From 34d78526da40df97d580cabe78f7a4b617084840 Mon Sep 17 00:00:00 2001 From: Sean Sawtell Date: Thu, 23 Aug 2018 11:17:56 -0700 Subject: [PATCH] updated files for AJA 2nd edition --- .../Automating_Junos_with_Ansible/README.md | 14 +- .../chapter_10/ansible.cfg | 1 - .../chapter_10/base-settings-3.yaml | 69 +++--- .../chapter_10/get-device-facts-1.yaml | 8 +- .../chapter_10/get-device-facts-2.yaml | 37 +--- .../chapter_10/get-device-facts-3.yaml | 75 ++----- .../chapter_10/get-device-facts-4.yaml | 38 ++++ .../chapter_10/get-device-facts-5.yaml | 60 ++++++ .../chapter_10/get-device-facts-6.yaml | 67 ++++++ .../chapter_10/group_vars/boston.yaml | 6 +- .../chapter_10/group_vars/sf.yaml | 6 +- .../chapter_10/host_vars/aragorn.yaml | 10 + .../chapter_10/host_vars/bilbo.yaml | 13 +- .../chapter_10/host_vars/vsrx1.yaml | 9 - .../chapter_10/inventory3 | 2 +- .../chapter_10/template/base-settings-3.j2 | 26 +-- .../chapter_10/template/device-facts-2a.j2 | 1 - .../chapter_10/template/device-facts-2b.j2 | 4 - .../chapter_10/template/device-facts-2c.j2 | 2 - .../chapter_10/template/device-facts-2d.j2 | 27 --- .../chapter_10/template/device-facts-2e.j2 | 7 - .../chapter_10/template/device-facts-2f.j2 | 7 - .../chapter_10/template/device-facts-3.j2 | 7 - .../chapter_10/template/device-facts-4a.j2 | 1 + .../chapter_10/template/device-facts-4b.j2 | 3 + .../chapter_10/template/device-facts-4c.j2 | 18 ++ .../chapter_10/template/device-facts-5.j2 | 6 + .../chapter_11/ansible.cfg | 4 - .../chapter_11/base-settings-4.yaml | 63 +++--- .../chapter_11/group_vars/_all_/vars.yaml | 2 +- .../chapter_11/group_vars/_all_/vault.yaml | 16 +- .../chapter_11/group_vars/boston.yaml | 6 +- .../chapter_11/group_vars/sf.yaml | 6 +- .../chapter_11/host_vars/aragorn.yaml | 10 + .../chapter_11/host_vars/bilbo.yaml | 13 +- .../chapter_11/host_vars/vsrx1.yaml | 9 - .../chapter_11/inventory3 | 2 +- .../chapter_11/template/base-settings-4.j2 | 26 +-- .../chapter_11/vault1.yml | 10 +- .../chapter_11/vault2.yml | 12 +- .../chapter_12/all-settings.yaml | 7 +- .../chapter_12/ansible.cfg | 1 - .../chapter_12/group_vars/all/vars.yaml | 2 +- .../chapter_12/group_vars/all/vault.yaml | 4 +- .../chapter_12/group_vars/boston.yaml | 6 +- .../chapter_12/group_vars/sf.yaml | 6 +- .../chapter_12/host_vars/aragorn.yaml | 10 + .../chapter_12/host_vars/bilbo.yaml | 13 +- .../chapter_12/host_vars/vsrx1.yaml | 9 - .../chapter_12/inventory3 | 2 +- .../config_setup_commit/handlers/main.yml | 19 +- .../roles/config_setup_commit/vars/main.yml | 7 +- .../roles/snmp/templates/community_fw.j2 | 3 +- .../roles/snmp/templates/community_sw.j2 | 3 +- .../chapter_12/roles/snmp/templates/snmp.j2 | 7 +- .../roles/system/templates/system.j2 | 21 +- .../chapter_12/snmp-settings-1.yaml | 24 ++- .../chapter_12/snmp-settings-2.yaml | 2 +- .../chapter_12/system-settings.yaml | 7 +- .../chapter_13/ansible.cfg | 1 - .../chapter_13/bilbo-lldp.xml | 26 --- .../chapter_13/get-lldp-interface-1.yaml | 27 ++- .../chapter_13/get-lldp-interface-2.yaml | 32 +-- .../chapter_13/get-lldp-interface-3.yaml | 37 ++-- .../chapter_13/get-lldp-list-1.yaml | 35 +-- .../chapter_13/get-lldp-list-2.yaml | 24 +-- .../chapter_13/get-version-core.yaml | 21 -- .../chapter_13/get-version-galaxy.yaml | 24 --- .../chapter_13/get-version-ignore.yaml | 25 --- .../chapter_13/get-version.yaml | 29 +++ .../chapter_13/group_vars/all/vars.yaml | 2 +- .../chapter_13/group_vars/all/vault.yaml | 4 +- .../chapter_13/group_vars/boston.yaml | 6 +- .../chapter_13/group_vars/sf.yaml | 6 +- .../chapter_13/host_vars/aragorn.yaml | 10 + .../chapter_13/host_vars/bilbo.yaml | 13 +- .../chapter_13/host_vars/vsrx1.yaml | 9 - .../chapter_13/inventory3 | 2 +- .../chapter_13/test-loop.yaml | 28 +++ .../chapter_13/test-xml.yaml | 20 -- .../chapter_13/tmp/bilbo-lldp.xml | 19 -- .../chapter_13/tmp/vsrx1-lldp.xml | 3 - .../chapter_14/ansible.cfg | 1 - .../chapter_14/base-settings-5.yaml | 67 ++++++ .../chapter_14/classes/junos_commits.py | 118 ---------- .../classes/max_ssh_connections_2.py | 161 ++++++++++++++ .../chapter_14/get-commit-history-2.yaml | 18 -- .../chapter_14/get-commit-history.yaml | 18 -- .../get-config-with-commit-alternate.yaml | 65 ------ .../chapter_14/get-config-with-commits.yaml | 57 ----- .../chapter_14/get-max-ssh-2.yaml | 18 ++ .../chapter_14/get-max-ssh.yaml | 18 ++ .../chapter_14/group_vars/all/vars.yaml | 2 +- .../chapter_14/group_vars/all/vault.yaml | 4 +- .../chapter_14/group_vars/boston.yaml | 6 +- .../chapter_14/group_vars/sf.yaml | 6 +- .../chapter_14/history-core.yaml | 18 -- .../chapter_14/history-jnpr.yaml | 17 -- .../chapter_14/host_vars/aragorn.yaml | 10 + .../chapter_14/host_vars/bilbo.yaml | 13 +- .../chapter_14/host_vars/vsrx1.yaml | 9 - .../chapter_14/inventory3 | 2 +- .../chapter_14/library/commit_history.py | 153 ------------- .../{commit_history_2.py => max_ssh_2.py} | 45 ++-- .../chapter_14/library/max_ssh_connections.py | 202 ++++++++++++++++++ .../chapter_14/template/base-settings-5.j2 | 56 +++++ .../chapter_14/test-max-ssh-ansible-only.yaml | 72 +++++++ .../chapter_14/test_commit_history.py | 139 ------------ .../chapter_14/test_max_ssh_connections.py | 190 ++++++++++++++++ ...ory_2.py => test_max_ssh_connections_2.py} | 35 ++- .../chapter_3/data.json | 29 +++ .../chapter_3/data.yaml | 22 ++ .../chapter_3/gen_data.py | 42 ++++ .../chapter_4/ansible.cfg | 2 +- .../chapter_4/inventory | 2 +- .../chapter_4/uptime-1.1.yaml | 10 +- .../chapter_4/uptime-1.2.yaml | 13 +- .../chapter_4/uptime-1.3.yaml | 20 +- .../chapter_4/uptime-1.4.yaml | 23 +- .../chapter_5/ansible.cfg | 1 - .../chapter_5/interfaces-1.0.yaml | 32 +++ .../chapter_5/interfaces-1.1.yaml | 35 +++ .../chapter_5/interfaces-1.2.yaml | 36 ++++ .../chapter_5/interfaces-1.3.yaml | 35 +++ .../chapter_5/interfaces-1.4.yaml | 40 ++++ .../chapter_5/inventory | 2 +- .../chapter_5/test-xml.yaml | 21 ++ .../chapter_5/uptime-2.0.yaml | 17 +- .../chapter_5/uptime-2.1.yaml | 25 ++- .../chapter_5/uptime-2.2.yaml | 26 ++- .../chapter_5/uptime-2.3.yaml | 40 ++++ .../chapter_6/ansible.cfg | 1 - .../chapter_6/inventory | 2 +- .../chapter_6/uptime-3-core.yaml | 19 -- .../chapter_6/uptime-3.yaml | 23 +- .../chapter_7/ansible.cfg | 1 - .../chapter_7/base-settings-1.0.yaml | 2 +- .../chapter_7/base-settings-1.1.yaml | 20 +- ...tings-1.2a.yaml => base-settings-1.2.yaml} | 30 +-- .../chapter_7/base-settings-1.2b.yaml | 48 ----- .../chapter_7/base-settings-1.3.yaml | 42 ++-- .../chapter_7/base-settings-1.4.yaml | 69 ++++++ .../chapter_7/base-settings-1.5.yaml | 72 +++++++ .../chapter_7/config/nameserver.conf | 8 + .../chapter_7/config/ntp.set | 3 + .../chapter_7/dns1.set | 6 +- .../chapter_7/dns2.conf | 6 +- .../chapter_7/dns3.conf | 6 +- .../chapter_7/dns4.conf | 7 + ...tup-con.yaml => initial-setup-serial.yaml} | 29 ++- .../chapter_7/initial-setup-ts.yaml | 31 +-- .../chapter_7/install-config-1.yaml | 17 ++ .../chapter_7/install-config-2.yaml | 18 ++ .../chapter_7/install-set.yaml | 30 +++ .../chapter_7/inventory | 4 +- .../chapter_7/template/base-settings-1.1.j2 | 22 -- .../chapter_7/template/base-settings-1.2a.j2 | 25 --- .../chapter_7/template/base-settings-1.2b.j2 | 30 --- .../chapter_7/template/base-settings-1.3.j2 | 7 +- .../chapter_7/template/base-settings.j2 | 22 ++ .../chapter_7/template/initial-ex-vlan.j2 | 17 +- .../chapter_8a/ansible.cfg | 1 - .../chapter_8a/inventory | 4 +- .../chapter_8a/show-vars-1.yaml | 21 +- .../chapter_8a/show-vars-2.yaml | 50 +++-- .../chapter_8a/show-vars-4.yaml | 2 +- .../chapter_8b/ansible.cfg | 1 - .../chapter_8b/base-settings-1.5.yaml | 72 +++++++ .../chapter_8b/base-settings-2.yaml | 48 +++-- .../chapter_8b/group_vars/boston.yaml | 6 +- .../chapter_8b/group_vars/sf.yaml | 6 +- .../chapter_8b/host_vars/aragorn.yaml | 10 + .../chapter_8b/host_vars/bilbo.yaml | 13 +- .../chapter_8b/host_vars/vsrx1.yaml | 9 - .../inventories/junos/group_vars/all.yaml | 2 + .../inventories/junos/group_vars/boston.yaml | 5 + .../inventories/junos/group_vars/sf.yaml | 5 + .../inventories/junos/host_vars/aragorn.yaml | 10 + .../inventories/junos/host_vars/bilbo.yaml | 10 + .../inventories/junos/hosts/all_vars | 2 + .../chapter_8b/inventories/junos/hosts/boston | 17 ++ .../inventories/junos/hosts/maintenance | 9 + .../inventories/junos/hosts/san_francisco | 17 ++ .../inventories/servers/group_vars/all.yaml | 5 + .../servers/group_vars/database.yaml | 3 + .../inventories/servers/group_vars/web.yaml | 3 + .../servers/host_vars/gandalf.yaml | 3 + .../servers/host_vars/saruman.yaml | 3 + .../chapter_8b/inventories/servers/hosts | 5 + .../chapter_8b/inventory | 2 +- .../chapter_8b/inventory2/boston | 4 +- .../chapter_8b/inventory2/maintenance | 8 +- .../chapter_8b/inventory2/san_francisco | 8 +- .../chapter_8b/inventory3 | 2 +- ...show-vars-5.yaml => show-group-names.yaml} | 2 +- .../chapter_8b/show-groups.yaml | 11 + .../chapter_8b/template/base-settings-2.0.j2 | 27 +++ .../chapter_8b/template/base-settings-2.1.j2 | 31 +++ .../chapter_8b/template/base-settings-2.2.j2 | 37 ++++ .../chapter_8b/template/base-settings-2.j2 | 42 ---- .../chapter_9/ansible.cfg | 1 - .../chapter_9/get-commit-history.yaml | 18 -- .../chapter_9/get-config-1.yaml | 23 +- .../chapter_9/get-config-2.yaml | 29 ++- .../chapter_9/get-config-3.yaml | 44 ++-- .../chapter_9/get-config-4.yaml | 38 ++++ .../chapter_9/get-config-5.yaml | 71 ++++++ .../chapter_9/get-config-6.yaml | 78 +++++++ .../get-config-with-commit-alternate.yaml | 65 ------ .../chapter_9/get-config-with-commits.yaml | 57 ----- .../chapter_9/get-config.yaml | 51 ----- .../chapter_9/get-partial-config-1.yaml | 44 ++-- .../chapter_9/get-partial-config-2.yaml | 51 ++--- .../chapter_9/get-partial-config-3.yaml | 49 ----- .../chapter_9/get-partial-config-3a.yaml | 42 ++++ .../chapter_9/get-partial-config-3b.yaml | 50 +++++ .../chapter_9/group_vars/all.yaml | 2 +- .../chapter_9/group_vars/boston.yaml | 6 +- .../chapter_9/group_vars/sf.yaml | 6 +- .../chapter_9/host_vars/aragorn.yaml | 10 + .../chapter_9/host_vars/bilbo.yaml | 13 +- .../chapter_9/host_vars/vsrx1.yaml | 9 - .../chapter_9/inventory3 | 2 +- .../chapter_9/template/save-diff.j2 | 1 + 224 files changed, 3074 insertions(+), 2071 deletions(-) create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-4.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-5.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-6.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/vsrx1.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2a.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2b.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2c.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2d.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2e.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2f.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-3.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4a.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4b.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4c.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-5.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_11/ansible.cfg create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/vsrx1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/vsrx1.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/bilbo-lldp.xml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/get-version-core.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/get-version-galaxy.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/get-version-ignore.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/get-version.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/vsrx1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/test-loop.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/test-xml.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/tmp/bilbo-lldp.xml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_13/tmp/vsrx1-lldp.xml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/base-settings-5.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/classes/junos_commits.py create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/classes/max_ssh_connections_2.py delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history-2.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commit-alternate.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commits.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh-2.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/history-core.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/history-jnpr.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/vsrx1.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history.py rename ansible/Automating_Junos_with_Ansible/chapter_14/library/{commit_history_2.py => max_ssh_2.py} (51%) create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_connections.py create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/template/base-settings-5.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/test-max-ssh-ansible-only.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history.py create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections.py rename ansible/Automating_Junos_with_Ansible/chapter_14/{test_commit_history_2.py => test_max_ssh_connections_2.py} (58%) create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_3/data.json create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_3/data.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_3/gen_data.py create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.0.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.2.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.3.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.4.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/test-xml.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.3.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3-core.yaml rename ansible/Automating_Junos_with_Ansible/chapter_7/{base-settings-1.2a.yaml => base-settings-1.2.yaml} (62%) delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2b.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.4.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.5.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/config/nameserver.conf create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/config/ntp.set create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/dns4.conf rename ansible/Automating_Junos_with_Ansible/chapter_7/{initial-setup-con.yaml => initial-setup-serial.yaml} (58%) create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/install-config-1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/install-config-2.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/install-set.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.1.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2a.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2b.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-1.5.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/vsrx1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/all.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/boston.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/sf.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/aragorn.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/bilbo.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/all_vars create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/boston create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/maintenance create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/san_francisco create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/all.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/database.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/web.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/gandalf.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/saruman.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/hosts rename ansible/Automating_Junos_with_Ansible/chapter_8b/{show-vars-5.yaml => show-group-names.yaml} (84%) create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/show-groups.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.0.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.1.j2 create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.2.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.j2 delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-commit-history.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config-4.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config-5.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config-6.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commit-alternate.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commits.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-config.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3a.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3b.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/aragorn.yaml delete mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/vsrx1.yaml create mode 100644 ansible/Automating_Junos_with_Ansible/chapter_9/template/save-diff.j2 diff --git a/ansible/Automating_Junos_with_Ansible/README.md b/ansible/Automating_Junos_with_Ansible/README.md index a138ce8..da6deb7 100644 --- a/ansible/Automating_Junos_with_Ansible/README.md +++ b/ansible/Automating_Junos_with_Ansible/README.md @@ -1,8 +1,4 @@ -*Day One: Automating Junos with Ansible* is available as a free PDF on [Juniper J-Net](https://www.juniper.net/us/en/training/jnbooks/day-one/automation-series/automating-junos-ansible/); for eBooks get it on [Apple iBooks/iTunes](https://itunes.apple.com/us/book/day-one-automating-junos-with-ansible/id1351397873?mt=11) or on [Amazon for Kindle](https://www.amazon.com/Day-One-Automating-JunosĀ®-Ansible-ebook/dp/B079YZDVYJ). For print books purchase at the [Day One Print Store](http://store.vervante.com/c/v/V4081804173.html). - ------------------------------------------------------------- - -The text of *Day One: Automating Junos with Ansible* walks the reader through creating a number of example playbooks and their supporting files. Some of the playbooks are revised several times in a single chapter. Some of the playbooks are revised several times across several chapters. +The text of *Day One: Automating Junos with Ansible, 2nd Edition* walks the reader through creating a number of example playbooks and their supporting files. Some of the playbooks are revised several times in a single chapter. Some of the playbooks are revised several times across several chapters. In order to maintain a "flow" the book does not ask the reader to save the revisions to the playbooks and supporting files using different, versioned names (for example, "save playbook-2.yaml as playbook-3.yaml"). Instead, the book assumes the reader will keep revising the files "in place." (This is also, in the author's experience, closer to how scripts and playbooks evolve in the real world.) @@ -10,6 +6,10 @@ However, this lack of versioning creates a problem when trying to represent the - Playbooks and supporting files from each chapter are in chapter-specific directories. Chapter 8 has two directories because of the changes made to the inventory file during the chapter. -- Some of the playbooks and templates have version suffixes (for example, base-settings-1.yaml, base-settings-2.yaml, etc.) to identify the sequence in which the versions are created in the book. +- Some of the playbooks and templates have version suffixes (for example, base-settings-1.yaml, base-settings-2.yaml, etc.) to identify the sequence in which the versions are created in the book. In most cases, section headers in the book identify the version of the file being worked on in that section. + +You can copy each chapter's files and folders, as needed, from the chapter's directory into your ~/aja2 directory if you wish the directory paths to appear as written in the book, or you can run the playbooks for each chapter from within the chapter's directory. + +------------------------------------------------------------ -You can copy each chapter's files and folders, as needed, into your ~/aja directory if you wish everything to appear exactly as written in the book, or you can run the playbooks for each chapter from within the chapter directory. +*Day One: Automating Junos with Ansible, 2nd Edition* is available as a free PDF on [Juniper J-Net](https://www.juniper.net/us/en/training/jnbooks/day-one/automation-series/automating-junos-ansible/); for eBooks get it on [Apple iBooks/iTunes](https://itunes.apple.com/us/book/day-one-automating-junos-with-ansible/id1351397873?mt=11) or on [Amazon for Kindle](https://www.amazon.com/Day-One-Automating-JunosĀ®-Ansible-ebook/dp/B079YZDVYJ). For print books purchase at the [Day One Print Store](http://store.vervante.com/c/v/V4081804173.html). diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_10/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/base-settings-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/base-settings-3.yaml index 6ae70b9..e0b759a 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/base-settings-3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/base-settings-3.yaml @@ -10,46 +10,57 @@ vars: tmp_dir: "tmp" conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 tasks: - - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: jfact - - - name: show device facts - debug: - var: jfact - verbosity: 1 - - name: confirm or create configs directory file: path: "{{ tmp_dir }}" state: directory + run_once: yes + + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" - - name: save device information using template + - name: display device facts + debug: + var: junos + verbosity: 1 + + - name: save device configuration using template template: src: template/base-settings-3.