What is Ansible?

Ansible is an open source IT Configuration Management, Deployment & Orchestration tool. We can use Ansibles to automate cloud provisioning, configuration management, application deployment, intra-service orchestration etc. Ansible was bought by Red Hat in October 2015, it is now referred to as Ansible by Red Hat.

Ansible uses Playbooks for express configurations, deployment, and orchestration.

The Playbook format is YAML each and Playbook maps a group of hosts to a set of roles. Each role is represented by calls to Ansible tasks. Ansible does not require an agent on the host system for SSH. As long as Ansible can make an SSH connection to the target device, we should be good. Ansible is primarily used for server & network administration. 

There are two versions for Ansibles, free and paid. The paid version is called Ansible Tower which is an enterprise framework for controlling, securing and managing your Ansible automation with a GUI and Restful API.

Here I will show you how to install Ansible on Ubuntu Server.

I'm using Ubuntu 16.04 to install Ansible on my VMWorkstation but you can use any Linux OS.

1 - Installing Ansible

The best way to get Ansible for Ubuntu is to add the project's PPA (personal package archive) to your system.

sudo apt-add-repository ppa:ansible/ansible

You will need to press ENTER to accept the PPA addition.

Next, we will refresh our system's package index so that it is aware of the packages available in the PPA. 

sudo apt-get update

sudo apt-get install ansible

Once it's completed, run the below command to verify the Ansible version

ansible --version

2 - Configuring Ansible Hosts

Ansible keeps track of all of the servers that it knows about through a "hosts" file. We need to set up the Ansible Host file.

Open the file with root privileges:

sudo nano /etc/ansible/hosts

You will see a file that has a lot of example configurations, none of which will actually work.  Let's comment out all of the lines in this file by adding a "#" before each line. Once all of the lines are commented out, we can begin adding our actual hosts.

[group_name]
variable ansible_ssh_host=server_ip

In this example, we have a server which we are going to control with Ansible. We can access the server from Ansible by typing below command:

ssh root@server_ip

[servers]
HostA ansible_ssh_host=10.10.10.1
hostB ansible_ssh_host=10.10.10.2
hostc ansible_ssh_host=10.10.10.3

If you want to enable colorful terminal in Ubuntu, below are the commands:

Edit the file .bashrc in your home directory:

vim .bashrc

Uncomment the line that says ‘force_color_prompt=yes’ and save it. Then type the following:

source ~/.bashrc

Done!

Ansible is a very powerful tool and is going to change the way of automation in future.

I hope this will be helpful for you. This was a simple tutorial and there will be more to come.

Start to Network Automation

With Network automation in full swing, I was working on setting up my personal lab using GNS3. I tried to keep simple topology with a different flavor of device/vendors like Cisco, Palo Alto, Juniper, Linux etc. I integrated all those devices in GNS3, configured each virtual device, created multiple virtual interfaces etc. but it was not a cake walk, trust me! At the end, I was able to get all the devices configured as per my requirement.

I'm a newbie to scripting but I looked up on google and found bits and pieces of scripts, amended them as per my requirement. Then I wrote some basic Python scripts to automate some of the routine work. There are multiple ways to perform network automation by using different toolset like Ansibles, RESTful APIs, Yang, Netconf, even traditional CLI-scraping. Many network operating systems support APIs like Cisco support Python API, Juniper Junos supports PyEz etc.

Here is my GitHub repository:  GitHub Repository

I encountered a few issues while configuring all those devices. Here are a few tips which will help and save your time while configuring virtual devices:

> Initial setup on Ubuntu 14.04:

• Update repositories.

root@mail:/# apt-get update
root@mail:/# apt-get upgrade

• Install SSH Server

root@mail:/# apt-get install openssh-server
root@mail:/# apt-get install openssh-client

• After installation, configure ssh server. Open ssh config file with the following command:

root@mail:/# nano /etc/ssh/sshd_config
root@mail:/# service ssh restart/reload

> JUNIPER vSRX:

• Perform the basic configuration on a vSRX machine:

root# set system host-name vSRX
root# set system domain-name XXXX
root# set system root-authentication plain-password XXXX
root# commit

root@vSRX# set interfaces ge-0/0/0 unit 0 family inet address XXXX/X
root@vSRX# set interfaces ge-0/0/1 unit 0 family inet address XXXX/X
root@vSRX# set system name-server XXXX

root@vSRX# set routing-options static route next-hop XXXX
root@vSRX# set security zones security-zone Trust interfaces ge-0/0/0.0 host-inbound-traffic system-services all

> Palo Alto:

• Basic configuration on a vSRX machine:

admin@PA# set deviceconfig system ip-address XXXX
admin@PA# set deviceconfig system default-gateway XXXX
admin@PA# set deviceconfig system dns-setting server primary 8.8.8.8
admin@PA# commit

Now we can access GUI by web browser using https://xxxx
login using name=admin and password=admin 

Now, let's get started on more complex topology and configuration! Looking forward to create multiple scripts and services to automate network effectively. :-)