├── .gitignore ├── README.md ├── answers └── 03_network_os_modules │ ├── all_facts │ ├── 192.168.100.1_intf_facts.yaml │ ├── 192.168.100.2_intf_facts.yaml │ └── 192.168.100.3_intf_facts.yaml │ ├── ansible.cfg │ ├── answer_task_3_1.yml │ ├── answer_task_3_1a.yml │ ├── answer_task_3_1b.yml │ ├── answer_task_3_1c.yml │ ├── answer_task_3_2.yml │ ├── answer_task_3_2a.yml │ ├── answer_task_3_2b.yml │ ├── answer_task_3_3.yml │ ├── answer_task_3_3a.yml │ ├── answer_task_3_3b.yml │ ├── answer_task_3_3c.yml │ ├── group_vars │ └── all.yml │ ├── host_vars │ └── 192.168.100.1.yml │ └── myhosts.ini ├── examples ├── 01_basics │ ├── ansible.cfg │ └── myhosts.ini ├── 02_playbook_basics │ ├── 1_show_commands.yml │ ├── 1_show_commands_vars.yml │ ├── 2_register_vars.yml │ ├── 3_register_debug_when.yml │ ├── ansible.cfg │ ├── group_vars │ │ ├── all.yml │ │ └── cisco_routers.yml │ ├── host_vars │ │ ├── 192.168.100.1.yml │ │ ├── 192.168.100.2.yml │ │ └── 192.168.100.3.yml │ └── myhosts.ini ├── 03_network_os_modules │ ├── ios_command │ │ ├── 1_ios_command.yml │ │ ├── 2_ios_command.yml │ │ ├── 3_ios_command_wait_for.yml │ │ ├── 4_ios_command_prompt.yml │ │ ├── ansible.cfg │ │ ├── group_vars │ │ │ ├── all.yml │ │ │ └── cisco-ios.yml │ │ └── myhosts.ini │ ├── ios_config │ │ ├── 01_ios_config_lines.yml │ │ ├── 01_ios_config_mult_lines.yml │ │ ├── 02_ios_config_parents_basic.yml │ │ ├── 02_ios_config_parents_mult.yml │ │ ├── 03_ios_config_debug.yml │ │ ├── 04_ios_config_save_when.yml │ │ ├── 05_ios_config_backup.yml │ │ ├── 06_ios_config_defaults.yml │ │ ├── 07_ios_config_after.yml │ │ ├── 07_ios_config_after_save.yml │ │ ├── 08_ios_config_before.yml │ │ ├── 09_ios_config_match_exact.yml │ │ ├── 09_ios_config_match_line.yml │ │ ├── 09_ios_config_match_none.yml │ │ ├── 09_ios_config_match_strict.yml │ │ ├── 10_ios_config_replace_block.yml │ │ ├── 10_ios_config_replace_line.yml │ │ ├── 11_ios_config_src.yml │ │ ├── 11_ios_config_src_jinja.yml │ │ ├── ansible.cfg │ │ ├── backup │ │ │ ├── 192.168.100.1_config.2020-04-24@08:16:51 │ │ │ ├── 192.168.100.2_config.2020-04-24@08:16:51 │ │ │ └── 192.168.100.3_config.2020-04-24@08:16:51 │ │ ├── group_vars │ │ │ └── all.yml │ │ ├── host_vars │ │ │ ├── 192.168.100.1 │ │ │ ├── 192.168.100.100 │ │ │ ├── 192.168.100.2 │ │ │ └── 192.168.100.3 │ │ ├── myhosts.ini │ │ └── templates │ │ │ ├── acl_cfg.txt │ │ │ ├── bgp.j2 │ │ │ └── ospf.j2 │ └── ios_facts │ │ ├── 1_ios_facts.yml │ │ ├── 2_ios_facts_debug.yml │ │ ├── 3_ios_facts.yml │ │ ├── 4_ios_facts_network_resources.yml │ │ ├── all_facts │ │ ├── 192.168.100.1_facts.json │ │ ├── 192.168.100.2_facts.json │ │ └── 192.168.100.3_facts.json │ │ ├── ansible.cfg │ │ ├── group_vars │ │ └── all.yml │ │ └── myhosts.ini ├── 04_network_resource_modules │ └── 1_ios_facts_network_resources.yml ├── 06_parsing_output │ ├── 1_parse_cli_textfsm.yml │ ├── 2_parse_cli_textfsm_save.yml │ ├── 3_net_textfsm_parse.yml │ ├── 4_parse_cli_filter.yml │ ├── ansible.cfg │ ├── filter_plugins │ │ ├── confparse.py │ │ └── net_textfsm_parse.py │ ├── group_vars │ │ └── all.yml │ ├── myhosts.ini │ ├── ntc-ansible │ │ ├── 1_ntc_ansible.yml │ │ ├── 2_ntc_ansible_save.yml │ │ ├── ansible.cfg │ │ ├── group_vars │ │ │ └── all.yml │ │ ├── host_vars │ │ │ ├── 192.168.100.1 │ │ │ ├── 192.168.100.100 │ │ │ ├── 192.168.100.2 │ │ │ └── 192.168.100.3 │ │ ├── myhosts.ini │ │ └── templates │ │ │ ├── acl_cfg.txt │ │ │ ├── bgp.j2 │ │ │ └── ospf.j2 │ ├── parse_spec │ │ └── cisco_ios_show_ip_int_br.yml │ ├── parsed_data │ │ ├── 192.168.100.1_sh ip int br.json │ │ ├── 192.168.100.2_sh ip int br.json │ │ └── 192.168.100.3_sh ip int br.json │ └── templates │ │ └── cisco_ios_show_ip_interface_brief.template ├── 07_playbooks │ ├── 4_playbook_include │ │ ├── 8_play_to_include.yml │ │ ├── 8_playbook_handlers.yml │ │ ├── 8_playbook_include_handlers.yml │ │ ├── 8_playbook_include_play.yml │ │ ├── 8_playbook_include_tasks.yml │ │ ├── 8_playbook_include_tasks_var.yml │ │ ├── 8_playbook_include_vars.yml │ │ └── 8_playbook_include_vars_files.yml │ ├── 4_playbook_jinja_filters │ │ ├── 8_playbook_filters_regex.yml │ │ └── 8_playbook_filters_to_nice_yaml.yml │ └── 4_playbook_roles │ │ ├── all_roles.yml │ │ ├── ansible.cfg │ │ ├── cfg_initial.yml │ │ ├── cfg_ospf.yml │ │ ├── group_vars │ │ ├── all.yml │ │ ├── cisco-routers.yml │ │ └── cisco-switches.yml │ │ ├── host_vars │ │ ├── 192.168.100.1 │ │ ├── 192.168.100.100 │ │ ├── 192.168.100.2 │ │ └── 192.168.100.3 │ │ ├── myhosts │ │ └── roles │ │ ├── ospf │ │ ├── handlers │ │ │ └── main.yml │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ └── ospf.j2 │ │ ├── security │ │ └── tasks │ │ │ └── main.yml │ │ └── usability │ │ └── tasks │ │ └── main.yml ├── README.md └── old_files_to_check │ ├── README_ansible.md │ ├── ansible.cfg │ ├── group_vars │ └── all.yml │ ├── handlers │ └── cisco_save_cfg.yml │ ├── host_vars │ ├── 192.168.100.1 │ ├── 192.168.100.100 │ ├── 192.168.100.2 │ └── 192.168.100.3 │ ├── myhosts │ ├── tasks │ ├── cisco_ospf_cfg.yml │ ├── cisco_vty_cfg.yml │ └── ntc_show.yml │ ├── templates │ ├── acl_cfg.txt │ ├── bgp.j2 │ └── ospf.j2 │ └── vars │ └── cisco_bgp_general.yml └── exercises └── 03_network_os_modules ├── all_facts ├── 192.168.100.1_intf_facts.yaml ├── 192.168.100.2_intf_facts.yaml └── 192.168.100.3_intf_facts.yaml ├── ansible.cfg ├── group_vars └── all.yml ├── host_vars └── 192.168.100.1.yml ├── myhosts.ini ├── task_3_1.md ├── task_3_1a.md ├── task_3_1b.md ├── task_3_1c.md ├── task_3_2.md ├── task_3_2a.md ├── task_3_2b.md ├── task_3_3.md ├── task_3_3a.md ├── task_3_3b.md ├── task_3_3c.md └── task_3_3d.md /.gitignore: -------------------------------------------------------------------------------- 1 | # Node rules: 2 | ## Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files) 3 | .grunt 4 | 5 | ## Dependency directory 6 | ## Commenting this out is preferred by some people, see 7 | ## https://docs.npmjs.com/misc/faq#should-i-check-my-node_modules-folder-into-git 8 | node_modules 9 | 10 | # Book build output 11 | _book 12 | 13 | # eBook build output 14 | *.epub 15 | *.mobi 16 | pyneng.pdf 17 | 18 | # OS generated files # 19 | # ###################### 20 | .DS_Store 21 | .DS_Store? 22 | ._* 23 | .Spotlight-V100 24 | .Trashes 25 | ehthumbs.db 26 | Thumbs.db 27 | 28 | # Vim undo files. Python# 29 | # ####################### 30 | *.un~ 31 | *.pyc 32 | *.swp 33 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ansible-example-exercises -------------------------------------------------------------------------------- /answers/03_network_os_modules/all_facts/192.168.100.1_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.101.1 7 | subnet: '24' 8 | - address: 192.168.102.1 9 | subnet: '24' 10 | - address: 192.168.100.1 11 | subnet: '24' 12 | lineprotocol: up 13 | macaddress: aabb.cc00.6500 14 | mediatype: null 15 | mtu: 1500 16 | operstatus: up 17 | type: AmdP2 18 | Ethernet0/1: 19 | bandwidth: 10000 20 | description: null 21 | duplex: null 22 | ipv4: 23 | - address: 192.168.200.1 24 | subnet: '24' 25 | lineprotocol: up 26 | macaddress: 0203.e800.6510 27 | mediatype: null 28 | mtu: 1500 29 | operstatus: up 30 | type: AmdP2 31 | Ethernet0/2: 32 | bandwidth: 10000 33 | description: null 34 | duplex: null 35 | ipv4: [] 36 | lineprotocol: up 37 | macaddress: aabb.cc00.6520 38 | mediatype: null 39 | mtu: 1500 40 | operstatus: up 41 | type: AmdP2 42 | Ethernet0/3: 43 | bandwidth: 10000 44 | description: null 45 | duplex: null 46 | ipv4: 47 | - address: 192.168.130.1 48 | subnet: '24' 49 | lineprotocol: up 50 | macaddress: aabb.cc00.6530 51 | mediatype: null 52 | mtu: 1500 53 | operstatus: up 54 | type: AmdP2 55 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/all_facts/192.168.100.2_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.100.2 7 | subnet: '24' 8 | lineprotocol: up 9 | macaddress: aabb.cc00.6600 10 | mediatype: null 11 | mtu: 1500 12 | operstatus: up 13 | type: AmdP2 14 | Ethernet0/1: 15 | bandwidth: 10000 16 | description: null 17 | duplex: null 18 | ipv4: [] 19 | lineprotocol: up 20 | macaddress: aabb.cc00.6610 21 | mediatype: null 22 | mtu: 1500 23 | operstatus: up 24 | type: AmdP2 25 | Ethernet0/2: 26 | bandwidth: 10000 27 | description: null 28 | duplex: null 29 | ipv4: [] 30 | lineprotocol: down 31 | macaddress: aabb.cc00.6620 32 | mediatype: null 33 | mtu: 1500 34 | operstatus: administratively down 35 | type: AmdP2 36 | Ethernet0/3: 37 | bandwidth: 10000 38 | description: null 39 | duplex: null 40 | ipv4: [] 41 | lineprotocol: down 42 | macaddress: aabb.cc00.6630 43 | mediatype: null 44 | mtu: 1500 45 | operstatus: administratively down 46 | type: AmdP2 47 | Loopback0: 48 | bandwidth: 8000000 49 | description: null 50 | duplex: null 51 | ipv4: 52 | - address: 10.2.2.2 53 | subnet: '24' 54 | lineprotocol: up 55 | macaddress: null 56 | mediatype: null 57 | mtu: 1514 58 | operstatus: up 59 | type: null 60 | Loopback100: 61 | bandwidth: 8000000 62 | description: null 63 | duplex: null 64 | ipv4: 65 | - address: 10.100.100.2 66 | subnet: '24' 67 | lineprotocol: up 68 | macaddress: null 69 | mediatype: null 70 | mtu: 1514 71 | operstatus: up 72 | type: null 73 | Loopback19: 74 | bandwidth: 8000000 75 | description: null 76 | duplex: null 77 | ipv4: [] 78 | lineprotocol: up 79 | macaddress: null 80 | mediatype: null 81 | mtu: 1514 82 | operstatus: up 83 | type: null 84 | Loopback9: 85 | bandwidth: 8000000 86 | description: null 87 | duplex: null 88 | ipv4: [] 89 | lineprotocol: up 90 | macaddress: null 91 | mediatype: null 92 | mtu: 1514 93 | operstatus: up 94 | type: null 95 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/all_facts/192.168.100.3_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.100.3 7 | subnet: '24' 8 | lineprotocol: up 9 | macaddress: aabb.cc00.6700 10 | mediatype: null 11 | mtu: 1500 12 | operstatus: up 13 | type: AmdP2 14 | Ethernet0/1: 15 | bandwidth: 10000 16 | description: null 17 | duplex: null 18 | ipv4: [] 19 | lineprotocol: up 20 | macaddress: aabb.cc00.6710 21 | mediatype: null 22 | mtu: 1500 23 | operstatus: up 24 | type: AmdP2 25 | Ethernet0/2: 26 | bandwidth: 10000 27 | description: null 28 | duplex: null 29 | ipv4: [] 30 | lineprotocol: down 31 | macaddress: aabb.cc00.6720 32 | mediatype: null 33 | mtu: 1500 34 | operstatus: administratively down 35 | type: AmdP2 36 | Ethernet0/3: 37 | bandwidth: 10000 38 | description: null 39 | duplex: null 40 | ipv4: [] 41 | lineprotocol: down 42 | macaddress: aabb.cc00.6730 43 | mediatype: null 44 | mtu: 1500 45 | operstatus: administratively down 46 | type: AmdP2 47 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh arp 10 | ios_command: 11 | commands: sh arp 12 | register: sh_arp_output 13 | 14 | - name: Debug sh arp output 15 | debug: var=sh_arp_output 16 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_1a.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh arp 10 | ios_command: 11 | commands: sh arp 12 | register: sh_arp_output 13 | 14 | - name: Debug sh arp output 15 | debug: var=sh_arp_output.stdout_lines 16 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_1b.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh commands 10 | ios_command: 11 | commands: 12 | - sh arp 13 | - sh ip int br 14 | register: result 15 | 16 | - name: Debug output 17 | debug: var=result.stdout_lines 18 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_1c.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh commands 10 | ios_command: 11 | commands: 12 | - sh arp 13 | - sh ip int br 14 | register: result 15 | 16 | - name: Debug sh arp output 17 | debug: var=result.stdout_lines[0] 18 | 19 | - name: Debug sh ip int br output 20 | debug: var=result.stdout_lines[1] 21 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect facts 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Gather facts 10 | ios_facts: 11 | gather_subset: all 12 | 13 | - name: Show interfaces info 14 | debug: var=ansible_net_interfaces 15 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_2a.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect facts 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Gather facts 10 | ios_facts: 11 | gather_subset: all 12 | 13 | - name: Copy facts to files 14 | copy: 15 | content: "{{ ansible_net_interfaces | to_nice_yaml }}" 16 | dest: "all_facts/{{inventory_hostname}}_intf_facts.yaml" 17 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_2b.