Ansible Archives - GMBYTES https://gmbytes.com/category/ansible/ Glenn McCallum Tech Bytes Thu, 19 Aug 2021 13:21:51 +0000 en-US hourly 1 https://gmbytes.com/wp-content/uploads/2021/08/cropped-android-chrome-512x512-1-32x32.png Ansible Archives - GMBYTES https://gmbytes.com/category/ansible/ 32 32 Ansible backup Cisco Configuration https://gmbytes.com/ansible-backup-cisco-configuration/ https://gmbytes.com/ansible-backup-cisco-configuration/#respond Sun, 15 Aug 2021 07:10:18 +0000 https://gmbytes.com/?p=180 Quick byte on how to backup a Cisco running-configuration using ansible. Please refer to earlier post about setting up ansible...

continue reading »

The post Ansible backup Cisco Configuration appeared first on GMBYTES.

]]> Quick byte on how to backup a Cisco running-configuration using ansible.

Please refer to earlier post about setting up ansible and using devnet routers as example to use as test lab for our playbooks.

Create Playbook

Create a new playbook named backup_config.yml and add in the following

---

- hosts: routers
  gather_facts: no
  connection: network_cli

  tasks:

  - name: BACKUP RUNNING CONFIG
    ios_config:
      backup: yes

The above will backup the hosts under “routers” we added previously in other post.

Run the playbook

Running the playbook backup_config.yml

root@macka-VirtualBox:/etc/ansible# ansible-playbook backup_config.yml 

PLAY [routers] ************************************************************************************************************

TASK [BACKUP RUNNING CONFIG] **********************************************************************************************
changed: [sandbox-iosxe-latest-1.cisco.com]
fatal: [sandbox-iosxe-recomm-1.cisco.com]: FAILED! => {"changed": false, "msg": "Error reading SSH protocol banner[Errno 104] Connection reset by peer"}

PLAY RECAP ****************************************************************************************************************
sandbox-iosxe-latest-1.cisco.com : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
sandbox-iosxe-recomm-1.cisco.com : ok=0    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   

root@macka-VirtualBox:/etc/ansible#

We actually see that one device completed successfully and the other failed (router was offline at the time)

Check the backups

By default backups are stored in backups directory

root@macka-VirtualBox:/etc/ansible# cd backup/
root@macka-VirtualBox:/etc/ansible/backup# ls -al
total 20
drwxr-xr-x 2 root root 4096 Aug 15 16:53 .
drwxr-xr-x 4 root root 4096 Aug 14 22:52 ..
-rw-r--r-- 1 root root 9822 Aug 15 16:53 sandbox-iosxe-latest-1.cisco.com_config.2021-08-15@16:53:25
root@macka-VirtualBox:/etc/ansible/backup#

Yml file can be downloaded from
https://github.com/glennmccallum/Ansible

The post Ansible backup Cisco Configuration appeared first on GMBYTES.

]]> https://gmbytes.com/ansible-backup-cisco-configuration/feed/ 0 Ansible Cisco IOS Commands https://gmbytes.com/ansible-cisco-ios-commands/ https://gmbytes.com/ansible-cisco-ios-commands/#respond Thu, 12 Aug 2021 12:16:26 +0000 http://gmbytes.com/?p=92 This is a simple introduction of the power of Ansible and how quickly you can be up and running configuring...

continue reading »

The post Ansible Cisco IOS Commands appeared first on GMBYTES.

]]> This is a simple introduction of the power of Ansible and how quickly you can be up and running configuring multiple hosts at once. We will install Ansible on Ubuntu, ping two cisco devnet routers and configure a Loopback Interface on both routers.

  • Cisco Devnet Lab Routers.
  • Ubuntu 20 running on Virtual Box

Install Ansible and Vim on Ubuntu

sudo apt update
sudo apt install vim
sudo apt install ansible

Remove host key check in Ansible

Open and edit with vi /etc/ansible/ansible.cfg
Remove comment(#) for Host Key Checking for ease of use as lab
#host_key_checking = False

sudo su - 
cd /etc/ansible
vi ansible.cfg

Sign up to devnet to access Routers

Sign up for developer.cisco.com as a great resource and then navigate to https://devnetsandbox.cisco.com/RM/Topology and find both IOS XE Always on Routers. At the time of writing this they are located at

  • Link: Devnet-Router1
  • CSR1000v Host: sandbox-iosxe-latest-1.cisco.com
    • SSH Port: 22
    • NETCONF Port: 830
    • gRPC Telemetry Port: 57500
    • RESTCONF Port: 443 (HTTPS)
  • Username: developer
  • Password: C1sco12345

  • Link: Devnet-Router2
  • CSR1000V Host: sandbox-iosxe-recomm-1.cisco.com
    • SSH Port: 22
    • NETCONF Port: 830
    • RESTCONF Ports: 443 (HTTPS)
  • Username: developer
  • Password: C1sco12345

Configure Ansible hosts file

Open to edit /etc/ansible/hosts with vi

root@macka-VirtualBox:/etc/ansible# vi hosts

Scroll down to bottom of file and add the below

[routers]

sandbox-iosxe-latest-1.cisco.com
sandbox-iosxe-recomm-1.cisco.com

[routers:vars]

ansible_user=developer
ansible_password=C1sco12345
ansible_connection=network_cli
ansible_network_os=ios
ansible_port=22

Test Ping to Routers

Using the ping module (-m ping) we are looking for a pong response

root@macka-VirtualBox:/etc/ansible# ansible routers -m ping
sandbox-iosxe-recomm-1.cisco.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
sandbox-iosxe-latest-1.cisco.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "ping": "pong"
}
root@macka-VirtualBox:/etc/ansible#

