DO457 - ch06s03

Preface A: Introduction

Section A.1: Red Hat Ansible for Network Automation

Section A.2: Orientation to the Classroom Environment

Chapter 1: Deploying Ansible

Section 1.1: Preparing to Install Ansible

Section 1.2: Orientation to Lab Activities

Section 1.3: Installing Ansible

Section 1.4: Guided Exercise: Installing Ansible on the Control Node

Section 1.5: Guided Exercise: Identifying Resources for Installed Plug-ins

Section 1.6: Defining Ansible's Scope

Section 1.7: Creating Ansible Inventories

Section 1.8: Guided Exercise: Creating Host Inventories

Section 1.9: Configuring Ansible

Section 1.10: Guided Exercise: Configuring Ansible

Section 1.11: Lab: Deploying Ansible

Chapter 2: Running Commands and Plays

Section 2.1: Executing Ad Hoc Commands

Section 2.2: Guided Exercise: Executing Ad Hoc Commands

Section 2.3: Preparing Ansible Playbooks

Section 2.4: Guided Exercise: Converting an Ad Hoc Command to a Play

Section 2.5: Building a Play with Multiple Tasks

Section 2.6: Guided Exercise: Building a Play with Multiple Tasks

Section 2.7: Composing Playbooks with Multiple Plays

Section 2.8: Guided Exercise: Composing Playbooks with Multiple Plays

Section 2.9: Lab: Running Commands and Plays

Chapter 3: Parameterizing Automation

Section 3.1: Defining Variables

Section 3.2: Guided Exercise: Defining and Using Variables

Section 3.3: Controlling Tasks with Loops and Conditions

Section 3.4: Guided Exercise: Controlling Tasks with Loops and Conditions

Section 3.5: Transforming Variable Data with Filters

Section 3.6: Guided Exercise: Looping Over a Filtered List

Section 3.7: Working with Roles

Section 3.8: Guided Exercise: Creating and Using Roles

Section 3.9: Customizing Data with Jinja2 Templates

Section 3.10: Guided Exercise: Generating Config Statements with Jinja2

Section 3.11: Lab: Parameterizing Automation

Chapter 4: Administering Ansible

Section 4.1: Ansible in the Enterprise

Section 4.2: Safeguarding Sensitive Data with Ansible Vault

Section 4.3: Guided Exercise: Safeguarding Sensitive Data with Ansible Vault

Section 4.4: Running Plays with Encrypted Data

Section 4.5: Guided Exercise: Running Plays with Encrypted Data

Section 4.6: Protecting Resources with Ansible Vault

Section 4.7: Guided Exercise: Protecting Resources with Ansible Vault

Section 4.8: Creating Inventories Using YAML

Section 4.9: Guided Exercise: Creating Inventories Using YAML

Section 4.10: Generating and Using Dynamic Inventories

Section 4.11: Guided Exercise: Generating and Using Dynamic Inventories

Section 4.12: Centrally Running Ansible with Red Hat Ansible Tower

Section 4.13: Guided Exercise: Navigating the Red Hat Ansible Tower Web Interface

