cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

update Ansible-maintained platform guides with FQCN (#70369) (#71263)

Browse source 
* update platform guides with FQCN
* implemented feedback
* fix remainin fqcn
* Update docs/docsite/rst/network/user_guide/platform_netconf_enabled.rst
Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>

(cherry picked from commit 172230d7b8)
This commit is contained in:
Sandra McCann 2020-08-20 17:27:58 -04:00 committed by GitHub
parent 8775001671
commit 9a26fbe58e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 133 additions and 173 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

92
docs/docsite/rst/network/user_guide/platform_eos.rst
View file

@ -4,19 +4,20 @@
EOS Platform Options EOS Platform Options
*************************************** ***************************************
Arista EOS supports multiple connections. This page offers details on how each connection works in Ansible and how to use it. The `Arista EOS <https://galaxy.ansible.com/arista/eos>`_ collection supports multiple connections. This page offers details on how each connection works in Ansible and how to use it.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
:class: documentation-table :class: documentation-table
==================== ========================================== ========================= ==================== ========================================== ===========================
.. CLI eAPI .. CLI eAPI
==================== ========================================== ========================= ==================== ========================================== ===========================
Protocol SSH HTTP(S) Protocol SSH HTTP(S)
Credentials uses SSH keys / SSH-agent if present uses HTTPS certificates if Credentials uses SSH keys / SSH-agent if present uses HTTPS certificates if
@ -25,13 +26,9 @@ Connections Available
Indirect Access via a bastion (jump host) via a web proxy Indirect Access via a bastion (jump host) via a web proxy
Connection Settings ``ansible_connection: network_cli`` ``ansible_connection: httpapi`` Connection Settings ``ansible_connection:`` ``ansible_connection:``
``ansible.netcommon.network_cli`` ``ansible.netcommon.httpapi``
OR
``ansible_connection: local``
with ``transport: eapi``
in the ``provider`` dictionary
|enable_mode| supported: |br| supported: |br| |enable_mode| supported: |br| supported: |br|
@ -39,18 +36,13 @@ Connections Available
with ``ansible_become_method: enable`` uses ``ansible_become: yes`` with ``ansible_become_method: enable`` uses ``ansible_become: yes``
with ``ansible_become_method: enable`` with ``ansible_become_method: enable``
* ``local``
uses ``authorize: yes``
and ``auth_pass:``
in the ``provider`` dictionary
Returned Data Format ``stdout[0].`` ``stdout[0].messages[0].`` Returned Data Format ``stdout[0].`` ``stdout[0].messages[0].``
==================== ========================================== ========================= ==================== ========================================== ===========================
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, EOS still supports ``ansible_connection: local``. We recommend modernizing to use ``ansible_connection: network_cli`` or ``ansible_connection: httpapi`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` or ``ansible_connection: ansible.netcommon.httpapi`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -60,8 +52,8 @@ Example CLI ``group_vars/eos.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: network_cli ansible_connection: ansible.netcommon.network_cli
ansible_network_os: eos ansible_network_os: arista.eos.eos
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
ansible_become: yes ansible_become: yes
@ -74,16 +66,16 @@ Example CLI ``group_vars/eos.yml``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (eos) - name: Backup current switch config (eos)
eos_config: arista.eos.eos_config:
backup: yes backup: yes
register: backup_eos_location register: backup_eos_location
when: ansible_network_os == 'eos' when: ansible_network_os == 'arista.eos.eos'
@ -93,19 +85,19 @@ Using eAPI in Ansible
Enabling eAPI Enabling eAPI
------------- -------------
Before you can use eAPI to connect to a switch, you must enable eAPI. To enable eAPI on a new switch via Ansible, use the ``eos_eapi`` module via the CLI connection. Set up group_vars/eos.yml just like in the CLI example above, then run a playbook task like this: Before you can use eAPI to connect to a switch, you must enable eAPI. To enable eAPI on a new switch with Ansible, use the ``arista.eos.eos_eapi`` module through the CLI connection. Set up ``group_vars/eos.yml`` just like in the CLI example above, then run a playbook task like this:
.. code-block:: yaml .. code-block:: yaml
- name: Enable eAPI - name: Enable eAPI
eos_eapi: arista.eos.eos_eapi:
enable_http: yes enable_http: yes
enable_https: yes enable_https: yes
become: true become: true
become_method: enable become_method: enable
when: ansible_network_os == 'eos' when: ansible_network_os == 'arista.eos.eos'
You can find more options for enabling HTTP/HTTPS connections in the :ref:`eos_eapi <eos_eapi_module>` module documentation. You can find more options for enabling HTTP/HTTPS connections in the :ref:`arista.eos.eos_eapi <ansible_collections.arista.eos.eos_eapi_module>` module documentation.
Once eAPI is enabled, change your ``group_vars/eos.yml`` to use the eAPI connection. Once eAPI is enabled, change your ``group_vars/eos.yml`` to use the eAPI connection.
@ -114,8 +106,8 @@ Example eAPI ``group_vars/eos.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: httpapi ansible_connection: ansible.netcommon.httpapi
ansible_network_os: eos ansible_network_os: arista.eos.eos
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
ansible_become: yes ansible_become: yes
@ -127,56 +119,20 @@ Example eAPI ``group_vars/eos.yml``
- If you are accessing your host through a web proxy using ``https``, change ``http_proxy`` to ``https_proxy``. - If you are accessing your host through a web proxy using ``https``, change ``http_proxy`` to ``https_proxy``.
Example eAPI Task Example eAPI task
----------------- -----------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (eos) - name: Backup current switch config (eos)
eos_config: arista.eos.eos_config:
backup: yes backup: yes
register: backup_eos_location register: backup_eos_location
environment: "{{ proxy_env }}" environment: "{{ proxy_env }}"
when: ansible_network_os == 'eos' when: ansible_network_os == 'arista.eos.eos'
In this example the ``proxy_env`` variable defined in ``group_vars`` gets passed to the ``environment`` option of the module in the task. In this example the ``proxy_env`` variable defined in ``group_vars`` gets passed to the ``environment`` option of the module in the task.
eAPI examples with ``connection: local``
-----------------------------------------
``group_vars/eos.yml``:
.. code-block:: yaml
ansible_connection: local
ansible_network_os: eos
ansible_user: myuser
ansible_password: !vault...
eapi:
host: "{{ inventory_hostname }}"
transport: eapi
authorize: yes
auth_pass: !vault...
proxy_env:
http_proxy: http://proxy.example.com:8080
eAPI task:
.. code-block:: yaml
- name: Backup current switch config (eos)
eos_config:
backup: yes
provider: "{{ eapi }}"
register: backup_eos_location
environment: "{{ proxy_env }}"
when: ansible_network_os == 'eos'
In this example two variables defined in ``group_vars`` get passed to the module of the task:
- the ``eapi`` variable gets passed to the ``provider`` option of the module
- the ``proxy_env`` variable gets passed to the ``environment`` option of the module
.. include:: shared_snippets/SSH_warning.txt .. include:: shared_snippets/SSH_warning.txt
.. seealso:: .. seealso::

