Automating Networks with Ansible – Part 2

Getting Started with Ansible

Ansible doesn’t have a steep learning curve and it doesn’t require any sort of programming background to use. You can begin running commands against your network inventory in no time at all. And I can prove it!

This is all using network devices as examples, but it’s all general Ansible stuff that we’ll be doing. This next section will overview how to start using Ansible. Download and install it, make an inventory, and then run a playbook against your network — in less than five minute!

Step One: Installing Ansible and Git

Along with Ansible. we’ll be using Git. Git is a version control system. We will use it as a code repository for storing and controlling access to our network automation playbooks.

Fedora
dnf install ansible git

CentOS/RHEL
yum install ansible git

Mac/PIP
pip install ansible

Ubuntu
apt update
apt install software-properties-common
apt-add-repository --yes --update ppa:ansible/ansible
apt install ansible
apt install git

After installation, verify that you can run Ansible:
ansible --version

Full download/install instructions can be found here:
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html

Step Two: Create an Inventory

Now that we have Ansible installed, let’s create our inventory that Ansible will use to connect to our hosts. To keep it simple, let’s just start with a small INI file and a few test devices with OS they’re running.

Name this file inventory:

[all]
hostname_fqdn ansible_network_os=ios ansible_username=<username> ansible_password=<password>
hostname_fqdn ansible_network_os=nxos ansible_username=<username> ansible_password=<password>

In the host file you create, you’ll have one inventory host per line that defines these variables needed for Ansible to run:
ansible_hostname = hostname_fqdn
ansible_network_os
= ios/nxos
ansible_username
ansible_password

With Ansible installed, and with our inventory setup with the username, password, and host OS, we’re ready to run something!

The full list of network OS’ can be found here: https://github.com/ansible/ansible/blob/devel/docs/docsite/rst/network/user_guide/platform_index.rst

Verify: Ansible Installed and Inventory Created

At this point you, you should be able to run Ansible, and you should have an inventory file:

ansible --version
file inventory

Now, we need something to run! Since our goal is to begin managing our network devices, then the perfect place to start is at Fact Collection.

In Ansible, facts are useful variables about remote hosts that can be used in playbooks. And variables are how you deal with differences between systems. Facts are information derived from speaking with remote devices/systems.

An example of this might be the IP address of the remote device, or perhaps an interface status or the device model number. Regardless, this means that we can run any command, save that output as a fact, and do something with it…

For instance, we can run a command like show version, and use the output to identify the firmware version. Beyond that, the possibilities are limitless! We can use any device information we can get our hands on.

Step Three: Run a Playbook

To get us started with fact collection, here’s a Git repo with my Ansible playbooks I use to gather facts and configs on all of my random network devices:
https://github.com/harrytruman/facts-machine

Before we can use it, we need to clone this repo somewhere for Ansible to run it:

git clone https://github.com/harrytruman/facts-machine

This will create a directory called facts-machine. Within that repo, I have my Ansible config (ansible.cfg) set to look for either an inventory file or directory called “inventory.” Keep it simple.

Move your inventory into this that directory, and run the fact collection playbook!

cp inventory facts-machine
ansible-playbook -i inventory facts.yml

This will run a playbook that will gather device info — and the full running config for every device in your inventory. This role will connect to these devices:

# ansible_network_os:
eos
ios
iosxr
nxos
aruba
aireos
f5-os
fortimgr
unos
paloalto
vyos

Every Config…from Every Device!

In one felt swoop, you suddenly have a backup of every network config…from every device!

ansible_facts:
  ansible_net_api: cliconf
  ansible_net_fqdn: rtr1
  ansible_net_gather_subset:
  - all
  ansible_net_hostname: rtr1
  ansible_net_image: flash:EOS.swi
  ansible_net_model: vEOS
  ansible_net_python_version: 2.7.5
  ansible_net_serialnum: D00E130991A37B49F970714D8CCF7FCB
  ansible_net_system: eos
  ansible_net_version: 4.22.0F
  ansible_network_resources:
    interfaces:
    - enabled: true
      name: Ethernet1
      mtu: 1476
    - enabled: true
      name: Loopback0
  Etc… etc… etc…

One thought on “Automating Networks with Ansible – Part 2

Leave a Reply

Your email address will not be published. Required fields are marked *