diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/README.es.md b/exercises/ansible_network_lightspeed_eda/1-explore/README.es.md new file mode 100644 index 000000000..83e250f86 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/1-explore/README.es.md @@ -0,0 +1,299 @@ +# Ejercicio 1 - Explorando el entorno de laboratorio + +**Leálo en otros idiomas**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md), ![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](https://github.com/ansible/workshops/raw/devel/images/es.png) [Español](README.es.md). + +## Índice + +- [Ejercicio 1 - Explorando el entorno de laboratorio](#ejercicio-1---explorando-el-entorno-de-laboratorio) + - [Índice](#índice) + - [Objetivo](#objetivo) + - [Diagrama](#diagrama) + - [Guía](#guía) + - [Paso 1 - Connectar vía VS Code](#paso-1---connectar-vía-vs-code) + - [Paso 2 - Usando la Terminal](#paso-2---usando-la-terminal) + - [Paso 3 - Examinando los Entornos de Ejecución](#paso-3---examinando-los-entornos-de-ejecución) + - [Paso 4 - Examinando la configuración de ansible-navigator](#paso-4---examinando-la-configuración-de-ansible-navigator) + - [Paso 5 - Examinando el inventario](#paso-5---examinando-el-inventario) + - [Paso 6 - Comprendiendo el inventario](#paso-6---comprendiendo-el-inventario) + - [Paso 7 - Usando ansible-navigator para explorar el inventario](#paso-7---usando-ansible-navigator-para-explorar-el-inventario) + - [Paso 8 - Connectándose a dispositivos de red](#paso-8---connectándose-a-dispositivos-de-red) + - [Completado](#completado) + +## Objetivo + +Explorar y comprender el entorno de laboratorio. + +Estos primeros ejercicios de laboratorio consistirán en explorar las utilidades de línea de comando de Ansible Automation Platform. +Esto incluye: + +- [ansible-navigator](https://github.com/ansible/ansible-navigator) - una utilidad de línea de comando e interfaz de usuario basado en texto (TUI) para ejecutar y desarrollar contenido de automatización de Ansible. +- [ansible-core](https://docs.ansible.com/core.html) - el ejecutable que provee el marco, lenguaje y funciones que componen Ansible Automation Platform. También incluye varias utilidades de línea de comandos como `ansible`, `ansible-playbook` y `ansible-doc`. Ansible Core actúa como el puente entre la comunidad upstream y los contenidos open source y gratuítos de Ansible además de conectarlo con la oferta empresarial de automatización downstream de Red Hat, el producto Ansible Automation Platform. +- [Entornos de Ejecución](https://docs.ansible.com/automation-controller/latest/html/userguide/execution_environments.html) - no cubiertos específicamente en este taller puesto que el entorno de Ansible Execution Environments ya está incluído en todas las colecciones soportadas de Red Hat que comprenden todas las colecciones de red utilizadas en este taller. Los Entornos de Ejecución son imágenes de contenedores que pueden ser usadas como ejecuciones de Ansible. +- [ansible-builder](https://github.com/ansible/ansible-builder) - como el anterior, no cubierto específicamente en este taller, `ansible-builder` es una utilidad de línea de comando para automatizar el proceso de creación de Entornos de Ejecución. + +Si necesitaás más informacion sobre los nuevos componentes de Ansible Automation Platform, añáde esta página [https://red.ht/AAP-20](https://red.ht/AAP-20) a tus marcadores. + +> Join our community forum! +> +> Before you get started, please join us on https://forum.ansible.com/. This will allow you to get Ansible help after the workshops concludes. + +## Diagrama + +![Red Hat Ansible Automation](https://github.com/ansible/workshops/raw/devel/images/ansible_network_diagram.png) + + + +## Guía + +### Paso 1 - Connectar vía VS Code + + + + + + + +
Se recomienda el uso de Visual Studio Code para completar los ejercicios. Visual Studio Code provee: +
    +
  • Un explorador de ficheros
    • +
  • Un editor de texto con sintaxis resaltada
    • +
  • Una terminal embebida
    • +
+ El acceso directo por SSH está disponible como backup, o si Visual Studio Code no fuera suficiente para el estudiante. Aquí hay un pequeño vídeo de YouTube (en inglés) en caso de necesitar más claridad: Ansible Workshops - Accessing your workbench environment. +
+ +- Conéctate a Visual Studio Code desde la página inicial del taller (provista por el instructor). La password se provee bajo el enlace de WebUI. + + ![launch page](images/launch_page.png) + +- Introduce la contraseña que se te ha provisto para poder ingresar. + + ![login vs code](images/vscode_login.png) + +- Abre el directorio `network-workshop` en Visual Studio Code: + + ![picture of file browser](images/vscode-networkworkshop.png) + +- Haz click en el finchero `playbook.yml` para ver el contenido. + + ![picture of playbook](images/vscode-playbook.png) + +### Paso 2 - Usando la Terminal + +- Abre una terminal en Visual Studio Code: + + ![picture of new terminal](images/vscode-new-terminal.png) + +Navega hasta el directorio `network-workshop` en la terminal del nodo de control de Ansible. + +```bash +[student@ansible-1 ~]$ cd ~/network-workshop/ +[student@ansible-1 network-workshop]$ pwd +/home/student/network-workshop +[student@ansible-1 network-workshop]$ +``` + +* `~` - la tilde en este contexto es un atajo para el directorio, ej. `/home/student` +* `cd` - comando de Linux para cambiar de directorio. +* `pwd` - comando de Linux para mostrar el directorio de trabajo. Con esto, se mostrará el `path` completo al directorio de trabajo actual. + +### Paso 3 - Examinando los Entornos de Ejecución + +Ejecuta el comando `ansible-navigator` con el argumento `images` para ver los entornos de ejecución configurados en el nodo de control: + +```bash +$ ansible-navigator images +``` + +![ansible-navigator images](images/navigator-images.png) + + +> Nota +> +> La salida mostrada puede diferir de la anteriomente mostrada + +Este comando da información sobre todos los Entornos de Ejecución actualmente instalados (EE para abreviar). Investiga un EE pulsando el número correspondiente. Por ejemplo, pulsando **0** con el ejemplo anterior, abrirá el EE `network-ee`: + +![ee main menu](images/navigator-ee-menu.png) + +Seleccionar `2` para `Ansible version and collections` mostrará todas las Colecciones de Ansible (Ansible Collections) instaladas para ese EE en particular, y la versión de `ansible-core`: + +![ee info](images/navigator-ee-collections.png) + +### Paso 4 - Examinando la configuración de ansible-navigator + +Ejecuta tanto Visual Studio Code como el comando `cat` para ver el contenido del fichero `ansible-navigator.yml`. El fichero se encuentra en el directorio home: + +```bash +$ cat ~/.ansible-navigator.yml +--- +ansible-navigator: + ansible: + inventories: + - /home/student/lab_inventory/hosts + + execution-environment: + image: quay.io/acme_corp/network-ee:latest + enabled: true + container-engine: podman + pull-policy: missing + volume-mounts: + - src: "/etc/ansible/" + dest: "/etc/ansible/" +``` + +Fíjate en los siguientes parámetros del fichero `ansible-navigator.yml`: + +* `inventories`: muestra la ubicación del inventario de ansible actualmente en uso. +* `execution-environment`: dónde está configurado el entorno de ejecución por defecto. + +Para ver un listado completo con todas las opciones configurables, consulta la [documentación](https://ansible-navigator.readthedocs.io/en/latest/settings/) + +### Paso 5 - Examinando el inventario + +El alcance de un `play` dentro de un `playbook` está limitado a los grupos de máquinas declarados en el **inventario** de Ansible. Ansible sorpota múltiples tipos de [inventarios](http://docs.ansible.com/ansible/latest/intro_inventory.html). Un inventario puede ser un simple fichero en claro con una colección de máquinas definidas en él o un script dinámico (que potencialmente consulte a un backend CMDB) que genere una lista de dispositivos contra los que ejecutar el playbook. + +En este ejercicio trabajarás con un inventario basado en fichero en formato **ini**. Usa tanto Visual Studio Code o el comando `cat` para ver el contenido del fichero `~/lab_inventory/hosts`. + +```bash +$ cat ~/lab_inventory/hosts +``` + +```bash +[all:vars] +ansible_ssh_private_key_file=~/.ssh/aws-private.pem + +[routers:children] +cisco +juniper +arista + +[cisco] +rtr1 ansible_host=18.222.121.247 private_ip=172.16.129.86 +[arista] +rtr2 ansible_host=18.188.194.126 private_ip=172.17.158.197 +rtr4 ansible_host=18.221.5.35 private_ip=172.17.8.111 +[juniper] +rtr3 ansible_host=3.14.132.20 private_ip=172.16.73.175 + +[cisco:vars] +ansible_user=ec2-user +ansible_network_os=ios +ansible_connection=network_cli + +[juniper:vars] +ansible_user=ec2-user +ansible_network_os=junos +ansible_connection=netconf + +[arista:vars] +ansible_user=ec2-user +ansible_network_os=eos +ansible_connection=network_cli +ansible_become=true +ansible_become_method=enable + +[dc1] +rtr1 +rtr3 + +[dc2] +rtr2 +rtr4 + +[control] +ansible ansible_host=13.58.149.157 ansible_user=student private_ip=172.16.240.184 +``` + +### Paso 6 - Comprendiendo el inventario + +En la salida anterior, cada `[ ]` define un grupo. Por ejemplo, `[dc1]` es el grupo que contiene las máquinas `rtr1` y `rtr3`. +Los grupos también pueden ser _anidados_. El grupo `[routers]` es el padre del grupo `[cisco]`. + +Los grupos padres se declaran usando la directiva `children`. Tener grupos anidados provee la flexibilidad de asignar valores más específicos a las variables. + +Podemos asociar variables tanto a grupos como a máquinas. + +> Nota: +> +> El grupo llamado **all** siempre existe y contiene a todos los grupos y todas las máquinas definidas dentro de un inventario. + +Las variables de máquinas también pueden definirse en la misma línea que define a la máquina. Por ejemplo, la máquina `rtr1`: + +```sh +rtr1 ansible_host=18.222.121.247 private_ip=172.16.129.86 +``` + +* `rtr1` - El nombre que Ansible usará. Puede pero no tiene por qué depender del nombre DNS. +* `ansible_host` - La dirección IP que Ansible usará, si no se configura, buscará en el DNS por defecto. +* `private_ip` - Este valor no está reservado por Ansible, así que por defecto, tomará el valor de la [variable host](http://docs.ansible.com/ansible/latest/intro_inventory.html#host-variables). Esta variable puede usarse en playbooks o ignorarse por completo. + +Los grupos de variables de grupo se declaran usando la directiva + `vars`. Tener grupos permite la flexibilidad de asignar variables comunes a múltiples hosts. Se pueden definir múltiples variables de grupo bajo la sección `[group_name:vars]`. Por ejemplo, echa un vistazo al grupo `cisco`: + +```sh +[cisco:vars] +ansible_user=ec2-user +ansible_network_os=ios +ansible_connection=network_cli +``` + +* `ansible_user` - El usuario de Ansible que se usará para hacer login en esta máquina. Si no está configurado tomará el valor por defecto del usuario en el playbook desde el que se está ejecutando. +* `ansible_network_os` - Esta variable es necesaria mientras se usa el tipo de conexión `network_cli` dentro de una definición de `play`, como veremos en breve. +* `ansible_connection` - Esta variable configura el [plugin de conexión](https://docs.ansible.com/ansible/latest/plugins/connection.html) para el grupo. Puede configurarse a los valores `netconf`, `httpapi` y `network_cli` dependiendo de lo que soporte este tipo de plataforma de red en particular. + +### Paso 7 - Usando ansible-navigator para explorar el inventario + +También se puede usar la utilidad TUI, `ansible-navigator` para explorar el inventario. + +Ejecuta el comando `ansible-navigator inventory` para mostrar el inventario en la TUI: + +![ansible-navigator tui](images/ansible-navigator.png) + +Pulsa **0** o **1** en el teclado, para mostrar los grupos o máquinas respectivamente. + +![ansible-navigator groups](images/ansible-navigator-groups.png) + +Pulsa la tecla **Esc** para subir un nivel o para hacer zoom en una máquina en particular: + +![ansible-navigator host](images/ansible-navigator-rtr-1.png) + +### Paso 8 - Connectándose a dispositivos de red + +Hay 4 enrutadores llamados rtr1, rtr2, rtr3 y rtr4. El diagrama de red está siempre disponible en [network automation workshop table of contents](../README.md). El fichero de configuración de SSH (`~/.ssh/config`) está ya configurado en el nodo de control. Es decir, puedes hacer SSH a cualquier enrutador desde el nodo de control sin necesidad de login: + +Por ejemplo, conectate a rtr1 desde el nodo de control de Ansible haciendo: + +```bash +$ ssh rtr1 +``` + +Por ejemplo: +``` +$ ssh rtr1 +Warning: Permanently added 'rtr1,35.175.115.246' (RSA) to the list of known hosts. + + + +rtr1#show ver +Cisco IOS XE Software, Version 16.09.02 +``` + +## Completado + +¡Felicidades, has completado el ejercicio de laboratorio 1! + +Ahora ya sabes: + +* Cómo conectarte al entorno de laboratorio usando Visual Studio Code +* Cómo explorar los **entornos de ejecución** usando `ansible-navigator` +* Dónde se encuentra la configuración del navegador de Ansible (`ansible-navigator.yml`) +* Dónde se encuentra el inventario para poder realizar los ejercicios de línea de comandos +* Cómo usar el comando `ansible-navigator`y su interfaz TUI (interfaz de usuario basada en texto). + + + +--- +[Próximo ejercicio](../2-first-playbook/README.es.md) + +[Haz click aquí para volver al taller Ansible Network Automation](../README.es.md) diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/README.ja.md b/exercises/ansible_network_lightspeed_eda/1-explore/README.ja.md new file mode 100644 index 000000000..4b37fce66 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/1-explore/README.ja.md @@ -0,0 +1,336 @@ +# 演習 1 - ラボ環境の探索 + +**他の言語でもお読みいただけます**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md)、![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](https://github.com/ansible/workshops/raw/devel/images/es.png) [Español](README.es.md) + + +## 目次 + +- [演習 1 - ラボ環境の探索](#演習-1---ラボ環境の探索) + - [目次](#目次) + - [目的](#目的) + - [図](#図) + - [ガイド](#ガイド) + - [ステップ 1 - VS Code を使用した接続](#ステップ-1---vs-code-を使用した接続) + - [ステップ 2 - ターミナルの使用](#ステップ-2---ターミナルの使用) + - [ステップ 3 - 実行環境の検証](#ステップ-3---実行環境の検証) + - [ステップ 4 - ansible-navigator 設定の検証](#ステップ-4---ansible-navigator-設定の検証) + - [ステップ 5 - インベントリーの検証](#ステップ-5---インベントリーの検証) + - [ステップ 6 - インベントリーについて](#ステップ-6---インベントリーについて) + - [ステップ 7 - ansible-navigator を使用したインベントリーの探索](#ステップ-7---ansible-navigator-を使用したインベントリーの探索) + - [ステップ 8 - ネットワークデバイスへの接続](#ステップ-8---ネットワークデバイスへの接続) + - [完了](#完了) + +## 目的 + +ラボ環境を調べて理解します。 + +この最初のいくつかのラボ演は、Ansible Automation Platform +のコマンドラインユーティリティーを使用します。これには、以下が含まれます。 + +- [ansible-navigator](https://github.com/ansible/ansible-navigator) - +Ansible オートメーションコンテンツを実行・開発するためのコマンドラインユーティリティとテキストベースのユーザーインターフェース(TUI)。- +[ansible-core](https://docs.ansible.com/core.html) - Ansible Automation +Platform +を支えるフレームワーク、言語、機能を提供する基本的な実行ファイルです。また、`ansible`、`ansible-playbook`、`ansible-doc` +などのさまざまなクリエートツールも含まれています。Ansible Coreは、無料でオープンソースのAnsibleを提供する上流のコミュニティと、Red +Hatが提供する下流のエンタープライズオートメーション製品であるAnsible Automation Platformとの橋渡しの役割を果たします。- +[実行環境](https://docs.ansible.com/automation-controller/latest/html/userguide/execution_environments.html) +- このワークショップでは特に取り上げません。なぜなら、ビルトインの Ansible 実行環境には、Red +Hatがサポートするすべてのコレクションがすでに含まれており、このワークショップで使用するすべてのネットワークコレクションも含まれているからです。実行環境とは、Ansible +の実行環境として利用できるコンテナイメージです。- +[ansible-builder](https://github.com/ansible/ansible-builder) - +このワークショップでは特に取り上げませんが、`ansible-builder` +は実行環境の構築プロセスを自動化するためのコマンドラインユーティリティです。 + +Ansible Automation Platformの新しいコンポーネントに関する情報が必要な場合は、このランディングページをブックマークしてください +[https://red.ht/AAP-20](https://red.ht/AAP-20) + +> Join our community forum! +> +> Before you get started, please join us on https://forum.ansible.com/. This will allow you to get Ansible help after the workshops concludes. + + +## 図 + +![Red Hat Ansible +Automation](https://github.com/ansible/workshops/raw/devel/images/ansible_network_diagram.png) + + + +## ガイド + +### ステップ 1 - VS Code を使用した接続 + + + + + + + +
ワークショップの演習には、Visual Studio Codeの使用が強く推奨されます。Visual Studio Codeは以下を提供します。 +
    +
  • ファイルブラウザ
    • +
  • 構文強調表示の機能付きテキストエディタ
    • +
  • ブラウザ内ターミナル
    • +
+ バックアップとして、あるいはVisual Studio Codeでは不十分な場合には、SSHによる直接アクセスが可能です。さらなる説明が必要な場合は、短い YouTube ビデオが用意されています。 Ansible Workshops - ワークベンチ環境へのアクセス +
+ +- ワークショップの起動ページ(講師が用意したもの)からVisual Studio +Codeに接続します。パスワードは、WebUIのリンクの下に記載されています。 + + ![launch page](images/launch_page.png) + +- 接続する提供されたパスワードを入力します。 + + ![login vs code](images/vscode_login.png) + +- Visual Studio Code で `network-workshop` ディレクトリーを開きます。 + + ![picture of file browser](images/vscode-networkworkshop.png) + +- `playbook.yml` をクリックしてコンテンツを表示します。 + + ![picture of playbook](images/vscode-playbook.png) + +### ステップ 2 - ターミナルの使用 + +- Visual Studio Code でターミナルを開きます。 + + ![picture of new terminal](images/vscode-new-terminal.png) + +Ansible コントロールノードターミナルで `network-workshop` ディレクトリーに移動します。 + +```bash +[student@ansible-1 ~]$ cd ~/network-workshop/ +[student@ansible-1 network-workshop]$ pwd +/home/student/network-workshop +[student@ansible-1 network-workshop]$ +``` + +* `~` - このコンテキストでのチルダは `/home/student` のショートカットです +* `cd` - ディレクトリーを変更する Linux コマンド +* `pwd` - 作業ディレクトリーを印刷するための Linux コマンド。これにより、現在の作業ディレクトリーへのフルパスが表示されます。 + +### ステップ 3 - 実行環境の検証 + +`ansible-navigator` 引数を指定して `images` コマンドを実行し、コントロールノードに設定された実行環境を確認します。 + +```bash +$ ansible-navigator images +``` + +![ansible-navigator images](images/navigator-images.png) + + +> 注記 +> +> 表示される出力は、上記の出力とは異なる場合があります + +このコマンドは、現在インストールされているすべての実行環境(略してEE)に関する情報を提供します。対応する番号を押すことで、EE +を調べることができます。例えば、上記の例で **0** を押すと、`network-ee` の実行環境が表示されます。 + +![ee メインメニュー](images/navigator-ee-menu.png) + +`2` に `Ansible version and collections` を選択すると、その特定の EE にインストールされたすべての +Ansible Collections と、`ansible-core` のバージョンが表示されます。 + +![ee info](images/navigator-ee-collections.png) + +### ステップ 4 - ansible-navigator 設定の検証 + +Visual Studio Code を使用して `ansible-navigator.yml` ファイルを開くか、`cat` +コマンドを使用してファイルの内容を表示します。このファイルはホームディレクトリーにあります。 + +```bash +$ cat ~/.ansible-navigator.yml +--- +ansible-navigator: + ansible: + inventories: + - /home/student/lab_inventory/hosts + + execution-environment: + image: quay.io/acme_corp/network-ee:latest + enabled: true + container-engine: podman + pull-policy: missing + volume-mounts: + - src: "/etc/ansible/" + dest: "/etc/ansible/" +``` + +`ansible-navigator.yml` ファイル内の次のパラメータに注意してください。 + +* `inventories`: 使用されている Ansible インベントリーの場所を示します +* `execution-environment`: デフォルトの実行環境が設定されている場所 + +設定可能なすべての knob +の詳細な一覧については、[ドキュメント](https://ansible-navigator.readthedocs.io/en/latest/settings/) +を参照してください。 + +### ステップ 5 - インベントリーの検証 + +`playbook` 内の `play` の範囲は、Ansible **inventory** +内で宣言されたホストのグループに制限されます。Ansible は複数の +[インベントリー](http://docs.ansible.com/ansible/latest/intro_inventory.html) +タイプに対応しています。インベントリーは、その中で定義されたホストのコレクションが含まれるシンプルなファイルや、Playbook +を実行するデバイスのリストを生成する動的スクリプト (CMDBバックエンドのクエリーを行うものなど) が考えられます。 + +このラボでは、**ini** 形式で記述されたファイルベースのインベントリーを操作します。Visual Studio Code を使用して +`~/lab_inventory/hosts` ファイルを開くか、`cat` コマンドを使用してファイルの内容を表示します。 + +```bash +$ cat ~/lab_inventory/hosts +``` + +```bash +[all:vars] +ansible_ssh_private_key_file=~/.ssh/aws-private.pem + +[routers:children] +cisco +juniper +arista + +[cisco] +rtr1 ansible_host=18.222.121.247 private_ip=172.16.129.86 +[arista] +rtr2 ansible_host=18.188.194.126 private_ip=172.17.158.197 +rtr4 ansible_host=18.221.5.35 private_ip=172.17.8.111 +[juniper] +rtr3 ansible_host=3.14.132.20 private_ip=172.16.73.175 + +[cisco:vars] +ansible_user=ec2-user +ansible_network_os=ios +ansible_connection=network_cli + +[juniper:vars] +ansible_user=ec2-user +ansible_network_os=junos +ansible_connection=netconf + +[arista:vars] +ansible_user=ec2-user +ansible_network_os=eos +ansible_connection=network_cli +ansible_become=true +ansible_become_method=enable + +[dc1] +rtr1 +rtr3 + +[dc2] +rtr2 +rtr4 + +[control] +ansible ansible_host=13.58.149.157 ansible_user=student private_ip=172.16.240.184 +``` + +### ステップ 6 - インベントリーについて + +上記の出力では、すべての `[ ]` がグループを定義しています。たとえば、`[dc1]` は、ホスト `rtr1` と `rtr3` +を含むグループです。グループは _ネスト_ することもできます。グループ `[routers]` はグループ `[cisco]` の親グループです + +親グループは、`children` +ディレクティブを使用して宣言されます。ネストされたグループがあると、より具体的な値を変数に柔軟に割り当てることができます。 + +グループとホストには、変数を関連付けることができます。 + +> 注記: +> +> ** all ** というグループは常に存在し、インベントリ内で定義されたすべてのグループとホストが含まれます。 + +ホスト変数は、ホスト自体と同じ行で定義できます。たとえば、ホスト `rtr1` の場合: + +```sh +rtr1 ansible_host=18.222.121.247 private_ip=172.16.129.86 +``` + +* `rtr1` - Ansible が使用する名前。これは DNS に依存できますが、必須では必要ありません +* `ansible_host` - ansible が使用する IP アドレス。設定されていない場合は、デフォルトで DNS になります +* `private_ip` - この値は ansible によって予約されていないため、デフォルトで + [ホスト変数](http://docs.ansible.com/ansible/latest/intro_inventory.html#host-variables) + になります。この変数は、Playbook で使用することも、完全に無視することもできます。 + +グループ変数グループは、`vars` +ディレクティブを使用して宣言されます。グループを持つことで、共通の変数を複数のホストに柔軟に割り当てることができます。`[group_name:vars]` +セクションで複数のグループ変数を定義できます。たとえば、グループ `cisco` を見てください。 + +```sh +[cisco:vars] +ansible_user=ec2-user +ansible_network_os=ios +ansible_connection=network_cli +``` + +* `ansible_user` - ユーザー ansible + は、このホストへのログインに使用されます。設定されていない場合は、デフォルトで、プレイブックの実行元のユーザーになります。 +* `ansible_network_os` - この変数は、後で説明するように、play 定義内で `network_cli` + 接続タイプを使用するときに必要です。 +* `ansible_connection` - この変数は、このグループの + [接続プラグイン](https://docs.ansible.com/ansible/latest/plugins/connection.html) + を設定します。これは、この特定のネットワークプラットフォームがサポートするものに応じて、`netconf`、`httpapi`、`network_cli` + などの値に設定できます。 + +### ステップ 7 - ansible-navigator を使用したインベントリーの探索 + +`ansible-navigator` TUI を使用してインベントリーを調べることもできます。 + +`ansible-navigator inventory` コマンドを実行して、TUI にインベントリーを取り込みます。 + +![ansible-navigator tui](images/ansible-navigator.png) + +キーボードで **0** または **1** を押すと、それぞれグループまたはホストが開きます。 + +![ansible-navigator groups](images/ansible-navigator-groups.png) + +**Esc** キーを押して、上のレベルに移動することができます。または、個々のホストにズームできます。 + +![ansible-navigator host](images/ansible-navigator-rtr-1.png) + +### ステップ 8 - ネットワークデバイスへの接続 + +ラボ環境には、rtr1、rtr2、rtr3、rtr4 という名前の 4 +つのルーターがあります。ネットワークの図は、[ネットワーク自動化ワークショップの目次](../README.md) でいつでも利用できます。SSH +設定ファイル (`~/.ssh/config`) +はすでにコントロールノードにセットアップされています。したがって、コントロールノードから任意のルーターにログインせずに SSH で接続できます。 + +たとえば、Ansible コントロールノードから rtr1 に接続するには、次のように入力します。 + +```bash +$ ssh rtr1 +``` + +例: +``` +$ ssh rtr1 +Warning: Permanently added 'rtr1,35.175.115.246' (RSA) to the list of known hosts. + + + +rtr1#show ver +Cisco IOS XE Software, Version 16.09.02 +``` + +## 完了 + +ラボ演習 1 を完了しました! + +以下の内容について理解できるようになりました。 + +* Visual Studio Code を使用してラボ環境に接続する方法 +* `ansible-navigator` を使用して **実行環境** を調べる方法 +* Ansible Navigator 設定 (`ansible-navigator.yml`) が保管される場所 +* インベントリーがコマンドライン演習用に保存されている場所 +* ansible-navigator TUI(テキストベースのユーザーインターフェース)の使用方法 + + + +--- +[次の演習](../2-first-playbook/README.ja.md) + +[Ansible Network Automation ワークショップに戻る](../README.ja.md) diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/README.md b/exercises/ansible_network_lightspeed_eda/1-explore/README.md new file mode 100644 index 000000000..9eb8c7ed7 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/1-explore/README.md @@ -0,0 +1,291 @@ +# Exercise 1 - Exploring the lab environment + +**Read this in other languages**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md), ![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](https://github.com/ansible/workshops/raw/devel/images/es.png) [Español](README.es.md). + +## Table of Contents + +- [Exercise 1 - Exploring the lab environment](#exercise-1---exploring-the-lab-environment) + - [Table of Contents](#table-of-contents) + - [Objective](#objective) + - [Diagram](#diagram) + - [Guide](#guide) + - [Step 1 - Connecting via VS Code](#step-1---connecting-via-vs-code) + - [Step 2 - Using the Terminal](#step-2---using-the-terminal) + - [Step 3 - Examining Execution Environments](#step-3---examining-execution-environments) + - [Step 4 - Examining the ansible-navigator configuration](#step-4---examining-the-ansible-navigator-configuration) + - [Step 5 - Examining inventory](#step-5---examining-inventory) + - [Step 6 - Understanding inventory](#step-6---understanding-inventory) + - [Step 7 - Using ansible-navigator to explore inventory](#step-7---using-ansible-navigator-to-explore-inventory) + - [Step 8 - Connecting to network devices](#step-8---connecting-to-network-devices) + - [Complete](#complete) + +## Objective + +Explore and understand the lab environment. + +These first few lab exercises will be exploring the command-line utilities of the Ansible Automation Platform. This includes + +- [ansible-navigator](https://github.com/ansible/ansible-navigator) - a command line utility and text-based user interface (TUI) for running and developing Ansible automation content. +- [ansible-core](https://docs.ansible.com/core.html) - the base executable that provides the framework, language and functions that underpin the Ansible Automation Platform. It also includes various cli tools like `ansible`, `ansible-playbook` and `ansible-doc`. Ansible Core acts as the bridge between the upstream community with the free and open source Ansible and connects it to the downstream enterprise automation offering from Red Hat, the Ansible Automation Platform. +- [Execution Environments](https://docs.ansible.com/automation-controller/latest/html/userguide/execution_environments.html) - not specifically covered in this workshop because the built-in Ansible Execution Environments already included all the Red Hat supported collections which includes all the network collections we use for this workshop. Execution Environments are container images that can be utilized as Ansible execution. +- [ansible-builder](https://github.com/ansible/ansible-builder) - not specifically covered in this workshop, `ansible-builder` is a command line utility to automate the process of building Execution Environments. + +If you need more information on new Ansible Automation Platform components bookmark this landing page [https://red.ht/AAP-20](https://red.ht/AAP-20) + +> Join our community forum! +> +> Before you get started, please join us on https://forum.ansible.com/. This will allow you to get Ansible help after the workshops concludes. + + +## Diagram + +![Red Hat Ansible Automation](https://github.com/ansible/workshops/raw/devel/images/ansible_network_diagram.png) + + + +## Guide + +### Step 1 - Connecting via VS Code + + + + + + + +
