Category: Ansible

Most network automation presentations you can find on the Internet focus on configuration management, either to provision new boxes, or to provision new services, so it’s easy to assume that network automation is really a fancy new term for consistent device configuration management.

However, as I explained in the Network Automation 101 webinar, there’s so much more you can do and today I’d like to share a real-life example from Jaakko Rautanen, an alumni of my Building Network Automation Solutions online course.

Ansible network modules (at least in the way they’re implemented in Ansible releases 2.1 and 2.2) were one of the more confusing aspects of my Building Network Automation Solutions online course (and based on what I’m seeing on various chat sites we weren’t the only ones).

I wrote an in-depth explanation of how you’re supposed to be using them a while ago and now updated it with user authentication information.

Have you ever tried to navigate complex data structures within Ansible playbooks using awkward looping constructs and convoluted map filters?

It might be easier to munge the data structure into a more appropriate format first and then use the munged data in subsequent tasks. Wondering how to do it?

I got this tweet after publishing the “use Ansible to execute a single command on all routers” blog post (and a few similar comments on the blog post itself)

Or use Python, Netmiko and a simple For loop

I never cease to be amazed by the urge to do undifferentiated heavy lifting in the IT industry.

I was using Ansible playbooks to configure Cisco IOS routers running in VIRL and wanted to extract the router configurations before stopping the simulation.

You can download the playbooks from my Github repository, and here’s how you can run Ansible with VIRL.

Some of the engineers building Ansible-with-VIRL lab in my Building Network Automation Solutions online course experienced interesting challenges, so I made the how-to instructions more explicit and added a troubleshooting section to the Using Ansible Playbooks with Cisco VIRL document. Hope you’ll find them useful.

In the last few weeks I’ve seen numerous questions along the lines of “how do I manage VLANs on my switch with Ansible”. You can look at this question from two perspectives: the low-level details (which modules do I use, how do I push commands to the box…) or the high-level challenges (how do I make sure actual device state matches desired device state). Obviously I’m interested in the latter.

One of the engineers attending my Building Network Automation Solutions online course got the lab up and running, wanted to execute a simple IOS command from an Ansible playbook and failed.

He quickly realized he needs to set connection to local or network_cli; for more details watch the Connecting and Authenticating section of Ansible Networking Modules - Executing Commands part of Ansible for Networking Engineers webinar.

Ansible is great at capturing and using JSON-formatted data returned by REST API (or any other script or method it can invoke), but unfortunately some of us still have to deal with network devices that cannot even spell structured data or REST.

As I was trying to automate configuration deployment in a multi-router Cisco IOS lab, I got to a point where the only way of figuring out what was going on was to log commands on Cisco IOS devices. Not a big deal, but I hate logging into a dozen boxes and configuring the same few lines on all of them (or removing them afterwards).

Time for another playbook: this one can push one of many (configurable) configuration snippets to a group of Cisco IOS devices defined in an Ansible inventory file.

Interesting? Want to do something more complex? Join the Network Automation online course.

Over a month ago I decided to create a lab network to figure out how to solve an interesting Inter-AS MPLS/VPN routing challenge. Instead of configuring half a dozen routers I decided to develop a fully-automated deployment because it will make my life easier.

I finally got to a point where OSPF, LDP, BGP (IPv4 and VPNv4) and MPLS/VPN configurations are created, deployed and verified automatically.

While it’s relatively easy to create an Ansible inventory file to support a Vagrant-created virtual networking lab, it’s also utterly boring – a perfect job for an automation script. I’m positive there are a zillion solutions out there, but I decided to reinvent the wheel and get a bit of Python hands-on practice.

Most network automation tutorials out there assume you’re running Ansible on your workstation and accessing virtual machines via SSH ports mapped by Vagrant. That’s great if you’re an experienced Ansible/Python user; for a clunky beginner like myself it’s safer to run Ansible within a VM that can be destroyed and recreated in seconds.

I got several questions along the lines of “Do I need programming skills to attend the Building Network Automation Solutions course?”

Short answer: No.

Cisco VIRL is the ideal testing environment when you want to test your Ansible playbooks with various Cisco network operating systems (IOS, IOS XE, NX-OS or IOS XR). The “only” gotcha: how do you reach those devices from the outside world?

It was always possible to reach the management interface of devices running with VIRL, and it got even simpler with VIRL release 1.2.