├── .gitignore ├── .gitmodules ├── LICENSE ├── README.md ├── ansible.cfg ├── attach-template.yml ├── build.yml ├── clean.yml ├── configure.yml ├── detach-template.yml ├── export-templates.yml ├── import-templates.yml ├── inventory ├── group_vars │ └── all │ │ ├── credentials.yml │ │ ├── system.yml │ │ ├── viptela.yml │ │ └── virl.yml ├── host_vars │ ├── core │ │ ├── network.yml │ │ └── virl.yml │ ├── host1 │ │ ├── network.yml │ │ └── virl.yml │ ├── host2 │ │ ├── network.yml │ │ └── virl.yml │ ├── hq │ │ ├── network.yml │ │ └── virl.yml │ ├── internet │ │ ├── network.yml │ │ └── virl.yml │ ├── server1 │ │ ├── network.yml │ │ └── virl.yml │ ├── service1 │ │ ├── network.yml │ │ └── virl.yml │ ├── sp │ │ ├── network.yml │ │ └── virl.yml │ ├── vbond1 │ │ ├── network.yml │ │ └── virl.yml │ ├── vedge-hq │ │ ├── network.yml │ │ └── virl.yml │ ├── vedge1 │ │ ├── network.yml │ │ └── virl.yml │ ├── vedge2 │ │ ├── network.yml │ │ └── virl.yml │ ├── vmanage1 │ │ ├── network.yml │ │ └── virl.yml │ └── vsmart1 │ │ ├── network.yml │ │ └── virl.yml ├── viptela-workshop.yml └── virl.py ├── inventory_files ├── vedge1_network.yml ├── viptela-workshop-1branch.yml └── viptela-workshop-2branch.yml ├── licenses └── serialFile.viptela ├── myCA └── myCA.ext ├── requirements.txt ├── templates ├── ios │ ├── cli │ │ ├── bgp.j2 │ │ ├── dns.j2 │ │ ├── interfaces.j2 │ │ ├── ntp.j2 │ │ ├── ospf.j2 │ │ ├── static-routes.j2 │ │ └── system.j2 │ └── virl.j2 ├── viptela │ └── netconf.j2 └── virl │ ├── lxc.j2 │ ├── topology_v1.j2 │ └── vmanage.j2 ├── viptela1.png └── vmanage_templates.yml /.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | *.csr 3 | *.key 4 | *.pem 5 | *.crt 6 | backup/ 7 | .virl/ 8 | .virlrc 9 | viptela_api_cookie 10 | venv/ 11 | topo.virl 12 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "roles/ansible-viptela"] 2 | path = roles/ansible-viptela 3 | url = https://github.com/CiscoDevNet/ansible-viptela.git 4 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Cisco and/or its affiliates. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # sd-wan-ansible-pipeline-code 2 | This collection of Ansible inventory and playbooks is designed to be used with the DevNet Learning Module [Cisco SD-WAN Ansible Pipeline](https://developer.cisco.com/learning/modules/sd-wan-ansible-pipeline) and the DevNet [Multi-IOS Cisco Test Network](https://devnetsandbox.cisco.com/RM/Topology) sandbox. However, it can also be applied to any VIRL server that has the appropriate Cisco SD-WAN images installed. 3 | 4 | > Note: future development of the SDWAN DevOps code base has been moved to the [sdwan-devops](https://github.com/CiscoDevNet/sdwan-devops) repo. There are many improvements there, including support for VIRL2/CML2 and VMware deployments. 5 | 6 | ## Requirements 7 | - VIRL server with vManage, vSmart, vBond and vEdge images installed. For instructions on how to do this, look at the [virl-howtos](https://github.com/CiscoSE/virl-howtos) repo. 8 | - [sshpass](https://sourceforge.net/projects/sshpass/) installed 9 | 10 | ## Installation 11 | Clone the repo. Note the use of the recursive switch. This is to make sure the necessary submodules get pulled down as well. 12 | ``` 13 | git clone --recursive https://github.com/CiscoDevNet/sd-wan-ansible-pipeline-code.git 14 | ``` 15 | Change into the sd-wan-ansible-pipeline-code directory. 16 | ``` 17 | cd sd-wan-ansible-pipeline-code 18 | ``` 19 | Install the required Python modules. 20 | ``` 21 | pip install -r requirements.txt 22 | ``` 23 | ## Topology 24 | The Ansible inventory data included in this repo is designed to build and configure the following topology: 25 | 26 | ![Topology](viptela1.png) 27 | 28 | ## Playbooks 29 | There are seven playbooks in this collection: 30 | - **build.yml** builds the dynamic VIRL topology file and starts the simulation 31 | - **configure.yml** pushes the Day 1 configuration to devices via NETCONF 32 | - **import-templates.yml** imports device/feature templates into vManage 33 | - **export-templates.yml** writes device/feature templates from vManage to a local YAML file 34 | - **attach-template.yml** attaches device templates to devices 35 | - **detach-template.yml** detaches device templates from devices 36 | - **clean.yml** cleans up file and stops the simulation 37 | 38 | ## Basic usage 39 | Build the topology. 40 | ``` 41 | ansible-playbook build.yml 42 | ``` 43 | Bring up the control plane and basic device connectivity. 44 | ``` 45 | ansible-playbook configure.yml 46 | ``` 47 | Import device/feature templates into vManage 48 | ``` 49 | ansible-playbook import-templates.yml 50 | ``` 51 | Attach device templates to devices. 52 | ``` 53 | ansible-playbook attach-template.yml 54 | ``` 55 | When you're done, cleanup. 56 | ``` 57 | ansible-playbook clean.yml 58 | ``` 59 | ## Adding a site to the topology 60 | Ensure you are starting with clean directory and no simulation running. 61 | ``` 62 | ansible-playbook clean.yml 63 | ``` 64 | Copy a new viptela-workshop.yml file with the additional branch site into the inventory directory. 65 | ``` 66 | cp inventory_files/viptela-workshop-2branch.yml inventory/viptela-workshop.yml 67 | ``` 68 | Build the topology. 69 | ``` 70 | ansible-playbook build.yml 71 | ``` 72 | Bring up the control plane and basic device connectivity. 73 | ``` 74 | ansible-playbook configure.yml 75 | ``` 76 | Import device/feature templates into vManage 77 | ``` 78 | ansible-playbook import-templates.yml 79 | ``` 80 | Attach device templates to devices. 81 | ``` 82 | ansible-playbook attach-template.yml 83 | ``` 84 | > Note: It can take some time for vEdges to register in vManage, trying to run the attach-template.yml playbook before the vEdge is registered in vManage will result in an error. 85 | ## Updating a device banner 86 | Copy a new network.yml file with an updated banner into the vedge1 directory. 87 | ``` 88 | cp inventory_files/vedge1_network.yml inventory/host_vars/vedge1/ 89 | ``` 90 | Reattach the device template to vedge1 91 | ``` 92 | ansible-playbook attach-template.yml --limit=vedge1 93 | ``` 94 | ## Useful tips 95 | 1. Use `virl nodes` to find node management IP addresses. 96 | 1. When running the attach-template.yml playbook, you can limit the playbook to a specific node (e.g `--limit=vedge1`). 97 | 1. When running the configure.yml playbook, you can limit the playbook to just control plane or just edge with `--limit=control` and `--limit=edge`. 98 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | roles_path = ${PWD}/roles 3 | host_key_checking = False 4 | inventory = ./inventory 5 | local_tmp = /tmp/ansible/${USER} 6 | remote_tmp = /tmp/ansible/${USER} 7 | 8 | [persistent_connection] 9 | connect_timeout = 60 10 | command_timeout = 60 11 | -------------------------------------------------------------------------------- /attach-template.yml: -------------------------------------------------------------------------------- 1 | - name: Attach Templates 2 | hosts: viptela:&virl_hosts 3 | connection: local 4 | gather_facts: no 5 | roles: 6 | - ansible-viptela 7 | vars: 8 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 9 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 10 | state: present 11 | tasks: 12 | - block: 13 | - name: Attach template to device 14 | vmanage_device_attachment: 15 | user: "{{ ansible_user }}" 16 | host: "{{ vmanage_ip }}" 17 | password: "{{ ansible_password }}" 18 | device: "{{ inventory_hostname }}" 19 | template: "{{ viptela.template.name }}" 20 | variables: "{{ viptela.template.variables | default(omit) }}" 21 | wait: yes 22 | state: "{{ state }}" 23 | delegate_to: localhost 24 | when: viptela.template is defined 25 | register: attachment_results 26 | 27 | # - debug: 28 | # var: attachment_results 29 | # - block: 30 | # - name: Attach template to device 31 | # vmanage_device_action_status: 32 | # user: "{{ ansible_user }}" 33 | # host: "{{ vmanage_ip }}" 34 | # password: "{{ ansible_password }}" 35 | # id: "{{ attachment_results.action_id }}" 36 | # when: attachment_results.action_id is defined 37 | # register: action_status 38 | # until: action_status.json.data[0].statusId != 'in_progress' 39 | # retries: 48 40 | # delay: 5 41 | # 42 | # 43 | # - debug: 44 | # msg: "{{ action_status.json.data[0].statusId }}: {{ action_status.json.data[0].currentActivity}}" 45 | # when: attachment_results.changed 46 | # failed_when: action_status.json.data[0].statusId == 'failure' 47 | 48 | when: viptela is defined 49 | 50 | delegate_to: localhost 51 | -------------------------------------------------------------------------------- /build.yml: -------------------------------------------------------------------------------- 1 | - name: Add host to topology 2 | hosts: all 3 | gather_facts: no 4 | tags: 5 | - group 6 | vars: 7 | virt_platform: none 8 | tasks: 9 | - block: 10 | - name: Check for VIRL information 11 | set_fact: 12 | virt_platform: virl 13 | 14 | - name: Generate Day0 config 15 | set_fact: 16 | day0_config: "{{ lookup('template', virl.config_template) }}" 17 | when: virl.config_template is defined 18 | when: virl is defined 19 | 20 | - name: Add to VIRL topology 21 | group_by: 22 | key: "virt_{{ virt_platform }}" 23 | 24 | - name: Generate topology and start simulation 25 | hosts: localhost 26 | connection: local 27 | run_once: yes 28 | gather_facts: no 29 | vars: 30 | topo_file: topo.virl 31 | topo_name: "{{ topo_file.split('.')[0] }}" 32 | topo_id: "{{ lookup('password', '/dev/null length=4 chars=ascii_letters') }}" 33 | tasks: 34 | - name: Check for existing simulation 35 | stat: 36 | path: "{{ virl_sim_file }}" 37 | register: stat_result 38 | 39 | - block: 40 | - name: Generate the Topology 41 | set_fact: 42 | topo_data: "{{ lookup('template', 'virl/topology_v1.j2') }}" 43 | session: "{{ virl_tag }}_{{ topo_name }}_{{ topo_id }}" 44 | 45 | - name: Write debug topology file 46 | copy: 47 | content: "{{ topo_data }}" 48 | dest: topo.virl 49 | 50 | - name: Create simulation environment directory 51 | file: 52 | path: "{{ virl_sim_file | dirname }}" 53 | state: directory 54 | 55 | - name: Create simulation ID file 56 | copy: 57 | dest: "{{ virl_sim_file }}" 58 | content: "{{ session }}" 59 | 60 | - name: Launch the simulation {{ session }} 61 | uri: 62 | url: "http://{{ virl_host }}:19399/simengine/rest/launch?session={{ session }}" 63 | user: "{{ virl_username }}" 64 | password: "{{ virl_password }}" 65 | method: POST 66 | headers: 67 | Content-Type: "text/xml;charset=UTF-8" 68 | body: "{{ topo_data }}" 69 | register: uri_results 70 | until: uri_results['status']|default(0) < 300 or uri_results['status']|default(0) >= 400 71 | retries: 60 72 | delay: 10 73 | when: not stat_result.stat.exists 74 | 75 | - name: Get the existing session ID 76 | set_fact: 77 | session: "{{lookup('file', virl_sim_file) }}" 78 | when: stat_result.stat.exists 79 | 80 | - name: Check the status of simulation {{ session }} 81 | uri: 82 | url: "http://{{ virl_host }}:19399/simengine/rest/status/{{ session }}" 83 | user: "{{ virl_username }}" 84 | password: "{{ virl_password }}" 85 | method: GET 86 | register: uri_results 87 | 88 | - assert: 89 | that: 90 | - uri_results.json.state == 'ACTIVE' 91 | msg: "Session {{ session }} is not active. Either it did not start properly or was not cleaned properly. Please run the clean.yml playbook and try again." 92 | 93 | - set_fact: 94 | session: "{{ lookup('file', virl_sim_file, errors='ignore') }}" 95 | 96 | - name: Waiting for all nodes to become reachable 97 | uri: 98 | url: "http://{{ virl_host }}:19399/simengine/rest/nodes/{{ session }}" 99 | user: "{{ virl_username }}" 100 | password: "{{ virl_password }}" 101 | method: GET 102 | register: uri_results 103 | until: (uri_results.json[session] is defined) and (uri_results.json[session].values() | map(attribute='reachable') | list | unique | join('') | bool) 104 | retries: 60 105 | delay: 10 -------------------------------------------------------------------------------- /clean.yml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | gather_facts: no 3 | tasks: 4 | - name: Remove host from known_hosts 5 | known_hosts: 6 | name: "{{ hostvars[item].ansible_host }}" 7 | state: absent 8 | when: hostvars[item].ansible_host is defined 9 | loop: "{{ groups.all }}" 10 | 11 | - name: Find previsouly created certs 12 | find: 13 | paths: "{{ viptela_cert_dir }}" 14 | patterns: '*.pem,*.key,*.csr,*.crt' 15 | register: find_results 16 | 17 | - name: Delete previsouly created certs 18 | file: 19 | path: "{{ item['path'] }}" 20 | state: absent 21 | with_items: "{{ find_results['files'] }}" 22 | 23 | - set_fact: 24 | sim_id: "{{ lookup('file', virl_sim_file, errors='ignore') }}" 25 | 26 | - name: Destroy the simulation 27 | uri: 28 | url: "http://{{ virl_host }}:19399/simengine/rest/stop/{{ sim_id }}" 29 | user: "{{ virl_username }}" 30 | password: "{{ virl_password }}" 31 | method: GET 32 | return_content: yes 33 | no_log: false # Don't show output as your password will be on the URI string 34 | register: uri_results 35 | failed_when: false 36 | delegate_to: localhost 37 | 38 | - name: Delete Simulation ID File 39 | file: 40 | path: "{{ virl_sim_file }}" 41 | state: absent -------------------------------------------------------------------------------- /configure.yml: -------------------------------------------------------------------------------- 1 | - name: Check playbook reqiurements 2 | hosts: localhost 3 | tags: 4 | - control 5 | - edge 6 | - CA 7 | any_errors_fatal: true 8 | gather_facts: no 9 | tasks: 10 | - name: Check for the license file 11 | stat: 12 | path: "{{ serial_number_file }}" 13 | register: stat_result 14 | 15 | - assert: 16 | that: 17 | - stat_result.stat.exists 18 | - organization_name != "" 19 | msg: "'organization_name' must be defined and {{ serial_number_file }} must exist. Verify the requirements in README are met." 20 | 21 | - name: Check initial connectivity 22 | hosts: router:&virl_hosts 23 | tags: 24 | - check_control 25 | - check_all 26 | - control 27 | - edge 28 | - CA 29 | any_errors_fatal: true 30 | connection: network_cli 31 | gather_facts: no 32 | tasks: 33 | - ios_ping: 34 | dest: "{{ item }}" 35 | count: 60 36 | loop: 37 | - 10.0.1.10 38 | - 10.100.1.10 39 | tags: 40 | - initial 41 | 42 | - name: Verify that vManage is fully operational 43 | hosts: localhost 44 | tags: 45 | - check_control 46 | - check_all 47 | - control 48 | - edge 49 | - CA 50 | any_errors_fatal: true 51 | gather_facts: no 52 | tasks: 53 | - name: Waiting for vManage API to start 54 | uri: 55 | url: "https://{{ hostvars['vmanage1'].ansible_host }}/dataservice/system/device/controllers" 56 | method: POST 57 | body: 58 | j_username: "{{ viptela_api_username }}" 59 | j_password: "{{ viptela_api_password }}" 60 | body_format: form-urlencoded 61 | return_content: yes 62 | validate_certs: no 63 | no_log: false 64 | register: uri_results 65 | delegate_to: localhost 66 | failed_when: false 67 | until: uri_results.msg.find("OK") != -1 68 | retries: 60 69 | delay: 10 70 | 71 | - name: Create local CA 72 | hosts: localhost 73 | tags: 74 | - control 75 | - edge 76 | - CA 77 | any_errors_fatal: true 78 | gather_facts: no 79 | tasks: 80 | - name: Ensure directory exists for local self-signed TLS certs. 