It is highly encouraged to use Visual Studio Code to complete the workshop exercises. Visual Studio Code provides: +
    +
  • A file browser
    • +
  • A text editor with syntax highlighting
    • +
  • A in-browser terminal
    • +
+ Direct SSH access is available as a backup, or if Visual Studio Code is not sufficient to the student. There is a short YouTube video provided if you need additional clarity: Ansible Workshops - Accessing your workbench environment. +
+ +- Connect to Visual Studio Code from the Workshop launch page (provided by your instructor). The password is provided below the WebUI link. + + ![launch page](images/launch_page.png) + +- Type in the provided password to connect. + + ![login vs code](images/vscode_login.png) + +- Open the `network-workshop` directory in Visual Studio Code: + + ![picture of file browser](images/vscode-networkworkshop.png) + +- Click on the `playbook.yml` to view the content. + + ![picture of playbook](images/vscode-playbook.png) + +### Step 2 - Using the Terminal + +- Open a terminal in Visual Studio Code: + + ![picture of new terminal](images/vscode-new-terminal.png) + +Navigate to the `network-workshop` directory on the Ansible control node terminal. + +```bash +[student@ansible-1 ~]$ cd ~/network-workshop/ +[student@ansible-1 network-workshop]$ pwd +/home/student/network-workshop +[student@ansible-1 network-workshop]$ +``` + +* `~` - the tilde in this context is a shortcut for the home directory, i.e. `/home/student` +* `cd` - Linux command to change directory +* `pwd` - Linux command for print working directory. This will show the full path to the current working directory. + +### Step 3 - Examining Execution Environments + +Run the `ansible-navigator` command with the `images` argument to look at execution environments configured on the control node: + +```bash +$ ansible-navigator images +``` + +![ansible-navigator images](images/navigator-images.png) + + +> Note +> +> The output you see might differ from the above output + +This command gives you information about all currently installed Execution Environments or EEs for short. Investigate an EE by pressing the corresponding number. For example pressing **0** with the above example will open the `network-ee` execution environment: + +![ee main menu](images/navigator-ee-menu.png) + +Selecting `2` for `Ansible version and collections` will show us all Ansible Collections installed on that particular EE, and the version of `ansible-core`: + +![ee info](images/navigator-ee-collections.png) + +### Step 4 - Examining the ansible-navigator configuration + +Either use Visual Studio Code to open or use the `cat` command to view the contents of the `ansible-navigator.yml` file. The file is located in the home directory: + +```bash +$ cat .ansible-navigator.yml +--- +ansible-navigator: + ansible: + inventory: + entries: + - /home/student/lab_inventory/hosts + + execution-environment: + image: quay.io/acme_corp/network-ee:latest + enabled: true + container-engine: podman + pull: + policy: missing + volume-mounts: + - src: "/etc/ansible/" + dest: "/etc/ansible/" +``` + +Note the following parameters within the `ansible-navigator.yml` file: + +* `inventories`: shows the location of the ansible inventory being used +* `execution-environment`: where the default execution environment is set + +For a full listing of every configurable knob checkout the [documentation](https://ansible-navigator.readthedocs.io/en/latest/settings/) + +### Step 5 - Examining inventory + +The scope of a `play` within a `playbook` is limited to the groups of hosts declared within an Ansible **inventory**. Ansible supports multiple [inventory](http://docs.ansible.com/ansible/latest/intro_inventory.html) types. An inventory could be a simple flat file with a collection of hosts defined within it or it could be a dynamic script (potentially querying a CMDB backend) that generates a list of devices to run the playbook against. + +In this lab you will work with a file based inventory written in the **ini** format. Either use Visual Studio Code to open or use the `cat` command to view the contents of the `~/lab_inventory/hosts` file. + +```bash +$ cat ~/lab_inventory/hosts +``` + +```bash +[routers:vars] +ansible_user=ec2-user + +[routers:children] +cisco + +[cisco] +rtr1 ansible_host=3.135.190.6 private_ip=172.16.91.181 +rtr2 ansible_host=18.119.134.227 private_ip=172.18.101.101 +rtr4 ansible_host=18.118.33.17 private_ip=172.18.166.3 +rtr3 ansible_host=52.15.61.132 private_ip=172.16.145.2 + +[cisco:vars] +ansible_network_os=ios +ansible_connection=network_cli + + + +[dc1] +rtr1 +rtr3 + +[dc2] +rtr2 +rtr4 + +[control] +ansible-1 ansible_host=3.137.159.171 ansible_user=ec2-user private_ip=172.16.128.14 + +[network:children] +routers +[network:vars] +restore_inventory="Workshop Inventory" +restore_credential="Workshop Credential" +restore_project="Workshop Project" +``` + +### Step 6 - Understanding inventory + +In the above output every `[ ]` defines a group. For example `[dc1]` is a group that contains the hosts `rtr1` and `rtr3`. Groups can also be _nested_. The group `[routers]` is a parent group to the group `[cisco]` + +Parent groups are declared using the `children` directive. Having nested groups allows the flexibility of assigining more specific values to variables. + +We can associate variables to groups and hosts. + +> Note: +> +> A group called **all** always exists and contains all groups and hosts defined within an inventory. + +Host variables can be defined on the same line as the host themselves. For example for the host `rtr1`: + +```sh +rtr1 ansible_host=18.222.121.247 private_ip=172.16.129.86 +``` + +* `rtr1` - The name that Ansible will use. This can but does not have to rely on DNS +* `ansible_host` - The IP address that ansible will use, if not configured it will default to DNS +* `private_ip` - This value is not reserved by ansible so it will default to a [host variable](http://docs.ansible.com/ansible/latest/intro_inventory.html#host-variables). This variable can be used by playbooks or ignored completely. + +Group variables groups are declared using the `vars` directive. Having groups allows the flexibility of assigning common variables to multiple hosts. Multiple group variables can be defined under the `[group_name:vars]` section. For example look at the group `cisco`: + +```sh +[cisco:vars] +ansible_user=ec2-user +ansible_network_os=ios +ansible_connection=network_cli +``` + +* `ansible_user` - The user ansible will be used to login to this host, if not configured it will default to the user the playbook is run from +* `ansible_network_os` - This variable is necessary while using the `network_cli` connection type within a play definition, as we will see shortly. +* `ansible_connection` - This variable sets the [connection plugin](https://docs.ansible.com/ansible/latest/plugins/connection.html) for this group. This can be set to values such as `netconf`, `httpapi` and `network_cli` depending on what this particular network platform supports. + +### Step 7 - Using ansible-navigator to explore inventory + +We can also use the `ansible-navigator` TUI to explore inventory. + +Run the `ansible-navigator inventory` command to bring up inventory in the TUI: + +![ansible-navigator tui](images/ansible-navigator.png) + +Pressing **0** or **1** on your keyboard will open groups or hosts respectively. + +![ansible-navigator groups](images/ansible-navigator-groups.png) + +Press the **Esc** key to go up a level, or you can zoom in to an individual host: + +![ansible-navigator host](images/ansible-navigator-rtr-1.png) + +### Step 8 - Connecting to network devices + +There are four routers, named rtr1, rtr2, rtr3 and rtr4. The network diagram is always available on the [network automation workshop table of contents](../README.md). The SSH configuration file (`~/.ssh/config`) is already setup on the control node. This means you can SSH to any router from the control node without a login: + +For example to connect to rtr1 from the Ansible control node, type: + +```bash +$ ssh rtr1 +``` + +For example: +``` +$ ssh rtr1 +Warning: Permanently added 'rtr1,35.175.115.246' (RSA) to the list of known hosts. + + + +rtr1#show ver +Cisco IOS XE Software, Version 16.09.02 +``` + +## Complete + +You have completed lab exercise 1! + +You now understand: + +* How to connect to the lab environment with Visual Studio Code +* How to explore **execution environments** with `ansible-navigator` +* Where the Ansible Navigator Configuration (`ansible-navigator.yml`) is located +* Where the inventory is stored for command-line exercises +* How to use ansible-navigator TUI (Text-based user interface) + + + +--- +[Next Exercise](../2-resource-module-cisco/README.md) + +[Click Here to return to the Ansible Network Automation Workshop](../README.md) diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-groups.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-groups.png new file mode 100644 index 000000000..f2b49b3e9 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-groups.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-rtr-1.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-rtr-1.png new file mode 100644 index 000000000..ef9549b56 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator-rtr-1.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator.png new file mode 100644 index 000000000..27f086af7 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/ansible-navigator.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/launch_page.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/launch_page.png new file mode 100644 index 000000000..4feaf9b00 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/launch_page.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-collections.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-collections.png new file mode 100644 index 000000000..0cbbd436a Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-collections.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-menu.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-menu.png new file mode 100644 index 000000000..a3ac4318a Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-ee-menu.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-images.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-images.png new file mode 100644 index 000000000..d121fff06 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/navigator-images.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-networkworkshop.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-networkworkshop.png new file mode 100644 index 000000000..6fcdb41df Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-networkworkshop.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-new-terminal.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-new-terminal.png new file mode 100644 index 000000000..36f137a7c Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-new-terminal.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-playbook.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-playbook.png new file mode 100644 index 000000000..2928ac163 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode-playbook.png differ diff --git a/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode_login.png b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode_login.png new file mode 100644 index 000000000..de17322a4 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/1-explore/images/vscode_login.