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect facts and run sh command 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Gather facts 10 | ios_facts: 11 | gather_subset: all 12 | 13 | - name: run sh ipv6 int br 14 | ios_command: 15 | commands: sh ipv6 int br 16 | register: show_result 17 | 18 | - name: Show result 19 | debug: var=show_result 20 | when: ansible_net_all_ipv6_addresses | bool 21 | 22 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_3.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Config ACL 10 | ios_config: 11 | before: 12 | - interface Ethernet 0/3 13 | - no ip access-group INET-to-LAN in 14 | - exit 15 | - no ip access-list extended INET-to-LAN 16 | parents: 17 | - ip access-list extended INET-to-LAN 18 | lines: 19 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 20 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 21 | - permit icmp any any 22 | after: 23 | - interface Ethernet 0/3 24 | - ip access-group INET-to-LAN in 25 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_3a.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Config ACL 10 | ios_config: 11 | before: 12 | - interface Ethernet 0/3 13 | - no ip access-group INET-to-LAN in 14 | - exit 15 | - no ip access-list extended INET-to-LAN 16 | parents: 17 | - ip access-list extended INET-to-LAN 18 | lines: 19 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 20 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 21 | - permit icmp any any 22 | after: 23 | - interface Ethernet 0/3 24 | - ip access-group INET-to-LAN in 25 | match: exact 26 | 27 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_3b.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Config ACL 10 | ios_config: 11 | before: 12 | - interface Ethernet 0/3 13 | - no ip access-group INET-to-LAN in 14 | - exit 15 | - no ip access-list extended INET-to-LAN 16 | parents: 17 | - ip access-list extended INET-to-LAN 18 | lines: 19 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 20 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 21 | - permit icmp any any 22 | after: 23 | - interface Ethernet 0/3 24 | - ip access-group INET-to-LAN in 25 | match: exact 26 | register: cfg 27 | 28 | - name: Show config updates 29 | debug: var=cfg.updates 30 | when: cfg.changed 31 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/answer_task_3_3c.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: Config ACL 10 | ios_config: 11 | before: 12 | - interface {{ outside_intf }} 13 | - no ip access-group INET-to-LAN in 14 | - exit 15 | - no ip access-list extended INET-to-LAN 16 | parents: 17 | - ip access-list extended INET-to-LAN 18 | lines: 19 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 20 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 21 | - permit icmp any any 22 | after: 23 | - interface {{ outside_intf }} 24 | - ip access-group INET-to-LAN in 25 | match: exact 26 | register: cfg 27 | 28 | - name: Show config updates 29 | debug: var=cfg.updates 30 | when: cfg.changed 31 | #Все отлично 32 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/host_vars/192.168.100.1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | outside_intf: Ethernet0/3 4 | -------------------------------------------------------------------------------- /answers/03_network_os_modules/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | -------------------------------------------------------------------------------- /examples/01_basics/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | remote_user = cisco 6 | ask_pass = True 7 | gathering = implicit 8 | -------------------------------------------------------------------------------- /examples/01_basics/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | 12 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/1_show_commands.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: all 5 | gather_facts: false 6 | #strategy: free 7 | 8 | tasks: 9 | 10 | - name: run sh ip int br 11 | ios_command: 12 | commands: sh ip int br 13 | #ignore_errors: true 14 | 15 | - name: run sh ip arp 16 | ios_command: 17 | commands: sh ip arp 18 | 19 | 20 | - name: Run command on R1 21 | hosts: 192.168.100.1 22 | gather_facts: false 23 | 24 | tasks: 25 | 26 | - name: run sh clock 27 | ios_command: 28 | commands: sh clock 29 | 30 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/1_show_commands_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | gather_facts: false 6 | 7 | vars: 8 | interfaces: sh ip int br 9 | 10 | tasks: 11 | 12 | - name: run sh ip int br 13 | ios_command: 14 | commands: "{{interfaces}}" 15 | 16 | 17 | - name: show var 18 | debug: var=run_command 19 | 20 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/2_register_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh ip int br 10 | ios_command: 11 | commands: sh ip int br 12 | register: sh_ip_int_br_result 13 | 14 | - name: Debug registered var 15 | debug: var=sh_ip_int_br_result.stdout_lines 16 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/3_register_debug_when.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run sh ip int br 10 | ios_command: 11 | commands: sh ip int br 12 | register: sh_ip_int_br_result 13 | 14 | - name: Debug registered var 15 | debug: 16 | msg: "IP адрес не найден" 17 | when: "'4.4.4.4' not in sh_ip_int_br_result.stdout[0]" 18 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | #gathering = implicit 6 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/group_vars/cisco_routers.yml: -------------------------------------------------------------------------------- 1 | log_server: 10.1.1.1 2 | run_command: sh run | i hostname 3 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/host_vars/192.168.100.1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r1 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.1 6 | ospf_ints: 7 | - 192.168.100.1 8 | - 10.0.0.1 9 | - 10.255.1.1 10 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/host_vars/192.168.100.2.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r2 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.2 6 | ospf_ints: 7 | - 192.168.100.2 8 | - 10.0.0.2 9 | - 10.255.2.2 10 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/host_vars/192.168.100.3.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r3 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.3 6 | ospf_ints: 7 | - 192.168.100.3 8 | - 10.0.0.3 9 | - 10.255.3.3 10 | -------------------------------------------------------------------------------- /examples/02_playbook_basics/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/1_ios_command.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | 6 | 7 | tasks: 8 | 9 | - name: run sh ip int br 10 | ios_command: 11 | commands: show ip int br 12 | register: sh_ip_int_br_result 13 | 14 | - name: Debug registered var 15 | debug: var=sh_ip_int_br_result.stdout_lines 16 | 17 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/2_ios_command.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | #gather_facts: false 6 | 7 | tasks: 8 | 9 | - name: run show commands 10 | ios_command: 11 | commands: 12 | - show ip int br 13 | - sh ip route 14 | register: show_result 15 | 16 | - name: Debug registered var 17 | debug: var=show_result.stdout_lines 18 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/3_ios_command_wait_for.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: run show commands 9 | ios_command: 10 | commands: ping 192.168.100.5 timeout 1 11 | wait_for: 12 | - result[0] contains 'Success rate is 100 percent' 13 | retries: 2 14 | interval: 12 15 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/4_ios_command_prompt.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: run commands that require answering a prompt 9 | ios_command: 10 | commands: 11 | - command: 'clear counters Ethernet0/1' 12 | prompt: 'Clear "show interface" counters on this interface \[confirm\]' 13 | answer: 'y' 14 | - command: 'clear counters Ethernet0/2' 15 | prompt: '[confirm]' 16 | answer: "\r" 17 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/group_vars/cisco-ios.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_ssh_pass: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_command/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/01_ios_config_lines.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config password encryption 9 | ios_config: 10 | lines: 11 | - service password-encryption 12 | 13 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/01_ios_config_mult_lines.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Send config commands 9 | ios_config: 10 | lines: 11 | - service password-encryption 12 | - no ip http server 13 | - no ip http secure-server 14 | - no ip domain lookup 15 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/02_ios_config_parents_basic.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config line vty 9 | ios_config: 10 | parents: 11 | - line vty 0 4 12 | lines: 13 | - login local 14 | - transport input ssh 15 | 16 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/02_ios_config_parents_mult.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config QoS policy 9 | ios_config: 10 | parents: 11 | - policy-map OUT_QOS 12 | - class class-default 13 | lines: 14 | - shape average 100000000 1000000 15 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/03_ios_config_debug.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco-routers 5 | 6 | tasks: 7 | 8 | - name: Config line vty 9 | ios_config: 10 | parents: 11 | - line vty 0 4 12 | lines: 13 | - login local 14 | - transport input ssh 15 | register: cfg 16 | 17 | - name: Show config updates 18 | debug: var=cfg.updates 19 | when: cfg.changed 20 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/04_ios_config_save_when.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config line vty 9 | ios_config: 10 | parents: 11 | - line vty 0 4 12 | lines: 13 | - login local 14 | - transport input ssh telnet 15 | save_when: modified 16 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/05_ios_config_backup.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config line vty 9 | ios_config: 10 | parents: 11 | - line vty 0 4 12 | lines: 13 | - login local 14 | - transport input ssh telnet 15 | backup: yes 16 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/06_ios_config_defaults.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config interface 9 | ios_config: 10 | parents: 11 | - interface Ethernet0/2 12 | lines: 13 | - ip address 190.16.200.1 255.255.255.0 14 | - ip mtu 1500 15 | defaults: yes 16 | 17 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/07_ios_config_after.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config interface 9 | ios_config: 10 | parents: 11 | - interface Ethernet0/3 12 | lines: 13 | - ip address 192.168.130.1 255.255.255.0 14 | after: 15 | - no shutdown 16 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/07_ios_config_after_save.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Config line vty 9 | ios_config: 10 | parents: 11 | - line vty 0 4 12 | lines: 13 | - login local 14 | - transport input ssh 15 | after: 16 | - end 17 | - write 18 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/08_ios_config_before.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/09_ios_config_match_exact.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | - deny ip any any 19 | match: exact 20 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/09_ios_config_match_line.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | parents: 11 | - ip access-list extended IN_to_OUT 12 | lines: 13 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 14 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 15 | - permit icmp any any 16 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/09_ios_config_match_none.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | match: none 19 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/09_ios_config_match_strict.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | match: strict 19 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/10_ios_config_replace_block.