{"id":115340,"date":"2020-07-13T15:31:21","date_gmt":"2020-07-13T15:31:21","guid":{"rendered":"https:\/\/fedoramagazine.org\/?p=31280"},"modified":"2020-07-13T15:31:21","modified_gmt":"2020-07-13T15:31:21","slug":"automating-network-devices-with-ansible","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2020\/07\/13\/automating-network-devices-with-ansible\/","title":{"rendered":"Automating Network Devices with Ansible"},"content":{"rendered":"

Ansible is a great automation tool for system and network engineers, with Ansible we can automate small network to a large scale enterprise network. I have been using Ansible to automate both Aruba, and Cisco switches from my Fedora powered laptops for a couple of years. This article covers the requirements and executing a couple of playbooks.<\/p>\n

<\/span> <\/p>\n

Configuring Ansible<\/h2>\n

If Ansible is not installed, it can be installed using the command below<\/p>\n

$ sudo dnf -y install ansible<\/pre>\n
Once installed, create a folder in your home directory or a directory of your preference and copy the ansible configuration file. For this demonstration, I will be using the following.<\/p>\n
$ mkdir -pv \/home\/$USER\/network_automation\n$ sudo cp -v \/etc\/ansible.cfg \/home\/$USER\/network_automation\n$ cd \/home\/$USER\/network_automation\n$ sudo chown $USER.$USER && chmod 0600 ansible.cfg<\/pre>\n
To prevent lengthy commands from failing, edit the ansible.cfg and append the following lines. We must add the persistent connection and set the desired time in seconds for the command_timeout<\/em> as demonstrated below. A use case where this is useful is when you are performing backups of a network device that has a lengthy configuration.<\/p>\n
$ vim ansible.cfg\n[persistent_connection]\ncommand_timeout = 300\nconnection_timeout = 30<\/pre>\n
Requirements<\/h3>\n
If SELinux is enabled, you will need to install SELinux binding, which is required when using the copy module.<\/p>\n
# Install SELinux bindings\ndnf -y install python3-libselinux python3-libsemanage<\/pre>\n
Creating the inventory<\/h3>\n
The inventory holds the names of the network assets, and grouping of the assets are in square brackets []<\/em>, below is a  sample inventory.<\/p>\n
[site_a]\nCore_A ansible_host=192.168.122.200\nDistro_A ansible_host=192.168.122.201\nDistro_B ansible_host=192.168.122.202<\/pre>\n
\n
Group vars can be used to address the common variables, for example, credentials, network operating system, and so on. Ansible document on inventory<\/a> provides additional details.<\/p>\n<\/div>\n
Playbook<\/h2>\n
\n
\n
Playbooks are Ansible\u2019s configuration, deployment, and orchestration language. They can describe a policy you want your remote systems to enforce, or a set of steps in a general IT process.
\nAnsible Playbook<\/a><\/p>\n<\/blockquote>\n<\/div>\n
Read Operations<\/h3>\n
\n
Let us create a simple playbook to run a show command to read the configuration on a few switches.<\/p>\n
 
  1 ---
\n  2 - name: Basic Playbook
\n  3   hosts: site_a
\n  4   connection: local
\n  5 
\n  6   tasks:
\n  7   - name: Get Interface Brief
\n  8     ios_command:
\n  9       commands:
\n 10         - show ip interface brief | e una
\n 11     register: interfaces
\n 12 
\n 13   - name: Print results
\n 14     debug:
\n 15       msg: "{{ interfaces.stdout[0] }}<\/div><\/div> <\/pre>\n
\"Without<\/figure>\n<\/p>\n
\"With<\/figure>\n<\/p>\n
The above images show the differences without and with the debug module respectively.<\/p>\n
Let’s break the playbook into three blocks, starting with lines 1 to 4.<\/p>\n