Home Healthcare Learn how to Use Ansible with CML

Learn how to Use Ansible with CML

0
Learn how to Use Ansible with CML

[ad_1]

How can Ansible assist other folks development simulations with Cisco Modeling Labs (CML)?

Very similar to Terraform, Ansible is a not unusual, open-source automation software ceaselessly utilized in Steady Integration/Steady Deployment (CI/CD) DevOps methodologies. They’re each a kind of Infrastructure as Code (IaC) or Infrastructure as Information that let you render your infrastructure as textual content information and keep an eye on it the usage of gear akin to Git. The benefit is reproducibility, consistency, velocity, and the information that, while you alternate the code, other folks approve, and it will get examined earlier than it’s driven out in your manufacturing community. This paradigm lets in enterprises to run their community infrastructure in the similar approach they run their tool and cloud practices. Afterall, the infrastructure is there to strengthen the apps, so why organize them otherwise? 

Even though overlaps exist within the functions of Terraform and Ansible, they’re very complementary. Whilst Terraform is best on the preliminary deployment and making sure ongoing consistency of the underlying infrastructure, Ansible is best on the preliminary configuration and ongoing control of the issues that reside in that infrastructure, akin to methods, community gadgets, and so forth. 

In a not unusual workflow by which an operator desires to make a metamorphosis to the community, let’s say including a brand new community to be marketed by the use of BGP, a community engineer would specify that fluctuate within the code or much more likely as configuration knowledge in YAML or JSON. In a standard CI workflow, that fluctuate would wish to be authorized through others for correctness or adherence to company and safety issues, for example. Along with the eyeball exams, a chain of automatic checking out validates the information after which deploys the proposed alternate in a take a look at community. The ones exams will also be run in a bodily take a look at community, a digital take a look at community, or a mix of the 2. That float may appear to be the next: 

Workflow example

The good thing about leveraging digital take a look at networks is profound. The associated fee is dramatically decrease, and the facility to automate checking out is greater considerably. For instance, a community engineer can spin up and configure a brand new, complicated topology more than one instances with out the possibility of previous exams messing up the accuracy of the present checking out. Cisco Modeling Labs is a useful gizmo for this sort of take a look at. 

Right here’s the place the Ansible CML Assortment is available in. Very similar to the CML Terraform integration coated in a earlier weblog, the Ansible CML Assortment can automate the deployment of topologies in CML for checking out. The Ansible CML Assortment has modules to create, get started, and prevent a topology and the hosts inside of it, however extra importantly, it has a dynamic stock plugin for buying details about the topology. That is vital for automation as a result of topologies can alternate. Or more than one topologies may exist, relying at the exams being carried out. In case your topology makes use of dynamic host configuration protocol (DHCP) and/or CML’s PATty capability, the ideas for the way Ansible communicates with the nodes must be communicated to the playbook. 

Let’s pass over one of the crucial options of the Ansible CML Assortment’s dynamic stock plugin. 

First, we wish to set up the gathering: 

ansible-galaxy assortment set up cisco.cml 

Subsequent, we create a cml.yml within the stock with the next contents to inform Ansible to make use of the Ansible CML Assortment’s dynamic stock plugin: 

plugin: cisco.cml.cml_inventory 

group_tags: community, ios, nxos, router

As well as to specifying the plugin call, we will be able to additionally outline tags that, when discovered at the gadgets within the topology, upload that tool to an Ansible workforce for use later within the playbook: 

As well as to specifying the plugin call, we will be able to additionally outline tags that, when discovered at the gadgets within the topology, upload that tool to an Ansible workforce for use later within the playbook:

  • CML_USERNAME: Username for the CML consumer
  • CML_PASSWORD: Password for the CML consumer
  • CML_HOST: The CML host
  • CML_LAB: The call of the lab 

As soon as the plugin is aware of learn how to keep up a correspondence with the CML server and which lab to make use of, it might go back details about the nodes within the lab: 

good enough: [hq-rtr1] => { 

    "cml_facts": { 

        "config": "hostname hq-rtr1nvrf definition Mgmt-intfn!naddress-family ipv4nexit-address-familyn!naddress-family ipv6nexit-address-familyn!nusername admin privilege 15 secret 0 adminncdp runnno aaa new-modelnip domain-name mdd.cisco.comn!ninterface GigabitEthernet1nvrf forwarding Mgmt-intfnip tackle dhcpnnegotiation autonno cdp enablenno shutdownn!ninterface GigabitEthernet2ncdp enablen!ninterface GigabitEthernet3ncdp enablen!ninterface GigabitEthernet4ncdp enablen!nip http servernip http secure-servernip http max-connections 2n!nip ssh time-out 60nip ssh model 2nip ssh server set of rules encryption aes128-ctr aes192-ctr aes256-ctrnip ssh consumer set of rules encryption aes128-ctr aes192-ctr aes256-ctrn!nline vty 0 4nexec-timeout 30 0nabsolute-timeout 60nsession-limit 16nlogin localntransport enter sshn!nend", 

        "cpus": 1, 

        "data_volume": null, 

        "image_definition": null, 

        "interfaces": [ 

            { 

                "ipv4_addresses": null, 

                "ipv6_addresses": null, 

                "mac_address": null, 

                "name": "Loopback0", 

                "state": "STARTED" 

            }, 

            { 

                "ipv4_addresses": [ 

                    "192.168.255.199" 

                ], 

                "ipv6_addresses": [], 

                "mac_address": "52:54:00:13:51:66", 

                "call": "GigabitEthernet1", 

                "state": "STARTED" 

            } 

        ], 

        "node_definition": "csr1000v", 

        "ram": 3072, 

        "state": "BOOTED" 

