Example In my previous posts in this project, I have explained how to setup NetBox and a couple of the Ansible collection features. In this post, I want to demonstrate what is possible using this approach. I have created multiple Ansible roles with different vars files containing a lot of configuration parameters.The repo for this […]
Complete Example of Ansible Deployment for NetBox Read More »
Git Branches The purpose of this NetBox Ansible project is to fix the problems I have encountered with multiple changes being pushed to NetBox by different engineers and then having multiple changes being made to the network devices with very little change control. Now that Ansible is able to make changes to my NetBox test,
Using Git Branches for NetBox Ansible Deployment Read More »
Removing Configuration for Individual Components In the previous post, I demonstrated an example of a custom field. Inside the task, there was a state parameter. This parameter tells NetBox whether to create or delete it.Leaving the state hard set inside the task means all custom tags (as in that example) will either be present, or
Removing Configuration in NetBox with Ansible Read More »
This post follows on from the NetBox setup post, upto the API token setup. SSL Configuration with Nginx In that previous post, SSL was not used. The connection was made insecure and ignored. Here, I will detail the steps to use Nginx as a proxy for the NetBox docker container. Add SAN to SSL Creation
NetBox and Ansible Setup Read More »
This is a post that takes the previous Nexus EVPN VXLAN Fabric and the Nexus EVPN VXLAN Fabric using Ansible posts, and uses the GitLab pipeline to perform the automation. In a previous post, I have walked through the setting up GitLab for CI/CD pipelines with external runners. For this GitLab project, I am using
Cisco Nexus EVPN VXLAN Fabric Ansible Automation GitLab Read More »
This is a post that takes the previous Nexus EVPN VXLAN Fabric post, and uses Ansible to build the topology. This is based off this Cisco developer document. General Info This project is located in my GitLab. In order to run the Ansible playbook navigate to the nexus_evpn, and run ansible-playbook -i inventory/DC_inv.ini site.yml Setup
Cisco Nexus EVPN VXLAN Fabric Ansible Automation Read More »
This is the completed Security Audit playbook.The playbook goes through a basic approved configuration for the devices. If there is anything missing, it is added. If there is anything that should not be there such as; an extra ACL line, or an extra NTP server or the enable secret being different this is fixed. The
Ansible Project: Network Security Audit 5 – Complete Security Audit Playbook Read More »
This is a test to get different commands added to different devices.There are multiple methods to achieve this.1. Use host_vars and set each var in the file. The task will pull the variables for the hosts. All need to be the same name2. Set individual plays for set commands. This does make the playbook longer.
Ansible Project: Network Security Audit 4 – Individual Device Commands Read More »
As I have been going through my list of configuration items for the security audit, I have only used Ansible to send commands. I haven’t used the ios_config module for any of its other abilities like interface configuration, gathering facts or ACL configuration.This post will cover 2/3 of those. Gathering facts, specifically ACL facts and
Ansible Project: Network Security Audit 3 – ios_acl Module Read More »
This test is designed to see if the VTY configuration is on the device. If there are any extra commands that are not part of the confirmed configuration, they will be removed. This is specifically for configuration items in the confirmed configuration. Anything outside this configuration scope will not have any changes made. The desired
Ansible Project: Network Security Audit 2 – VTY Configuration Read More »