Infrastructure as Code Testing Framework for Cisco ACI
Designed and implemented an Infrastructure as Code framework for Cisco ACI network fabric using Terraform and the Nexus-as-Code methodology, enabling declarative configuration management, simulator-based testing, and automated change deployment across operational technology environments.
The Challenge
Understanding the Problem
A critical infrastructure operator managing multiple data centre fabrics needed to modernise their network configuration management approach. The existing manual provisioning process was error-prone, lacked version control, and made it difficult to maintain consistency across development, staging, and production environments. The organisation required a solution that would enable infrastructure engineers to define network configurations declaratively, test changes safely before production deployment, and maintain full audit trails for compliance. The environment included Cisco ACI fabrics supporting both IT and OT workloads, requiring rigorous change control procedures.
Our Approach
How We Helped
We implemented an Infrastructure as Code framework based on Terraform with the Cisco ACI provider and Nexus-as-Code (NAC) methodology. The solution established a data-driven approach where network intent is expressed in YAML data models, separating configuration data from Terraform logic. A tiered environment architecture was deployed comprising a Cisco ACI simulator for development and initial validation, a staging fabric for integration testing, and production fabrics with controlled deployment windows. The framework integrated with Git for version control, implementing a branching strategy where feature branches enable parallel development, pull requests trigger automated validation, and merges to main initiate deployment pipelines. Jenkins CI/CD pipelines were configured to execute terraform plan for change preview, run compliance checks against security policies, and apply configurations through controlled stages. State management utilised remote backends with locking to prevent concurrent modifications across team members.
Results
Key Outcomes
Declarative configuration management using YAML data models with Nexus-as-Code patterns
Simulator-based development environment enabling safe testing of fabric changes
Git-integrated version control with full audit trail of all configuration changes
Automated CI/CD pipeline with terraform plan validation and staged deployments
Consistent configuration across development, staging, and production environments
Reduced provisioning time from days to hours with automated tenant and EPG deployment
Compliance integration validating changes against security policies before deployment
Facing similar challenges?
Get in touch to discuss how we can help your organisation.
We take our confidentiality obligations seriously. The project descriptions on this page have been generalised to protect client identities. We are happy to discuss our experience and approach where appropriate during a confidential conversation.