Ansible is an agentless automation tool, which allow dramatically reduce the time required for configuring our networks systems. We can automate many of our daily tasks and even dynamically manage of our configuration what we call orchestration.
Let’s start
After installation ansible on Linux:
- Finding ansible.cfg file:
ansible@virtualbox:~$ ansible --version ansible [core 2.14.5] config file = /home/ansible/ansible.cfg configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3/dist-packages/ansible ansible collection location = /home/ansible/.ansible/collections:/usr/share/ansible/collections executable location = /usr/bin/ansible python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3) jinja version = 3.0.3 libyaml = True
2. Finding path to “inventory”:
ansible@virtualbox:~$ cat /home/ansible/ansible.cfg | grep 'inventory' # For some uses you can also look into custom vars_plugins to merge on input, even substituting the default ``host_group_vars`` that is in charge of parsing the ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are only interested in inventory scope, but the setting itself affects all sources and makes debugging even harder. # (pathlist) Comma separated list of Ansible inventory sources ;inventory=/etc/ansible/hosts ;inventory_plugins={{ ANSIBLE_HOME ~ "/plugins/inventory:/usr/share/ansible/plugins/inventory" }}
3. Adding addresses IP of nodes in “inventory” file:
ansible@virtualbox:~$ cat /etc/ansible/hosts
# This is the default ansible 'hosts' file.
#
# It should live in /etc/ansible/hosts
#
# - Comments begin with the '#' character
# - Blank lines are ignored
# - Groups of hosts are delimited by [header] elements
# - You can enter hostnames or ip addresses
# - A hostname/ip can be a member of multiple groups
# Ex 1: Ungrouped hosts, specify before any group headers:
[all:vars]
ansible_ssh_pass=cisco
ansible_network_os=ios
ansible_connection=network_cli
[test]
localhost ansible_connection=local
[router]
10.0.0.1
10.0.0.2
10.0.0.10
4. Checking connection with nodes:
ansible@virtualbox:~$ ansible all -m ping localhost | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "ping": "pong" } [WARNING]: ansible-pylibssh not installed, falling back to paramiko [WARNING]: ansible-pylibssh not installed, falling back to paramiko [WARNING]: ansible-pylibssh not installed, falling back to paramiko 10.0.0.2 | SUCCESS => { "changed": false, "ping": "pong" } 10.0.0.1 | SUCCESS => { "changed": false, "ping": "pong" } 10.0.0.10 | SUCCESS => { "changed": false, "ping": "pong" }
Configuring SSH connection between Ubuntu and routers which launched in GNS3
- Software version of my virtual machines
In my case I’m using Ubuntu 22.04 LTS:
Linux virtualbox 6.2.0-32-generic #32~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 18 10:40:13 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
and Cisco IOS C3745-ADVIPSERVICESK9-M:
Cisco IOS Software, 3700 Software (C3745-ADVIPSERVICESK9-M), Version 12.4(25d), RELEASE SOFTWARE (fc1) IMAGE in GNS3: c3745-adventerprisek9-mz.SW.image
2. SSH configuration on Ubuntu:
ansible@virtualbox:~/.ssh$ pwd /home/ansible/.ssh #"ansible" here is my user on Ubuntu ansible@virtualbox:~/.ssh$ cat config #Host 10.0.0.10 # KexAlgorithms +diffie-hellman-group1-sha1 Host 10.0.0.10 User cisco PubkeyAcceptedAlgorithms +ssh-rsa HostkeyAlgorithms +ssh-rsa SendEnv LANG LC_* Ciphers +aes256-cbc KexAlgorithms +diffie-hellman-group1-sha1 Host 10.0.0.1 User cisco PubkeyAcceptedAlgorithms +ssh-rsa HostkeyAlgorithms +ssh-rsa SendEnv LANG LC_* Ciphers +aes256-cbc KexAlgorithms +diffie-hellman-group1-sha1 Host 10.0.0.2 User cisco PubkeyAcceptedAlgorithms +ssh-rsa HostkeyAlgorithms +ssh-rsa SendEnv LANG LC_* Ciphers +aes256-cbc KexAlgorithms +diffie-hellman-group1-sha1
3. SSH configuration of routers:
username cisco privilege 15 secret 5 $1$6ATn$K//vtl9HPK8wx3bq7PnvB. ! ip ssh version 2 ! line vty 0 4 login local transport input ssh ! !