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - file: "{{ conf_file }}" - timeout: 120 - replace: yes - confirm: 10 - comment: "playbook base-settings-3.yaml, commit confirmed" - notify: confirm commit - - - name: delete generated configuration file - file: - path: "{{ conf_file }}" - state: absent + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + # - name: delete generated configuration file + # file: + # path: "{{ conf_file }}" + # state: absent handlers: - - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - timeout: 120 - comment: "playbook base-settings-3.yaml, confirming previous commit" + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-1.yaml index f6a4ba4..0c3129b 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-1.yaml @@ -7,10 +7,14 @@ connection: local gather_facts: no + vars: + connection_settings: + host: "{{ ansible_host }}" + tasks: - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" + juniper_junos_facts: + provider: "{{ connection_settings }}" register: junos_facts - name: show device facts diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-2.yaml index bd50e6d..2110b3f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-2.yaml @@ -1,20 +1,4 @@ --- -- name: Set up report directory - hosts: - - localhost - connection: local - gather_facts: no - - tasks: - - name: generate report directory name - set_fact: - report_dir: "{{ user_data_path }}/reports" - - - name: confirm/create report directory - file: - path: "{{ report_dir }}" - state: directory - - name: Get facts from Junos device hosts: - all @@ -23,18 +7,19 @@ connection: local gather_facts: no + vars: + connection_settings: + host: "{{ ansible_host }}" + tasks: - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: junos_facts + juniper_junos_facts: + provider: "{{ connection_settings }}" - - name: show device facts + - name: show Junos version debug: - var: junos_facts - verbosity: 1 + var: junos.version - - name: save device information using template - template: - src: template/device-facts-2f.j2 - dest: "{{ hostvars.localhost.report_dir }}/{{ inventory_hostname }}.txt" + - name: show device uptime + debug: + var: junos.RE0.up_time diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-3.yaml index 20e8be5..dbb6fa3 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-3.yaml @@ -1,34 +1,4 @@ --- -- name: Set up report directory - hosts: - - localhost - connection: local - gather_facts: no - - tasks: - - name: generate report directory name - set_fact: - report_dir: "{{ user_data_path }}/reports" - - - name: generate report build directory name - set_fact: - build_dir: "{{ report_dir }}/build" - - - name: confirm/create report directory - file: - path: "{{ report_dir }}" - state: directory - - - name: delete old report build directory - file: - path: "{{ build_dir }}" - state: absent - - - name: confirm/create new report build directory - file: - path: "{{ build_dir }}" - state: directory - - name: Get facts from Junos device hosts: - all @@ -37,39 +7,20 @@ connection: local gather_facts: no - tasks: - - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: junos_facts - - - name: show device facts - debug: - var: junos_facts - verbosity: 1 - - - name: save device information using template - template: - src: template/device-facts-3.j2 - dest: "{{ hostvars.localhost.build_dir }}/{{ inventory_hostname }}.txt" - -- name: Assemble device report - hosts: localhost - connection: local - gather_facts: yes - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - report_file: "{{ report_dir }}/device-facts_{{ timestamp }}.csv" + facts_dir: "{{ user_data_path }}/facts" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: copy column headers file - copy: - src: template/_device-facts-columns.txt - dest: "{{ build_dir }}/" + - name: confirm/create report directory + file: + path: "{{ facts_dir }}" + state: directory + run_once: yes + delegate_to: localhost - - name: assemble device files into new report - assemble: - src: "{{ build_dir }}" - dest: "{{ report_file }}" + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" + savedir: "{{ facts_dir }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-4.yaml new file mode 100644 index 0000000..47ab697 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-4.yaml @@ -0,0 +1,38 @@ +--- +- name: Get facts from Junos device and save as CSV file + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + facts_dir: "{{ user_data_path }}/facts" + facts_build_dir: "{{ user_data_path }}/facts/build" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: confirm/create report directory + file: + path: "{{ facts_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: confirm/create build directory + file: + path: "{{ facts_build_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" + + - name: save device facts + template: + src: template/device-facts-4a.j2 + dest: "{{ facts_build_dir }}/{{ inventory_hostname }}.txt" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-5.yaml new file mode 100644 index 0000000..ddd2986 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-5.yaml @@ -0,0 +1,60 @@ +--- +- name: Get facts from Junos device and save as CSV file + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + facts_dir: "{{ user_data_path }}/facts" + facts_build_dir: "{{ user_data_path }}/facts/build" + connection_settings: + host: "{{ ansible_host }}" + systime: "{{ ansible_date_time.time | replace(':', '-') }}" + timestamp: "{{ ansible_date_time.date }}_{{ systime }}" + report_file: "{{ facts_dir }}/device-facts_{{ timestamp }}.csv" + + tasks: + - name: get localhost environment info + setup: + run_once: yes + delegate_to: localhost + + - name: confirm/create report directory + file: + path: "{{ facts_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: delete old build directory if present + file: + path: "{{ facts_build_dir }}" + state: absent + run_once: yes + delegate_to: localhost + + - name: create build directory + file: + path: "{{ facts_build_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" + + - name: save device facts + template: + src: template/device-facts-5.j2 + dest: "{{ facts_build_dir }}/{{ inventory_hostname }}.csv" + + - name: assemble inventory report + assemble: + src: "{{ facts_build_dir }}" + dest: "{{ report_file }}" + run_once: yes + delegate_to: localhost diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-6.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-6.yaml new file mode 100644 index 0000000..c338669 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/get-device-facts-6.yaml @@ -0,0 +1,67 @@ +--- +- name: Get facts from Junos device and save as CSV file + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + facts_dir: "{{ user_data_path }}/facts" + facts_build_dir: "{{ user_data_path }}/facts/build" + connection_settings: + host: "{{ ansible_host }}" + systime: "{{ ansible_date_time.time | replace(':', '-') }}" + timestamp: "{{ ansible_date_time.date }}_{{ systime }}" + report_file: "{{ facts_dir }}/device-facts_{{ timestamp }}.csv" + + tasks: + - name: get localhost environment info + setup: + run_once: yes + delegate_to: localhost + + - name: confirm/create report directory + file: + path: "{{ facts_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: delete old build directory if present + file: + path: "{{ facts_build_dir }}" + state: absent + run_once: yes + delegate_to: localhost + + - name: create build directory + file: + path: "{{ facts_build_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" + + - name: save device facts + template: + src: template/device-facts-5.j2 + dest: "{{ facts_build_dir }}/{{ inventory_hostname }}.csv" + + - name: copy column headers file + copy: + src: template/_device-facts-columns.txt + dest: "{{ facts_build_dir}}/" + run_once: yes + delegate_to: localhost + + - name: assemble inventory report + assemble: + src: "{{ facts_build_dir }}" + dest: "{{ report_file }}" + run_once: yes + delegate_to: localhost diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_10/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/base-settings-3.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/base-settings-3.j2 index 62579f8..09d9da2 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/base-settings-3.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/template/base-settings-3.j2 @@ -1,15 +1,14 @@ #jinja2: lstrip_blocks: True -{# copy device facts into shorter variable names and lower-case the data #} -{% set model = jfact.facts.model.lower() %} -{% set personality = jfact.facts.personality|lower %} +{% set model = junos.model.lower() %} +{% set personality = junos.personality | lower %} {#- Determine SSH connection-limit and rate-limit based on device facts #} {% if model == 'vsrx' %} - {% set max_ssh = 5 %} + {% set max_ssh = 5 %} {% elif personality == 'srx_branch' %} - {% set max_ssh = 3 %} + {% set max_ssh = 3 %} {% else %} - {% set max_ssh = 10 %} + {% set max_ssh = 10 %} {% endif %} {#- Generate basic settings for the device #} @@ -20,18 +19,17 @@ system { uid 2000; class super-user; authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; } } } replace: name-server { - {% for server in aja_host.dns_servers %} + {% for server in aja2_host.dns_servers %} {{ server }}; {% endfor %} } services { - ftp; delete: ftp; netconf { ssh { @@ -43,21 +41,17 @@ system { connection-limit {{ max_ssh }}; rate-limit {{ max_ssh }}; } - telnet; delete: telnet; - web-management { - http; - } delete: web-management; } replace: ntp { - {% for ntp in aja_site.ntp_servers %} + {% for ntp in aja2_site.ntp_servers %} server {{ ntp }}; {% endfor %} } } snmp { - description "{{ aja_host.snmp_description }}"; - location "{{ aja_host.snmp_location }}"; + description "{{ aja2_host.snmp.description}}" + location "{{ aja2_host.snmp.location}}" } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2a.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2a.j2 deleted file mode 100644 index 12b44c3..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2a.j2 +++ /dev/null @@ -1 +0,0 @@ -{{ junos_facts.facts }} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2b.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2b.j2 deleted file mode 100644 index e459dbb..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2b.j2 +++ /dev/null @@ -1,4 +0,0 @@ -- - - lightly formatted facts for {{ inventory_hostname }} - - - -{% for fact_name,fact_data in junos_facts.facts.iteritems() %} - {{ fact_name }}: {{ fact_data }} -{% endfor %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2c.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2c.j2 deleted file mode 100644 index 1cf5994..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2c.j2 +++ /dev/null @@ -1,2 +0,0 @@ -{% set f=junos_facts.facts %} -"{{ inventory_hostname }}","{{ f.version }}","{{ f.model }}","{{ f.switch_style }}","{{ f.serialnumber }}","{{ f.has_2RE }}","{{ f.master }}","{{ f.vc_capable }}","{{ f.vc_fabric }}","{{ f.vc_master }}","{{ f.vc_mode }}","{{ f.srx_cluster }}","{{ f.srx_cluster_id }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2d.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2d.j2 deleted file mode 100644 index 8d359f6..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2d.j2 +++ /dev/null @@ -1,27 +0,0 @@ -{% set f=junos_facts.facts %} -"{{ inventory_hostname }}","{{ f.version }}","{{ f.model }}","{{ f.switch_style }}","{{ f.serialnumber }}","{{ f.has_2RE }}","{{ f.master }}","{{ f.vc_capable }}", -{% if f.vc_fabric is none %} - "-", -{% else %} - "{{ f.vc_fabric }}", -{% endif %} -{% if f.vc_master is none %} - "-", -{% else %} - "{{ f.vc_master }}", -{% endif %} -{% if f.vc_mode is none %} - "-", -{% else %} - "{{ f.vc_mode }}", -{% endif %} -{% if f.srx_cluster is none %} - "-", -{% else %} - "{{ f.srx_cluster }}", -{% endif %} -{% if f.srx_cluster_id is none %} - "-" -{% else %} - "{{ f.srx_cluster_id }}" -{% endif %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2e.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2e.j2 deleted file mode 100644 index 6840b50..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2e.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{% set f=junos_facts.facts %} -"{{ inventory_hostname }}","{{ f.version }}","{{ f.model }}","{{ f.switch_style }}","{{ f.serialnumber }}","{{ f.has_2RE }}","{{ f.master }}","{{ f.vc_capable }}", -{% if f.vc_fabric is none %}"-",{% else %}"{{ f.vc_fabric }}",{% endif %} -{% if f.vc_master is none %}"-",{% else %}"{{ f.vc_master }}",{% endif %} -{% if f.vc_mode is none %}"-",{% else %}"{{ f.vc_mode }}",{% endif %} -{% if f.srx_cluster is none %}"-",{% else %}"{{ f.srx_cluster }}",{% endif %} -{% if f.srx_cluster_id is none %}"-"{% else %}"{{ f.srx_cluster_id }}"{% endif %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2f.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2f.j2 deleted file mode 100644 index 1c8cb83..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-2f.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{% set f=junos_facts.facts %} -"{{ inventory_hostname }}","{{ f.version }}","{{ f.model }}","{{ f.switch_style }}","{{ f.serialnumber }}","{{ f.has_2RE }}","{{ f.master }}","{{ f.vc_capable }}", -{%- if f.vc_fabric is none %}"-",{% else %}"{{ f.vc_fabric }}",{% endif %} -{%- if f.vc_master is none %}"-",{% else %}"{{ f.vc_master }}",{% endif %} -{%- if f.vc_mode is none %}"-",{% else %}"{{ f.vc_mode }}",{% endif %} -{%- if f.srx_cluster is none %}"-",{% else %}"{{ f.srx_cluster }}",{% endif %} -{%- if f.srx_cluster_id is none %}"-"{% else %}"{{ f.srx_cluster_id }}"{% endif %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-3.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-3.j2 deleted file mode 100644 index 1c8cb83..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-3.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{% set f=junos_facts.facts %} -"{{ inventory_hostname }}","{{ f.version }}","{{ f.model }}","{{ f.switch_style }}","{{ f.serialnumber }}","{{ f.has_2RE }}","{{ f.master }}","{{ f.vc_capable }}", -{%- if f.vc_fabric is none %}"-",{% else %}"{{ f.vc_fabric }}",{% endif %} -{%- if f.vc_master is none %}"-",{% else %}"{{ f.vc_master }}",{% endif %} -{%- if f.vc_mode is none %}"-",{% else %}"{{ f.vc_mode }}",{% endif %} -{%- if f.srx_cluster is none %}"-",{% else %}"{{ f.srx_cluster }}",{% endif %} -{%- if f.srx_cluster_id is none %}"-"{% else %}"{{ f.srx_cluster_id }}"{% endif %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4a.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4a.j2 new file mode 100644 index 0000000..2e4134e --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4a.j2 @@ -0,0 +1 @@ +{{ junos }} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4b.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4b.j2 new file mode 100644 index 0000000..33cdb56 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4b.j2 @@ -0,0 +1,3 @@ +{% for fact_name, fact_data in junos.iteritems() %} + {{ fact_name }}: {{ fact_data }} +{% endfor %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4c.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4c.j2 new file mode 100644 index 0000000..3d25982 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-4c.j2 @@ -0,0 +1,18 @@ +#jinja2: lstrip_blocks: True +{# better formatting and key-sorted output #} +{% for jkey in junos.keys()|sort %} + {% set jvalue = junos[jkey] %} + {% if jvalue is mapping %} + {{ jkey }}: + {% for jk in jvalue.keys()|sort %} + {{ jk }}: {{ jvalue[jk] }} + {% endfor %} + {% elif (jvalue is not string) and (jvalue is iterable) %} + {{ jkey }}: + {% for value in jvalue|sort %} + - {{ value }} + {% endfor %} + {% else %} + {{ jkey }}: {{ jvalue }} + {% endif %} +{% endfor %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-5.j2 b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-5.j2 new file mode 100644 index 0000000..ff82798 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_10/template/device-facts-5.j2 @@ -0,0 +1,6 @@ +"{{ inventory_hostname }}","{{ junos.version }}","{{ junos.model }}","{{ junos.switch_style }}","{{ junos.serialnumber }}","{{ junos.has_2RE }}","{{ junos.master }}","{{ junos.vc_capable }}", +{%- if junos.vc_fabric is none %}"-",{% else %}"{{ junos.vc_fabric }}",{% endif %} +{%- if junos.vc_master is none %}"-",{% else %}"{{ junos.vc_master }}",{% endif %} +{%- if junos.vc_mode is none %}"-",{% else %}"{{ junos.vc_mode }}",{% endif %} +{%- if junos.srx_cluster is none %}"-",{% else %}"{{ junos.srx_cluster }}",{% endif %} +{%- if junos.srx_cluster_id is none %}"-"{% else %}"{{ junos.srx_cluster_id }}"{% endif %} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_11/ansible.cfg deleted file mode 100644 index c057dc7..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/ansible.cfg +++ /dev/null @@ -1,4 +0,0 @@ -[defaults] -inventory = inventory3 -host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/base-settings-4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/base-settings-4.yaml index 734dd09..f937107 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/base-settings-4.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/base-settings-4.yaml @@ -10,46 +10,57 @@ vars: tmp_dir: "tmp" conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 tasks: - - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: jfact - - - name: show device facts - debug: - var: jfact - verbosity: 1 - - name: confirm or create configs directory file: path: "{{ tmp_dir }}" state: directory + run_once: yes + + - name: get device facts + juniper_junos_facts: + provider: "{{ connection_settings }}" - - name: save device information using template + - name: display device facts + debug: + var: junos + verbosity: 1 + + - name: save device configuration using template template: src: template/base-settings-4.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - file: "{{ conf_file }}" - timeout: 120 - replace: yes - confirm: 10 + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace comment: "playbook base-settings.yaml, commit confirmed" - notify: confirm commit + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit - - name: delete generated configuration file - file: - path: "{{ conf_file }}" - state: absent + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + # - name: delete generated configuration file + # file: + # path: "{{ conf_file }}" + # state: absent handlers: - - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - timeout: 120 + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vars.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vars.yaml index ee1a532..2e6b9da 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vars.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vars.yaml @@ -1,5 +1,5 @@ --- ansible_python_interpreter: /usr/local/bin/python -user_data_path: /Users/sean/ansible +user_data_path: "{{ '~/ansible' | expanduser }}" root_hash: "{{ vault_root_hash }}" monitor_hash: "{{ vault_monitor_hash }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vault.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vault.yaml index 625cd4a..6ccdd54 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vault.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/_all_/vault.yaml @@ -1,13 +1,3 @@ -$ANSIBLE_VAULT;1.1;AES256 -63376439663935643766383662636263663835636661306261343837363263363338633731613433 -3266613766393562623933336565363363373866363962390a326236393232666231346465663361 -63383339363966633061363131303531323264353432666464396462316237636361303562323866 -6166613033326538350a663166363637306134633162633762313437353431363865393038336265 -65363635616433363931313531313961616564666364376234396232353765613963646632363838 -65633338356161353366613530356466666238376437376131623637303563376436336430323565 -37376232303065633966336361646634613437363833326433386531646633306162306135613430 -35616436323232313039613963386236303735663466373437623531333239326336613530356136 -39326136626662383232356366333336383139383363623266633537613066646632333261663732 -30613762323266313736323865383335373237666230323865623933663230626235306565646135 -35396139303764643666323639303838633731323462323933333430373565626465353230313963 -30316133323434383130 +--- +vault_root_hash: "$1$JG/DQ4TP$/SqMDBsjmLO2IXvawjjGQ." +vault_monitor_hash: "$1$ZAduRAJ9$42vsgW1i0kuZcPYww46Xq1" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_11/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/template/base-settings-4.j2 b/ansible/Automating_Junos_with_Ansible/chapter_11/template/base-settings-4.j2 index 5a8f6f0..e7ac33f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/template/base-settings-4.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/template/base-settings-4.j2 @@ -1,15 +1,14 @@ #jinja2: lstrip_blocks: True -{# copy device facts into shorter variable names and lower-case the data #} -{% set model = jfact.facts.model.lower() %} -{% set personality = jfact.facts.personality|lower %} +{% set model = junos.model.lower() %} +{% set personality = junos.personality | lower %} {#- Determine SSH connection-limit and rate-limit based on device facts #} {% if model == 'vsrx' %} - {% set max_ssh = 5 %} + {% set max_ssh = 5 %} {% elif personality == 'srx_branch' %} - {% set max_ssh = 3 %} + {% set max_ssh = 3 %} {% else %} - {% set max_ssh = 10 %} + {% set max_ssh = 10 %} {% endif %} {#- Generate basic settings for the device #} @@ -30,18 +29,17 @@ system { uid 2000; class super-user; authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; } } } replace: name-server { - {% for server in aja_host.dns_servers %} + {% for server in aja2_host.dns_servers %} {{ server }}; {% endfor %} } services { - ftp; delete: ftp; netconf { ssh { @@ -53,21 +51,17 @@ system { connection-limit {{ max_ssh }}; rate-limit {{ max_ssh }}; } - telnet; delete: telnet; - web-management { - http; - } delete: web-management; } replace: ntp { - {% for ntp in aja_site.ntp_servers %} + {% for ntp in aja2_site.ntp_servers %} server {{ ntp }}; {% endfor %} } } snmp { - description "{{ aja_host.snmp_description }}"; - location "{{ aja_host.snmp_location }}"; + description "{{ aja2_host.snmp.description}}" + location "{{ aja2_host.snmp.location}}" } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/vault1.yml b/ansible/Automating_Junos_with_Ansible/chapter_11/vault1.yml index cce3599..2848729 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/vault1.yml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/vault1.yml @@ -1,6 +1,6 @@ $ANSIBLE_VAULT;1.1;AES256 -61633036343864616135356636323963613563363935323564636262373635336231616564623031 -6234326361663036623831393432313033333236653231640a383830653263343335316332376164 -36386632313332393130343733356435646536663837306337383236383133356165626433363439 -6636306565356161360a653138613832643732653936303533343761316232343932353262623630 -33303364653061313862613233623033313239653334656461383165633338306264 +37326463363539396634636430383737326465373635396665643661666539613934633237616265 +3064636661353166643038643734356464653133663961620a373262656532353531616162626435 +66376361373166393535656137326333633033643633653534343464346636316330663537313037 +6430336335306266610a376239373964353665613463393535316231323839316434643834353033 +30373362336462653566383166373833316437323562373362323835313333383930 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_11/vault2.yml b/ansible/Automating_Junos_with_Ansible/chapter_11/vault2.yml index edf335a..772358c 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_11/vault2.yml +++ b/ansible/Automating_Junos_with_Ansible/chapter_11/vault2.yml @@ -1,7 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -36656432653166666139626261373939313766376238373532386534333933306635343837383065 -3038333233333230363635643232366563653662646232340a333664323136393738643535353533 -33653236376435363838633762383065616232323831623937383731373230666664663262373731 -6435336235383166320a363437306166393930643662376463303366666539633935646139303239 -38386164613765316363336532333662396438303630316264303737383934316264343932653739 -6539326639666633303439626561363531323139636264383031 +36316661613636623063636263373039346630656236366238383035383338613834326431376439 +6230386639383961366365653737653332303965313961620a646163363130356132303865353534 +37346536633031313562613434666662313766616264663439383265373932666535623034326436 +3337383364646534630a316663373965353230363639623532376439313066373235396663303735 +65366462343739333665366663383031333166643839623664373438336138366661653435316437 +3733313263663634356630356338396333306361343131336466 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/all-settings.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/all-settings.yaml index 8d6b3fe..bb71f07 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/all-settings.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/all-settings.yaml @@ -12,13 +12,12 @@ vars: config_file: "{{ config_assemble }}/all.conf" - playbook_name: all_settings.yaml + playbook_name: all-settings.yaml pre_tasks: - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: jfact + juniper_junos_facts: + provider: "{{ connection_settings }}" tasks: - name: assemble config fragments diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_12/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vars.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vars.yaml index ee1a532..2e6b9da 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vars.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vars.yaml @@ -1,5 +1,5 @@ --- ansible_python_interpreter: /usr/local/bin/python -user_data_path: /Users/sean/ansible +user_data_path: "{{ '~/ansible' | expanduser }}" root_hash: "{{ vault_root_hash }}" monitor_hash: "{{ vault_monitor_hash }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vault.