[構成]
[前提]
・VIRLのセットアップが完了していること
・Ansibleをインストールしたサーバがあること
1.VIRL Maestroでルータ3台をセットアップ
①Maestroを使ってルータ3台を適当に配置&結線
→筆者はOpenVirlにあった固定構成[ICND1-100-101_VLANS.virl]を利用
https://github.com/VIRL-Open/virl-bootstrap
②Topologyタブをクリック
③Management Networkで「Shared flat network」を選択
→INET(172.16.1.0/24)からアクセスを許可するため。以下サイト参考。
http://automation.ipspace.net/Example:Using_Ansible_Playbooks_with_Cisco_VIRL
④ルータのアイコンを選択
⑤Nodeタブをクリック
⑥Management Interface static IPv4 addressに「172.16.1.11」
※残りのルータも④~⑥の作業を繰り返して管理アドレスを割り振る
上記が全て完了したら「Launch Simulation」ボタンを押下
2.ルータ3台にSSHアクセス用の設定を投入
username cisco password 0 cisco
ip domain-name cisco.com
crypto key generate rsa
yes
1024
ip ssh version 2
snmp-server community cisco RW
snmp-server community cisco RO
line vty 0 4
login local
3.AnsibleでVIRLのCisco機器に疎通できるか確認
ansible 172.16.1.xx -m ping -c local
(実行結果)
※「 -c local」を入れないとCisco機器にSSHアクセスできないようです。
4.Ansibleで実行させるインベントリファイルとプレイブックを作成
▼インベントリファイル:hosts.txt
SSH設定したユーザID・パスワードのクレデンシャル情報および対象機器のIPアドレスを記入
[cisco:vars]
ssh_user=cisco
ssh_pass=cisco
enable_pass=cisco
[cisco]
172.16.1.11
172.16.1.12
172.16.1.13
▼プレイブック:playbook.yml
実行内容は172.16.1.11~13のルータでshow versionをたたいてdebugで表示させるというもの
---
- hosts: cisco
gather_facts: no
connection: local
tasks:
- name: show version
ios_command:
provider: "{{ cli }}"
commands:
- show version
register: result
changed_when: False
- debug: var=result.stdout_lines # stdout => stdout_lines
when: result | success
vars:
cli:
host: "{{ inventory_hostname }}"
username: "{{ ssh_user }}"
password: "{{ ssh_pass }}"
authorize: true
auth_pass: "{{ enable_pass }}"
5.Ansible-playbook実行
$ ansible-playbook -i hosts.txt playbook.yml
(実行結果)
PLAY [cisco] *******************************************************************
TASK [show version] ************************************************************
ok: [172.16.1.11]
ok: [172.16.1.13]
ok: [172.16.1.12]
TASK [debug] *******************************************************************
ok: [172.16.1.12] => {
"result.stdout_lines": [
[
"Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.6(2)T, RELEASE SOFTWARE (fc2)",
"Technical Support: http://www.********.com/techsupport",
"Copyright (c) 1986-2016 by Cisco Systems, Inc.",
"Compiled Tue 22-Mar-16 16:19 by prod_rel_team",
"",
"",
"ROM: Bootstrap program is IOSv",
"",
"R2 uptime is 22 hours, 2 minutes",
"System returned to ROM by reload",
"System image file is \"flash0:/vios-adventerprisek9-m\"",
"Last reload reason: Unknown reason",
"",
"",
"",
"This product contains cryptographic features and is subject to United",
"States and local country laws governing import, export, transfer and",
"use. Delivery of Cisco cryptographic products does not imply",
"third-party authority to import, export, distribute or use encryption.",
"Importers, exporters, distributors and users are responsible for",
"compliance with U.S. and local country laws. By using this product you",
"agree to comply with applicable laws and regulations. If you are unable",
"to comply with U.S. and local laws, return this product immediately.",
"",
"A summary of U.S. laws governing Cisco cryptographic products may be found at:",
"http://www.********.com/wwl/export/crypto/tool/stqrg.html",
"",
"If you require further assistance please contact us by sending email to",
"export@********.com.",
"",
"Cisco IOSv (revision 1.0) with with 472321K/50176K bytes of memory.",
"Processor board ID 9LS4BIUCFZWH0F8SWIW50",
"3 Gigabit Ethernet interfaces",
"DRAM configuration is 72 bits wide with parity disabled.",
"256K bytes of non-volatile configuration memory.",
"2097152K bytes of ATA System CompactFlash 0 (Read/Write)",
"0K bytes of ATA CompactFlash 1 (Read/Write)",
"0K bytes of ATA CompactFlash 2 (Read/Write)",
"10080K bytes of ATA CompactFlash 3 (Read/Write)",
"",
"",
"",
"Configuration register is 0x0",
""
]
]
}
ok: [172.16.1.11] => {
"result.stdout_lines": [
[
"Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.6(2)T, RELEASE SOFTWARE (fc2)",
"Technical Support: http://www.********.com/techsupport",
"Copyright (c) 1986-2016 by Cisco Systems, Inc.",
"Compiled Tue 22-Mar-16 16:19 by prod_rel_team",
"",
"",
"ROM: Bootstrap program is IOSv",
"",
"R1 uptime is 22 hours, 4 minutes",
"System returned to ROM by reload",
"System image file is \"flash0:/vios-adventerprisek9-m\"",
"Last reload reason: Unknown reason",
"",
"",
"",
"This product contains cryptographic features and is subject to United",
"States and local country laws governing import, export, transfer and",
"use. Delivery of Cisco cryptographic products does not imply",
"third-party authority to import, export, distribute or use encryption.",
"Importers, exporters, distributors and users are responsible for",
"compliance with U.S. and local country laws. By using this product you",
"agree to comply with applicable laws and regulations. If you are unable",
"to comply with U.S. and local laws, return this product immediately.",
"",
"A summary of U.S. laws governing Cisco cryptographic products may be found at:",
"http://www.********.com/wwl/export/crypto/tool/stqrg.html",
"",
"If you require further assistance please contact us by sending email to",
"export@********.com.",
"",
"Cisco IOSv (revision 1.0) with with 472321K/50176K bytes of memory.",
"Processor board ID 9G4Y4EE52MF1CXFFWBF96",
"3 Gigabit Ethernet interfaces",
"DRAM configuration is 72 bits wide with parity disabled.",
"256K bytes of non-volatile configuration memory.",
"2097152K bytes of ATA System CompactFlash 0 (Read/Write)",
"0K bytes of ATA CompactFlash 1 (Read/Write)",
"0K bytes of ATA CompactFlash 2 (Read/Write)",
"10080K bytes of ATA CompactFlash 3 (Read/Write)",
"",
"",
"",
"Configuration register is 0x0",
""
]
]
}
ok: [172.16.1.13] => {
"result.stdout_lines": [
[
"Cisco IOS Software, IOSv Software (VIOS-ADVENTERPRISEK9-M), Version 15.6(2)T, RELEASE SOFTWARE (fc2)",
"Technical Support: http://www.********.com/techsupport",
"Copyright (c) 1986-2016 by Cisco Systems, Inc.",
"Compiled Tue 22-Mar-16 16:19 by prod_rel_team",
"",
"",
"ROM: Bootstrap program is IOSv",
"",
"R3 uptime is 22 hours, 2 minutes",
"System returned to ROM by reload",
"System image file is \"flash0:/vios-adventerprisek9-m\"",
"Last reload reason: Unknown reason",
"",
"",
"",
"This product contains cryptographic features and is subject to United",
"States and local country laws governing import, export, transfer and",
"use. Delivery of Cisco cryptographic products does not imply",
"third-party authority to import, export, distribute or use encryption.",
"Importers, exporters, distributors and users are responsible for",
"compliance with U.S. and local country laws. By using this product you",
"agree to comply with applicable laws and regulations. If you are unable",
"to comply with U.S. and local laws, return this product immediately.",
"",
"A summary of U.S. laws governing Cisco cryptographic products may be found at:",
"http://www.********.com/wwl/export/crypto/tool/stqrg.html",
"",
"If you require further assistance please contact us by sending email to",
"export@********.com.",
"",
"Cisco IOSv (revision 1.0) with with 460033K/62464K bytes of memory.",
"Processor board ID 99PDC6IES7EE37EVBA3RN",
"4 Gigabit Ethernet interfaces",
"DRAM configuration is 72 bits wide with parity disabled.",
"256K bytes of non-volatile configuration memory.",
"2097152K bytes of ATA System CompactFlash 0 (Read/Write)",
"0K bytes of ATA CompactFlash 1 (Read/Write)",
"0K bytes of ATA CompactFlash 2 (Read/Write)",
"10080K bytes of ATA CompactFlash 3 (Read/Write)",
"",
"",
"",
"Configuration register is 0x0",
""
]
]
}
PLAY RECAP *********************************************************************
172.16.1.11 : ok=2 changed=0 unreachable=0 failed=0
172.16.1.12 : ok=2 changed=0 unreachable=0 failed=0
172.16.1.13 : ok=2 changed=0 unreachable=0 failed=0