Using Ansible for Network Automation

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone this is Jason Edelman ever take a quick look at leveraging ansible for networking I've written quite a bit about ansible giving some basic examples on ansible itself and some different things other folks are doing the community around their own danceable so here I want to I want to demo some some pre-built custom modules in ansible that I've created to help automate changes going forward on Cisco networking devices now here we have a small network set up three routers r1 r2 r3 there's some basic configuration on there left over from prior runs of this playbook but you can see here the host name is router 1 host name is router 2 host name is router 3 there's some other SNMP settings on here you know take a quick look at before we execute the playbook but you know it gives the router first and if we work out let's just take a look at you read-only community strings so we can see there's two community strings and this will be important as we go through the playbook but just take note of that we'll come back to a litter so if we dive into the ansible components here first we have a host file as I've written it out in the past these are the hosts divided up into groups however you want to divide them up here this is one basic group of the three routers that I just showed 10.1.1.1 10 120 or 130 and these are all put into the group called routers we're good if we look at our main ansible playbook that's titled net ang vff camel again hopefully tools like this become network engineers best friends and then everyone can live happily ever after ok all right but you know on a serious note here we have a single PlayBook with the single play with six tasks each task is manipulating a certain change on each of these network devices and if we go top-down these are pretty self-explanatory we're going to be ensuring the hostname is is you know certain defined parameter the start configuration right and so that you know this you release a ensure across the board because you know one key point that I want to make here is in these custom modules in the module name is hostname here the module name is enable secret and it's Nikki contact these modules will not make a change to the device and they will not execute commands if the device is already in the desired state so if the desired state has the hostname equal to X and it already is X the change will not be issued so I should say that's the majority of them here for example enable secret meant to be able to read the md5 hash and then decipher what that is so for our case here today enable secret is actually being issued every time were there the ones there are some more enough to go you know to go and gather the configuration analyze it and only make the change if the device is not in the desired states that we want to want that to be in so you know we can look here and some of these some of these modules for example if you look at update SNMP contact count SNP compact is the module and we're sending SNMP contact to key value pairs the first key value pair is contact and then my name so contact is the key Jason Edelman is the value and then device inventory or host name is the second key value pair now one important point to remember is inventory hostname is an ansible pre-built valuable or you know built into this system itself where inventory hostname is the name of the host coming from the host file so here the inventory host name is just the IP address during each run here and we're pulling in the IP use from the host in here if it was a name then it would be a name right but and one other key point here host name equals new host name is also a key-value pair but new hostname is a variable and these are stored in the host valuable files within ansible so as a quick look taking a look at look at router 1 at 10.1.1.1 10 has a single variable called new host name and this is this is what we want the new host name of router want to be ok and r2 and r3 have similar files as well to have their host specific variables where everything else is a standard so if you consider this as 3 router some on you know across the win we want everything to be the same you know accepts the host name so if we dive into the playbook here we can execute a playbook ansible - playbook and call the playbook name and then we're going to include the - v to see the detailed output and that's just being returns back to us during execution so each each task takes roughly five to six seconds because again I'm using one PK in the back end and one PK this takes longer than you know I would like to connect to the device you know if it was net cost something like that that's at stateless and that that would be a lot quicker to connect to device what we can see here host names are being changed so something is being changed whenever this is in yellow amber color right so we can see the new host name of the device we can look at contact and location these are green so we can see here these changed or false so nothing is being changed here and I'm returning the message no change required already set so we're not trying to execute a change hunting device if it's already in the desired State that's that's a very important piece to understand about ansible so again read-only strings rewrite strings all of these are ready in the desired States all right so we can look at - changed over all six okay and the two that changed we're host names and enable secret if you want for kick just to prove it out we had router one here press ENTER you know we see we see the new host name there if we do a show run pipe include read-only you see those two community strings that were there previously so if you look at read-only as an example let's creates let's create a new read-only storing of Cola ansible and remove existing let's say we have the option now to remove the existing so let's say remove the existing yes let's save that file it's the only change we're going to make right now let's go back to execute the playbook and that should be good plus execute it and again so each time this task is executed it's going out simultaneously to connect to three devices at once so again from a scalability perspective so we have three devices and it's taking about five seconds to connect to each one it's about five seconds per task that's only because it's 1pk in the backend if it was something else this will likely be quicker than it is but you know we're making six changes times three devices about eighteen changes in about 45 seconds which is still pretty you know pretty darn good so we're back to the rebuilding community strings here give it a few seconds here and it's actually returning the existing that we're already there but we can see in our message here remove the existing entries and then added new entry right so if we go back to the device router one the nice thing here is remove the previous ones you have the new community string called ansible for for read-only interactions to the device and we can do the same thing with free to write we can do remove existing yes or no add the strings here right so in the goal here was to show what can be done with networking with a with an open source flexible and scalable platform and yeah these are you know six very small custom modules and but your modules can be built for just about anything using any API in the backend as well so hopefully this this helps show it's possible Quetzal and until next time

Info

Channel: Jason Edelman

Views: 29,015

Rating: 4.8692808 out of 5

Keywords: automation, ansible, cisco, onepk

Id: 7FphWEFQbac

Channel Id: undefined

Length: 9min 11sec (551 seconds)

Published: Sun May 18 2014