This topic is to discuss the following lesson:
2 Likes
Wow! What an amazing tool. Thanks, Rene!
2 Likes
I know it require CML installed and CML license loaded, but does it require license for the SD-WAN devices in the lab? I had CML licence before but it expired. I didnât try the lab because I heard that running the SD-WAN devices requires device license. If it doesnât then itâs worth to buy CML license another time.
1 Like
Hello Martin
It looks like you wonât need a specific license to use the SD-WAN feature for CML, you can use the Personal version. However you will require the use of the PNP portal which needs a smart account, which I believe you can get for free. I havenât tried it myself, but you can take a look at this ÎCisco community post for more information:
I hope this has been helpful!
Laz
1 Like
You wonât need any device licenses or a smart account if you use this installer for CML. It saves a lot of trouble.
1 Like
Thank you for continuing to upload premium content throughout the years.
2 Likes
Thanks @tristanziemann454 !
1 Like
Hi,
when you say âCisco CML allows you to download the topology and startup configurations, but this wonât work for the controllers in this lab.â, you mean that downloading CML lab as YAML file for SDWAN lab is possible in general, but not when automation tool is used as in this particular case?
Hello A1A1
The statement about the limitation of downloading SD-WAN topologies in CML is not specifically about automation tools affecting YAML export capability. Rather, it addresses a fundamental architectural limitation of SD-WAN controllers in CML environments.
CML can export SD-WAN labs as YAML files. This works in general. However, the phrase deals with what the YAML export can and cannot capture:
What YAML Export DOES Capture:
- Topology structure (nodes, links, interfaces)
- Node types and image references
- Startup configurations for traditional network devices (cEdge, IOS-XE routers)
- Basic VM resource allocations
What YAML Export CANNOT Capture (SD-WAN Controllers):
- vManage database contents - The entire SD-WAN fabric configuration (policies, templates, device onboarding state) lives in vManageâs internal databases not in a CLI configuration file
- Certificate infrastructure - SD-WANâs PKI (certificates, private keys, trust chains) is generated during initial deployment and tied to specific VM identities/serial numbers
- Day-0 bootstrap configurations - Initial provisioning parameters (cloud-init, user-data, bootstrap ISOs) that bring controllers online
- Runtime state - Control plane connections, device registrations, and orchestration state
Does that make sense?
I hope this has been helpful!
Laz
I understand.
Is it possible to create and backup/restore multiple labs? I can see that you named the lab âsdwanâ but where are you referring to the lab name?
In addition, when I run sdwan-lab setup --list I get:
Available Software Versions:
-
cat-sdwan-manager: [â20â]
-
cat-sdwan-controller: [â20â]
-
cat-sdwan-validator: [â20â]
-
cat-sdwan-edge: [â17â]
I have CML 2.8 and I have uploaded the images to CML. When I check the image version in CML it says 20.15.1.
So, when I try to deploy the lab it gives following error:
Preparing the labâŚRequested SD-WAN Manager software image version 20 is not found in CML. Use setup task to upload the correct images or use any available image: [â20â]
It didnât work with 20.15.1 either.
Any ideas?
I have managed to create the lab, the solution for my previous problems was to enter âsdwan-lab setupâ. Then, correct versions showed up.
After the lab is created, is it normal for SD-WAN Manager to show the following message: âYour SD-WAN Manager is not in sync with the licenses in the Cisco Smart Software Management Portal (CSSM)â?
Hello A1A1
Yes of course. CML allows you to create and save, backup, and restore multiple lab setups and topologies simply by naming them differently. When you back these up, you can create YAML files that reference each topology. You can then load those files into CML to restore the topology you have in place. Take a look at CMLâs documentation for your version here to find out more.
Good to hear that you resolved your previous issue, and thanks for letting us know. Indeed the sdwan-lab setup command resoves the problem because sdwan-lab doesnât just use whatever images exist in CML. It expects specific CML node definitions + image definitions (for Manager/Controller/Validator/Edge) that the tool knows how to match to a software version. The sdwan-lab setup command is designed to resolve this issue. It creates the required node definitions (Manager/Validator/Controller/Edge), and allows you to find SD-WAN images and create the correct image definitions in CML for those node types. So after you ran sdwan-lab setup it likely synced/created the missing SD-WAN image definitions in CML (or corrected them) and then when you added the --list keyword, it started reflecting reality.
