SlideShare une entreprise Scribd logo

Ansible ではじめるネットワーク自動化

akira6592
akira6592

構成管理ツールの Ansible は ネットワーク機器にも対応しています。 ネットワークモジュールの使い方やPlaybookのサンプル、ハマりどころをご紹介します。 Ansible Night in Fukuoka 2018.08 での発表資料です https://ansible-users.connpass.com/event/93620/

Technologie
1  sur  57
Télécharger pour lire hors ligne
@akira6592 13. 0 . .1 / 2/
l A 6 o e a l e a n o . b ko il 2 2
3 https://tekunabe.hatenablog.jp https://www.slideshare.net/akira6592/ 96
4 l l l l l
5
◦ SSH NETCONF HTTP/HTTPS API ◦ show ◦ 6 ( ((
Cisco IOS IOS-XR NX-OS Juniper Junos Arista EOS 40 ◦ 7 • • • E DF • 0 • E 9 • • I • FJ • E • AD C C • AD F DC • 0 • B A F • AA0 • AA0 • AA0 • 0 • 0 • 0 • 60 • • DE B C E • DE 0 • AA BDF • 0 • 0 6 • EDC5 E • CDF • E • • F A E • I FDE • 0 • • 60 • 0 6 • 0E C C • 0 • 1 0 • J E • -6 0 • 0 • L0 https://docs.ansible.com/ansible/latest/modules/list_of_network_modules.html
Ansible 1. ◦ copy ◦ ◦ 2 ◦ ◦ 3 ◦ Ansible ◦ 8 2 1 A 3 1 1 2. 3
9
Ansible 2.5 ◦ network_cli: Cisco IOS Arista EOS VyOS ◦ netconf: Juniper Junos ◦ httpapi: Cisco NX-OS Arista EOS HTTP(S) API Ansible 2.6 Ansible 2.4 ◦ local: 10 - hosts: ios connection: network_cli [ios:vars] ansible_connection=network_cli •• Playbook
11 https://docs.ansible.com/ansible/latest/network/user_guide/platform_index.html#settings-by-platform
ansible_network_os ◦ ios junos eos vyos 12 [ios:vars] ansible_connection=network_cli ansible_network_os=ios •
13 https://docs.ansible.com/ansible/latest/network/user_guide/platform_index.html#settings-by-platform
*_facts ◦ gather_facts: yes Ansible *_facts ◦ ios_facts ◦ junos_facts ◦ eos_facts ◦ vyos_facts 14 - hosts: ios gather_facts: yes connection: network_cli tasks: - ios_facts:
ios_facts ◦ ◦ ◦ ◦ ◦ LLDP ◦ 15 https://docs.ansible.com/ansible/latest/modules/ios_facts_module.html • *
IOS EOS enable 16 ansible_become yes/no: no ansible_become_method network_cli enable ansible_become_pass [ios:vars] ansible_connection=network_cli ansible_network_os=ios ansible_become=yes ansible_become_method=enable ansible_become_pass=enablepass999 • NW
17 1-1
1-1: show version Ansible 18 Hostname: vsrx1 Model: firefly-perimeter JUNOS Software Release [12.1X47-D15.4] ( ) ( 2 13 Hostname: vsrx1 Model: firefly-perimeter JUNOS Software Release [12.1X47-D15.4]
1-1: 19 [junos] 172.16.0.1 [junos:vars] ansible_connection=netconf ansible_network_os=junos ansible_user=testuser ansible_ssh_pass=testpassword99 • inventory OS
1-1: Playbook 20 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show version register: result - name: debug output debug: msg: "{{ result.stdout_lines[0] }}" result • Playbook show01.yml junos junos_command ( 1) 1 junos_command https://docs.ansible.com/ansible/latest/modules/junos_command_module.htmlç debug
1-1: 21 [vagrant@centos7 demo]$ ansible-playbook -i inventory show01.yml PLAY [junos] ****************************************************************** TASK [show command test] ****************************************************** ok: [172.16.0.1] TASK [debug output] *********************************************************** ok: [172.16.0.1] => { "msg": [ "Hostname: vsrx1", "Model: firefly-perimeter", "JUNOS Software Release [12.1X47-D15.4]" ] } PLAY RECAP ******************************************************************** 172.16.0.1 : ok=2 changed=0 unreachable=0 failed=0 • ansible-playbook show version
1-1: 22 "msg": { "changed": false, "failed": false, "stdout": [ "Hostname: vsrx1¥nModel: firefly-perimeter¥nJUNOS Software Release [12.1X47-D15.4]" ], "stdout_lines": [ [ "Hostname: vsrx1", "Model: firefly-perimeter", "JUNOS Software Release [12.1X47-D15.4]" ] ] } - name: debug output debug: msg: "{{ result }}" - name: debug output debug: msg: "{{ result.stdout_lines[0] }}" result 1 1 stdout_lines 0 commands [ ] COMMAND MODULE DEEP DIVE FOR NETWORKS https://www.ansible.com/blog/command-module-deep-dive-for-networks
23 1-2
1-2: show configuration 24 ( ) ) 21 21 3 ## Last commit: 2018-06-28 05:45:49 UTC by root version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq..... ssh-rsa "ssh-rsa AAAAB3Nz..... } login { user vagrant { uid 2000; class super-user; authentication { ssh-rsa "ssh-rsa ..... } } } services { ssh { root-login allow; } netconf { ssh; } web-management { http { interface ge-0/0/0.0; } ## Last commit: 2018-06-28 05:45:49 UTC by root version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq..... ssh-rsa "ssh-rsa AAAAB3Nz..... } login { user vagrant { uid 2000; class super-user; authentication { ssh-rsa "ssh-rsa ..... } } } services { ssh { root-login allow; } netconf { ssh; } web-management { http { interface ge-0/0/0.0; }
1-2: Playbook 25 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show configuration register: result - name: save config to file copy: content: "{{ result.stdout[0] }}" dest: "show_config_{{ inventory_hostname }}.txt" copy • Playbook show02.yml junos junos_command IP
