Getting Started with your first Ansible Playbook for Network Automation

Installing Ansible and related components


Updating Yum
# sudo yum -y update


Install python3-pip
# sudo yum install python3-pip


Install/upgrade ansible to latest version

# sudo pip3 install ansible


Install/upgrade ansible to latest version

# sudo pip3 install paramiko


Verify the status/version of tools installed
pip3 --version
python3 --version
ansible --version

Install and check version of ansible installed

[developer@devbox Network_Support]$ansible --version
ansible 2.7.8
  config file = /home/developer/Network_Support/ansible.cfg
  configured module search path = ['/home/developer/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.5 (default, Jul 19 2018, 10:49:52) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]



Create inventory file

[developer@devbox Network_Support]$vi inventory

# Inventory file for Ansible

[P-Switches]
P-1 ansible_host=172.16.30.82
P-2 ansible_host=172.16.30.83

[PE-Switches]
PE-1 ansible_host=172.16.30.84
PE-2 ansible_host=172.16.30.85
PE-3 ansible_host=172.16.30.86

[all:vars]
ansible_network_os=ios
In the above inventory file, we specified two groups namely P-Switches and PE-Switches with two and three hosts within them respectively.
Ansible groups can be useful for segregating the devices based on make & model, sites, function, etc and then these groups can be used in ansible-playbooks to define the scope for tasks.



Create a playbook specifying the tasks

[developer@devbox Network_Support]$vi sh_ip_int_bri.yaml
---
- name: Define Parameters
  hosts: PE-Switches
  gather_facts: no
  connection: network_cli
  tasks:
   - name: Get the config
     cli_command:
      command: show ip interface brief
     register: result
   - debug: var=result.stdout_lines
In the above playbook, we are defining the groups on which the tasks will be executed and defining the tasks. for the hosts:, we can set the value to 'PE-Switches', 'P-Switches' or 'all' as desired.

Run the Ansible playbook


[developer@devbox Network_Support]$ansible-playbook sh_ip_int_bri.yaml -i /home/developer/Network_Support/inventory -u cisco -k
SSH password:
PLAY [Define Parameters] *******************************************************************************************************************
TASK [Get the config] **********************************************************************************************************************
ok: [PE-1]
ok: [PE-3]
ok: [PE-2]
TASK [debug] *******************************************************************************************************************************
ok: [PE-1] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.5      YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.0.21       YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.0.29       YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.33       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.9     YES TFTP   up                    up"
    ]
}
ok: [PE-3] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.22     YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.128.29     YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.128.10     YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.49       YES TFTP   up                    up      ",
        "GigabitEthernet0/5         10.0.0.45       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.11    YES TFTP   up                    up"
    ]
}
ok: [PE-2] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.6      YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.128.18     YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.0.26       YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.37       YES TFTP   up                    up      ",
        "GigabitEthernet0/5         10.0.0.41       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.6     YES TFTP   up                    up"
    ]
}
PLAY RECAP *********************************************************************************************************************************
PE-1                       : ok=2    changed=0    unreachable=0    failed=0
PE-2                       : ok=2    changed=0    unreachable=0    failed=0
PE-3                       : ok=2    changed=0    unreachable=0    failed=0
]


The flags in the ansible-playbook command set seven values:
  • the host group(s) to which the command should apply (in this case, all)
  • the inventory (-i, the device or devices to target - without the trailing comma -i points to an inventory file)
  • the connection method (-c, the method for connecting and executing ansible)
  • the user (-u, the username for the SSH connection)
  • the SSH connection method (-k, please prompt for the password)
  • the module (-m, the ansible module to run)
  • an extra variable ( -e, in this case, setting the network OS value)


Specifying SSH port in Ansible Inventory

If ssh port for hosts is different than the default port 22, it can be specified in the inventory file with colon (:) after hostname.

#vi inventory

# Inventory file for Ansible
 [XE]
ios-xe-mgmt.cisco.com:8181
ios-xe-mgmt-latest.cisco.com:8181
 [XR]
sbx-iosxr-mgmt.cisco.com:8181



Useful Links


Comments

Popular posts from this blog

Specifying SSH port in Ansible Inventory

Ansible-Playbook to display output of multiple show commands (using stdout_lines with Loop)

Filtering Routes in BGP using Route-maps and Prefix-list

Ansible Playbook for Network OS Upgrade with pre and post checks

Bypassing Proxy Server in Google Chrome

VMware NSX Traffic Flow — East-West & North-South

Ansible-playbook for backing up running config of Cisco IOS

Export or Backup Azure Network Security Groups into CSV using PowerShell