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/README.md b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/README.md new file mode 100644 index 000000000..05ef8b546 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/README.md @@ -0,0 +1,460 @@ +# Exercise 2: Ansible Network Resource Modules - Cisco Example + +## Table of Contents + +## Table of Contents + +- [Exercise 2: Ansible Network Resource Modules - Cisco Example](#exercise-4-ansible-network-resource-modules---cisco-example) + - [Table of Contents](#table-of-contents) + - [Table of Contents](#table-of-contents-1) + - [Objective](#objective) + - [Guide](#guide) + - [Step 1 - Verify SNMP configuration](#step-1---verify-snmp-configuration) + - [Step 2 - Creating the Ansible Playbook](#step-2---creating-the-ansible-playbook) + - [Step 3 - Examine the Ansible Playbook](#step-3---examine-the-ansible-playbook) + - [Step 4 - Execute the Ansible Playbook](#step-4---execute-the-ansible-playbook) + - [Step 5 - Verify SNMP configuration](#step-5---verify-snmp-configuration) + - [Step 6 - Using the gathered parameter](#step-6---using-the-gathered-parameter) + - [Step 7 - Execute the gathered playbook](#step-7---execute-the-gathered-playbook) + - [Step 8 - Examine the files](#step-8---examine-the-files) + - [Step 9 - Publish to remote SCM](#step-9---publish-to-remote-scm) + - [Takeaways](#takeaways) + - [Solution](#solution) + - [Complete](#complete) + +## Objective + +Demonstration use of [Ansible Network Resource Modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html) + +Ansible network resource modules simplify and standardize how you manage different network devices. Network devices separate configuration into sections (such as interfaces and VLANs) that apply to a network service. + +Network resource modules provide a consistent experience across different network devices. This means you will get an identical experience across multiple vendors. For example the **snmp_server** module will work identically for the following modules: + +* `arista.eos.snmp_server` +* `cisco.ios.snmp_server` +* `cisco.nxos.snmp_server` +* `cisco.iosxr.snmp_server` +* `junipernetworks.junos.snmp_server` + +Configuring [SNMP](https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol) on network devices is an extremely common task, and mis-configurations can cause headaches and monitoring issues. SNMP configurations also tend to be identical across multiple network switches resulting in a perfect use case for automation. + +This exercise will cover: + +* Configuring SNMP on Cisco IOS +* Building an Ansible Playbook using the [cisco.ios.snmp_server module](https://docs.ansible.com/ansible/latest/collections/cisco/ios/ios_snmp_server_module.html#ansible-collections-cisco-ios-ios-snmp-server-module). +* Understanding the `state: merged` +* Understanding the `state: gathered` + +## Guide + +### Step 1 - Verify SNMP configuration + +* Login to an Cisco IOS router and verify the current SNMP configuration. + +* From the control node terminal, you can `ssh rtr2` and type `enable` + + ```bash + [student@ansible-1 ~]$ ssh rtr1 + + + rtr1# + ``` + +* Use the command `show snmp` to examine the SNMP configuration: + + ```bash + rtr1#show snmp + %SNMP agent not enabled + ``` + +* Use the `show run | s snmp` to examine the SNMP running-configuration on the Cisco device: + + ```bash + rtr1#sh run | s snmp + rtr1# + ``` + +As you can see in the output above there is no SNMP configuration on the Cisco router. + +### Step 2 - Creating the Ansible Playbook + +* Create a new file in Visual Studio Code named `resource.yml` + + ![new file](images/step1_new_file.png) + +* Copy the following Ansible Playbook into your `resource.yml` + + ```yaml + --- + - name: Configure SNMP + hosts: cisco + gather_facts: false + + tasks: + + - name: Use snmp resource module + cisco.ios.ios_snmp_server: + state: merged + config: + location: 'Durham' + packet_size: 500 + communities: + - acl_v4: acl_uq + name: Durham-community + rw: true + - acl_v4: acl_uq + name: ChapelHill-community + rw: true + ``` + +### Step 3 - Examine the Ansible Playbook + +* First lets examine the first four lines: + + ```yaml + --- + - name: configure SNMP + hosts: cisco + gather_facts: false + ``` + + * The `---` designates this is a [YAML](https://en.wikipedia.org/wiki/YAML) file which is what we write playbooks in. + * `name` is the description of what this playbook does. + * `hosts: cisco` will execute this playbook only on the Cisco network devices. `cisco` is a [group](https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#inventory-basics-formats-hosts-and-groups) name. + * `gather_facts: false` this will disable fact gathering for this play, by default this is turned on. + + +* For the second part we have one task that uses the `cisco.ios.snmp_server` + + ```yaml + tasks: + + - name: Use snmp resource module + cisco.ios.ios_snmp_server: + state: merged + config: + location: 'Durham' + packet_size: 500 + communities: + - acl_v4: acl_uq + name: Durham-community + rw: true + - acl_v4: acl_uq + name: ChapelHill-community + rw: true + + ``` + + * `name:` - just like the play, each task has a description for that particular task + * `state: merged` - This is the default behavior of resource modules. This will simply enforce that the supplied configuration exists on the network device. There is actually seven parameters possible for resource modules: + * merged + * replaced + * overridden + * deleted + * rendered + * gathered + * parsed + + Only two of these parameters will be covered in this exercise, but additional are available in the [supplemental exercises](../supplemental/README.md). + * `config:` - this is the supplied SNMP configuration. It is a list of dictionaries. The most important takeaway is that if the module was change from `cisco.ios.snmp_server` to `junipernetworks.junos.snmp_server` it would work identically. This allows network engineers to focus on the network (e.g. SNMP configuration) versus the vendor syntax and implementation. + +### Step 4 - Execute the Ansible Playbook + +* Execute the playbook using the `ansible-navigator run`. Since there is just one task we can use the `--mode stdout` + + ```bash + $ ansible-navigator run resource.yml --mode stdout + ``` + +* The output will look similar to the following: + + ```bash + $ ansible-navigator run resource.yml --mode stdout + + PLAY [Configure SNMP] ********************************************************** + + TASK [Use snmp resource module] *************************** + changed: [rtr1] + + PLAY RECAP ********************************************************************* + rtr1 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 + ``` + +* Re-running the playbook will demonstrate the concept of [idempotency](https://en.wikipedia.org/wiki/Idempotence) + + ```bash + $ ansible-navigator run resource.yml --mode stdout + + PLAY [Configure SNMP] ********************************************************** + + TASK [Override commands with provided configuration] *************************** + ok: [rtr1] + + PLAY RECAP ********************************************************************* + rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 + ``` + +* As you can see in the output, everything will return `ok=1` indiciating that no changes were taken place. + +### Step 5 - Verify SNMP configuration + +* Login to an Cisco switch and verify the current SNMP configuration. + +* From the control node terminal, you can `ssh rtr1` + +* Use the command `show snmp` to examine the SNMP configuration: + + ```bash + rtr1#show snmp + Chassis: 99SDJQ9I6WK + Location: Durham + 0 SNMP packets input + 0 Bad SNMP version errors + 0 Unknown community name + 0 Illegal operation for community name supplied + 0 Encoding errors + 0 Number of requested variables + 0 Number of altered variables + 0 Get-request PDUs + 0 Get-next PDUs + 0 Set-request PDUs + 0 Input queue packet drops (Maximum queue size 1000) + 0 SNMP packets output + 0 Too big errors (Maximum packet size 500) + 0 No such name errors + 0 Bad values errors + 0 General errors + 0 Response PDUs + 0 Trap PDUs + Packets currently in SNMP process input queue: 0 + SNMP global trap: disabled + + SNMP logging: disabled + ``` + +* Use the `show run | s snmp` to examine the SNMP running-confgiuration on the Cisco device: + + ```bash + rtr1#show run | s snmp + snmp-server community Durham-community RW acl_uq + snmp-server community ChapelHill-community RW acl_uq + snmp-server packetsize 500 + snmp-server location Durham + ``` + +As you can see, the resource module configured the Cisco IOS-XE network device with the supplied configuration. There are now two total SNMP communities. + +### Step 6 - Using the gathered parameter + +* Create the following directory structure under the `network-workshop` directory. + + ```bash + [student@ansible-1 network-workshop]$ tree aap_workshop/ + aap_workshop/ + └── source-of-truth + └── snmp + ``` + + ```bash + mkdir -p aap_workshop/source-of-truth/snmp + ``` + +* Create a new playbook named `gathered.yml` + + + + ```yaml + --- + - name: Retrieve SNMP config + hosts: cisco + gather_facts: false + + tasks: + + - name: Use SNMP resource module + cisco.ios.ios_snmp_server: + state: gathered + register: snmp_config + + - name: Copy snmp_config to file + ansible.builtin.copy: + content: "{{ snmp_config['gathered'] | to_nice_yaml }}" + dest: "{{ playbook_dir }}/aap_workshop/source-of-truth/snmp/{{ inventory_hostname }}.yml" + mode: "644" + ``` + + +* The first task is identical except the `state: merged` has been switched to `gathered`, the `config` is no longer needed since we are reading in the configuration (versus applying it to the network device), and we are using the `register` to save the output from the module into a variable named `snmp_config` + +* The second task is copying the value of the `gathered` key in the `snmp_config` variable to a flat-file. The double curly brackets denotes that this is a variable. + +* The `| to_nice_yaml` is a [filter](https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html), that will transform the JSON output (default) to YAML. + +* The `playbook_dir` and `inventory_hostname` are special variables also referred to as [magic variables](https://docs.ansible.com/ansible/latest/reference_appendices/special_variables.html). The `playbook_dir` simply means the directory we executed the playbook from, and the `inventory_hostname` is the name of the device in our inventory. This means the file will be saved as `~/network-workshop/aap_workshop/source-of-truth/snmp/rtr1.yml` for the cisco device(s). + +### Step 7 - Execute the gathered playbook + +* Execute the playbook using the `ansible-navigator run`. + + ```bash + $ ansible-navigator run gathered.yml --mode stdout + ``` + +* The output will look similar to the following: + + ```bash + $ ansible-navigator run gathered.yml --mode stdout + + PLAY [Retrieve SNMP config] **************************************************** + + TASK [Use SNMP resource module] ************************************************ + ok: [rtr1] + + TASK [Copy snmp_config to file] ************************************************ + changed: [rtr1] + + PLAY RECAP ********************************************************************* + rtr1 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 + ``` + +### Step 8 - Examine the files + +* Open the newly created files that `gathered` the SNMP configuration from the Cisco network device(s). + +* The files were stored under the device name, for example for rtr1: `~/network-workshop/aap_workshop/source-of-truth/snmp/rtr1.yml`. + +```bash + $ cat rtr1_snmp.yml + changed: false + failed: false + gathered: + communities: + - acl_v4: acl_uq + name: ChapelHill-community + rw: true + - acl_v4: acl_uq + name: Durham-community + rw: true + location: Durham + packet_size: 500 +``` + +### Step 9 - Publish to remote SCM + +* At this point, we have a source-of-truth (SoT) created with SNMP configuration from all the 4 routers in our lab. + Now, we will take a look at how to publish this to a remote Git-based SCM repository. + +* For this exercise, we need to create a new repository in Github and generate a fine-grained token for it. + +* Go to your Github account and click on `Repositories`, then click on the `New` button. + Type in `aap_workshop` as the `Repository Name`. Optionally, add a description for it and select visibility to be `Public`. + Click on `Create repository`. + + ![Create new repository](images/step9_new_repo.png) + +* Once the repository has been created, go to [Fine-grained personal access tokens](https://github.com/settings/tokens?type=beta) + and click on `Generate new token`. + +* Add `aap_workshop_pat` as `Token name`. Select an `Expiration` of your choice. + +* Under `Repository access` select `Only select repositories` and choose the newly created `aap_workshop` from the drop-down list. + +* Under `Permissions` select `Repository permissions` and apply `Read and write` to `Contents`. + Finally, click on `Generate token`. + + ![Apply R/W Contents Permission](images/step9_pat_perm.png) + +* The new fine-grained PAT should be created and should be visible to you. + **Make sure to copy the token now as you will not be able to see this again.