1-2: 26 [vagrant@centos7 demo]$ ansible-playbook -i inventory show02.yml PLAY [junos] ********************************************************** TASK [show command test] ********************************************** ok: [172.16.0.1] TASK [save config to file] ******************************************** changed: [172.16.0.1] PLAY RECAP ************************************************************ 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • ansible-playbook
1-2: 27 [vagrant@centos7 demo]$ cat show_config_172.16.0.1.txt ## Last changed: 2018-06-28 05:45:50 UTC version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq.N1UsY$Jx...( )..."; ssh-rsa "ssh-rsa AAAAB3NzaC1yc2...( )...."; } ...( ).... ge-0/0/1 { unit 0 { family inet { address 172.16.0.1/24; } } } ...( ).... } • IP show configuration
28 1-3 show CSV
1-3: show CSV show interfaces CSV 29 2 4 3 1 ) 2 Physical interface: ge-0/0/0, Enabled, Physical link is Up Interface index: 134, SNMP ifIndex: 507 Link-level type: Ethernet, MTU: 1514, Link-mode: Full-duplex, … Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online Device flags : Present Running Interface flags: SNMP-Traps Internal: 0x4000 Link flags : None CoS queues : 8 supported, 8 maximum usable queues Current address: 08:00:27:ae:f4:51, Hardware address: 08:00:27:ae:f4:51 Last flapped : 2018-06-28 05:45:29 UTC (04:54:28 ago) Input rate : 3432 bps (7 pps) Output rate : 4256 bps (4 pps) Active alarms : None Active defects : None Interface transmit statistics: Disabled Logical interface ge-0/0/0.0 (Index 69) (SNMP ifIndex 509) Flags: SNMP-Traps 0x4000 Encapsulation: ENET2 Input packets : 522 Output packets: 580 Security: Zone: Null [TextFSM ] ^¥s+ [CSV ] {{ }} ( C 5
1-3: show CSV Playbook 30 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show interfaces register: result - name: output csv file template: src: "./template_interface_junos.txt" dest: "./result_interface.csv" vars: parsed_result: "{{ result.stdout[0] | parse_cli_textfsm('juniper_junos_show_interfaces.template') }}" • Playbook show03.yml junos junos_command TextFSM parsed_result template CSV parse_cli_textfsm https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#network-cli-filters https://tekunabe.hatenablog.jp/entry/2017/09/23/parse_cli_textfsm
1-3: show CSV CSV 31 "INTERFACE","ADMIN_STATE","LINK_STATUS","HARDWARE_TYPE" {% for r in parsed_result %} "{{ r['INTERFACE'] }}","{{ r['ADMIN_STATE'] }}","{{ r['LINK_STATUS'] }}","{{ r['HARDWARE_TYPE'] }}" {% endfor %} • CSV template_interface_junos.txt show interfaces r[‘XXXX’] for CSV 2 2 2
1-3: show CSV TextFSM 32 Value Required INTERFACE (¥S+) Value LINK_STATUS (¥w+) Value ADMIN_STATE (¥S+) Value HARDWARE_TYPE (¥S+) Value MTU (¥d+|Unlimited) Start ^¥s+Logical¥s+interface¥s+${INTERFACE} ^Physical¥s+interface:¥s+${INTERFACE},¥s+${ADMIN_STATE},¥s+Physical¥s+link¥s+is¥s+${LINK_STATUS} ^.*ype:¥s+${HARDWARE_TYPE},.*MTU:¥s+${MTU}.* -> Record ^.*MTU:¥s+${MTU}.* -> Record ^.*flags -> Record EOF • TextFSM juniper_junos_show_interfaces.template TextFSM Junos show interfaces https://raw.githubusercontent.com/networktocode/ntc-templates/master/templates/juniper_junos_show_interfaces.template
1-3: show CSV 33 [vagrant@centos7 demo]$ ansible-playbook -i inventory show03.yml PLAY [junos] ********************************************************** TASK [show command test] ********************************************** ok: [172.16.0.1] TASK [output csv file] ************************************************ changed: [172.16.0.1] PLAY RECAP *********************************************************************** 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • ansible-playbook CSV
1-3: show CSV CSV 34 • CSV result_interface.csv "INTERFACE","ADMIN_STATE","LINK_STATUS","HARDWARE_TYPE","MTU" "ge-0/0/0","Enabled","Up","Ethernet","1514" "ge-0/0/0.0","","","","1500" "gr-0/0/0","Enabled","Up","GRE","Unlimited" "ip-0/0/0","Enabled","Up","IP-over-IP","Unlimited" "lsq-0/0/0","Enabled","Up","LinkService","1504" "lt-0/0/0","Enabled","Up","Logical-tunnel","Unlimited" "mt-0/0/0","Enabled","Up","GRE","Unlimited" "sp-0/0/0","Enabled","Up","Adaptive-Services","9192" "sp-0/0/0.0","","","","9192" "sp-0/0/0.16383","","","","9192" "ge-0/0/1","Enabled","Up","Ethernet","1514" "ge-0/0/1.0","","","","1500" "ge-0/0/2","Enabled","Up","Ethernet","1514" "ge-0/0/2.0","","","","1500" "dsc","Enabled","Up","Software-Pseudo","Unlimited" "gre","Enabled","Up","GRE","Unlimited" "ipip","Enabled","Up","IP-over-IP","Unlimited" "irb","Enabled","Up","Ethernet","1514" "lo0","Enabled","Up","Loopback","Unlimited" "lo0.16384","","","","Unlimited" "lo0.16385","","","","Unlimited" "lsi","Enabled","Up","LSI","1496" "mtun","Enabled","Up","GRE","Unlimited" "pimd","Enabled","Up","PIM-Decapsulator","Unlimited" "pime","Enabled","Up","PIM-Encapsulator","Unlimited" "pp0","Enabled","Up","PPPoE","1532" "ppd0","Enabled","Up","PIM-Decapsulator","Unlimited" "ppe0","Enabled","Up","PIM-Encapsulator","Unlimited" "st0","Enabled","Up","Secure-Tunnel","9192" "tap","Enabled","Up","Interface-Specific","Unlimited" "vlan","Enabled","Down","VLAN","1518" CSV CSV
35 2-1
2-1: NTP 36 ( ( ( ) 1
2-1: Playbook 37 - hosts: junos gather_facts: no tasks: - name: config test junos_config: lines: - set system ntp server 10.0.0.123 • Playbook set01.yml Junos junos_config 1 1 junos_config https://docs.ansible.com/ansible/latest/modules/junos_config_module.html
