Thursday, 19 May 2022

Ansible and ACI

These are some ansible playbooks to do basic configuration on Cisco ACI using ansible.
Information taken from here:

https://github.com/CiscoDevNet/aci_ansible_learning_labs_code_samples/

"inventory" should look like this:

[apic:vars]

username=admin
password=<removed>
ansible_python_interpreter="/home/username/ansible/aci_ansible_learning_labs_code_samples/venv/bin/python"

[apic]

sandboxapicdc.cisco.com

1. Create Tenant:

---
- name: ENSURE APPLICATION CONFIGURATION EXISTS
  hosts: apic
  connection: local
  gather_facts: False
  vars_prompt:
    - name: "tenant"
      prompt: "What would you like to name your Tenant?"
      private: no

  tasks:
    - name: ENSURE APPLICATIONS TENANT EXISTS
      aci_tenant:
        host: "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        state: "present"
        validate_certs: False
        tenant: "{{ tenant }}"
        description: "Tenant Created Using Ansible"


ansible-playbook -i inventory 01_aci_tenant_pb.yml


What would you like to name your Tenant?: test-tenant

PLAY [ENSURE APPLICATION CONFIGURATION EXISTS] *********************************************************************

TASK [ENSURE APPLICATIONS TENANT EXISTS] ***************************************************************************
changed: [sandboxapicdc.cisco.com]

PLAY RECAP *********************************************************************************************************
sandboxapicdc.cisco.com    : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  

2. Create Tenant, VRF and Bridge Domain:

! This is a modified version of the playbook which assumes that the tenant does not exists and prompts for both the tenant and VRF name to be created.

---
- name: ENSURE APPLICATION CONFIGURATION EXISTS
  hosts: apic
  connection: local
  gather_facts: False
  vars_prompt:
    - name: "tenant"
      prompt: "What would you like to name your Tenant?"
      private: no
    - name: "vrf"
      prompt: "What would you like to name your VRF?"
      private: no

  tasks:
    - name: ENSURE APPLICATIONS TENANT EXISTS
      aci_tenant:
        host: "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        state: "present"
        validate_certs: False
        tenant: "{{ tenant }}"
        description: "Tenant Created Using Ansible"

    - name: ENSURE TENANT VRF EXISTS
      aci_vrf:
        host: "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        state: "present"
        validate_certs: False
        tenant: "{{ tenant }}"
        vrf: "{{ vrf }}"
        description: "VRF Created Using Ansible"

    - name: ENSURE TENANT BRIDGE DOMAIN EXISTS
      aci_bd:
        host: "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        state: "present"
        validate_certs: False
        tenant: "{{ tenant }}"
        bd: "{{ bd | default('prod_bd') }}"
        vrf: "{{ vrf }}"
        description: "BD Created Using Ansible"

    - name: ENSURE BRIDGE DOMAIN SUBNET EXISTS
      aci_bd_subnet:
        host: "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        state: "present"
        validate_certs: False
        tenant: "{{ tenant }}"
        bd: "{{ bd | default('prod_bd') }}"
        gateway: "10.10.101.1"
        mask: 24
        description: "Subnet Created Using Ansible"


ansible-playbook 02_aci_tenant_network_pb.yml -i inventory

What would you like to name your Tenant?: test-tenant
What would you like to name your VRF?: test-VRF

PLAY [ENSURE APPLICATION CONFIGURATION EXISTS] *******************************************************************************

TASK [ENSURE APPLICATIONS TENANT EXISTS] *************************************************************************************
changed: [sandboxapicdc.cisco.com]

TASK [ENSURE TENANT VRF EXISTS] **********************************************************************************************
changed: [sandboxapicdc.cisco.com]

TASK [ENSURE TENANT BRIDGE DOMAIN EXISTS] ************************************************************************************
changed: [sandboxapicdc.cisco.com]

TASK [ENSURE BRIDGE DOMAIN SUBNET EXISTS] ************************************************************************************
changed: [sandboxapicdc.cisco.com]

PLAY RECAP *******************************************************************************************************************
sandboxapicdc.cisco.com    : ok=4    changed=4    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  
Posted by at No comments:

Paramiko - config grab with Cisco IOS

import time
import paramiko
import getpass
from datetime import datetime

routers = ["192.168.0.1"]
username = raw_input("Please enter your username: ")
password = getpass.getpass("Please enter your password: ")

now_time = datetime.now()
str_now_time = str(now_time)

sshcon = paramiko.SSHClient()
sshcon.set_missing_host_key_policy(paramiko.AutoAddPolicy())
for target in routers:
f = open("{0}-{1}-txt".format(target,str_now_time) , "w")
print ('Attempting to connect to {0}'.format(target))
sshcon.connect(hostname=target,username=username,password=password,look_for_keys=False)
remote_connection = sshcon.invoke_shell()
remote_connection.send("ter len 0\n")
time.sleep(5)
remote_connection.send("show run\n")
time.sleep(5)
output = remote_connection.recv(65535)
# print(output)
print ('Writing config to file')
f.write(output)
sshcon.close
print("Job completed successfully")
Posted by at No comments:
Subscribe to: Posts (Atom)