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vault.yaml index 8e00962..6ccdd54 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vault.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/all/vault.yaml @@ -1,3 +1,3 @@ --- -vault_root_hash: "$5$XbH2.66u$oYt2w3qsLqbxMYI.5.DUQFd88MYdamGG1VaKanPd6YB" -vault_monitor_hash: "$5$KgfRZFNQ$UrQvpUdXFJVwDrOzojJtIfNtJC1b.6g4jkMuVoFptQ4" +vault_root_hash: "$1$JG/DQ4TP$/SqMDBsjmLO2IXvawjjGQ." +vault_monitor_hash: "$1$ZAduRAJ9$42vsgW1i0kuZcPYww46Xq1" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_12/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/handlers/main.yml b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/handlers/main.yml index 3bd002d..ddbade1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/handlers/main.yml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/handlers/main.yml @@ -1,16 +1,17 @@ --- - name: install config onto device - junos_install_config: - host: "{{ ansible_host }}" - file: "{{ config_file }}" - timeout: "{{ commit_timeout }}" - replace: yes - confirm: "{{ confirm_time }}" + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ config_file }}" + load: replace + confirmed: "{{ confirm_time }}" + diff: yes + ignore_warning: yes comment: "playbook {{ playbook_name }}, commit confirmed {{ confirm_time }}" notify: confirm commit - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - timeout: "{{ commit_timeout }}" + juniper_junos_config: + provider: "{{ connection_settings }}" + commit: yes comment: "playbook {{ playbook_name }}, confirming previous commit" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/vars/main.yml b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/vars/main.yml index 06b8220..246e23c 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/vars/main.yml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/config_setup_commit/vars/main.yml @@ -1,5 +1,8 @@ --- -config_assemble: "{{ user_data_path }}/config/{{ inventory_hostname }}" -config_assemble_build: "{{ config_assemble }}/build" commit_timeout: 120 confirm_time: 10 +config_assemble: "{{ user_data_path }}/config/{{ inventory_hostname }}" +config_assemble_build: "{{ config_assemble }}/build" +connection_settings: + host: "{{ ansible_host }}" + timeout: "{{ commit_timeout }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_fw.j2 b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_fw.j2 index 4db3709..1b3c069 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_fw.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_fw.j2 @@ -1,6 +1,7 @@ #jinja2: lstrip_blocks: True snmp { - replace: community aja_fw { + replace: + community aja2_fw { authorization read-only; clients { 192.168.1.100/32; diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_sw.j2 b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_sw.j2 index d6226e1..ae88624 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_sw.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/community_sw.j2 @@ -1,6 +1,7 @@ #jinja2: lstrip_blocks: True snmp { - replace: community aja_sw { + replace: + community aja2_sw { authorization read-only; clients { 192.168.2.200/32; diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/snmp.j2 b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/snmp.j2 index a59c79c..a2e83cf 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/snmp.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/snmp/templates/snmp.j2 @@ -1,9 +1,8 @@ #jinja2: lstrip_blocks: True snmp { - description "{{ aja_host.snmp_description }}"; - location "{{ aja_host.snmp_location }}"; + description "{{ aja2_host.snmp.description }}"; + location "{{ aja2_host.snmp.location }}"; contact "netadmin@aja.com"; - {# the following lines ensure there will be no community public on a device #} - community public; + {# ensure there will be no community public on a device #} delete: community public; } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/system/templates/system.j2 b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/system/templates/system.j2 index 5dfbaec..4e0d41b 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/roles/system/templates/system.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/roles/system/templates/system.j2 @@ -1,7 +1,6 @@ #jinja2: lstrip_blocks: True -{# copy device facts into shorter variable names and lower-case the data #} -{% set model = jfact.facts.model.lower() %} -{% set personality = jfact.facts.personality|lower %} +{% set model = junos.model.lower() %} +{% set personality = junos.personality | lower %} {#- Determine SSH connection-limit and rate-limit based on device facts #} {% if model == 'vsrx' %} @@ -15,19 +14,15 @@ {#- Generate basic settings for the device #} system { host-name {{ inventory_hostname }}; - domain-name aja.com; - domain-search [ aja.com aja.net ]; - root-authentication { - encrypted-password "{{ root_hash }}"; - } + domain-name aja2.com; + domain-search [ aja2.com aja2.net ]; replace: name-server { - {% for server in aja_host.dns_servers %} + {% for server in aja2_host.dns_servers %} {{ server }}; {% endfor %} } services { - ftp; delete: ftp; netconf { ssh { @@ -39,16 +34,12 @@ system { connection-limit {{ max_ssh }}; rate-limit {{ max_ssh }}; } - telnet; delete: telnet; - web-management { - http; - } delete: web-management; } replace: ntp { - {% for ntp in aja_site.ntp_servers %} + {% for ntp in aja2_site.ntp_servers %} server {{ ntp }}; {% endfor %} } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-1.yaml index a13cc67..52892d0 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-1.yaml @@ -12,7 +12,10 @@ config_assemble: "{{ user_data_path }}/config/{{ inventory_hostname }}" config_assemble_build: "{{ config_assemble }}/build" config_file: "{{ config_assemble }}/snmp.conf" - playbook_name: snmp_settings.yaml + playbook_name: snmp-settings.yaml + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 pre_tasks: - name: confirm or create device config directory @@ -39,17 +42,18 @@ handlers: - name: install config onto device - junos_install_config: - host: "{{ ansible_host }}" - file: "{{ config_file }}" - timeout: 120 - replace: yes - confirm: 10 + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ config_file }}" + load: replace + confirmed: 5 + diff: yes + ignore_warning: yes comment: "playbook {{ playbook_name }}, commit confirmed" notify: confirm commit - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - timeout: 120 + juniper_junos_config: + provider: "{{ connection_settings }}" + commit: yes comment: "playbook {{ playbook_name }}, confirming previous commit" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-2.yaml index d9c552c..484d8c2 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/snmp-settings-2.yaml @@ -11,7 +11,7 @@ vars: config_file: "{{ config_assemble }}/snmp.conf" - playbook_name: snmp_settings.yaml + playbook_name: snmp-settings.yaml tasks: - name: assemble config fragments diff --git a/ansible/Automating_Junos_with_Ansible/chapter_12/system-settings.yaml b/ansible/Automating_Junos_with_Ansible/chapter_12/system-settings.yaml index 127977e..8d1e725 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_12/system-settings.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_12/system-settings.yaml @@ -11,13 +11,12 @@ vars: config_file: "{{ config_assemble }}/system.conf" - playbook_name: system_settings.yaml + playbook_name: system-settings.yaml pre_tasks: - name: get device facts - junos_get_facts: - host: "{{ ansible_host }}" - register: jfact + juniper_junos_facts: + provider: "{{ connection_settings }}" tasks: - name: assemble config fragments diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_13/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/bilbo-lldp.xml b/ansible/Automating_Junos_with_Ansible/chapter_13/bilbo-lldp.xml deleted file mode 100644 index fcf8345..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/bilbo-lldp.xml +++ /dev/null @@ -1,26 +0,0 @@ - - - ge-0/1/1.0 - - - Mac address - 78:fe:3d:3d:f6:40 - ge-0/1/1.0 - frodo - - - ge-0/0/9.0 - - - Mac address - 88:a2:5e:69:ef:14 - ge-0/0/0.0 - elrond - - - ge-0/1/0.0 - - - Mac address - f4:cc:55:24:84:00 - ge-0/0/5 - strider - - diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-1.yaml index fb2ea52..1455e29 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-1.yaml @@ -1,5 +1,5 @@ --- -- name: Get LLDP neighbor and save for configuring interface descriptions +- name: Get LLDP neighbor information hosts: - all roles: @@ -8,21 +8,20 @@ gather_facts: no vars: - tmp_dir: "{{ user_data_path }}/tmp" - lldp_file: "{{ tmp_dir}}/{{ inventory_hostname }}-lldp.xml" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - name: get lldp neighbor table - junos_rpc: - rpc: get-lldp-neighbors-information - # rpc: get-lldp-interface-neighbors-information - format: xml + juniper_junos_rpc: + provider: "{{ connection_settings }}" + rpcs: get-lldp-neighbors-information + # rpcs: get-lldp-interface-neighbors-information # kwargs: # interface_name: ge-0/1/0 - host: "{{ ansible_host }}" - dest: "{{ lldp_file }}" + format: xml + register: lldp + + - name: display lldp neighbor data + debug: + var: lldp.stdout_lines diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-2.yaml index 6b36324..bf37e27 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-2.yaml @@ -1,5 +1,5 @@ --- -- name: Get LLDP neighbor and save for configuring interface descriptions +- name: Get LLDP neighbor information hosts: - all roles: @@ -8,21 +8,25 @@ gather_facts: no vars: - tmp_dir: "{{ user_data_path }}/tmp" - lldp_file_prefix: "{{ tmp_dir}}/{{ inventory_hostname }}-lldp-" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - name: get lldp neighbor table - junos_rpc: - rpc: get-lldp-interface-neighbors-information - format: xml + juniper_junos_rpc: + provider: "{{ connection_settings }}" + rpcs: get-lldp-interface-neighbors-information kwargs: interface_name: "{{ item }}" - host: "{{ ansible_host }}" - dest: "{{ lldp_file_prefix }}{{ item | replace('/', '-') }}.xml" - with_items: "{{ aja_host.uplinks }}" + format: xml + loop: "{{ aja2_host.uplinks }}" + register: lldp + + - name: display lldp neighbor data + debug: + var: lldp + # var: item.stdout_lines + # msg: "{{ item.stdout_lines }}" + # loop: "{{ lldp.results }}" + # loop_control: + # label: "{{ item.item }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-3.yaml index cede38a..38bd52a 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-interface-3.yaml @@ -1,5 +1,5 @@ --- -- name: Get LLDP neighbor and save for configuring interface descriptions +- name: Get LLDP neighbor information hosts: - all roles: @@ -8,31 +8,34 @@ gather_facts: no vars: - tmp_dir: "{{ user_data_path }}/tmp" - lldp_file_prefix: "{{ tmp_dir}}/{{ inventory_hostname }}-lldp-" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - name: get lldp neighbor table - junos_rpc: - rpc: get-lldp-interface-neighbors-information - format: xml + juniper_junos_rpc: + provider: "{{ connection_settings }}" + rpcs: get-lldp-interface-neighbors-information kwargs: interface_name: "{{ item }}" - host: "{{ ansible_host }}" - dest: "{{ lldp_file_prefix }}{{ item | replace('/', '-') }}.xml" - with_items: "{{ aja_host.uplinks }}" + format: xml + loop: "{{ aja2_host.uplinks }}" + register: lldp - name: get neighbor details xml: - path: "{{ lldp_file_prefix }}{{ item | replace('/', '-') }}.xml" + xmlstring: "{{ item }}" xpath: //lldp-remote-system-name | //lldp-remote-port-description content: text - with_items: "{{ aja_host.uplinks }}" + loop: "{{ lldp.results | map(attribute='stdout') | list }}" register: neighbors + # loop_control: + # label: "{{ item | regex_search('[^<]+') }}" - - debug: var=neighbors + - name: show neighbor details + debug: + var: neighbors + # msg: "{{ item.matches }}" + # loop: "{{ neighbors.results }}" + # loop_control: + # label: "{{ item.item | regex_search('[^<]+') }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-1.yaml index 52c06e6..bd3a210 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-1.yaml @@ -1,5 +1,5 @@ --- -- name: Get LLDP neighbor and save for configuring interface descriptions +- name: Get LLDP neighbor information hosts: - all roles: @@ -8,30 +8,35 @@ gather_facts: no vars: - tmp_dir: "{{ user_data_path }}/tmp" - lldp_file: "{{ tmp_dir}}/{{ inventory_hostname }}-lldp.xml" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - name: get lldp neighbor table - junos_rpc: - rpc: get-lldp-neighbors-information + juniper_junos_rpc: + provider: "{{ connection_settings }}" + rpcs: get-lldp-neighbors-information format: xml - host: "{{ ansible_host }}" - dest: "{{ lldp_file }}" + register: lldp + + - name: display lldp neighbor results + debug: + var: lldp.stdout_lines - name: get neighbor details xml: - path: "{{ lldp_file }}" + xmlstring: "{{ lldp.stdout }}" xpath: > //lldp-neighbor-information[starts-with(lldp-local-interface, '{{ item }}')]/lldp-remote-system-name | //lldp-neighbor-information[starts-with(lldp-local-interface, '{{ item }}')]/lldp-remote-port-description content: text - with_items: "{{ aja_host.uplinks }}" + loop: "{{ aja2_host.uplinks }}" register: neighbors - - debug: var=neighbors + - name: show neighbor results + debug: + var: neighbors + # msg: "{{ item.matches }}" + # loop: "{{ neighbors.results }}" + # loop_control: + # label: "{{ item.item }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-2.yaml index e337a29..335549d 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-lldp-list-2.yaml @@ -1,5 +1,5 @@ --- -- name: Get LLDP neighbor and save for configuring interface descriptions +- name: Get LLDP neighbor information and save interface descriptions using templates hosts: - all roles: @@ -8,38 +8,34 @@ gather_facts: no vars: + connection_settings: + host: "{{ ansible_host }}" tmp_dir: "{{ user_data_path }}/tmp" - lldp_file: "{{ tmp_dir}}/{{ inventory_hostname }}-lldp.xml" template_dir: "template" tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - name: get lldp neighbor table - junos_rpc: - rpc: get-lldp-neighbors-information + juniper_junos_rpc: + provider: "{{ connection_settings }}" + rpcs: get-lldp-neighbors-information format: xml - host: "{{ ansible_host }}" - dest: "{{ lldp_file }}" + register: lldp - name: get neighbor details xml: - path: "{{ lldp_file }}" + xmlstring: "{{ lldp.stdout }}" xpath: > //lldp-neighbor-information[starts-with(lldp-local-interface, '{{ item }}')]/lldp-remote-system-name | //lldp-neighbor-information[starts-with(lldp-local-interface, '{{ item }}')]/lldp-remote-port-description content: text - with_items: "{{ aja_host.uplinks }}" + loop: "{{ aja2_host.uplinks }}" register: neighbors - name: save interface descriptions, template 1 template: src: "{{ template_dir }}/int-desc-1.j2" dest: "{{ tmp_dir }}/{{ inventory_hostname }}-{{ item.item | replace('/', '-') }}.conf" - with_items: "{{ neighbors.results }}" + loop: "{{ neighbors.results }}" - name: save interface descriptions, template 2 template: diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-core.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-core.yaml deleted file mode 100644 index d6cca9f..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-core.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- name: Get Junos version - hosts: - - all - connection: local - gather_facts: no - - tasks: - - name: get junos version using ansible core module - junos_rpc: - rpc: get-software-information - output: text - provider: - host: "{{ ansible_host }}" - register: jversion - retries: 2 - delay: 15 - until: jversion | success - - - name: display junos version output - debug: var=jversion diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-galaxy.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-galaxy.yaml deleted file mode 100644 index 9730fcf..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-galaxy.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Get Junos version - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get junos version using galaxy module - junos_rpc: - rpc: get-software-information - format: text - dest: "{{ inventory_hostname }}-version.txt" - host: "{{ ansible_host }}" - register: jversion - retries: 2 - delay: 15 - # until: jversion | success - until: (jversion | success) or (jversion.msg.find("ConnectAuthError") >= 0) - - - name: display junos_rpc result - debug: var=jversion diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-ignore.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-ignore.yaml deleted file mode 100644 index 483d3f6..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version-ignore.yaml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Get Junos version - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get junos version using galaxy module - junos_rpc: - rpc: get-software-information - format: text - dest: "{{ inventory_hostname }}-version.txt" - host: "{{ ansible_host }}" - register: jversion - ignore_errors: yes - retries: 2 - delay: 15 - until: (jversion | success) or (jversion.msg.find("ConnectAuthError") >= 0) - - - name: display junos_rpc result - debug: - var: jversion diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/get-version.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/get-version.yaml new file mode 100644 index 0000000..66ad2e0 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/get-version.yaml @@ -0,0 +1,29 @@ +--- +- name: Get Junos version + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: get Junos version + juniper_junos_rpc: + rpcs: + - get-software-information + provider: "{{ connection_settings }}" + formats: text + register: jversion + retries: 2 + delay: 15 + until: jversion is success + # until: (jversion is success) or (jversion.msg.find("ConnectAuthError") >= 0) + + - name: display Junos version + debug: + var: jversion diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vars.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vars.yaml index ee1a532..2e6b9da 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vars.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vars.yaml @@ -1,5 +1,5 @@ --- ansible_python_interpreter: /usr/local/bin/python -user_data_path: /Users/sean/ansible +user_data_path: "{{ '~/ansible' | expanduser }}" root_hash: "{{ vault_root_hash }}" monitor_hash: "{{ vault_monitor_hash }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vault.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vault.yaml index 8e00962..6ccdd54 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vault.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/all/vault.yaml @@ -1,3 +1,3 @@ --- -vault_root_hash: "$5$XbH2.66u$oYt2w3qsLqbxMYI.5.DUQFd88MYdamGG1VaKanPd6YB" -vault_monitor_hash: "$5$KgfRZFNQ$UrQvpUdXFJVwDrOzojJtIfNtJC1b.6g4jkMuVoFptQ4" +vault_root_hash: "$1$JG/DQ4TP$/SqMDBsjmLO2IXvawjjGQ." +vault_monitor_hash: "$1$ZAduRAJ9$42vsgW1i0kuZcPYww46Xq1" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/bilbo.yaml index c726a35..9e8500b 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/bilbo.yaml @@ -1,12 +1,13 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office uplinks: - ge-0/1/0 - ge-0/1/1 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_13/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/test-loop.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/test-loop.yaml new file mode 100644 index 0000000..aeef7ad --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_13/test-loop.yaml @@ -0,0 +1,28 @@ +--- +- name: Get LLDP neighbor information + hosts: localhost + connection: local + gather_facts: no + + vars: + lldp: + results: + - item: 1 + stdout_lines: + - hello world + - goodbye cruel world + - item: 2 + stdout_lines: + - ansible + - galaxy + + tasks: + - name: display lldp neighbor data + debug: + var: lldp + # var: item + # var: item.stdout_lines + # msg: "{{ item.stdout_lines }}" + # with_items: "{{ lldp.results }}" + # loop_control: + # label: "{{ item.item }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/test-xml.yaml b/ansible/Automating_Junos_with_Ansible/chapter_13/test-xml.yaml deleted file mode 100644 index fd35635..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/test-xml.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Experiment with Ansible's xml module - hosts: - - localhost - connection: local - gather_facts: no - - tasks: - - name: get neighbor details - xml: - path: bilbo-lldp.xml - # xpath: //lldp-neighbor-information[lldp-local-interface='ge-0/0/9.0'] - # xpath: //lldp-neighbor-information[lldp-local-interface='ge-0/0/9.0']/* - # xpath: //lldp-neighbor-information[lldp-local-interface='ge-0/0/9.0']/lldp-remote-system-name - # xpath: //lldp-neighbor-information[starts-with(lldp-local-interface, 'ge-0/0/9')]/* - xpath: //lldp-neighbor-information[starts-with(lldp-local-interface, 'ge-0/1/')]/lldp-remote-system-name - content: text - register: neighbors - - - debug: var=neighbors diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/bilbo-lldp.xml b/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/bilbo-lldp.xml deleted file mode 100644 index d9661b6..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/bilbo-lldp.xml +++ /dev/null @@ -1,19 +0,0 @@ - - - - ge-0/1/1.0 - - - Mac address - 78:fe:3d:3d:f6:40 - ge-0/1/1.0 - frodo - - - ge-0/1/0.0 - - - Mac address - f4:cc:55:24:84:00 - ge-0/0/5 - strider - - diff --git a/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/vsrx1-lldp.xml b/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/vsrx1-lldp.xml deleted file mode 100644 index 689fd9c..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_13/tmp/vsrx1-lldp.xml +++ /dev/null @@ -1,3 +0,0 @@ - - - diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_14/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/base-settings-5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/base-settings-5.yaml new file mode 100644 index 0000000..b359eec --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/base-settings-5.yaml @@ -0,0 +1,67 @@ +--- +- name: Generate and Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + tmp_dir: "tmp" + conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 + + tasks: + - name: confirm or create configs directory + file: + path: "{{ tmp_dir }}" + state: directory + run_once: yes + + - name: get max ssh values + max_ssh_connections: + host: "{{ ansible_host }}" + rate_limit: 8 + register: jmax + + - name: display max ssh values + debug: + var: jmax + + - name: save device configuration using template + template: + src: template/base-settings-5.j2 + dest: "{{ conf_file }}" + + - name: install generated configuration file onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + # - name: delete generated configuration file + # file: + # path: "{{ conf_file }}" + # state: absent + + handlers: + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/classes/junos_commits.py b/ansible/Automating_Junos_with_Ansible/chapter_14/classes/junos_commits.py deleted file mode 100644 index 6ddd7e3..