81 | file: 82 | path: "{{ viptela_cert_dir }}" 83 | state: directory 84 | 85 | - name: Generate an OpenSSL private key. 86 | openssl_privatekey: 87 | cipher: des3 88 | passphrase: "{{ viptela_CA_passphrase }}" 89 | path: "{{ viptela_cert_dir }}/myCA.key" 90 | 91 | - name: Generate an OpenSSL CSR. 92 | openssl_csr: 93 | path: "{{ viptela_cert_dir }}/myCA.csr" 94 | privatekey_path: "{{ viptela_cert_dir }}/myCA.key" 95 | privatekey_passphrase: "{{ viptela_CA_passphrase }}" 96 | common_name: viptelaCA.local 97 | 98 | - name: Generate a Self Signed OpenSSL certificate. 99 | openssl_certificate: 100 | path: "{{ viptela_cert_dir }}/myCA.pem" 101 | privatekey_path: "{{ viptela_cert_dir }}/myCA.key" 102 | privatekey_passphrase: "{{ viptela_CA_passphrase }}" 103 | csr_path: "{{ viptela_cert_dir }}/myCA.csr" 104 | provider: selfsigned 105 | 106 | - name: Configuring Viptela components 107 | hosts: viptela_control:&virl_hosts 108 | tags: 109 | - control 110 | - edge 111 | any_errors_fatal: true 112 | connection: netconf 113 | gather_facts: no 114 | tasks: 115 | - name: Push NETCONF template 116 | netconf_config: 117 | content: "{{ lookup('template', 'viptela/netconf.j2') }}" 118 | 119 | - name: Check connetivty to Viptela control plane 120 | hosts: router:&virl_hosts 121 | tags: 122 | - control 123 | - edge 124 | - check_control 125 | - check_all 126 | any_errors_fatal: true 127 | connection: network_cli 128 | gather_facts: no 129 | tasks: 130 | - ios_ping: 131 | dest: "{{ hostvars[item].vpn_instances[0].interfaces[0].ip.address | ipaddr('address') }}" 132 | loop: "{{ groups.viptela_control }}" 133 | 134 | - name: Verify that vManage is fully operational 135 | hosts: localhost 136 | tags: 137 | - check_control 138 | - check_all 139 | - control 140 | - edge 141 | - CA 142 | any_errors_fatal: true 143 | gather_facts: no 144 | tasks: 145 | - name: Waiting for vManage API to start 146 | uri: 147 | url: "https://{{ hostvars['vmanage1'].ansible_host }}/dataservice/system/device/controllers" 148 | method: POST 149 | body: 150 | j_username: "{{ viptela_api_username }}" 151 | j_password: "{{ viptela_api_password }}" 152 | body_format: form-urlencoded 153 | return_content: yes 154 | validate_certs: no 155 | no_log: true 156 | register: uri_results 157 | delegate_to: localhost 158 | failed_when: false 159 | until: uri_results.msg.find("OK") != -1 160 | retries: 60 161 | delay: 10 162 | 163 | - name: Configure vmanage 164 | hosts: localhost 165 | roles: 166 | - ansible-viptela 167 | tags: 168 | - control 169 | - edge 170 | any_errors_fatal: true 171 | gather_facts: no 172 | tasks: 173 | - set_fact: 174 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 175 | 176 | - set_fact: 177 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 178 | 179 | - debug: 180 | msg: "vManage IP: {{ vmanage_ip }}" 181 | 182 | - name: Add vBond Hosts 183 | include_role: 184 | name: ansible-viptela 185 | tasks_from: add-controller 186 | vars: 187 | device_hostname: "{{ item }}" 188 | device_ip: "{{ hostvars[item].viptela.transport_ip }}" 189 | device_personality: vbond 190 | loop: "{{ groups.vbond_hosts }}" 191 | 192 | - name: Add vSmart Hosts 193 | include_role: 194 | name: ansible-viptela 195 | tasks_from: add-controller 196 | vars: 197 | device_hostname: "{{ item }}" 198 | device_ip: "{{ hostvars[item].viptela.transport_ip }}" 199 | device_personality: vsmart 200 | loop: "{{ groups.vsmart_hosts }}" 201 | 202 | - name: Set organization 203 | include_role: 204 | name: ansible-viptela 205 | tasks_from: set-org 206 | vars: 207 | org_name: "{{ organization_name }}" 208 | 209 | - set_fact: 210 | vbond_controller: "{{ groups.vbond_hosts[0] }}" 211 | 212 | - name: Set vBond 213 | include_role: 214 | name: ansible-viptela 215 | tasks_from: set-vbond 216 | vars: 217 | vbond_ip: "{{ hostvars[vbond_controller].viptela.transport_ip }}" 218 | 219 | - name: Set Enterprise Root CA 220 | include_role: 221 | name: ansible-viptela 222 | tasks_from: set-rootca 223 | vars: 224 | root_cert: "{{lookup('file', '{{ viptela_cert_dir }}/myCA.pem')}}" 225 | 226 | - name: Get Controler CSR 227 | include_role: 228 | name: ansible-viptela 229 | tasks_from: get-csr 230 | vars: 231 | device_ip: "{{ hostvars[item].viptela.transport_ip }}" 232 | device_hostname: "{{ item }}" 233 | csr_filename: "{{ viptela_cert_dir }}/{{ item }}.csr" 234 | loop: "{{ groups.viptela_control }}" 235 | 236 | - name: Sign Controller Cert 237 | openssl_certificate: 238 | csr_path: "{{ viptela_cert_dir }}/{{ item }}.csr" 239 | path: "{{ viptela_cert_dir }}/{{ item }}.crt" 240 | provider: ownca 241 | ownca_path: "{{ viptela_cert_dir }}/myCA.pem" 242 | ownca_privatekey_path: "{{ viptela_cert_dir }}/myCA.key" 243 | ownca_privatekey_passphrase: "{{ viptela_CA_passphrase }}" 244 | loop: "{{ groups.viptela_control }}" 245 | delegate_to: localhost 246 | 247 | - name: Install Controller Certificate 248 | include_role: 249 | name: ansible-viptela 250 | tasks_from: install-cert 251 | vars: 252 | device_cert: "{{lookup('file', '{{ viptela_cert_dir }}/{{ item }}.crt')}}" 253 | loop: "{{ groups.viptela_control }}" 254 | 255 | - name: Install Serial File 256 | vmanage_fileupload: 257 | host: "{{ vmanage_ip }}" 258 | user: "{{ ansible_user }}" 259 | password: "{{ ansible_password }}" 260 | file: "{{ serial_number_file }}" 261 | delegate_to: localhost 262 | 263 | - name: Configuring Viptela components 264 | hosts: viptela_vedge:&virl_hosts 265 | tags: 266 | - edge 267 | any_errors_fatal: true 268 | connection: netconf 269 | gather_facts: no 270 | tasks: 271 | - name: Push NETCONF template 272 | netconf_config: 273 | content: "{{ lookup('template', 'viptela/netconf.j2') }}" 274 | 275 | - name: Check connetivty to edges 276 | hosts: router:&virl_hosts 277 | tags: 278 | - edge 279 | - check_all 280 | - check_edge 281 | any_errors_fatal: true 282 | connection: network_cli 283 | gather_facts: no 284 | tasks: 285 | - ios_ping: 286 | dest: "{{ hostvars[item].vpn_instances[0].interfaces[0].ip.address | ipaddr('address') }}" 287 | loop: "{{ groups.viptela_vedge }}" 288 | 289 | - name: Bootstrap vEdges 290 | hosts: viptela_vedge:&virl_hosts 291 | tags: 292 | - edge 293 | any_errors_fatal: true 294 | gather_facts: no 295 | serial: 1 296 | vars: 297 | viptela_api_username: admin 298 | viptela_api_password: admin 299 | viptela_cert_dir: "{{ lookup('env', 'PWD') }}/myCA" 300 | ansible_network_os: ios 301 | tasks: 302 | - set_fact: 303 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 304 | 305 | - set_fact: 306 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 307 | 308 | - name: Bootstrap vEdge 309 | include_role: 310 | name: ansible-viptela 311 | tasks_from: bootstrap-vedge 312 | vars: 313 | device_ip: "{{ hostvars[item].ansible_host }}" 314 | root_ca_file: "{{ viptela_cert_dir }}/myCA.pem" 315 | 316 | - name: Do the thing 317 | uri: 318 | url: "https://{{ hostvars['vmanage1'].ansible_host }}/dataservice/system/device/sync/rootcertchain" 319 | method: GET 320 | headers: 321 | Cookie: "{{ viptela_api_cookie }}" 322 | validate_certs: no 323 | return_content: yes 324 | register: uri_results 325 | delegate_to: localhost 326 | 327 | # - name: Checking connectivity between end hosts 328 | # hosts: client:&virl_hosts 329 | # tags: 330 | # - check_edge 331 | # - check_all 332 | # - edge 333 | # any_errors_fatal: true 334 | # gather_facts: no 335 | # tasks: 336 | # - wait_for: 337 | # port: 22 338 | # host: "{{ item }}" 339 | # loop: 340 | # - 10.0.1.10 341 | # # - 10.100.1.10 342 | # tags: 343 | # - configured -------------------------------------------------------------------------------- /detach-template.yml: -------------------------------------------------------------------------------- 1 | - name: Bootstrap vEdges 2 | hosts: viptela:&virl_hosts 3 | connection: local 4 | gather_facts: no 5 | roles: 6 | - ansible-viptela 7 | vars: 8 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 9 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 10 | tasks: 11 | 12 | - name: Detach template from device 13 | vmanage_device_attachment: 14 | user: "{{ ansible_user }}" 15 | host: "{{ vmanage_ip }}" 16 | password: "{{ ansible_password }}" 17 | device: "{{ inventory_hostname }}" 18 | wait: yes 19 | state: absent 20 | delegate_to: localhost 21 | when: viptela.template is defined 22 | register: attachment_results 23 | 24 | # 25 | ## - debug: 26 | ## var: attachment_results 27 | # - block: 28 | # - name: Attach template to device 29 | # vmanage_device_action_status: 30 | # user: "{{ ansible_user }}" 31 | # host: "{{ vmanage_ip }}" 32 | # password: "{{ ansible_password }}" 33 | # id: "{{ attachment_results.action_id }}" 34 | # when: attachment_results.action_id is defined 35 | # register: action_status 36 | # until: action_status.json.data[0].statusId != 'in_progress' 37 | # retries: 48 38 | # delay: 5 39 | # 40 | # 41 | # - debug: 42 | # msg: "{{ action_status.json.data[0].statusId }}: {{ action_status.json.data[0].currentActivity}}" 43 | # when: attachment_results.changed 44 | # failed_when: action_status.json.data[0].statusId == 'failure' 45 | # 46 | # when: viptela is defined 47 | 48 | 49 | -------------------------------------------------------------------------------- /export-templates.yml: -------------------------------------------------------------------------------- 1 | - name: Export vManage Policy Lists 2 | hosts: localhost 3 | connection: local 4 | roles: 5 | - ansible-viptela 6 | vars: 7 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 8 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 9 | file: vmanage_templates.yml 10 | gather_facts: no 11 | tasks: 12 | - name: Get device templates 13 | vmanage_device_template_facts: 14 | user: "{{ ansible_user }}" 15 | host: "{{ vmanage_ip }}" 16 | password: "{{ ansible_password }}" 17 | factory_default: no 18 | register: device_template_facts 19 | 20 | - name: Get feature templates 21 | vmanage_feature_template_facts: 22 | user: "{{ ansible_user }}" 23 | host: "{{ vmanage_ip }}" 24 | password: "{{ ansible_password }}" 25 | factory_default: no 26 | register: feature_template_facts 27 | 28 | - set_fact: 29 | viptela_templates: 30 | device_templates: "{{ device_template_facts.device_templates }}" 31 | feature_templates: "{{ feature_template_facts.feature_templates }}" 32 | 33 | - name: Write out templates to {{ file }} 34 | copy: 35 | content: "{{ viptela_templates | to_nice_yaml(indent=2, width=1337) }}" 36 | dest: "{{ file }}" 37 | -------------------------------------------------------------------------------- /import-templates.yml: -------------------------------------------------------------------------------- 1 | - name: Import vManage Policy Lists 2 | hosts: localhost 3 | connection: local 4 | roles: 5 | - ansible-viptela 6 | vars: 7 | vmanage_host: "{{ groups.vmanage_hosts | first }}" 8 | vmanage_ip: "{{ hostvars[vmanage_host].ansible_host }}" 9 | file: vmanage_templates.yml 10 | gather_facts: no 11 | tasks: 12 | - name: Reading file {{ file }} 13 | include_vars: 14 | file: "{{ file }}" 15 | name: vmanage_templates 16 | 17 | # - set_fact: 18 | # vmanage_templates: "{{ lookup('file', 'vmanage_templates.json') | from_json }}" 19 | # 20 | # - debug: 21 | # var: vmanage_templates 22 | 23 | - name: Import feature templates 24 | vmanage_feature_template: 25 | user: "{{ ansible_user }}" 26 | host: "{{ vmanage_ip }}" 27 | password: "{{ ansible_password }}" 28 | state: present 29 | aggregate: "{{ vmanage_templates.feature_templates }}" 30 | 31 | - name: Import device templates 32 | vmanage_device_template: 33 | user: "{{ ansible_user }}" 34 | host: "{{ vmanage_ip }}" 35 | password: "{{ ansible_password }}" 36 | state: present 37 | aggregate: "{{ vmanage_templates.device_templates }}" 38 | # 39 | # - debug: 40 | # var: policy_facts 41 | -------------------------------------------------------------------------------- /inventory/group_vars/all/credentials.yml: -------------------------------------------------------------------------------- 1 | vmanage_user: admin 2 | vmanage_password: admin 3 | viptela_api_username: admin 4 | viptela_api_password: admin -------------------------------------------------------------------------------- /inventory/group_vars/all/system.yml: -------------------------------------------------------------------------------- 1 | domain_name: virl.local 2 | 3 | ntp_servers: 4 | - 192.5.41.40 5 | - 192.5.41.41 6 | 7 | name_servers: 8 | - 208.67.222.222 9 | - 208.67.220.220 10 | 11 | ntp_server_list: 12 | - { ip-address: 192.5.41.40 } 13 | - { ip-address: 192.5.41.41 } 14 | 15 | login_banner: This system is for the use of authorized clients only. -------------------------------------------------------------------------------- /inventory/group_vars/all/viptela.yml: -------------------------------------------------------------------------------- 1 | organization_name: "DevNet Learning Lab" 2 | vbond: 3 | remote: 10.0.0.11 4 | serial_number_file: "{{ playbook_dir }}/licenses/serialFile.viptela" 5 | viptela_cert_dir: "{{ lookup('env', 'PWD') }}/myCA" 6 | # Encrypt/Vault this in real life 7 | viptela_CA_passphrase: Cisc0123 8 | -------------------------------------------------------------------------------- /inventory/group_vars/all/virl.yml: -------------------------------------------------------------------------------- 1 | virl_env: default 2 | virl_tag: "{{ lookup('env', 'USER') | default(virl_env) }}" 3 | virl_sim_file: ".virl/{{ virl_env }}/id" 4 | -------------------------------------------------------------------------------- /inventory/host_vars/core/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | GigabitEthernet1: 3 | description: OOB Management 4 | vrf: Mgmt-intf 5 | enabled: true 6 | ip: 7 | primary: dhcp 8 | GigabitEthernet2: 9 | description: DC Border 10 | enabled: true 11 | ip: 12 | primary: 10.0.255.2/30 13 | GigabitEthernet3: 14 | description: DC LAN 15 | enabled: true 16 | ip: 17 | primary: 10.0.1.1/24 18 | GigabitEthernet4: 19 | description: vEdge HQ 20 | enabled: true 21 | ip: 22 | primary: 10.0.255.5/30 23 | 24 | router: 25 | ospf: 26 | id: 65001 27 | router_id: 10.0.255.5 28 | # default_information_originate: true 29 | networks: 30 | - network: 10.0.255.0/30 31 | area: 0 32 | - network: 10.0.255.4/30 33 | area: 0 34 | - network: 10.0.1.0/24 35 | area: 0 -------------------------------------------------------------------------------- /inventory/host_vars/core/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: CSR1000v 3 | interfaces: 4 | - network: dc-core 5 | name: GigabitEthernet2 6 | - network: dc-lan 7 | name: GigabitEthernet3 8 | - network: dc-vedge 9 | name: GigabitEthernet4 10 | config_template: ios/virl.j2 -------------------------------------------------------------------------------- /inventory/host_vars/host1/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | eth1: 3 | enabled: true 4 | ip: 5 | primary: 192.168.1.10/24 6 | 7 | static_routes: 8 | global: 9 | - network: 10.0.0.0/16 10 | fwd_list: 11 | - fwd: 192.168.1.1 12 | - network: 10.100.0.0/16 13 | fwd_list: 14 | - fwd: 192.168.1.1 15 | - network: 172.20.0.0/16 16 | fwd_list: 17 | - fwd: 192.168.1.1 18 | - network: 192.168.0.0/16 19 | fwd_list: 20 | - fwd: 192.168.1.1 -------------------------------------------------------------------------------- /inventory/host_vars/host1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: lxc-iperf 3 | interfaces: 4 | - network: site1-lan 5 | name: eth1 6 | config_template: virl/lxc.j2 -------------------------------------------------------------------------------- /inventory/host_vars/host2/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | eth1: 3 | enabled: true 4 | ip: 5 | primary: 192.168.2.10/24 6 | 7 | static_routes: 8 | global: 9 | - network: 10.0.0.0/16 10 | fwd_list: 11 | - fwd: 192.168.2.1 12 | - network: 10.100.0.0/16 13 | fwd_list: 14 | - fwd: 192.168.1.1 15 | - network: 172.20.0.0/16 16 | fwd_list: 17 | - fwd: 192.168.2.1 18 | - network: 192.168.0.0/16 19 | fwd_list: 20 | - fwd: 192.168.2.1 -------------------------------------------------------------------------------- /inventory/host_vars/host2/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: lxc-iperf 3 | interfaces: 4 | - network: site2-lan 5 | name: eth1 6 | config_template: virl/lxc.j2 -------------------------------------------------------------------------------- /inventory/host_vars/hq/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | GigabitEthernet1: 3 | description: OOB Management 4 | vrf: Mgmt-intf 5 | enabled: true 6 | ip: 7 | primary: dhcp 8 | GigabitEthernet2: 9 | description: Internet 10 | enabled: true 11 | ip: 12 | primary: 172.20.0.6/30 13 | GigabitEthernet3: 14 | description: DMZ 15 | enabled: true 16 | ip: 17 | primary: 10.0.0.1/24 18 | GigabitEthernet4: 19 | description: DC Core 20 | enabled: true 21 | ip: 22 | primary: 10.0.255.1/30 23 | 24 | static_routes: 25 | global: 26 | - network: 10.0.0.0/16 27 | fwd_list: 28 | - fwd: Null0 29 | 30 | router: 31 | ospf: 32 | id: 65001 33 | router_id: 10.0.255.1 34 | default_information_originate: true 35 | networks: 36 | - network: 10.0.255.0/30 37 | area: 0 38 | bgp: 39 | id: 65001 40 | log_neighbor_changes: true 41 | router_id: 172.20.0.6 42 | neighbors: 43 | - id: 172.20.0.5 44 | remote_as: 65000 45 | address-family: 46 | global: 47 | ipv4: 48 | neighbors: 49 | - id: 172.20.0.5 50 | activate: true 51 | networks: 52 | - network: 10.0.0.0/16 -------------------------------------------------------------------------------- /inventory/host_vars/hq/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: CSR1000v 3 | interfaces: 4 | - network: hq-wan 5 | name: GigabitEthernet2 6 | - network: hq-dmz 7 | name: GigabitEthernet3 8 | - network: dc-core 9 | name: GigabitEthernet4 10 | config_template: ios/virl.j2 -------------------------------------------------------------------------------- /inventory/host_vars/internet/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | GigabitEthernet1: 3 | vrf: Mgmt-intf 4 | enabled: true 5 | ip: 6 | primary: dhcp 7 | GigabitEthernet2: 8 | enabled: true 9 | ip: 10 | primary: 172.20.0.5/30 11 | GigabitEthernet3: 12 | enabled: true 13 | ip: 14 | primary: 172.20.0.9/30 15 | GigabitEthernet4: 16 | enabled: true 17 | ip: 18 | primary: 172.20.0.13/30 19 | GigabitEthernet5: 20 | enabled: true 21 | ip: 22 | primary: 172.20.0.17/30 23 | # GigabitEthernet6: 24 | # enabled: true 25 | # ip: 26 | # primary: 172.20.0.21/30 27 | 28 | static_routes: 29 | global: 30 | - network: 0.0.0.0/0 31 | fwd_list: 32 | - fwd: Null0 33 | 34 | router: 35 | bgp: 36 | id: 65000 37 | log_neighbor_changes: true 38 | router_id: 209.51.164.17 39 | neighbors: 40 | - id: 172.20.0.6 41 | remote_as: 65001 42 | - id: 172.20.0.18 43 | remote_as: 65002 44 | 45 | address-family: 46 | global: 47 | ipv4: 48 | neighbors: 49 | - id: 172.20.0.6 50 | activate: true 51 | - id: 172.20.0.18 52 | activate: true 53 | 54 | networks: 55 | - network: 0.0.0.0/0 56 | - network: 172.20.0.4/30 57 | - network: 172.20.0.8/30 58 | - network: 172.20.0.12/30 59 | - network: 172.20.0.16/30 60 | - network: 172.20.0.20/30 61 | -------------------------------------------------------------------------------- /inventory/host_vars/internet/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: CSR1000v 3 | interfaces: 4 | - network: hq-wan 5 | name: GigabitEthernet2 6 | - network: site1-wan 7 | name: GigabitEthernet3 8 | - network: site2-wan 9 | name: GigabitEthernet4 10 | - network: sp1-wan 11 | name: GigabitEthernet5 12 | config_template: ios/virl.j2 -------------------------------------------------------------------------------- /inventory/host_vars/server1/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | eth1: 3 | enabled: true 4 | ip: 5 | primary: 10.0.1.10/24 6 | 7 | static_routes: 8 | global: 9 | - network: 10.0.0.0/16 10 | fwd_list: 11 | - fwd: 10.0.1.1 12 | - network: 10.100.0.0/16 13 | fwd_list: 14 | - fwd: 192.168.1.1 15 | - network: 172.20.0.0/16 16 | fwd_list: 17 | - fwd: 10.0.1.1 18 | - network: 192.168.0.0/16 19 | fwd_list: 20 | - fwd: 10.0.1.1 -------------------------------------------------------------------------------- /inventory/host_vars/server1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: lxc-iperf 3 | interfaces: 4 | - network: dc-lan 5 | name: eth1 6 | config_template: virl/lxc.j2 -------------------------------------------------------------------------------- /inventory/host_vars/service1/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | eth1: 3 | enabled: true 4 | ip: 5 | primary: 10.100.1.10/24 6 | 7 | static_routes: 8 | global: 9 | - network: 10.0.0.0/16 10 | fwd_list: 11 | - fwd: 10.100.1.1 12 | - network: 10.100.0.0/16 13 | fwd_list: 14 | - fwd: 192.168.1.1 15 | - network: 172.20.0.0/16 16 | fwd_list: 17 | - fwd: 10.100.1.1 18 | - network: 192.168.0.0/16 19 | fwd_list: 20 | - fwd: 10.100.1.1 -------------------------------------------------------------------------------- /inventory/host_vars/service1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: lxc-iperf 3 | interfaces: 4 | - network: sp1-lan 5 | name: eth1 6 | config_template: virl/lxc.j2 -------------------------------------------------------------------------------- /inventory/host_vars/sp/network.yml: -------------------------------------------------------------------------------- 1 | interfaces: 2 | GigabitEthernet1: 3 | vrf: Mgmt-intf 4 | enabled: true 5 | ip: 6 | primary: dhcp 7 | GigabitEthernet2: 8 | enabled: true 9 | ip: 10 | primary: 172.20.0.18/30 11 | GigabitEthernet3: 12 | enabled: true 13 | ip: 14 | primary: 10.100.1.1/24 15 | 16 | static_routes: 17 | global: 18 | - network: 10.100.0.0/16 19 | fwd_list: 20 | - fwd: Null0 21 | 22 | router: 23 | bgp: 24 | id: 65002 25 | log_neighbor_changes: true 26 | router_id: 172.20.0.18 27 | neighbors: 28 | - id: 172.20.0.17 29 | remote_as: 65000 30 | address-family: 31 | global: 32 | ipv4: 33 | neighbors: 34 | - id: 172.20.0.17 35 | activate: true 36 | networks: 37 | - network: 10.100.0.0/16 -------------------------------------------------------------------------------- /inventory/host_vars/sp/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: CSR1000v 3 | interfaces: 4 | - network: sp1-wan 5 | name: GigabitEthernet2 6 | - network: sp1-lan 7 | name: GigabitEthernet3 8 | config_template: ios/virl.j2 -------------------------------------------------------------------------------- /inventory/host_vars/vbond1/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.11 3 | transport_ip: 10.0.0.11 4 | org: "{{ organization_name }}" 5 | site_id: 1 6 | vbond: 7 | remote: 10.0.0.11 8 | local: true 9 | gps_location: 10 | latitude: 37.411343 11 | longitude: -121.938803 12 | 13 | vpn_instances: 14 | - vpn_id: 0 15 | interfaces: 16 | - if_name: ge0/0 17 | ip: 18 | address: 10.0.0.11/24 19 | tunnel_interface: 20 | enabled: true 21 | allow_service: 22 | - all 23 | routes: 24 | - prefix: 0.0.0.0/0 25 | next_hop: 26 | address: 10.0.0.1 -------------------------------------------------------------------------------- /inventory/host_vars/vbond1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vBond 3 | interfaces: 4 | - network: hq-dmz 5 | name: eth1 6 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge-hq/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.13 3 | site_id: 1 4 | org: "{{ organization_name }}" 5 | vbond: 6 | remote: 10.0.0.11 7 | omp: 8 | advertise: 9 | - ospf-external 10 | template: 11 | name: 'colo-vedge' 12 | variables: 13 | 'vpn0_internet_ipv4_address': 10.0.0.13/24 14 | 'vpn0_default_gateway': 10.0.0.1 15 | 'vpn1_ipv4_address': 10.0.255.6/30 16 | 'system_latitude': 37.411343 17 | 'system_longitude': -121.938803 18 | 'system_site_id': 1 19 | 'system_host_name': vedge-hq 20 | 'system_system_ip': 192.168.255.13 21 | 'banner_login': "{{ login_banner }}" 22 | 'banner_motd': Welcome to vedge-hq! 23 | gps_location: 24 | latitude: 37.411343 25 | longitude: -121.938803 26 | 27 | vpn_instances: 28 | - vpn_id: 0 29 | interfaces: 30 | - if_name: ge0/0 31 | ip: 32 | address: 10.0.0.13/24 33 | tunnel_interface: 34 | enabled: true 35 | routes: 36 | - prefix: 0.0.0.0/0 37 | next_hop: 38 | address: 10.0.0.1 39 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge-hq/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vEdge 3 | interfaces: 4 | - network: hq-dmz 5 | name: ge0/0 6 | - network: dc-vedge 7 | name: ge0/1 8 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge1/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.14 3 | site_id: 2 4 | org: "{{ organization_name }}" 5 | vbond: 6 | remote: 10.0.0.11 7 | template: 8 | name: 'branch-vedge' 9 | variables: 10 | 'vpn0_internet_ipv4_address': 172.20.0.10/30 11 | 'vpn0_default_gateway': 172.20.0.9 12 | 'vpn1_ipv4_address': 192.168.1.1/24 13 | 'system_latitude': 35.856360 14 | 'system_longitude': -78.879725 15 | 'system_site_id': 2 16 | 'system_host_name': vedge1 17 | 'system_system_ip': 192.168.255.14 18 | 'banner_login': "{{ login_banner }}" 19 | 'banner_motd': Welcome to vedge1! 20 | gps_location: 21 | latitude: 35.856360 22 | longitude: -78.879725 23 | 24 | vpn_instances: 25 | - vpn_id: 0 26 | interfaces: 27 | - if_name: ge0/0 28 | ip: 29 | address: 172.20.0.10/30 30 | tunnel_interface: 31 | enabled: true 32 | routes: 33 | - prefix: 0.0.0.0/0 34 | next_hop: 35 | address: 172.20.0.9 36 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vEdge 3 | interfaces: 4 | - network: site1-wan 5 | name: ge0/0 6 | - network: site1-lan 7 | name: ge0/1 8 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge2/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.15 3 | site_id: 3 4 | org: "{{ organization_name }}" 5 | vbond: 6 | remote: 10.0.0.11 7 | template: 8 | name: 'branch-vedge' 9 | variables: 10 | 'vpn0_internet_ipv4_address': 172.20.0.14/30 11 | 'vpn0_default_gateway': 172.20.0.13 12 | 'vpn1_ipv4_address': 192.168.2.1/24 13 | 'system_latitude': 32.999892 14 | 'system_longitude': -96.678886 15 | 'system_site_id': 3 16 | 'system_host_name': vedge2 17 | 'system_system_ip': 192.168.255.15 18 | 'banner_login': "{{ login_banner }}" 19 | 'banner_motd': Welcome to vedge2! 