- TP 1: Manage Cisco IOS configuration with Ansible
- TP 2: Manage Vyos configuration with Ansible
- TP 3: Manage Cisco / Vyos configuration in more complex data model with Ansible
To gain full understanding of Ansible, I recommend doing Training Course for Ansible Network Automation (git clone and open the html in deck folder).
To have a quick overview read this article and those slides.
For these exercises, the simple structure already given along with the documentations linked below is enough to start.
Go to the Setup section first to prepare the tooling before starting the exercices
-
Open the gns3project located in the ansible-tp1 folder.
-
Obtain the administration IP for the two routers (show ip interfaces brief)
-
Complete the file inventory.txt with the extracted values
-
Launch the ansible-monitor.sh file. What is happening ? What is the goal of this execution (read the file roles/ping/tasks/main.yml) ?
-
Use the ansible.sh script or read its content to have the command to launch Ansible. What is happening ? Read the playbook-apply.yml and explain the sequence of actions occuring (explain the differents roles / actions inside each role )
-
Relaunch the ansible-monitor.sh to confirm the proper configuration.
PS: Inside the roles interfaces is an example with basic from 1 to 5 to show how can we have one task do the same but with different level of modularity and reuse (main.yml is the good one and used by the role)
-
Open the gns3project located in the ansible-tp2 folder
-
Bootstrap the devices with the configuration below. Modify the inventory.txt with the IPs shown at the end.
-
The exercise is the same as exercise but with the topology 2:
- Answer the same questions and use the same steps that in TP1
- Read the roles to see how they have been modified for Vyos.
- See how the data model is structured compared to TP1.
Download and open the file gns3project
The goal of this part is to fulfill the roles and data model to configure the topology shown on the diagram.
The objective is to give the proctor the zip containing the ansible-tp3 working as asked. This course scoring will be based on the successful run of this playbook and on the comments done inline the code to explain the roles / playbook / vars put in place
-
Direct Download for VM/Client: Github Release page Download a client version >= 2.2 corresponding to your OS and the recommended VM (VMWare). Use VirtualBox if you must.
-
Follow up the installation documentation for the VM and the gui client installation GNS3 VM until the "New Appliance Template" step. Skip this one.
-
When you run the VM, an IP is show to indicate where you can contact the GNS3 Server. Configure the GUI client with this information:
-
Import this portable Images Project from the main menu to have the images ready to use for the labs.
-
Try to launch both routers (right click on them-> Start). You connect on the console with (right click -> Console) to connect to them.
-
If you have an error regarding "IOU is not executable" please log on the GNS3 VM Shell (option 3) and type:
sudo su loadkey fr chmod +x /opt/gns3/images/IOU/*.bin
-
If you have an error regarding KVM, please ensure that hypervisor capabilites are actived on your VMWare sofware in your VM options (VT-x)
-
If you have an error regarding License error for IOU, open this link and copy the license under GNS3 Gui Client "IOS on Unix"
-
Ansible can be installed on an Operating System by following the install guide. To simplify this TP setup with dependencies management, we will use a VM already configured.
User: ansible
Password: ansible
Root password idem
Either clone the repo (git clone https://github.com/jmanteau/lprims-netautomation.git
) or download an zip of it and unzip it.
Mount the unzipped folder under the options of the VM in SharedFolders. You can then access it under /mnt/hgfs.
COPY the folder to your home to execute it as Ansible does not like to be run in a read write folder open to the world
The ansible.sh inside each TP folder will pack the launching of Ansible with the option needed.
The setup is now finished, you can now start the TP
Cisco IOS | Vyos | |
---|---|---|
Boot Time | 20s | 20s; 2min (without nested virt) |
User | cisco | vyos |
Password / Enable Password | cisco123 / cisco | vyos |
If needed, use the following commands for each OS in the console to bootstrap them to be reacheable by SSH over the local network from your workstation.
The bootstrap for IOS is normally not needed as the configuration are embedded in the project.
configure
set interfaces ethernet eth0 address dhcp
set service ssh port '22'
commit
save
exit
renew dhcp interface eth0
show interfaces
conf t
aaa new-model
interface Ethernet0/0
ip address dhcp
no shut
username cisco password cisco123
username admin privilege 15 secret 0 thepassword
enable password cisco
ip domain-name local
crypto key generate rsa modulus 2048
ip ssh version 2
line vty 0 4
privilege level 15
transport input ssh
login local
exit
ip scp server enable
exit
show ip int brief
wr