Section 4.14: Guided Exercise: Creating Inventories in Red Hat Ansible Tower

Section 4.15: Lab: Administering Ansible

Chapter 5: Automating Simple Network Operations

Section 5.1: Gathering Network Information with Ansible

Section 5.2: Guided Exercise: Gathering Facts

Section 5.3: Guided Exercise: Viewing System Settings

Section 5.4: Configuring Network Devices

Section 5.5: Guided Exercise: Backing Up Network Device Configurations

Section 5.6: Configuring the Host Name

Section 5.7: Guided Exercise: Configuring the Host Name

Section 5.8: Configuring System Settings

Section 5.9: Guided Exercise: Configuring System Settings

Section 5.10: Generating Configuration Settings from Jinja2 Templates

Section 5.11: Guided Exercise: Configuring From Templates

Section 5.12: Guided Exercise: Configuring Settings From Templates

Section 5.13: Enabling and Disabling Interfaces

Section 5.14: Guided Exercise: Bouncing an Interface

Section 5.15: Guided Exercise: Bouncing Specified IOS Interfaces

Section 5.16: Reinitializing Layer 3 Interfaces

Section 5.17: Guided Exercise: Reinitializing Layer 3 on VyOS Devices

Section 5.18: Provisioning the Start-up Network

Section 5.19: Guided Exercise: Provisioning the Start-up Network

Section 5.20: Provisioning Spine and Leaf Devices

Section 5.21: Guided Exercise: Provisioning Spine and Leaf Devices

Section 5.22: Setting Parameters with Ansible Tower Surveys

Section 5.23: Guided Exercise: Setting Parameters with Ansible Tower Surveys

Section 5.24: Lab: Automating Simple Network Operations

Chapter 6: Automating Complex Network Operations

Section 6.1: Aggregating Logged Events to Syslog

Section 6.2: Guided Exercise: Aggregating Logged Events to Syslog

SectionSection 6.3: Managing Access Control Lists on IOS

Section 6.4: Guided Exercise: Managing Access Control Lists on IOS

Section 6.5: Enabling SNMP

Section 6.6: Guided Exercise: Enabling SNMP

Section 6.7: Overcoming Real-world Challenges

Section 6.8: Guided Exercise: Provisioning the Consolidation Network

Section 6.9: Implementing Dynamic Routing with OSPF

Section 6.10: Guided Exercise: Implementing Dynamic Routing with OSPF

Section 6.11: Guided Exercise: Verifying End-to-End Reachability

Section 6.12: Implementing OSPF with Multiple Autonomous Systems

Section 6.13: Guided Exercise: Provisioning the Break Up Network

Section 6.14: Implementing Dynamic Routing with EBGP

Section 6.15: Guided Exercise: Implementing Dynamic Routing with EBGP

Section 6.16: Upgrading the Network

Section 6.17: Guided Exercise: Upgrading VyOS

Section 6.18: Lab: Automating Complex Operations

Chapter 7: Comprehensive Review

Section 7.1: Comprehensive Review

Section 7.2: Lab: Deploying Ansible

Section 7.3: Lab: Executing Commands and Plays

Section 7.4: Lab: Parameterizing Automation

Section 7.5: Lab: Administering Automation

Section 7.6: Lab: Automating Simple Network Operations

Section 7.7: Lab: Automating Complex Network Operations

Appendix A: Table of Lab Network Hosts and Groups

Appendix B: Connection and Authentication Variables

Appendix C: Editing Files with Vim

Section C.1: Guided Exercise: Editing Files with Vim

Appendix D: IOS Minimal Management Configuration

Section D.1: Restoring IOS Configuration Settings

Appendix E: Layer 3 Addresses for Lab Network

Appendix F: Ansible Variable Types

Section F.1: Ansible Variable Types and Precedence

Appendix G: Changing the Screen Resolution

Section G.1: Changing the Screen Resolution

Bookmark this page

P 1 2 3 4 5 6 7 A A A A A A A

Managing Access Control Lists on IOS

Objectives

After completing this section, you should be able to create an ACL on a Cisco IOS device.

Managing Access Control Lists (ACLs)

On IOS devices, ACLs are used to control access to services.

This playbook creates a MGMT-ACCESS ACL, which can then be associated with SNMP or SSH, for instance.

---
- name: A play that creates a management access ACL
  hosts: ios
  gather_facts: no

  tasks:
    - name: create a standard ACL
      ios_config:
        lines:
          # each of the following two items consist of a single line
          # with no line breaks
          - 10 permit {{ workstation_ipv4 | ipaddr('address') }} {{ workstation_ipv4 | ipaddr('wildcard') }} log
          - 20 permit {{ tower_ipv4 | ipaddr('address') }} {{ tower_ipv4 | ipaddr('wildcard') }} log
        parents: ["access-list standard 1"]
        before: ["no access-list standard 1"]
        match: exact

Discuss Red Hat Ansible for Network Automation

Go to community

Welcome to the Red Hat Ansible for Network Automation (DO457) group!

Syed

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat Ansible for Network Automation! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO457.Read more about Red Hat Ansible for Network Automation here.

7

8

3120

Revision: do457-2.5-4693601