How can Ansible assist folks constructing simulations with Cisco Modeling Labs (CML)?
Similar to Terraform, Ansible is a typical, open-source automation instrument typically utilized in Continuous Integration/Continuous Deployment (CI/CD) DevOps methodologies. They are each a sort of Infrastructure as Code (IaC) or Infrastructure as Data that permit you to render your infrastructure as textual content information and management it utilizing instruments comparable to Git. The benefit is reproducibility, consistency, velocity, and the data that, while you change the code, folks approve, and it will get examined earlier than it’s pushed out to your manufacturing community. This paradigm permits enterprises to run their community infrastructure in the identical means they run their software program and cloud practices. Afterall, the infrastructure is there to assist the apps, so why handle them in a different way?
Although overlaps exist within the capabilities of Terraform and Ansible, they’re very complementary. While Terraform is best on the preliminary deployment and making certain ongoing consistency of the underlying infrastructure, Ansible is best on the preliminary configuration and ongoing administration of the issues that stay in that infrastructure, comparable to techniques, community gadgets, and so forth.
In a typical workflow by which an operator needs to make a change to the community, let’s say including a brand new community to be marketed by way of BGP, a community engineer would specify that change within the code or extra possible as configuration information in YAML or JSON. In a typical CI workflow, that change would have to be permitted by others for correctness or adherence to company and safety considerations, for example. In addition to the eyeball assessments, a collection of automated testing validates the info after which deploys the proposed change in a take a look at community. Those assessments will be run in a bodily take a look at community, a digital take a look at community, or a mixture of the 2. That stream may seem like the next:
The benefit of leveraging digital take a look at networks is profound. The price is dramatically decrease, and the power to automate testing is elevated considerably. For instance, a community engineer can spin up and configure a brand new, complicated topology a number of occasions with out the probability of outdated assessments messing up the accuracy of the present testing. Cisco Modeling Labs is a good instrument for any such take a look at.
Here’s the place the Ansible CML Collection is available in. Similar to the CML Terraform integration lined in a earlier weblog, the Ansible CML Collection can automate the deployment of topologies in CML for testing. The Ansible CML Collection has modules to create, begin, and cease a topology and the hosts inside it, however extra importantly, it has a dynamic stock plugin for getting details about the topology. This is essential for automation as a result of topologies can change. Or a number of topologies might exist, relying on the assessments being carried out. If your topology makes use of dynamic host configuration protocol (DHCP) and/or CML’s PATty performance, the data for a way Ansible communicates with the nodes must be communicated to the playbook.
Let’s go over among the options of the Ansible CML Collection’s dynamic stock plugin.
First, we have to set up the gathering:
ansible-galaxy assortment set up cisco.cml
Next, we create a cml.yml within the stock with the next contents to inform Ansible to make use of the Ansible CML Collection’s dynamic stock plugin:
plugin: cisco.cml.cml_inventory group_tags: community, ios, nxos, router
In addition to specifying the plugin identify, we will additionally outline tags that, when discovered on the gadgets within the topology, add that system to an Ansible group for use later within the playbook:
In addition to specifying the plugin identify, we will additionally outline tags that, when discovered on the gadgets within the topology, add that system to an Ansible group for use later within the playbook:
- CML_USERNAME: Username for the CML person
- CML_PASSWORD: Password for the CML person
- CML_HOST: The CML host
- CML_LAB: The identify of the lab
Once the plugin is aware of methods to talk with the CML server and which lab to make use of, it might return details about the nodes within the lab:
okay: [hq-rtr1] => { "cml_facts": { "config": "hostname hq-rtr1nvrf definition Mgmt-intfn!naddress-family ipv4nexit-address-familyn!naddress-family ipv6nexit-address-familyn!nusername admin privilege 15 secret 0 adminncdp runnno aaa new-modelnip domain-name mdd.cisco.comn!ninterface GigabitEthernet1nvrf forwarding Mgmt-intfnip tackle dhcpnnegotiation autonno cdp enablenno shutdownn!ninterface GigabitEthernet2ncdp enablen!ninterface GigabitEthernet3ncdp enablen!ninterface GigabitEthernet4ncdp enablen!nip http servernip http secure-servernip http max-connections 2n!nip ssh time-out 60nip ssh model 2nip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctrnip ssh consumer algorithm encryption aes128-ctr aes192-ctr aes256-ctrn!nline vty 0 4nexec-timeout 30 0nabsolute-timeout 60nsession-limit 16nlogin localntransport enter sshn!nend", "cpus": 1, "data_volume": null, "image_definition": null, "interfaces": [ { "ipv4_addresses": null, "ipv6_addresses": null, "mac_address": null, "name": "Loopback0", "state": "STARTED" }, { "ipv4_addresses": [ "192.168.255.199" ], "ipv6_addresses": [], "mac_address": "52:54:00:13:51:66", "identify": "GigabitEthernet1", "state": "STARTED" } ], "node_definition": "csr1000v", "ram": 3072, "state": "BOOTED" } }
