cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

No manual configuration changes!

1676
Views
1
Helpful
0
Comments
Enthusiast

At World Wide Technology, our IT department is implementing APIC-EM and I'm helping with the initial deployment. I have an APIC-EM instance running in our Advanced Technology Center (ATC), and I'll be using this for training the IT network operations staff. There are initial router configuration updates required for the Cisco APIC-EM features to work properly. I'll use Cisco ISR G2 routers  to demonstrate APIC-EM device discovery. I need the required configuration updates applied to these routers.

The lab is only 4 routers, how long would it take to SSH and apply the changes?  I have an existing Ansible playbook in our enterprise GitHub server which configures IOS or IOS-XR routers via FTP.  As a challenge to myself, I decided to update the four routers using Ansible Tower rather than applying the changes manually.

To accomplish this, I need to do the following:

  • Create the IOS configuration file template for the changes required by APIC-EM
  • Create a playbook to reference the template and list the routers
  • Define a project and job template in Ansible Tower
  • Initiate the job from the template.

The job executed successfully on the first initiation, applying the configuration to all routers.

Required_Device_Configuration.PNG

The playbook is rather straight forward. The credentials for the routers are encrypted using Ansible Vault and stored in Git as well.

---

#

# Copyright (c) 2016 World Wide Technology, Inc.

# All rights reserved.

# author: Joel W. King, World Wide Technology

#

- hosts: APIC_EM

  gather_facts: no

  vars:

  network_device:

  - managementIpAddress: 10.255.138.120

  - managementIpAddress: 10.255.138.121

  - managementIpAddress: 10.255.138.122

  - managementIpAddress: 10.255.138.123

  tasks:

  - name: Decrypt the password file

  include_vars: "./passwords.yml"

  - name: Update IOS configuration

  cisco_ios_install_config:

  URI: ftp://username:password@192.0.2.1/sdn/lab_config_files/APIC_em_device_configuration.cfg

  host: "{{item.managementIpAddress}}"

  username: admin

  password: "{{password}}"

  enablepw: "{{password}}"

  with_items: network_device


The point of this exercise is to adjust your mindset that even for minor changes, automate it! Once you have a few jobs, job templates and playbooks configured, you will be surprised how little time it takes to automate configuration changes. It is a matter of viewing your network not through the lens of SSH and the CLI, rather as a configuration file and automation dashboard.


Now that APIC-EM can initiate a network discovery, we can use it as a reference inventory for future network updates.


Content for Community-Ad
Cisco Community August2020 Spotlight Award Winners
This widget could not be displayed.