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | - deny ip any any 19 | replace: block 20 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/10_ios_config_replace_line.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | before: 11 | - no ip access-list extended IN_to_OUT 12 | parents: 13 | - ip access-list extended IN_to_OUT 14 | lines: 15 | - permit tcp 10.0.1.0 0.0.0.255 any eq www 16 | - permit tcp 10.0.1.0 0.0.0.255 any eq 22 17 | - permit icmp any any 18 | - deny ip any any 19 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/11_ios_config_src.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Config ACL 9 | ios_config: 10 | src: templates/acl_cfg.txt 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/11_ios_config_src_jinja.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: cisco-routers 5 | 6 | tasks: 7 | 8 | - name: Config OSPF 9 | ios_config: 10 | src: templates/ospf.j2 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/backup/192.168.100.1_config.2020-04-24@08:16:51: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 2460 bytes 4 | ! 5 | ! Last configuration change at 08:12:25 UTC Fri Apr 24 2020 6 | version 15.2 7 | no service timestamps debug uptime 8 | no service timestamps log uptime 9 | service password-encryption 10 | ! 11 | hostname R1 12 | ! 13 | boot-start-marker 14 | boot-end-marker 15 | ! 16 | ! 17 | logging buffered 20010 18 | enable password 7 070C285F4D06 19 | ! 20 | no aaa new-model 21 | ! 22 | mmi polling-interval 60 23 | no mmi auto-configure 24 | no mmi pvc 25 | mmi snmp-timeout 180 26 | ip auth-proxy max-login-attempts 5 27 | ip admission max-login-attempts 5 28 | ! 29 | ! 30 | ! 31 | ! 32 | ! 33 | no ip domain lookup 34 | ip domain name pyneng 35 | ip cef 36 | no ipv6 cef 37 | ! 38 | multilink bundle-name authenticated 39 | ! 40 | ! 41 | ! 42 | ! 43 | ! 44 | ! 45 | crypto pki token default removal timeout 0 46 | ! 47 | ! 48 | username cisco password 7 094F471A1A0A 49 | ! 50 | redundancy 51 | ! 52 | ! 53 | ip ssh version 2 54 | ! 55 | policy-map OUT_QOS 56 | class class-default 57 | shape average 100000000 1000000 58 | ! 59 | ! 60 | ! 61 | ! 62 | ! 63 | ! 64 | ! 65 | ! 66 | ! 67 | ! 68 | ! 69 | ! 70 | ! 71 | interface Loopback0 72 | ip address 4.4.4.4 255.255.255.255 73 | ! 74 | interface Loopback35 75 | no ip address 76 | ! 77 | interface Loopback55 78 | ip address 5.5.5.5 255.255.255.255 79 | ! 80 | interface Loopback90 81 | ip address 90.1.1.1 255.255.255.255 82 | ! 83 | interface Ethernet0/0 84 | ip address 192.168.101.1 255.255.255.0 secondary 85 | ip address 192.168.102.1 255.255.255.0 secondary 86 | ip address 192.168.100.1 255.255.255.0 87 | ! 88 | interface Ethernet0/1 89 | ip address 192.168.200.1 255.255.255.0 90 | ! 91 | interface Ethernet0/2 92 | ip address 19.1.1.1 255.255.255.0 93 | ! 94 | interface Ethernet0/3 95 | ip address 192.168.230.1 255.255.255.0 96 | ! 97 | ! 98 | router eigrp 1 99 | network 0.0.0.0 100 | ! 101 | router ospf 1 102 | network 0.0.0.0 255.255.255.255 area 0 103 | ! 104 | ip forward-protocol nd 105 | ! 106 | ! 107 | no ip http server 108 | no ip http secure-server 109 | ! 110 | ip access-list extended INET-to-LAN 111 | permit tcp 10.0.1.0 0.0.0.255 any eq www 112 | permit tcp 10.0.1.0 0.0.0.255 any eq 22 113 | permit icmp any any 114 | ! 115 | logging 10.255.255.1 116 | logging 4.4.4.4 117 | logging 10.1.1.1 118 | ! 119 | ! 120 | ! 121 | control-plane 122 | ! 123 | ! 124 | ! 125 | ! 126 | ! 127 | ! 128 | alias configure sh do sh 129 | alias exec ospf sh run | s ^router ospf 130 | alias exec bri show ip int bri | exc unass 131 | alias exec id show int desc 132 | alias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00% 133 | alias exec c conf t 134 | alias exec diff sh archive config differences nvram:startup-config system:running-config 135 | alias exec desc sh int desc | ex down 136 | alias exec bgp sh run | s ^router bgp 137 | ! 138 | line con 0 139 | exec-timeout 0 0 140 | privilege level 15 141 | logging synchronous 142 | line aux 0 143 | line vty 0 4 144 | logging synchronous 145 | login local 146 | transport input telnet ssh 147 | ! 148 | event manager applet COMM_ACC 149 | event cli pattern ".*" sync no skip no occurs 1 150 | action 1 syslog msg "User $_cli_username entered $_cli_msg on device $_cli_host " 151 | ! 152 | end 153 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/backup/192.168.100.2_config.2020-04-24@08:16:51: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 1829 bytes 4 | ! 5 | ! Last configuration change at 08:12:01 UTC Fri Apr 24 2020 by cisco 6 | version 15.2 7 | service timestamps debug datetime msec 8 | service timestamps log datetime msec 9 | service password-encryption 10 | ! 11 | hostname R2 12 | ! 13 | boot-start-marker 14 | boot-end-marker 15 | ! 16 | ! 17 | logging buffered 20010 18 | enable password 7 110A1016141D 19 | ! 20 | no aaa new-model 21 | ! 22 | mmi polling-interval 60 23 | no mmi auto-configure 24 | no mmi pvc 25 | mmi snmp-timeout 180 26 | ip auth-proxy max-login-attempts 5 27 | ip admission max-login-attempts 5 28 | ! 29 | ! 30 | ! 31 | ! 32 | ! 33 | no ip domain lookup 34 | ip domain name pyneng 35 | ip cef 36 | no ipv6 cef 37 | ! 38 | multilink bundle-name authenticated 39 | ! 40 | ! 41 | ! 42 | ! 43 | ! 44 | ! 45 | crypto pki token default removal timeout 0 46 | ! 47 | ! 48 | username cisco password 7 1511021F0725 49 | ! 50 | redundancy 51 | ! 52 | ! 53 | ip ssh version 2 54 | ! 55 | policy-map OUT_QOS 56 | class class-default 57 | shape average 100000000 1000000 58 | ! 59 | ! 60 | ! 61 | ! 62 | ! 63 | ! 64 | ! 65 | ! 66 | ! 67 | ! 68 | ! 69 | ! 70 | ! 71 | interface Loopback9 72 | no ip address 73 | ! 74 | interface Loopback19 75 | no ip address 76 | ! 77 | interface Ethernet0/0 78 | ip address 192.168.100.2 255.255.255.0 79 | ! 80 | interface Ethernet0/1 81 | no ip address 82 | ! 83 | interface Ethernet0/2 84 | no ip address 85 | shutdown 86 | ! 87 | interface Ethernet0/3 88 | no ip address 89 | shutdown 90 | ! 91 | ! 92 | router eigrp 1 93 | network 0.0.0.0 94 | ! 95 | router ospf 1 96 | network 0.0.0.0 255.255.255.255 area 0 97 | ! 98 | ip forward-protocol nd 99 | ! 100 | ! 101 | no ip http server 102 | no ip http secure-server 103 | ! 104 | ! 105 | ! 106 | ! 107 | control-plane 108 | ! 109 | ! 110 | ! 111 | ! 112 | ! 113 | ! 114 | alias configure sh do sh 115 | alias exec ospf sh run | s ^router ospf 116 | alias exec bri show ip int bri | exc unass 117 | alias exec id show int desc 118 | alias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00% 119 | alias exec c conf t 120 | alias exec diff sh archive config differences nvram:startup-config system:running-config 121 | alias exec desc sh int desc | ex down 122 | alias exec bgp sh run | s ^router bgp 123 | ! 124 | line con 0 125 | exec-timeout 0 0 126 | privilege level 15 127 | logging synchronous 128 | line aux 0 129 | line vty 0 4 130 | logging synchronous 131 | login local 132 | transport input telnet ssh 133 | ! 134 | ! 135 | end -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/backup/192.168.100.3_config.2020-04-24@08:16:51: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 1731 bytes 4 | ! 5 | ! Last configuration change at 08:12:01 UTC Fri Apr 24 2020 by cisco 6 | version 15.2 7 | service timestamps debug datetime msec 8 | service timestamps log datetime msec 9 | service password-encryption 10 | ! 11 | hostname R3 12 | ! 13 | boot-start-marker 14 | boot-end-marker 15 | ! 16 | ! 17 | enable password 7 0822455D0A16 18 | ! 19 | no aaa new-model 20 | ! 21 | mmi polling-interval 60 22 | no mmi auto-configure 23 | no mmi pvc 24 | mmi snmp-timeout 180 25 | ip auth-proxy max-login-attempts 5 26 | ip admission max-login-attempts 5 27 | ! 28 | ! 29 | ! 30 | ! 31 | ! 32 | no ip domain lookup 33 | ip domain name pyneng 34 | ip cef 35 | no ipv6 cef 36 | ! 37 | multilink bundle-name authenticated 38 | ! 39 | ! 40 | ! 41 | ! 42 | ! 43 | ! 44 | crypto pki token default removal timeout 0 45 | ! 46 | ! 47 | username cisco password 7 060506324F41 48 | ! 49 | redundancy 50 | ! 51 | ! 52 | ip ssh version 2 53 | ! 54 | policy-map OUT_QOS 55 | class class-default 56 | shape average 100000000 1000000 57 | ! 58 | ! 59 | ! 60 | ! 61 | ! 62 | ! 63 | ! 64 | ! 65 | ! 66 | ! 67 | ! 68 | ! 69 | ! 70 | interface Ethernet0/0 71 | ip address 192.168.100.3 255.255.255.0 72 | ! 73 | interface Ethernet0/1 74 | no ip address 75 | ! 76 | interface Ethernet0/2 77 | no ip address 78 | shutdown 79 | ! 80 | interface Ethernet0/3 81 | no ip address 82 | shutdown 83 | ! 84 | ! 85 | router eigrp 1 86 | network 0.0.0.0 87 | ! 88 | router ospf 1 89 | network 0.0.0.0 255.255.255.255 area 0 90 | ! 91 | ip forward-protocol nd 92 | ! 93 | ! 94 | no ip http server 95 | no ip http secure-server 96 | ! 97 | ! 98 | ! 99 | ! 100 | control-plane 101 | ! 102 | ! 103 | ! 104 | ! 105 | ! 106 | ! 107 | alias configure sh do sh 108 | alias exec ospf sh run | s ^router ospf 109 | alias exec bri show ip int bri | exc unass 110 | alias exec id show int desc 111 | alias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00% 112 | alias exec c conf t 113 | alias exec diff sh archive config differences nvram:startup-config system:running-config 114 | alias exec desc sh int desc | ex down 115 | alias exec bgp sh run | s ^router bgp 116 | ! 117 | line con 0 118 | exec-timeout 0 0 119 | privilege level 15 120 | logging synchronous 121 | line aux 0 122 | line vty 0 4 123 | logging synchronous 124 | login local 125 | transport input telnet ssh 126 | ! 127 | ! 128 | end -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/host_vars/192.168.100.1: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r1 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.1 6 | ospf_ints: 7 | - 192.168.100.1 8 | - 10.0.0.1 9 | - 10.255.1.1 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/host_vars/192.168.100.100: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_sw1 4 | mgmnt_int: VLAN100 5 | mgmnt_ip: 10.0.0.100 6 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/host_vars/192.168.100.2: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r2 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.2 6 | ospf_ints: 7 | - 192.168.100.2 8 | - 10.0.0.2 9 | - 10.255.2.2 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/host_vars/192.168.100.3: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r3 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.3 6 | ospf_ints: 7 | - 192.168.100.3 8 | - 10.0.0.3 9 | - 10.255.3.3 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/templates/acl_cfg.txt: -------------------------------------------------------------------------------- 1 | ip access-list extended IN_to_OUT 2 | permit tcp 10.0.1.0 0.0.0.255 any eq www 3 | permit tcp 10.0.1.0 0.0.0.255 any eq 22 4 | permit icmp any any 5 | deny ip any any 6 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/templates/bgp.j2: -------------------------------------------------------------------------------- 1 | router bgp {{ as }} 2 | network {{ network }} 3 | {% for n in ibgp_neighbors %} 4 | neighbor {{ n }} remote-as {{ as }} 5 | neighbor {{ n }} update-source {{ update_source_int }} 6 | {% endfor %} 7 | {% for extn in ebgp_neighbors %} 8 | neighbor {{ extn.ip }} remote-as {{ extn.as }} 9 | neighbor {{ extn.ip }} ttl-security hops {{ ttl_security_hops }} 10 | {% if send_community == true %} 11 | neighbor {{ extn.ip }} send-community 12 | {% endif %} 13 | {% endfor %} 14 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_config/templates/ospf.j2: -------------------------------------------------------------------------------- 1 | router ospf 1 2 | router-id {{ mgmnt_ip }} 3 | ispf 4 | auto-cost reference-bandwidth 10000 5 | {% for ip in ospf_ints %} 6 | network {{ ip }} 0.0.0.0 area 0 7 | {% endfor %} 8 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/1_ios_facts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Facts 9 | ios_facts: 10 | gather_subset: all 11 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/2_ios_facts_debug.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Facts 9 | ios_facts: 10 | gather_subset: all 11 | 12 | - name: Show ansible_net_all_ipv4_addresses fact 13 | debug: var=ansible_net_all_ipv4_addresses 14 | 15 | - name: Show ansible_net_interfaces fact 16 | debug: var=ansible_net_interfaces['Ethernet0/0'] 17 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/3_ios_facts.