blob: 0f4dbbda4ebbe945a878063f312306903fe0b7ef (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
|
:lastproofread: 2024-04-09
.. _examples-ansible:
###############
Ansible example
###############
Setting up Ansible on a server running the Debian operating system.
===================================================================
In this example, we will set up a simple use of Ansible to configure multiple VyoS routers.
We have four pre-configured routers with this configuration:
Using the general schema for example:
.. image:: /_static/images/ansible.png
:width: 80%
:align: center
:alt: Network Topology Diagram
We have four pre-configured routers with this configuration:
.. code-block:: none
set interfaces ethernet eth0 address dhcp
set service ssh
commit
save
* vyos7 - 192.0.2.105
* vyos8 - 192.0.2.106
* vyos9 - 192.0.2.107
* vyos10 - 192.0.2.108
Install Ansible:
====================
.. code-block:: none
# apt-get install ansible
Do you want to continue? [Y/n] y
Install Paramiko:
=====================
.. code-block:: none
#apt-get install -y python3-paramiko
Check the version:
==================
.. code-block:: none
# ansible --version
ansible 2.10.8
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
Basic configuration of ansible.cfg:
=======================================
.. code-block:: none
# nano /root/ansible.cfg
[defaults]
host_key_checking = no
Add all the VyOS hosts:
=======================
.. code-block:: none
# nano /root/hosts
[vyos_hosts]
vyos7 ansible_ssh_host=192.0.2.105
vyos8 ansible_ssh_host=192.0.2.106
vyos9 ansible_ssh_host=192.0.2.107
vyos10 ansible_ssh_host=192.0.2.108
Add general variables:
======================
.. code-block:: none
# mkdir /root/group_vars/
# nano /root/group_vars/vyos_hosts
ansible_python_interpreter: /usr/bin/python3
ansible_network_os: vyos
ansible_connection: network_cli
ansible_user: vyos
ansible_ssh_pass: vyos
Add a simple playbook with the tasks for each router:
=====================================================
.. code-block:: none
# nano /root/main.yml
---
- hosts: vyos_hosts
gather_facts: 'no'
tasks:
- name: Configure general settings for the vyos hosts group
vyos_config:
lines:
- set system name-server 8.8.8.8
- set interfaces ethernet eth0 description '#WAN#'
- set interfaces ethernet eth1 description '#LAN#'
- set interfaces ethernet eth2 disable
- set interfaces ethernet eth3 disable
- set system host-name {{ inventory_hostname }}
save:
true
Start the playbook:
===================
.. code-block:: none
ansible-playbook -i hosts main.yml
PLAY [vyos_hosts] **************************************************************
TASK [Configure general settings for the vyos hosts group] *********************
ok: [vyos9]
ok: [vyos10]
ok: [vyos7]
ok: [vyos8]
PLAY RECAP *********************************************************************
vyos10 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos7 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos8 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos9 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Check the result on the vyos10 router:
======================================
.. code-block:: none
vyos@vyos10:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 192.0.2.108/24 u/u WAN
eth1 - u/u LAN
eth2 - A/D
eth3 - A/D
lo 127.0.0.1/8 u/u
::1/128
vyos@vyos10:~$ sh configuration commands | grep 8.8.8.8
set system name-server '8.8.8.8'
The simple way without configuration of the hostname (one task for all routers):
================================================================================
.. code-block:: none
# nano /root/hosts_v2
[vyos_hosts_group]
vyos7 ansible_ssh_host=192.0.2.105
vyos8 ansible_ssh_host=192.0.2.106
vyos9 ansible_ssh_host=192.0.2.107
vyos10 ansible_ssh_host=192.0.2.108
[vyos_hosts_group:vars]
ansible_python_interpreter=/usr/bin/python3
ansible_user=vyos
ansible_ssh_pass=vyos
ansible_network_os=vyos
ansible_connection=network_cli
# nano /root/main_v2.yml
---
- hosts: vyos_hosts_group
connection: network_cli
gather_facts: 'no'
tasks:
- name: Configure remote vyos_hosts_group
vyos_config:
lines:
- set system name-server 8.8.8.8
- set interfaces ethernet eth0 description WAN
- set interfaces ethernet eth1 description LAN
- set interfaces ethernet eth2 disable
- set interfaces ethernet eth3 disable
save:
true
.. code-block:: none
# ansible-playbook -i hosts_v2 main_v2.yml
PLAY [vyos_hosts_group] ********************************************************
TASK [Configure remote vyos_hosts_group] ***************************************
ok: [vyos8]
ok: [vyos7]
ok: [vyos9]
ok: [vyos10]
PLAY RECAP *********************************************************************
vyos10 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos7 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos8 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
vyos9 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
In the next chapter of the example, we'll use Ansible with jinja2 templates and variables.
|