Application for evaluation machine
How to automatically configure white Box switches using Ansible for beginners
Introduction
This article introduces the basic usage of Ansible, an automatic configuration tool. Finally, we will use Ansible to configure the BGP cross network.
There are other articles related to Open Networking, so please see the articles that interest you from the "List of articles" below.
What is Ansible?
First, let's talk about Ansible.
Ansible is simply an infrastructure management tool.
It is possible to install Ansible on the server and automatically install packages and edit configuration files for managed targets.
However, this time, I will introduce how to use it as a tool to automate network construction.
Automatic setting image diagram by Ansible
Ansible behavior
Ansible works very simply. The user can automatically configure the management target by describing the "ideal state" of the management target in a playbook and executing it.
【procedure】
① User writes playbook
② Run the playbook on the Ansible host (server)
(3) Automatically set the management target according to the contents of the playbook
Figure 2: Ansible schematic diagram
I think that various words come out and get confused, so I summarized it briefly as follows.
| word | meaning |
| Inventory | ・A file that describes the address of the host to be operated and defines the management target ・The default file is /etc/ansible/hosts |
| Module | ・Minimum unit of processing executed on the managed object ・General-purpose library that executes the processing specified in Tasks |
| Task(Tasks lists) | ・Files listed in an array in the order in which specific processes are to be executed |
| Playbook | - A file that defines the status of the remote host (details of processing to be executed) ・Multiple modules can be combined to operate the managed host ・Describe in yaml |
Playbook content example
Ansible environment settings
Next, I will introduce the environment construction for using Ansible.
First, the environment required for Ansible to work is as follows.
〇 Ansible host (server) side
-Ansible 2.3 or newer
- Python 2.6 or newer
- SSH connection is possible
*Since the required version differs depending on the network OS to be managed, basically we recommend using the latest version.
The above is the required version for Cumulus.
Install Ansible on the server
This time we will install Ansible on Ubuntu. The procedure is below.
$ sudo apt update
$ sudo apt install software-properties-common
$ sudo apt-add-repository --yes --update ppa:ansible/ansible
$ sudo apt install ansibleSince the installation method is slightly different for each OS, if you are using an OS other than Ubuntu, please refer to the installation procedure from the Ansible homepage. (URL below)
Ansible connection confirmation
The above completes the environment settings. Next, we will perform an Ansible connection test.
The /etc/ansible directory is created by default when Ansible is installed.
Then add the address of the target host to the inventory (/etc/ansible/hosts).
Ping
By executing the following command, ping will be performed from the server to all managed devices described in hosts. If the ping passes, the connection confirmation is complete.
$ ansible -i [inventory file name] all –m ping
ping execution image
This time, we prepare new hosts separately from the default inventory (/etc/ansible/hosts), specify it and execute.
Automatic configuration of white Box switches with Ansible
Finally, we will use Ansible to automatically configure the white Box switch and configure the BGP cross network. This time, prepare a config file in advance, copy each file to the target switch, and prepare a playbook to apply the settings.
environment
·server
-Ubuntu 16.04
・White Box switch
‐Edgecore : AS7726-32X x 2 & AS7326-56X x 2
・NOS
- Cumulus Linux 3.7.14
BGP cross network diagram
Ansible directory structure
┣━ hosts # inventory file
┃
┃━ setup.yaml #Playbook file
┃
┗━ bgp-unnumbered #configuration file directory for each host
┃
┣━ Configuration file directory for AS7726-A #AS7726-32X
┃ ┣━daemons
┃ ┣━frr.conf
┃ ┗━interfaces
┃
┣━ Configuration file directory for AS7726-B #AS7726-32
┃ ┣━daemons
┃ ┣━frr.conf
┃ ┗━interfaces
┃
┗━ Configuration file directory for AS7326-A #AS7326-54X
┃ ┣━daemons
┃ ┣━frr.conf
┃ ┗━interfaces
┃
┗━ Configuration file directory for AS7326-B #AS7326-54X
┣━daemons
┣━frr.conf
┗━interfaces
Prepare the configuration file as follows.
hosts
playbook
The following 5 tasks are executed
① Task to submit the interface configuration to the switch
② Task to enable bgp daemon
③ Task to input FRR configuration to switch
④ Issue the reload command of the interface configuration on the switch
⑤ Issue the frr config reload command on the switch
inventory_hostname is a predefined variable that points to the hostname written in hosts
Run playbooks with Ansible
Next, we will run the playbook described above.
playbook execution log
When you check the switch, you can see that the settings have been reflected and the BGP session has been established.
BGP execution result (1)
Routes are also advertised normally.
BGP execution result (2)
You can also confirm that pings fly to the loopback of each switch from the advertised route.
ping result
This is the basic usage of Ansible. Next time, I would like to show you how to create a setting config with Ansible.
At the end
Macnica provides a service that remotely provides an environment where you can experience open networking and conduct tests and verifications.
This service allows us to verify the operability of network OSes and perform tests that combine network OSes from various manufacturers, white Box switches, and optical transceivers.
Image of remote verification service
It is a service that allows you to easily verify open networking, and the basic configuration is free of charge.
You can check the downloadable materials for available network OS and white Box switches, specific use cases, and how to apply. The materials can be downloaded from the URL listed in the information email by answering the questionnaire from the "Macnica Network OS Remote Verification Service" below.
These people are using the remote verification service.
Here are some testimonials from people who have actually used the service.
Furukawa Network Solution Co., Ltd.
“Recently, the number of remote service environments is increasing, but I was impressed with the ease of access to the evaluation equipment.
The materials you provided were easy to understand, and we were able to proceed smoothly with the intended verification. ”
Related information
Click here for list of materials
In addition to introducing products handled by Macnica,
We publish materials related to open networking, such as BGP cross network automatic construction files and network operation test evaluation reports.
Click here for details
Product Page Top
Edgecore Networks
We continue to be a pioneer in open networking by developing and selling products related to OpenNetworking/white Box switches.
Aviz Networks
We are pioneers of SONiC, an open source network operating system, providing observability, configuration automation tools and support from a team of SONiC experts.
IP Infusion
As a market leader among open networking providers, we provide reliable network solutions to over 600 customers, including carriers, service providers, and data centers.
Inquiry/Document request
In charge of Macnica Edgecore Networks
- TEL:045-470-9831
- E-mail:projectmonstar@macnica.co.jp
Weekdays: 9:00-17:00