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: Facts 9 | ios_facts: 10 | gather_subset: all 11 | 12 | - name: Create all_facts dir 13 | file: 14 | path: ./all_facts/ 15 | state: directory 16 | mode: 0755 17 | 18 | - name: Copy facts to files 19 | copy: 20 | content: "{{ ansible_facts | to_nice_json }}" 21 | dest: "all_facts/{{inventory_hostname}}_facts.json" 22 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/4_ios_facts_network_resources.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Facts 9 | ios_facts: 10 | gather_subset: min 11 | gather_network_resources: 12 | - interfaces 13 | - l3_interfaces 14 | 15 | - name: Show ansible_network_resources 16 | debug: var=ansible_network_resources 17 | 18 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/all_facts/192.168.100.1_facts.json: -------------------------------------------------------------------------------- 1 | { 2 | "net_all_ipv4_addresses": [ 3 | "192.168.101.1", 4 | "192.168.102.1", 5 | "192.168.100.1", 6 | "192.168.200.1", 7 | "19.1.1.1", 8 | "192.168.230.1", 9 | "4.4.4.4", 10 | "5.5.5.5", 11 | "90.1.1.1" 12 | ], 13 | "net_all_ipv6_addresses": [], 14 | "net_api": "cliconf", 15 | "net_config": "!\n! Last configuration change at 17:12:30 UTC Wed Apr 22 2020 by cisco\nversion 15.2\nno service timestamps debug uptime\nno service timestamps log uptime\nservice password-encryption\n!\nhostname R1\n!\nboot-start-marker\nboot-end-marker\n!\n!\nlogging buffered 20010\nenable password 7 070C285F4D06\n!\nno aaa new-model\n!\nmmi polling-interval 60\nno mmi auto-configure\nno mmi pvc\nmmi snmp-timeout 180\nip auth-proxy max-login-attempts 5\nip admission max-login-attempts 5\n!\n!\n!\n!\n!\nno ip domain lookup\nip domain name pyneng\nip cef\nno ipv6 cef\n!\nmultilink bundle-name authenticated\n!\n!\n!\n!\n!\n!\ncrypto pki token default removal timeout 0\n!\n!\nusername cisco password 7 094F471A1A0A\n!\nredundancy\n!\n!\nip ssh version 2\n!\npolicy-map OUT_QOS\n class class-default\n shape average 100000000 1000000\n!\n! \n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\ninterface Loopback0\n ip address 4.4.4.4 255.255.255.255\n!\ninterface Loopback35\n no ip address\n!\ninterface Loopback55\n ip address 5.5.5.5 255.255.255.255\n!\ninterface Loopback90\n ip address 90.1.1.1 255.255.255.255\n!\ninterface Ethernet0/0\n ip address 192.168.101.1 255.255.255.0 secondary\n ip address 192.168.102.1 255.255.255.0 secondary\n ip address 192.168.100.1 255.255.255.0\n!\ninterface Ethernet0/1\n ip address 192.168.200.1 255.255.255.0\n!\ninterface Ethernet0/2\n ip address 19.1.1.1 255.255.255.0\n!\ninterface Ethernet0/3\n ip address 192.168.230.1 255.255.255.0\n!\n!\nrouter eigrp 1\n network 0.0.0.0\n!\nrouter ospf 1\n network 0.0.0.0 255.255.255.255 area 0\n!\nip forward-protocol nd\n!\n!\nip http server\nno ip http secure-server\n!\nip access-list extended INET-to-LAN\n permit tcp 10.0.1.0 0.0.0.255 any eq www\n permit tcp 10.0.1.0 0.0.0.255 any eq 22\n permit icmp any any\n!\nlogging 10.255.255.1\nlogging 4.4.4.4\nlogging 10.1.1.1\n!\n!\n!\ncontrol-plane\n!\n!\n!\n!\n!\n!\nalias configure sh do sh\nalias exec ospf sh run | s ^router ospf\nalias exec bri show ip int bri | exc unass\nalias exec id show int desc\nalias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00%\nalias exec c conf t\nalias exec diff sh archive config differences nvram:startup-config system:running-config\nalias exec desc sh int desc | ex down\nalias exec bgp sh run | s ^router bgp\n!\nline con 0\n exec-timeout 0 0\n privilege level 15\n logging synchronous\nline aux 0\nline vty 0 4\n logging synchronous\n login local\n transport input telnet ssh\n!\nevent manager applet COMM_ACC\n event cli pattern \".*\" sync no skip no occurs 1\n action 1 syslog msg \"User $_cli_username entered $_cli_msg on device $_cli_host \"\n!\nend", 16 | "net_filesystems": [ 17 | "system:" 18 | ], 19 | "net_filesystems_info": { 20 | "system:": {} 21 | }, 22 | "net_gather_network_resources": [], 23 | "net_gather_subset": [ 24 | "config", 25 | "interfaces", 26 | "default", 27 | "hardware" 28 | ], 29 | "net_hostname": "R1", 30 | "net_image": "unix:/home/vagrant/cisco/images/i86bi_linux-adventerprisek9-ms", 31 | "net_interfaces": { 32 | "Ethernet0/0": { 33 | "bandwidth": 10000, 34 | "description": null, 35 | "duplex": null, 36 | "ipv4": [ 37 | { 38 | "address": "192.168.101.1", 39 | "subnet": "24" 40 | }, 41 | { 42 | "address": "192.168.102.1", 43 | "subnet": "24" 44 | }, 45 | { 46 | "address": "192.168.100.1", 47 | "subnet": "24" 48 | } 49 | ], 50 | "lineprotocol": "up", 51 | "macaddress": "aabb.cc00.6500", 52 | "mediatype": null, 53 | "mtu": 1500, 54 | "operstatus": "up", 55 | "type": "AmdP2" 56 | }, 57 | "Ethernet0/1": { 58 | "bandwidth": 10000, 59 | "description": null, 60 | "duplex": null, 61 | "ipv4": [ 62 | { 63 | "address": "192.168.200.1", 64 | "subnet": "24" 65 | } 66 | ], 67 | "lineprotocol": "up", 68 | "macaddress": "0203.e800.6510", 69 | "mediatype": null, 70 | "mtu": 1500, 71 | "operstatus": "up", 72 | "type": "AmdP2" 73 | }, 74 | "Ethernet0/2": { 75 | "bandwidth": 10000, 76 | "description": null, 77 | "duplex": null, 78 | "ipv4": [ 79 | { 80 | "address": "19.1.1.1", 81 | "subnet": "24" 82 | } 83 | ], 84 | "lineprotocol": "up", 85 | "macaddress": "aabb.cc00.6520", 86 | "mediatype": null, 87 | "mtu": 1500, 88 | "operstatus": "up", 89 | "type": "AmdP2" 90 | }, 91 | "Ethernet0/3": { 92 | "bandwidth": 10000, 93 | "description": null, 94 | "duplex": null, 95 | "ipv4": [ 96 | { 97 | "address": "192.168.230.1", 98 | "subnet": "24" 99 | } 100 | ], 101 | "lineprotocol": "up", 102 | "macaddress": "aabb.cc00.6530", 103 | "mediatype": null, 104 | "mtu": 1500, 105 | "operstatus": "up", 106 | "type": "AmdP2" 107 | }, 108 | "Loopback0": { 109 | "bandwidth": 8000000, 110 | "description": null, 111 | "duplex": null, 112 | "ipv4": [ 113 | { 114 | "address": "4.4.4.4", 115 | "subnet": "32" 116 | } 117 | ], 118 | "lineprotocol": "up", 119 | "macaddress": null, 120 | "mediatype": null, 121 | "mtu": 1514, 122 | "operstatus": "up", 123 | "type": null 124 | }, 125 | "Loopback35": { 126 | "bandwidth": 8000000, 127 | "description": null, 128 | "duplex": null, 129 | "ipv4": [], 130 | "lineprotocol": "up", 131 | "macaddress": null, 132 | "mediatype": null, 133 | "mtu": 1514, 134 | "operstatus": "up", 135 | "type": null 136 | }, 137 | "Loopback55": { 138 | "bandwidth": 8000000, 139 | "description": null, 140 | "duplex": null, 141 | "ipv4": [ 142 | { 143 | "address": "5.5.5.5", 144 | "subnet": "32" 145 | } 146 | ], 147 | "lineprotocol": "up", 148 | "macaddress": null, 149 | "mediatype": null, 150 | "mtu": 1514, 151 | "operstatus": "up", 152 | "type": null 153 | }, 154 | "Loopback90": { 155 | "bandwidth": 8000000, 156 | "description": null, 157 | "duplex": null, 158 | "ipv4": [ 159 | { 160 | "address": "90.1.1.1", 161 | "subnet": "32" 162 | } 163 | ], 164 | "lineprotocol": "up", 165 | "macaddress": null, 166 | "mediatype": null, 167 | "mtu": 1514, 168 | "operstatus": "up", 169 | "type": null 170 | } 171 | }, 172 | "net_iostype": "IOS", 173 | "net_memfree_mb": 78226.75, 174 | "net_memtotal_mb": 128906.453125, 175 | "net_neighbors": { 176 | "Ethernet0/0": [ 177 | { 178 | "host": "SW1.pyneng", 179 | "port": "Ethernet0/1" 180 | } 181 | ] 182 | }, 183 | "net_python_version": "3.7.3", 184 | "net_serialnum": "2048101", 185 | "net_system": "ios", 186 | "net_version": "15.2(2.3)T", 187 | "network_resources": {} 188 | } -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/all_facts/192.168.100.2_facts.json: -------------------------------------------------------------------------------- 1 | { 2 | "net_all_ipv4_addresses": [ 3 | "192.168.100.2" 4 | ], 5 | "net_all_ipv6_addresses": [], 6 | "net_api": "cliconf", 7 | "net_config": "!\nversion 15.2\nservice timestamps debug datetime msec\nservice timestamps log datetime msec\nservice password-encryption\n!\nhostname R2\n!\nboot-start-marker\nboot-end-marker\n!\n!\nlogging buffered 20010\nenable password 7 110A1016141D\n!\nno aaa new-model\n!\nmmi polling-interval 60\nno mmi auto-configure\nno mmi pvc\nmmi snmp-timeout 180\nip auth-proxy max-login-attempts 5\nip admission max-login-attempts 5\n!\n!\n!\n!\n!\nno ip domain lookup\nip domain name pyneng\nip cef\nno ipv6 cef\n!\nmultilink bundle-name authenticated\n!\n!\n!\n!\n!\n!\ncrypto pki token default removal timeout 0\n!\n!\nusername cisco password 7 1511021F0725\n!\nredundancy\n!\n!\nip ssh version 2\n!\npolicy-map OUT_QOS\n class class-default\n shape average 100000000 1000000\n!\n! \n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\ninterface Loopback9\n no ip address\n!\ninterface Loopback19\n no ip address\n!\ninterface Ethernet0/0\n ip address 192.168.100.2 255.255.255.0\n!\ninterface Ethernet0/1\n no ip address\n!\ninterface Ethernet0/2\n no ip address\n shutdown\n!\ninterface Ethernet0/3\n no ip address\n shutdown\n!\n!\nrouter eigrp 1\n network 0.0.0.0\n!\nrouter ospf 1\n network 0.0.0.0 255.255.255.255 area 0\n!\nip forward-protocol nd\n!\n!\nip http server\nno ip http secure-server\n!\n!\n!\n!\ncontrol-plane\n!\n!\n!\n!\n!\n!\nalias configure sh do sh\nalias exec ospf sh run | s ^router ospf\nalias exec bri show ip int bri | exc unass\nalias exec id show int desc\nalias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00%\nalias exec c conf t\nalias exec diff sh archive config differences nvram:startup-config system:running-config\nalias exec desc sh int desc | ex down\nalias exec bgp sh run | s ^router bgp\n!\nline con 0\n exec-timeout 0 0\n privilege level 15\n logging synchronous\nline aux 0\nline vty 0 4\n logging synchronous\n login local\n transport input telnet ssh\n!\n!\nend", 8 | "net_filesystems": [ 9 | "system:" 10 | ], 11 | "net_filesystems_info": { 12 | "system:": {} 13 | }, 14 | "net_gather_network_resources": [], 15 | "net_gather_subset": [ 16 | "default", 17 | "hardware", 18 | "interfaces", 19 | "config" 20 | ], 21 | "net_hostname": "R2", 22 | "net_image": "unix:/home/vagrant/cisco/images/i86bi_linux-adventerprisek9-ms", 23 | "net_interfaces": { 24 | "Ethernet0/0": { 25 | "bandwidth": 10000, 26 | "description": null, 27 | "duplex": null, 28 | "ipv4": [ 29 | { 30 | "address": "192.168.100.2", 31 | "subnet": "24" 32 | } 33 | ], 34 | "lineprotocol": "up", 35 | "macaddress": "aabb.cc00.6600", 36 | "mediatype": null, 37 | "mtu": 1500, 38 | "operstatus": "up", 39 | "type": "AmdP2" 40 | }, 41 | "Ethernet0/1": { 42 | "bandwidth": 10000, 43 | "description": null, 44 | "duplex": null, 45 | "ipv4": [], 46 | "lineprotocol": "up", 47 | "macaddress": "aabb.cc00.6610", 48 | "mediatype": null, 49 | "mtu": 1500, 50 | "operstatus": "up", 51 | "type": "AmdP2" 52 | }, 53 | "Ethernet0/2": { 54 | "bandwidth": 10000, 55 | "description": null, 56 | "duplex": null, 57 | "ipv4": [], 58 | "lineprotocol": "down", 59 | "macaddress": "aabb.cc00.6620", 60 | "mediatype": null, 61 | "mtu": 1500, 62 | "operstatus": "administratively down", 63 | "type": "AmdP2" 64 | }, 65 | "Ethernet0/3": { 66 | "bandwidth": 10000, 67 | "description": null, 68 | "duplex": null, 69 | "ipv4": [], 70 | "lineprotocol": "down", 71 | "macaddress": "aabb.cc00.6630", 72 | "mediatype": null, 73 | "mtu": 1500, 74 | "operstatus": "administratively down", 75 | "type": "AmdP2" 76 | }, 77 | "Loopback19": { 78 | "bandwidth": 8000000, 79 | "description": null, 80 | "duplex": null, 81 | "ipv4": [], 82 | "lineprotocol": "up", 83 | "macaddress": null, 84 | "mediatype": null, 85 | "mtu": 1514, 86 | "operstatus": "up", 87 | "type": null 88 | }, 89 | "Loopback9": { 90 | "bandwidth": 8000000, 91 | "description": null, 92 | "duplex": null, 93 | "ipv4": [], 94 | "lineprotocol": "up", 95 | "macaddress": null, 96 | "mediatype": null, 97 | "mtu": 1514, 98 | "operstatus": "up", 99 | "type": null 100 | } 101 | }, 102 | "net_iostype": "IOS", 103 | "net_memfree_mb": 78564.7265625, 104 | "net_memtotal_mb": 128906.453125, 105 | "net_neighbors": { 106 | "Ethernet0/0": [ 107 | { 108 | "host": "SW1.pyneng", 109 | "port": "Ethernet0/2" 110 | } 111 | ], 112 | "Ethernet0/1": [ 113 | { 114 | "host": "R3.pyneng", 115 | "port": "Ethernet0/1" 116 | } 117 | ] 118 | }, 119 | "net_python_version": "3.7.3", 120 | "net_serialnum": "2048102", 121 | "net_system": "ios", 122 | "net_version": "15.2(2.3)T", 123 | "network_resources": {} 124 | } 125 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/all_facts/192.168.100.3_facts.json: -------------------------------------------------------------------------------- 1 | { 2 | "net_all_ipv4_addresses": [ 3 | "192.168.100.3" 4 | ], 5 | "net_all_ipv6_addresses": [], 6 | "net_api": "cliconf", 7 | "net_config": "!