** + + ![Fine-grained PAT](images/step9_pat.png) + +* Create a new playbook named `publish.yml` with the following content. + + ```bash + touch ~/network_workshop/publish.yml + ``` + + ```yaml + --- + - name: Publish SoT to Github repository + hosts: localhost + gather_facts: false + + tasks: + + - name: Retrieve a repository from a distant location and make it available locally + ansible.scm.git_retrieve: + origin: + url: https://github.com//aap_workshop + register: repository + + - name: Copy SNMP SoT files to temporary repository + ansible.builtin.copy: + src: "aap_workshop/" + dest: "{{ repository['path'] }}/" + mode: "0644" + + - name: Publish the changes to Github repo + ansible.scm.git_publish: + path: "{{ repository['path'] }}" + token: + ``` + +* In this playbook, we are using plugins from the [ansible.scm](https://github.com/ansible-collections/ansible.scm) collection. + This collection was specifically designed to manage Git repositories via Ansible. + +* In the first task, we `retrieve` the newly created remote repository (which at this point would be empty) by using the + `git_retrieve` plugin which "clones" the remote repo into a local temporary directory. Since we created a public repository, + a `token` is not required to fetch it. + +* Next, the contents of the `aap_workshop` repository, i.e., the files created in **Step 7** are copied into this temporary "clone". + +* Finally, the changes are `published` to the remote repository using the `git_publish` plugin. By default, this task creates a + new branch in the remote repository that includes the timestamp of when this commit was made. + +* Once this playbook has successfully run, go to the Github repository and examine the files in it. + +![Populated GH Repo](images/step9_gh_repo.png) + +### Step 10 - Rename repository branch to `main` + +* As a final step in this exercise, we need to rename the default branch in the `aap_workshop` repository to `main`. + +* Go to the Github repository and click on **1 Branch**. + + ![branch](images/branch.png) + +* Click on the **Rename Branch** option in the three-dotted menu **...**. + + ![rename option](images/rename_option.png) + +* Set the `to` field to `main` and click on **Rename branch**. + + ![rename](images/rename.png) + +* Go back to the repository landing page and verify that the branch has been renamed to `main`. + +## Takeaways + +* Resource modules have a simple data structure that can be transformed to the network device syntax. In this case the SNMP dictionary is transformed into the Cisco IOS-XE network device syntax. +* Resource modules are Idempotent, and can be configured to check device state. +* Resource Modules are bi-directional, meaning that they can gather facts for that specific resource, as well as apply configuration. Even if you are not using resource modules to configure network devices, there is a lot of value for checking resource states. +* The bi-directional behavior also allows brown-field networks (existing networks) to quickly turn their running-configuration into structured data. This allows network engineers to get automation up running more quickly and get quick automation victories. +* This structured data can be persisted to a remote SCM using the `ansible.scm` collection. + +## Solution + +The finished Ansible Playbook is provided here for an answer key: + +- [resource.yml](./resource.yml) +- [gathered.yml](./gathered.yml) +- [publish.yml](./publish.yml) + +## Complete + +You have completed this lab exercise. + +--- + +[Click here to return to the Ansible Network Automation Workshop](../../README.md) diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/gathered.yml b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/gathered.yml new file mode 100644 index 000000000..3fbff0af6 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/gathered.yml @@ -0,0 +1,17 @@ +--- +- name: Retrieve SNMP config + hosts: cisco + gather_facts: false + + tasks: + + - name: Use SNMP resource module + cisco.ios.ios_snmp_server: + state: gathered + register: snmp_config + + - name: Copy snmp_config to file + ansible.builtin.copy: + content: "{{ snmp_config | to_nice_yaml }}" + dest: "{{ playbook_dir }}/{{ inventory_hostname }}_snmp.yml" + mode: "644" diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/branch.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/branch.png new file mode 100644 index 000000000..3c5198ace Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/branch.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename.png new file mode 100644 index 000000000..0c9d033ac Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename_option.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename_option.png new file mode 100644 index 000000000..c702ca2eb Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/rename_option.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step1_new_file.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step1_new_file.png new file mode 100644 index 000000000..4a8b3d857 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step1_new_file.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_gh_repo.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_gh_repo.png new file mode 100644 index 000000000..f636f0123 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_gh_repo.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_new_repo.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_new_repo.png new file mode 100644 index 000000000..89e351a30 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_new_repo.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat.png new file mode 100644 index 000000000..d63bf06de Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat_perm.png b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat_perm.png new file mode 100644 index 000000000..fd68d3b29 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/images/step9_pat_perm.png differ diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/publish.yml b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/publish.yml new file mode 100644 index 000000000..ff3294aac --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/publish.yml @@ -0,0 +1,23 @@ +--- +- name: Publish to SCM repository + hosts: localhost + gather_facts: true + + tasks: + + - name: Retrieve a repository from a distant location and make it available locally + ansible.scm.git_retrieve: + origin: + url: https://github.com//aap_workshop + register: repository + + - name: Copy snmp_config to files in repository + ansible.builtin.copy: + src: "aap_workshop/" + dest: "{{ repository['path'] }}/" + mode: "0644" + + - name: Publish the changes + ansible.scm.git_publish: + path: "{{ repository['path'] }}" + token: diff --git a/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/resource.yml b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/resource.yml new file mode 100644 index 000000000..19de4e604 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/2-resource-module-snmp/resource.yml @@ -0,0 +1,20 @@ +--- +- name: Configure SNMP + hosts: cisco + gather_facts: false + + tasks: + + - name: Use snmp resource module + cisco.ios.ios_snmp_server: + state: merged + config: + location: 'Durham' + packet_size: 500 + communities: + - acl_v4: acl_uq + name: Durham-community + rw: true + - acl_v4: acl_uq + name: ChapelHill-community + rw: true diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/README.md b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/README.md new file mode 100644 index 000000000..525b6ee4d --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/README.md @@ -0,0 +1,284 @@ +# Exercise 6: Configuring BGP and OSPF using Automation Controller + +## Table of Contents + +* [Objective](#objective) +* [Guide](#guide) + * [Step 1: Examine the Automation controller Inventory](#step-1-examine-the-automation-controller-inventory) + * [Step 2: Examine the Automation controller Workshop Credential](#step-2-examine-the-automation-controller-workshop-credential) + * [Step 3: Examine the Automation controller Workshop Project](#step-3-examine-the-automation-controller-workshop-project) +* [Takeaways](#takeaways) +* [Complete](#complete) + +## Objective + +In this exercise, we will write new playbooks using **Resource Modules** to configure BGP on the lab routers and validate +the BGP operational state. + +## Guide + +### Step 1: Examine the topology of the lab routers + +![Red Hat Ansible Automation](https://github.com/ansible/workshops/blob/devel/images/ansible_network_diagram.png?raw=true) + +* There are 4 routers in the topology - `rtr1`, `rtr2`, `rtr3` and `rtr4`. They are connected over pre-configured Tunnel interfaces. + +* `rtr1` is connected to `rtr3` over Tunnel0 (network `10.100.100.0/24`). + +* `rtr2` is connected to `rtr4` over Tunnel0 (network `10.101.101.0/24`). + +* `rtr1` and `rtr2` are connected over Tunnel1 (network `10.200.200.X/24`). + +* Go the VS code WebUI terminal and verify the interface configuration on these routers by ssh-ing into them and executing the + following command: + + ```bash + rtr1#show running-config | section ^interface + ``` + +* Routers `rtr1` - `rtr3` and `rtr2` - `rtr4` are configured to be OSPF neighbors. + + To verify the OSPF configuration execute the following command: + + ```sh + rtr1#show ip ospf neighbor + ``` + + For example, the OSPF configuration on `rtr1` is: + + ```sh + rtr1#show running-config | section ^router ospf + router ospf 1 + router-id 192.168.1.1 + redistribute bgp 65000 + ``` + + To validate the OSPF neighbor information on a per-interface basis, use the following command: + + ```sh + rtr1#show ip ospf neighbor + + Neighbor ID Pri State Dead Time Address Interface + 192.168.3.3 0 FULL/ - 00:00:39 10.100.100.2 Tunnel0 + ``` + +### Step 2: Configuring BGP on `rtr1` and `rtr2` + +* In this step, we will write playbooks to establish BGP between `rtr1` and `rtr2`. + +* In the VS code WebUI terminal, create a new directory named `bgp` under `aap_workshop/source-of-truth` directory with the + following: + + ```bash + mkdir -p aap_workshop/source-of-truth/bgp + ``` + +* Create two new YAML files in the `aap_workshop/source-of-truth/bgp` directory named `rtr1.yaml` and `rtr2.yaml`. + + ```bash + touch aap_workshop/source-of-truth/bgp/rtr1.yml + touch aap_workshop/source-of-truth/bgp/rtr2.yml + ``` + +* These two files will act as the Source-of-Truth for the BGP configuration on these devices respectively. + Populate these files with the following: + + **rtr1.yaml** + + ```yaml + # bgp configuration for rtr1 + bgp_address_family: + address_family: + - afi: ipv4 + neighbors: + - activate: true + neighbor_address: 10.200.200.2 + networks: + - address: 10.100.100.0 + mask: 255.255.255.0 + - address: 10.200.200.0 + mask: 255.255.255.0 + redistribute: + - ospf: + process_id: 1 + as_number: '65000' + bgp_global: + as_number: '65000' + bgp: + log_neighbor_changes: true + router_id: + address: 192.168.1.1 + neighbors: + - neighbor_address: 10.200.200.2 + remote_as: '65001' + ``` + + **rtr2.yaml** + + ```yaml + # bgp configuration for rtr2 + bgp_address_family: + address_family: + - afi: ipv4 + neighbors: + - activate: true + neighbor_address: 10.200.200.1 + networks: + - address: 10.101.101.0 + mask: 255.255.255.0 + - address: 10.200.200.0 + mask: 255.255.255.0 + redistribute: + - ospf: + process_id: 1 + as_number: '65001' + bgp_global: + as_number: '65001' + bgp: + log_neighbor_changes: true + router_id: + address: 192.168.2.2 + neighbors: + - neighbor_address: 10.200.200.1 + remote_as: '65000' + ``` + +* Next, create a new playbook named `configure_bgp.yaml` in the `aap_workshop` directory. + + ```bash + touch aap_workshop/configure_bgp.yml + ``` + +* Open the `configure_bgp.yml` playbook in VS code and populate it with the following: + + ```yaml + --- + - hosts: rtr1, rtr2 + gather_facts: false + tasks: + - name: "Load source-of-truth for {{ inventory_hostname }}" + ansible.builtin.include_vars: + file: ./source-of-truth/bgp/{{ inventory_hostname }}.yml + + - name: "Configure BGP Global Configuration on {{ inventory_hostname }}" + cisco.ios.ios_bgp_global: + config: "{{ bgp_global }}" + state: overridden + + - name: "Configure BGP Address Family Configuration on {{ inventory_hostname }}" + cisco.ios.ios_bgp_address_family: + config: "{{ bgp_address_family }}" + state: overridden + ``` + + **Notes**: + + * In the first task, we're loading the BGP configuration from the flat-files for the respective hosts using the `include_vars` + plugin. This plugin loads YAML/JSON variables dynamically from a file or directory, recursively, during task runtime. For more + information on this, refer to the [documentation](https://docs.ansible.com/ansible/latest/collections/ansible/builtin/include_vars_module.html). + + * Next, we are using the `ios_bgp_global` module from the `cisco.ios` collection to configure global BGP configuration lines + on both the routers. As a part of this, we are passing the contents of `bgp_global` variable that was loaded from the flat-files + to the `config` key of this module. Along with that, we have also set `state: overridden`, this ensures that when this playbook is executed any superfluous BGP global config that maybe present on the routers will be negated and the routers will move to the desired state as defined in the source-of-truth. + + * In