19
docs/docsite/rst/network/user_guide/platform_frr.rst
View file

@ -4,11 +4,12 @@
FRR Platform Options FRR Platform Options
*************************************** ***************************************
This page offers details on connection options to manage FRR using Ansible. The `FRR <https://galaxy.ansible.com/frr/frr>`_ collection supports the ``ansible.netcommon.network_cli`` connection. This section provides details on how to use this connection for Free Range Routing (FRR).
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -25,7 +26,7 @@ Connections Available
Indirect Access via a bastion (jump host) Indirect Access via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` Connection Settings ``ansible_connection: ansible.netcommon.network_cli``
|enable_mode| not supported |enable_mode| not supported
@ -43,24 +44,24 @@ Example CLI ``group_vars/frr.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: network_cli ansible_connection: ansible.netcommon.network_cli
ansible_network_os: frr ansible_network_os: frr.frr.frr
ansible_user: frruser ansible_user: frruser
ansible_password: !vault... ansible_password: !vault...
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"'
- The `ansible_user` should be a part of the `frrvty` group and should have the default shell set to `/bin/vtysh`. - The ``ansible_user`` should be a part of the ``frrvty`` group and should have the default shell set to ``/bin/vtysh``.
- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_password`` configuration. - If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_password`` configuration.
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Gather FRR facts - name: Gather FRR facts
frr_facts: frr.frr.frr_facts:
gather_subset: gather_subset:
- config - config
- hardware - hardware