2-1: 38 [vagrant@centos7 demo]$ ansible-playbook -i inventory set01.yml PLAY [junos] ********************************************************* TASK [config test] *************************************************** changed: [172.16.0.1] PLAY RECAP ********************************************************************** 172.16.0.1 : ok=1 changed=1 unreachable=0 failed=0 • ansible-playbook
2-1: 39 root@vsrx1> show configuration system ntp | display set set system ntp server 10.0.0.123 root@vsrx1> •
40 2-2
2-2: NTP 41 2 3 1( 2 3 1 [ ] {{ }} )
2-2: Playbook 42 - hosts: junos gather_facts: no tasks: - name: config test junos_config: src: template_ntp_junos.txt vars: ntp_servers: - 10.0.1.123 - 10.0.2.123 - 10.0.3.123 - 10.0.4.123 - 10.0.5.123 • Playbook set02.yml NTP IP ntp_servers Junos junos_config
2-2: 43 {% for n in ntp_servers %} set system ntp server {{ n }} {% endfor %} • template_ntp_j.txt for Playbook ntp_servers 2 2 2 • set system ntp server 10.0.1.123 set system ntp server 10.0.2.123 set system ntp server 10.0.3.123 set system ntp server 10.0.4.123 set system ntp server 10.0.5.123
2-2: 44 [vagrant@centos7 demo]$ ansible-playbook -i inventory set02.yml PLAY [junos] ********************************************************* TASK [config test] *************************************************** changed: [172.16.0.1] PLAY RECAP ********************************************************************** 172.16.0.1 : ok=1 changed=1 unreachable=0 failed=0 • ansible-playbook
2-2: 45 root@vsrx1> show configuration system ntp | display set set system ntp server 10.0.0.123 set system ntp server 10.0.2.123 set system ntp server 10.0.3.123 set system ntp server 10.0.4.123 set system ntp server 10.0.5.123 root@vsrx1> •
46 2-3
2-3: OK 47 ( () ( ( 2 34 34 y 1 ' '
2-3: Playbook 48 - hosts: junos gather_facts: no tasks: - name: confirm pause: prompt: "continue? [y/N]" register: input - name: abort fail: when: input.user_input != "y" - name: config test junos_config: lines: - set system ntp server 10.0.0.123 • Playbook set03.yml Junos junos_config pause input y
2-3: 1: 49 [vagrant@centos7 demo]$ ansible-playbook -i inventory set03.yml PLAY [junos] ****************************************************** TASK [confirm] **************************************************** [confirm] continue? [y/N]: y ok: [172.16.0.1] TASK [abort] ****************************************************** skipping: [172.16.0.1] TASK [config test] ************************************************ changed: [172.16.0.1] PLAY RECAP ******************************************************** 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • y y ansible-playbook
2-3: 2: 50 [vagrant@centos7 demo]$ ansible-playbook -i inventory set03.yml PLAY [junos] ******************************************************************** TASK [confirm] ******************************************************************** [confirm] continue? [y/N]: N ok: [172.16.0.1] TASK [abort] ******************************************************** fatal: [172.16.0.1]: FAILED! => {"changed": false, "msg": "Failed as requested from task"} PLAY RECAP ********************************************************************* 172.16.0.1 : ok=1 changed=0 unreachable=0 failed=1 • ansible-playbook N y
51
changed *_config changed 52 - name: config ios_config: lines: - ntp ser 10.0.0.123 RouterA# sh run | inc ntp ntp server 10.0.0.123 • • Playbook server ser 172.16.0.2 : ok=1 changed=1 unreachable=0 failed=0 172.16.0.2 : ok=1 changed=1 unreachable=0 failed=0 Playbook changed • • . = / *- . / /= - /. = / = /? =/. - . == ##. - / - # /# =/ =# /= # / * ./# : = . = / - . / /= - /. = / = /? =/. - .
SSH 53 fatal: [172.16.0.2]: FAILED! => {"msg": "paramiko: The authenticity of host '172.16.0.2' can't be established.¥nThe ssh-rsa key fingerprint is xxxxxxx."} ansible.cfg 1 [defaults] host_key_checking = False export ANSIBLE_HOST_KEY_CHECKING=False 2 [paramiko_connection] host_key_auto_add = True export ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD=True 3 SSH - - • fatal: [172.16.0.1]: FAILED! => {"msg": "Unknown host key [xxxxxxx] for [172.16.0.1]"} netconf network_cli 2 netconf
Ansible 2.4 54 c u # c u # P c u c u -5 2 55 5 2 / . -5 . -5 :4 / - : -5 2 2 5 -5 2 55han b se [ se . / ogpur A -5 # ]ki tudogpur mid https://www.slideshare.net/akira6592/ansible25nw-92031433
55
0 4 0 56 lt 0 0 0 kb ia / _ o / / / n / A sr e /
◦ ◦ https://docs.ansible.com/ ◦ Ansible for Network Automation ◦ https://docs.ansible.com/ansible/latest/network/index.html ◦ Platform Options OES IOS Junos ◦ https://docs.ansible.com/ansible/latest/network/user_guide/platform_index.html ◦ ◦ https://docs.ansible.com/ansible/latest/modules/list_of_network_modules.html ◦ Ansible ◦ https://www.slideshare.net/akira6592/networkengineermeetsansible-85889620 ◦ Ansible ◦ https://www.slideshare.net/akira6592/ansibleadhocnetworkautomation ◦ Ansible 2.5 ◦ https://www.slideshare.net/akira6592/ansible25nw-92031433 57