the third task, we essential do the same as the previous one but with the `ios_bgp_address_family` module which manages all + the BGP Address Family configuration on IOS-XE routers. + +### Step 3: Execute this playbook with `ansible-navigator`. + +* Before executing the playbook, login to `rtr1` and `rtr2` and check the output of `show ip bgp summary`. + It should say `% BGP not active`. + + ```bash + rtr1#show ip bgp summary + % BGP not active + ``` + +* Once you have verified that BGP is not configured and running of these two routers, execute the playbook with `ansible-navigator`. + + ```bash + [student@ansible-1 network-workshop]$ ansible-navigator run aap_workshop/configure_bgp.yaml --mode stdout + ``` + +* Once the playbook run has completed, the BGP configuration should be correctly pushed to the routers. + To validate this, ssh to `rtr1` and `rtr2` and observe the output of `show ip bgp summary`. + + ```bash + rtr1#show ip bgp summary + BGP router identifier 192.168.1.1, local AS number 65000 + BGP table version is 4, main routing table version 4 + 3 network entries using 744 bytes of memory + 4 path entries using 544 bytes of memory + 2/2 BGP path/bestpath attribute entries using 592 bytes of memory + 1 BGP AS-PATH entries using 24 bytes of memory + 0 BGP route-map cache entries using 0 bytes of memory + 0 BGP filter-list cache entries using 0 bytes of memory + BGP using 1904 total bytes of memory + BGP activity 3/0 prefixes, 4/0 paths, scan interval 60 secs + 3 networks peaked at 08:41:45 Oct 17 2024 UTC (02:26:40.722 ago) + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + 10.200.200.2 4 65001 166 167 4 0 0 02:27:31 2 + ``` + + ```bash + rtr2#show ip bgp summary + BGP router identifier 192.168.2.2, local AS number 65001 + BGP table version is 4, main routing table version 4 + 3 network entries using 744 bytes of memory + 4 path entries using 544 bytes of memory + 2/2 BGP path/bestpath attribute entries using 592 bytes of memory + 1 BGP AS-PATH entries using 24 bytes of memory + 0 BGP route-map cache entries using 0 bytes of memory + 0 BGP filter-list cache entries using 0 bytes of memory + BGP using 1904 total bytes of memory + BGP activity 3/0 prefixes, 4/0 paths, scan interval 60 secs + 3 networks peaked at 08:41:45 Oct 17 2024 UTC (02:27:21.165 ago) + + Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd + 10.200.200.1 4 65000 167 166 4 0 0 02:28:11 2 + ``` + + **Note:** It might take some time for the prefix count to reflect `2`. + + +### Step 3: Publish the newly added files to the `aap_workshop` Github repository + +* In this step, we will use the previously written `publish.yaml` playbook to update our `aap_workshop` repository with the playbook + and BGP configuration flat-files. The `publish.yaml` playbook pushes all the content in the `aap_workshop` local directory to the Github repository. + +* To update the remote repository, run the playbook from the terminal. + + ```bash + ansible-navigator run publish.yml --mode stdout + ``` + +* After the playbook execution has completed, go to the Github repository. It should prompt you to **Compare & pull request**. + Click on the button and it will take you to the `Open a pull request` page. + + ![update scm repo](images/update_scm_pr.png) + +* Click on **Create pull request**. + + ![create pull request](images/create_pull_request.png) + +* Examine the changes by going to **Files changed** and if everything looks as expected, merge the PR into `main` branch by clicking on **Merge pull request**. + + ![merge pull request](images/merge.png) + +* Go to the main repository page and it should now have the new playbook and the new source-of-truth flat-files. + +## Takeaways + +- **Resource Modules** can be used configure specific network resources like BGP global and BGP address family. +- Using **Resource Modules**, the source-of-truth can be easily decoupled from the playbooks that use it. This simplifies + the content in the playbooks, allowing network administrators to focus on the correctness of the configuration being + pushed to the target devices by modifying the source-of-truth ONLY. + +## Solution + +The finished Ansible Playbook is provided here for an answer key: + +- [rtr1.yaml](./rtr1.yml) +- [rtr1.yaml](./rtr2.yml) +- [configure.yml](./configure.yml) diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/configure_bgp.yml b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/configure_bgp.yml new file mode 100644 index 000000000..eda22584c --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/configure_bgp.yml @@ -0,0 +1,17 @@ +--- +- hosts: rtr1, rtr2 + gather_facts: false + tasks: + - name: "Load source-of-truth for {{ inventory_hostname }}" + ansible.builtin.include_vars: + file: ./source-of-truth/bgp/{{ inventory_hostname }}.yml + + - name: "Configure BGP Global Configuration on {{ inventory_hostname }}" + cisco.ios.ios_bgp_global: + config: "{{ bgp_global }}" + state: overridden + + - name: "Configure BGP Address Family Configuration on {{ inventory_hostname }}" + cisco.ios.ios_bgp_address_family: + config: "{{ bgp_address_family }}" + state: overridden diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/create_pull_request.png b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/create_pull_request.png new file mode 100644 index 000000000..fcd523c9f Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/create_pull_request.png differ diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/merge.png b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/merge.png new file mode 100644 index 000000000..da61ee2dd Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/merge.png differ diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/update_scm_pr.png b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/update_scm_pr.png new file mode 100644 index 000000000..caf378319 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/images/update_scm_pr.png differ diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr1.yml b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr1.yml new file mode 100644 index 000000000..f42b64710 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr1.yml @@ -0,0 +1,24 @@ +bgp_address_family: + address_family: + - afi: ipv4 + neighbors: + - activate: true + neighbor_address: 10.200.200.2 + networks: + - address: 10.100.100.0 + mask: 255.255.255.0 + - address: 10.200.200.0 + mask: 255.255.255.0 + redistribute: + - ospf: + process_id: 1 + as_number: '65000' +bgp_global: + as_number: '65000' + bgp: + log_neighbor_changes: true + router_id: + address: 192.168.1.1 + neighbors: + - neighbor_address: 10.200.200.2 + remote_as: '65001' diff --git a/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr2.yml b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr2.yml new file mode 100644 index 000000000..97bac9d39 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/3-resouce-module-bgp/rtr2.yml @@ -0,0 +1,24 @@ +bgp_address_family: + address_family: + - afi: ipv4 + neighbors: + - activate: true + neighbor_address: 10.200.200.1 + networks: + - address: 10.101.101.0 + mask: 255.255.255.0 + - address: 10.200.200.0 + mask: 255.255.255.0 + redistribute: + - ospf: + process_id: 1 + as_number: '65001' +bgp_global: + as_number: '65001' + bgp: + log_neighbor_changes: true + router_id: + address: 192.168.2.2 + neighbors: + - neighbor_address: 10.200.200.1 + remote_as: '65000' diff --git a/exercises/ansible_network_lightspeed_eda/4-ansible-lightspeed/README.md b/exercises/ansible_network_lightspeed_eda/4-ansible-lightspeed/README.md new file mode 100644 index 000000000..97847b2f9 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/4-ansible-lightspeed/README.md @@ -0,0 +1 @@ +# Exercise 3 - Using Ansible Lightspeed \ No newline at end of file diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/README.md b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/README.md new file mode 100644 index 000000000..2a9e0ad75 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/README.md @@ -0,0 +1,107 @@ +# Exercise 4: Explore Ansible Automation Platform 2.5 + +With Ansible Automation Platform, you can create, manage, and scale automation for your organization across users, teams, and regions. The release of Ansible Automation Platform 2.5 introduces an updated, unified user interface (UI) that allows you to interact with and manage each part of the platform. + +## Table of Contents + +* [Objective](#objective) +* [Guide](#guide) + * [Step 1: Login to Ansible Automation Platform UI](#step-1-login-to-ansible-automation-platform) + * [Step 2: Examine the Automation controller Inventory](#step-2-examine-the-automation-controller-inventory) + * [Step 3: Examine the Automation controller Workshop Project](#step-3-examine-the-automation-controller-workshop-project) + * [Step 4: Examine the Automation controller Workshop Credential](#step-4-examine-the-automation-controller-workshop-credential) +* [Takeaways](#takeaways) +* [Complete](#complete) + +## Objective + +Explore and understand the lab environment. This exercise will cover + +* Determining the Ansible Automation Platform version running on the control node +* Locating and understanding: + * Automation Execution + * Automation Decisions + * Automation Content + * Automation Analytics + * Access Management + +## Guide + +### Step 1: Login to Ansible Automation Platform + +1. Return to the workshop launch page provided by your instructor. + +2. Click on the link to the AAP UI. You should see a login screen similar to the follow: + + Screenshot of Automation controller login window. + ![aap ui login window](images/aap-ui.png) + + * The username will be `admin` + * password provided on launch page + +3. After logging in the Dashboard will be the default view as shown below. + + ![aap dashboard](images/aap-dashboard.png) + +4. Click on the **?** button on the top right of the user interface and click **About**. + A window will pop up similar to the following: + + ![version info window](images/aap-version.png) + +### Step 2: Explore the unified platform UI + +AAP 2.5 comes with an unified UI that provides a consistent and centralized WebUI, API, authentication, authorization and role based access controls (RBAC), along with automation analytics that helps let's users utilize reporting at scale. + +Take a look at the left sidebar in the dashboard. + +![aap left sidebar](images/aap-dashboard-sidebar.png) + +1. **Automation Controller** + +The centerpiece of Ansible Automation Platform is its automation execution command and control center, where you can deploy, define, operate, scale and delegate automation across your enterprise. With this functionality, you can perform a variety of tasks from a single location, such as running playbooks from a simple, straightforward web UI, monitoring dashboard activity, and centralized logging to manage and track job execution. + +![automation controller](images/automation-controller.png) + +2. **Event-Driven Ansible** + +AAP includes Event-Driven Ansible, an automation engine that listens to your system’s event stream and reacts to events that you have specified with targeted automation tasks. In this way, Event-Driven Ansible manages routine automation tasks and responses, freeing you up to work on more complex tasks. + +![event driven ansible](images/event-driven-ansible.png) + +3. **Automation Hub** + +Automation hub is the central location for your Ansible Automation Platform content. In automation hub you can also find content collections that you can download and integrate into your automation environment. You can also create and upload your own content to distribute to your users. + +![automation hub](images/automation-hub.png) + +4. **Automation Analytics** + +Automation Analytics provides key data on Job Template usage, Ansible Module usage, organizational comparisons across your enterprise, and much more. With automation analytics, you can measure the business impact of Ansible Automation Platform, such as your return on investment (ROI). You can see what you’re monitoring—and how it’s performing—so you can make informed, data-driven decisions and scale faster. + +![automation analytics](images/automation-analytics.png) + +5. **Access Management** + +This section allows platform administrators to manage users, roles, team, organizations and various authentication methods. + +![access management](images/access-management.png) + +6. **Ansible Lightspeed** + +Ansible Lightspeed with watsonx Code Assistant is a generative AI service designed by and for Ansible platform engineers and developers. It accepts natural-language prompts entered by a user and then interacts with IBM watsonx foundation models to produce code recommendations built on Ansible best practices. Ansible Lightspeed can help you convert subject matter expertise into trusted, reliable Ansible code that scales across teams and domains. + +![ansible lightspeed](images/ansible-lightspeed.png) + +## Takeaways + +* In this exercise, we walked through the Ansible Automation Platform UI and explored the services available. +* For this remaining part of this workshop, our focus will be on Automation Controller and Event-Driven Ansible. + +## Complete + +You have completed lab exercise 4 + +--- +[Previous Exercise](../3-ansible-lightspeed/README.md) | [Next Exercise](../5-controller-job-template/README.md) + +[Click here to return to the Ansible Network Automation Workshop](../README.md) diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard-sidebar.