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/classes/junos_commits.py +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/bin/env python - -"""Class to gather commit history from a Junos device.""" - -import tempfile -from jnpr.junos import Device - - -###################################################################### - -class JunosCommits(object): - """Get commit history from a Junos device.""" - - def __init__(self, host, gen_file, username, password, max_commits): - """Initialize object variables.""" - self.host = host - self.generate_file = gen_file - self.username = username - self.password = password - self.max_commits = max_commits - - # instantiate a PyEZ Device to communicate with the Junos device - self.dev = Device(host=self.host, - user=self.username, - passwd=self.password, - normalize=True) - - # list to store commit history - self.commits = [] - - # number of commits returned by device - self.num_commits = 0 - - # path+filename and file descriptor for output tempfile - self.filespec = '' - self.file_descriptor = None - - # ------------------------- # - - def get_commit_history_from_device(self): - """Get commit history from Junos device and store in list of dicts.""" - try: - self.dev.open() - except Exception as err: - msg = 'Error opening connection to Junos device: %s' % str(err) - raise Exception(msg) - - # get from device the equivalent of "show sytem commit" - try: - commit_info = self.dev.rpc.get_commit_information() - except Exception as err: - msg = 'Error getting commit history from device: %s' % str(err) - raise Exception(msg) - - # extract all 'commit-history' elements from XML - # put data in a list of dictionaries - try: - commits_xml = commit_info.findall('commit-history') - self.num_commits = len(commits_xml) - for commit in commits_xml: - commit_dict = { - 'num': commit.findtext('sequence-number'), - 'user': commit.findtext('user'), - 'client': commit.findtext('client'), - 'date_time': commit.findtext('date-time'), - 'comment': commit.findtext('log') - } - self.commits.append(commit_dict) - - # truncate list if a max_commits value was specified - if (self.max_commits is not None) and \ - (self.max_commits < self.num_commits): - del self.commits[self.max_commits:] - - except Exception as err: - msg = 'Error processing commit history: %s' % str(err) - raise Exception(msg) - - # ------------------------- # - - def temp_commit_history_file(self): - """Save commit history to temporary file.""" - try: - self.file_descriptor, self.filespec = tempfile.mkstemp() - outfile = open(self.filespec, 'w') - - outfile.write('Device returned %s commits.\n' % self.num_commits) - if self.max_commits is not None: - outfile.write('Saving latest %s commits.\n' - % self.max_commits) - outfile.write('\n- - - Commit History - - -\n') - - for c in self.commits: - line = '%2s: %s by %s via %s\n (%s)\n' % \ - (c['num'], c['date_time'], c['user'], - c['client'], c['comment']) - outfile.write(line) - - outfile.close() - - except Exception as err: - msg = 'Error writing to file %s: %s' % (self.filespec, str(err)) - raise Exception(msg) - - # ------------------------- # - - def run(self): - """Process Junos device.""" - self.get_commit_history_from_device() - if self.generate_file: - self.temp_commit_history_file() - - -###################################################################### - -if __name__ == '__main__': - print 'This module file is meant to be imported into another program.' - print 'It is not meant to be run as a stand-alone program.' diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/classes/max_ssh_connections_2.py b/ansible/Automating_Junos_with_Ansible/chapter_14/classes/max_ssh_connections_2.py new file mode 100644 index 0000000..44125b0 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/classes/max_ssh_connections_2.py @@ -0,0 +1,161 @@ +#!/usr/bin/env python +"""Class to query devices for maximum SSH connection-limit and rate-limit.""" + +import re +from jnpr.junos import Device +from jnpr.junos.exception import ConfigLoadError +from jnpr.junos.utils.config import Config +from jnpr.junos.utils.start_shell import StartShell + + +###################################################################### + +class MaxSSHConnections(object): + """Class to query devices for maximum connection-limit setting.""" + + def __init__(self, device, **kwargs): + """Initialize instance variables.""" + self.dev = Device(host=device, normalize=True) + + self.desired_connection_limit = kwargs.get('connection_limit', 15) + self.desired_rate_limit = kwargs.get('rate_limit', 10) + self.test_value = kwargs.get('test_value', 0) + + self.results = {'host': device, + 'connection_max': 0, + 'rate_max': 0, + 'connection_limit': 0, + 'rate_limit': 0, + 'exception_message': '', + 'shell_results': [], + 'warnings': [] + } + + # ------------------------- # + + def get_max_connections(self): + """Use shell commands to find maximum allowed connection-limit.""" + # the list of commands that will: + # - exit from the command shell to the Junos CLI + # - enter configuration mode + # - issue the command "set system services ssh connection-limit ?", + # which will return help information we want to process + # - exit configuration mode + shell_commands = [ + {'command': 'exit', 'prompt': '> ', 'max': False}, + {'command': 'configure', 'prompt': '# ', 'max': False}, + {'command': 'set system services ssh connection-limit ?', + 'prompt': '# ', 'max': True}, + {'command': 'exit', 'prompt': '> ', 'max': False} + ] + + # open a command shell on the device + shell = StartShell(self.dev) + shell.open() + + # iterate over the list of commands, capturing the output from + # the command in whose results we are interested ('max' = True) + max_msg = None + for shellcmd in shell_commands: + shellout = shell.run(shellcmd['command'], shellcmd['prompt']) + self.results['shell_results'].append(shellout) + + if shellout[0] is False: + msg = 'Shell command "%s" did not complete as expected: %s' \ + % (shellcmd['command'], shellout[1]) + raise RuntimeError(msg) + + if shellcmd['max']: + max_msg = shellout[1] + + shell.close() + + # process the command output to find the max allowed value + if max_msg is not None: + max_arr = max_msg.splitlines() + regex = r'connection-limit[^\(\[]*[\(\[]\d+\.\.(\d+)' + max_str = None + for line in max_arr: + m = re.search(regex, line, flags=re.IGNORECASE) + if m is not None: + max_str = m.group(1) + break + + if max_str is not None: + reported_max = int(max_str) + self.results['connection_max'] = reported_max + if reported_max < self.desired_connection_limit: + self.results['connection_limit'] = reported_max + else: + self.results['connection_limit'] = \ + self.desired_connection_limit + else: + msg = 'Regex match expected but not found in command results' + raise ValueError(msg) + else: + msg = 'Missing expected results from shell commands.' + raise ValueError(msg) + + # ------------------------- # + + def get_max_rate(self): + """Set an invalid value for rate-limit and process the exception.""" + # configuration object for Junos device + cfg = Config(self.dev) + + # make sure no config change is pending before our set command + diff = cfg.diff() + if diff is not None: + msg = 'Uncommitted change found: %s' % str(diff) + raise RuntimeError(msg) + + # try to set a invalid (too large) value for rate-limit + set_cmd = 'set system services ssh rate-limit ' + str(self.test_value) + try: + cfg.load(set_cmd, format='set') + # Config load should raise exception if the test value is invalid. + # If we got here, it means the device accepted the (apparently + # valid) rate-limit, so roll back the change and assume the + # test value is the maximum allowed rate limit + cfg.rollback() + msg = 'Test configuration loaded without error, actual max ' + msg += 'rate limit may be higher than the test value ' + msg += '%s.' % str(self.test_value) + self.results['warnings'].append(msg) + self.results['rate_max'] = self.test_value + if self.test_value < self.desired_rate_limit: + self.results['rate_limit'] = self.test_value + else: + self.results['rate_limit'] = self.desired_rate_limit + except ConfigLoadError as err: + self.results['exception_message'] = err.message + # catch the expected ConfigLoadError from the invalid rate-limit + match = re.search(r'\(\d+\.\.(\d+)\)', err.message) + if match is not None: + max_str = int(match.group(1)) + reported_max = int(max_str) + self.results['rate_max'] = reported_max + if reported_max < self.desired_rate_limit: + self.results['rate_limit'] = reported_max + else: + self.results['rate_limit'] = self.desired_rate_limit + else: + msg = 'Regex match expected but not found in caught ' + msg += 'exception: %s' % str(err) + raise ValueError(msg) + + # ------------------------- # + + def run(self): + """Run the device test and return result.""" + # open a PyEZ connection to the device + self.dev.open() + + # get max connection limit (first approach) + self.get_max_connections() + + # get max rate limit (second approach) + self.get_max_rate() + + # close device connection + self.dev.close() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history-2.yaml deleted file mode 100644 index 821bc0f..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history-2.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Get configuration history - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get commit history - commit_history_2: - host: "{{ ansible_host }}" - max_commits: 3 - filename: "{{ inventory_hostname}}-commit-history.txt" - register: history - - - debug: var=history.commits diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history.yaml deleted file mode 100644 index 542f403..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/get-commit-history.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Get configuration history - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get commit history - commit_history: - host: "{{ ansible_host }}" - max_commits: 3 - filename: "{{ inventory_hostname}}-commit-history.txt" - register: history - - - debug: var=history.commits diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commit-alternate.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commit-alternate.yaml deleted file mode 100644 index f006a4a..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commit-alternate.yaml +++ /dev/null @@ -1,65 +0,0 @@ ---- -- name: Prepare timestamp - hosts: - - localhost - connection: local - gather_facts: yes - - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - - tasks: - - debug: var=ansible_date_time.time - - debug: var=systime - - - name: get system date and time - set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - -- name: Backup Device Configuration - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" - commit_file: "{{ backup_dir }}/{{ inventory_hostname }}_{{ hostvars.localhost.timestamp }}.commit" - - tasks: - - name: create backup directory if needed - file: - path: "{{ backup_dir }}" - state: directory - - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" - format: text - register: config_results - - - debug: var=config_results - - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - when: config_results.changed - - - name: save commit history - commit_history: - host: "{{ ansible_host }}" - filename: "{{ commit_file }}" - max_commits: 2 - when: config_results.changed - register: commit_history - - - name: print author of last commit - debug: - var: commit_history.commits[0]['user'] - when: commit_history is defined diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commits.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commits.yaml deleted file mode 100644 index ba261d0..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/get-config-with-commits.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- name: Prepare timestamp - hosts: - - localhost - connection: local - gather_facts: yes - - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - - tasks: - - debug: var=ansible_date_time.time - - debug: var=systime - - - name: get system date and time - set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - -- name: Backup Device Configuration - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" - commit_file: "{{ backup_dir }}/{{ inventory_hostname }}_{{ hostvars.localhost.timestamp }}.commit" - - tasks: - - name: create backup directory if needed - file: - path: "{{ backup_dir }}" - state: directory - - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" - format: text - notify: - - copy temporary file to timestamped config file if different - - get commit history - - handlers: - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - - - name: get commit history - commit_history: - host: "{{ ansible_host }}" - filename: "{{ commit_file }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh-2.yaml new file mode 100644 index 0000000..a29cbf6 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh-2.yaml @@ -0,0 +1,18 @@ +--- +- name: Get maximum ssh rate-limit and connection-limit + hosts: + - all + connection: local + gather_facts: no + + tasks: + - name: get max ssh + max_ssh_2: + host: "{{ ansible_host }}" + # test_value: 50 + rate_limit: 15 + connection_limit: 25 + register: max_ssh + + - debug: + var: max_ssh diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh.yaml new file mode 100644 index 0000000..18aac21 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/get-max-ssh.yaml @@ -0,0 +1,18 @@ +--- +- name: Get maximum ssh rate-limit and connection-limit + hosts: + - all + connection: local + gather_facts: no + + tasks: + - name: get max ssh + max_ssh_connections: + host: "{{ ansible_host }}" + # test_value: 50 + rate_limit: 15 + # connection_limit: 25 + register: max_ssh + + - debug: + var: max_ssh diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vars.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vars.yaml index ee1a532..2e6b9da 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vars.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vars.yaml @@ -1,5 +1,5 @@ --- ansible_python_interpreter: /usr/local/bin/python -user_data_path: /Users/sean/ansible +user_data_path: "{{ '~/ansible' | expanduser }}" root_hash: "{{ vault_root_hash }}" monitor_hash: "{{ vault_monitor_hash }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vault.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vault.yaml index 8e00962..6ccdd54 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vault.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/all/vault.yaml @@ -1,3 +1,3 @@ --- -vault_root_hash: "$5$XbH2.66u$oYt2w3qsLqbxMYI.5.DUQFd88MYdamGG1VaKanPd6YB" -vault_monitor_hash: "$5$KgfRZFNQ$UrQvpUdXFJVwDrOzojJtIfNtJC1b.6g4jkMuVoFptQ4" +vault_root_hash: "$1$JG/DQ4TP$/SqMDBsjmLO2IXvawjjGQ." +vault_monitor_hash: "$1$ZAduRAJ9$42vsgW1i0kuZcPYww46Xq1" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/history-core.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/history-core.yaml deleted file mode 100644 index 778036e..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/history-core.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Get device commit history - hosts: - - all - connection: local - gather_facts: no - - tasks: - - name: get commit history using ansible core module - junos_rpc: - rpc: get-commit-information - output: xml - provider: - host: "{{ ansible_host }}" - register: history - - - name: display history - debug: var=history diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/history-jnpr.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/history-jnpr.yaml deleted file mode 100644 index a64a4c8..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/history-jnpr.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Get device commit history - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get commit history using Juniper module - junos_rpc: - rpc: get-commit-information - format: xml - dest: "{{ inventory_hostname }}-history.txt" - host: "{{ ansible_host }}" - # user: deviceuser diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_14/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history.py b/ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history.py deleted file mode 100644 index d02f626..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history.py +++ /dev/null @@ -1,153 +0,0 @@ -#!/usr/bin/env python - -import os -import tempfile -from ansible.module_utils.basic import AnsibleModule -from jnpr.junos import Device - - -###################################################################### - -class JunosCommits(object): - """Get commit history from a Junos device.""" - - def __init__(self, host, gen_file, username, password, max_commits): - self.host = host - self.generate_file = gen_file - self.username = username - self.password = password - self.max_commits = max_commits - - # instantiate a PyEZ Device to communicate with the Junos device - self.dev = Device(host=self.host, - user=self.username, - passwd=self.password, - normalize=True) - - # list to store commit history - self.commits = [] - - # number of commits returned by device - self.num_commits = 0 - - # path+filename and file descriptor for output tempfile - self.filespec = '' - self.file_descriptor = None - - # ------------------------- # - - def get_commit_history_from_device(self): - """Get commit history from Junos device and store in list of dicts.""" - try: - self.dev.open() - except Exception as err: - msg = 'Error opening connection to Junos device: %s' % str(err) - raise Exception(msg) - - # get from device the equivalent of "show sytem commit" - try: - commit_info = self.dev.rpc.get_commit_information() - except Exception as err: - msg = 'Error getting commit history from device: %s' % str(err) - raise Exception(msg) - - # extract all 'commit-history' elements from XML - # put data in a list of dictionaries - try: - commits_xml = commit_info.findall('commit-history') - self.num_commits = len(commits_xml) - for commit in commits_xml: - commit_dict = { - 'num': commit.findtext('sequence-number'), - 'user': commit.findtext('user'), - 'client': commit.findtext('client'), - 'date_time': commit.findtext('date-time'), - 'comment': commit.findtext('log') - } - self.commits.append(commit_dict) - - # truncate list if a max_commits value was specified - if (self.max_commits is not None) and \ - (self.max_commits < self.num_commits): - del self.commits[self.max_commits:] - - except Exception as err: - msg = 'Error processing commit history: %s' % str(err) - raise Exception(msg) - - # ------------------------- # - - def temp_commit_history_file(self): - """Save commit history to temporary file.""" - try: - self.file_descriptor, self.filespec = tempfile.mkstemp() - outfile = open(self.filespec, 'w') - - outfile.write('Device returned %s commits.\n' % self.num_commits) - if self.max_commits is not None: - outfile.write('Saving latest %s commits.\n' - % self.max_commits) - outfile.write('\n- - - Commit History - - -\n') - - for c in self.commits: - line = '%2s: %s by %s via %s (%s)\n' % \ - (c['num'], c['date_time'], c['user'], - c['client'], c['comment']) - outfile.write(line) - - outfile.close() - - except Exception as err: - msg = 'Error writing to file %s: %s' % (self.filespec, str(err)) - raise Exception(msg) - - # ------------------------- # - - def run(self): - """Process Junos device.""" - self.get_commit_history_from_device() - if self.generate_file: - self.temp_commit_history_file() - - -###################################################################### - -def main(): - """Query Junos device and interface with Ansible playbook.""" - # define arguments from Ansible - module = AnsibleModule( - argument_spec=dict( - host=dict(required=True), - filename=dict(required=False, default=None), - user=dict(required=False, default=os.getenv('USER')), - passwd=dict(required=False, default=None, no_log=True), - max_commits=dict(required=False, type='int', default=None) - ) - ) - - # copy playbook arguments into local variables - host = module.params['host'] - filename = module.params['filename'] - username = module.params['user'] - password = module.params['passwd'] - max_commits = module.params['max_commits'] - - # determine if module should generate output file - gen_file = False if filename is None else True - - # instantiate JunosCommits and run - jc = JunosCommits(host, gen_file, username, password, max_commits) - try: - jc.run() - if gen_file: - module.atomic_move(jc.filespec, filename) - except Exception as err: - module.fail_json(msg=str(err)) - - module.exit_json(changed=False, commits=jc.commits) - - -###################################################################### - -if __name__ == '__main__': - main() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history_2.py b/ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_2.py similarity index 51% rename from ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history_2.py rename to ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_2.py index 0331380..be9509b 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/library/commit_history_2.py +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_2.py @@ -1,7 +1,5 @@ #!/usr/bin/env python - -"""Ansible module to gather commit history from a Junos device.""" - +"""Query devices for maximum allowed SSH connection-limit and rate-limit.""" from ansible.module_utils.basic import AnsibleModule module_import_error = False try: @@ -15,9 +13,9 @@ # add our class path to the Python system path if class_path not in sys.path: sys.path.insert(0, class_path) - # import the JunosCommits class from /junos_commits.py - from junos_commits import JunosCommits - + # import the MaxSSHConnections class from + # /max_ssh_connections_2.py + from max_ssh_connections_2 import MaxSSHConnections except ImportError as err: module_import_error = True module_msg = 'Error importing required modules: %s' % str(err) @@ -26,15 +24,14 @@ ###################################################################### def main(): - """Query Junos device and interface with Ansible playbook.""" + """Query devices for maximum SSH connection-limit and rate-limit.""" # define arguments from Ansible module = AnsibleModule( argument_spec=dict( host=dict(required=True), - filename=dict(required=False, default=None), - user=dict(required=False, default=os.getenv('USER')), - passwd=dict(required=False, default=None, no_log=True), - max_commits=dict(required=False, type='int', default=None) + test_value=dict(required=False, type='int', default=0), + rate_limit=dict(required=False, type='int', default=10), + connection_limit=dict(required=False, type='int', default=15) ) ) @@ -44,24 +41,22 @@ def main(): # copy playbook arguments into local variables host = module.params['host'] - filename = module.params['filename'] - username = module.params['user'] - password = module.params['passwd'] - max_commits = module.params['max_commits'] - - # determine if module should generate output file - gen_file = False if filename is None else True + test_value = module.params['test_value'] + rate_limit = module.params['rate_limit'] + connection_limit = module.params['connection_limit'] - # instantiate JunosCommits and run - jc = JunosCommits(host, gen_file, username, password, max_commits) + # instantiate MaxSSHConnections and run + find_max = MaxSSHConnections(host, test_value=test_value, + rate_limit=rate_limit, + connection_limit=connection_limit) try: - jc.run() - if gen_file: - module.atomic_move(jc.filespec, filename) + find_max.run() except Exception as err: - module.fail_json(msg=str(err)) + module.fail_json(msg=str(err), results=find_max.results) - module.exit_json(changed=False, commits=jc.commits) + module.exit_json(changed=False, results=find_max.results, + rate_limit=find_max.results['rate_limit'], + connection_limit=find_max.results['connection_limit']) ###################################################################### diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_connections.py b/ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_connections.py new file mode 100644 index 0000000..a22bbe4 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/library/max_ssh_connections.py @@ -0,0 +1,202 @@ +#!