docs/configexamples/ansible.rst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216

:lastproofread: 2023-10-18

.. _examples-ansible:

###############
Ansible example
###############

Setting up Ansible on a server running the Debian operating system.
===================================================================

In this example, we will set up a simple use of Ansible to configure multiple VyoS routers.
We have four pre-configured routers with this configuration:

Using the general schema for example:

.. image:: /_static/images/ansible.png
   :width: 80%
   :align: center
   :alt: Network Topology Diagram

We have four pre-configured routers with this configuration:

.. code-block:: none

	set interfaces ethernet eth0 address dhcp
	set service ssh
	commit
	save

* vyos7 - 192.0.2.105
* vyos8 - 192.0.2.106
* vyos9 - 192.0.2.107
* vyos10 - 192.0.2.108

Install the Ansible:
====================
.. code-block:: none

	# apt-get install ansible
	Do you want to continue? [Y/n] y

Install the paramiko:
=====================

.. code-block:: none

	#apt-get install -y python3-paramiko

Check the version:
==================

.. code-block:: none

	# ansible --version
	ansible 2.10.8
	config file = None
	configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
	ansible python module location = /usr/lib/python3/dist-packages/ansible
	executable location = /usr/bin/ansible
	python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]

Basik configuration of the ansible.cfg:
=======================================

.. code-block:: none

	# nano /root/ansible.cfg
	[defaults]
	host_key_checking = no

Add all the hosts of VyOS:
==========================

.. code-block:: none

	# nano /root/hosts
	[vyos_hosts]
	vyos7 ansible_ssh_host=192.0.2.105
	vyos8 ansible_ssh_host=192.0.2.106
	vyos9 ansible_ssh_host=192.0.2.107
	vyos10 ansible_ssh_host=192.0.2.108

Add general variables:
======================

.. code-block:: none

	# mkdir /root/group_vars/
	# nano /root/group_vars/vyos_hosts
	ansible_python_interpreter: /usr/bin/python3
	ansible_network_os: vyos
	ansible_connection: network_cli
	ansible_user: vyos
	ansible_ssh_pass: vyos


Add the simple playbook with the tasks for each router:
=======================================================

.. code-block:: none

	# nano /root/main.yml
	
	---
	- hosts: vyos_hosts
	gather_facts: 'no'
	tasks:
		- name: Configure general settings for the vyos hosts group
		vyos_config:
			lines:
			- set system name-server 8.8.8.8
			- set interfaces ethernet eth0 description '#WAN#'
			- set interfaces ethernet eth1 description '#LAN#'
			- set interfaces ethernet eth2 disable
			- set interfaces ethernet eth3 disable
			- set system host-name {{ inventory_hostname }}
			save:
			true
	
Start the playbook:
===================

.. code-block:: none

	ansible-playbook -i hosts main.yml
	PLAY [vyos_hosts] **************************************************************
	
	TASK [Configure general settings for the vyos hosts group] *********************
	ok: [vyos9]
	ok: [vyos10]
	ok: [vyos7]
	ok: [vyos8]
	
	PLAY RECAP *********************************************************************
	vyos10                     : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos7                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos8                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos9                      : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Check the result on the vyos10 router:
======================================

.. code-block:: none

	vyos@vyos10:~$ show interfaces
	Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
	Interface        IP Address                        S/L  Description
	---------        ----------                        ---  -----------
	eth0             192.0.2.108/24                    u/u  WAN
	eth1             -                                 u/u  LAN
	eth2             -                                 A/D
	eth3             -                                 A/D
	lo               127.0.0.1/8                       u/u
					::1/128
	
	vyos@vyos10:~$ sh configuration commands | grep 8.8.8.8
	set system name-server '8.8.8.8'

The simple way without configuration of the hostname (one task for all routers):
================================================================================

.. code-block:: none

	# nano /root/hosts_v2
	[vyos_hosts_group]
	vyos7 ansible_ssh_host=192.0.2.105
	vyos8 ansible_ssh_host=192.0.2.106
	vyos9 ansible_ssh_host=192.0.2.107
	vyos10 ansible_ssh_host=192.0.2.108
	[vyos_hosts_group:vars]
	ansible_python_interpreter=/usr/bin/python3
	ansible_user=vyos
	ansible_ssh_pass=vyos
	ansible_network_os=vyos
	ansible_connection=network_cli

	# nano /root/main_v2.yml
	---
	- hosts: vyos_hosts_group
	
	connection: network_cli
	gather_facts: 'no'
	
	tasks:
		- name: Configure remote vyos_hosts_group
		vyos_config:
			lines:
			- set system name-server 8.8.8.8
			- set interfaces ethernet eth0 description WAN
			- set interfaces ethernet eth1 description LAN
			- set interfaces ethernet eth2 disable
			- set interfaces ethernet eth3 disable
			save:
			true
		  
.. code-block:: none
		  
	# ansible-playbook -i hosts_v2 main_v2.yml
	
	PLAY [vyos_hosts_group] ********************************************************
	
	TASK [Configure remote vyos_hosts_group] ***************************************
	ok: [vyos8]
	ok: [vyos7]
	ok: [vyos9]
	ok: [vyos10]
	
	PLAY RECAP *********************************************************************
	vyos10                     : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos7                      : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos8                      : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	vyos9                      : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
	

In the next chapter of the example, we'll use the Ansible with jinja2 templates and variables.