DO457 - ch02s09

This exercise assumes you know how to set the value of variables to support connection and authentication, as described in the Sectionthe section called “Lab: Running Commands and Plays” exercise.

Open a terminal window on the workstation VM and change to your ~/proj/ directory. The ~/proj/ directory should contain a suitable hosts inventory file. It should also include group variables files under group_vars/ that set variables that play key roles in connecting and authenticating to remote hosts:

ansible_connection: network_cli in group_vars/network
ansible_network_os: vyos and ansible_user: vyos in group_vars/vyos
ansible_network_os: ios, ansible_user: admin in group_vars/ios

The SSH password for the cs01 device is student.

Procedure 2.3. Instructions

Execute ad hoc commands to find out if the utility and tower machines are reachable from cs01. The IPv4 addresses of utility and tower are 172.25.250.8 and 172.25.250.9. Hint: cs01 is an IOS device, so investigate the ios_ping module.
[student@workstation ~]$ ansible -m ios_ping -a "dest=172.25.250.8" cs01 SSH password: student ...output omitted... [student@workstation ~]$ ansible -m ios_ping -a "dest=172.25.250.9" cs01 SSH password: student ...output omitted...

Create a playbook in your Ansible project directory, named iosping2.yml, that does what you did with ad hoc commands in the previous step.

Create a file named iosping2.yml with content similar to the following:

---
- name: A reachability test
  hosts: cs01

  tasks:

  - name: Test reachability to 172.25.250.8
    ios_ping:
      dest: 172.25.250.8

  - name: Test reachability to 172.25.250.9
    ios_ping:
      dest: 172.25.250.9

Run the play in your playbook using the ansible-playbook command. Provide student when prompted for a password.
[student@workstation proj]$ ansible-playbook iosping2.yml SSH password: student ...output omitted...

Create a playbook that checks key system indicators, but for all devices on the network. What are “key system indicators?” They are the commands that you would use on the command line of a network device to check its health status. All of those can be automated as tasks within Ansible Playbooks. Most can probably be executed remotely as an Ansible ad hoc command. For convenience and as an illustration, it is suggested to display at least the host name, uptime, domain name, and system time. Use the vyos_pass and ios_pass extra command-line variables method, as shown earlier in this document, to set the ansible_pass variable to different values.

Create a file named multi-vendor-syscheck.yml with content similar to the following:

---
- name: back up config and inspect health on vyos
  hosts: vyos
  vars:
    ansible_password: "{{ vyos_pass }}"

  tasks:

  - name: backup config
    vyos_command:
      commands:
      - sh host name
      - sh system uptime
      - sh host domain
      - sh host date
      - sh host os
    register: results

  - name: show results
    debug:
      var: results.stdout

- name: back up config and inspect health on ios
  hosts: ios
  vars:
    ansible_password: "{{ ios_pass }}"

  tasks:

    - name: backup config
      ios_config:
        backup: yes

    - name: look at system elements
      ios_command:
        commands:
        - sh ver | include uptime
        - sh ip domain
        - sh clock
        - sh ip name-server
      register: results

    - name: show results
      debug:
        var: results.stdout

Run the play in your playbook using the ansible-playbook command.

[student@workstation ~]$ ansible-playbook \
> -e 'vyos_pass=vyos ios_pass=student' multi-vendor-syscheck.yml
SSH password: anything
...output omitted...

This concludes the lab.

Discuss Red Hat Ansible for Network Automation

Go to community

Welcome to the Red Hat Ansible for Network Automation (DO457) group!

Syed

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Ansible for Network Automation! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO457.Read more about Red Hat Ansible for Network Automation here.

3120

Revision: do457-2.5-4693601