/usr/bin/env python +"""Query devices for maximum allowed SSH connection-limit and rate-limit.""" + +import re +from ansible.module_utils.basic import AnsibleModule +from jnpr.junos import Device +from jnpr.junos.exception import ConfigLoadError +from jnpr.junos.utils.config import Config +from jnpr.junos.utils.start_shell import StartShell + + +###################################################################### + +class MaxSSHConnections(object): + """Class to query devices or maximum connection-limit setting.""" + + def __init__(self, device, **kwargs): + """Initialize instance variables.""" + self.dev = Device(host=device, normalize=True) + + self.desired_connection_limit = kwargs.get('connection_limit', 15) + self.desired_rate_limit = kwargs.get('rate_limit', 10) + self.test_value = kwargs.get('test_value', 0) + + self.results = {'host': device, + 'connection_max': 0, + 'rate_max': 0, + 'connection_limit': 0, + 'rate_limit': 0, + 'exception_message': '', + 'shell_results': [], + 'warnings': [] + } + + # ------------------------- # + + def get_max_connections(self): + """Use shell commands to find maximum allowed connection-limit.""" + # the list of commands that will: + # - exit from the command shell to the Junos CLI + # - enter configuration mode + # - issue the command "set system services ssh connection-limit ?", + # which will return help information we want to process + # - exit configuration mode + shell_commands = [ + {'command': 'exit', 'prompt': '> ', 'max': False}, + {'command': 'configure', 'prompt': '# ', 'max': False}, + {'command': 'set system services ssh connection-limit ?', + 'prompt': '# ', 'max': True}, + {'command': 'exit', 'prompt': '> ', 'max': False} + ] + + # open a command shell on the device + shell = StartShell(self.dev) + shell.open() + + # iterate over the list of commands, capturing the output from + # the command in whose results we are interested ('max' = True) + max_msg = None + for shellcmd in shell_commands: + shellout = shell.run(shellcmd['command'], shellcmd['prompt']) + self.results['shell_results'].append(shellout) + + if shellout[0] is False: + msg = 'Shell command "%s" did not complete as expected: %s' \ + % (shellcmd['command'], shellout[1]) + raise RuntimeError(msg) + + if shellcmd['max']: + max_msg = shellout[1] + + shell.close() + + # process the command output to find the max allowed value + if max_msg is not None: + max_arr = max_msg.splitlines() + regex = r'connection-limit[^\(\[]*[\(\[]\d+\.\.(\d+)' + max_str = None + for line in max_arr: + m = re.search(regex, line, flags=re.IGNORECASE) + if m is not None: + max_str = m.group(1) + break + + if max_str is not None: + reported_max = int(max_str) + self.results['connection_max'] = reported_max + if reported_max < self.desired_connection_limit: + self.results['connection_limit'] = reported_max + else: + self.results['connection_limit'] = \ + self.desired_connection_limit + else: + msg = 'Regex match expected but not found in command results' + raise ValueError(msg) + else: + msg = 'Missing expected results from shell commands.' + raise ValueError(msg) + + # ------------------------- # + + def get_max_rate(self): + """Set an invalid value for rate-limit and process the exception.""" + # configuration object for Junos device + cfg = Config(self.dev) + + # make sure no config change is pending before our set command + diff = cfg.diff() + if diff is not None: + msg = 'Uncommitted change found: %s' % str(diff) + raise RuntimeError(msg) + + # try to set a invalid (too large) value for rate-limit + set_cmd = 'set system services ssh rate-limit ' + str(self.test_value) + try: + cfg.load(set_cmd, format='set') + # Config load should raise exception if the test value is invalid. + # If we got here, it means the device accepted the (apparently + # valid) rate-limit, so roll back the change and assume the + # test value is the maximum allowed rate limit + cfg.rollback() + msg = 'Test configuration loaded without error, actual max ' + msg += 'rate limit may be higher than the test value ' + msg += '%s.' % str(self.test_value) + self.results['warnings'].append(msg) + self.results['rate_max'] = self.test_value + if self.test_value < self.desired_rate_limit: + self.results['rate_limit'] = self.test_value + else: + self.results['rate_limit'] = self.desired_rate_limit + except ConfigLoadError as err: + self.results['exception_message'] = err.message + # catch the expected ConfigLoadError from the invalid rate-limit + match = re.search(r'\(\d+\.\.(\d+)\)', err.message) + if match is not None: + max_str = int(match.group(1)) + reported_max = int(max_str) + self.results['rate_max'] = reported_max + if reported_max < self.desired_rate_limit: + self.results['rate_limit'] = reported_max + else: + self.results['rate_limit'] = self.desired_rate_limit + else: + msg = 'Regex match expected but not found in caught ' + msg += 'exception: %s' % str(err) + raise ValueError(msg) + + # ------------------------- # + + def run(self): + """Run the device test and return result.""" + # open a PyEZ connection to the device + self.dev.open() + + # get max connection limit (first approach) + self.get_max_connections() + + # get max rate limit (second approach) + self.get_max_rate() + + # close device connection + self.dev.close() + + +###################################################################### + +def main(): + """Test the MaxSSHConnections class.""" + # define arguments from Ansible + module = AnsibleModule( + argument_spec=dict( + host=dict(required=True), + test_value=dict(required=False, type='int', default=0), + rate_limit=dict(required=False, type='int', default=10), + connection_limit=dict(required=False, type='int', default=15) + ) + ) + + # copy playbook arguments into local variables + host = module.params['host'] + test_value = module.params['test_value'] + rate_limit = module.params['rate_limit'] + connection_limit = module.params['connection_limit'] + + # instantiate MaxSSHConnections and run + find_max = MaxSSHConnections(host, test_value=test_value, + rate_limit=rate_limit, + connection_limit=connection_limit) + try: + find_max.run() + except Exception as err: + module.fail_json(msg=str(err), results=find_max.results) + + module.exit_json(changed=False, results=find_max.results, + rate_limit=find_max.results['rate_limit'], + connection_limit=find_max.results['connection_limit']) + + +###################################################################### + +if __name__ == '__main__': + main() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/template/base-settings-5.j2 b/ansible/Automating_Junos_with_Ansible/chapter_14/template/base-settings-5.j2 new file mode 100644 index 0000000..d3084d3 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/template/base-settings-5.j2 @@ -0,0 +1,56 @@ +#jinja2: lstrip_blocks: True + +{#- Generate basic settings for the device #} +system { + host-name {{ inventory_hostname }}; + root-authentication { + encrypted-password "{{ root_hash }}"; + } + login { + user monitor { + uid 2005; + class read-only; + authentication { + encrypted-password "{{ monitor_hash }}"; + } + } + user sean { + uid 2000; + class super-user; + authentication { + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; + } + } + } + replace: + name-server { + {% for server in aja2_host.dns_servers %} + {{ server }}; + {% endfor %} + } + services { + delete: ftp; + netconf { + ssh { + connection-limit {{ jmax.connection_limit }}; + rate-limit {{ jmax.rate_limit }}; + } + } + ssh { + connection-limit {{ jmax.connection_limit }}; + rate-limit {{ jmax.rate_limit }}; + } + delete: telnet; + delete: web-management; + } + replace: + ntp { + {% for ntp in aja2_site.ntp_servers %} + server {{ ntp }}; + {% endfor %} + } +} +snmp { + description "{{ aja2_host.snmp.description}}" + location "{{ aja2_host.snmp.location}}" +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/test-max-ssh-ansible-only.yaml b/ansible/Automating_Junos_with_Ansible/chapter_14/test-max-ssh-ansible-only.yaml new file mode 100644 index 0000000..c4791d8 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/test-max-ssh-ansible-only.yaml @@ -0,0 +1,72 @@ +--- +- name: Find max SSH -- testing Junos CLI approaches + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + out_of_range_value: 50 + desired_value: 15 + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 + + tasks: + - name: check that device is responding to NETCONF + wait_for: + host: "{{ ansible_host }}" + port: 830 + timeout: 5 + + - name: test for max value -- install set commands onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + load: set + lines: + - set system services ssh rate-limit {{ out_of_range_value }} + comment: playbook test-max-ssh-ansible-only.yaml, setting ssh rate-limit + register: jresult + ignore_errors: yes + + - name: display results of test for max value + debug: + var: jresult + + - name: message when setting "out of range" value worked + debug: + msg: > + Configuration with test value {{ out_of_range_value }} loaded without error, + max value is at least the test value. Rolling back change... + when: not jresult.failed + + - name: roll back test value + juniper_junos_config: + provider: "{{ connection_settings }}" + rollback: 1 + comment: playbook test-max-ssh-ansible-only.yaml, rolling back ssh rate-limit + when: not jresult.failed + + - name: set max_allowed_ssh when test failed + set_fact: + max_allowed_ssh: '{{ jresult.msg | regex_search("\d+\.\.(\d+)") | regex_replace("\d+\.\.(\d+)", "\1") }}' + when: jresult.failed + + - name: set max_allowed_ssh when test did not fail (test value is in range) + set_fact: + max_allowed_ssh: "{{ out_of_range_value }}" + when: not jresult.failed + + - name: display max_allowed_ssh when test failed + debug: + var: max_allowed_ssh + + - name: set suggested value for rate-limit and connection-limit + set_fact: + ssh_limit: "{{ (desired_value < (max_allowed_ssh | int)) | ternary(desired_value, max_allowed_ssh) }}" + + - name: display suggested value for rate-limit and connection-limit + debug: + msg: "Suggested value for rate-limit and connection-limit is {{ ssh_limit }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history.py b/ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history.py deleted file mode 100644 index a6ac816..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history.py +++ /dev/null @@ -1,139 +0,0 @@ -#!/usr/bin/env python - -import sys -import tempfile -from jnpr.junos import Device -from pprint import pprint - - -###################################################################### - -class JunosCommits(object): - """Get commit history from a Junos device.""" - - def __init__(self, host, gen_file, username, password, max_commits): - self.host = host - self.generate_file = gen_file - self.username = username - self.password = password - self.max_commits = max_commits - - # instantiate a PyEZ Device to communicate with the Junos device - self.dev = Device(host=self.host, - user=self.username, - passwd=self.password, - normalize=True) - - # list to store commit history - self.commits = [] - - # number of commits returned by device - self.num_commits = 0 - - # path+filename and file descriptor for output tempfile - self.filespec = '' - self.file_descriptor = None - - # ------------------------- # - - def get_commit_history_from_device(self): - """Get commit history from Junos device and store in list of dicts.""" - try: - self.dev.open() - except Exception as err: - msg = 'Error opening connection to Junos device: %s' % str(err) - raise Exception(msg) - - # get from device the equivalent of "show sytem commit" - try: - commit_info = self.dev.rpc.get_commit_information() - except Exception as err: - msg = 'Error getting commit history from device: %s' % str(err) - raise Exception(msg) - - # extract all 'commit-history' elements from XML - # put data in a list of dictionaries - try: - commits_xml = commit_info.findall('commit-history') - self.num_commits = len(commits_xml) - for commit in commits_xml: - commit_dict = { - 'num': commit.findtext('sequence-number'), - 'user': commit.findtext('user'), - 'client': commit.findtext('client'), - 'date_time': commit.findtext('date-time'), - 'comment': commit.findtext('log') - } - self.commits.append(commit_dict) - - # truncate list if a max_commits value was specified - if (self.max_commits is not None) and \ - (self.max_commits < self.num_commits): - del self.commits[self.max_commits:] - - except Exception as err: - msg = 'Error processing commit history: %s' % str(err) - raise Exception(msg) - - # ------------------------- # - - def temp_commit_history_file(self): - """Save commit history to temporary file.""" - try: - self.file_descriptor, self.filespec = tempfile.mkstemp() - outfile = open(self.filespec, 'w') - - outfile.write('Device returned %s commits.\n' % self.num_commits) - if self.max_commits is not None: - outfile.write('Saving latest %s commits.\n' - % self.max_commits) - outfile.write('\n- - - Commit History - - -\n') - - for c in self.commits: - line = '%2s: %s by %s via %s (%s)\n' % \ - (c['num'], c['date_time'], c['user'], - c['client'], c['comment']) - outfile.write(line) - - outfile.close() - - except Exception as err: - msg = 'Error writing to file %s: %s' % (self.filespec, str(err)) - raise Exception(msg) - - # ------------------------- # - - def run(self): - """Process Junos device.""" - self.get_commit_history_from_device() - if self.generate_file: - self.temp_commit_history_file() - - -###################################################################### - -def main(): - """Test class JunosCommits.""" - host = 'vsrx1' - filename = 'vsrx1.commit' - max_commits = 4 - user = None - password = None - - gen_file = False if filename is None else True - - jc = JunosCommits(host, gen_file, user, password, max_commits) - try: - jc.run() - except Exception as err: - print str(err) - sys.exit(1) - - pprint(jc.commits) - print "Temporary file (if created) is %s" % jc.filespec - - -###################################################################### - -if __name__ == '__main__': - main() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections.py b/ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections.py new file mode 100644 index 0000000..fb21192 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections.py @@ -0,0 +1,190 @@ +#!/usr/bin/env python +"""Query devices for maximum allowed SSH connection-limit and rate-limit.""" + +import re +import sys +from jnpr.junos import Device +from jnpr.junos.exception import ConfigLoadError +from jnpr.junos.utils.config import Config +from jnpr.junos.utils.start_shell import StartShell +from pprint import pprint + + +###################################################################### + +class MaxSSHConnections(object): + """Class to query devices or maximum connection-limit setting.""" + + def __init__(self, device, **kwargs): + """Initialize instance variables.""" + self.dev = Device(host=device, normalize=True) + + self.desired_connection_limit = kwargs.get('connection_limit', 15) + self.desired_rate_limit = kwargs.get('rate_limit', 10) + self.test_value = kwargs.get('test_value', 0) + + self.results = {'host': device, + 'connection_max': 0, + 'rate_max': 0, + 'connection_limit': 0, + 'rate_limit': 0, + 'exception_message': '', + 'shell_results': [], + 'warnings': [] + } + + # ------------------------- # + + def get_max_connections(self): + """Use shell commands to find maximum allowed connection-limit.""" + # the list of commands that will: + # - exit from the command shell to the Junos CLI + # - enter configuration mode + # - issue the command "set system services ssh connection-limit ?", + # which will return help information we want to process + # - exit configuration mode + shell_commands = [ + {'command': 'exit', 'prompt': '> ', 'max': False}, + {'command': 'configure', 'prompt': '# ', 'max': False}, + {'command': 'set system services ssh connection-limit ?', + 'prompt': '# ', 'max': True}, + {'command': 'exit', 'prompt': '> ', 'max': False} + ] + + # open a command shell on the device + shell = StartShell(self.dev) + shell.open() + + # iterate over the list of commands, capturing the output from + # the command in whose results we are interested ('max' = True) + max_msg = None + for shellcmd in shell_commands: + shellout = shell.run(shellcmd['command'], shellcmd['prompt']) + self.results['shell_results'].append(shellout) + + if shellout[0] is False: + msg = 'Shell command "%s" did not complete as expected: %s' \ + % (shellcmd['command'], shellout[1]) + raise RuntimeError(msg) + + if shellcmd['max']: + max_msg = shellout[1] + + shell.close() + + # process the command output to find the max allowed value + if max_msg is not None: + max_arr = max_msg.splitlines() + regex = r'connection-limit[^\(\[]*[\(\[]\d+\.\.(\d+)' + max_str = None + for line in max_arr: + m = re.search(regex, line, flags=re.IGNORECASE) + if m is not None: + max_str = m.group(1) + break + + if max_str is not None: + reported_max = int(max_str) + self.results['connection_max'] = reported_max + if reported_max < self.desired_connection_limit: + self.results['connection_limit'] = reported_max + else: + self.results['connection_limit'] = \ + self.desired_connection_limit + else: + msg = 'Regex match expected but not found in command results' + raise ValueError(msg) + else: + msg = 'Missing expected results from shell commands.' + raise ValueError(msg) + + # ------------------------- # + + def get_max_rate(self): + """Set an invalid value for rate-limit and process the exception.""" + # configuration object for Junos device + cfg = Config(self.dev) + + # make sure no config change is pending before our set command + diff = cfg.diff() + if diff is not None: + msg = 'Uncommitted change found: %s' % str(diff) + raise RuntimeError(msg) + + # try to set a invalid (too large) value for rate-limit + set_cmd = 'set system services ssh rate-limit ' + str(self.test_value) + try: + cfg.load(set_cmd, format='set') + # Config load should raise exception if the test value is invalid. + # If we got here, it means the device accepted the (apparently + # valid) rate-limit, so roll back the change and assume the + # test value is the maximum allowed rate limit + cfg.rollback() + msg = 'Test configuration loaded without error, actual max ' + msg += 'rate limit may be higher than the test value ' + msg += '%s.' % str(self.test_value) + self.results['warnings'].append(msg) + self.results['rate_max'] = self.test_value + if self.test_value < self.desired_rate_limit: + self.results['rate_limit'] = self.test_value + else: + self.results['rate_limit'] = self.desired_rate_limit + except ConfigLoadError as err: + self.results['exception_message'] = err.message + # catch the expected ConfigLoadError from the invalid rate-limit + match = re.search(r'\(\d+\.\.(\d+)\)', err.message) + if match is not None: + max_str = int(match.group(1)) + reported_max = int(max_str) + self.results['rate_max'] = reported_max + if reported_max < self.desired_rate_limit: + self.results['rate_limit'] = reported_max + else: + self.results['rate_limit'] = self.desired_rate_limit + else: + msg = 'Regex match expected but not found in caught ' + msg += 'exception: %s' % str(err) + raise ValueError(msg) + + # ------------------------- # + + def run(self): + """Run the device test and return result.""" + # open a PyEZ connection to the device + self.dev.open() + + # get max connection limit (first approach) + self.get_max_connections() + + # get max rate limit (second approach) + self.get_max_rate() + + # close device connection + self.dev.close() + + +###################################################################### + +def main(): + """Test the MaxSSHConnections class.""" + desired_connections = 15 + desired_rate = 10 + test_value = 0 + device = 'aragorn' + + find_max = MaxSSHConnections(device, test_value=test_value, + rate_limit=desired_rate, + connection_limit=desired_connections) + try: + find_max.run() + except Exception as err: + print str(err) + sys.exit(1) + + pprint(find_max.results) + + +###################################################################### + +if __name__ == '__main__': + main() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history_2.py b/ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections_2.py similarity index 58% rename from ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history_2.py rename to ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections_2.py index a4fa41f..f44d89f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_14/test_commit_history_2.py +++ b/ansible/Automating_Junos_with_Ansible/chapter_14/test_max_ssh_connections_2.py @@ -1,6 +1,5 @@ #!/usr/bin/env python - -"""Test script for JunosCommits class.""" +"""Test script for MaxSSHConnections class.""" try: import os @@ -14,35 +13,33 @@ # add our class path to the Python system path if class_path not in sys.path: sys.path.insert(0, class_path) - # import the JunosCommits class from /junos_commits.py - from junos_commits import JunosCommits - + # import the MaxSSHConnections class from + # /max_ssh_connections_2.py + from max_ssh_connections_2 import MaxSSHConnections except ImportError as err: print '* * * Error importing required modules! * * *' - raise err + raise ###################################################################### def main(): - """Test class JunosCommits.""" - host = 'vsrx1' - filename = 'vsrx1.commit' - max_commits = 4 - user = None - password = None - - gen_file = False if filename is None else True - - jc = JunosCommits(host, gen_file, user, password, max_commits) + """Test the MaxSSHConnections class.""" + desired_connections = 15 + desired_rate = 10 + test_value = 0 + device = 'aragorn' + + find_max = MaxSSHConnections(device, test_value=test_value, + rate_limit=desired_rate, + connection_limit=desired_connections) try: - jc.run() + find_max.run() except Exception as err: print str(err) sys.exit(1) - pprint(jc.commits) - print "Temporary file (if created) is %s" % jc.filespec + pprint(find_max.results) ###################################################################### diff --git a/ansible/Automating_Junos_with_Ansible/chapter_3/data.json b/ansible/Automating_Junos_with_Ansible/chapter_3/data.json new file mode 100644 index 0000000..73b1aaf --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_3/data.json @@ -0,0 +1,29 @@ +{ + "test1": { + "sum": 215, + "avg": 71, + "values": [ + 62, + 74, + 79 + ] + }, + "test3": { + "sum": 142, + "avg": 47, + "values": [ + 2, + 46, + 94 + ] + }, + "test2": { + "sum": 259, + "avg": 86, + "values": [ + 94, + 73, + 92 + ] + } +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_3/data.yaml b/ansible/Automating_Junos_with_Ansible/chapter_3/data.yaml new file mode 100644 index 0000000..f85ec45 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_3/data.yaml @@ -0,0 +1,22 @@ +--- +test1: + avg: 71 + sum: 215 + values: + - 62 + - 74 + - 79 +test2: + avg: 86 + sum: 259 + values: + - 94 + - 73 + - 92 +test3: + avg: 47 + sum: 142 + values: + - 2 + - 46 + - 94 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_3/gen_data.py b/ansible/Automating_Junos_with_Ansible/chapter_3/gen_data.py new file mode 100644 index 0000000..eb0984b --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_3/gen_data.py @@ -0,0 +1,42 @@ +#!