20 | gps_location: 21 | latitude: 32.999892 22 | longitude: -96.678886 23 | 24 | vpn_instances: 25 | - vpn_id: 0 26 | interfaces: 27 | - if_name: ge0/0 28 | ip: 29 | address: 172.20.0.14/30 30 | tunnel_interface: 31 | enabled: true 32 | routes: 33 | - prefix: 0.0.0.0/0 34 | next_hop: 35 | address: 172.20.0.13 36 | -------------------------------------------------------------------------------- /inventory/host_vars/vedge2/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vEdge 3 | interfaces: 4 | - network: site2-wan 5 | name: ge0/0 6 | - network: site2-lan 7 | name: ge0/1 8 | -------------------------------------------------------------------------------- /inventory/host_vars/vmanage1/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.10 3 | transport_ip: 10.0.0.10 4 | org: "{{ organization_name }}" 5 | site_id: 1 6 | vbond: 7 | remote: 10.0.0.11 8 | gps_location: 9 | latitude: 37.411343 10 | longitude: -121.938803 11 | 12 | vpn_instances: 13 | - vpn_id: 0 14 | interfaces: 15 | - if_name: eth1 16 | ip: 17 | address: 10.0.0.10/24 18 | tunnel_interface: 19 | enabled: true 20 | routes: 21 | - prefix: 0.0.0.0/0 22 | next_hop: 23 | address: 10.0.0.1 -------------------------------------------------------------------------------- /inventory/host_vars/vmanage1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vManage 3 | interfaces: 4 | - network: hq-dmz 5 | name: eth1 6 | config_template: virl/vmanage.j2 -------------------------------------------------------------------------------- /inventory/host_vars/vsmart1/network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.12 3 | transport_ip: 10.0.0.12 4 | org: "{{ organization_name }}" 5 | site_id: 1 6 | vbond: 7 | remote: 10.0.0.11 8 | gps_location: 9 | latitude: 37.411343 10 | longitude: -121.938803 11 | 12 | vpn_instances: 13 | - vpn_id: 0 14 | interfaces: 15 | - if_name: eth1 16 | ip: 17 | address: 10.0.0.12/24 18 | tunnel_interface: true 19 | allow_service: 20 | - all 21 | enabled: true 22 | routes: 23 | - prefix: 10.0.0.0/16 24 | next_hop: 25 | address: 10.0.0.1 26 | - prefix: 10.100.0.0/16 27 | next_hop: 28 | address: 10.0.0.1 29 | - prefix: 172.20.0.0/16 30 | next_hop: 31 | address: 10.0.0.1 32 | -------------------------------------------------------------------------------- /inventory/host_vars/vsmart1/virl.yml: -------------------------------------------------------------------------------- 1 | virl: 2 | subtype: vSmart 3 | interfaces: 4 | - network: hq-dmz 5 | name: eth1 6 | -------------------------------------------------------------------------------- /inventory/viptela-workshop.yml: -------------------------------------------------------------------------------- 1 | all: 2 | vars: 3 | ansible_user: admin 4 | ansible_password: admin 5 | ansible_network_os: ios 6 | netconf_template_os: ios 7 | children: 8 | router: 9 | hosts: 10 | internet: 11 | sp: 12 | hq: 13 | core: 14 | client: 15 | hosts: 16 | host1: 17 | public_hosts: 18 | hosts: 19 | server1: 20 | service1: 21 | viptela: 22 | children: 23 | viptela_control: 24 | children: 25 | vmanage_hosts: 26 | hosts: 27 | vmanage1: 28 | vbond_hosts: 29 | hosts: 30 | vbond1: 31 | vsmart_hosts: 32 | hosts: 33 | vsmart1: 34 | viptela_vedge: 35 | hosts: 36 | vedge1: 37 | vedge-hq: -------------------------------------------------------------------------------- /inventory/virl.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import os 4 | import sys 5 | import json 6 | import argparse 7 | import requests 8 | import re 9 | 10 | 11 | CONFIG_FILES = [ 12 | '.virlrc', 13 | '~/.virlrc' 14 | ] 15 | 16 | 17 | def parse_args(): 18 | parser = argparse.ArgumentParser() 19 | 20 | parser.add_argument('--list', action='store_true', 21 | help='List host records from NIOS for use in Ansible') 22 | 23 | parser.add_argument('--host', 24 | help='List meta data about single host (not used)') 25 | 26 | return parser.parse_args() 27 | 28 | 29 | def main(): 30 | args = parse_args() 31 | sim_name = '' 32 | hostvars = {} 33 | all_hosts = [] 34 | simulation = '' 35 | 36 | if 'VIRL_HOST' in os.environ: 37 | host = os.environ['VIRL_HOST'] 38 | username = os.environ['VIRL_USERNAME'] 39 | password = os.environ['VIRL_PASSWORD'] 40 | else: 41 | for config_file in CONFIG_FILES: 42 | if config_file[0] == '~': 43 | config_file = os.path.expanduser(config_file) 44 | if os.path.exists(config_file): 45 | break 46 | else: 47 | sys.stdout.write('unable to locate .virlrc\n') 48 | sys.exit(-1) 49 | 50 | envre = re.compile(r'''^([^\s=]+)=(?:[\s"']*)(.+?)(?:[\s"']*)$''') 51 | result = {} 52 | with open(config_file) as ins: 53 | for line in ins: 54 | match = envre.match(line) 55 | if line.startswith('#'): 56 | continue 57 | if match is not None: 58 | result[match.group(1)] = match.group(2) 59 | 60 | 61 | host = result['VIRL_HOST'] 62 | username = result['VIRL_USERNAME'] 63 | password = result['VIRL_PASSWORD'] 64 | 65 | inventory = { 66 | '_meta': { 67 | 'hostvars': hostvars 68 | }, 69 | 'all': { 70 | 'hosts': all_hosts, 71 | 'vars': { 72 | 'virl_host': host, 73 | 'virl_username': username, 74 | 'virl_password': password 75 | } 76 | }, 77 | 'virl_hosts': { 78 | 'hosts': all_hosts, 79 | 'vars': { 80 | 'virl_host': host, 81 | 'virl_username': username, 82 | 'virl_password': password 83 | } 84 | } 85 | } 86 | 87 | if os.path.exists('.virl/default/id'): 88 | with open('.virl/default/id') as file: 89 | simulation = file.read() 90 | 91 | if simulation: 92 | inventory['all']['vars'].update({'virl_simulation': simulation}) 93 | 94 | url = "http://%s:19399/simengine/rest/interfaces/%s" % (host, simulation) 95 | 96 | # perform REST operation 97 | simulations = requests.get(url, auth=(username,password)) 98 | if simulations.status_code == 200: 99 | 100 | interfaces = simulations.json()[simulation] 101 | 102 | for key, value in interfaces.items(): 103 | if 'management' in value and 'ip-address' in value['management']: 104 | if value['management']['ip-address']: 105 | management_address = value['management']['ip-address'].split('/')[0] 106 | all_hosts.append(key) 107 | hostvars[key] = {'ansible_host': management_address} 108 | 109 | # else: 110 | # print >> sys.stderr, "http error (%s): %s" % (simulations.status_code, simulations.text) 111 | 112 | sys.stdout.write(json.dumps(inventory, indent=4)) 113 | sys.exit(0) 114 | 115 | 116 | if __name__ == '__main__': 117 | main() 118 | -------------------------------------------------------------------------------- /inventory_files/vedge1_network.yml: -------------------------------------------------------------------------------- 1 | viptela: 2 | system_ip: 192.168.255.14 3 | site_id: 2 4 | org: "{{ organization_name }}" 5 | vbond: 6 | remote: 10.0.0.11 7 | template: 8 | name: 'branch-vedge' 9 | variables: 10 | 'vpn0_internet_ipv4_address': 172.20.0.10/30 11 | 'vpn0_default_gateway': 172.20.0.9 12 | 'vpn1_ipv4_address': 192.168.1.1/24 13 | 'system_latitude': 35.856360 14 | 'system_longitude': -78.879725 15 | 'system_site_id': 2 16 | 'system_host_name': vedge1 17 | 'system_system_ip': 192.168.255.14 18 | 'banner_login': "{{ login_banner }}" 19 | 'banner_motd': Cisco DevNet rules! 20 | gps_location: 21 | latitude: 35.856360 22 | longitude: -78.879725 23 | 24 | vpn_instances: 25 | - vpn_id: 0 26 | interfaces: 27 | - if_name: ge0/0 28 | ip: 29 | address: 172.20.0.10/30 30 | tunnel_interface: 31 | enabled: true 32 | routes: 33 | - prefix: 0.0.0.0/0 34 | next_hop: 35 | address: 172.20.0.9 36 | -------------------------------------------------------------------------------- /inventory_files/viptela-workshop-1branch.yml: -------------------------------------------------------------------------------- 1 | all: 2 | vars: 3 | ansible_user: admin 4 | ansible_password: admin 5 | ansible_network_os: ios 6 | netconf_template_os: ios 7 | children: 8 | router: 9 | hosts: 10 | internet: 11 | sp: 12 | hq: 13 | core: 14 | client: 15 | hosts: 16 | host1: 17 | public_hosts: 18 | hosts: 19 | server1: 20 | service1: 21 | viptela: 22 | children: 23 | viptela_control: 24 | children: 25 | vmanage_hosts: 26 | hosts: 27 | vmanage1: 28 | vbond_hosts: 29 | hosts: 30 | vbond1: 31 | vsmart_hosts: 32 | hosts: 33 | vsmart1: 34 | viptela_vedge: 35 | hosts: 36 | vedge1: 37 | vedge-hq: -------------------------------------------------------------------------------- /inventory_files/viptela-workshop-2branch.yml: -------------------------------------------------------------------------------- 1 | all: 2 | vars: 3 | ansible_user: admin 4 | ansible_password: admin 5 | ansible_network_os: ios 6 | netconf_template_os: ios 7 | children: 8 | router: 9 | hosts: 10 | internet: 11 | sp: 12 | hq: 13 | core: 14 | client: 15 | hosts: 16 | host1: 17 | host2: 18 | public_hosts: 19 | hosts: 20 | server1: 21 | service1: 22 | viptela: 23 | children: 24 | viptela_control: 25 | children: 26 | vmanage_hosts: 27 | hosts: 28 | vmanage1: 29 | vbond_hosts: 30 | hosts: 31 | vbond1: 32 | vsmart_hosts: 33 | hosts: 34 | vsmart1: 35 | viptela_vedge: 36 | hosts: 37 | vedge1: 38 | vedge2: 39 | vedge-hq: -------------------------------------------------------------------------------- /licenses/serialFile.viptela: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CiscoDevNet/sd-wan-ansible-pipeline-code/20d085bff6eda392bfc9b5a87aa45ce8afe8d8b8/licenses/serialFile.viptela -------------------------------------------------------------------------------- /myCA/myCA.ext: -------------------------------------------------------------------------------- 1 | authorityKeyIdentifier=keyid,issuer 2 | basicConstraints=CA:FALSE 3 | keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment 4 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible==2.7.10 2 | ncclient==0.6.3 3 | pyOpenSSL==18.0.0 4 | virlutils==0.8.4 5 | netaddr==0.7.19 6 | scp==0.13.0 7 | urllib3==1.24.3 8 | -------------------------------------------------------------------------------- /templates/ios/cli/bgp.j2: -------------------------------------------------------------------------------- 1 | {% if router is defined %} 2 | {% if router.bgp is defined %} 3 | router bgp {{ router.bgp.id }} 4 | {% if router.bgp.router_id %} 5 | bgp router-id {{ router.bgp.router_id }} 6 | {% endif %} 7 | {% for neighbor in router.bgp.neighbors|default([]) %} 8 | neighbor {{ neighbor.id }} remote-as {{ neighbor.remote_as }} 9 | {% endfor %} 10 | address-family ipv4 11 | {% for network in router.bgp['address-family'].global.ipv4.networks|default([]) %} 12 | network {{ network.network|ipaddr('network') }} mask {{ network.network|ipaddr('netmask') }} 13 | {% endfor %} 14 | {% endif %}{# router.bgp is defined #} 15 | {% endif %}{# router is defined #} -------------------------------------------------------------------------------- /templates/ios/cli/dns.j2: -------------------------------------------------------------------------------- 1 | {% if dns_servers is defined %} 2 | ip name-server {{ dns_servers | join(' ') }} 3 | {% endif %} -------------------------------------------------------------------------------- /templates/ios/cli/interfaces.j2: -------------------------------------------------------------------------------- 1 | {% for key, value in interfaces.items() %} 2 | interface {{ key }} 3 | {% if value.vlan is defined %} 4 | encapsulation dot1Q {{ value.vlan }} 5 | {% endif %}{# value.vlan is defined #} 6 | {% if value.vrf is defined %} 7 | vrf forwarding {{ value.vrf }} 8 | {% endif %}{# value.vrf is defined #} 9 | {% if value.description is defined %} 10 | description {{ value.description }} 11 | {% endif %} 12 | {% if value.ip.primary.address is defined %} 13 | ip address {{ value.ip.primary.address }} {{ value.ip.primary.mask }} 14 | {% endif %} 15 | {% if value.ip is defined %} 16 | {% if value.ip.primary is defined %} 17 | {% if value.ip.primary == 'dhcp' %} 18 | ip address dhcp 19 | {% else %} 20 | ip address {{ value.ip.primary|ipaddr('address') }} {{ value.ip.primary|ipaddr('netmask') }} 21 | {% endif %}{# if value.ip.primary is defined #} 22 | {% if value.ip.standby is defined %} 23 | standby {{ value.ip.standby.group }} priority {{ value.ip.standby.priority }} ip {{ value.ip.standby.address }} 24 | standby {{ value.ip.standby.group }} ip {{ value.ip.standby.address }} 25 | {% endif %}{# if value.ip.standby is defined #} 26 | {% endif %}{# value.ip.primary == 'dhcp' #} 27 | {% endif %}{# if value.ip is defined #} 28 | {% if value.ospf is defined %} 29 | {% if value.ospf.lls == 'disable' %} 30 | ip ospf lls disable 31 | {% endif %}{# value.ospf.lls == 'disable' #} 32 | {% endif %}{# value.ospf is defined #} 33 | {% if value.enabled is sameas true %} 34 | no shut 35 | {% if value.vlan is defined %} 36 | interface {{ key | regex_replace('^([a-zA-Z0-9\/]+)\.