Selasa, 12 Mei 2020

Integrating Ansible with VOSS

What is X:

  1. Ansible is an open-source software provisioning, configuration management, and application-deployment tool.
  2. VOSS (VSP Operating System Software).

What you need to prepare:

  1. OS for your ansible (I am using ubuntu 18.04 LTS on Hyper-V with multipass) --- download multipass here
  2. VOSS image (I am using VOSS 8.1) --- download image here
  3. Hypervisor for your Ansible & VOSS (I am using Hyper-V)
  4. GNS3 all-in-one (download here)
  5. GNS3 VM Hyper-V (download here) --- or you can download from GNS3 all-in-one software installation wizard. Note: if you are not using Hyper-V, you can select other hypervisor with the same version as GNS3 all-in-one. Follow instructions at bottom of this page.
  6. VOSS GNS3 template import file (download here)

Implementation:

  • After installing multipass, you could launch ubuntu-lts on your Hyper-V.

multipass launch --name ubuntu-lts
multipass list
multipass start ubuntu-lts
view raw gistfile1.txt hosted with ❤ by GitHub

  • Install Ansible on your ubuntu-lts like my previous blog.
  • Install GNS3 all-in-one. Check "GNS3 VM" option. Then next..next..finished.
  • Start booting your GNS3 VM. Make sure you have ip address assigned and reachable.
  • Open GNS3 software. Import GNS3 appliance file (*.gns3a): "File > Import appliance". Setting max vCPU, and half of your total RAM. If successful, you can add/drag VOSS 8.1 from left menu. 
  • Add a cloud to your topology like below. 

  • Assign ip address on your mgmt port. I am using subnet (172.17.176.32/28)
### login using user/pass: rwa/rwa
config t
interface mgmtEthernet mgmt
ip address 172.17.176.36/28
exit
### enable SSH service on VOSS
boot config flags sshd
ssh
save config
### test ping to ubuntu and otherwise
ping 172.17.176.40 vrf mgmtRouter
### test SSH from ubuntu to VOSS
ssh rwa@172.17.176.36
view raw gistfile1.txt hosted with ❤ by GitHub


  • Setting up your ansible playbook script. 
mkdir -p ansible-voss/{backup,host_vars}
cd ansible-voss
vim ansible.cfg
###copy-paste below --- Define list of inventory of destination node(s)
[defaults]
inventory = ./hosts
###end of copy-paste
vim hosts
###copy-paste below --- Define group name of destination node(s)
[voss-devices]
voss-1
###end of copy-paste
vim host_vars/voss-1
###copy-paste below --- IP destination, and SSH credential
ansible_host: 172.17.176.36
ansible_user: rwa
ansible_ssh_pass: rwa
ansible_connection: network_cli
ansible_network_os: voss
ansible_become: yes
ansible_become_method: enable
###end of copy-paste
vim simple_cmd.yml
###copy-paste below --- Playbook for show ip int vrf mgmtrouter
---
- name: voss config
connection: network_cli
gather_facts: False
hosts: voss-1
tasks:
- name: retrieve ip mgmtrouter
voss_command:
commands: show ip interface vrf mgmtrouter
register: output
- name: show output
debug:
var: output
###end of copy-paste
view raw gistfile1.txt hosted with ❤ by GitHub

  • Run ansible-playbook.

### Test ansible connectivity
ansible -m ping all
### Run ansible-playbook
ansible-playbook simple_cmd.yml
view raw gistfile1.txt hosted with ❤ by GitHub

Side note:
You can not convert qcow2 to vhdx file using qemu-img and then use it as virtual disk on VM creation. It will not boot to VOSS. Also, you can't add more than 8 network adapter at Hyper-V. So, GNS3 is the solution. I never tried on KVM/Qemu.

Sources:


Diposting oleh di Tidak ada komentar:
Label: , , ,

Integrating Ansible with VyOS

What is X:

  1. Ansible is an open-source software provisioning, configuration management, and application-deployment tool.
  2. VyOS is a Linux-based network operating system that provides software-based network routing, firewall, and VPN functionality.

What you need to prepare:

  1. OS for your ansible (I am using ubuntu 18.04 LTS on Hyper-V with multipass) -- download multipass here
  2. VyOS image (I am using vyos-1.1.8-amd64) -- download image here
  3. Hypervisor for your Ansible & VyOS (I am using Hyper-V)

Implementation:

  • After installing multipass, you could launch ubuntu-lts on your Hyper-V. 
multipass launch --name ubuntu-lts
multipass list
multipass start ubuntu-lts
view raw gistfile1.txt hosted with ❤ by GitHub

  • Install VyOS on Hyper-V
Create virtual switch 'Internal' and 'External':
#Get Net Adapter Names
$NetAdapterName = (Get-NetAdapter).Name
#Create the External Hyper-V Switch
New-VMSwitch -NetAdapterName $NetAdapterName[0] -Name 'External'
#Create the Internal Hyper-V Switch
New-VMSwitch -SwitchType Internal -Name 'Internal'
view raw CreateHyperVNetworkAdapters.ps1 hosted with ❤ by GitHub