/usr/bin/env python + +import json +import yaml +from random import randint + + +###################################################################### + +def generate(): + sets = 3 + set_size = 3 + data = {} + + for set in range(sets): + set_name = 'test' + str(set+1) + values = [] + for n in range(set_size): + values.append(randint(1, 100)) + total = sum(values) + avg = total / len(values) + data[set_name] = {'values': values, + 'sum': total, + 'avg': avg} + return data + + +###################################################################### + +def main(): + data = generate() + print 'Generated data as JSON:' + print json.dumps(data, sort_keys=True, indent=4) + print '=========================' + print 'Generated data as YAML:' + print yaml.safe_dump(data, default_flow_style=False) + + +###################################################################### + +if __name__ == '__main__': + main() diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_4/ansible.cfg index 0730340..4a951b6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/ansible.cfg @@ -1,4 +1,4 @@ [defaults] inventory = inventory host_key_checking = False -log_path = ~/aja/ansible.log +log_path = ~/aja2/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/inventory b/ansible/Automating_Junos_with_Ansible/chapter_4/inventory index f0c105f..28cd3b6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/inventory @@ -1,4 +1,4 @@ -vsrx1 ansible_host=192.0.2.10 +aragorn ansible_host=192.0.2.10 bilbo [all:vars] diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.1.yaml index 1f01cd3..738ee16 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.1.yaml @@ -2,6 +2,8 @@ - name: Get device uptime hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no @@ -15,12 +17,12 @@ private: yes tasks: - - name: get uptime using ansible core module - junos_command: + - name: get uptime using galaxy module + juniper_junos_command: commands: - show system uptime provider: host: "{{ ansible_host }}" port: 22 - username: "{{ username }}" - password: "{{ password }}" + user: "{{ username }}" + passwd: "{{ password }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.2.yaml index 36c4b1f..32be9e5 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.2.yaml @@ -2,6 +2,8 @@ - name: Get device uptime hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no @@ -15,16 +17,17 @@ private: yes tasks: - - name: get uptime using ansible core module - junos_command: + - name: get uptime using galaxy module + juniper_junos_command: commands: - show system uptime provider: host: "{{ ansible_host }}" port: 22 - username: "{{ username }}" - password: "{{ password }}" + user: "{{ username }}" + passwd: "{{ password }}" register: uptime - name: display uptimes - debug: var=uptime + debug: + var: uptime diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.3.yaml index 28f3fb4..3b9b79f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.3.yaml @@ -2,6 +2,8 @@ - name: Get device uptime hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no @@ -15,19 +17,21 @@ private: yes tasks: - - name: get uptime using ansible core module - junos_command: + - name: get uptime using galaxy module + juniper_junos_command: commands: - show system uptime provider: host: "{{ ansible_host }}" port: 22 - username: "{{ username }}" - password: "{{ password }}" + user: "{{ username }}" + passwd: "{{ password }}" register: uptime - # - name: display uptimes - # debug: var=uptime['stdout_lines'] + # - name: display uptimes (Python style) + # debug: + # var: uptime['stdout_lines'] - - name: display uptimes - debug: var=uptime.stdout_lines + - name: display uptimes (Ansible shortcut) + debug: + var: uptime.stdout_lines diff --git a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.4.yaml index 6c3113b..9d3e30e 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.4.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_4/uptime-1.4.yaml @@ -2,6 +2,8 @@ - name: Get device uptime hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no @@ -15,23 +17,26 @@ private: yes tasks: - - debug: + - name: show ansible_host in verbose mode + debug: var: ansible_host verbosity: 1 - - name: get uptime using ansible core module - junos_command: + - name: get uptime using galaxy module + juniper_junos_command: commands: - show system uptime provider: host: "{{ ansible_host }}" port: 22 - username: "{{ username }}" - password: "{{ password }}" + user: "{{ username }}" + passwd: "{{ password }}" register: uptime - # - name: display uptimes - # debug: var=uptime['stdout_lines'] + # - name: display uptimes (Python style) + # debug: + # var: uptime['stdout_lines'] - - name: display uptimes - debug: var=uptime.stdout_lines + - name: display uptimes (Ansible shortcut) + debug: + var: uptime.stdout_lines diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_5/ansible.cfg index 0730340..dcb0621 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_5/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.0.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.0.yaml new file mode 100644 index 0000000..beb0997 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.0.yaml @@ -0,0 +1,32 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get interface information + juniper_junos_rpc: + rpcs: + - get-interface-information + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + register: interfaces + + - name: display interfaces + debug: + var: interfaces diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.1.yaml new file mode 100644 index 0000000..62a5976 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.1.yaml @@ -0,0 +1,35 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get interface information + juniper_junos_rpc: + rpcs: + - get-interface-information + kwargs: + detail: True + interface_name: ge-0/0/0 + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + register: interfaces + + - name: display interfaces + debug: + var: interfaces diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.2.yaml new file mode 100644 index 0000000..48d639b --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.2.yaml @@ -0,0 +1,36 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get interface information + juniper_junos_rpc: + rpcs: + - get-interface-information + formats: text + kwargs: + terse: True + interface_name: ge-0/0/0 + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + register: interfaces + + - name: display interfaces + debug: + var: interfaces diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.3.yaml new file mode 100644 index 0000000..1017a87 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.3.yaml @@ -0,0 +1,35 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get interface information + juniper_junos_rpc: + rpcs: + - get-interface-information + dest_dir: '.' + return_output: no + formats: xml + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + register: interfaces + + - name: display interfaces + debug: + var: interfaces diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.4.yaml new file mode 100644 index 0000000..5b96267 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/interfaces-1.4.yaml @@ -0,0 +1,40 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get interface information + juniper_junos_rpc: + rpcs: + - get-interface-information + formats: xml + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + register: interfaces + + - name: query interface information + xml: + xmlstring: "{{ interfaces.stdout }}" + xpath: //logical-interface/address-family[address-family-name='inet']/interface-address/ifa-local + content: text + register: ip_addr + + - name: show query results + debug: + var: ip_addr.matches diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/inventory b/ansible/Automating_Junos_with_Ansible/chapter_5/inventory index f0c105f..28cd3b6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_5/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/inventory @@ -1,4 +1,4 @@ -vsrx1 ansible_host=192.0.2.10 +aragorn ansible_host=192.0.2.10 bilbo [all:vars] diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/test-xml.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/test-xml.yaml new file mode 100644 index 0000000..80386ff --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/test-xml.yaml @@ -0,0 +1,21 @@ +--- +- name: Experiment with Ansible's xml module + hosts: + - localhost + connection: local + gather_facts: no + + tasks: + - name: xpath + xml: + path: bilbo_get-interface-information.xml + xpath: //logical-interface[starts-with(name, 'ge-') or starts-with(name, 'vlan') or starts-with(name, 'irb')]/address-family[address-family-name='inet']/interface-address/ifa-local + content: text + register: interface_info + + - name: show xpath results + debug: + var: interface_info + + + # //logical-interface/address-family[address-family-name='inet']/../name diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.0.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.0.yaml index e9fe10d..d15d709 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.0.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.0.yaml @@ -2,6 +2,8 @@ - name: Get device uptime hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no @@ -15,16 +17,17 @@ private: yes tasks: - - name: get uptime using ansible core module - junos_rpc: - rpc: get-system-uptime-information - output: text + - name: get uptime using galaxy module + juniper_junos_rpc: + rpcs: + - get-system-uptime-information provider: host: "{{ ansible_host }}" port: 22 - username: "{{ username }}" - password: "{{ password }}" + user: "{{ username }}" + passwd: "{{ password }}" register: uptime - name: display uptimes - debug: var=uptime + debug: + var: uptime diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.1.yaml index 430b563..0830733 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.1.yaml @@ -18,15 +18,20 @@ tasks: - name: get uptime using galaxy module - junos_rpc: - rpc: get-system-uptime-information - format: xml - dest: "{{ inventory_hostname }}-uptime.xml" - host: "{{ ansible_host }}" - port: 830 - user: "{{ username }}" - passwd: "{{ password }}" + juniper_junos_rpc: + rpcs: + - get-system-uptime-information + provider: + host: "{{ ansible_host }}" + port: 22 + user: "{{ username }}" + passwd: "{{ password }}" register: uptime - - name: display uptimes - debug: var=uptime + - name: display uptimes (single-RE) + debug: + var: uptime.parsed_output['system-uptime-information']['system-booted-time'] + + - name: display uptimes (multi-RE) + debug: + var: uptime.parsed_output['multi-routing-engine-results']['multi-routing-engine-item']['system-uptime-information']['system-booted-time'] diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.2.yaml index 77ec4d5..8fdb0ec 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.2.yaml @@ -18,10 +18,22 @@ tasks: - name: get uptime using galaxy module - junos_rpc: - rpc: get-system-uptime-information - format: text - dest: "{{ inventory_hostname }}-uptime.txt" - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" + juniper_junos_rpc: + rpcs: + - get-system-uptime-information + provider: + host: "{{ ansible_host }}" + port: 22 + user: "{{ username }}" + passwd: "{{ password }}" + register: uptime + + - name: display uptimes (single-RE) + debug: + var: uptime.parsed_output['system-uptime-information']['system-booted-time'] + when: uptime.parsed_output['system-uptime-information'] is defined + + - name: display uptimes (multi-RE) + debug: + var: uptime.parsed_output['multi-routing-engine-results']['multi-routing-engine-item']['system-uptime-information']['system-booted-time'] + when: uptime.parsed_output['multi-routing-engine-results'] is defined diff --git a/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.3.yaml new file mode 100644 index 0000000..b880420 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_5/uptime-2.3.yaml @@ -0,0 +1,40 @@ +--- +- name: Get device uptime + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: get uptime using galaxy module + juniper_junos_rpc: + rpcs: + - get-system-uptime-information + provider: + host: "{{ ansible_host }}" + port: 22 + user: "{{ username }}" + passwd: "{{ password }}" + register: uptime + + - name: query uptime information + xml: + xmlstring: "{{ uptime.stdout }}" + xpath: //system-booted-time/date-time | //last-configured-time/date-time + content: text + register: last_boot + + - name: show query results + debug: + msg: "Last booted {{ last_boot.matches[0]['date-time'] }}; last configured {{ last_boot.matches[1]['date-time'] }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_6/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_6/ansible.cfg index 0730340..dcb0621 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_6/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_6/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_6/inventory b/ansible/Automating_Junos_with_Ansible/chapter_6/inventory index f0c105f..28cd3b6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_6/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_6/inventory @@ -1,4 +1,4 @@ -vsrx1 ansible_host=192.0.2.10 +aragorn ansible_host=192.0.2.10 bilbo [all:vars] diff --git a/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3-core.yaml b/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3-core.yaml deleted file mode 100644 index c261740..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3-core.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Get device uptime - hosts: - - all - connection: local - gather_facts: no - - tasks: - - name: get uptime using ansible core module - junos_rpc: - rpc: get-system-uptime-information - output: text - provider: - host: "{{ ansible_host }}" - # username: devicename - register: uptime - - - name: display uptimes - debug: var=uptime.output_lines diff --git a/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3.yaml index f83615e..1a56abe 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_6/uptime-3.yaml @@ -9,9 +9,20 @@ tasks: - name: get uptime using galaxy module - junos_rpc: - rpc: get-system-uptime-information - format: text - dest: "{{ inventory_hostname }}-uptime.txt" - host: "{{ ansible_host }}" - # user: deviceuser + juniper_junos_rpc: + rpcs: + - get-system-uptime-information + provider: + host: "{{ ansible_host }}" + register: uptime + + - name: query uptime information + xml: + xmlstring: "{{ uptime.stdout }}" + xpath: //system-booted-time/date-time | //last-configured-time/date-time + content: text + register: last_boot + + - name: show query results + debug: + msg: "Last booted {{ last_boot.matches[0]['date-time'] }}; last configured {{ last_boot.matches[1]['date-time'] }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_7/ansible.cfg index 0730340..dcb0621 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.0.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.0.yaml index 6406d9f..e623fd4 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.0.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.0.yaml @@ -23,5 +23,5 @@ - name: save device information using template template: - src: template/base-settings-1a.j2 + src: template/base-settings.j2 dest: "{{ conf_file }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.1.yaml index 9e0fff8..edd3532 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.1.yaml @@ -25,19 +25,21 @@ file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: - src: template/base-settings-1.1.j2 + src: template/base-settings.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" - port: 22 - file: "{{ conf_file }}" - timeout: 120 - replace: yes + juniper_junos_config: + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + src: "{{ conf_file }}" + load: replace comment: "playbook base-settings.yaml" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2a.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2.yaml similarity index 62% rename from ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2a.yaml rename to ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2.yaml index 9c3fef7..8b4c444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2a.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2.yaml @@ -25,25 +25,27 @@ file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: - src: template/base-settings-1.2a.j2 + src: template/base-settings.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" - port: 22 - file: "{{ conf_file }}" - ignore_warning: yes - timeout: 120 - replace: yes + juniper_junos_config: + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + src: "{{ conf_file }}" + load: replace comment: "playbook base-settings.yaml" + diff: yes + dest_dir: "{{ tmp_dir }}" + register: config_results - - name: delete generated configuration file - file: - path: "{{ conf_file }}" - state: absent + - debug: + var: config_results diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2b.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2b.yaml deleted file mode 100644 index f305f1c..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.2b.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -- name: Generate and Install Configuration File - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - tmp_dir: "tmp" - conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" - - vars_prompt: - - name: username - prompt: Junos Username - private: no - - - name: password - prompt: Junos Password - private: yes - - tasks: - - name: confirm or create configs directory - file: - path: "{{ tmp_dir }}" - state: directory - - - name: save device information using template - template: - src: template/base-settings-1.2b.j2 - dest: "{{ conf_file }}" - - - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" - port: 22 - file: "{{ conf_file }}" - timeout: 120 - replace: yes - comment: "playbook base-settings.yaml" - - - name: delete generated configuration file - file: - path: "{{ conf_file }}" - state: absent diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.3.yaml index 1b27d12..3a111ca 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.3.yaml @@ -25,36 +25,34 @@ file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: - src: template/base-settings-1.3.j2 + src: template/base-settings.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" - port: 22 - file: "{{ conf_file }}" - timeout: 120 - replace: yes - confirm: 10 - comment: "playbook base-settings.yaml, commit confirmed" - notify: confirm commit + juniper_junos_config: + provider: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml" + diff: yes + ignore_warning: yes + register: config_results + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined - name: delete generated configuration file file: path: "{{ conf_file }}" state: absent - - handlers: - - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - user: "{{ username }}" - passwd: "{{ password }}" - port: 22 - timeout: 120 - comment: "playbook base-settings.yaml, confirming previous commit" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.4.yaml new file mode 100644 index 0000000..d82f149 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.4.yaml @@ -0,0 +1,69 @@ +--- +- name: Generate and Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + tmp_dir: "tmp" + conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + + vars_prompt: + - name: username + prompt: Junos Username + private: no + + - name: password + prompt: Junos Password + private: yes + + tasks: + - name: confirm or create configs directory + file: + path: "{{ tmp_dir }}" + state: directory + run_once: yes + + - name: save device information using template + template: + src: template/base-settings.j2 + dest: "{{ conf_file }}" + + - name: install generated configuration file onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + - name: delete generated configuration file + file: + path: "{{ conf_file }}" + state: absent + + handlers: + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.5.yaml new file mode 100644 index 0000000..24ec75c --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/base-settings-1.5.yaml @@ -0,0 +1,72 @@ +--- +- name: Generate and Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + tmp_dir: "tmp" + conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + + # vars_prompt: + # - name: username + # prompt: Junos Username + # private: no + # + # - name: password + # prompt: Junos Password + # private: yes + + tasks: + - name: confirm or create configs directory + file: + path: "{{ tmp_dir }}" + state: directory + run_once: yes + + - name: save device information using template + template: + src: template/base-settings.j2 + dest: "{{ conf_file }}" + + - fail: + msg: "early exit for template troubleshooting" + + - name: install generated configuration file onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + - name: delete generated configuration file + file: + path: "{{ conf_file }}" + state: absent + + handlers: + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/config/nameserver.conf b/ansible/Automating_Junos_with_Ansible/chapter_7/config/nameserver.conf new file mode 100644 index 0000000..6682a8e --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/config/nameserver.conf @@ -0,0 +1,8 @@ +system { + replace: + name-server { + 8.8.4.4; + 8.8.8.8; + 198.51.100.100; + } +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/config/ntp.set b/ansible/Automating_Junos_with_Ansible/chapter_7/config/ntp.set new file mode 100644 index 0000000..11ddb70 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/config/ntp.set @@ -0,0 +1,3 @@ +set system ntp boot-server 17.253.20.253 +set system ntp server 17.253.20.253 +set system ntp server 129.6.15.30 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/dns1.set b/ansible/Automating_Junos_with_Ansible/chapter_7/dns1.set index 4fdcd22..93e9acd 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/dns1.set +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/dns1.set @@ -1,4 +1,4 @@ -set system name-server 2.3.4.9 -set system name-server 2.3.4.8 -delete system name-server 1.2.3.4 +set system name-server 198.51.100.28 +set system name-server 198.51.100.29 +delete system name-server 198.51.100.10 set system host-name vsrx-dns1 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/dns2.conf b/ansible/Automating_Junos_with_Ansible/chapter_7/dns2.conf index 432bd57..12c104f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/dns2.conf +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/dns2.conf @@ -1,8 +1,8 @@ system { host-name vsrx-dns2; name-server { - delete: 1.2.3.5; - 2.3.4.5; - 2.3.4.6; + delete: 198.51.100.11; + 198.51.100.25; + 198.51.100.26; } } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/dns3.conf b/ansible/Automating_Junos_with_Ansible/chapter_7/dns3.conf index 7d586b3..3ea9639 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/dns3.conf +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/dns3.conf @@ -1,7 +1,7 @@ system { - replace: + host-name vsrx-dns3; name-server { - 3.4.5.6; - 3.4.5.7; + 198.51.100.10; + delete: 198.51.100.11; } } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/dns4.conf b/ansible/Automating_Junos_with_Ansible/chapter_7/dns4.conf new file mode 100644 index 0000000..1930c94 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/dns4.conf @@ -0,0 +1,7 @@ +system { + replace: + name-server { + 198.51.100.30; + 8.8.8.8; + } +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-con.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-serial.yaml similarity index 58% rename from ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-con.yaml rename to ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-serial.yaml index 1b55588..9be97c4 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-con.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-serial.yaml @@ -10,7 +10,7 @@ vars: tmp_dir: "tmp" conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" - netmask: "24" + netmask: "26" username: root # vars_prompt: @@ -27,6 +27,7 @@ file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: @@ -34,13 +35,19 @@ dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ inventory_hostname }}" - file: "{{ conf_file }}" - user: "{{ username }}" - # passwd: "{{ password }}" - timeout: 120 - overwrite: yes - mode: serial - port: "/dev/cu.usbserial-AH02PIG9" - comment: "playbook initial-setup-con.yaml" + juniper_junos_config: + provider: + host: "{{ inventory_hostname }}" + mode: serial + port: "/dev/cu.usbserial-AH02PIG9" + user: "{{ username }}" + # passwd: "{{ password }}" + timeout: 120 + src: "{{ conf_file }}" + load: override + comment: "playbook initial-setup-serial.yaml" + + # - name: delete generated configuration file + # file: + # path: "{{ conf_file }}" + # state: absent diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-ts.