[^a-zA-Z]+', '\\1') }} 37 | no shut 38 | {% endif %}{# value.vlan is defined #} 39 | {% endif %}{# enabled #} 40 | {% endfor %}{# interfaces #} -------------------------------------------------------------------------------- /templates/ios/cli/ntp.j2: -------------------------------------------------------------------------------- 1 | {% for server in ntp_servers|default([]) %} 2 | ntp server {{ server }} 3 | {% endfor %} -------------------------------------------------------------------------------- /templates/ios/cli/ospf.j2: -------------------------------------------------------------------------------- 1 | {% if router is defined %} 2 | {% if router.ospf is defined %} 3 | router ospf {{ router.ospf.id }} 4 | {% if router.ospf.router_id is defined %} 5 | router-id {{ router.ospf.router_id }} 6 | {% endif %}{# router.ospf.router_id is defined #} 7 | {% for network in router.ospf.networks|default([]) %} 8 | network {{ network.network|ipaddr('network') }} {{ network.network|ipaddr('netmask') }} area {{ network.area }} 9 | {% endfor %} 10 | {% if router.ospf.default_information_originate is defined and router.ospf.default_information_originate is sameas true %} 11 | default-information originate 12 | {% endif %}{# router.ospf.default_information_originate is defined #} 13 | {% endif %}{# router.ospf is defined #} 14 | {% endif %}{# router is defined #} -------------------------------------------------------------------------------- /templates/ios/cli/static-routes.j2: -------------------------------------------------------------------------------- 1 | {% if static_routes is defined %} 2 | {% for vrf, value in static_routes.items() %} 3 | {% for route in value|default([]) %} 4 | {% for dest in route.fwd_list|default([]) %} 5 | ip route {{ '' if vrf == 'global' else vrf }} {{ route.network|ipaddr('network') }} {{ route.network|ipaddr('netmask') }} {{ dest.fwd }} {{ dest.metric|default('') }} 6 | {% endfor %} 7 | {% endfor %} 8 | {% endfor %} 9 | {% endif %} -------------------------------------------------------------------------------- /templates/ios/cli/system.j2: -------------------------------------------------------------------------------- 1 | hostname {{ inventory_hostname.split('.')[0] }} 2 | ip domain name {{ domain_name | default('local') }} 3 | ! -------------------------------------------------------------------------------- /templates/ios/virl.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: True, trim_blocks: True 2 | {{ lookup('template', 'ios/cli/system.j2') }} 3 | ! 4 | license smart enable 5 | ! 6 | username {{ ansible_user }} privilege 15 secret {{ ansible_password }} 7 | crypto key generate rsa modulus 2048 8 | ! 9 | vrf definition Mgmt-intf 10 | address-family ipv4 11 | exit-address-family 12 | address-family ipv6 13 | exit-address-family 14 | ! 15 | {# ---------- #} 16 | {# Interfaces #} 17 | {# ---------- #} 18 | {{ lookup('template', 'ios/cli/interfaces.j2') }} 19 | ! 20 | {# ------------- #} 21 | {# Static Routes #} 22 | {# ------------- #} 23 | {{ lookup('template', 'ios/cli/static-routes.j2') }} 24 | 25 | ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 ${NICID_0_GATEWAY} 26 | ! 27 | {# ----------------- #} 28 | {# Routing Protocols #} 29 | {# ----------------- #} 30 | {# --- #} 31 | {# BGP #} 32 | {# --- #} 33 | {{ lookup('template', 'ios/cli/bgp.j2') }} 34 | ! 35 | {# ---- #} 36 | {# OSPF #} 37 | {# ---- #} 38 | {{ lookup('template', 'ios/cli/ospf.j2') }} 39 | ! 40 | {# --- #} 41 | {# DNS #} 42 | {# --- #} 43 | {{ lookup('template', 'ios/cli/dns.j2') }} 44 | ! 45 | {# --- #} 46 | {# NTP #} 47 | {# --- #} 48 | {{ lookup('template', 'ios/cli/ntp.j2') }} 49 | ! 50 | line vty 0 4 51 | login local 52 | transport input ssh 53 | exit -------------------------------------------------------------------------------- /templates/viptela/netconf.j2: -------------------------------------------------------------------------------- 1 | #jinja2: lstrip_blocks: True, trim_blocks: True 2 | {##} 3 | {# #} 4 | {##} 5 | 6 | 7 | {{ inventory_hostname }} 8 | {% if viptela is defined %} 9 | {% if viptela.system_ip is defined %} 10 | {{ viptela.system_ip }} 11 | {% endif %} 12 | {% if viptela.site_id is defined %} 13 | {{ viptela.site_id }} 14 | {% endif %} 15 | {% if viptela.org is defined %} 16 | {{ viptela.org }} 17 | {% endif %} 18 | {% if viptela.vbond is defined %} 19 | 20 | {{ viptela.vbond.remote }} 21 | {% if viptela.vbond.port is defined %} 22 | {{ viptela.vbond.port }} 23 | {% endif %} 24 | {% if viptela.vbond.local is defined and viptela.vbond.local is sameas true %} 25 | 26 | {% endif %} 27 | 28 | {% endif %} 29 | {% if viptela.gps_location is defined %} 30 | 31 | {{ viptela.gps_location.latitude }} 32 | {{ viptela.gps_location.longitude }} 33 | 34 | {% endif %} 35 | {% endif %} 36 | 37 | {% if viptela is defined and viptela.omp is defined %} 38 | 39 | false 40 | {% for protocol in viptela.omp.advertise|default([]) %} 41 | 42 | {% if protocol == 'ospf-external' %} 43 | ospf 44 | external 45 | {% else %} 46 | {{ protocol }} 47 | {% endif %} 48 | 49 | {% endfor %} 50 | 51 | {% endif %}{# omp is defined #} 52 | {% if vpn_instances is defined %} 53 | 54 | {% for vpn in vpn_instances|default([]) %} 55 | 56 | {{ vpn.vpn_id }} 57 | 58 | {% for interface in vpn.interfaces %} 59 | {{ interface.if_name }} 60 | {% if interface.ip is defined %} 61 | 62 | {% if interface.ip.address is defined %} 63 |
{{ interface.ip.address }}
64 | {% elif interface.ip.dhcp_client is defined %} 65 | {{ 'true' if interface.ip.dhcp_client else 'false' }} 66 | {% endif %}{# interface.ip.address #} 67 | 68 | {% endif %}{# interface.ip #} 69 | {% if interface.tunnel_interface is defined %} 70 | 71 | {% if interface.allow_service is defined %} 72 | 73 | {% for service in interface.allow_service %} 74 | <{{ service }}>true 75 | {% endfor %}{# service #} 76 | 77 | {% endif %}{# interface.allow_service #} 78 | 79 | {% endif %}{# interface.tunnel_inteface #} 80 | {% if interface.enabled is defined %} 81 | {% if interface.enabled is sameas true %} 82 | false 83 | {% else %} 84 | true 85 | {% endif %} 86 | {% endif %}{# interface.shutdown #} 87 | 88 | {% endfor %}{# vpn.interfaces #} 89 | {% if vpn.ospf is defined %} 90 | 91 | 92 | {% if vpn.ospf.redistribute is defined %} 93 | 94 | {% for protocol in vpn.ospf.redistribute|default([]) %} 95 | {{ protocol }} 96 | {% endfor %}{# vpn.redistribute.protocols #} 97 | 98 | {% endif %}{# vpn.redistribute #} 99 | 100 | {{ vpn.ospf.area }} 101 | {% for interface in vpn.ospf.interfaces|default([]) %} 102 | 103 | {{ interface.if_name }} 104 | {{ interface.hello_interval|default('10') }} 105 | {{ interface.dead_interval|default('40') }} 106 | {{ interface.retransmit_interval|default('5') }} 107 | {{ interface.priority|default('1') }} 108 | {{ interface.network|default('broadcast') }} 109 | 110 | {% endfor %}{# vpn.ospf.interfaces #} 111 | 112 | 113 | 114 | {% endif %}{# vpn.ospf is defined #} 115 | {% if vpn.routes is defined %} 116 | 117 | {% for route in vpn.routes|default([]) %} 118 | 119 | {{ route.prefix }} 120 | {% if route.next_hop is defined %} 121 | 122 |
{{ route.next_hop.address }}
123 | {{ route.next_hop.distance if route.next_hop.distance is defined else '1' }} 124 | 125 | {% endif %}{# route.next_hop #} 126 | 127 | {% endfor %}{# vpn.routes #} 128 | 129 | {% endif %}{# vpn.routes is defined #} 130 | 131 | {% endfor %}{# vpn_instances #} 132 | 133 | {% endif %}{# vpn_instances is defined #} 134 | -------------------------------------------------------------------------------- /templates/virl/lxc.j2: -------------------------------------------------------------------------------- 1 | #cloud-config 2 | bootcmd: 3 | - ln -s -t /etc/rc.d /etc/rc.local 4 | hostname: {{ inventory_hostname }} 5 | manage_etc_hosts: true 6 | runcmd: 7 | - systemctl start rc-local 8 | - sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config 9 | - echo "UseDNS no" >> /etc/ssh/sshd_config 10 | - service ssh restart 11 | - service sshd restart 12 | users: 13 | - default 14 | - gecos: User configured by VIRL Configuration Engine 0.23.10 15 | lock-passwd: false 16 | name: admin 17 | plain-text-passwd: admin 18 | shell: /bin/bash 19 | ssh-authorized-keys: 20 | - VIRL-USER-SSH-PUBLIC-KEY 21 | sudo: ALL=(ALL) ALL 22 | write_files: 23 | - path: /etc/systemd/system/dhclient@.service 24 | content: | 25 | [Unit] 26 | Description=Run dhclient on %i interface 27 | After=network.target 28 | [Service] 29 | Type=oneshot 30 | ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease 31 | RemainAfterExit=yes 32 | owner: root:root 33 | permissions: '0644' 34 | - path: /etc/rc.local 35 | owner: root:root 36 | permissions: '0755' 37 | content: |- 38 | #!/bin/sh 39 | {% if interfaces is defined %} 40 | {% for key, value in interfaces.items() %} 41 | {% if value.enabled is defined and value.enabled is sameas true and value.ip is defined and value.ip.primary is defined %} 42 | ip address add {{ value.ip.primary }} dev {{ key }} 43 | {% endif %} 44 | {% endfor %} 45 | {% endif %} 46 | {% if static_routes is defined %} 47 | {% for vrf, value in static_routes.items() %} 48 | {% for route in value|default([]) %} 49 | {% for dest in route.fwd_list|default([]) %} 50 | ip route add {{ route.network }} via {{ dest.fwd }} 51 | {% endfor %} 52 | {% endfor %} 53 | {% endfor %} 54 | {% endif %} 55 | exit 0 -------------------------------------------------------------------------------- /templates/virl/topology_v1.j2: -------------------------------------------------------------------------------- 1 | {# #} 2 | {# Globals #} 3 | {# #} 4 | {% set network_connections = {} %} 5 | {% set global = {} %} 6 | {% set _ = global.update({'node_count': 1}) %} 7 | 8 | 9 | 10 | flat 11 | {# false#} 12 | 13 | {# #} 14 | {# Network Nodes #} 15 | {# #} 16 | {% for node in groups.virt_virl %} 17 | {# Add each host in the inventory to the topology if they have the 'virl' #} 18 | {# information defined #} 19 | {% if hostvars[node].virl is defined %} 20 | {% set node_number = global.node_count %} 21 | 22 | 23 | virl_node 24 | {% if hostvars[node].day0_config is defined %} 25 | {# #} 26 | {# Add day0 config #} 27 | {# #} 28 | {{ hostvars[node].day0_config }} 29 | {% endif %}{# virl.config is defined #} 30 | 31 | {% for interface in hostvars[node].virl.interfaces|default([]) %} 32 | {% set network = network_connections[interface.network]|default([]) %} 33 | {% set network = network + [{'node': node_number, 'interface': loop.index}] %} 34 | {% set _ = network_connections.update({interface.network: network}) %} 35 | 36 | {% endfor %} 37 | 38 | {% set _ = global.update({'node_count': node_number + 1}) %} 39 | {% endif %}{# virl is defined #} 40 | {% endfor %} 41 | {# #} 42 | {# Networks #} 43 | {# #} 44 | {% for network, connections in network_connections.items() %} 45 | {% set node_count = global.node_count %} 46 | 47 | {% for connection in connections %} 48 | 49 | {% endfor %} 50 | 51 | {% endfor %} 52 | {# #} 53 | {# Connections #} 54 | {# #} 55 | {% for network, connections in network_connections.items() %} 56 | {% set node_count = global.node_count %} 57 | {% set node_number = loop.index0 + node_count %} 58 | {% for connection in connections %} 59 | 60 | {% endfor %} 61 | {% endfor %} 62 | -------------------------------------------------------------------------------- /templates/virl/vmanage.j2: -------------------------------------------------------------------------------- 1 | Content-Type: multipart/mixed; boundary="===============6560338015520979320==" 2 | MIME-Version: 1.0 3 | 4 | --===============6560338015520979320== 5 | Content-Type: text/cloud-config; charset="us-ascii" 6 | MIME-Version: 1.0 7 | Content-Transfer-Encoding: 7bit 8 | Content-Disposition: attachment; filename="vedge.cloud-config" 9 | 10 | #cloud-config 11 | vinitparam: 12 | - format-partition : 1 13 | 14 | --===============6560338015520979320== 15 | Content-Type: text/cloud-boothook; charset="us-ascii" 16 | MIME-Version: 1.0 17 | Content-Transfer-Encoding: 7bit 18 | Content-Disposition: attachment; filename="vedge.init-config" 19 | 20 | #cloud-boothook 21 | 22 | vpn 0 23 | no interface eth0 24 | 25 | vpn 512 26 | interface eth0 27 | ip dhcp-client 28 | no shutdown 29 | ! 30 | --===============6560338015520979320==-- -------------------------------------------------------------------------------- /viptela1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CiscoDevNet/sd-wan-ansible-pipeline-code/20d085bff6eda392bfc9b5a87aa45ce8afe8d8b8/viptela1.png -------------------------------------------------------------------------------- /vmanage_templates.yml: -------------------------------------------------------------------------------- 1 | device_templates: 2 | - attached_devices: [] 3 | configType: template 4 | connectionPreference: true 5 | connectionPreferenceRequired: true 6 | deviceType: vedge-cloud 7 | factoryDefault: false 8 | featureTemplateUidRange: [] 9 | generalTemplates: 10 | - templateName: Factory_Default_AAA_Template 11 | templateType: aaa 12 | - templateName: Factory_Default_BFD_Template 13 | templateType: bfd-vedge 14 | - templateName: Factory_Default_vEdge_OMP_Template 15 | templateType: omp-vedge 16 | - templateName: Factory_Default_vEdge_Security_Template 17 | templateType: security-vedge 18 | - subTemplates: 19 | - templateName: Factory_Default_Logging_Template 20 | templateType: logging 21 | templateName: vedge_system 22 | templateType: system-vedge 23 | - subTemplates: 24 | - templateName: vedge_vpn0_internet_interface 25 | templateType: vpn-vedge-interface 26 | templateName: vedge_vpn0 27 | templateType: vpn-vedge 28 | - subTemplates: 29 | - templateName: vedge_vpn512_mgmt_interface 30 | templateType: vpn-vedge-interface 31 | templateName: vedge_vpn512 32 | templateType: vpn-vedge 33 | - subTemplates: 34 | - templateName: vpn1_ospf 35 | templateType: ospf 36 | - templateName: vpn1_lan_interface 37 | templateType: vpn-vedge-interface 38 | templateName: vpn1 39 | templateType: vpn-vedge 40 | - templateName: vedge_banner 41 | templateType: banner 42 | input: 43 | columns: 44 | - property: //banner/login 45 | title: Login Banner(banner_login) 46 | variable: banner_login 47 | - property: //banner/motd 48 | title: MOTD Banner(banner_motd) 49 | variable: banner_motd 50 | - property: /1/ge0/1/interface/ip/address 51 | title: IPv4 Address(vpn1_ipv4_address) 52 | variable: vpn1_ipv4_address 53 | - property: /0/vpn-instance/ip/route/0.0.0.0/0/next-hop/vpn0_default_gateway/address 54 | title: Address(vpn0_default_gateway) 55 | variable: vpn0_default_gateway 56 | - property: /0/ge0/0/interface/ip/address 57 | title: IPv4 Address(vpn0_internet_ipv4_address) 58 | variable: vpn0_internet_ipv4_address 59 | - property: //system/host-name 60 | title: Hostname(system_host_name) 61 | variable: system_host_name 62 | - property: //system/gps-location/latitude 63 | title: Latitude(system_latitude) 64 | variable: system_latitude 65 | - property: //system/gps-location/longitude 66 | title: Longitude(system_longitude) 67 | variable: system_longitude 68 | - property: //system/system-ip 69 | title: System IP(system_system_ip) 70 | variable: system_system_ip 71 | - property: //system/site-id 72 | title: Site ID(system_site_id) 73 | variable: system_site_id 74 | policyId: '' 75 | templateDescription: COLO vEdge Template 76 | templateId: fa35a814-8981-41aa-859b-ec14ed4fc041 77 | templateName: colo-vedge 78 | - attached_devices: [] 79 | configType: template 80 | connectionPreference: true 81 | connectionPreferenceRequired: true 82 | deviceType: vedge-cloud 83 | factoryDefault: false 84 | featureTemplateUidRange: [] 85 | generalTemplates: 86 | - templateName: Factory_Default_AAA_Template 87 | templateType: aaa 88 | - templateName: Factory_Default_BFD_Template 89 | templateType: bfd-vedge 90 | - templateName: Factory_Default_vEdge_OMP_Template 91 | templateType: omp-vedge 92 | - templateName: Factory_Default_vEdge_Security_Template 93 | templateType: security-vedge 94 | - subTemplates: 95 | - templateName: Factory_Default_Logging_Template 96 | templateType: logging 97 | templateName: vedge_system 98 | templateType: system-vedge 99 | - subTemplates: 100 | - templateName: vedge_vpn0_internet_interface 101 | templateType: vpn-vedge-interface 102 | templateName: vedge_vpn0 103 | templateType: vpn-vedge 104 | - subTemplates: 105 | - templateName: vedge_vpn512_mgmt_interface 106 | templateType: vpn-vedge-interface 107 | templateName: vedge_vpn512 108 | templateType: vpn-vedge 109 | - subTemplates: 110 | - templateName: vpn1_lan_interface 111 | templateType: vpn-vedge-interface 112 | templateName: vpn1 113 | templateType: vpn-vedge 114 | - templateName: vedge_banner 115 | templateType: banner 116 | input: 117 | columns: 118 | - property: //banner/login 119 | title: Login Banner(banner_login) 120 | variable: banner_login 121 | - property: //banner/motd 122 | title: MOTD Banner(banner_motd) 123 | variable: banner_motd 124 | - property: /1/ge0/1/interface/ip/address 125 | title: IPv4 Address(vpn1_ipv4_address) 126 | variable: vpn1_ipv4_address 127 | - property: /0/vpn-instance/ip/route/0.0.0.0/0/next-hop/vpn0_default_gateway/address 128 | title: Address(vpn0_default_gateway) 129 | variable: vpn0_default_gateway 130 | - property: /0/ge0/0/interface/ip/address 131 | title: IPv4 Address(vpn0_internet_ipv4_address) 132 | variable: vpn0_internet_ipv4_address 133 | - property: //system/host-name 134 | title: Hostname(system_host_name) 135 | variable: system_host_name 136 | - property: //system/gps-location/latitude 137 | title: Latitude(system_latitude) 138 | variable: system_latitude 139 | - property: //system/gps-location/longitude 140 | title: Longitude(system_longitude) 141 | variable: system_longitude 142 | - property: //system/system-ip 143 | title: System IP(system_system_ip) 144 | variable: system_system_ip 145 | - property: //system/site-id 146 | title: Site ID(system_site_id) 147 | variable: system_site_id 148 | policyId: '' 149 | templateDescription: Branch vEdge Template 150 | templateId: c97ecfda-8eea-42cd-aed7-d8c8c63f779c 151 | templateName: branch-vedge 152 | feature_templates: 153 | - '@rid': 81 154 | attachedMastersCount: 2 155 | configType: xml 156 | createdBy: admin 157 | createdOn: 1559758476726 158 | deviceType: 159 | - vedge-cloud 160 | devicesAttached: 0 161 | factoryDefault: false 162 | feature: vmanage-default 163 | lastUpdatedBy: admin 164 | lastUpdatedOn: 1559758476726 165 | templateDefinition: 166 | admin-tech-on-failure: 167 | vipObjectType: object 168 | vipType: ignore 169 | vipValue: 'true' 170 | vipVariableName: system_admin_tech_on_failure 171 | allow-same-site-tunnels: 172 | vipObjectType: object 173 | vipType: ignore 174 | vipValue: 'false' 175 | vipVariableName: system_allow_same_site_tunnels 176 | clock: 177 | timezone: 178 | vipObjectType: object 179 | vipType: ignore 180 | vipValue: UTC 181 | vipVariableName: system_timezone 182 | console-baud-rate: 183 | vipObjectType: object 184 | vipType: ignore 185 | vipValue: _empty 186 | vipVariableName: system_console_baud_rate 187 | control-session-pps: 188 | vipObjectType: object 189 | vipType: ignore 190 | vipValue: 300 191 | vipVariableName: system_control_session_pps 192 | controller-group-list: 193 | vipObjectType: list 194 | vipType: ignore 195 | vipVariableName: system_controller_group_list 196 | description: 197 | vipObjectType: object 198 | vipType: ignore 199 | vipVariableName: system_description 200 | device-groups: 201 | vipObjectType: list 202 | vipType: ignore 203 | vipVariableName: system_device_groups 204 | eco-friendly-mode: 205 | vipObjectType: object 206 | vipType: ignore 207 | vipValue: 'false' 208 | vipVariableName: system_eco_friendly_mode 209 | gps-location: 210 | latitude: 211 | vipObjectType: object 212 | vipType: variableName 213 | vipValue: '' 214 | vipVariableName: system_latitude 215 | longitude: 216 | vipObjectType: object 217 | vipType: variableName 218 | vipValue: '' 219 | vipVariableName: system_longitude 220 | host-name: 221 | vipObjectType: object 222 | vipType: variableName 223 | vipValue: '' 224 | vipVariableName: system_host_name 225 | host-policer-pps: 226 | vipObjectType: object 227 | vipType: ignore 228 | vipValue: 20000 229 | vipVariableName: system_host_policer_pps 230 | icmp-error-pps: 231 | vipObjectType: object 232 | vipType: ignore 233 | vipValue: 100 234 | vipVariableName: system_icmp_error_pps 235 | idle-timeout: 236 | vipObjectType: object 237 | vipType: ignore 238 | vipVariableName: system_idle-timeout 239 | location: 240 | vipObjectType: object 241 | vipType: ignore 242 | vipVariableName: system_location 243 | max-omp-sessions: 244 | vipObjectType: object 245 | vipType: ignore 246 | vipVariableName: system_max_omp_sessions 247 | multicast-buffer-percent: 248 | vipObjectType: object 249 | vipType: ignore 250 | vipValue: 20 251 | vipVariableName: system_multicast_buffer_percent 252 | overlay-id: 253 | vipObjectType: object 254 | vipType: ignore 255 | vipValue: 1 256 | vipVariableName: system_overlay_id 257 | port-hop: 258 | vipObjectType: object 259 | vipType: ignore 260 | vipValue: 'true' 261 | vipVariableName: system_port_hop 262 | port-offset: 263 | vipObjectType: object 264 | vipType: ignore 265 | vipValue: 0 266 | vipVariableName: system_port_offset 267 | route-consistency-check: 268 | vipObjectType: object 269 | vipType: ignore 270 | vipValue: 'false' 271 | vipVariableName: system_route_consistency_check 272 | site-id: 273 | vipObjectType: object 274 | vipType: variableName 275 | vipValue: '' 276 | vipVariableName: system_site_id 277 | system-ip: 278 | vipObjectType: object 279 | vipType: variableName 280 | vipValue: '' 281 | vipVariableName: system_system_ip 282 | system-tunnel-mtu: 283 | vipObjectType: object 284 | vipType: ignore 285 | vipValue: 1024 286 | vipVariableName: system_system_tunnel_mtu 287 | timer: 288 | dns-cache-timeout: 289 | vipObjectType: object 290 | vipType: ignore 291 | vipValue: 2 292 | vipVariableName: system_dns_cache_timeout 293 | track-default-gateway: 294 | vipObjectType: object 295 | vipType: ignore 296 | vipValue: 'true' 297 | vipVariableName: system_track_default_gateway 298 | track-interface-tag: 299 | vipObjectType: object 300 | vipType: ignore 301 | vipVariableName: system_track_interface_tag 302 | track-transport: 303 | vipObjectType: object 304 | vipType: ignore 305 | vipValue: 'true' 306 | vipVariableName: system_track_transport 307 | tracker: 308 | vipObjectType: tree 309 | vipPrimaryKey: 310 | - name 311 | vipType: ignore 312 | vipValue: [] 313 | usb-controller: 314 | vipObjectType: object 315 | vipType: ignore 316 | vipValue: 'false' 317 | vipVariableName: system_usb_controller 318 | templateDescription: vedge_system 319 | templateId: 1b4d55ce-58b8-482a-8d1e-35755ea421ff 320 | templateMinVersion: 15.0.0 321 | templateName: vedge_system 322 | templateType: system-vedge 323 | - '@rid': 82 324 | attachedMastersCount: 2 325 | configType: xml 326 | createdBy: admin 327 | createdOn: 1559758476897 328 | deviceType: 329 | - vedge-cloud 330 | devicesAttached: 0 331 | factoryDefault: false 332 | feature: vmanage-default 333 | lastUpdatedBy: admin 334 | lastUpdatedOn: 1559758476897 335 | templateDefinition: 336 | access-list: 337 | vipObjectType: tree 338 | vipPrimaryKey: 339 | - direction 340 | vipType: ignore 341 | vipValue: [] 342 | arp: 343 | ip: 344 | vipObjectType: tree 345 | vipPrimaryKey: 346 | - addr 347 | vipType: ignore 348 | vipValue: [] 349 | arp-timeout: 350 | vipObjectType: object 351 | vipType: ignore 352 | vipValue: 1200 353 | vipVariableName: vpn_if_arp_timeout 354 | autonegotiate: 355 | vipObjectType: object 356 | vipType: ignore 357 | vipValue: 'true' 358 | vipVariableName: vpn_if_autonegotiate 359 | bandwidth-downstream: 360 | vipObjectType: object 361 | vipType: ignore 362 | vipVariableName: vpn_if_bandwidth_downstream 363 | bandwidth-upstream: 364 | vipObjectType: object 365 | vipType: ignore 366 | vipVariableName: vpn_if_bandwidth_upstream 367 | block-non-source-ip: 368 | vipObjectType: object 369 | vipType: ignore 370 | vipValue: 'false' 371 | vipVariableName: vpn_if_block_non_source_ip 372 | clear-dont-fragment: 373 | vipObjectType: object 374 | vipType: ignore 375 | vipValue: 'false' 376 | vipVariableName: vpn_if_clear_dont_fragment 377 | description: 378 | vipObjectType: object 379 | vipType: ignore 380 | vipVariableName: vpn_if_description 381 | dhcp-helper: 382 | vipObjectType: list 383 | vipType: ignore 384 | vipVariableName: vpn_if_dhcp_helper 385 | dot1x: 386 | vipObjectType: node-only 387 | vipType: ignore 388 | duplex: 389 | vipObjectType: object 390 | vipType: ignore 391 | vipValue: _empty 392 | vipVariableName: vpn_if_duplex 393 | flow-control: 394 | vipObjectType: object 395 | vipType: ignore 396 | vipValue: autoneg 397 | vipVariableName: vpn_if_flow_control 398 | icmp-redirect-disable: 399 | vipObjectType: object 400 | vipType: ignore 401 | vipValue: 'false' 402 | vipVariableName: vpn_if_icmp_redirect_disable 403 | if-name: 404 | vipObjectType: object 405 | vipType: constant 406 | vipValue: eth0 407 | vipVariableName: vpn_if_name 408 | ip: 409 | dhcp-client: 410 | vipObjectType: object 411 | vipType: constant 412 | vipValue: 'true' 413 | dhcp-distance: 414 | vipObjectType: object 415 | vipType: ignore 416 | vipValue: 1 417 | vipVariableName: vpn_if_ipv4_dhcp_distance 418 | secondary-address: 419 | vipObjectType: tree 420 | vipPrimaryKey: 421 | - address 422 | vipType: ignore 423 | vipValue: [] 424 | ipv6: 425 | access-list: 426 | vipObjectType: tree 427 | vipPrimaryKey: 428 | - direction 429 | vipType: ignore 430 | vipValue: [] 431 | address: 432 | vipObjectType: object 433 | vipType: ignore 434 | vipValue: '' 435 | vipVariableName: vpn_if_ipv6_ipv6_address 436 | dhcp-helper-v6: 437 | vipObjectType: tree 438 | vipPrimaryKey: 439 | - address 440 | vipType: ignore 441 | vipValue: [] 442 | secondary-address: 443 | vipObjectType: tree 444 | vipPrimaryKey: 445 | - address 446 | vipType: ignore 447 | vipValue: [] 448 | ipv6-vrrp: 449 | vipObjectType: tree 450 | vipPrimaryKey: 451 | - grp-id 452 | vipType: ignore 453 | vipValue: [] 454 | mac-address: 455 | vipObjectType: object 456 | vipType: ignore 457 | vipVariableName: vpn_if_mac_address 458 | mtu: 459 | vipObjectType: object 460 | vipType: ignore 461 | vipValue: 1500 462 | vipVariableName: vpn_if_ip_mtu 463 | pmtu: 464 | vipObjectType: object 465 | vipType: ignore 466 | vipValue: 'false' 467 | vipVariableName: vpn_if_pmtu 468 | policer: 469 | vipObjectType: tree 470 | vipPrimaryKey: 471 | - policer-name 472 | - direction 473 | vipType: ignore 474 | vipValue: [] 475 | qos-map: 476 | vipObjectType: object 477 | vipType: ignore 478 | vipVariableName: qos_map 479 | rewrite-rule: 480 | rule-name: 481 | vipObjectType: object 482 | vipType: ignore 483 | vipVariableName: rewrite_rule_name 484 | shaping-rate: 485 | vipObjectType: object 486 | vipType: ignore 487 | vipVariableName: qos_shaping_rate 488 | shutdown: 489 | vipObjectType: object 490 | vipType: constant 491 | vipValue: 'false' 492 | vipVariableName: vpn_if_shutdown 493 | speed: 494 | vipObjectType: object 495 | vipType: ignore 496 | vipValue: _empty 497 | vipVariableName: vpn_if_speed 498 | static-ingress-qos: 499 | vipObjectType: object 500 | vipType: ignore 501 | vipVariableName: vpn_if_static_ingress_qos 502 | tcp-mss-adjust: 503 | vipObjectType: object 504 | vipType: ignore 505 | vipVariableName: vpn_if_tcp_mss_adjust 506 | tloc-extension: 507 | vipObjectType: object 508 | vipType: ignore 509 | vipVariableName: vpn_if_tloc_extension 510 | tloc-extension-gre-from: 511 | src-ip: 512 | vipObjectType: object 513 | vipType: ignore 514 | vipVariableName: vpn_if_tloc-ext_gre_from_src_ip 515 | xconnect: 516 | vipObjectType: object 517 | vipType: ignore 518 | vipVariableName: vpn_if_tloc-ext_gre_from_xconnect 519 | tracker: 520 | vipObjectType: list 521 | vipType: ignore 522 | vipVariableName: vpn_if_tracker 523 | vrrp: 524 | vipObjectType: tree 525 | vipPrimaryKey: 526 | - grp-id 527 | vipType: ignore 528 | vipValue: [] 529 | templateDescription: vedge_vpn512_mgmt_interface 530 | templateId: 36714c74-45a8-492f-82cb-5af5bb494cb4 531 | templateMinVersion: 15.0.0 532 | templateName: vedge_vpn512_mgmt_interface 533 | templateType: vpn-vedge-interface 534 | - '@rid': 83 535 | attachedMastersCount: 1 536 | configType: xml 537 | createdBy: admin 538 | createdOn: 1559758477068 539 | deviceType: 540 | - vedge-cloud 541 | devicesAttached: 0 542 | factoryDefault: false 543 | feature: vmanage-default 544 | lastUpdatedBy: admin 545 | lastUpdatedOn: 1559758477068 546 | templateDefinition: 547 | ospf: 548 | area: 549 | vipObjectType: tree 550 | vipPrimaryKey: 551 | - a-num 552 | vipType: constant 553 | vipValue: 554 | - a-num: 555 | dataPath: [] 556 | originalDefaultOption: constant 557 | vipObjectType: object 558 | vipType: constant 559 | vipValue: 0 560 | vipVariableName: ospf_area_a_num 561 | interface: 562 | vipObjectType: tree 563 | vipPrimaryKey: 564 | - name 565 | vipType: constant 566 | vipValue: 567 | - authentication: 568 | authentication-key: 569 | vipObjectType: object 570 | vipType: ignore 571 | vipValue: '' 572 | vipVariableName: ospf_authentication_key 573 | message-digest: 574 | md5: 575 | vipObjectType: object 576 | vipType: ignore 577 | vipValue: '' 578 | vipVariableName: ospf_md5 579 | message-digest-key: 580 | vipObjectType: object 581 | vipType: ignore 582 | vipValue: '' 583 | vipVariableName: ospf_message_digest_key 584 | type: 585 | vipObjectType: object 586 | vipType: ignore 587 | vipValue: _empty 588 | vipVariableName: ospf_authentication_type 589 | cost: 590 | dataPath: [] 591 | originalDefaultOption: ignore 592 | vipObjectType: object 593 | vipType: ignore 594 | vipVariableName: ospf_cost 595 | dead-interval: 596 | dataPath: [] 597 | originalDefaultOption: ignore 598 | vipObjectType: object 599 | vipType: ignore 600 | vipValue: 40 601 | vipVariableName: ospf_dead_interval 602 | hello-interval: 603 | dataPath: [] 604 | originalDefaultOption: ignore 605 | vipObjectType: object 606 | vipType: ignore 607 | vipValue: 10 608 | vipVariableName: ospf_hello_interval 609 | name: 610 | dataPath: [] 611 | originalDefaultOption: constant 612 | vipObjectType: object 613 | vipType: constant 614 | vipValue: ge0/1 615 | vipVariableName: ospf_name 616 | network: 617 | dataPath: [] 618 | originalDefaultOption: ignore 619 | vipObjectType: object 620 | vipType: ignore 621 | vipValue: broadcast 622 | vipVariableName: ospf_network 623 | passive-interface: 624 | dataPath: [] 625 | originalDefaultOption: ignore 626 | vipObjectType: node-only 627 | vipType: ignore 628 | vipValue: 'false' 629 | vipVariableName: ospf_passive_interface 630 | priority: 631 | dataPath: [] 632 | originalDefaultOption: ignore 633 | vipObjectType: object 634 | vipType: ignore 635 | vipValue: 1 636 | vipVariableName: ospf_priority 637 | priority-order: 638 | - name 639 | - hello-interval 640 | - dead-interval 641 | - retransmit-interval 642 | - cost 643 | - priority 644 | - network 645 | - passive-interface 646 | - authentication 647 | retransmit-interval: 648 | dataPath: [] 649 | originalDefaultOption: ignore 650 | vipObjectType: object 651 | vipType: ignore 652 | vipValue: 5 653 | vipVariableName: ospf_retransmit_interval 654 | nssa: 655 | no-summary: 656 | vipObjectType: node-only 657 | vipType: ignore 658 | translate: 659 | vipObjectType: object 660 | vipType: ignore 661 | priority-order: 662 | - a-num 663 | - interface 664 | stub: 665 | no-summary: 666 | vipObjectType: node-only 667 | vipType: ignore 668 | auto-cost: 669 | reference-bandwidth: 670 | vipObjectType: object 671 | vipType: ignore 672 | vipValue: 100 673 | vipVariableName: ospf_reference_bandwidth 674 | compatible: 675 | rfc1583: 676 | vipObjectType: object 677 | vipType: ignore 678 | vipValue: 'true' 679 | vipVariableName: ospf_rfc1583 680 | distance: 681 | external: 682 | vipObjectType: object 683 | vipType: ignore 684 | vipValue: 110 685 | vipVariableName: ospf_distance_external 686 | inter-area: 687 | vipObjectType: object 688 | vipType: ignore 689 | vipValue: 110 690 | vipVariableName: ospf_distance_inter_area 691 | intra-area: 692 | vipObjectType: object 693 | vipType: ignore 694 | vipValue: 110 695 | vipVariableName: ospf_distance_intra_area 696 | max-metric: 697 | router-lsa: 698 | vipObjectType: tree 699 | vipPrimaryKey: 700 | - ad-type 701 | vipType: ignore 702 | vipValue: [] 703 | redistribute: 704 | vipObjectType: tree 705 | vipPrimaryKey: 706 | - protocol 707 | vipType: constant 708 | vipValue: 709 | - priority-order: 710 | - protocol 711 | - route-policy 712 | protocol: 713 | vipObjectType: object 714 | vipType: constant 715 | vipValue: omp 716 | vipVariableName: ospf_redistribute_protocol 717 | route-policy: 718 | vipObjectType: object 719 | vipType: ignore 720 | vipVariableName: ospf_redistribute_route_policy 721 | router-id: 722 | vipObjectType: object 723 | vipType: ignore 724 | vipVariableName: ospf_router_id 725 | timers: 726 | spf: 727 | delay: 728 | vipObjectType: object 729 | vipType: ignore 730 | vipValue: 200 731 | vipVariableName: ospf_delay 732 | initial-hold: 733 | vipObjectType: object 734 | vipType: ignore 735 | vipValue: 1000 736 | vipVariableName: ospf_initial_hold 737 | max-hold: 738 | vipObjectType: object 739 | vipType: ignore 740 | vipValue: 10000 741 | vipVariableName: ospf_max_hold 742 | templateDescription: vpn1_ospf 743 | templateId: af829adb-9dbf-4529-a6f7-34405992a439 744 | templateMinVersion: 15.0.0 745 | templateName: vpn1_ospf 746 | templateType: ospf 747 | - '@rid': 84 748 | attachedMastersCount: 2 749 | configType: xml 750 | createdBy: admin 751 | createdOn: 1559758477235 752 | deviceType: 753 | - vedge-cloud 754 | devicesAttached: 0 755 | factoryDefault: false 756 | feature: vmanage-default 757 | lastUpdatedBy: admin 758 | lastUpdatedOn: 1559758477235 759 | templateDefinition: 760 | ecmp-hash-key: 761 | layer4: 762 | vipObjectType: object 763 | vipType: ignore 764 | vipValue: 'false' 765 | vipVariableName: vpn_layer4 766 | host: 767 | vipObjectType: tree 768 | vipPrimaryKey: 769 | - hostname 770 | vipType: ignore 771 | vipValue: [] 772 | ip: 773 | gre-route: {} 774 | ipsec-route: {} 775 | route: 776 | vipObjectType: tree 777 | vipPrimaryKey: 778 | - prefix 779 | vipType: constant 780 | vipValue: 781 | - next-hop: 782 | vipObjectType: tree 783 | vipPrimaryKey: 784 | - address 785 | vipType: constant 786 | vipValue: 787 | - address: 788 | vipObjectType: object 789 | vipType: variableName 790 | vipValue: '' 791 | vipVariableName: vpn0_default_gateway 792 | distance: 793 | vipObjectType: object 794 | vipType: ignore 795 | vipValue: 1 796 | vipVariableName: vpn_next_hop_ip_distance_0 797 | priority-order: 798 | - address 799 | - distance 800 | prefix: 801 | vipObjectType: object 802 | vipType: constant 803 | vipValue: 0.0.0.0/0 804 | vipVariableName: vpn_ipv4_ip_prefix 805 | priority-order: 806 | - prefix 807 | - next-hop 808 | ipv6: {} 809 | name: 810 | vipObjectType: object 811 | vipType: ignore 812 | vipVariableName: vpn_name 813 | omp: 814 | advertise: 815 | vipObjectType: tree 816 | vipPrimaryKey: 817 | - protocol 818 | vipType: ignore 819 | vipValue: [] 820 | ipv6-advertise: 821 | vipObjectType: tree 822 | vipPrimaryKey: 823 | - protocol 824 | vipType: ignore 825 | vipValue: [] 826 | service: 827 | vipObjectType: tree 828 | vipPrimaryKey: 829 | - svc-type 830 | vipType: ignore 831 | vipValue: [] 832 | tcp-optimization: 833 | vipObjectType: node-only 834 | vipType: ignore 835 | vipValue: 'false' 836 | vipVariableName: vpn_tcp_optimization 837 | vpn-id: 838 | vipObjectType: object 839 | vipType: constant 840 | vipValue: 0 841 | templateDescription: vedge_vpn0 842 | templateId: 744c5ec6-1082-477e-be21-58b59030b175 843 | templateMinVersion: 15.0.0 844 | templateName: vedge_vpn0 845 | templateType: vpn-vedge 846 | - '@rid': 85 847 | attachedMastersCount: 2 848 | configType: xml 849 | createdBy: admin 850 | createdOn: 1559758477389 851 | deviceType: 852 | - vedge-cloud 853 | devicesAttached: 0 854 | factoryDefault: false 855 | feature: vmanage-default 856 | lastUpdatedBy: admin 857 | lastUpdatedOn: 1559758477389 858 | templateDefinition: 859 | ecmp-hash-key: 860 | layer4: 861 | vipObjectType: object 862 | vipType: ignore 863 | vipValue: 'false' 864 | vipVariableName: vpn_layer4 865 | host: 866 | vipObjectType: tree 867 | vipPrimaryKey: 868 | - hostname 869 | vipType: ignore 870 | vipValue: [] 871 | ip: 872 | gre-route: {} 873 | ipsec-route: {} 874 | ipv6: {} 875 | name: 876 | vipObjectType: object 877 | vipType: ignore 878 | vipVariableName: vpn_name 879 | omp: 880 | advertise: 881 | vipObjectType: tree 882 | vipPrimaryKey: 883 | - protocol 884 | vipType: ignore 885 | vipValue: [] 886 | ipv6-advertise: 887 | vipObjectType: tree 888 | vipPrimaryKey: 889 | - protocol 890 | vipType: ignore 891 | vipValue: [] 892 | service: 893 | vipObjectType: tree 894 | vipPrimaryKey: 895 | - svc-type 896 | vipType: ignore 897 | vipValue: [] 898 | tcp-optimization: 899 | vipObjectType: node-only 900 | vipType: ignore 901 | vipValue: 'false' 902 | vipVariableName: vpn_tcp_optimization 903 | vpn-id: 904 | vipObjectType: object 905 | vipType: constant 906 | vipValue: 512 907 | templateDescription: vedge_vpn512 908 | templateId: b514b0fb-93b1-4c6e-9fc3-66155b05249c 909 | templateMinVersion: 15.0.0 910 | templateName: vedge_vpn512 911 | templateType: vpn-vedge 912 | - '@rid': 86 913 | attachedMastersCount: 2 914 | configType: xml 915 | createdBy: admin 916 | createdOn: 1559758477538 917 | deviceType: 918 | - vedge-cloud 919 | devicesAttached: 0 920 | factoryDefault: false 921 | feature: vmanage-default 922 | lastUpdatedBy: admin 923 | lastUpdatedOn: 1559758477538 924 | templateDefinition: 925 | access-list: 926 | vipObjectType: tree 927 | vipPrimaryKey: 928 | - direction 929 | vipType: ignore 930 | vipValue: [] 931 | arp: 932 | ip: 933 | vipObjectType: tree 934 | vipPrimaryKey: 935 | - addr 936 | vipType: ignore 937 | vipValue: [] 938 | arp-timeout: 939 | vipObjectType: object 940 | vipType: ignore 941 | vipValue: 1200 942 | vipVariableName: vpn_if_arp_timeout 943 | autonegotiate: 944 | vipObjectType: object 945 | vipType: ignore 946 | vipValue: 'true' 947 | vipVariableName: vpn_if_autonegotiate 948 | bandwidth-downstream: 949 | vipObjectType: object 950 | vipType: ignore 951 | vipVariableName: vpn_if_bandwidth_downstream 952 | bandwidth-upstream: 953 | vipObjectType: object 954 | vipType: ignore 955 | vipVariableName: vpn_if_bandwidth_upstream 956 | block-non-source-ip: 957 | vipObjectType: object 958 | vipType: ignore 959 | vipValue: 'false' 960 | vipVariableName: vpn_if_block_non_source_ip 961 | clear-dont-fragment: 962 | vipObjectType: object 963 | vipType: ignore 964 | vipValue: 'false' 965 | vipVariableName: vpn_if_clear_dont_fragment 966 | description: 967 | vipObjectType: object 968 | vipType: ignore 969 | vipVariableName: vpn_if_description 970 | dhcp-helper: 971 | vipObjectType: list 972 | vipType: ignore 973 | vipVariableName: vpn_if_dhcp_helper 974 | dot1x: 975 | vipObjectType: node-only 976 | vipType: ignore 977 | duplex: 978 | vipObjectType: object 979 | vipType: ignore 980 | vipValue: _empty 981 | vipVariableName: vpn_if_duplex 982 | flow-control: 983 | vipObjectType: object 984 | vipType: ignore 985 | vipValue: autoneg 986 | vipVariableName: vpn_if_flow_control 987 | icmp-redirect-disable: 988 | vipObjectType: object 989 | vipType: ignore 990 | vipValue: 'false' 991 | vipVariableName: vpn_if_icmp_redirect_disable 992 | if-name: 993 | vipObjectType: object 994 | vipType: constant 995 | vipValue: ge0/0 996 | vipVariableName: vpn_if_name 997 | ip: 998 | address: 999 | vipObjectType: object 1000 | vipType: variableName 1001 | vipValue: '' 1002 | vipVariableName: vpn0_internet_ipv4_address 1003 | secondary-address: 1004 | vipObjectType: tree 1005 | vipPrimaryKey: 1006 | - address 1007 | vipType: ignore 1008 | vipValue: [] 1009 | ipv6: 1010 | access-list: 1011 | vipObjectType: tree 1012 | vipPrimaryKey: 1013 | - direction 1014 | vipType: ignore 1015 | vipValue: [] 1016 | address: 1017 | vipObjectType: object 1018 | vipType: ignore 1019 | vipValue: '' 1020 | vipVariableName: vpn_if_ipv6_ipv6_address 1021 | dhcp-helper-v6: 1022 | vipObjectType: tree 1023 | vipPrimaryKey: 1024 | - address 1025 | vipType: ignore 1026 | vipValue: [] 1027 | secondary-address: 1028 | vipObjectType: tree 1029 | vipPrimaryKey: 1030 | - address 1031 | vipType: ignore 1032 | vipValue: [] 1033 | ipv6-vrrp: 1034 | vipObjectType: tree 1035 | vipPrimaryKey: 1036 | - grp-id 1037 | vipType: ignore 1038 | vipValue: [] 1039 | mac-address: 1040 | vipObjectType: object 1041 | vipType: ignore 1042 | vipVariableName: vpn_if_mac_address 1043 | mtu: 1044 | vipObjectType: object 1045 | vipType: ignore 1046 | vipValue: 1500 1047 | vipVariableName: vpn_if_ip_mtu 1048 | pmtu: 1049 | vipObjectType: object 1050 | vipType: ignore 1051 | vipValue: 'false' 1052 | vipVariableName: vpn_if_pmtu 1053 | policer: 1054 | vipObjectType: tree 1055 | vipPrimaryKey: 1056 | - policer-name 1057 | - direction 1058 | vipType: ignore 1059 | vipValue: [] 1060 | qos-map: 1061 | vipObjectType: object 1062 | vipType: ignore 1063 | vipVariableName: qos_map 1064 | rewrite-rule: 1065 | rule-name: 1066 | vipObjectType: object 1067 | vipType: ignore 1068 | vipVariableName: rewrite_rule_name 1069 | shaping-rate: 1070 | vipObjectType: object 1071 | vipType: ignore 1072 | vipVariableName: qos_shaping_rate 1073 | shutdown: 1074 | vipObjectType: object 1075 | vipType: constant 1076 | vipValue: 'false' 1077 | vipVariableName: vpn_if_shutdown 1078 | speed: 1079 | vipObjectType: object 1080 | vipType: ignore 1081 | vipValue: _empty 1082 | vipVariableName: vpn_if_speed 1083 | static-ingress-qos: 1084 | vipObjectType: object 1085 | vipType: ignore 1086 | vipVariableName: vpn_if_static_ingress_qos 1087 | tcp-mss-adjust: 1088 | vipObjectType: object 1089 | vipType: ignore 1090 | vipVariableName: vpn_if_tcp_mss_adjust 1091 | tloc-extension: 1092 | vipObjectType: object 1093 | vipType: ignore 1094 | vipVariableName: vpn_if_tloc_extension 1095 | tloc-extension-gre-from: 1096 | src-ip: 1097 | vipObjectType: object 1098 | vipType: ignore 1099 | vipVariableName: vpn_if_tloc-ext_gre_from_src_ip 1100 | xconnect: 1101 | vipObjectType: object 1102 | vipType: ignore 1103 | vipVariableName: vpn_if_tloc-ext_gre_from_xconnect 1104 | tracker: 1105 | vipObjectType: list 1106 | vipType: ignore 1107 | vipVariableName: vpn_if_tracker 1108 | tunnel-interface: 1109 | allow-service: 1110 | all: 1111 | vipObjectType: object 1112 | vipType: ignore 1113 | vipValue: 'false' 1114 | vipVariableName: vpn_if_tunnel_all 1115 | bgp: 1116 | vipObjectType: object 1117 | vipType: ignore 1118 | vipValue: 'false' 1119 | vipVariableName: vpn_if_tunnel_bgp 1120 | dhcp: 1121 | vipObjectType: object 1122 | vipType: ignore 1123 | vipValue: 'true' 1124 | vipVariableName: vpn_if_tunnel_dhcp 1125 | dns: 1126 | vipObjectType: object 1127 | vipType: ignore 1128 | vipValue: 'true' 1129 | vipVariableName: vpn_if_tunnel_dns 1130 | https: 1131 | vipObjectType: object 1132 | vipType: ignore 1133 | vipValue: 'true' 1134 | vipVariableName: vpn_if_tunnel_https 1135 | icmp: 1136 | vipObjectType: object 1137 | vipType: ignore 1138 | vipValue: 'true' 1139 | vipVariableName: vpn_if_tunnel_icmp 1140 | netconf: 1141 | vipObjectType: object 1142 | vipType: constant 1143 | vipValue: 'true' 1144 | vipVariableName: vpn_if_tunnel_netconf 1145 | ntp: 1146 | vipObjectType: object 1147 | vipType: ignore 1148 | vipValue: 'false' 1149 | vipVariableName: vpn_if_tunnel_ntp 1150 | ospf: 1151 | vipObjectType: object 1152 | vipType: ignore 1153 | vipValue: 'false' 1154 | vipVariableName: vpn_if_tunnel_ospf 1155 | sshd: 1156 | vipObjectType: object 1157 | vipType: constant 1158 | vipValue: 'false' 1159 | vipVariableName: vpn_if_tunnel_sshd 1160 | stun: 1161 | vipObjectType: object 1162 | vipType: ignore 1163 | vipValue: 'false' 1164 | vipVariableName: vpn_if_tunnel_stun 1165 | bind: 1166 | vipObjectType: object 1167 | vipType: ignore 1168 | vipVariableName: vpn_if_tunnel_bind 1169 | border: 1170 | vipObjectType: object 1171 | vipType: ignore 1172 | vipValue: 'false' 1173 | vipVariableName: vpn_if_tunnel_border 1174 | carrier: 1175 | vipObjectType: object 1176 | vipType: ignore 1177 | vipValue: default 1178 | vipVariableName: vpn_if_tunnel_carrier 1179 | color: 1180 | restrict: 1181 | vipObjectType: node-only 1182 | vipType: ignore 1183 | vipValue: 'false' 1184 | vipVariableName: vpn_if_tunnel_color_restrict 1185 | value: 1186 | vipObjectType: object 1187 | vipType: constant 1188 | vipValue: public-internet 1189 | vipVariableName: vpn_if_tunnel_color_value 1190 | control-connections: 1191 | vipObjectType: object 1192 | vipType: ignore 1193 | vipValue: 'true' 1194 | vipVariableName: control_connections 1195 | encapsulation: 1196 | vipObjectType: tree 1197 | vipPrimaryKey: 1198 | - encap 1199 | vipType: constant 1200 | vipValue: 1201 | - encap: 1202 | vipObjectType: object 1203 | vipType: constant 1204 | vipValue: ipsec 1205 | preference: 1206 | vipObjectType: object 1207 | vipType: ignore 1208 | vipVariableName: vpn_if_tunnel_ipsec_preference 1209 | priority-order: 1210 | - encap 1211 | - preference 1212 | - weight 1213 | weight: 1214 | vipObjectType: object 1215 | vipType: ignore 1216 | vipValue: 1 1217 | vipVariableName: vpn_if_tunnel_ipsec_weight 1218 | exclude-controller-group-list: 1219 | vipObjectType: list 1220 | vipType: ignore 1221 | vipVariableName: vpn_if_tunnel_exclude_controller_group_list 1222 | group: 1223 | vipObjectType: list 1224 | vipType: ignore 1225 | vipVariableName: vpn_if_tunnel_group 1226 | hello-interval: 1227 | vipObjectType: object 1228 | vipType: ignore 1229 | vipValue: 1000 1230 | vipVariableName: vpn_if_tunnel_hello_interval 1231 | hello-tolerance: 1232 | vipObjectType: object 1233 | vipType: ignore 1234 | vipValue: 12 1235 | vipVariableName: vpn_if_tunnel_hello_tolerance 1236 | hold-time: 1237 | vipObjectType: object 1238 | vipType: ignore 1239 | vipValue: 7000 1240 | vipVariableName: hold-time 1241 | last-resort-circuit: 1242 | vipObjectType: object 1243 | vipType: ignore 1244 | vipValue: 'false' 1245 | vipVariableName: vpn_if_tunnel_last_resort_circuit 1246 | low-bandwidth-link: 1247 | vipObjectType: object 1248 | vipType: ignore 1249 | vipValue: 'false' 1250 | vipVariableName: vpn_if_tunnel_low_bandwidth_link 1251 | max-control-connections: 1252 | vipObjectType: object 1253 | vipType: ignore 1254 | vipVariableName: vpn_if_tunnel_max_control_connections 1255 | nat-refresh-interval: 1256 | vipObjectType: object 1257 | vipType: ignore 1258 | vipValue: 5 1259 | vipVariableName: vpn_if_tunnel_nat_refresh_interval 1260 | port-hop: 1261 | vipObjectType: object 1262 | vipType: ignore 1263 | vipValue: 'true' 1264 | vipVariableName: vpn_if_tunnel_port_hop 1265 | tloc-extension-gre-to: 1266 | dst-ip: 1267 | vipObjectType: object 1268 | vipType: ignore 1269 | vipVariableName: vpn_if_tunnel_tloc_ext_gre_to_dst_ip 1270 | vbond-as-stun-server: 1271 | vipObjectType: object 1272 | vipType: ignore 1273 | vipValue: 'false' 1274 | vipVariableName: vpn_if_tunnel_vbond_as_stun_server 1275 | vmanage-connection-preference: 1276 | vipObjectType: object 1277 | vipType: ignore 1278 | vipValue: 5 1279 | vipVariableName: vpn_if_tunnel_vmanage_connection_preference 1280 | vrrp: 1281 | vipObjectType: tree 1282 | vipPrimaryKey: 1283 | - grp-id 1284 | vipType: ignore 1285 | vipValue: [] 1286 | templateDescription: vpn0_internet_interface 1287 | templateId: e4b0eb7c-f93e-4f5e-9aac-99cd501ced53 1288 | templateMinVersion: 15.0.0 1289 | templateName: vedge_vpn0_internet_interface 1290 | templateType: vpn-vedge-interface 1291 | - '@rid': 87 1292 | attachedMastersCount: 2 1293 | configType: xml 1294 | createdBy: admin 1295 | createdOn: 1559758477694 1296 | deviceType: 1297 | - vedge-cloud 1298 | devicesAttached: 0 1299 | factoryDefault: false 1300 | feature: vmanage-default 1301 | lastUpdatedBy: admin 1302 | lastUpdatedOn: 1559758477694 1303 | templateDefinition: 1304 | access-list: 1305 | vipObjectType: tree 1306 | vipPrimaryKey: 1307 | - direction 1308 | vipType: ignore 1309 | vipValue: [] 1310 | arp: 1311 | ip: 1312 | vipObjectType: tree 1313 | vipPrimaryKey: 1314 | - addr 1315 | vipType: ignore 1316 | vipValue: [] 1317 | arp-timeout: 1318 | vipObjectType: object 1319 | vipType: ignore 1320 | vipValue: 1200 1321 | vipVariableName: vpn_if_arp_timeout 1322 | autonegotiate: 1323 | vipObjectType: object 1324 | vipType: ignore 1325 | vipValue: 'true' 1326 | vipVariableName: vpn_if_autonegotiate 1327 | bandwidth-downstream: 1328 | vipObjectType: object 1329 | vipType: ignore 1330 | vipVariableName: vpn_if_bandwidth_downstream 1331 | bandwidth-upstream: 1332 | vipObjectType: object 1333 | vipType: ignore 1334 | vipVariableName: vpn_if_bandwidth_upstream 1335 | block-non-source-ip: 1336 | vipObjectType: object 1337 | vipType: ignore 1338 | vipValue: 'false' 1339 | vipVariableName: vpn_if_block_non_source_ip 1340 | clear-dont-fragment: 1341 | vipObjectType: object 1342 | vipType: ignore 1343 | vipValue: 'false' 1344 | vipVariableName: vpn_if_clear_dont_fragment 1345 | description: 1346 | vipObjectType: object 1347 | vipType: ignore 1348 | vipVariableName: vpn_if_description 1349 | dhcp-helper: 1350 | vipObjectType: list 1351 | vipType: ignore 1352 | vipVariableName: vpn_if_dhcp_helper 1353 | dot1x: 1354 | vipObjectType: node-only 1355 | vipType: ignore 1356 | duplex: 1357 | vipObjectType: object 1358 | vipType: ignore 1359 | vipValue: _empty 1360 | vipVariableName: vpn_if_duplex 1361 | flow-control: 1362 | vipObjectType: object 1363 | vipType: ignore 1364 | vipValue: autoneg 1365 | vipVariableName: vpn_if_flow_control 1366 | icmp-redirect-disable: 1367 | vipObjectType: object 1368 | vipType: ignore 1369 | vipValue: 'false' 1370 | vipVariableName: vpn_if_icmp_redirect_disable 1371 | if-name: 1372 | vipObjectType: object 1373 | vipType: constant 1374 | vipValue: ge0/1 1375 | vipVariableName: vpn_if_name 1376 | ip: 1377 | address: 1378 | vipObjectType: object 1379 | vipType: variableName 1380 | vipValue: '' 1381 | vipVariableName: vpn1_ipv4_address 1382 | secondary-address: 1383 | vipObjectType: tree 1384 | vipPrimaryKey: 1385 | - address 1386 | vipType: ignore 1387 | vipValue: [] 1388 | ipv6: 1389 | access-list: 1390 | vipObjectType: tree 1391 | vipPrimaryKey: 1392 | - direction 1393 | vipType: ignore 1394 | vipValue: [] 1395 | address: 1396 | vipObjectType: object 1397 | vipType: ignore 1398 | vipValue: '' 1399 | vipVariableName: vpn_if_ipv6_ipv6_address 1400 | dhcp-helper-v6: 1401 | vipObjectType: tree 1402 | vipPrimaryKey: 1403 | - address 1404 | vipType: ignore 1405 | vipValue: [] 1406 | secondary-address: 1407 | vipObjectType: tree 1408 | vipPrimaryKey: 1409 | - address 1410 | vipType: ignore 1411 | vipValue: [] 1412 | ipv6-vrrp: 1413 | vipObjectType: tree 1414 | vipPrimaryKey: 1415 | - grp-id 1416 | vipType: ignore 1417 | vipValue: [] 1418 | mac-address: 1419 | vipObjectType: object 1420 | vipType: ignore 1421 | vipVariableName: vpn_if_mac_address 1422 | mtu: 1423 | vipObjectType: object 1424 | vipType: ignore 1425 | vipValue: 1500 1426 | vipVariableName: vpn_if_ip_mtu 1427 | pmtu: 1428 | vipObjectType: object 1429 | vipType: ignore 1430 | vipValue: 'false' 1431 | vipVariableName: vpn_if_pmtu 1432 | policer: 1433 | vipObjectType: tree 1434 | vipPrimaryKey: 1435 | - policer-name 1436 | - direction 1437 | vipType: ignore 1438 | vipValue: [] 1439 | qos-map: 1440 | vipObjectType: object 1441 | vipType: ignore 1442 | vipVariableName: qos_map 1443 | rewrite-rule: 1444 | rule-name: 1445 | vipObjectType: object 1446 | vipType: ignore 1447 | vipVariableName: rewrite_rule_name 1448 | shaping-rate: 1449 | vipObjectType: object 1450 | vipType: ignore 1451 | vipVariableName: qos_shaping_rate 1452 | shutdown: 1453 | vipObjectType: object 1454 | vipType: constant 1455 | vipValue: 'false' 1456 | vipVariableName: vpn_if_shutdown 1457 | speed: 1458 | vipObjectType: object 1459 | vipType: ignore 1460 | vipValue: _empty 1461 | vipVariableName: vpn_if_speed 1462 | static-ingress-qos: 1463 | vipObjectType: object 1464 | vipType: ignore 1465 | vipVariableName: vpn_if_static_ingress_qos 1466 | tcp-mss-adjust: 1467 | vipObjectType: object 1468 | vipType: ignore 1469 | vipVariableName: vpn_if_tcp_mss_adjust 1470 | tloc-extension: 1471 | vipObjectType: object 1472 | vipType: ignore 1473 | vipVariableName: vpn_if_tloc_extension 1474 | tloc-extension-gre-from: 1475 | src-ip: 1476 | vipObjectType: object 1477 | vipType: ignore 1478 | vipVariableName: vpn_if_tloc-ext_gre_from_src_ip 1479 | xconnect: 1480 | vipObjectType: object 1481 | vipType: ignore 1482 | vipVariableName: vpn_if_tloc-ext_gre_from_xconnect 1483 | tracker: 1484 | vipObjectType: list 1485 | vipType: ignore 1486 | vipVariableName: vpn_if_tracker 1487 | vrrp: 1488 | vipObjectType: tree 1489 | vipPrimaryKey: 1490 | - grp-id 1491 | vipType: ignore 1492 | vipValue: [] 1493 | templateDescription: vpn1_lan_interface 1494 | templateId: 36761e42-29fd-4b4b-9184-6a784307d02f 1495 | templateMinVersion: 15.0.0 1496 | templateName: vpn1_lan_interface 1497 | templateType: vpn-vedge-interface 1498 | - '@rid': 88 1499 | attachedMastersCount: 2 1500 | configType: xml 1501 | createdBy: admin 1502 | createdOn: 1559758477856 1503 | deviceType: 1504 | - vedge-cloud 1505 | devicesAttached: 0 1506 | factoryDefault: false 1507 | feature: vmanage-default 1508 | lastUpdatedBy: admin 1509 | lastUpdatedOn: 1559758477856 1510 | templateDefinition: 1511 | ecmp-hash-key: 1512 | layer4: 1513 | vipObjectType: object 1514 | vipType: ignore 1515 | vipValue: 'false' 1516 | vipVariableName: vpn_layer4 1517 | host: 1518 | vipObjectType: tree 1519 | vipPrimaryKey: 1520 | - hostname 1521 | vipType: ignore 1522 | vipValue: [] 1523 | ip: 1524 | gre-route: {} 1525 | ipsec-route: {} 1526 | ipv6: {} 1527 | name: 1528 | vipObjectType: object 1529 | vipType: ignore 1530 | vipVariableName: vpn_name 1531 | omp: 1532 | advertise: 1533 | vipObjectType: tree 1534 | vipPrimaryKey: 1535 | - protocol 1536 | vipType: ignore 1537 | vipValue: [] 1538 | ipv6-advertise: 1539 | vipObjectType: tree 1540 | vipPrimaryKey: 1541 | - protocol 1542 | vipType: ignore 1543 | vipValue: [] 1544 | service: 1545 | vipObjectType: tree 1546 | vipPrimaryKey: 1547 | - svc-type 1548 | vipType: ignore 1549 | vipValue: [] 1550 | tcp-optimization: 1551 | vipObjectType: node-only 1552 | vipType: ignore 1553 | vipValue: 'false' 1554 | vipVariableName: vpn_tcp_optimization 1555 | vpn-id: 1556 | vipObjectType: object 1557 | vipType: constant 1558 | vipValue: 1 1559 | templateDescription: vpn1 1560 | templateId: 47af2019-f895-4a86-8add-84cdff9e6450 1561 | templateMinVersion: 15.0.0 1562 | templateName: vpn1 1563 | templateType: vpn-vedge 1564 | - '@rid': 298 1565 | attachedMastersCount: 2 1566 | configType: xml 1567 | createdBy: admin 1568 | createdOn: 1559757430975 1569 | deviceType: 1570 | - vedge-cloud 1571 | devicesAttached: 0 1572 | factoryDefault: false 1573 | feature: vmanage-default 1574 | lastUpdatedBy: admin 1575 | lastUpdatedOn: 1559758634490 1576 | templateDefinition: 1577 | login: 1578 | vipObjectType: object 1579 | vipType: variableName 1580 | vipValue: '' 1581 | vipVariableName: banner_login 1582 | motd: 1583 | vipObjectType: object 1584 | vipType: variableName 1585 | vipValue: '' 1586 | vipVariableName: banner_motd 1587 | templateDescription: vedge_banner 1588 | templateId: 6d8a67d4-ebef-47a5-8ec8-bf218d930728 1589 | templateMinVersion: 15.0.0 1590 | templateName: vedge_banner 1591 | templateType: banner 1592 | --------------------------------------------------------------------------------