Create new VM on Hyper-V:
$Name = 'VyOS'
$SwitchName = 'Internal'
$HardDiskSize = 2GB
$HDPath = 'E:\Hyper-V\Virtual Hard Disks'+'\'+$Name+'.vhdx'
$Generation = '1'
$ISO_Path = 'D:\ISOs\vyos-1.1.6-amd64.iso'
New-VM -Name $Name -SwitchName $SwitchName `
-NewVHDSizeBytes $HardDiskSize `
-NewVHDPath $HDPath -Generation $Generation -MemoryStartupBytes 512MB
Add-VMDvdDrive -VMName $Name -Path $ISO_Path
Add-VMNetworkAdapter -VMName $Name -SwitchName External
view raw CreateVYOSvm.ps1 hosted with ❤ by GitHub

- Login into VyOS using user/pass: vyos/vyos
- Install VyOS by using following command: "install system"
- After installation process succeeded, unmount DVD/ISO so that booting process will be running from HDD. 

 Configure interface eth0 & eth1 on VyOS:
configure
set interfaces ethernet eth1 address dhcp
set interfaces ethernet eth0 address 192.168.2.1/24
set nat source rule 10 outbound-interface eth1
set nat source rule 10 source address 192.168.2.0/24
set nat source rule 10 translation address masquerade
commit
save
exit
reboot
show interfaces ethernet
view raw gistfile1.txt hosted with ❤ by GitHub

  • Install Ansible on your Ubuntu
$ sudo apt update
$ sudo apt install software-properties-common
$ sudo apt-add-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansible
view raw gistfile1.txt hosted with ❤ by GitHub

  • Integrate Ansible <<>> VyOS
Configure SSH service:
# 0. Generate SSH key on Ubuntu for user ubuntu
ssh-keygen
cat ~/.ssh/id_rsa.pub
# 1. login into vyatta using vyos/vyos
# 2. issue 'show interface ethernet', and look at 'External' virtual switch (mine is 192.168.1.15)
# 3. enable SSH service on vyatta, and add SSH public key of user ubuntu (step 0) into vyos:
configure
set service ssh
set system login user ubuntu authentication public-keys identifier key "<AAAAB3Nz....>"
set system login user ubuntu authentication public-keys identifier type ssh-rsa"
commit
save
# Test SSH from your ubuntu
ssh vyos@192.168.1.15
ansible -m ping all
view raw gistfile1.txt hosted with ❤ by GitHub
Setting up your playbook for VyOS:
mkdir -p ansible-vyos/{backup,host_vars}
cd ansible-vyos
vim ansible.cfg
###copy-paste below --- Define list of inventory of destination node(s)
[defaults]
inventory = ./hosts
###end of copy-paste
vim hosts
###copy-paste below --- Define group name of destination node(s)
[vyos-devices]
vyos-1
###end of copy-paste
vim host_vars/vyos-1
###copy-paste below --- IP destination, and SSH credential
ansible_host: 192.168.1.15
ansible_user: vyos
ansible_ssh_pass: vyos
ansible_connection: network_cli
ansible_network_os: vyos
###end of copy-paste
vim vyos_facts.yml
###copy-paste below --- Playbook for showing all subsets of vyos
---
- name: vyos facts
connection: network_cli
gather_facts: False
hosts: vyos-1
tasks:
- name: vyos facts
vyos_facts:
gather_subset: all
register: output
###end of copy-paste
vim vyos_command.yml
###copy-paste below --- Playbook for showing interface with loop
---
- name: vyos command with loop
connection: network_cli
gather_facts: False
hosts: vyos-1
tasks:
- name: show interface
vyos_command:
commands: show interface ethernet {{ item }}
loop:
- eth0
- eth1
register: output
- name: show output
debug:
var: output
###end of copy-paste
vim vyos_backup.yml
###copy-paste below --- Playbook for backup config locally
- name: configure the remote device
vyos_config:
lines:
- set system host-name {{ inventory_hostname }}
- set service lldp
- delete service dhcp-server
- name: backup and load from file
vyos_config:
src: vyos.cfg
backup: yes
- name: render a Jinja2 template onto the VyOS router
vyos_config:
src: vyos_template.j2
- name: for idempotency, use full-form commands
vyos_config:
lines:
- set interface ethernet eth1 description 'OUTSIDE'
- name: configurable backup path
vyos_config:
backup: yes
backup_options:
filename: backup.cfg
dir_path: /home/ubuntu
###end of copy-paste
view raw gistfile1.txt hosted with ❤ by GitHub
Running your ansible-playbook:
### you can add option '-vvvv' for verbose
ansible-playbook vyos_facts.yml
ansible-playbook vyos_command.yml
ansible-playbook vyos_backup.yml
view raw gistfile1.txt hosted with ❤ by GitHub

Sources:


Diposting oleh di Tidak ada komentar:
Label: , , ,
Langganan: Postingan (Atom)