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-ts.yaml index a417f56..1a55a5d 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-ts.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/initial-setup-ts.yaml @@ -10,10 +10,10 @@ vars: tmp_dir: "tmp" conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" - netmask: "24" + netmask: "26" username: root - terminal_server: 198.51.100.100 - term_serv_port: 7001 + terminal_server: 198.51.100.50 + term_srv_port: 7001 # vars_prompt: # - name: username @@ -29,6 +29,7 @@ file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: @@ -36,13 +37,19 @@ dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ terminal_server }}" - file: "{{ conf_file }}" - user: "{{ username }}" - # passwd: "{{ password }}" - timeout: 120 - overwrite: yes - mode: telnet - port: "{{ term_serv_port }}" + juniper_junos_config: + provider: + host: "{{ terminal_server }}" + mode: telnet + port: "{{ term_srv_port }}" + user: "{{ username }}" + # passwd: "{{ password }}" + timeout: 120 + src: "{{ conf_file }}" + load: override comment: "playbook initial-setup-ts.yaml" + + # - name: delete generated configuration file + # file: + # path: "{{ conf_file }}" + # state: absent diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-1.yaml new file mode 100644 index 0000000..c3e8922 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-1.yaml @@ -0,0 +1,17 @@ +--- +- name: Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + tasks: + - name: install configuration file onto device + juniper_junos_config: + provider: + host: "{{ ansible_host }}" + timeout: 120 + load: merge + src: "config/nameserver.conf" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-2.yaml new file mode 100644 index 0000000..fd6121b --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/install-config-2.yaml @@ -0,0 +1,18 @@ +--- +- name: Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + tasks: + - name: install configuration file onto device + juniper_junos_config: + provider: + host: "{{ ansible_host }}" + timeout: 120 + load: replace + src: "config/nameserver.conf" + comment: install-config.yaml playbook with nameserver.conf file diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/install-set.yaml b/ansible/Automating_Junos_with_Ansible/chapter_7/install-set.yaml new file mode 100644 index 0000000..507a8d7 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/install-set.yaml @@ -0,0 +1,30 @@ +--- +- name: Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 + + tasks: + - name: install set file onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + load: set + src: "config/ntp.set" + comment: install-set.yaml playbook -- load ntp.set file + + - name: install set commands onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + load: set + lines: + - delete system name-server 198.51.100.100 + - set system name-server 198.51.100.101 + comment: install-set.yaml playbook -- fix name server address diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/inventory b/ansible/Automating_Junos_with_Ansible/chapter_7/inventory index 6231cee..b556acd 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/inventory @@ -1,5 +1,5 @@ -vsrx1 ansible_host=192.0.2.10 dns1=5.6.7.8 dns2=5.6.7.9 -bilbo ansible_host=198.51.100.5 dns1=5.7.9.11 dns2=5.7.9.12 +aragorn ansible_host=192.0.2.10 dns1=8.8.8.8 dns2=198.51.100.100 +bilbo ansible_host=198.51.100.5 dns1=8.8.4.4 dns2=198.51.100.101 [all:vars] ansible_python_interpreter=/usr/local/bin/python diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.1.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.1.j2 deleted file mode 100644 index d4b1cf3..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.1.j2 +++ /dev/null @@ -1,22 +0,0 @@ -system { - host-name {{ inventory_hostname }}; - login { - user sean { - uid 2000; - class super-user; - authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; - } - } - } - replace: - name-server { - {{ dns1 }}; - {{ dns2 }}; - } - services { - netconf { - ssh; - } - } -} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2a.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2a.j2 deleted file mode 100644 index a7c5760..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2a.j2 +++ /dev/null @@ -1,25 +0,0 @@ -system { - host-name {{ inventory_hostname }}; - login { - user sean { - uid 2000; - class super-user; - authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; - } - } - } - replace: - name-server { - {{ dns1 }}; - {{ dns2 }}; - } - services { - delete: ftp; - netconf { - ssh; - } - delete: telnet; - delete: web-management; - } -} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2b.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2b.j2 deleted file mode 100644 index 3e1102f..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.2b.j2 +++ /dev/null @@ -1,30 +0,0 @@ -system { - host-name {{ inventory_hostname }}; - login { - user sean { - uid 2000; - class super-user; - authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; - } - } - } - replace: - name-server { - {{ dns1 }}; - {{ dns2 }}; - } - services { - ftp; - delete: ftp; - netconf { - ssh; - } - telnet; - delete: telnet; - web-management { - http; - } - delete: web-management; - } -} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.3.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.3.j2 index 3e1102f..08cc8a0 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.3.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings-1.3.j2 @@ -5,7 +5,7 @@ system { uid 2000; class super-user; authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; } } } @@ -15,16 +15,11 @@ system { {{ dns2 }}; } services { - ftp; delete: ftp; netconf { ssh; } - telnet; delete: telnet; - web-management { - http; - } delete: web-management; } } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings.j2 new file mode 100644 index 0000000..00a198d --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/template/base-settings.j2 @@ -0,0 +1,22 @@ +system { + host-name {{ inventory_hostname }}; + login { + user sean { + uid 2000; + class super-user; + authentication { + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; + } + } + } + replace: + name-server { + {{ dns1 }}; + {{ dns2 }}; + } + services { + netconf { + ssh; + } + } +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_7/template/initial-ex-vlan.j2 b/ansible/Automating_Junos_with_Ansible/chapter_7/template/initial-ex-vlan.j2 index 6e67f71..014b5dc 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_7/template/initial-ex-vlan.j2 +++ b/ansible/Automating_Junos_with_Ansible/chapter_7/template/initial-ex-vlan.j2 @@ -1,15 +1,14 @@ -#jinja2: lstrip_blocks: True system { host-name {{ inventory_hostname }}; root-authentication { - encrypted-password "$5$AMMtq0mL$S45fRiFekBrs73M/RovN5jpax4GCGpYI2mGr1VfIkrC"; + encrypted-password "$1$JG/DQ4TP$/SqMDBsjmLO2IXvawjjGQ."; } login { user sean { uid 2000; class super-user; authentication { - encrypted-password "$5$gGYLAk8H$RHk/T8Rjq7MSNnPHEey8jNJwnS28TEK/WUlknZnU4X5"; + encrypted-password "$1$U25qzyIz$AxMzsxhD/lj1wlDpd1f96."; } } } @@ -21,16 +20,14 @@ system { } } interfaces { - interface-range aja { - member ge-0/0/8; - member ge-0/0/9; - member ge-0/0/10; - member ge-0/0/11; + interface-range aja2 { + member ge-0/1/0; + member ge-0/1/1; unit 0 { family ethernet-switching { port-mode access; vlan { - members aja; + members aja2; } } } @@ -44,7 +41,7 @@ interfaces { } } vlans { - aja { + aja2 { l3-interface vlan.0; } } diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8a/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_8a/ansible.cfg index 0730340..dcb0621 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8a/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_8a/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8a/inventory b/ansible/Automating_Junos_with_Ansible/chapter_8a/inventory index 6231cee..b556acd 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8a/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_8a/inventory @@ -1,5 +1,5 @@ -vsrx1 ansible_host=192.0.2.10 dns1=5.6.7.8 dns2=5.6.7.9 -bilbo ansible_host=198.51.100.5 dns1=5.7.9.11 dns2=5.7.9.12 +aragorn ansible_host=192.0.2.10 dns1=8.8.8.8 dns2=198.51.100.100 +bilbo ansible_host=198.51.100.5 dns1=8.8.4.4 dns2=198.51.100.101 [all:vars] ansible_python_interpreter=/usr/local/bin/python diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-1.yaml index 1a7e745..f25776e 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-1.yaml @@ -11,10 +11,14 @@ name_plus_host: "{{ inventory_hostname}} :: {{ ansible_host }}" tasks: - - debug: var=test1 - - debug: var=Test1 - - debug: var=name_plus_host + - debug: + var: test1 + - debug: + var: Test1 + + - debug: + var: name_plus_host - name: Show variables 1, second play hosts: @@ -23,6 +27,11 @@ gather_facts: no tasks: - - debug: var=test1 - - debug: var=Test1 - - debug: var=name_plus_host + - debug: + var: test1 + + - debug: + var: Test1 + + - debug: + var: name_plus_host diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-2.yaml index 4028b11..3b301ef 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-2.yaml @@ -2,24 +2,41 @@ - name: Show variables 2, first play hosts: - all + roles: + - Juniper.junos connection: local gather_facts: no tasks: - - debug: var=inventory_hostname - - debug: var=dns1 + - debug: + var: inventory_hostname - - name: get uptime using ansible core module - junos_rpc: - rpc: get-system-uptime-information - output: text + - debug: + var: dns1 + + - name: get device uptime + juniper_junos_command: + commands: + - show system uptime provider: host: "{{ ansible_host }}" + formats: xml register: uptime - - debug: var=uptime.output_lines + - name: query uptime information + xml: + xmlstring: "{{ uptime.stdout }}" + xpath: //current-time/date-time + content: text + register: current_time + + - debug: + var: current_time.matches + + - set_fact: + device_time: "{{ current_time.matches[0] }}" - - set_fact: device_time={{ uptime['output_lines'][0] }} - - debug: var=device_time + - debug: + var: device_time - name: Show variables 2, second play @@ -28,7 +45,14 @@ connection: local gather_facts: no tasks: - - debug: var=inventory_hostname - - debug: var=dns1 - - debug: var=uptime.output_lines - - debug: var=device_time + - debug: + var: inventory_hostname + + - debug: + var: dns1 + + - debug: + var: current_time.matches + + - debug: + var: device_time diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-4.yaml index 07460db..9fc434f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-4.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8a/show-vars-4.yaml @@ -7,7 +7,7 @@ tasks: - name: construct timestamp set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}" + timestamp: "{{ansible_date_time.weekday}} {{ ansible_date_time.date }} at {{ ansible_date_time.time }}" - name: Show variables 4, devices play hosts: diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_8b/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-1.5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-1.5.yaml new file mode 100644 index 0000000..24ec75c --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-1.5.yaml @@ -0,0 +1,72 @@ +--- +- name: Generate and Install Configuration File + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + tmp_dir: "tmp" + conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + user: "{{ username }}" + passwd: "{{ password }}" + port: 22 + timeout: 120 + + # vars_prompt: + # - name: username + # prompt: Junos Username + # private: no + # + # - name: password + # prompt: Junos Password + # private: yes + + tasks: + - name: confirm or create configs directory + file: + path: "{{ tmp_dir }}" + state: directory + run_once: yes + + - name: save device information using template + template: + src: template/base-settings.j2 + dest: "{{ conf_file }}" + + - fail: + msg: "early exit for template troubleshooting" + + - name: install generated configuration file onto device + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit + + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + - name: delete generated configuration file + file: + path: "{{ conf_file }}" + state: absent + + handlers: + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-2.yaml index a77f297..3d9644e 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/base-settings-2.yaml @@ -10,36 +10,48 @@ vars: tmp_dir: "tmp" conf_file: "{{ tmp_dir}}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + timeout: 120 tasks: - name: confirm or create configs directory file: path: "{{ tmp_dir }}" state: directory + run_once: yes - name: save device information using template template: - src: template/base-settings-2.j2 + src: template/base-settings.j2 dest: "{{ conf_file }}" - name: install generated configuration file onto device - junos_install_config: - host: "{{ ansible_host }}" - file: "{{ conf_file }}" - timeout: 120 - replace: yes - confirm: 10 - comment: "playbook base-settings-2.yaml, commit confirmed" - notify: confirm commit + juniper_junos_config: + provider: "{{ connection_settings }}" + src: "{{ conf_file }}" + load: replace + comment: "playbook base-settings.yaml, commit confirmed" + confirmed: 5 + diff: yes + ignore_warning: yes + register: config_results + notify: confirm previous commit - # - name: delete generated configuration file - # file: - # path: "{{ conf_file }}" - # state: absent + - name: show configuration change + debug: + var: config_results.diff_lines + when: config_results.diff_lines is defined + + - name: delete generated configuration file + file: + path: "{{ conf_file }}" + state: absent handlers: - - name: confirm commit - junos_commit: - host: "{{ ansible_host }}" - timeout: 120 - comment: "playbook base-settings-2.yaml, confirming previous commit" + - name: confirm previous commit + juniper_junos_config: + provider: "{{ connection_settings }}" + comment: "playbook base-settings.yaml, confirming previous commit" + commit: yes + diff: no diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/all.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/all.yaml new file mode 100644 index 0000000..f44c5eb --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/all.yaml @@ -0,0 +1,2 @@ +--- +ansible_python_interpreter: /usr/local/bin/python diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/boston.yaml new file mode 100644 index 0000000..fa84fad --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/boston.yaml @@ -0,0 +1,5 @@ +--- +aja2_site: + ntp_servers: + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/sf.yaml new file mode 100644 index 0000000..2d33ab1 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/group_vars/sf.yaml @@ -0,0 +1,5 @@ +--- +aja2_site: + ntp_servers: + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/bilbo.yaml new file mode 100644 index 0000000..8b34ca6 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/host_vars/bilbo.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 198.51.100.5 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/all_vars b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/all_vars new file mode 100644 index 0000000..5922046 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/all_vars @@ -0,0 +1,2 @@ +[all:vars] +ansible_python_interpreter=/usr/local/bin/python diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/boston b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/boston new file mode 100644 index 0000000..5cfbe00 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/boston @@ -0,0 +1,17 @@ +[boston:children] +bos_ex +bos_srx + +[ex:children] +bos_ex + +[srx:children] +bos_srx + +[bos_ex] +bilbo +frodo + +[bos_srx] +peregrin +sam diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/maintenance b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/maintenance new file mode 100644 index 0000000..22bd51b --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/maintenance @@ -0,0 +1,9 @@ +[phase1] +arwen +bilbo +sam + +[phase2] +bilbo +eowyn +faramir diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/san_francisco b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/san_francisco new file mode 100644 index 0000000..e0cffa3 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/junos/hosts/san_francisco @@ -0,0 +1,17 @@ +[sf:children] +sf_ex +sf_srx + +[ex:children] +sf_ex + +[srx:children] +sf_srx + +[sf_ex] +eowyn +faramir + +[sf_srx] +aragorn +arwen diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/all.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/all.yaml new file mode 100644 index 0000000..c070780 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/all.yaml @@ -0,0 +1,5 @@ +--- +aja2_servers: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/database.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/database.yaml new file mode 100644 index 0000000..1c28a0f --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/database.yaml @@ -0,0 +1,3 @@ +--- +db_servers: + db_port: 3306 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/web.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/web.yaml new file mode 100644 index 0000000..df4ad25 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/group_vars/web.yaml @@ -0,0 +1,3 @@ +--- +web_servers: + http_dir: /srv/http/ diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/gandalf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/gandalf.yaml new file mode 100644 index 0000000..c054090 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/gandalf.yaml @@ -0,0 +1,3 @@ +--- +aja2_host: + oob_ip: 192.0.2.20 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/saruman.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/saruman.yaml new file mode 100644 index 0000000..534317c --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/host_vars/saruman.yaml @@ -0,0 +1,3 @@ +--- +aja2_host: + oob_ip: 192.0.2.21 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/hosts b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/hosts new file mode 100644 index 0000000..d86a133 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventories/servers/hosts @@ -0,0 +1,5 @@ +[database] +gandalf + +[web] +saruman diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory index c115950..8dfed7c 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory @@ -1,4 +1,4 @@ -vsrx1 +aragorn bilbo [all:vars] diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/boston b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/boston index 59e024b..5cfbe00 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/boston +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/boston @@ -11,7 +11,7 @@ bos_srx [bos_ex] bilbo frodo -sam [bos_srx] -arwen +peregrin +sam diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/maintenance b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/maintenance index d7909ba..22bd51b 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/maintenance +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/maintenance @@ -1,9 +1,9 @@ [phase1] -bilbo -gimli arwen +bilbo +sam [phase2] bilbo -frodo -gloin +eowyn +faramir diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/san_francisco b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/san_francisco index 6f0c38b..e0cffa3 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/san_francisco +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory2/san_francisco @@ -9,9 +9,9 @@ sf_ex sf_srx [sf_ex] -gimli -gloin +eowyn +faramir [sf_srx] -galadriel -vsrx1 +aragorn +arwen diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/show-vars-5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/show-group-names.yaml similarity index 84% rename from ansible/Automating_Junos_with_Ansible/chapter_8b/show-vars-5.yaml rename to ansible/Automating_Junos_with_Ansible/chapter_8b/show-group-names.yaml index 0965c8b..bec4e73 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/show-vars-5.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/show-group-names.yaml @@ -1,5 +1,5 @@ --- -- name: Show variables 5 +- name: Show group names hosts: - all connection: local diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/show-groups.yaml b/ansible/Automating_Junos_with_Ansible/chapter_8b/show-groups.yaml new file mode 100644 index 0000000..3561ded --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/show-groups.yaml @@ -0,0 +1,11 @@ +--- +- name: Show groups + hosts: + - localhost + connection: local + gather_facts: no + + tasks: + - name: ansible variables + debug: + var: vars.groups diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.0.j2 b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.0.j2 new file mode 100644 index 0000000..a6286cf --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.0.j2 @@ -0,0 +1,27 @@ +#jinja2: lstrip_blocks: True +system { + host-name {{ inventory_hostname }}; + login { + user sean { + uid 2000; + class super-user; + authentication { + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; + } + } + } + replace: + name-server { + {% for server in aja2_host.dns_servers %} + {{ server }}; + {% endfor %} + } + services { + delete: ftp; + netconf { + ssh; + } + delete: telnet; + delete: web-management; + } +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.1.j2 b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.1.j2 new file mode 100644 index 0000000..056e546 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.1.j2 @@ -0,0 +1,31 @@ +#jinja2: lstrip_blocks: True +system { + host-name {{ inventory_hostname }}; + login { + user sean { + uid 2000; + class super-user; + authentication { + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; + } + } + } + replace: + name-server { + {% for server in aja2_host.dns_servers %} + {{ server }}; + {% endfor %} + } + services { + delete: ftp; + netconf { + ssh; + } + delete: telnet; + delete: web-management; + } +} +snmp { + description "{{ aja2_host.snmp.description}}" + location "{{ aja2_host.snmp.location}}" +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.2.j2 b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.2.j2 new file mode 100644 index 0000000..3e4c8c3 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.2.j2 @@ -0,0 +1,37 @@ +#jinja2: lstrip_blocks: True +system { + host-name {{ inventory_hostname }}; + login { + user sean { + uid 2000; + class super-user; + authentication { + ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxgT8ga1uYbS3bxXPPv7aEiTvSwXnK/7xu3NB0+t1njMBuUcgwn7zwtnayQyLS+ef3rNP7WZXwFYxUeFbVwdkLUn9/xvDM5Qi2m/6WRP/yrTRtEvNP4lUsZRH+IXQc59JOKfYqGkvbgfshnmtHJHYVOn/1E/w0cNDYg4oH6KbcqYb+isbKhdiqpDBvLsF9h0GwhaiLk2BpVutw2BZoeKN9vrF+OmcaB0WVzGvwblSHDpXdLfMJuHAyEhZImNSv4bXNAYFGht9zpdTwudP5qfwJo5304Sn62UaOzVN2zGogXKzxgxgAjeJ87io0Graiwo5q9kZYksjXvPzOaX3gt8Uv sean@mbp15.local"; + } + } + } + replace: + name-server { + {% for server in aja2_host.dns_servers %} + {{ server }}; + {% endfor %} + } + services { + delete: ftp; + netconf { + ssh; + } + delete: telnet; + delete: web-management; + } + replace: + ntp { + {% for ntp in aja2_site.ntp_servers %} + server {{ ntp }}; + {% endfor %} + } +} +snmp { + description "{{ aja2_host.snmp.description}}" + location "{{ aja2_host.snmp.location}}" +} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.j2 b/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.j2 deleted file mode 100644 index fb263e5..