This is a simple introduction of the power of Ansible and how quickly you can be up and running configuring multiple hosts at once. We will install Ansible on Ubuntu, ping two cisco devnet routers and configure a Loopback Interface on both routers.
- Cisco Devnet Lab Routers.
- Ubuntu 20 running on Virtual Box
Install Ansible and Vim on Ubuntu
sudo apt update
sudo apt install vim
sudo apt install ansible
Remove host key check in Ansible
Open and edit with vi /etc/ansible/ansible.cfg
Remove comment(#) for Host Key Checking for ease of use as lab
#host_key_checking = False
sudo su -
cd /etc/ansible
vi ansible.cfg
Sign up to devnet to access Routers
Sign up for developer.cisco.com as a great resource and then navigate to https://devnetsandbox.cisco.com/RM/Topology and find both IOS XE Always on Routers. At the time of writing this they are located at
- Link: Devnet-Router1
- CSR1000v Host: sandbox-iosxe-latest-1.cisco.com
- SSH Port: 22
- NETCONF Port: 830
- gRPC Telemetry Port: 57500
- RESTCONF Port: 443 (HTTPS)
- Username: developer
- Password: C1sco12345
- Link: Devnet-Router2
- CSR1000V Host: sandbox-iosxe-recomm-1.cisco.com
- SSH Port: 22
- NETCONF Port: 830
- RESTCONF Ports: 443 (HTTPS)
- Username: developer
- Password: C1sco12345
Configure Ansible hosts file
Open to edit /etc/ansible/hosts with vi
root@macka-VirtualBox:/etc/ansible# vi hosts
Scroll down to bottom of file and add the below
[routers]
sandbox-iosxe-latest-1.cisco.com
sandbox-iosxe-recomm-1.cisco.com
[routers:vars]
ansible_user=developer
ansible_password=C1sco12345
ansible_connection=network_cli
ansible_network_os=ios
ansible_port=22
Test Ping to Routers
Using the ping module (-m ping) we are looking for a pong response
root@macka-VirtualBox:/etc/ansible# ansible routers -m ping
sandbox-iosxe-recomm-1.cisco.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
sandbox-iosxe-latest-1.cisco.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"ping": "pong"
}
root@macka-VirtualBox:/etc/ansible#
Ansible IOS command
Lets get “show ip interface brief” from each of the routers with one command!!!
ansible routers -m ios_command -a "commands='show ip int brief'"
root@macka-VirtualBox:/etc/ansible# ansible routers -m ios_command -a "commands='show ip int brief'"
sandbox-iosxe-recomm-1.cisco.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"stdout": [
"Interface IP-Address OK? Method Status Protocol\nGigabitEthernet1 10.10.20.48 YES NVRAM up up \nGigabitEthernet2 10.255.255.1 YES NVRAM down down \nGigabitEthernet3 10.10.10.10 YES NVRAM down down \nVirtualPortGroup0 192.168.1.1 YES NVRAM up up"
],
"stdout_lines": [
[
"Interface IP-Address OK? Method Status Protocol",
"GigabitEthernet1 10.10.20.48 YES NVRAM up up ",
"GigabitEthernet2 10.255.255.1 YES NVRAM down down ",
"GigabitEthernet3 10.10.10.10 YES NVRAM down down ",
"VirtualPortGroup0 192.168.1.1 YES NVRAM up up"
]
]
}
sandbox-iosxe-latest-1.cisco.com | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"stdout": [
"Interface IP-Address OK? Method Status Protocol\nGigabitEthernet1 10.10.20.48 YES NVRAM up up \nGigabitEthernet1.23 unassigned YES unset deleted down \nGigabitEthernet2 unassigned YES TFTP administratively down down \nGigabitEthernet2.1 unassigned YES unset administratively down down \nGigabitEthernet2.2 unassigned YES unset deleted down \nGigabitEthernet2.3 unassigned YES unset administratively down down \nGigabitEthernet3 unassigned YES NVRAM administratively down down"
],
"stdout_lines": [
[
"Interface IP-Address OK? Method Status Protocol",
"GigabitEthernet1 10.10.20.48 YES NVRAM up up ",
"GigabitEthernet1.23 unassigned YES unset deleted down ",
"GigabitEthernet2 unassigned YES TFTP administratively down down ",
"GigabitEthernet2.1 unassigned YES unset administratively down down ",
"GigabitEthernet2.2 unassigned YES unset deleted down ",
"GigabitEthernet2.3 unassigned YES unset administratively down down ",
"GigabitEthernet3 unassigned YES NVRAM administratively down down"
]
]
}
root@macka-VirtualBox:/etc/ansible#
Configure an interface using an Ansible playbook
Ansible playbooks are lists of tasks that automatically execute against hosts.
Lets configure a Loopback Interface on each of the routers.
Create loopback.yml file with vi and add in the below
---
- name: General Config
hosts: routers
tasks:
- name: Add loopback
ios_interface:
name: Loopback30
state: present
Run playbook to configure Loopback30 on both routers
root@macka-VirtualBox:/etc/ansible# ansible-playbook loopback.yml
[DEPRECATION WARNING]: ios_interface is kept for backwards compatibility but usage is discouraged. The module
documentation details page may explain more about this rationale.. This feature will be removed in a future release.
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
PLAY [General Config] *****************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************
[WARNING]: Ignoring timeout(10) for ios_facts
[WARNING]: Ignoring timeout(10) for ios_facts
[WARNING]: default value for `gather_subset` will be changed to `min` from `!config` v2.11 onwards
ok: [sandbox-iosxe-latest-1.cisco.com]
ok: [sandbox-iosxe-recomm-1.cisco.com]
TASK [Add loopback] *******************************************************************************************************
changed: [sandbox-iosxe-latest-1.cisco.com]
changed: [sandbox-iosxe-recomm-1.cisco.com]
PLAY RECAP ****************************************************************************************************************
sandbox-iosxe-latest-1.cisco.com : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
sandbox-iosxe-recomm-1.cisco.com : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@macka-VirtualBox:/etc/ansible#
If we check the show ip int brief now on the devices we will have Loopback30 configured!!
ios-xe-mgmt#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 10.10.20.48 YES NVRAM up up
GigabitEthernet2 10.255.255.1 YES NVRAM down down
GigabitEthernet3 10.10.10.10 YES NVRAM down down
Loopback30 unassigned YES unset up up
VirtualPortGroup0 192.168.1.1 YES NVRAM up up
ios-xe-mgmt#
csr1000v-1#show ip int brief
Interface IP-Address OK? Method Status Protocol
GigabitEthernet1 10.10.20.48 YES NVRAM up up
GigabitEthernet1.23 unassigned YES unset deleted down
GigabitEthernet2 unassigned YES TFTP administratively down down
GigabitEthernet2.1 unassigned YES unset administratively down down
GigabitEthernet2.2 unassigned YES unset deleted down
GigabitEthernet2.3 unassigned YES unset administratively down down
GigabitEthernet3 unassigned YES NVRAM administratively down down
Loopback30 unassigned YES unset up up
csr1000v-1#
You can view other playbooks at my github as I add them there
https://github.com/glennmccallum/Ansible