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard-sidebar.png new file mode 100644 index 000000000..0c565061c Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard-sidebar.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard.png new file mode 100644 index 000000000..dc186afaa Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-dashboard.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-ui.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-ui.png new file mode 100644 index 000000000..9a57849c2 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-ui.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-version.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-version.png new file mode 100644 index 000000000..3105cd28a Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/aap-version.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/access-management.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/access-management.png new file mode 100644 index 000000000..3e1aac0ac Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/access-management.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/ansible-lightspeed.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/ansible-lightspeed.png new file mode 100644 index 000000000..3afad7403 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/ansible-lightspeed.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-analytics.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-analytics.png new file mode 100644 index 000000000..ccc1bb145 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-analytics.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-controller.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-controller.png new file mode 100644 index 000000000..7b26da613 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-controller.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-hub.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-hub.png new file mode 100644 index 000000000..b0b4b69b0 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/automation-hub.png differ diff --git a/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/event-driven-ansible.png b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/event-driven-ansible.png new file mode 100644 index 000000000..ecb8adc74 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/5-explore-aap-2.5/images/event-driven-ansible.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/README.md b/exercises/ansible_network_lightspeed_eda/6-automation-execution/README.md new file mode 100644 index 000000000..dca256b02 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/6-automation-execution/README.md @@ -0,0 +1,193 @@ +# Exercise 5: Executing Automation Jobs with Automation Controller + +## Table of Contents + +* [Objective](#objective) +* [Guide](#guide) + * [Step 1: Examine the Automation controller Inventory](#step-1-examine-the-automation-controller-inventory) + * [Step 2: Examine the Automation controller Workshop Credential](#step-2-examine-the-automation-controller-workshop-credential) + * [Step 3: Examine the Automation controller Workshop Project](#step-3-examine-the-automation-controller-workshop-project) +* [Takeaways](#takeaways) +* [Complete](#complete) + +## Objective + +Explore and understand foundational Automation Controller concepts. This exercise will cover: + +* Automation controller **Inventory** +* Automation controller **Credentials** +* Automation controller **Projects** +* Automation controller **Job Templates** + +## Guide + +### Step 1: Examine the Automation Controller inventory + +An inventory is required for Automation controller to be able to run jobs. An inventory is a collection of hosts against which jobs may be launched, the same as an Ansible inventory file. In addition, Automation controller can make use of an existing configuration management data base (cmdb) such as ServiceNow or Infoblox DDI. + +> Note: +> +> More info on Inventories in respect to Automation controller can be found in the [documentation here](https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/getting_started_with_ansible_automation_platform/assembly-gs-auto-dev#proc-gs-auto-dev-create-automation-decision-proj) + +1. Click on the **Inventories** button under the **Automation Execution** drop-down menu in the left sidebar. + +2. Under **Inventories** click on the `Workshop Inventory`. + +![workshop inventory](images/workshop_inventory.png) + +3. Under the `Workshop Inventory` click the **Hosts** button at the top. There will be four hosts here, rtr1 through rtr4 as well as the ansible control node. + +![workshop inventory hosts](images/workshop_inventory_hosts.png) + +4. Click on one of the devices. + +![workshop host](images/workshop_host.png) + +Take note of the **VARIABLES** field. The `host_vars` are set here including the `ansible_host` variable. + +5. Click on **GROUPS**. There will be multiple groups here including `routers` and `cisco`. Click on one of the groups. + +![groups](images/groups.png) + +6. Click on one of the groups. + +![group vars](images/group_vars.png) + +Take note of the **VARIABLES** field. The `group_vars` are set here including the `ansible_connection` and `ansible_network_os` variable. + +### Step 2: Examine the Automation Controller Workshop Credential + +Credentials are utilized by Automation controller for authentication when launching **Jobs** against machines, synchronizing with inventory sources, and importing project content from a version control system. For the workshop we need a credential to authenticate to the network devices. + +> Note: +> +> For more information on Projects in Automation controller, please [refer to the documentation](https://docs.ansible.com/automation-controller/latest/html/userguide/credentials.html) + +1. Click on the **Credentials** button under the **Automation Execution** drop-down menu in the left sidebar. + +![automation controller credentials](images/credentials.png) + +2. Under **Credentials** there will be multiple pre-configured credentials. Click on the `Workshop Credential`. + +![workshop credential](images/workshop_credential.png) + +3. Under the `Workshop Credential` examine the following: + +* The **CREDENTIAL TYPE** is a **Machine** credential. +* The **USERNAME** is set to `ec2-user`. +* The **PASSWORD** is blank. +* The **SSH PRIVATE KEY** is already configured, and is **ENCRYPTED**. + +### Step 3: Creating a new Automation Controller Project + +A project is how Ansible Playbooks are imported into Automation controller. You can manage playbooks and playbook directories by either placing them manually under the Project Base Path on your Automation controller server, or by placing your playbooks into a source code management (SCM) system supported by Automation controller, including Git and Subversion. + +> Note: +> +> For more information on Projects in Automation controller, please [refer to the documentation](https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/getting_started_with_ansible_automation_platform/assembly-gs-auto-op#proc-gs-auto-op-projects) + +**1.** Click on the **Projects** button under the **Automation Execution** drop-down menu in the left sidebar. + +![projects](images/projects.png) + +**2.** Click on the **Create project** button. + +![create project](images/create_project.png) + +**3.** Fill out the project parameters as follows and click on **Create Project**. + + | Parameter | Value | + |---|---| + | Name | Workshop BGP Project | + | Organization | Red Hat Network Organization | + | Source control type | Git | + | Source control URL | https://github.com/your-github-username/aap_workshop | + + ![new project](images/new_project.png) + +**4.** Once done, you should have a new project named `Workshop BGP Project` added under **Projects**. + +![workshop bgp project](images/workshop_bgp_project.png) + +### Step 4: Creating an Automation Controller Job Template + +A **Job Template** is a definition and set of parameters for running a playbook in AAP. A **Job Template** requires: + +* An **Inventory** to run the job against. +* A **Credential** to login to devices. +* A **Project** which contains Ansible Playbooks. + +**1.** Click on the **Templates** button under the **Automation Execution** drop-down menu in the left sidebar. + +![templates](images/templates.png) + +**2.** Click on **Create Template** button and choose **Create job template**. + +![new job template](images/new_job_template.png) + +**3.** Fill out the **Job Template** parameters as follows and click on **Create job template** button. + + | Parameter | Value | + |---|---| + | Name | Configure BGP | + | Job Type | Run | + | Inventory | Workshop Inventory | + | Project | Workshop BGP Project | + | Execution Environment | network workshop execution environment | + | Playbook | configure_bgp.yml | + | Credential | Workshop Credential | + +![create job template](images/create_job_template.png) + +**4.** At this point, you should have a new `Configure BGP` job template created and ready to launch. + +### Step 5: Launching the new Job Template + +**1.** Navigate back to the `Templates` window, where all Job Templates are listed. + +**2.** Launch the `Configure BGP` Job Template by clicking the Rocket button. + +![launch](images/launch_job_template.png) + +**3.** After executing the Job Template it will automatically open the [Standard Out pane](https://docs.ansible.com/automation-controller/latest/html/userguide/jobs.html#standard-out) + +![job standard out](images/job_standard_out.png) + + * Examine the **Standard Out pane** + + The Standard Out pane will display the output from the Ansible Playbook. Every task output will match exactly what would be seen on the command line. + + * Click on a task in the **Standard Out pane** to open up structured output from that particular task. + + > Click on any line where there is a **changed** or **ok** + + ![task details window](images/job_details.png) + + * Click on the **Data** tab to open the **Data pane** which has more information on the task run + + ![data pane](images/data_pane.png) + +**4.** Since we previously configured BGP on both the routers using the same playbook with ansible-navigator, this job template run is `idempotent` and results in no changes pushed, which is expected. + +## Takeaways + +* Automation controller needs an inventory to execute Ansible Playbooks again. This inventory is identical to what users would use with the command line only Ansible project. +* Although this workshop already setup the inventory, importing an existing Ansible Automation inventory is easy. Check out [this blog post](https://www.ansible.com/blog/three-quick-ways-to-move-your-ansible-inventory-into-red-hat-ansible-tower) for more ways to easily get an existing inventory into Automation controller. +* Automation controller can sync to existing SCM (source control management) including Github. +* Automation controller can store and encrypt credentials including SSH private keys and plain-text passwords. Automation controller can also sync to existing credential storage systems such as CyberArk and Vault by HashiCorp. +* Creating a new Project for our BGP task. +* Creating a Job Template for configuring BGP on `rtr1` and `rtr2`. +* Launching a Job Template from the Automation Execution UI. + +## Complete + +You have completed lab exercise 5 + +You have now explore all four components required to get started with Automation controller. A credential, an inventory, a project +and a job template. + +--- +[Previous Exercise](../5-explore-aap-2.5/README.md) + + +[Click here to return to the Ansible Network Automation Workshop](../README.md) diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_all_jobs.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_all_jobs.png new file mode 100644 index 000000000..bb218d562 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_all_jobs.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential.png new file mode 100644 index 000000000..9ae6f42ac Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential_multiple.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential_multiple.png new file mode 100644 index 000000000..a2cd5b281 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/controller_credential_multiple.