Recommandé

新人研修資料 向き合うエンジニア
新人研修資料 向き合うエンジニア新人研修資料 向き合うエンジニア
新人研修資料 向き合うエンジニア
akira6592
 
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
akira6592
 
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooksAnsible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
akira6592
 
Ansible でお世話になっている機能と拡張
Ansible でお世話になっている機能と拡張Ansible でお世話になっている機能と拡張
Ansible でお世話になっている機能と拡張
akira6592
 
Ansible 2.10 と Collection
Ansible 2.10 と CollectionAnsible 2.10 と Collection
Ansible 2.10 と Collection
akira6592
 
自動化の下ごしらえ
自動化の下ごしらえ自動化の下ごしらえ
自動化の下ごしらえ
akira6592
 
向き合うエンジニア 2020年度版
向き合うエンジニア 2020年度版向き合うエンジニア 2020年度版
向き合うエンジニア 2020年度版
akira6592
 
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
akira6592
 

Recommandé

新人研修資料 向き合うエンジニア
新人研修資料 向き合うエンジニア新人研修資料 向き合うエンジニア
新人研修資料 向き合うエンジニア
akira6592
 
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
Ansible とネットワーク自動化の概要(SmartCS と Ansible の連携による自動化の可能性を体験!)
akira6592
 
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooksAnsible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
Ansible 実践ガイド第3版 ネットワーク担当としてのふりかえり #インフラエンジニアBooks
akira6592
 
Ansible でお世話になっている機能と拡張
Ansible でお世話になっている機能と拡張Ansible でお世話になっている機能と拡張
Ansible でお世話になっている機能と拡張
akira6592
 
Ansible 2.10 と Collection
Ansible 2.10 と CollectionAnsible 2.10 と Collection
Ansible 2.10 と Collection
akira6592
 
自動化の下ごしらえ
自動化の下ごしらえ自動化の下ごしらえ
自動化の下ごしらえ
akira6592
 
向き合うエンジニア 2020年度版
向き合うエンジニア 2020年度版向き合うエンジニア 2020年度版
向き合うエンジニア 2020年度版
akira6592
 
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
Ansible ではじめる ネットワーク自動化(Ansible 2.9版)
akira6592
 
はじめてAnsibleのバグ修正に協力してみた
はじめてAnsibleのバグ修正に協力してみたはじめてAnsibleのバグ修正に協力してみた
はじめてAnsibleのバグ修正に協力してみた
akira6592
 
CML-Personal (VIRL2)のインストールと基本機能
CML-Personal (VIRL2)のインストールと基本機能CML-Personal (VIRL2)のインストールと基本機能
CML-Personal (VIRL2)のインストールと基本機能
akira6592
 
BGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたBGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみた
akira6592
 
自動化ツール Ansible に触れてみよう(技術インターン)
自動化ツール Ansible に触れてみよう(技術インターン) 自動化ツール Ansible に触れてみよう(技術インターン)
自動化ツール Ansible に触れてみよう(技術インターン)
akira6592
 
技術ブログを書こう
技術ブログを書こう技術ブログを書こう
技術ブログを書こう
akira6592
 
Ansible2.9 ネットワーク対応のアップデート #ansiblejp
Ansible2.9 ネットワーク対応のアップデート #ansiblejpAnsible2.9 ネットワーク対応のアップデート #ansiblejp
Ansible2.9 ネットワーク対応のアップデート #ansiblejp
akira6592
 
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
akira6592
 
show コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudyshow コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudy
akira6592
 
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒントはじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
akira6592
 
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
akira6592
 
向き合うエンジニア
向き合うエンジニア向き合うエンジニア
向き合うエンジニア
akira6592
 
Ansible 2.8 アップデート情報 -機能追加と注意点-
Ansible 2.8 アップデート情報 -機能追加と注意点-Ansible 2.8 アップデート情報 -機能追加と注意点-
Ansible 2.8 アップデート情報 -機能追加と注意点-
akira6592
 
