Book Image

Network Automation Cookbook

By : Karim Okasha
Book Image

Network Automation Cookbook

By: Karim Okasha

Overview of this book

Network Automation Cookbook is designed to help system administrators, network engineers, and infrastructure automation engineers to centrally manage switches, routers, and other devices in their organization's network. This book will help you gain hands-on experience in automating enterprise networks and take you through core network automation techniques using the latest version of Ansible and Python. With the help of practical recipes, you'll learn how to build a network infrastructure that can be easily managed and updated as it scales through a large number of devices. You'll also cover topics related to security automation and get to grips with essential techniques to maintain network robustness. As you make progress, the book will show you how to automate networks on public cloud providers such as AWS, Google Cloud Platform, and Azure. Finally, you will get up and running with Ansible 2.9 and discover troubleshooting techniques and network automation best practices. By the end of this book, you'll be able to use Ansible to automate modern network devices and integrate third-party tools such as NAPALM, NetBox, and Batfish easily to build robust network automation solutions.
Table of Contents (15 chapters)

Configuring OSPF on IOS devices

In this recipe, we will outline how to configure OSPF on Cisco IOS devices with Ansible. Using our sample network topology, we will set up OSPF between core switches and WAN routers, as well as advertising the SVI interface via OSPF.

Getting ready

This recipe assumes that all the interfaces are already configured with the correct IP addresses and are following the same procedures outlined in previous recipes.

How to do it...

  1. Update the group_vars/core.yml file with the following data to define core links between core switches and WAN routers:
- name: Ethernet1/0
description: wan01_Gi2
ospf: yes
ospf_metric: 100
peer: wan01
- name: Ethernet1/0
description: wan02_Gi2
ospf: yes
ospf_metric: 200
peer: wan02
  1. Update the pb_build_network.yml playbook with the following tasks to set up OSPF:
- name: "PLAY 2: Configure Core Switches"
hosts: core
tags: l3_core
< -------- Snippet -------- >
- name: "P2T9: Configure OSPF On Interfaces"
parents: interface {{ }}
- ip ospf {{ ospf_process }} area {{ ospf_area }}
- ip ospf network point-to-point
- ip ospf cost {{item.ospf_metric | default(ospf_metric)}}
loop: "{{ (svi_interfaces + core_l3_links[inventory_hostname]) | selectattr('ospf') | list }}"
- name: "P2T10: Configure OSPF Passive Interfaces"
parents: router ospf {{ ospf_process }}
lines: passive-interface {{}}
loop: "{{ (svi_interfaces + core_l3_links[inventory_hostname]) | selectattr('ospf','equalto','passive') | list }}"

How it works...

We created another dictionary data structure in the core.yml file that describes the L3 links between the core switches and the WAN routers. We specified whether they will run OSPF and what the OSPF metric is on these links.

Currently, Ansible doesn't provide a declarative module to manage OSPF configuration on IOS-based devices. Therefore, we need to push the required configuration using the ios_config module. We created two separate tasks using ios_config in order to push the OSPF-related configuration on each device. In the first task, we configured the interface-related parameters under each interface, and we looped over both the svi_interface and core_l3_interfaces data structures to enable OSPF on all the OSPF-enabled interfaces. We used the Jinja2 selectattr filter to select all the interfaces that have the OSPF attribute set to yes/true.

In the last task, we applied the passive interface configuration to all the interfaces that have the passive flag enabled on them. We used the Jinja2 selectattr filter to select only those interfaces with the passive parameter set to yes/true.