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_8b/template/base-settings-2.j2 +++ /dev/null @@ -1,42 +0,0 @@ -#jinja2: lstrip_blocks: True -system { - host-name {{ inventory_hostname }}; - login { - user sean { - uid 2000; - class super-user; - authentication { - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNHawZMgHWTQ+uNKIt4l6I7eZdGgeXPHHx8KQxsOboAlbKuRPHItGITmXbPKOVTXoiYjdkH1LGGBLNcMNJ9pA8skjjOgGfa1VrvtzNp6/1+YY8iRXsSvPN6ZuQgthITUpg1qFNRRFIrP1ygSxhFBPY+ULmgdt5YzPs5k4G0MnMD5JavffVsEeUzB/HTtT+orT7baf/w4yLi0s0hX6oQL1ycFa9NmU7wZl1qLPzPH8bxusUEYUL/RagSAoK3AAATwobLqggDpCgpYr+POlxdYVSf9uI0xE7X2G4bpESFchvyEAXw0eYNHjxG5QXEGimctF/9MOE8gjniIJeUsUJzS8b sean@mbp15.local"; - } - } - } - replace: - name-server { - {% for server in aja_host.dns_servers %} - {{ server }}; - {% endfor %} - } - services { - ftp; - delete: ftp; - netconf { - ssh; - } - telnet; - delete: telnet; - web-management { - http; - } - delete: web-management; - } - replace: - ntp { - {% for ntp in aja_site.ntp_servers %} - server {{ ntp }}; - {% endfor %} - } -} -snmp { - description "{{ aja_host.snmp_description }}"; - location "{{ aja_host.snmp_location }}"; -} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/ansible.cfg b/ansible/Automating_Junos_with_Ansible/chapter_9/ansible.cfg index c057dc7..1687846 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/ansible.cfg +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/ansible.cfg @@ -1,4 +1,3 @@ [defaults] inventory = inventory3 host_key_checking = False -log_path = ~/aja/ansible.log diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-commit-history.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-commit-history.yaml deleted file mode 100644 index 542f403..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-commit-history.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- name: Get configuration history - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: get commit history - commit_history: - host: "{{ ansible_host }}" - max_commits: 3 - filename: "{{ inventory_hostname}}-commit-history.txt" - register: history - - - debug: var=history.commits diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-1.yaml index f6c30d7..c35a00e 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-1.yaml @@ -1,5 +1,5 @@ --- -- name: Backup Device Configuration +- name: Save configurations from Junos devices to files hosts: - all roles: @@ -8,17 +8,22 @@ gather_facts: no vars: - backup_dir: "backups" - conf_file: "{{ backup_dir}}/{{ inventory_hostname }}.conf" + config_dir: "backups" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: create backup directory if needed + - name: confirm/create device configuration directory file: - path: "{{ backup_dir }}" + path: "{{ config_dir }}" state: directory + run_once: yes + delegate_to: localhost - - name: get device configuration - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ conf_file }}" + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" format: text + retrieve: committed diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-2.yaml index cd0a8bb..4f3f8b0 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-2.yaml @@ -1,5 +1,5 @@ --- -- name: Backup Device Configuration +- name: Save configurations from Junos devices to files hosts: - all roles: @@ -8,17 +8,28 @@ gather_facts: no vars: - backup_dir: "{{ user_data_path }}/config_backups" - conf_file: "{{ backup_dir}}/{{ inventory_hostname }}.conf" + config_dir: "{{ user_data_path }}/config_backups" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: create backup directory if needed + - debug: + var: user_data_path + + - debug: + var: config_dir + + - name: confirm/create device configuration directory file: - path: "{{ backup_dir }}" + path: "{{ config_dir }}" state: directory + run_once: yes + delegate_to: localhost - - name: get device configuration - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ conf_file }}" + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" format: text + retrieve: committed diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-3.yaml index 335d33b..cf6a573 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-3.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-3.yaml @@ -1,5 +1,5 @@ --- -- name: Prepare timestamp +- name: Create timestamp for filenames hosts: - localhost connection: local @@ -9,14 +9,17 @@ systime: "{{ ansible_date_time.time | replace(':', '-') }}" tasks: - - debug: var=ansible_date_time.time - - debug: var=systime + - debug: + var: ansible_date_time.time - - name: get system date and time + - debug: + var: systime + + - name: save timestamp in a variable for later use set_fact: timestamp: "{{ ansible_date_time.date }}_{{ systime }}" -- name: Backup Device Configuration +- name: Save configurations from Junos devices to files hosts: - all roles: @@ -25,27 +28,24 @@ gather_facts: no vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" + config_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}_{{ hostvars.localhost.timestamp }}.conf" + connection_settings: + host: "{{ ansible_host }}" tasks: - - name: create backup directory if needed + - name: confirm/create device configuration directory file: - path: "{{ backup_dir }}" + path: "{{ config_dir }}" state: directory - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" format: text - register: config_results - - - debug: var=config_results + retrieve: committed - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - when: config_results.changed + - name: display path to latest backup file + debug: + msg: "The configuration backup is in {{ config_filename }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-4.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-4.yaml new file mode 100644 index 0000000..0c9e4a6 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-4.yaml @@ -0,0 +1,38 @@ +--- +- name: Save configurations from Junos devices to files + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + systime: "{{ ansible_date_time.time | replace(':', '-') }}" + timestamp: "{{ ansible_date_time.date }}_{{ systime }}" + config_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}_{{ timestamp }}.conf" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: get localhost environment info (for date and time) + setup: + run_once: yes + delegate_to: localhost + + - name: confirm/create device configuration directory + file: + path: "{{ config_dir }}" + state: directory + + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + + - name: display path to latest backup file + debug: + msg: "The configuration backup is in {{ config_filename }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-5.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-5.yaml new file mode 100644 index 0000000..d043bec --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-5.yaml @@ -0,0 +1,71 @@ +--- +- name: Save configurations from Junos devices to files + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + systime: "{{ ansible_date_time.time | replace(':', '-') }}" + timestamp: "{{ ansible_date_time.date }}_{{ systime }}" + config_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}_{{ timestamp }}.conf" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: get localhost environment info (for date and time) + setup: + run_once: yes + delegate_to: localhost + + - name: confirm/create device configuration directory + file: + path: "{{ config_dir }}" + state: directory + + - name: get list of previous backups (if any) + find: + file_type: file + path: "{{ config_dir }}" + patterns: "{{ inventory_hostname }}*.conf" + register: old_configs_details + + - debug: + var: old_configs_details + + - name: save name of most recent previous backup + set_fact: + prev_config: "{{ old_configs_details.files | sort(attribute='path') | map(attribute='path') | list | last }}" + when: old_configs_details.matched > 0 + + - debug: + var: prev_config + + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + + - name: display path to latest backup file + debug: + msg: "The configuration backup is in {{ config_filename }}" + + - name: get difference between backups + shell: diff -d -I '^## Last [change|commit]' {{ prev_config }} {{ config_filename }} + when: prev_config is defined + register: diff_result + failed_when: diff_result.rc > 1 + + - debug: + var: diff_result + + - name: delete new backup if same as previous + file: + path: "{{ config_filename }}" + state: absent + when: (diff_result.changed) and (diff_result.rc == 0) diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-6.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-6.yaml new file mode 100644 index 0000000..36b71fc --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-6.yaml @@ -0,0 +1,78 @@ +--- +- name: Save configurations from Junos devices to files + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + systime: "{{ ansible_date_time.time | replace(':', '-') }}" + timestamp: "{{ ansible_date_time.date }}_{{ systime }}" + config_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}_{{ timestamp }}.conf" + diff_filename: "{{ config_dir }}/{{ inventory_hostname }}_{{ timestamp }}.diff" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: get localhost environment info (for date and time) + setup: + run_once: yes + delegate_to: localhost + + - name: confirm/create device configuration directory + file: + path: "{{ config_dir }}" + state: directory + + - name: get list of previous backups (if any) + find: + file_type: file + path: "{{ config_dir }}" + patterns: "{{ inventory_hostname }}*.conf" + register: old_configs_details + + - debug: + var: old_configs_details + + - name: save name of most recent previous backup + set_fact: + prev_config: "{{ old_configs_details.files | sort(attribute='path') | map(attribute='path') | list | last }}" + when: old_configs_details.matched > 0 + + - debug: + var: prev_config + + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + + - name: display path to latest backup file + debug: + msg: "The configuration backup is in {{ config_filename }}" + + - name: get difference between backups + shell: diff -d -I '^## Last [change|commit]' {{ prev_config }} {{ config_filename }} + when: prev_config is defined + register: diff_result + failed_when: diff_result.rc > 1 + + - debug: + var: diff_result + + - name: save diff file when change found + template: + src: template/save-diff.j2 + dest: "{{ diff_filename }}" + when: (diff_result.changed) and (diff_result.rc == 1) + + - name: delete new backup if same as previous + file: + path: "{{ config_filename }}" + state: absent + when: (diff_result.changed) and (diff_result.rc == 0) diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commit-alternate.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commit-alternate.yaml deleted file mode 100644 index f006a4a..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commit-alternate.yaml +++ /dev/null @@ -1,65 +0,0 @@ ---- -- name: Prepare timestamp - hosts: - - localhost - connection: local - gather_facts: yes - - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - - tasks: - - debug: var=ansible_date_time.time - - debug: var=systime - - - name: get system date and time - set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - -- name: Backup Device Configuration - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" - commit_file: "{{ backup_dir }}/{{ inventory_hostname }}_{{ hostvars.localhost.timestamp }}.commit" - - tasks: - - name: create backup directory if needed - file: - path: "{{ backup_dir }}" - state: directory - - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" - format: text - register: config_results - - - debug: var=config_results - - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - when: config_results.changed - - - name: save commit history - commit_history: - host: "{{ ansible_host }}" - filename: "{{ commit_file }}" - max_commits: 2 - when: config_results.changed - register: commit_history - - - name: print author of last commit - debug: - var: commit_history.commits[0]['user'] - when: commit_history is defined diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commits.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commits.yaml deleted file mode 100644 index ba261d0..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config-with-commits.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -- name: Prepare timestamp - hosts: - - localhost - connection: local - gather_facts: yes - - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - - tasks: - - debug: var=ansible_date_time.time - - debug: var=systime - - - name: get system date and time - set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - -- name: Backup Device Configuration - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" - commit_file: "{{ backup_dir }}/{{ inventory_hostname }}_{{ hostvars.localhost.timestamp }}.commit" - - tasks: - - name: create backup directory if needed - file: - path: "{{ backup_dir }}" - state: directory - - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" - format: text - notify: - - copy temporary file to timestamped config file if different - - get commit history - - handlers: - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - - - name: get commit history - commit_history: - host: "{{ ansible_host }}" - filename: "{{ commit_file }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-config.yaml deleted file mode 100644 index 335d33b..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-config.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -- name: Prepare timestamp - hosts: - - localhost - connection: local - gather_facts: yes - - vars: - systime: "{{ ansible_date_time.time | replace(':', '-') }}" - - tasks: - - debug: var=ansible_date_time.time - - debug: var=systime - - - name: get system date and time - set_fact: - timestamp: "{{ ansible_date_time.date }}_{{ systime }}" - -- name: Backup Device Configuration - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - vars: - backup_dir: "{{ user_data_path }}/config_backups/{{ inventory_hostname }}" - temp_conf_file: "{{ backup_dir}}/{{ inventory_hostname }}" - conf_file: "{{ temp_conf_file }}_{{ hostvars.localhost.timestamp }}.conf" - - tasks: - - name: create backup directory if needed - file: - path: "{{ backup_dir }}" - state: directory - - - name: save device configuration in temporary file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ temp_conf_file }}" - format: text - register: config_results - - - debug: var=config_results - - - name: copy temporary file to timestamped config file if different - copy: - src: "{{ temp_conf_file }}" - dest: "{{ conf_file }}" - when: config_results.changed diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-1.yaml index 99cc8db..ff8b0e5 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-1.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-1.yaml @@ -1,35 +1,37 @@ --- -- name: Prepare temp backup directory +- name: Save partial configurations from Junos devices hosts: - - localhost + - all + roles: + - Juniper.junos connection: local gather_facts: no - tasks: - - set_fact: tmp_dir=tmp + vars: + config_dir: "{{ user_data_path }}/tmp" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" - - name: erase (old) backup directory (if it exists) + tasks: + - name: erase old backup directory if it exists file: - path: "{{ tmp_dir }}" + path: "{{ config_dir }}" state: absent + run_once: yes + delegate_to: localhost - name: create backup directory file: - path: "{{ tmp_dir }}" + path: "{{ config_dir }}" state: directory + run_once: yes + delegate_to: localhost -- name: Get partial device configurations - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: retrieve configuration and save to file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ hostvars.localhost.tmp_dir }}/{{ inventory_hostname }}.conf" - format: "text" + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed filter: "system/ntp" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-2.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-2.yaml index 30b5a15..19c7e1f 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-2.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-2.yaml @@ -1,37 +1,40 @@ --- -- name: Prepare temp backup directory +- name: Save partial configurations from Junos devices hosts: - - localhost + - all + roles: + - Juniper.junos connection: local gather_facts: no - tasks: - - set_fact: tmp_dir=tmp + vars: + config_dir: "{{ user_data_path }}/tmp" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" - - name: erase (old) backup directory (if it exists) + tasks: + - name: erase old backup directory if it exists file: - path: "{{ tmp_dir }}" + path: "{{ config_dir }}" state: absent + run_once: yes + delegate_to: localhost - name: create backup directory file: - path: "{{ tmp_dir }}" + path: "{{ config_dir }}" state: directory + run_once: yes + delegate_to: localhost -- name: Get partial device configurations - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: retrieve configuration and save to file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ hostvars.localhost.tmp_dir }}/{{ inventory_hostname }}.conf" - format: "text" - filter: "system/ntp" - options: {'database': 'committed'} - # options: {'groups': 'groups', 'inherit': 'inherit'} + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + filter: "interfaces" + options: + groups: groups + inherit: inherit diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3.yaml deleted file mode 100644 index 850b5c6..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -- name: Prepare temp backup directory - hosts: - - localhost - connection: local - gather_facts: no - - tasks: - - name: fail if filter not defined - fail: - msg: > - Specify the Junos configuration hierarchy you want to back up by - providing the extra variable 'filter' on the command line. - For example, --extra-vars 'filter=system/ntp' - when: filter is not defined - - - set_fact: tmp_dir=tmp - - - name: erase (old) backup directory (if it exists) - file: - path: "{{ tmp_dir }}" - state: absent - - - name: create backup directory - file: - path: "{{ tmp_dir }}" - state: directory - - - name: show filter setting from command line - debug: - var: filter - verbosity: 1 - -- name: Get partial device configurations - hosts: - - all - roles: - - Juniper.junos - connection: local - gather_facts: no - - tasks: - - name: retrieve configuration and save to file - junos_get_config: - host: "{{ ansible_host }}" - dest: "{{ hostvars.localhost.tmp_dir }}/{{ inventory_hostname }}.conf" - format: "text" - filter: "{{ filter }}" - options: {'database':'committed','groups':'groups','inherit':'inherit'} diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3a.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3a.yaml new file mode 100644 index 0000000..d755eca --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3a.yaml @@ -0,0 +1,42 @@ +--- +- name: Save partial configurations from Junos devices + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + config_dir: "{{ user_data_path }}/tmp" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: erase old backup directory if it exists + file: + path: "{{ config_dir }}" + state: absent + run_once: yes + delegate_to: localhost + + - name: create backup directory + file: + path: "{{ config_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: show filter setting from extra-vars command-line argument + debug: + var: filter | mandatory + run_once: yes + + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + filter: "{{ filter | mandatory }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3b.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3b.yaml new file mode 100644 index 0000000..5c37afc --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/get-partial-config-3b.yaml @@ -0,0 +1,50 @@ +--- +- name: Save partial configurations from Junos devices + hosts: + - all + roles: + - Juniper.junos + connection: local + gather_facts: no + + vars: + config_dir: "{{ user_data_path }}/tmp" + config_filename: "{{ config_dir }}/{{ inventory_hostname }}.conf" + connection_settings: + host: "{{ ansible_host }}" + + tasks: + - name: fail if variable 'filter' is not defined + fail: + msg: > + Specify the Junos configuration hierarchy you want to back up by + providing the extra variable 'filter' on the command line. + For example, --extra-vars 'filter=system/ntp' + when: filter is not defined + + - name: erase old backup directory if it exists + file: + path: "{{ config_dir }}" + state: absent + run_once: yes + delegate_to: localhost + + - name: create backup directory + file: + path: "{{ config_dir }}" + state: directory + run_once: yes + delegate_to: localhost + + - name: show filter setting from extra-vars command-line argument + debug: + var: filter + run_once: yes + + - name: save device configuration + juniper_junos_config: + provider: "{{ connection_settings }}" + dest: "{{ config_filename }}" + format: text + retrieve: committed + filter: "{{ filter }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/all.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/all.yaml index f1e6789..cbfde82 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/all.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/all.yaml @@ -1,3 +1,3 @@ --- ansible_python_interpreter: /usr/local/bin/python -user_data_path: /Users/sean/ansible +user_data_path: "{{ '~/ansible' | expanduser }}" diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/boston.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/boston.yaml index 1d6e9e3..fa84fad 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/boston.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/boston.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.7.9.101 - - 5.7.9.102 + - 132.163.97.4 + - 129.6.15.27 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/sf.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/sf.yaml index 3c6ca0a..2d33ab1 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/sf.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/group_vars/sf.yaml @@ -1,5 +1,5 @@ --- -aja_site: +aja2_site: ntp_servers: - - 5.6.7.201 - - 5.6.7.202 + - 17.253.6.125 + - 17.253.20.125 diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/aragorn.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/aragorn.yaml new file mode 100644 index 0000000..c4fa5bd --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/aragorn.yaml @@ -0,0 +1,10 @@ +--- +ansible_host: 192.0.2.10 +aja2_host: + dns_servers: + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.100 + snmp: + description: virtual SRX for testing + location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/bilbo.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/bilbo.yaml index 0eea38f..8b34ca6 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/bilbo.yaml +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/bilbo.yaml @@ -1,9 +1,10 @@ --- ansible_host: 198.51.100.5 -aja_host: +aja2_host: dns_servers: - - 5.7.9.11 - - 5.7.9.12 - - 5.7.9.13 - snmp_description: EX2200-C for testing - snmp_location: "Sean's home office" + - 8.8.4.4 + - 8.8.8.8 + - 198.51.100.101 + snmp: + description: EX2200-C for testing + location: Sean's home office diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/vsrx1.yaml b/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/vsrx1.yaml deleted file mode 100644 index e000822..0000000 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/host_vars/vsrx1.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -ansible_host: 192.0.2.10 -aja_host: - dns_servers: - - 5.6.7.8 - - 5.6.7.9 - - 5.6.7.10 - snmp_description: virtual SRX for testing - snmp_location: Sean's Macbook Pro diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/inventory3 b/ansible/Automating_Junos_with_Ansible/chapter_9/inventory3 index 387d5c2..505d444 100644 --- a/ansible/Automating_Junos_with_Ansible/chapter_9/inventory3 +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/inventory3 @@ -22,4 +22,4 @@ bilbo [sf_ex] [sf_srx] -vsrx1 +aragorn diff --git a/ansible/Automating_Junos_with_Ansible/chapter_9/template/save-diff.j2 b/ansible/Automating_Junos_with_Ansible/chapter_9/template/save-diff.j2 new file mode 100644 index 0000000..ab7a769 --- /dev/null +++ b/ansible/Automating_Junos_with_Ansible/chapter_9/template/save-diff.j2 @@ -0,0 +1 @@ +{{ diff_result.stdout }}