ネットワークコンフィグ分析ツール Batfish との付き合い方
ネットワークコンフィグ分析ツール Batfish との付き合い方ネットワークコンフィグ分析ツール Batfish との付き合い方
ネットワークコンフィグ分析ツール Batfish との付き合い方
akira6592
 
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
akira6592
 
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
akira6592
 
「自動化の行き着く先は?」をうけて
「自動化の行き着く先は?」をうけて「自動化の行き着く先は?」をうけて
「自動化の行き着く先は?」をうけて
akira6592
 
Ansibleでネットワーク機器の状態確認を自動化してみよう
Ansibleでネットワーク機器の状態確認を自動化してみようAnsibleでネットワーク機器の状態確認を自動化してみよう
Ansibleでネットワーク機器の状態確認を自動化してみよう
akira6592
 
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
akira6592
 
エンジニアが広報にしてもらってうれしかったこと #PRLT
エンジニアが広報にしてもらってうれしかったこと #PRLTエンジニアが広報にしてもらってうれしかったこと #PRLT
エンジニアが広報にしてもらってうれしかったこと #PRLT
akira6592
 
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
akira6592
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
MIND CTI
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Deepika Singh
 

Contenu connexe

Plus de akira6592

show コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudyshow コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudy
akira6592
 

Plus de akira6592 (20)

はじめてAnsibleのバグ修正に協力してみた
はじめてAnsibleのバグ修正に協力してみたはじめてAnsibleのバグ修正に協力してみた
はじめてAnsibleのバグ修正に協力してみた
 
CML-Personal (VIRL2)のインストールと基本機能
CML-Personal (VIRL2)のインストールと基本機能CML-Personal (VIRL2)のインストールと基本機能
CML-Personal (VIRL2)のインストールと基本機能
 
BGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたBGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみた
 
自動化ツール Ansible に触れてみよう(技術インターン)
自動化ツール Ansible に触れてみよう(技術インターン) 自動化ツール Ansible に触れてみよう(技術インターン)
自動化ツール Ansible に触れてみよう(技術インターン)
 
技術ブログを書こう
技術ブログを書こう技術ブログを書こう
技術ブログを書こう
 
Ansible2.9 ネットワーク対応のアップデート #ansiblejp
Ansible2.9 ネットワーク対応のアップデート #ansiblejpAnsible2.9 ネットワーク対応のアップデート #ansiblejp
Ansible2.9 ネットワーク対応のアップデート #ansiblejp
 
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
私たちはRESTCONFでネットワーク自動化的に何が嬉しくなるのか考えてみた
 
show コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudyshow コマンド結果をパースする方法あれこれ #npstudy
show コマンド結果をパースする方法あれこれ #npstudy
 
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒントはじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
はじめた自動化をどう広めるか 書籍「Fearless Change」からのヒント
 
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
はじめどころを探る自動化アセスメント(JANOG44 ここからはじめよう、運用自動化)
 
向き合うエンジニア
向き合うエンジニア向き合うエンジニア
向き合うエンジニア
 
Ansible 2.8 アップデート情報 -機能追加と注意点-
Ansible 2.8 アップデート情報 -機能追加と注意点-Ansible 2.8 アップデート情報 -機能追加と注意点-
Ansible 2.8 アップデート情報 -機能追加と注意点-
 
ネットワークコンフィグ分析ツール Batfish との付き合い方
ネットワークコンフィグ分析ツール Batfish との付き合い方ネットワークコンフィグ分析ツール Batfish との付き合い方
ネットワークコンフィグ分析ツール Batfish との付き合い方
 
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/04版)
 
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
Ansibleではじめるサーバー・ネットワークの自動化(2019/02版)
 
「自動化の行き着く先は?」をうけて
「自動化の行き着く先は?」をうけて「自動化の行き着く先は?」をうけて
「自動化の行き着く先は?」をうけて
 
Ansibleでネットワーク機器の状態確認を自動化してみよう
Ansibleでネットワーク機器の状態確認を自動化してみようAnsibleでネットワーク機器の状態確認を自動化してみよう
Ansibleでネットワーク機器の状態確認を自動化してみよう
 
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
Ansibleではじめるサーバー・ネットワークの自動化 (Ansible2.7情報つき)2018/10/12
 
エンジニアが広報にしてもらってうれしかったこと #PRLT
エンジニアが広報にしてもらってうれしかったこと #PRLTエンジニアが広報にしてもらってうれしかったこと #PRLT
エンジニアが広報にしてもらってうれしかったこと #PRLT
 
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
Ansibleではじめるサーバー・ネットワークの自動化(2018/08/22)
 

Dernier

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Dernier (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Ansible ではじめるネットワーク自動化

