With Ansible we can better and faster manage network infrastructure such as Cisco IOS and ASA.
If you want to change the IP address of an interface, add more ACE into the router, check running configuration with master configuration in ansible then apply the master configuration
- name: configure top level configuration ios_config: lines: hostname {{ inventory_hostname }} - name: configure interface settings ios_config: lines: - description test interface - ip address 172.31.1.1 255.255.255.0 parents: interface Ethernet1 - name: load new acl into device ios_config: lines: - 10 permit ip host 1.1.1.1 any log - 20 permit ip host 2.2.2.2 any log - 30 permit ip host 3.3.3.3 any log - 40 permit ip host 4.4.4.4 any log - 50 permit ip host 5.5.5.5 any log parents: ip access-list extended test before: no ip access-list extended test match: exact - name: check the running-config against master config ios_config: diff_config: intended intended_config: "{{ lookup('file', 'master.cfg') }}" - name: check the startup-config against the running-config ios_config: diff_against: startup diff_ignore_lines: - ntp clock .* - name: save running to startup when modified ios_config: save_when: modified
Example: backup configuration
hosts file(/etc/ansible/hosts):
[CSR-Routers] CSR-01 ansible_host=192.168.244.129 CSR-02 ansible_host=192.168.1.171
Playbook file (/etc/ansible/playbooks/backup.yaml)
---
- hosts:CSR-02
gather_facts: true
connection: local
tasks:
- name: show run
ios_command:
commands:
- show run
host: "{{ ansible_host }}"
username: frank
password: cisco
register: config
- name: save output to /etc/ansible/backups
copy:
content: "{{ config.stout[0] }}"
dest: "/etc/ansible/backups/show_run_{{ inventory_hostname }}.txt"
Reference
IOS config Module: http://docs.ansible.com/ansible/latest/ios_config_module.html
List of Network Modules: http://docs.ansible.com/ansible/latest/list_of_network_modules.html
Supported Network Platforms: https://access.redhat.com/solutions/3184741