    } 

} 


The primary IPv4 tackle discovered (so as of the interfaces) is used as `ansible_host` to allow the playbook to connect with the tool. We will use the cisco.cml.stock playbook integrated within the assortment to turn the stock. On this case, we best specify that we would like gadgets which might be within the “router” workforce created through the stock plugin as knowledgeable through the tags at the gadgets: 

mdd % ansible-playbook cisco.cml.stock --limit=router 

good enough: [hq-rtr1] => { 

    "msg": "Node: hq-rtr1(csr1000v), State: BOOTED, Deal with: 192.168.255.199:22" 

} 

good enough: [hq-rtr2] => { 

    "msg": "Node: hq-rtr2(csr1000v), State: BOOTED, Deal with: 192.168.255.53:22" 

} 

good enough: [site1-rtr1] => { 

    "msg": "Node: site1-rtr1(csr1000v), State: BOOTED, Deal with: 192.168.255.63:22" 

} 

good enough: [site2-rtr1] => { 

    "msg": "Node: site2-rtr1(csr1000v), State: BOOTED, Deal with: 192.168.255.7:22" 

} 


Along with workforce tags, the CML dynamic stock plugin will even parse tags to cross knowledge from PATty and to create generic stock details: 

 

If a CML tag is specified that fits `^pat:(?:tcp|udp)?:?(d+):(d+)`, the CML server tackle (versus the primary IPv4 tackle discovered) might be used for `ansible_host`. To modify `ansible_port` to indicate to the translated SSH port, the tag `ansible:ansible_port=2020` will also be set. Those two tags inform the Ansible playbook to connect with port 2020 of the CML server to automate the required host within the topology. The `ansible:` tag can be used to specify different host details. For instance, the tag `ansible:nso_api_port=2021` can be utilized to inform the playbook the port to make use of to succeed in the Cisco NSO API. Any arbitrary truth will also be set on this approach. 

Getting began 

Checking out the CML Ansible Assortment is straightforward. You’ll use the playbooks equipped within the assortment to load and get started a topology on your CML server. To start out, outline the surroundings variable that tells the gathering learn how to get right of entry to your CML server: 

% export CML_HOST=my-cml-server.my-domain.com 

% export CML_USERNAME=my-cml-username 

% export CML_PASSWORD=my-cml-password 

Your next step is to outline your topology record. That is a same old topology record you can export from CML. There are two tactics to outline the topology record. First, you’ll use  an atmosphere variable: 

% export CML_LAB=my-cml-labfile 

Then again, you’ll specify the topology record while you run the playbook as an additionalvar.  For instance, to spin up a topology the usage of the in-built cisco.cml.construct playbook: 

% ansible-playbook cisco.cml.construct -e wait="sure" -e  

This command lots and begins the topology; then it waits till all nodes are operating to finish.  If -e startup=’host’ is specified, the playbook will get started each and every host personally versus beginning them .  This permits for the config to be generated and fed into the host on startup.  When cml_config_file is outlined within the host’s stock, it’s parsed as a Jinja record and fed into that host as config at startup.  This permits for just-in-time configuration to happen. 

As soon as the playbook completes, you’ll use some other integrated playbook, cisco.cml.stock, to get the stock for the topology.  With a purpose to use it, first create a cml.yml within the stock listing as proven above, then run the playbook as follows: 

% ansible-playbook cisco.cml.stock 

PLAY [cml_hosts] ********************************************************************** 

TASK [debug] ********************************************************************** 

good enough: [WAN-rtr1] => { 

    "msg": "Node: WAN-rtr1(csr1000v), State: BOOTED, Deal with: 192.168.255.53:22" 

} 

good enough: [nso1] => { 

    "msg": "Node: nso1(ubuntu), State: BOOTED, Deal with: my-cml-server.my-domain.com:2010" 

} 

good enough: [site1-host1] => { 

    "msg": "Node: site1-host1(ubuntu), State: BOOTED, Deal with: site1-host1:22" 

} 

On this truncated output, 3 other situations are proven.  First, WAN-rtr1 is assigned the DHCP tackle it gained for its ansible_host worth, and ansible port is 22. If the host operating the playbook has IP connectivity (both within the topology or a community hooked up to the topology with an exterior connector), it’ll have the ability to succeed in that host. 

The second one situation presentations an instance of the PATty capability with the host nso1 by which the dynamic stock plugin reads the ones tags to resolve that the host is to be had throughout the CML server’s interface (i.e. ansible_host is ready to my-cml-server.my-domain.com).  Additionally, it is aware of that ansible_port must be set to the port specified within the tags (i.e. 2010).  After those values are set, the ansible playbook can succeed in the host within the topology the usage of the PATty capability in CML. 

The closing instance, site1-host1, presentations the situation by which the CML dynamic stock script can both discover a DHCP allotted tackle or tags to specify to what ansible_host must be set, so it makes use of the node call.  For the playbook to succeed in the ones hosts, it must have IP connectivity and have the ability to unravel the node call to an IP tackle. 

Those integrated playbooks display examples of learn how to use the capability within the CML Ansible Assortment to construct your personal playbooks, however you’ll additionally use them without delay as a part of your pipeline.  In truth, we ceaselessly use them without delay within the pipelines we construct for purchasers. 

If you wish to be informed extra concerning the CML Ansible Assortment, you’ll in finding it in Ansible Galaxy in addition to on Github. 

You’ll additionally discover a complete, IaC CI/CD pipeline the usage of those modules right here.

 

Sign up for the Cisco Finding out Community lately without cost.

Apply Cisco Finding out & Certifications

Twitter | Fb | LinkedIn | Instagram | YouTube

Use #CiscoCert to enroll in the dialog.

Proportion:



[ad_2]

LEAVE A REPLY

Please enter your comment!
Please enter your name here