In this post we’ll see how we can quickly get a basic OSPF lab deployed by using Ansible. Our setup consists of 3 x Cisco IOS routers which are connected according to the diagram below. All the routers should already have SSH set up and an interface connected to the management network that will be used for retrieving the configuration files from the server. On the server side we need a Linux machine that has Ansible installed.
So let’s get started by building the Ansible playbook. I’ll explain the site.yml file below:
Run the playbook on the ‘localhost’ server by using the ‘marius’ username with sudo
Install and start Apache as the routers will pull the config files over HTTP
Install Git - used to clone the netmiko library repo
Install paramiko - dependency library for netmiko
Clone the netmiko repo and install it as a system module
Next we use the netmiko.j2 template to create a script file. The script uses netmiko and takes as arguments the ip address, username, password and command that will be run on the remote Cisco device.
We generate the configuration files that are going to be pulled by the routers. For this we use the config.j2 template and write the configuration files on the Apache DocumentRoot. This will results in 3 files: /var/www/html/rtr-A.config, /var/www/html/rtr-B.config, /var/www/html/rtr-C.config containing the configuration commands for each of the routers.
We run the script that we have created on step 6 by passing the ‘copy http://server_ip/config_file_name running-config’ command to each of the routers.
Define the variables used in the template files and commands.
Now let’s go through the template files.
The config.j2 template is used to build the configuration commands that will be loaded by the routers. What this does is basically loop through the interfaces defined for each of the routers and create the ip address statements for each of them. After this, it generates an entry for the ospf process and creates a network statement if the ‘ospf’ variable is set to yes for a specific interface.
The netmiko.j2 template is just a python script that’s using netmiko to connect to the router, first runs ‘file prompt quiet’ configuration command to disable the save confirmation message. Then it runs the command that’s passed as the 4th argument.
Once we have all the files in place we can run the playbook by the ‘ansible-playbook site.yml’ command. This is how the output looks like:
This is how one of routers configuration files looks like:
So now we have the lab up and running. Why bother automating this? In the end it’s a basic test environment. Here’s my motivation:
I hate doing repetitive stuff
Reproducibility. Manual repetitive stuff results in errored configurations, at least for me. If I do such a setup manually I usually get a terminal started for each of the routers and start writing commands. My problem is that almost all the time I end up messing up something like setting the wrong IP addresses on interfaces. By running this playbook I will always get the same result
I have the complete picture in one place and I can check the whole setup before running it, no need to switch through terminals, screens or other stuff
Time. I’m running this setup on Openstack by using Cisco vIOS images so getting everything up and running from scratch takes me less than 5 minutes which is pretty awesome
Let me know if you have any questions and I’ll be more than happy to answer.