\nversion 15.2\nservice timestamps debug datetime msec\nservice timestamps log datetime msec\nservice password-encryption\n!\nhostname R3\n!\nboot-start-marker\nboot-end-marker\n!\n!\nenable password 7 0822455D0A16\n!\nno aaa new-model\n!\nmmi polling-interval 60\nno mmi auto-configure\nno mmi pvc\nmmi snmp-timeout 180\nip auth-proxy max-login-attempts 5\nip admission max-login-attempts 5\n!\n!\n!\n!\n!\nno ip domain lookup\nip domain name pyneng\nip cef\nno ipv6 cef\n!\nmultilink bundle-name authenticated\n!\n!\n!\n!\n!\n!\ncrypto pki token default removal timeout 0\n!\n!\nusername cisco password 7 060506324F41\n!\nredundancy\n!\n!\nip ssh version 2\n!\npolicy-map OUT_QOS\n class class-default\n shape average 100000000 1000000\n!\n! \n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\n!\ninterface Ethernet0/0\n ip address 192.168.100.3 255.255.255.0\n!\ninterface Ethernet0/1\n no ip address\n!\ninterface Ethernet0/2\n no ip address\n shutdown\n!\ninterface Ethernet0/3\n no ip address\n shutdown\n!\n!\nrouter eigrp 1\n network 0.0.0.0\n!\nrouter ospf 1\n network 0.0.0.0 255.255.255.255 area 0\n!\nip forward-protocol nd\n!\n!\nno ip http server\nno ip http secure-server\n!\n!\n!\n!\ncontrol-plane\n!\n!\n!\n!\n!\n!\nalias configure sh do sh\nalias exec ospf sh run | s ^router ospf\nalias exec bri show ip int bri | exc unass\nalias exec id show int desc\nalias exec top sh proc cpu sorted | excl 0.00%__0.00%__0.00%\nalias exec c conf t\nalias exec diff sh archive config differences nvram:startup-config system:running-config\nalias exec desc sh int desc | ex down\nalias exec bgp sh run | s ^router bgp\n!\nline con 0\n exec-timeout 0 0\n privilege level 15\n logging synchronous\nline aux 0\nline vty 0 4\n logging synchronous\n login local\n transport input telnet ssh\n!\n!\nend", 8 | "net_filesystems": [ 9 | "system:" 10 | ], 11 | "net_filesystems_info": { 12 | "system:": {} 13 | }, 14 | "net_gather_network_resources": [], 15 | "net_gather_subset": [ 16 | "default", 17 | "config", 18 | "interfaces", 19 | "hardware" 20 | ], 21 | "net_hostname": "R3", 22 | "net_image": "unix:/home/vagrant/cisco/images/i86bi_linux-adventerprisek9-ms", 23 | "net_interfaces": { 24 | "Ethernet0/0": { 25 | "bandwidth": 10000, 26 | "description": null, 27 | "duplex": null, 28 | "ipv4": [ 29 | { 30 | "address": "192.168.100.3", 31 | "subnet": "24" 32 | } 33 | ], 34 | "lineprotocol": "up", 35 | "macaddress": "aabb.cc00.6700", 36 | "mediatype": null, 37 | "mtu": 1500, 38 | "operstatus": "up", 39 | "type": "AmdP2" 40 | }, 41 | "Ethernet0/1": { 42 | "bandwidth": 10000, 43 | "description": null, 44 | "duplex": null, 45 | "ipv4": [], 46 | "lineprotocol": "up", 47 | "macaddress": "aabb.cc00.6710", 48 | "mediatype": null, 49 | "mtu": 1500, 50 | "operstatus": "up", 51 | "type": "AmdP2" 52 | }, 53 | "Ethernet0/2": { 54 | "bandwidth": 10000, 55 | "description": null, 56 | "duplex": null, 57 | "ipv4": [], 58 | "lineprotocol": "down", 59 | "macaddress": "aabb.cc00.6720", 60 | "mediatype": null, 61 | "mtu": 1500, 62 | "operstatus": "administratively down", 63 | "type": "AmdP2" 64 | }, 65 | "Ethernet0/3": { 66 | "bandwidth": 10000, 67 | "description": null, 68 | "duplex": null, 69 | "ipv4": [], 70 | "lineprotocol": "down", 71 | "macaddress": "aabb.cc00.6730", 72 | "mediatype": null, 73 | "mtu": 1500, 74 | "operstatus": "administratively down", 75 | "type": "AmdP2" 76 | } 77 | }, 78 | "net_iostype": "IOS", 79 | "net_memfree_mb": 78625.8203125, 80 | "net_memtotal_mb": 128906.453125, 81 | "net_neighbors": { 82 | "Ethernet0/0": [ 83 | { 84 | "host": "SW1.pyneng", 85 | "port": "Ethernet0/3" 86 | } 87 | ], 88 | "Ethernet0/1": [ 89 | { 90 | "host": "R2.pyneng", 91 | "port": "Ethernet0/1" 92 | } 93 | ] 94 | }, 95 | "net_python_version": "3.7.3", 96 | "net_serialnum": "2048103", 97 | "net_system": "ios", 98 | "net_version": "15.2(2.3)T", 99 | "network_resources": {} 100 | } -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/03_network_os_modules/ios_facts/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/04_network_resource_modules/1_ios_facts_network_resources.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: Facts 9 | ios_facts: 10 | gather_subset: min 11 | gather_network_resources: 12 | - interfaces 13 | - l3_interfaces 14 | 15 | - name: Show ansible_network_resources 16 | debug: var=ansible_network_resources 17 | 18 | -------------------------------------------------------------------------------- /examples/06_parsing_output/1_parse_cli_textfsm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | 6 | tasks: 7 | 8 | - name: run sh ip int br 9 | ios_command: 10 | commands: show ip int br 11 | register: sh_ip_int_br_result 12 | 13 | - name: Debug registered var 14 | debug: 15 | msg: "{{ sh_ip_int_br_result.stdout[0] | parse_cli_textfsm('templates/cisco_ios_show_ip_interface_brief.template') }}" 16 | 17 | -------------------------------------------------------------------------------- /examples/06_parsing_output/2_parse_cli_textfsm_save.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | 6 | vars: 7 | command: sh ip int br 8 | 9 | tasks: 10 | 11 | - name: run sh ip int br 12 | ios_command: 13 | commands: "{{ command }}" 14 | register: result 15 | 16 | - name: Save parsed data 17 | copy: 18 | content: "{{ result.stdout[0] | parse_cli_textfsm('templates/cisco_ios_show_ip_interface_brief.template') | to_nice_json }}" 19 | dest: "parsed_data/{{inventory_hostname}}_{{ command }}.json" 20 | -------------------------------------------------------------------------------- /examples/06_parsing_output/3_net_textfsm_parse.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco_routers 5 | 6 | vars: 7 | platform: cisco_ios 8 | command: show ip int brief 9 | 10 | tasks: 11 | 12 | - name: run sh ip int br 13 | ios_command: 14 | commands: "{{ command }}" 15 | register: result 16 | 17 | - name: Debug registered var 18 | debug: 19 | msg: "{{ result.stdout[0] | net_textfsm_parse(platform, command) }}" 20 | 21 | # export NET_TEXTFSM=/path/to/ntc-templates/templates/ 22 | # ansible-playbook 3_net_textfsm_parse.yml --extra-vars "command=\"sh cdp neigh\" platform=cisco_ios" 23 | -------------------------------------------------------------------------------- /examples/06_parsing_output/4_parse_cli_filter.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: 192.168.100.1 5 | 6 | tasks: 7 | 8 | - name: run sh ip int br 9 | ios_command: 10 | commands: show ip int br 11 | register: sh_ip_int_br_result 12 | 13 | - name: Debug registered var 14 | debug: 15 | msg: "{{ sh_ip_int_br_result.stdout[0] | parse_cli('parse_spec/cisco_ios_show_ip_int_br.yml') }}" 16 | 17 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | 7 | library = /home/vagrant/repos/ansible_modules 8 | -------------------------------------------------------------------------------- /examples/06_parsing_output/filter_plugins/confparse.py: -------------------------------------------------------------------------------- 1 | from __future__ import unicode_literals 2 | from __future__ import print_function 3 | 4 | from ciscoconfparse import CiscoConfParse 5 | 6 | 7 | def confparse_parent(config, parent, child): 8 | """Returns [match, parent_line, child_line] 9 | 10 | Where match is boolean indicating whether a match happened. 11 | parent_line is the parent line that was matched 12 | child_line is the child line that was matched 13 | 14 | if match is false, then parent_line will be set, but not child_line. 15 | """ 16 | results = [] 17 | try: 18 | # ConfParse requires a list, not a string 19 | config = config.splitlines() 20 | except AttributeError: 21 | pass 22 | 23 | try: 24 | # Automatically handle if 'show run' from _command module 25 | config = config["stdout_lines"][0] 26 | except (KeyError, IndexError, TypeError): 27 | pass 28 | 29 | cfg_obj = CiscoConfParse(config) 30 | search_results = cfg_obj.find_objects(parent) 31 | for parent_line in search_results: 32 | child_results = parent_line.re_search_children(child) 33 | if child_results: 34 | if len(child_results) > 1: 35 | raise ValueError("Currently only a single child match is supported") 36 | results.append((True, parent_line.text, child_results[0].text)) 37 | else: 38 | results.append((False, parent_line.text, None)) 39 | 40 | return results 41 | 42 | 43 | class FilterModule(object): 44 | def filters(self): 45 | return { 46 | "confparse_parent": confparse_parent, 47 | } 48 | 49 | 50 | if __name__ == "__main__": 51 | 52 | # Test code 53 | with open("config.txt") as f: 54 | config = f.read() 55 | 56 | confparse_parent(config, parent=r"^interface", child=r"switchport access vlan 100") 57 | -------------------------------------------------------------------------------- /examples/06_parsing_output/filter_plugins/net_textfsm_parse.py: -------------------------------------------------------------------------------- 1 | """ 2 | Filter to convert results from network device show commands obtained from ios_command, 3 | eos_command, et cetera to structured data using TextFSM templates. 4 | """ 5 | # from __future__ import unicode_literals 6 | # from __future__ import print_function 7 | # from textfsm.clitable import CliTableError 8 | # import textfsm.clitable as clitable 9 | 10 | import os 11 | #from clitable import CliTableError 12 | from textfsm import clitable 13 | 14 | 15 | def get_template_dir(): 16 | """Find and return the ntc-templates/templates dir.""" 17 | try: 18 | template_dir = os.environ["NET_TEXTFSM"] 19 | index = os.path.join(template_dir, "index") 20 | if not os.path.isfile(index): 21 | # Assume only base ./ntc-templates specified 22 | template_dir = os.path.join(template_dir, "templates") 23 | except KeyError: 24 | # Construct path ~/ntc-templates/templates 25 | home_dir = os.path.expanduser("~") 26 | template_dir = os.path.join(home_dir, "ntc-templates", "templates") 27 | 28 | index = os.path.join(template_dir, "index") 29 | if not os.path.isdir(template_dir) or not os.path.isfile(index): 30 | msg = """ 31 | Valid ntc-templates not found, please install https://github.com/networktocode/ntc-templates 32 | and then set the NET_TEXTFSM environment variable to point to the ./ntc-templates/templates 33 | directory.""" 34 | raise ValueError(msg) 35 | return template_dir 36 | 37 | 38 | def get_structured_data(raw_output, platform, command): 39 | """Convert raw CLI output to structured data using TextFSM template.""" 40 | template_dir = get_template_dir() 41 | index_file = "index" # CHANGED 42 | textfsm_obj = clitable.CliTable(index_file, template_dir) 43 | attrs = {"Command": command, "Platform": platform} 44 | try: 45 | # Parse output through template 46 | textfsm_obj.ParseCmd(raw_output, attrs) 47 | return clitable_to_dict(textfsm_obj) 48 | except CliTableError: 49 | return raw_output 50 | 51 | 52 | def clitable_to_dict(cli_table): 53 | """Converts TextFSM cli_table object to list of dictionaries.""" 54 | objs = [] 55 | for row in cli_table: 56 | temp_dict = {} 57 | for index, element in enumerate(row): 58 | temp_dict[cli_table.header[index].lower()] = element 59 | objs.append(temp_dict) 60 | return objs 61 | 62 | 63 | def net_textfsm_parse(output, platform, command): 64 | """Process config find interfaces using ip helper.""" 65 | try: 66 | output = output["stdout"][0] 67 | except (KeyError, IndexError, TypeError): 68 | pass 69 | return get_structured_data(output, platform, command) 70 | 71 | 72 | class FilterModule(object): 73 | """Filter to convert results from network device show commands obtained from ios_command, 74 | eos_command, et cetera to structured data using TextFSM templates.""" 