In previous post, I have mentioned about some simple scripting of Python for Arista. But today we will take a bigger step to automation of network. We will mention about Ansible and its components such that playbook, inventory and using to Arista topologies. We will not touch details of Ansible here, our purpose is how to use it to build our automated environment by knowing less scripting language.
Ansible is package that have modules of many python scripting of multi vendor, like Arista, Cisco, Citrix,A10, Azur, AWS etc. You will create an host file that includes you environment devices and playbooks to send tasks them. Ansible simply takes variables by user and exevute proper scripts to devices and configure them. It does this by SSH or API. I always prefer API. In below topology, I will create VLAN,Interface VLAN, Assignment IP address and BGP which redistribute connected routes each other.
Ansible holds eos modules of Arista in it is module directory. Those modues consist of Python scripting for you. BGP,LINKAGG,VLAN,INTERFACE etc.. Here notes that Arista continue to develop its modules with Ansible so some modules are replaced eos_config module for workaround solution. In ansible, you choose random module, give its paramters. Thats it. But for Arista, there is eos_config that provides reading config file directly and send it to devices directly. This is under develop and actually I preferer not use to read directly config. Because in config file, you should configure the config as you are in CLI. But our purpose is not to use CLI anymore in automated environment.
In my lab environment, I have a Centos 7 server and two arista switches whose management IPs are in same subnet. Centos is ansible controller server which holds my host and playbook files to run.
Part 1:Hosts File
Below is host file that to use of playbook file. This is simply shows IP address and connection method to devices. See not CLI, it is API.
[eos_switches]
192.168.81.139
192.168.81.140
[eos_switches:vars]
ansible_connection=httpapi
ansible_httpapi_use_ssl=yes
ansible_httpapi_validate_certs=no
ansible_network_os=eos
ansible_user=eapi
ansible_password=icantellyou
ansible_become=yes
ansible_become_method=enable
ansible_become_password=icantellyouansible_python_interpreter=/usr/bin/python3
Part 2:Playbook YAML File
Now, play is starting with playbook. Playbook is a YAML file. In my playbook, first I stated to hosts as eos_switches which are my devices. My playbook, after this “hosts” will see “tasks” which will be run. This part is consist of “modules“. This tasks will check version, send banner, create vlan and assignment vlan to interface ethernet 1 for both switches with the aid of hosts:eos_switches.
Second part is running per devices with the aid of hosts:eos_switches[0] and [1]. Because, there is IP address assignment and bgp config here so because of that, configuration should be configured per switches.Else, same tasks will be run for both switches. In this part, as you see, I used eos_config.py module for BGP. Normally, we would prefer eos_bgp.py module but there is bug and this is why we prefer eos_config.py for sending BGP from bgp.cfg.
– hosts: eos_switches
connection: local
tasks:
– name: Gather Show Version Facts
eos_command:
commands:
– ‘show version’
register: showvers
– debug:
var: showvers
– name: configure the login banner
eos_banner:
banner: login
text: |
###THIS IS MY LAB BANNER###
###FOR BGP ENVIRONMENT IN ARISTA###
state: present
– name: Create vlan
eos_vlan:
vlan_id: 4091
name: CONNECTION-P2P
state: present
– name: configure interface
eos_interface:
name: ethernet1
description: CONNECTION-P2P-INT
state: present
– name: Ensure Ethernet1 is a trunk port
eos_l2_interface:
name: Ethernet1
state: present
mode: trunk
native_vlan: 1
trunk_allowed_vlans: 4091
–
hosts: eos_switches[0]
tasks:
– name: Set intvlan4091 IPv4 address for arista1
eos_l3_interface:
name: vlan4091
ipv4: 192.168.0.1/30
– name: Set loopback IPv4 address for arista1
eos_l3_interface:
name: loopback0
ipv4: 10.0.0.1/32
– name: BGP config for arista1
eos_config:
src: bgp.cfg
save_when: changed
– hosts: eos_switches[1]
tasks:
– name: Set eintvlan4091 IPv4 address for arista2
eos_l3_interface:
name: vlan4091
ipv4: 192.168.0.2/30
– name: Set loopback IPv4 address for arista2
eos_l3_interface:
name: loopback0
ipv4: 10.0.0.2/32
– name: BGP config for arista2
eos_config:
src: bgp2.cfg
save_when: changed
Sample Config of Arista after Ansible Using
arista1#show running-config interfaces vlan 4091
interface Vlan4091
ip address 192.168.0.1/30
arista1#show running-config interfaces ethernet 1
interface Ethernet1
description CONNECTION-P2P-INT
switchport trunk allowed vlan 4091
switchport mode trunk
arista1#show running-config | section bgp
router bgp 100
neighbor 192.168.0.2 remote-as 101
neighbor 192.168.0.2 maximum-routes 12000
redistribute connected
As a result, Ansible will help you to automate your network not only network devices. With some practise and reading of documentation, you can understand the modules and its required parameters to create you configuration. At the end of it, you can put a web page in front of Ansible to get variables from user and run tasks on web page. I think CLI has come to end.
hi,
thanks.
I am testing with 1 switch first. My ssh from CentOS to the switch is fine, but when i run a simple playbook i have error.
PLAY [leaf1] *********************************************************************************************************************************************
TASK [Configure Arista Vlans] ****************************************************************************************************************************
fatal: [leaf1]: FAILED! => {“changed”: false, “msg”: “Connection type local is not valid for this module”}
when i remove connection local.
PLAY [leaf1] *********************************************************************************************************************************************
TASK [Configure Arista Vlans] ****************************************************************************************************************************
fatal: [leaf1]: FAILED! => {“changed”: false, “msg”: “Connection type ssh is not valid for this module”}
PLAY RECAP ***********************************************************************************************************************************************
leaf1 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Hi Shakeel,
python of ansible for arista supports api. not ssh. some modules are written by ansible for ssh. it is not working.
so please careful to choose correct ansible modules. modules can be in below directory.
/usr/share/ansible/modules/
or
ansible –version
ansible 2.5.5
config file = /etc/ansible/ansible.cfg
configured module search path = [u’/root/.ansible/plugins/modules’, u’/usr/share/ansible/plugins/modules’]
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]