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_job_template.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_job_template.png new file mode 100644 index 000000000..c2c3f0308 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_job_template.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_project.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_project.png new file mode 100644 index 000000000..749be5374 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/create_project.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/credentials.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/credentials.png new file mode 100644 index 000000000..15618cdf0 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/credentials.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/data_pane.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/data_pane.png new file mode 100644 index 000000000..696a2fe47 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/data_pane.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/group_vars.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/group_vars.png new file mode 100644 index 000000000..aa17b7e96 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/group_vars.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/groups.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/groups.png new file mode 100644 index 000000000..4333e7dbd Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/groups.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/inventories.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/inventories.png new file mode 100644 index 000000000..d3a26a75e Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/inventories.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_details.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_details.png new file mode 100644 index 000000000..8cfc3320c Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_details.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_standard_out.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_standard_out.png new file mode 100644 index 000000000..199ae517c Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/job_standard_out.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/launch_job_template.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/launch_job_template.png new file mode 100644 index 000000000..c19b75ec3 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/launch_job_template.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_job_template.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_job_template.png new file mode 100644 index 000000000..6aec8262a Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_job_template.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_project.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_project.png new file mode 100644 index 000000000..f39aa2cc6 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/new_project.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/projects.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/projects.png new file mode 100644 index 000000000..88d1b6276 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/projects.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/templates.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/templates.png new file mode 100644 index 000000000..24ede3392 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/templates.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_bgp_project.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_bgp_project.png new file mode 100644 index 000000000..2e8552d39 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_bgp_project.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_credential.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_credential.png new file mode 100644 index 000000000..dd1eda5c6 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_credential.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_host.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_host.png new file mode 100644 index 000000000..74966711d Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_host.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory.png new file mode 100644 index 000000000..d3a26a75e Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory_hosts.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory_hosts.png new file mode 100644 index 000000000..1f2298471 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_inventory_hosts.png differ diff --git a/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_project.png b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_project.png new file mode 100644 index 000000000..abd19f308 Binary files /dev/null and b/exercises/ansible_network_lightspeed_eda/6-automation-execution/images/workshop_project.png differ diff --git a/exercises/ansible_network_lightspeed_eda/README.es.md b/exercises/ansible_network_lightspeed_eda/README.es.md new file mode 100644 index 000000000..903a497c6 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/README.es.md @@ -0,0 +1,36 @@ +# Ansible Network Automation Workshop + +**Leálo en otros idiomas**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md), ![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](https://github.com/ansible/workshops/raw/devel/images/es.png) [Español](README.es.md). + +**Esta es la documentación de Ansible Automation Platform 2** + +El taller Ansible Network Automation es una guía comprensiva para principiantes para automatizar dispositivos de red populares de Arista, Cisco y Juniper vía Ansible playbooks. +Aprenderás cómo obtener los datos de configuración (`facts`) desde los dispositivos, crear configuraciones de red desde plantillas y aplicar estos conceptos a escala con el controlador de automatización de Ansible. Verás cómo todo se interconecta explorando el controlador de trabajos de plantilla (`job templates`), encuestas (`surveys`) control de acceso y más. + + +## Presentación + +¿Quieres obtener la presentación? Está justo aquí: +- [Ansible Network Automation Workshop Deck](https://ansible.github.io/workshops/decks/ansible_network.pdf) PDF +- [Google Source](https://docs.google.com/presentation/d/1PIT-kGAGMVEEK8PsuZCoyzFC5CIzLBwdnftnUsdUNWQ/edit?usp=sharing) para empleados de Red Hat. + +## Ejercicios de Automatización de Red con Ansible (Ansible Network Automation) + +* [Ejercicio 1 - Explorando el entorno de red](./1-explore/README.es.md) +* [Ejercicio 2 - Ejecuta tu primer playbook de automatización de red](./2-first-playbook/README.es.md) +* [Ejercicio 3 - Use Ansible facts en dispositivos de red](./3-facts/README.es.md/) +* [Ejercicio 4 - Módulos de Recursos de Ansible Network](./4-resource-module/README.es.md) +* [Ejercicio 5 - Explora el entorno del controlador de Automatización](./5-explore-controller/README.es.md) +* [Ejercicio 6 - Crea una plantilla de controlador de Automatización](./6-controller-job-template/README.es.md) +* [Ejercicio 7 - Crea una encusta (`survey`) de controlador de Automatización](./7-controller-survey/README.es.md) +* [Ejercicio 8 - Usando la funcionalidad de Control de Acceso Basado en Roles (RBAC)](./8-controller-rbac/README.es.md) +* [Ejercicio 9 - Crea un flujo de trabajo de controlador de Automatización](./9-controller-workflow/README.es.md) + +[Aquí](supplemental/README.es.md) podrás encontrar ejercicios adicionales. + +## Diagrama de Red + +![Red Hat Ansible Automation](https://github.com/ansible/workshops/blob/devel/images/ansible_network_diagram.png?raw=true) + +--- +![Red Hat Ansible Automation](https://github.com/ansible/workshops/blob/devel/images/rh-ansible-automation-platform.png?raw=true) diff --git a/exercises/ansible_network_lightspeed_eda/README.ja.md b/exercises/ansible_network_lightspeed_eda/README.ja.md new file mode 100644 index 000000000..8e813fd2a --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/README.ja.md @@ -0,0 +1,40 @@ +# Ansible Network Automation ワークショップ + +**他の言語でもお読みいただけます**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md)、![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](../../images/es.png) [Español](README.es.md) + +**これは Ansible Automation Platform 2 のドキュメントです** + +Ansible Network Automation ワークショップは、総合的な初心者向けガイドで、Ansible Playbook +を介して、Arista、Cisco、Juniper +からの一般的なネットワークデータセンターデバイスの自動化を行います。デバイスからファクトをプルし、テンプレート化されたネットワーク設定を構築し、これらの概念を +Ansible +自動コントローラーで大規模に適用する方法を学びます。コントローラーのジョブテンプレート、サーベイ、アクセス制御などを確認し、一括して学習します。 + +## プレゼンテーション + +プレゼンテーションの資料が必要ですか? ここから入手いただけます: +- [Ansible Network Automationワークショップ資料](https://ansible.github.io/workshops/decks/ansible_network.pdf) PDF +- [GoogleSource](https://docs.google.com/presentation/d/1PIT-kGAGMVEEK8PsuZCoyzFC5CIzLBwdnftnUsdUNWQ/edit?usp=sharing)(Red Hat 社内用) + +## Ansible Network Automation の演習 + +* [演習 1 - ラボ環境の調査](./1-explore/README.ja.md) +* [演習 2 - はじめてのネットワーク自動化 Playbook の実行](./2-first-playbook/README.ja.md) +* [演習 3 - ネットワークデバイスの Ansible ファクトの使用](./3-facts/README.ja.md) +* [演習 4 - Ansible ネットワークリソースモジュール](./4-resource-module/README.ja.md) +* [演習 5 - 自動コントローラー環境の調査](./5-explore-controller/README.ja.md) +* [演習 6 - 自動コントローラージョブテンプレートの作成](./6-controller-job-template/README.ja.md) +* [演習 7 - 自動コントローラー Survey の作成](./7-controller-survey/README.ja.md) +* [演習 8 - ロールベースのアクセス制御 (RBAC) 機能の使用](./8-controller-rbac/README.ja.md) +* [演習 9 - 自動コントローラーワークフローの作成](./9-controller-workflow/README.ja.md) + +追加の演習が [こちら](supplemental/README.ja.md) に用意されています。 + +## ネットワークダイアグラム + +![Red Hat Ansible +Automation](https://github.com/ansible/workshops/blob/devel/images/ansible_network_diagram.png?raw=true) + +--- +![Red Hat Ansible +Automation](https://github.com/ansible/workshops/blob/devel/images/rh-ansible-automation-platform.png?raw=true) diff --git a/exercises/ansible_network_lightspeed_eda/README.md b/exercises/ansible_network_lightspeed_eda/README.md new file mode 100644 index 000000000..727c29ae3 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/README.md @@ -0,0 +1,34 @@ +# Ansible Network Automation Workshop + +**Read this in other languages**: ![uk](https://github.com/ansible/workshops/raw/devel/images/uk.png) [English](README.md), ![japan](https://github.com/ansible/workshops/raw/devel/images/japan.png) [日本語](README.ja.md), ![Español](../../images/es.png) [Español](README.es.md). + +**This is documentation for Ansible Automation Platform 2** + +The Ansible Network Automation workshop is a comprehensive beginners guide to automating popular network data center devices from Arista, Cisco and Juniper via Ansible playbooks. You’ll learn how to pull facts from devices, build templated network configurations, and apply these concepts at scale with Ansible automation controller. You’ll put it all together by exploring the controller’s job templates, surveys, access controls and more. + +## Presentation + +Want the Presentation Deck? Its right here: +- [Ansible Network Automation Workshop Deck](https://ansible.github.io/workshops/decks/ansible_network.pdf) PDF +- [Google Source](https://docs.google.com/presentation/d/1PIT-kGAGMVEEK8PsuZCoyzFC5CIzLBwdnftnUsdUNWQ/edit?usp=sharing) for Red Hat employees + +## Ansible Network Automation Exercises + +* [Exercise 1 - Exploring the lab environment](./1-explore/) +* [Exercise 2 - Execute your first network automation playbook](./2-first-playbook/) +* [Exercise 3 - Use Ansible facts on network devices](./3-facts/) +* [Exercise 4 - Ansible Network Resource Modules](./4-resource-module/) +* [Exercise 5 - Explore the Automation controller environment](./5-explore-controller/) +* [Exercise 6 - Create an Automation controller job template](./6-controller-job-template/) +* [Exercise 7 - Create an Automation controller Survey](./7-controller-survey/) +* [Exercise 8 - Using the Role Based Access Control (RBAC) feature](./8-controller-rbac/) +* [Exercise 9 - Create an Automation controller Workflow](./9-controller-workflow) + +There are additional supplemental exercises that are [located here](supplemental/). + +## Network Diagram + +![Red Hat Ansible Automation](https://github.com/ansible/workshops/blob/devel/images/ansible_network_diagram.png?raw=true) + +--- +![Red Hat Ansible Automation](https://github.com/ansible/workshops/blob/devel/images/rh-ansible-automation-platform.png?raw=true) diff --git a/exercises/ansible_network_lightspeed_eda/playbook.yml b/exercises/ansible_network_lightspeed_eda/playbook.yml new file mode 100644 index 000000000..e6443a9a4 --- /dev/null +++ b/exercises/ansible_network_lightspeed_eda/playbook.yml @@ -0,0 +1,11 @@ +--- +- name: SNMP ro/rw string configuration + hosts: cisco + gather_facts: false + + tasks: + - name: Ensure that the desired snmp strings are present + cisco.ios.ios_config: + commands: + - snmp-server community ansible-public RO + - snmp-server community ansible-private RW