  • 2. l A 6 o e a l e a n o . b ko il 2 2
  • 5. 5
  • 6. ◦ SSH NETCONF HTTP/HTTPS API ◦ show ◦ 6 ( ((
  • 7. Cisco IOS IOS-XR NX-OS Juniper Junos Arista EOS 40 ◦ 7 • • • E DF • 0 • E 9 • • I • FJ • E • AD C C • AD F DC • 0 • B A F • AA0 • AA0 • AA0 • 0 • 0 • 0 • 60 • • DE B C E • DE 0 • AA BDF • 0 • 0 6 • EDC5 E • CDF • E • • F A E • I FDE • 0 • • 60 • 0 6 • 0E C C • 0 • 1 0 • J E • -6 0 • 0 • L0 https://docs.ansible.com/ansible/latest/modules/list_of_network_modules.html
  • 9. 9
  • 10. Ansible 2.5 ◦ network_cli: Cisco IOS Arista EOS VyOS ◦ netconf: Juniper Junos ◦ httpapi: Cisco NX-OS Arista EOS HTTP(S) API Ansible 2.6 Ansible 2.4 ◦ local: 10 - hosts: ios connection: network_cli [ios:vars] ansible_connection=network_cli •• Playbook
  • 12. ansible_network_os ◦ ios junos eos vyos 12 [ios:vars] ansible_connection=network_cli ansible_network_os=ios •
  • 14. *_facts ◦ gather_facts: yes Ansible *_facts ◦ ios_facts ◦ junos_facts ◦ eos_facts ◦ vyos_facts 14 - hosts: ios gather_facts: yes connection: network_cli tasks: - ios_facts:
  • 16. IOS EOS enable 16 ansible_become yes/no: no ansible_become_method network_cli enable ansible_become_pass [ios:vars] ansible_connection=network_cli ansible_network_os=ios ansible_become=yes ansible_become_method=enable ansible_become_pass=enablepass999 • NW
  • 18. 1-1: show version Ansible 18 Hostname: vsrx1 Model: firefly-perimeter JUNOS Software Release [12.1X47-D15.4] ( ) ( 2 13 Hostname: vsrx1 Model: firefly-perimeter JUNOS Software Release [12.1X47-D15.4]
  • 20. 1-1: Playbook 20 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show version register: result - name: debug output debug: msg: "{{ result.stdout_lines[0] }}" result • Playbook show01.yml junos junos_command ( 1) 1 junos_command https://docs.ansible.com/ansible/latest/modules/junos_command_module.htmlç debug
  • 21. 1-1: 21 [vagrant@centos7 demo]$ ansible-playbook -i inventory show01.yml PLAY [junos] ****************************************************************** TASK [show command test] ****************************************************** ok: [172.16.0.1] TASK [debug output] *********************************************************** ok: [172.16.0.1] => { "msg": [ "Hostname: vsrx1", "Model: firefly-perimeter", "JUNOS Software Release [12.1X47-D15.4]" ] } PLAY RECAP ******************************************************************** 172.16.0.1 : ok=2 changed=0 unreachable=0 failed=0 • ansible-playbook show version
  • 22. 1-1: 22 "msg": { "changed": false, "failed": false, "stdout": [ "Hostname: vsrx1¥nModel: firefly-perimeter¥nJUNOS Software Release [12.1X47-D15.4]" ], "stdout_lines": [ [ "Hostname: vsrx1", "Model: firefly-perimeter", "JUNOS Software Release [12.1X47-D15.4]" ] ] } - name: debug output debug: msg: "{{ result }}" - name: debug output debug: msg: "{{ result.stdout_lines[0] }}" result 1 1 stdout_lines 0 commands [ ] COMMAND MODULE DEEP DIVE FOR NETWORKS https://www.ansible.com/blog/command-module-deep-dive-for-networks
  • 24. 1-2: show configuration 24 ( ) ) 21 21 3 ## Last commit: 2018-06-28 05:45:49 UTC by root version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq..... ssh-rsa "ssh-rsa AAAAB3Nz..... } login { user vagrant { uid 2000; class super-user; authentication { ssh-rsa "ssh-rsa ..... } } } services { ssh { root-login allow; } netconf { ssh; } web-management { http { interface ge-0/0/0.0; } ## Last commit: 2018-06-28 05:45:49 UTC by root version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq..... ssh-rsa "ssh-rsa AAAAB3Nz..... } login { user vagrant { uid 2000; class super-user; authentication { ssh-rsa "ssh-rsa ..... } } } services { ssh { root-login allow; } netconf { ssh; } web-management { http { interface ge-0/0/0.0; }
  • 25. 1-2: Playbook 25 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show configuration register: result - name: save config to file copy: content: "{{ result.stdout[0] }}" dest: "show_config_{{ inventory_hostname }}.txt" copy • Playbook show02.yml junos junos_command IP
  • 26. 1-2: 26 [vagrant@centos7 demo]$ ansible-playbook -i inventory show02.yml PLAY [junos] ********************************************************** TASK [show command test] ********************************************** ok: [172.16.0.1] TASK [save config to file] ******************************************** changed: [172.16.0.1] PLAY RECAP ************************************************************ 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • ansible-playbook
  • 27. 1-2: 27 [vagrant@centos7 demo]$ cat show_config_172.16.0.1.txt ## Last changed: 2018-06-28 05:45:50 UTC version 12.1X47-D15.4; system { host-name vsrx1; root-authentication { encrypted-password "$1$nq.N1UsY$Jx...( )..."; ssh-rsa "ssh-rsa AAAAB3NzaC1yc2...( )...."; } ...( ).... ge-0/0/1 { unit 0 { family inet { address 172.16.0.1/24; } } } ...( ).... } • IP show configuration