Ansible IOS command

Lets get “show ip interface brief” from each of the routers with one command!!!

ansible routers -m ios_command -a "commands='show ip int brief'"
root@macka-VirtualBox:/etc/ansible# ansible routers -m ios_command -a "commands='show ip int brief'"
sandbox-iosxe-recomm-1.cisco.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "stdout": [
        "Interface              IP-Address      OK? Method Status                Protocol\nGigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      \nGigabitEthernet2       10.255.255.1    YES NVRAM  down                  down    \nGigabitEthernet3       10.10.10.10     YES NVRAM  down                  down    \nVirtualPortGroup0      192.168.1.1     YES NVRAM  up                    up"
    ],
    "stdout_lines": [
        [
            "Interface              IP-Address      OK? Method Status                Protocol",
            "GigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      ",
            "GigabitEthernet2       10.255.255.1    YES NVRAM  down                  down    ",
            "GigabitEthernet3       10.10.10.10     YES NVRAM  down                  down    ",
            "VirtualPortGroup0      192.168.1.1     YES NVRAM  up                    up"
        ]
    ]
}
sandbox-iosxe-latest-1.cisco.com | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python3"
    },
    "changed": false,
    "stdout": [
        "Interface              IP-Address      OK? Method Status                Protocol\nGigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      \nGigabitEthernet1.23    unassigned      YES unset  deleted               down    \nGigabitEthernet2       unassigned      YES TFTP   administratively down down    \nGigabitEthernet2.1     unassigned      YES unset  administratively down down    \nGigabitEthernet2.2     unassigned      YES unset  deleted               down    \nGigabitEthernet2.3     unassigned      YES unset  administratively down down    \nGigabitEthernet3       unassigned      YES NVRAM  administratively down down"
    ],
    "stdout_lines": [
        [
            "Interface              IP-Address      OK? Method Status                Protocol",
            "GigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      ",
            "GigabitEthernet1.23    unassigned      YES unset  deleted               down    ",
            "GigabitEthernet2       unassigned      YES TFTP   administratively down down    ",
            "GigabitEthernet2.1     unassigned      YES unset  administratively down down    ",
            "GigabitEthernet2.2     unassigned      YES unset  deleted               down    ",
            "GigabitEthernet2.3     unassigned      YES unset  administratively down down    ",
            "GigabitEthernet3       unassigned      YES NVRAM  administratively down down"
        ]
    ]
}
root@macka-VirtualBox:/etc/ansible#

Configure an interface using an Ansible playbook

Ansible playbooks are lists of tasks that automatically execute against hosts.
Lets configure a Loopback Interface on each of the routers.

Create loopback.yml file with vi and add in the below

---

- name: General Config

  hosts: routers

  tasks:

  - name: Add loopback

    ios_interface:
      name: Loopback30
      state: present

Run playbook to configure Loopback30 on both routers

root@macka-VirtualBox:/etc/ansible# ansible-playbook loopback.yml 
[DEPRECATION WARNING]: ios_interface is kept for backwards compatibility but usage is discouraged. The module 
documentation details page may explain more about this rationale.. This feature will be removed in a future release. 
Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY [General Config] *****************************************************************************************************

TASK [Gathering Facts] ****************************************************************************************************
[WARNING]: Ignoring timeout(10) for ios_facts
[WARNING]: Ignoring timeout(10) for ios_facts
[WARNING]: default value for `gather_subset` will be changed to `min` from `!config` v2.11 onwards
ok: [sandbox-iosxe-latest-1.cisco.com]
ok: [sandbox-iosxe-recomm-1.cisco.com]

TASK [Add loopback] *******************************************************************************************************
changed: [sandbox-iosxe-latest-1.cisco.com]
changed: [sandbox-iosxe-recomm-1.cisco.com]

PLAY RECAP ****************************************************************************************************************
sandbox-iosxe-latest-1.cisco.com : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
sandbox-iosxe-recomm-1.cisco.com : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

root@macka-VirtualBox:/etc/ansible#

If we check the show ip int brief now on the devices we will have Loopback30 configured!!

ios-xe-mgmt#show ip int brief
Interface              IP-Address      OK? Method Status                Protocol
GigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      
GigabitEthernet2       10.255.255.1    YES NVRAM  down                  down    
GigabitEthernet3       10.10.10.10     YES NVRAM  down                  down    
Loopback30             unassigned      YES unset  up                    up      
VirtualPortGroup0      192.168.1.1     YES NVRAM  up                    up      
ios-xe-mgmt#
csr1000v-1#show ip int brief
Interface              IP-Address      OK? Method Status                Protocol
GigabitEthernet1       10.10.20.48     YES NVRAM  up                    up      
GigabitEthernet1.23    unassigned      YES unset  deleted               down    
GigabitEthernet2       unassigned      YES TFTP   administratively down down    
GigabitEthernet2.1     unassigned      YES unset  administratively down down    
GigabitEthernet2.2     unassigned      YES unset  deleted               down    
GigabitEthernet2.3     unassigned      YES unset  administratively down down    
GigabitEthernet3       unassigned      YES NVRAM  administratively down down    
Loopback30             unassigned      YES unset  up                    up      
csr1000v-1#

You can view other playbooks at my github as I add them there
https://github.com/glennmccallum/Ansible

The post Ansible Cisco IOS Commands appeared first on GMBYTES.

]]> https://gmbytes.com/ansible-cisco-ios-commands/feed/ 0