75 | 76 | def filters(self): 77 | return { 78 | "net_textfsm_parse": net_textfsm_parse, 79 | } 80 | 81 | 82 | if __name__ == "__main__": 83 | 84 | # Test code 85 | pass 86 | -------------------------------------------------------------------------------- /examples/06_parsing_output/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/06_parsing_output/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/1_ntc_ansible.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on router 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Run sh ip int br 11 | ntc_show_command: 12 | connection: ssh 13 | platform: "cisco_ios" 14 | command: "sh ip int br" 15 | host: "{{ inventory_hostname }}" 16 | username: "cisco" 17 | password: "cisco" 18 | template_dir: "/home/vagrant/repos/ansible_modules/ntc-ansible/ntc-templates/templates" 19 | register: result 20 | 21 | - debug: var=result 22 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/2_ntc_ansible_save.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Run sh ip int br 11 | ntc_show_command: 12 | connection: ssh 13 | platform: "cisco_ios" 14 | command: "sh ip int br" 15 | host: "{{ inventory_hostname }}" 16 | username: "cisco" 17 | password: "cisco" 18 | template_dir: "library/ntc-ansible/ntc-templates/templates" 19 | register: result 20 | 21 | - name: Copy facts to files 22 | copy: 23 | content: "{{ result.response | to_nice_json }}" 24 | dest: "all_facts/{{inventory_hostname}}_sh_ip_int_br.json" 25 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | 7 | library = /home/vagrant/repos/ansible_modules 8 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/host_vars/192.168.100.1: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r1 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.1 6 | ospf_ints: 7 | - 192.168.100.1 8 | - 10.0.0.1 9 | - 10.255.1.1 10 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/host_vars/192.168.100.100: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_sw1 4 | mgmnt_int: VLAN100 5 | mgmnt_ip: 10.0.0.100 6 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/host_vars/192.168.100.2: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r2 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.2 6 | ospf_ints: 7 | - 192.168.100.2 8 | - 10.0.0.2 9 | - 10.255.2.2 10 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/host_vars/192.168.100.3: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r3 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.3 6 | ospf_ints: 7 | - 192.168.100.3 8 | - 10.0.0.3 9 | - 10.255.3.3 10 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco_routers:vars] 7 | ansible_connection=network_cli 8 | ansible_network_os=ios 9 | ansible_user=cisco 10 | ansible_password=cisco 11 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/templates/acl_cfg.txt: -------------------------------------------------------------------------------- 1 | ip access-list extended IN_to_OUT 2 | permit tcp 10.0.1.0 0.0.0.255 any eq www 3 | permit tcp 10.0.1.0 0.0.0.255 any eq 22 4 | permit icmp any any 5 | deny ip any any 6 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/templates/bgp.j2: -------------------------------------------------------------------------------- 1 | router bgp {{ as }} 2 | network {{ network }} 3 | {% for n in ibgp_neighbors %} 4 | neighbor {{ n }} remote-as {{ as }} 5 | neighbor {{ n }} update-source {{ update_source_int }} 6 | {% endfor %} 7 | {% for extn in ebgp_neighbors %} 8 | neighbor {{ extn.ip }} remote-as {{ extn.as }} 9 | neighbor {{ extn.ip }} ttl-security hops {{ ttl_security_hops }} 10 | {% if send_community == true %} 11 | neighbor {{ extn.ip }} send-community 12 | {% endif %} 13 | {% endfor %} 14 | -------------------------------------------------------------------------------- /examples/06_parsing_output/ntc-ansible/templates/ospf.j2: -------------------------------------------------------------------------------- 1 | router ospf 1 2 | router-id {{ mgmnt_ip }} 3 | ispf 4 | auto-cost reference-bandwidth 10000 5 | {% for ip in ospf_ints %} 6 | network {{ ip }} 0.0.0.0 area 0 7 | {% endfor %} 8 | -------------------------------------------------------------------------------- /examples/06_parsing_output/parse_spec/cisco_ios_show_ip_int_br.yml: -------------------------------------------------------------------------------- 1 | --- 2 | vars: 3 | interface: 4 | name: "{{ item.name }}" 5 | ip: "{{ item.ip }}" 6 | status: "{{ item.status }}" 7 | protocol: "{{ item.protocol }}" 8 | 9 | keys: 10 | router_intrefaces: 11 | value: "{{ interface }}" 12 | items: "^(?P\\S+)\\s+(?P\\S+)\\s+\\S+\\s+\\S+\\s+(?P\\S+)\\s+(?P\\S+)" 13 | state_static: 14 | value: present 15 | -------------------------------------------------------------------------------- /examples/06_parsing_output/parsed_data/192.168.100.1_sh ip int br.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "INTF": "Ethernet0/0", 4 | "IPADDR": "192.168.100.1", 5 | "PROTO": "up", 6 | "STATUS": "up" 7 | }, 8 | { 9 | "INTF": "Ethernet0/1", 10 | "IPADDR": "192.168.200.1", 11 | "PROTO": "up", 12 | "STATUS": "up" 13 | }, 14 | { 15 | "INTF": "Ethernet0/2", 16 | "IPADDR": "190.16.200.1", 17 | "PROTO": "up", 18 | "STATUS": "up" 19 | }, 20 | { 21 | "INTF": "Ethernet0/3", 22 | "IPADDR": "192.168.230.1", 23 | "PROTO": "up", 24 | "STATUS": "up" 25 | }, 26 | { 27 | "INTF": "Loopback0", 28 | "IPADDR": "4.4.4.4", 29 | "PROTO": "up", 30 | "STATUS": "up" 31 | }, 32 | { 33 | "INTF": "Loopback35", 34 | "IPADDR": "unassigned", 35 | "PROTO": "up", 36 | "STATUS": "up" 37 | }, 38 | { 39 | "INTF": "Loopback55", 40 | "IPADDR": "5.5.5.5", 41 | "PROTO": "up", 42 | "STATUS": "up" 43 | }, 44 | { 45 | "INTF": "Loopback90", 46 | "IPADDR": "90.1.1.1", 47 | "PROTO": "up", 48 | "STATUS": "up" 49 | } 50 | ] -------------------------------------------------------------------------------- /examples/06_parsing_output/parsed_data/192.168.100.2_sh ip int br.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "INTF": "Ethernet0/0", 4 | "IPADDR": "192.168.100.2", 5 | "PROTO": "up", 6 | "STATUS": "up" 7 | }, 8 | { 9 | "INTF": "Ethernet0/1", 10 | "IPADDR": "unassigned", 11 | "PROTO": "up", 12 | "STATUS": "up" 13 | }, 14 | { 15 | "INTF": "Ethernet0/2", 16 | "IPADDR": "unassigned", 17 | "PROTO": "down", 18 | "STATUS": "administratively down" 19 | }, 20 | { 21 | "INTF": "Ethernet0/3", 22 | "IPADDR": "unassigned", 23 | "PROTO": "down", 24 | "STATUS": "administratively down" 25 | }, 26 | { 27 | "INTF": "Loopback9", 28 | "IPADDR": "unassigned", 29 | "PROTO": "up", 30 | "STATUS": "up" 31 | }, 32 | { 33 | "INTF": "Loopback19", 34 | "IPADDR": "unassigned", 35 | "PROTO": "up", 36 | "STATUS": "up" 37 | } 38 | ] -------------------------------------------------------------------------------- /examples/06_parsing_output/parsed_data/192.168.100.3_sh ip int br.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "INTF": "Ethernet0/0", 4 | "IPADDR": "192.168.100.3", 5 | "PROTO": "up", 6 | "STATUS": "up" 7 | }, 8 | { 9 | "INTF": "Ethernet0/1", 10 | "IPADDR": "unassigned", 11 | "PROTO": "up", 12 | "STATUS": "up" 13 | }, 14 | { 15 | "INTF": "Ethernet0/2", 16 | "IPADDR": "unassigned", 17 | "PROTO": "down", 18 | "STATUS": "administratively down" 19 | }, 20 | { 21 | "INTF": "Ethernet0/3", 22 | "IPADDR": "unassigned", 23 | "PROTO": "down", 24 | "STATUS": "administratively down" 25 | } 26 | ] -------------------------------------------------------------------------------- /examples/06_parsing_output/templates/cisco_ios_show_ip_interface_brief.template: -------------------------------------------------------------------------------- 1 | Value INTF (\S+) 2 | Value IPADDR (\S+) 3 | Value STATUS (up|down|administratively down) 4 | Value PROTO (up|down) 5 | 6 | Start 7 | ^${INTF}\s+${IPADDR}\s+\w+\s+\w+\s+${STATUS}\s+${PROTO} -> Record 8 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_play_to_include.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run show commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: run show commands 11 | ios_command: 12 | commands: 13 | - show ip int br 14 | - sh ip route 15 | provider: "{{ cli }}" 16 | register: show_result 17 | 18 | - name: Debug registered var 19 | debug: var=show_result.stdout_lines 20 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_handlers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Config line vty 11 | ios_config: 12 | parents: 13 | - line vty 0 4 14 | lines: 15 | - login local 16 | - transport input ssh 17 | provider: "{{ cli }}" 18 | notify: save config 19 | 20 | - name: Send config commands 21 | ios_config: 22 | lines: 23 | - service password-encryption 24 | - no ip http server 25 | - no ip http secure-server 26 | - no ip domain lookup 27 | provider: "{{ cli }}" 28 | notify: save config 29 | 30 | handlers: 31 | 32 | - name: save config 33 | ios_command: 34 | commands: 35 | - write 36 | provider: "{{ cli }}" 37 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_handlers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Disable services 11 | ios_config: 12 | lines: 13 | - no ip http server 14 | - no ip http secure-server 15 | - no ip domain lookup 16 | provider: "{{ cli }}" 17 | notify: save config 18 | 19 | - include: tasks/cisco_ospf_cfg.yml 20 | - include: tasks/cisco_vty_cfg.yml 21 | 22 | handlers: 23 | 24 | - include: handlers/cisco_save_cfg.yml 25 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_play.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Disable services 11 | ios_config: 12 | lines: 13 | - no ip http server 14 | - no ip http secure-server 15 | - no ip domain lookup 16 | provider: "{{ cli }}" 17 | notify: save config 18 | 19 | - include: tasks/cisco_ospf_cfg.yml 20 | - include: tasks/cisco_vty_cfg.yml 21 | 22 | handlers: 23 | 24 | - include: handlers/cisco_save_cfg.yml 25 | 26 | - include: 8_play_to_include.yml 27 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_tasks.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Disable services 11 | ios_config: 12 | lines: 13 | - no ip http server 14 | - no ip http secure-server 15 | - no ip domain lookup 16 | provider: "{{ cli }}" 17 | notify: save config 18 | 19 | - include: tasks/cisco_ospf_cfg.yml 20 | - include: tasks/cisco_vty_cfg.yml 21 | 22 | handlers: 23 | 24 | - name: save config 25 | ios_command: 26 | commands: 27 | - write 28 | provider: "{{ cli }}" 29 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_tasks_var.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on routers 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - include: tasks/cisco_ospf_cfg.yml 11 | - include: tasks/ntc_show.yml ntc_command="sh ip route" 12 | 13 | handlers: 14 | 15 | - name: save config 16 | ios_command: 17 | commands: 18 | - write 19 | provider: "{{ cli }}" 20 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_vars.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Include BGP vars 11 | include_vars: vars/cisco_bgp_general.yml 12 | 13 | - name: Config BGP 14 | ios_config: 15 | src: templates/bgp.j2 16 | provider: "{{ cli }}" 17 | 18 | - name: Show BGP config 19 | ios_command: 20 | commands: sh run | s ^router bgp 21 | provider: "{{ cli }}" 22 | register: bgp_cfg 23 | 24 | - name: Debug registered var 25 | debug: var=bgp_cfg.stdout_lines 26 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_include/8_playbook_include_vars_files.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Run cfg commands on router 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | connection: local 7 | 8 | vars_files: 9 | - vars/cisco_bgp_general.yml 10 | 11 | tasks: 12 | 13 | - name: Config BGP 14 | ios_config: 15 | src: templates/bgp.j2 16 | provider: "{{ cli }}" 17 | 18 | - name: Show BGP config 19 | ios_command: 20 | commands: sh run | s ^router bgp 21 | provider: "{{ cli }}" 22 | register: bgp_cfg 23 | 24 | - name: Debug registered var 25 | debug: var=bgp_cfg.stdout_lines 26 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_jinja_filters/8_playbook_filters_regex.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Cfg VPN 4 | hosts: 192.168.100.1,192.168.100.2 5 | gather_facts: false 6 | connection: local 7 | 8 | 9 | vars: 10 | wan_ip_1: 192.168.100.1 11 | wan_ip_2: 192.168.100.2 12 | tun_ip_1: 10.0.1.1 255.255.255.252 13 | tun_ip_2: 10.0.1.2 255.255.255.252 14 | 15 | 16 | tasks: 17 | 18 | - name: Collect facts 19 | ios_facts: 20 | gather_subset: 21 | - "!hardware" 22 | provider: "{{ cli }}" 23 | 24 | - name: Collect current tunnel numbers 25 | set_fact: 26 | tun_num: "{{ ansible_net_config | regex_findall('interface Tunnel(.