  • 29. 1-3: show CSV show interfaces CSV 29 2 4 3 1 ) 2 Physical interface: ge-0/0/0, Enabled, Physical link is Up Interface index: 134, SNMP ifIndex: 507 Link-level type: Ethernet, MTU: 1514, Link-mode: Full-duplex, … Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online Device flags : Present Running Interface flags: SNMP-Traps Internal: 0x4000 Link flags : None CoS queues : 8 supported, 8 maximum usable queues Current address: 08:00:27:ae:f4:51, Hardware address: 08:00:27:ae:f4:51 Last flapped : 2018-06-28 05:45:29 UTC (04:54:28 ago) Input rate : 3432 bps (7 pps) Output rate : 4256 bps (4 pps) Active alarms : None Active defects : None Interface transmit statistics: Disabled Logical interface ge-0/0/0.0 (Index 69) (SNMP ifIndex 509) Flags: SNMP-Traps 0x4000 Encapsulation: ENET2 Input packets : 522 Output packets: 580 Security: Zone: Null [TextFSM ] ^¥s+ [CSV ] {{ }} ( C 5
  • 30. 1-3: show CSV Playbook 30 - hosts: junos gather_facts: no tasks: - name: show command test junos_command: commands: - show interfaces register: result - name: output csv file template: src: "./template_interface_junos.txt" dest: "./result_interface.csv" vars: parsed_result: "{{ result.stdout[0] | parse_cli_textfsm('juniper_junos_show_interfaces.template') }}" • Playbook show03.yml junos junos_command TextFSM parsed_result template CSV parse_cli_textfsm https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html#network-cli-filters https://tekunabe.hatenablog.jp/entry/2017/09/23/parse_cli_textfsm
  • 31. 1-3: show CSV CSV 31 "INTERFACE","ADMIN_STATE","LINK_STATUS","HARDWARE_TYPE" {% for r in parsed_result %} "{{ r['INTERFACE'] }}","{{ r['ADMIN_STATE'] }}","{{ r['LINK_STATUS'] }}","{{ r['HARDWARE_TYPE'] }}" {% endfor %} • CSV template_interface_junos.txt show interfaces r[‘XXXX’] for CSV 2 2 2
  • 32. 1-3: show CSV TextFSM 32 Value Required INTERFACE (¥S+) Value LINK_STATUS (¥w+) Value ADMIN_STATE (¥S+) Value HARDWARE_TYPE (¥S+) Value MTU (¥d+|Unlimited) Start ^¥s+Logical¥s+interface¥s+${INTERFACE} ^Physical¥s+interface:¥s+${INTERFACE},¥s+${ADMIN_STATE},¥s+Physical¥s+link¥s+is¥s+${LINK_STATUS} ^.*ype:¥s+${HARDWARE_TYPE},.*MTU:¥s+${MTU}.* -> Record ^.*MTU:¥s+${MTU}.* -> Record ^.*flags -> Record EOF • TextFSM juniper_junos_show_interfaces.template TextFSM Junos show interfaces https://raw.githubusercontent.com/networktocode/ntc-templates/master/templates/juniper_junos_show_interfaces.template
  • 33. 1-3: show CSV 33 [vagrant@centos7 demo]$ ansible-playbook -i inventory show03.yml PLAY [junos] ********************************************************** TASK [show command test] ********************************************** ok: [172.16.0.1] TASK [output csv file] ************************************************ changed: [172.16.0.1] PLAY RECAP *********************************************************************** 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • ansible-playbook CSV
  • 34. 1-3: show CSV CSV 34 • CSV result_interface.csv "INTERFACE","ADMIN_STATE","LINK_STATUS","HARDWARE_TYPE","MTU" "ge-0/0/0","Enabled","Up","Ethernet","1514" "ge-0/0/0.0","","","","1500" "gr-0/0/0","Enabled","Up","GRE","Unlimited" "ip-0/0/0","Enabled","Up","IP-over-IP","Unlimited" "lsq-0/0/0","Enabled","Up","LinkService","1504" "lt-0/0/0","Enabled","Up","Logical-tunnel","Unlimited" "mt-0/0/0","Enabled","Up","GRE","Unlimited" "sp-0/0/0","Enabled","Up","Adaptive-Services","9192" "sp-0/0/0.0","","","","9192" "sp-0/0/0.16383","","","","9192" "ge-0/0/1","Enabled","Up","Ethernet","1514" "ge-0/0/1.0","","","","1500" "ge-0/0/2","Enabled","Up","Ethernet","1514" "ge-0/0/2.0","","","","1500" "dsc","Enabled","Up","Software-Pseudo","Unlimited" "gre","Enabled","Up","GRE","Unlimited" "ipip","Enabled","Up","IP-over-IP","Unlimited" "irb","Enabled","Up","Ethernet","1514" "lo0","Enabled","Up","Loopback","Unlimited" "lo0.16384","","","","Unlimited" "lo0.16385","","","","Unlimited" "lsi","Enabled","Up","LSI","1496" "mtun","Enabled","Up","GRE","Unlimited" "pimd","Enabled","Up","PIM-Decapsulator","Unlimited" "pime","Enabled","Up","PIM-Encapsulator","Unlimited" "pp0","Enabled","Up","PPPoE","1532" "ppd0","Enabled","Up","PIM-Decapsulator","Unlimited" "ppe0","Enabled","Up","PIM-Encapsulator","Unlimited" "st0","Enabled","Up","Secure-Tunnel","9192" "tap","Enabled","Up","Interface-Specific","Unlimited" "vlan","Enabled","Down","VLAN","1518" CSV CSV
  • 37. 2-1: Playbook 37 - hosts: junos gather_facts: no tasks: - name: config test junos_config: lines: - set system ntp server 10.0.0.123 • Playbook set01.yml Junos junos_config 1 1 junos_config https://docs.ansible.com/ansible/latest/modules/junos_config_module.html
  • 38. 2-1: 38 [vagrant@centos7 demo]$ ansible-playbook -i inventory set01.yml PLAY [junos] ********************************************************* TASK [config test] *************************************************** changed: [172.16.0.1] PLAY RECAP ********************************************************************** 172.16.0.1 : ok=1 changed=1 unreachable=0 failed=0 • ansible-playbook
