Ansible

Ansible modules for working with network devices

In this post, we will look at CLI modules that work with network devices.

Globally, modules for working with network equipment can be divided into two parts:

  • modules for API-enabled equipment
  • modules for equipment that only works via CLI

For CLI-only hardware, Ansible supports these three types of modules:

  • os_command – execute show commands
  • os_facts – Gathers facts about devices
  • os_config – execute configuration commands

Accordingly, for different operating systems, there will be different modules. For example, for Cisco IOS, the modules would be named:

  • ios_command
  • ios_config
  • ios_facts

Similar three modules are available for these operating systems:

  • IOS
  • IOS XR
  • JUNOS
  • SR OS
  • VyOS

Please note that Ansible is very actively developing towards support for working with network equipment, and in the next version of Ansible, there may be additional modules.

Features of connecting to network equipment

When working with network equipment, there are several parameters in the playbook that need to be changed:

  • gather_facts – must be disabled, since network equipment uses its own fact collection modules
  • connection – controls how exactly the connection will occur. For network equipment must be set to network_cli

Example:

---
- name: Run show commands on routers
  hosts: cisco-routers
  gather_facts: false
  connection: network_cli

Modules that are used to work with network equipment require several arguments.

In file group_vars/all.yml:

ansible_connection: network_cli
ansible_network_os: ios
ansible_user: cisco
ansible_password: cisco
ansible_become: yes
ansible_become_method: enable
ansible_become_pass: cisco1

ansible_connection – type of connection

ansible_network_os – configures the device platform network operating system

ansible_user – the username used to authenticate to the remote device when the SSH connection is first established.

ansible_password – configures the user password used to authenticate to the remote device

ansible_become – the become option will instruct the CLI session to attempt privilege escalation on

ansible_become_method – this option allows the become method to be specified in for handling privilege escalation.

ansible_become_pass – this option allows the privilege escalation password used to authenticate

Leave a Reply

Your email address will not be published. Required fields are marked *