*)') }}" 27 | 28 | #- debug: var=tun_num 29 | 30 | - name: Generate VPN R1 31 | template: 32 | src: templates/ios_vpn1.txt 33 | dest: configs/result1.txt 34 | when: wan_ip_1 in ansible_net_all_ipv4_addresses 35 | 36 | - name: Generate VPN R2 37 | template: 38 | src: templates/ios_vpn2.txt 39 | dest: configs/result2.txt 40 | when: wan_ip_2 in ansible_net_all_ipv4_addresses 41 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_jinja_filters/8_playbook_filters_to_nice_yaml.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect IOS facts 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | 8 | tasks: 9 | 10 | - name: Facts 11 | ios_facts: 12 | gather_subset: all 13 | provider: "{{ cli }}" 14 | register: ios_facts_result 15 | 16 | - name: Copy facts to files 17 | copy: 18 | content: "{{ ios_facts_result | to_nice_yaml }}" 19 | dest: "all_facts/{{inventory_hostname}}_facts.yml" 20 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/all_roles.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Roles config 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | roles: 8 | - usability 9 | - security 10 | - ospf 11 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts 4 | 5 | remote_user = cisco 6 | ask_pass = True 7 | 8 | library = ./library 9 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/cfg_initial.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Initial config 4 | hosts: cisco-routers 5 | gather_facts: false 6 | connection: local 7 | roles: 8 | - usability 9 | - security 10 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/cfg_ospf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Configure OSPF 4 | hosts: 192.168.100.1 5 | gather_facts: false 6 | connection: local 7 | roles: 8 | - ospf 9 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | cli: 4 | host: "{{ inventory_hostname }}" 5 | username: "cisco" 6 | password: "cisco" 7 | transport: cli 8 | authorize: yes 9 | auth_pass: "cisco" 10 | 11 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/group_vars/cisco-routers.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | log_server: 10.255.100.1 4 | ntp_server: 10.255.100.1 5 | users: 6 | user1: pass1 7 | user2: pass2 8 | user3: pass3 9 | 10 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/group_vars/cisco-switches.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | vlans: 4 | - 10 5 | - 20 6 | - 30 7 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/host_vars/192.168.100.1: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r1 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.1 6 | ospf_ints: 7 | - 192.168.100.1 8 | - 10.0.0.1 9 | - 10.255.1.1 10 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/host_vars/192.168.100.100: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_sw1 4 | mgmnt_int: VLAN100 5 | mgmnt_ip: 10.0.0.100 6 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/host_vars/192.168.100.2: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r2 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.2 6 | ospf_ints: 7 | - 192.168.100.2 8 | - 10.0.0.2 9 | - 10.255.2.2 10 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/host_vars/192.168.100.3: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r3 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.3 6 | ospf_ints: 7 | - 192.168.100.3 8 | - 10.0.0.3 9 | - 10.255.3.3 10 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/myhosts: -------------------------------------------------------------------------------- 1 | [cisco-routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco-switches] 7 | 192.168.100.100 8 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/roles/ospf/handlers/main.yml: -------------------------------------------------------------------------------- 1 | - name: save config 2 | ios_command: 3 | commands: 4 | - write 5 | provider: "{{ cli }}" 6 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/roles/ospf/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Collect facts 4 | ios_facts: 5 | gather_subset: 6 | - "!hardware" 7 | provider: "{{ cli }}" 8 | 9 | - name: Set fact ospf_networks 10 | set_fact: 11 | current_ospf_networks: "{{ ansible_net_config | regex_findall('network (.*) area 0') }}" 12 | 13 | #- name: Show var current_ospf_networks 14 | # debug: var=current_ospf_networks 15 | 16 | - name: Config OSPF 17 | ios_config: 18 | src: ospf.j2 19 | provider: "{{ cli }}" 20 | notify: save config 21 | 22 | 23 | #- name: Write OSPF cfg in variable 24 | # ios_command: 25 | # commands: 26 | # - sh run | s ^router ospf 27 | # provider: "{{ cli }}" 28 | # register: ospf_cfg 29 | # 30 | #- name: Show OSPF cfg 31 | # debug: var=ospf_cfg.stdout_lines 32 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/roles/ospf/templates/ospf.j2: -------------------------------------------------------------------------------- 1 | router ospf 1 2 | router-id {{ mgmnt_ip }} 3 | ispf 4 | auto-cost reference-bandwidth 10000 5 | {% for ip in ansible_net_all_ipv4_addresses %} 6 | network {{ ip }} 0.0.0.0 area 0 7 | {% endfor %} 8 | {% for network in current_ospf_networks %} 9 | {% if network.split()[0] not in ansible_net_all_ipv4_addresses %} 10 | no network {{ network }} area 0 11 | {% endif %} 12 | {% endfor %} 13 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/roles/security/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Global security config 4 | ios_config: 5 | lines: 6 | - service password-encryption 7 | - no ip http server 8 | - no ip http secure-server 9 | provider: "{{ cli }}" 10 | 11 | - name: Configure vty security features 12 | ios_config: 13 | parents: 14 | - line vty 0 4 15 | lines: 16 | - transport input ssh 17 | provider: "{{ cli }}" 18 | -------------------------------------------------------------------------------- /examples/07_playbooks/4_playbook_roles/roles/usability/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Global usability config 4 | ios_config: 5 | lines: 6 | - no ip domain lookup 7 | provider: "{{ cli }}" 8 | 9 | - name: Configure vty usability features 10 | ios_config: 11 | parents: 12 | - line vty 0 4 13 | lines: 14 | - exec-timeout 30 0 15 | - logging synchronous 16 | - history size 100 17 | provider: "{{ cli }}" 18 | -------------------------------------------------------------------------------- /examples/README.md: -------------------------------------------------------------------------------- 1 | ## Примеры из курса 2 | 3 | В этом каталоге находятся скрипты, которые использовались как примеры в курсе. 4 | -------------------------------------------------------------------------------- /examples/old_files_to_check/README_ansible.md: -------------------------------------------------------------------------------- 1 | # Каталоги с playbook 2 | 3 | Playbook разнесены по каталогам, которые соответствуют названиям модулей. 4 | 5 | Для использования примеров playbook скопируйте соответствующие playbook в корневой каталог (где находятся файлы ansible.cfg, myhosts и каталоги с переменными). 6 | 7 | Как вариант, можно скопировать такие файлы и каталоги в каждый из каталогов с playbook: 8 | * myhosts 9 | * ansible.cfg 10 | * host_vars 11 | * group_vars 12 | * templates 13 | -------------------------------------------------------------------------------- /examples/old_files_to_check/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = ./myhosts 4 | 5 | remote_user = cisco 6 | ask_pass = True 7 | -------------------------------------------------------------------------------- /examples/old_files_to_check/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | cli: 4 | host: "{{ inventory_hostname }}" 5 | username: "cisco" 6 | password: "cisco" 7 | transport: cli 8 | authorize: yes 9 | auth_pass: "cisco" 10 | -------------------------------------------------------------------------------- /examples/old_files_to_check/handlers/cisco_save_cfg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: save config 4 | ios_command: 5 | commands: 6 | - write 7 | provider: "{{ cli }}" 8 | -------------------------------------------------------------------------------- /examples/old_files_to_check/host_vars/192.168.100.1: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r1 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.1 6 | ospf_ints: 7 | - 192.168.100.1 8 | - 10.0.0.1 9 | - 10.255.1.1 10 | -------------------------------------------------------------------------------- /examples/old_files_to_check/host_vars/192.168.100.100: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_sw1 4 | mgmnt_int: VLAN100 5 | mgmnt_ip: 10.0.0.100 6 | -------------------------------------------------------------------------------- /examples/old_files_to_check/host_vars/192.168.100.2: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r2 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.2 6 | ospf_ints: 7 | - 192.168.100.2 8 | - 10.0.0.2 9 | - 10.255.2.2 10 | -------------------------------------------------------------------------------- /examples/old_files_to_check/host_vars/192.168.100.3: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | hostname: london_r3 4 | mgmnt_loopback: 100 5 | mgmnt_ip: 10.0.0.3 6 | ospf_ints: 7 | - 192.168.100.3 8 | - 10.0.0.3 9 | - 10.255.3.3 10 | -------------------------------------------------------------------------------- /examples/old_files_to_check/myhosts: -------------------------------------------------------------------------------- 1 | [cisco-routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | [cisco-switches] 7 | 192.168.100.100 8 | -------------------------------------------------------------------------------- /examples/old_files_to_check/tasks/cisco_ospf_cfg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Config ospf 4 | ios_config: 5 | src: templates/ospf.j2 6 | provider: "{{ cli }}" 7 | notify: save config 8 | -------------------------------------------------------------------------------- /examples/old_files_to_check/tasks/cisco_vty_cfg.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Config line vty 4 | ios_config: 5 | parents: 6 | - line vty 0 4 7 | lines: 8 | - exec-timeout 30 0 9 | - login local 10 | - history size 100 11 | - transport input ssh 12 | provider: "{{ cli }}" 13 | notify: save config 14 | -------------------------------------------------------------------------------- /examples/old_files_to_check/tasks/ntc_show.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - ntc_show_command: 4 | connection: ssh 5 | platform: "cisco_ios" 6 | command: "{{ ntc_command }}" 7 | host: "{{ inventory_hostname }}" 8 | username: "cisco" 9 | password: "cisco" 10 | template_dir: "library/ntc-ansible/ntc-templates/templates" 11 | -------------------------------------------------------------------------------- /examples/old_files_to_check/templates/acl_cfg.txt: -------------------------------------------------------------------------------- 1 | ip access-list extended IN_to_OUT 2 | permit tcp 10.0.1.0 0.0.0.255 any eq www 3 | permit tcp 10.0.1.0 0.0.0.255 any eq 22 4 | permit icmp any any 5 | deny ip any any 6 | -------------------------------------------------------------------------------- /examples/old_files_to_check/templates/bgp.j2: -------------------------------------------------------------------------------- 1 | router bgp {{ as }} 2 | network {{ network }} 3 | {% for n in ibgp_neighbors %} 4 | neighbor {{ n }} remote-as {{ as }} 5 | neighbor {{ n }} update-source {{ update_source_int }} 6 | {% endfor %} 7 | {% for extn in ebgp_neighbors %} 8 | neighbor {{ extn.ip }} remote-as {{ extn.as }} 9 | neighbor {{ extn.ip }} ttl-security hops {{ ttl_security_hops }} 10 | {% if send_community == true %} 11 | neighbor {{ extn.ip }} send-community 12 | {% endif %} 13 | {% endfor %} 14 | -------------------------------------------------------------------------------- /examples/old_files_to_check/templates/ospf.j2: -------------------------------------------------------------------------------- 1 | router ospf 1 2 | router-id {{ mgmnt_ip }} 3 | ispf 4 | auto-cost reference-bandwidth 10000 5 | {% for ip in ospf_ints %} 6 | network {{ ip }} 0.0.0.0 area 0 7 | {% endfor %} 8 | -------------------------------------------------------------------------------- /examples/old_files_to_check/vars/cisco_bgp_general.