  • 39. 2-1: 39 root@vsrx1> show configuration system ntp | display set set system ntp server 10.0.0.123 root@vsrx1> •
  • 41. 2-2: NTP 41 2 3 1( 2 3 1 [ ] {{ }} )
  • 42. 2-2: Playbook 42 - hosts: junos gather_facts: no tasks: - name: config test junos_config: src: template_ntp_junos.txt vars: ntp_servers: - 10.0.1.123 - 10.0.2.123 - 10.0.3.123 - 10.0.4.123 - 10.0.5.123 • Playbook set02.yml NTP IP ntp_servers Junos junos_config
  • 43. 2-2: 43 {% for n in ntp_servers %} set system ntp server {{ n }} {% endfor %} • template_ntp_j.txt for Playbook ntp_servers 2 2 2 • set system ntp server 10.0.1.123 set system ntp server 10.0.2.123 set system ntp server 10.0.3.123 set system ntp server 10.0.4.123 set system ntp server 10.0.5.123
  • 44. 2-2: 44 [vagrant@centos7 demo]$ ansible-playbook -i inventory set02.yml PLAY [junos] ********************************************************* TASK [config test] *************************************************** changed: [172.16.0.1] PLAY RECAP ********************************************************************** 172.16.0.1 : ok=1 changed=1 unreachable=0 failed=0 • ansible-playbook
  • 45. 2-2: 45 root@vsrx1> show configuration system ntp | display set set system ntp server 10.0.0.123 set system ntp server 10.0.2.123 set system ntp server 10.0.3.123 set system ntp server 10.0.4.123 set system ntp server 10.0.5.123 root@vsrx1> •
  • 47. 2-3: OK 47 ( () ( ( 2 34 34 y 1 ' '
  • 48. 2-3: Playbook 48 - hosts: junos gather_facts: no tasks: - name: confirm pause: prompt: "continue? [y/N]" register: input - name: abort fail: when: input.user_input != "y" - name: config test junos_config: lines: - set system ntp server 10.0.0.123 • Playbook set03.yml Junos junos_config pause input y
  • 49. 2-3: 1: 49 [vagrant@centos7 demo]$ ansible-playbook -i inventory set03.yml PLAY [junos] ****************************************************** TASK [confirm] **************************************************** [confirm] continue? [y/N]: y ok: [172.16.0.1] TASK [abort] ****************************************************** skipping: [172.16.0.1] TASK [config test] ************************************************ changed: [172.16.0.1] PLAY RECAP ******************************************************** 172.16.0.1 : ok=2 changed=1 unreachable=0 failed=0 • y y ansible-playbook
  • 50. 2-3: 2: 50 [vagrant@centos7 demo]$ ansible-playbook -i inventory set03.yml PLAY [junos] ******************************************************************** TASK [confirm] ******************************************************************** [confirm] continue? [y/N]: N ok: [172.16.0.1] TASK [abort] ******************************************************** fatal: [172.16.0.1]: FAILED! => {"changed": false, "msg": "Failed as requested from task"} PLAY RECAP ********************************************************************* 172.16.0.1 : ok=1 changed=0 unreachable=0 failed=1 • ansible-playbook N y
  • 51. 51
  • 52. changed *_config changed 52 - name: config ios_config: lines: - ntp ser 10.0.0.123 RouterA# sh run | inc ntp ntp server 10.0.0.123 • • Playbook server ser 172.16.0.2 : ok=1 changed=1 unreachable=0 failed=0 172.16.0.2 : ok=1 changed=1 unreachable=0 failed=0 Playbook changed • • . = / *- . / /= - /. = / = /? =/. - . == ##. - / - # /# =/ =# /= # / * ./# : = . = / - . / /= - /. = / = /? =/. - .
  • 53. SSH 53 fatal: [172.16.0.2]: FAILED! => {"msg": "paramiko: The authenticity of host '172.16.0.2' can't be established.¥nThe ssh-rsa key fingerprint is xxxxxxx."} ansible.cfg 1 [defaults] host_key_checking = False export ANSIBLE_HOST_KEY_CHECKING=False 2 [paramiko_connection] host_key_auto_add = True export ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD=True 3 SSH - - • fatal: [172.16.0.1]: FAILED! => {"msg": "Unknown host key [xxxxxxx] for [172.16.0.1]"} netconf network_cli 2 netconf
  • 54. Ansible 2.4 54 c u # c u # P c u c u -5 2 55 5 2 / . -5 . -5 :4 / - : -5 2 2 5 -5 2 55han b se [ se . / ogpur A -5 # ]ki tudogpur mid https://www.slideshare.net/akira6592/ansible25nw-92031433
  • 55. 55
  • 56. 0 4 0 56 lt 0 0 0 kb ia / _ o / / / n / A sr e /
  • 57. ◦ ◦ https://docs.ansible.com/ ◦ Ansible for Network Automation ◦ https://docs.ansible.com/ansible/latest/network/index.html ◦ Platform Options OES IOS Junos ◦ https://docs.ansible.com/ansible/latest/network/user_guide/platform_index.html ◦ ◦ https://docs.ansible.com/ansible/latest/modules/list_of_network_modules.html ◦ Ansible ◦ https://www.slideshare.net/akira6592/networkengineermeetsansible-85889620 ◦ Ansible ◦ https://www.slideshare.net/akira6592/ansibleadhocnetworkautomation ◦ Ansible 2.5 ◦ https://www.slideshare.net/akira6592/ansible25nw-92031433 57