Yes, this message is completely normal and expected in a Cisco SD-WAN CML lab environment, and you can safely ignore it for your lab exercises.
The SD-WAN Manager or vManage, is designed to synchronize with the Cisco Smart Software Management (CSSM) portal to manage license entitlements and report usage. This synchronization requires Internet connectivity, a valid enterprise smart account and virtual account credentials, and proper registration of the SD-WAN organization with the CSSM.
But in a CML lab environment, these conditions are typically not met because the lab is isolated and not on the Internet, there is no smart account associated with it, and the lab uses an evaluation/demo license. So synchronization fails, so you see this warning.
However, it does not prevent your lab from functioning. You can continue as in the lesson. If this is not the case, let us know so that we can see if we can help you further in your troubleshooting⌠Let us know how you get along!
I hope this has been helpful!
Laz
Hi Renee/Laz,
This alternative way of setting a SDWAN lab is really cool and Iâm excited to get started to try this method but Iâm not clear how to get started getting this lab built. Referencing the top of the SDWAN lab page, you mention you used Ubuntu 22.04 on Windows Subsystem for Linux. Does this mean this can be done all only on a single Ubuntu 22.04 VM (I have an ESXi 8 server)? Please elaborate about all I need to get started and add any enough details for me to get started to build this SDWAN lab. Thank you in advance. Adil
After viewing Reneeâs video, I think I understand this SDWAN deployment deployment tool a little better. It looks to me that all I would need to set this up is my MacBook Pro to install the SDWAN deployment tool on, and CML deployed in a virtual environment (which i did on my ESXi VMWare server). Will this SDWAN lab work on a free-tier CML or must I purchase pay-for edition of CML ($199)?
Hi @adil.nasser
Thatâs right, you run this tool locally, itâs basically just a script that you runs against CML and does all the heavy lifting of starting a topology and provisioning all devices.
Youâll need a paid CML license though. The free one doesnât have any SD-WAN images.
Rene
Hi,
regarding backup and restore - the YAML file from CML and backup lab name should be the same?
Hello A1A1
No, the YAML filename does not need to match the lab name in CML for backup and restore to work correctly. These are completely independent from each other.
The YAML filename on your computer (e.g., sdwan_backup_2024.yaml) is just the file storage name and is completely arbitrary. The lab title/name that appears in CMLâs dashboard is stored inside the YAML file. When you import/restore the YAML, CML reads the internal title field and creates a lab with that name, regardless of what you named the file. Make sense?
I hope this has been helpful!
Laz
I was unclear in my question. What I really meant is the name of the lab in CML and name of the backed up lab should be the same?
So I can save the topology, for example, the moment it is created, and then perform the backup any time I want. Then, I only need to restore the configuration using the previous name?
Hello A1A1
Ah, I see. The answer is still essentially the same. The lab name in CML and the backup filename do NOT need to be the same. You can name your backup file anything you want, and when you restore it, you can keep the original lab name or change it.
Yes, if you make changes to your configs (after you do an âextract configsâ from all your nodes), you can save your lab as a YAML file with a different name, thus creating a snapshot for your lab at that particular time. So you can create many such files, each at a different point in your configuration process.
Now because this thread has to do with SD-WAN CML labs, there is a special consideration you should keep in mind. CMLâs standard YAML export/backup captures text-based configurations ONLY (like startup-config). It does not NOT capture things like:
- SD-WAN controller certificates (vManage, vBond, vSmart)
- vManage database contents
- Certificate serial numbers and onboarding state
- Any runtime state or established control connections
These critical SD-WAN elements are stored on the virtual disk of the controller nodes, not in the text configuration. That means that if you build your SD-WAN lab, install certificates, get controllers operational, then export a YAML backup, and later restore from that backup after wiping the lab, you will lose the certificates and controller database. The devices will have the correct IP addresses and base configuration, but SD-WAN control connections will fail.
If you want a full SD-WAN state preservation (including certificates and databases), you should take hypervisor-level snapshots of your entire CML server VM. This will preserve the virtual disk state of all nodes. A good time to do this is once youâve completed certificate installation and controller onboarding.
I hope this has been helpful!
Laz