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | as: 65000 4 | network: 120.0.0.0 mask 255.255.252.0 5 | ttl_security_hops: 3 6 | send_community: true 7 | update_source_int: Loopback0 8 | ibgp_neighbors: 9 | - 10.0.0.1 10 | - 10.0.0.2 11 | - 10.0.0.3 12 | - 10.0.0.4 13 | ebgp_neighbors: 14 | - ip: 15.0.0.5 15 | as: 500 16 | - ip: 26.0.0.6 17 | as: 600 18 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/all_facts/192.168.100.1_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.101.1 7 | subnet: '24' 8 | - address: 192.168.102.1 9 | subnet: '24' 10 | - address: 192.168.100.1 11 | subnet: '24' 12 | lineprotocol: up 13 | macaddress: aabb.cc00.6500 14 | mediatype: null 15 | mtu: 1500 16 | operstatus: up 17 | type: AmdP2 18 | Ethernet0/1: 19 | bandwidth: 10000 20 | description: null 21 | duplex: null 22 | ipv4: 23 | - address: 192.168.200.1 24 | subnet: '24' 25 | lineprotocol: up 26 | macaddress: 0203.e800.6510 27 | mediatype: null 28 | mtu: 1500 29 | operstatus: up 30 | type: AmdP2 31 | Ethernet0/2: 32 | bandwidth: 10000 33 | description: null 34 | duplex: null 35 | ipv4: [] 36 | lineprotocol: up 37 | macaddress: aabb.cc00.6520 38 | mediatype: null 39 | mtu: 1500 40 | operstatus: up 41 | type: AmdP2 42 | Ethernet0/3: 43 | bandwidth: 10000 44 | description: null 45 | duplex: null 46 | ipv4: 47 | - address: 192.168.130.1 48 | subnet: '24' 49 | lineprotocol: up 50 | macaddress: aabb.cc00.6530 51 | mediatype: null 52 | mtu: 1500 53 | operstatus: up 54 | type: AmdP2 55 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/all_facts/192.168.100.2_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.100.2 7 | subnet: '24' 8 | lineprotocol: up 9 | macaddress: aabb.cc00.6600 10 | mediatype: null 11 | mtu: 1500 12 | operstatus: up 13 | type: AmdP2 14 | Ethernet0/1: 15 | bandwidth: 10000 16 | description: null 17 | duplex: null 18 | ipv4: [] 19 | lineprotocol: up 20 | macaddress: aabb.cc00.6610 21 | mediatype: null 22 | mtu: 1500 23 | operstatus: up 24 | type: AmdP2 25 | Ethernet0/2: 26 | bandwidth: 10000 27 | description: null 28 | duplex: null 29 | ipv4: [] 30 | lineprotocol: down 31 | macaddress: aabb.cc00.6620 32 | mediatype: null 33 | mtu: 1500 34 | operstatus: administratively down 35 | type: AmdP2 36 | Ethernet0/3: 37 | bandwidth: 10000 38 | description: null 39 | duplex: null 40 | ipv4: [] 41 | lineprotocol: down 42 | macaddress: aabb.cc00.6630 43 | mediatype: null 44 | mtu: 1500 45 | operstatus: administratively down 46 | type: AmdP2 47 | Loopback0: 48 | bandwidth: 8000000 49 | description: null 50 | duplex: null 51 | ipv4: 52 | - address: 10.2.2.2 53 | subnet: '24' 54 | lineprotocol: up 55 | macaddress: null 56 | mediatype: null 57 | mtu: 1514 58 | operstatus: up 59 | type: null 60 | Loopback100: 61 | bandwidth: 8000000 62 | description: null 63 | duplex: null 64 | ipv4: 65 | - address: 10.100.100.2 66 | subnet: '24' 67 | lineprotocol: up 68 | macaddress: null 69 | mediatype: null 70 | mtu: 1514 71 | operstatus: up 72 | type: null 73 | Loopback19: 74 | bandwidth: 8000000 75 | description: null 76 | duplex: null 77 | ipv4: [] 78 | lineprotocol: up 79 | macaddress: null 80 | mediatype: null 81 | mtu: 1514 82 | operstatus: up 83 | type: null 84 | Loopback9: 85 | bandwidth: 8000000 86 | description: null 87 | duplex: null 88 | ipv4: [] 89 | lineprotocol: up 90 | macaddress: null 91 | mediatype: null 92 | mtu: 1514 93 | operstatus: up 94 | type: null 95 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/all_facts/192.168.100.3_intf_facts.yaml: -------------------------------------------------------------------------------- 1 | Ethernet0/0: 2 | bandwidth: 10000 3 | description: null 4 | duplex: null 5 | ipv4: 6 | - address: 192.168.100.3 7 | subnet: '24' 8 | lineprotocol: up 9 | macaddress: aabb.cc00.6700 10 | mediatype: null 11 | mtu: 1500 12 | operstatus: up 13 | type: AmdP2 14 | Ethernet0/1: 15 | bandwidth: 10000 16 | description: null 17 | duplex: null 18 | ipv4: [] 19 | lineprotocol: up 20 | macaddress: aabb.cc00.6710 21 | mediatype: null 22 | mtu: 1500 23 | operstatus: up 24 | type: AmdP2 25 | Ethernet0/2: 26 | bandwidth: 10000 27 | description: null 28 | duplex: null 29 | ipv4: [] 30 | lineprotocol: down 31 | macaddress: aabb.cc00.6720 32 | mediatype: null 33 | mtu: 1500 34 | operstatus: administratively down 35 | type: AmdP2 36 | Ethernet0/3: 37 | bandwidth: 10000 38 | description: null 39 | duplex: null 40 | ipv4: [] 41 | lineprotocol: down 42 | macaddress: aabb.cc00.6730 43 | mediatype: null 44 | mtu: 1500 45 | operstatus: administratively down 46 | type: AmdP2 47 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | 3 | inventory = myhosts.ini 4 | interpreter_python = /home/vagrant/venv/pyneng-py3-7/bin/python 5 | gathering = explicit 6 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/group_vars/all.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | ansible_connection: network_cli 4 | ansible_network_os: ios 5 | ansible_user: cisco 6 | ansible_password: cisco 7 | ansible_become: yes 8 | ansible_become_method: enable 9 | ansible_become_pass: cisco 10 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/host_vars/192.168.100.1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | outside_intf: Ethernet0/3 4 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/myhosts.ini: -------------------------------------------------------------------------------- 1 | [cisco_routers] 2 | 192.168.100.1 3 | 192.168.100.2 4 | 192.168.100.3 5 | 6 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_1.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.1 2 | 3 | Создайте playbook task_3_1.yml, который выполняет такие задачи: 4 | * подключается к маршрутизаторам и выполняет команду sh arp 5 | * результат записывает в переменную sh_arp_output 6 | * отображает содержимое переменной sh_arp_output 7 | 8 | Проверьте работу playbook на маршрутизаторах. 9 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_1a.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.1a 2 | 3 | Создайте playbook task_3_1a.yml, который выполняет такие задачи: 4 | * подключается к маршрутизаторам и выполняет команду sh arp 5 | * результат записывает в переменную sh_arp_output 6 | * отображает результат выполнения команды, в виде списка строк, где каждая строка это одна строка вывода команды 7 | 8 | Проверьте работу playbook на маршрутизаторах. 9 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_1b.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.1b 2 | 3 | Создайте playbook task_3_1b.yml, который выполняет такие задачи: 4 | * подключается к маршрутизаторам и выполняет команды sh arp и sh ip int br 5 | * обе команды должны выполняться в одной задаче 6 | * результат записывает в переменную result 7 | * вторая задача отображает результат выполнения команд 8 | 9 | Проверьте работу playbook на маршрутизаторах. 10 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_1c.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.1c 2 | 3 | Создайте playbook task_3_1c.yml, который выполняет такие задачи: 4 | * подключается к маршрутизаторам и выполняет команды sh arp и sh ip int br 5 | * обе команды должны выполняться в одной задаче 6 | * результат записывает в переменную result 7 | * вторая задача отображает результат выполнения команды sh arp 8 | * третяя задача отображает результат выполнения команды sh ip int br 9 | 10 | Вторая и третяя задачи должны отображать вывод команды в виде списка строк. 11 | 12 | Проверьте работу playbook на маршрутизаторах. 13 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_2.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.2 2 | 3 | Создайте playbook task_3_2.yml, который выполняет такие задачи: 4 | * собирает все факты с маршрутизаторов 5 | * результат нельзя записывать в переменную 6 | * отображает содержимое факта об интерфейсах 7 | (в факте находится словарь с интерфейсами и их параметрами) 8 | 9 | Проверьте работу playbook на маршрутизаторах. 10 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_2a.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.2a 2 | 3 | Создайте playbook task_3_2a.yml, который выполняет такие задачи: 4 | * собирает все факты с маршрутизаторов 5 | * результат нельзя записывать в переменную 6 | * записывает содержимое факта об интерфейсах в файл в каталог all_facts: 7 | * имя файла должно быть такого вида: hostname_intf_facts.yaml 8 | * hostname - это имя текущего устройства, для которого собираются факты 9 | * файл должен быть в формате YAML, в виде, который удобней для чтения человеком 10 | 11 | 12 | Проверьте работу playbook на маршрутизаторах. 13 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_2b.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.2b 2 | 3 | Создайте playbook task_3_2b.yml, который выполняет такие задачи: 4 | * собирает все факты с маршрутизаторов 5 | * результат не записывать в переменную 6 | * выполняет команду sh ipv6 int br 7 | * вывод команды записывает в переменную show_result 8 | * отображает содержимое переменной show_result, но только в том случае, когда факт, в котором содержатся IPv6 адреса в виде списка, не пустой 9 | 10 | 11 | Проверьте работу playbook на маршрутизаторах. 12 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_3.md: -------------------------------------------------------------------------------- 1 | ### Задание 24.4 2 | 3 | Создайте playbook task_24_4.yml, который выполняет такие задачи: 4 | * создает ACL INET-to-LAN и применяет его к интерфейсу Ethernet0/3 для входящего трафика 5 | (какой именно интерфейс не принципиально) 6 | 7 | При этом, подразумевается, что настройка ACL выполняется только с помощью Playbook. 8 | Поэтому, в ACL должны быть только те строки, которые указаны в задаче playbook. 9 | 10 | Задача должна выполнять такие действия: 11 | * удалить ACL с интерфейса 12 | * удалить ACL 13 | * создать ACL и настроить правила ACL 14 | * применить ACL к интерфейсу 15 | 16 | ACL должен быть таким: 17 | ``` 18 | ip access-list extended INET-to-LAN 19 | permit tcp 10.0.1.0 0.0.0.255 any eq www 20 | permit tcp 10.0.1.0 0.0.0.255 any eq 22 21 | permit icmp any any 22 | ``` 23 | 24 | Проверьте работу playbook на маршрутизаторе R1. 25 | 26 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_3a.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.4a 2 | 3 | Проверьте работу playbook из задания 3.4, в ситуации, 4 | когда в ACL добавлена ещё одна строка. 5 | 6 | Если, после добавления строки в задаче и выполнения playbook, 7 | ACL на маршрутизаторе выглядит так же, как описано в playbook, 8 | значит задание выполнено. 9 | 10 | Если нет, исправьте соответственно задачу. 11 | 12 | Добавьте, например, такую строку в ACL: 13 | permit tcp 10.0.1.0 0.0.0.255 any eq telnet 14 | 15 | 16 | Проверьте работу playbook на маршрутизаторе R1. 17 | 18 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_3b.md: -------------------------------------------------------------------------------- 1 | ### Задание 3.4b 2 | 3 | Добавьте в playbook из задания 3.4a ещё одну задачу: 4 | * она должна отображать, какие команды были отправлены на оборудование, в первой задаче 5 | * команды должны отображаться только в том случае, если были выполнены изменения 6 | * если нужно, можно изменять и первую задачу 7 | 8 | 9 | Проверьте работу playbook на маршрутизаторе R1. 10 | 11 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_3c.md: -------------------------------------------------------------------------------- 1 | ### Задание 24.4c 2 | 3 | 4 | Измените playbook из задания 24.4b таким образом, 5 | чтобы имя интерфейса, который указывается в задаче, 6 | указывалось как переменная outside_intf. 7 | 8 | Создайте переменную для маршрутизатора R1, 9 | в соответствующем файле каталога host_vars. 10 | 11 | 12 | Проверьте работу playbook на маршрутизаторе R1. 13 | 14 | -------------------------------------------------------------------------------- /exercises/03_network_os_modules/task_3_3d.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/natenka/ansible-example-exercises/77ae0214bd0c0e099f5c6be00fda1df630123520/exercises/03_network_os_modules/task_3_3d.md --------------------------------------------------------------------------------