The first IPv4 tackle discovered (so as of the interfaces) is used as `ansible_host` to allow the playbook to hook up with the system. We can use the cisco.cml.stock playbook included within the assortment to indicate the stock. In this case, we solely specify that we wish gadgets which might be within the “router” group created by the stock plugin as knowledgeable by the tags on the gadgets:
mdd % ansible-playbook cisco.cml.stock --limit=router okay: [hq-rtr1] => { "msg": "Node: hq-rtr1(csr1000v), State: BOOTED, Address: 192.168.255.199:22" } okay: [hq-rtr2] => { "msg": "Node: hq-rtr2(csr1000v), State: BOOTED, Address: 192.168.255.53:22" } okay: [site1-rtr1] => { "msg": "Node: site1-rtr1(csr1000v), State: BOOTED, Address: 192.168.255.63:22" } okay: [site2-rtr1] => { "msg": "Node: site2-rtr1(csr1000v), State: BOOTED, Address: 192.168.255.7:22" }
In addition to group tags, the CML dynamic stock plugin can even parse tags to move info from PATty and to create generic stock info:
If a CML tag is specified that matches `^pat:(?:tcp|udp)?:?(d+):(d+)`, the CML server tackle (versus the primary IPv4 tackle discovered) shall be used for `ansible_host`. To change `ansible_port` to level to the translated SSH port, the tag `ansible:ansible_port=2020` will be set. These two tags inform the Ansible playbook to hook up with port 2020 of the CML server to automate the desired host within the topology. The `ansible:` tag can be used to specify different host info. For instance, the tag `ansible:nso_api_port=2021` can be utilized to inform the playbook the port to make use of to achieve the Cisco NSO API. Any arbitrary truth will be set on this means.
Getting began
Trying out the CML Ansible Collection is simple. You can use the playbooks supplied within the assortment to load and begin a topology in your CML server. To begin, outline the atmosphere variable that tells the gathering methods to entry your CML server:
% export CML_HOST=my-cml-server.my-domain.com % export CML_USERNAME=my-cml-username % export CML_PASSWORD=my-cml-password
The subsequent step is to outline your topology file. This is a customary topology file you can export from CML. There are two methods to outline the topology file. First, you possibly can use an atmosphere variable:
% export CML_LAB=my-cml-labfile
Alternatively, you possibly can specify the topology file while you run the playbook as an additional–var. For instance, to spin up a topology utilizing the in-built cisco.cml.construct playbook:
% ansible-playbook cisco.cml.construct -e wait="sure" -e
This command hundreds and begins the topology; then it waits till all nodes are working to finish. If -e startup=’host’ is specified, the playbook will begin every host individually versus beginning them . This permits for the config to be generated and fed into the host on startup. When cml_config_file is outlined within the host’s stock, it’s parsed as a Jinja file and fed into that host as config at startup. This permits for just-in-time configuration to happen.
Once the playbook completes, you should utilize one other built-in playbook, cisco.cml.stock, to get the stock for the topology. In order to make use of it, first create a cml.yml within the stock listing as proven above, then run the playbook as follows:
% ansible-playbook cisco.cml.stock PLAY [cml_hosts] ********************************************************************** TASK [debug] ********************************************************************** okay: [WAN-rtr1] => { "msg": "Node: WAN-rtr1(csr1000v), State: BOOTED, Address: 192.168.255.53:22" } okay: [nso1] => { "msg": "Node: nso1(ubuntu), State: BOOTED, Address: my-cml-server.my-domain.com:2010" } okay: [site1-host1] => { "msg": "Node: site1-host1(ubuntu), State: BOOTED, Address: site1-host1:22" }
In this truncated output, three totally different eventualities are proven. First, WAN-rtr1 is assigned the DHCP tackle it acquired for its ansible_host worth, and ansible port is 22. If the host working the playbook has IP connectivity (both within the topology or a community related to the topology with an exterior connector), it is going to be capable of attain that host.
The second situation reveals an instance of the PATty performance with the host nso1 by which the dynamic stock plugin reads these tags to find out that the host is on the market via the CML server’s interface (i.e. ansible_host is about to my-cml-server.my-domain.com). Also, it is aware of that ansible_port must be set to the port specified within the tags (i.e. 2010). After these values are set, the ansible playbook can attain the host within the topology utilizing the PATty performance in CML.
The final instance, site1-host1, reveals the situation by which the CML dynamic stock script can both discover a DHCP allotted tackle or tags to specify to what ansible_host must be set, so it makes use of the node identify. For the playbook to achieve these hosts, it must have IP connectivity and be capable of resolve the node identify to an IP tackle.
These built-in playbooks present examples of methods to use the performance within the CML Ansible Collection to construct your personal playbooks, however you can even use them immediately as a part of your pipeline. In truth, we frequently use them immediately within the pipelines we construct for purchasers.
If you need to be taught extra in regards to the CML Ansible Collection, yow will discover it in Ansible Galaxy in addition to on Github.
You may also discover a full, IaC CI/CD pipeline utilizing these modules right here.
Join the Cisco Learning Network immediately free of charge.
Follow Cisco Learning & Certifications
Twitter | Facebook | LinkedIn | Instagram | YouTube
Use #CiscoCert to hitch the dialog.
Share: