Getting Started with your first Ansible Playbook for Network Automation

Install and check version of ansible installed
[developer@devbox Network_Support]$ansible --version
ansible 2.7.8
  config file = /home/developer/Network_Support/ansible.cfg
  configured module search path = ['/home/developer/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.5 (default, Jul 19 2018, 10:49:52) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]


Create inventory file
[developer@devbox Network_Support]$vi inventory
# Inventory file for Ansible
[P-Switches]
P-1 ansible_host=172.16.30.82
P-2 ansible_host=172.16.30.83
[PE-Switches]
PE-1 ansible_host=172.16.30.84
PE-2 ansible_host=172.16.30.85
PE-3 ansible_host=172.16.30.86
In the above inventory file, we specified two groups namely P-Switches and PE-Switches with two and three hosts withing them respectively.
Ansible groups can be useful for segregating the devices based on make & model, sites, function, etc and then these groups can be used in ansible-playbooks to define the scope for tasks.


Create a playbook specifying the tasks


[developer@devbox Network_Support]$vi sh_ip_int_bri.yaml
---
- name: Define Parameters
  hosts: PE-Switches
  gather_facts: no
  connection: network_cli
  tasks:
   - name: Get the config
     cli_command:
      command: show ip interface brief
     register: result
   - debug: var=result.stdout_lines
In the above playbook, we are defining the groups on which the tasks will be executed and defining the tasks. for the hosts:, we can set the value to 'PE-Switches', 'P-Switches' or 'all' as desired.

Run the Ansible playbook

[developer@devbox Network_Support]$ansible-playbook sh_ip_int_bri.yaml -i /home/developer/Network_Support/inventory -u cisco -k -e ansible_network_os=ios
SSH password:
PLAY [Define Parameters] *******************************************************************************************************************
TASK [Get the config] **********************************************************************************************************************
ok: [PE-1]
ok: [PE-3]
ok: [PE-2]
TASK [debug] *******************************************************************************************************************************
ok: [PE-1] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.5      YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.0.21       YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.0.29       YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.33       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.9     YES TFTP   up                    up"
    ]
}
ok: [PE-3] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.22     YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.128.29     YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.128.10     YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.49       YES TFTP   up                    up      ",
        "GigabitEthernet0/5         10.0.0.45       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.11    YES TFTP   up                    up"
    ]
}
ok: [PE-2] => {
    "result.stdout_lines": [
        "Interface                  IP-Address      OK? Method Status                Protocol",
        "GigabitEthernet0/1         10.0.128.6      YES TFTP   up                    up      ",
        "GigabitEthernet0/2         10.0.128.18     YES TFTP   up                    up      ",
        "GigabitEthernet0/3         10.0.0.26       YES TFTP   up                    up      ",
        "GigabitEthernet0/4         10.0.0.37       YES TFTP   up                    up      ",
        "GigabitEthernet0/5         10.0.0.41       YES TFTP   up                    up      ",
        "Loopback0                  192.168.0.6     YES TFTP   up                    up"
    ]
}
PLAY RECAP *********************************************************************************************************************************
PE-1                       : ok=2    changed=0    unreachable=0    failed=0
PE-2                       : ok=2    changed=0    unreachable=0    failed=0
PE-3                       : ok=2    changed=0    unreachable=0    failed=0
]


The flags in the ansible-playbook command set seven values:
  • the host group(s) to which the command should apply (in this case, all)
  • the inventory (-i, the device or devices to target - without the trailing comma -i points to an inventory file)
  • the connection method (-c, the method for connecting and executing ansible)
  • the user (-u, the username for the SSH connection)
  • the SSH connection method (-k, please prompt for the password)
  • the module (-m, the ansible module to run)
  • an extra variable ( -e, in this case, setting the network OS value)





























Useful Links

Comments

Popular posts from this blog

Anyconnect SSL-Client VPN with Self-signed Certificate on Cisco ASA

Filtering Routes in BGP using Route-maps and Prefix-list

Open Shortest Path First (OSPF)

IKEv2 IPsec Site-to-Site VPN configuration on Cisco ASA 8.4(x)

IPsec VPN as a Backup for Point-to-Point Link using IP SLA

Border Gateway Protocol (BGP)

Bypassing Proxy Server in Google Chrome

Cisco ASA Active/Active Failover Configuration

Cisco ASA Active/Standby Failover Configuration