id: 0

nxos:
 devices:
    - name: LEAF1
      variables:
        hostname: LEAF1
        lo0_ip: 10.1.100.3

 global:
    configuration:
      system:
        hostname: ${hostname}
      interfaces:
        loopbacks:
          - id: 0
            interface_groups: [LOOPBACK_INTERFACE]

  interface_groups:
    - name: LOOPBACK_INTERFACE
      configuration:
        ipv4_address: ${lo0_ip}/32

Even though the examples above are specific to different technologies, the underlying principles of Network as Code remain consistent. The focus is on defining the desired state of the network in a clear, text-based, declarative manner, allowing for easy automation and management across various platforms and architectures.

First Steps

Now lets explore how to get started with Network as Code. We will use ACI as an example, but the principles apply to other technologies as well.

Download the Terraform binary for your platform from the Terraform downloads page. There is no need to install it, just download the binary and place it in your PATH.
In a newly created project directory, create a YAML file named aci.nac.yaml with the following content:
```
apic:
  tenants:
    - name: NAC
      vrfs:
        - name: VRF1
        - name: VRF2
```
This file describes a simple ACI configuration with two VRFs under a tenant named NAC.
Create a file named main.tf in the same directory as the YAML file with the following content:
```
module "aci" {
  source  = "netascode/nac-aci/aci"
  version = "1.0.1"

  yaml_files     = ["aci.nac.yaml"]
  manage_tenants = true
}
```
This is the only Terraform configuration required. We make use of a module nac-aci which is published on the Terraform Registry, which we point to our previously created YAML file and enable the manage_tenants flag to enable the management of tenants using the module.
We haven’t yet provided the credentials to connect to the APIC controller. We could put them in the main.tf file, but to avoid exposing them in clear text we can also make use of environment variables to provide them. Set the following environment variables in your terminal:
Terminal window
```
export ACI_URL=https://10.1.1.1
export ACI_USERNAME=<username>
export ACI_PASSWORD=<your_password>
```
Initialize the Terraform project by running the following command in your terminal:
Terminal window
```
terraform init
```
This will download the necessary provider and module dependencies directly from the Terraform Registry.
Once the initialization is complete, you can apply the configuration by running:
Terminal window
```
terraform apply
```
In a first step this command will show you a plan of what will be created, and you can confirm the changes by typing yes. After that, Terraform will create the tenant and VRFs as specified in the YAML file.

Congratulations! You have successfully created your first Network as Code configuration for ACI using Terraform. You can now extend this configuration by adding more resources, such as bridge domains, application profiles, and endpoint groups, all defined in a similar declarative manner. You can explore the different data models available for various technologies in the Data Models section.