21
docs/docsite/rst/network/user_guide/platform_ios.rst
View file

@ -4,11 +4,12 @@
IOS Platform Options IOS Platform Options
*************************************** ***************************************
IOS supports Enable Mode (Privilege Escalation). This page offers details on how to use Enable Mode on IOS in Ansible. The `Cisco IOS <https://galaxy.ansible.com/cisco/ios>`_ collection supports Enable Mode (Privilege Escalation). This page offers details on how to use Enable Mode on IOS in Ansible.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -25,7 +26,7 @@ Connections Available
Indirect Access via a bastion (jump host) Indirect Access via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` Connection Settings ``ansible_connection: ansible.netcommon.network_cli``
|enable_mode| supported: use ``ansible_become: yes`` with |enable_mode| supported: use ``ansible_become: yes`` with
``ansible_become_method: enable`` and ``ansible_become_password:`` ``ansible_become_method: enable`` and ``ansible_become_password:``
@ -36,7 +37,7 @@ Connections Available
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, IOS still supports ``ansible_connection: local``. We recommend modernizing to use ``ansible_connection: network_cli`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -46,8 +47,8 @@ Example CLI ``group_vars/ios.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: network_cli ansible_connection: ansible.netcommon.network_cli
ansible_network_os: ios ansible_network_os: cisco.ios.ios
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
ansible_become: yes ansible_become: yes
@ -60,16 +61,16 @@ Example CLI ``group_vars/ios.yml``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (ios) - name: Backup current switch config (ios)
ios_config: cisco.ios.ios_config:
backup: yes backup: yes
register: backup_ios_location register: backup_ios_location
when: ansible_network_os == 'ios' when: ansible_network_os == 'cisco.ios.ios'
.. include:: shared_snippets/SSH_warning.txt .. include:: shared_snippets/SSH_warning.txt

38
docs/docsite/rst/network/user_guide/platform_iosxr.rst
View file

@ -4,11 +4,12 @@
IOS-XR Platform Options IOS-XR Platform Options
*************************************** ***************************************
IOS-XR supports multiple connections. This page offers details on how each connection works in Ansible and how to use it. The `Cisco IOS-XR collection <https://galaxy.ansible.com/cisco/iosxr>`_ supports multiple connections. This page offers details on how each connection works in Ansible and how to use it.
.. contents:: Topic .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -29,7 +30,8 @@ Connections Available
Indirect Access via a bastion (jump host) via a bastion (jump host) Indirect Access via a bastion (jump host) via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` ``ansible_connection: netconf`` Connection Settings ``ansible_connection:`` ``ansible_connection:``
``ansible.netcommon.network_cli`` ``ansible.netcommon.netconf``
|enable_mode| not supported not supported |enable_mode| not supported not supported
@ -39,7 +41,7 @@ Connections Available
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, Ansible still supports ``ansible_connection=local`` on all IOS-XR modules. We recommend modernizing to use ``ansible_connection=netconf`` or ``ansible_connection=network_cli`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` or ``ansible_connection: ansible.netcommon.netconf`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -50,8 +52,8 @@ Example CLI inventory ``[iosxr:vars]``
.. code-block:: yaml .. code-block:: yaml
[iosxr:vars] [iosxr:vars]
ansible_connection=network_cli ansible_connection=ansible.netcommon.network_cli
ansible_network_os=iosxr ansible_network_os=cisco.iosxr.iosxr
ansible_user=myuser ansible_user=myuser
ansible_password=!vault... ansible_password=!vault...
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
@ -61,15 +63,15 @@ Example CLI inventory ``[iosxr:vars]``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Retrieve IOS-XR version - name: Retrieve IOS-XR version
iosxr_command: cisco.iosxr.iosxr_command:
commands: show version commands: show version
when: ansible_network_os == 'iosxr' when: ansible_network_os == 'cisco.iosxr.iosxr'
Using NETCONF in Ansible Using NETCONF in Ansible
@ -83,14 +85,14 @@ Before you can use NETCONF to connect to a switch, you must:
- install the ``ncclient`` python package on your control node(s) with ``pip install ncclient`` - install the ``ncclient`` python package on your control node(s) with ``pip install ncclient``
- enable NETCONF on the Cisco IOS-XR device(s) - enable NETCONF on the Cisco IOS-XR device(s)
To enable NETCONF on a new switch via Ansible, use the ``iosxr_netconf`` module via the CLI connection. Set up your platform-level variables just like in the CLI example above, then run a playbook task like this: To enable NETCONF on a new switch via Ansible, use the ``cisco.iosxr.iosxr_netconf`` module through the CLI connection. Set up your platform-level variables just like in the CLI example above, then run a playbook task like this:
.. code-block:: yaml .. code-block:: yaml
- name: Enable NETCONF - name: Enable NETCONF
connection: network_cli connection: ansible.netcommon.network_cli
iosxr_netconf: cisco.iosxr.iosxr_netconf:
when: ansible_network_os == 'iosxr' when: ansible_network_os == 'cisco.iosxr.iosxr'
Once NETCONF is enabled, change your variables to use the NETCONF connection. Once NETCONF is enabled, change your variables to use the NETCONF connection.
@ -100,20 +102,20 @@ Example NETCONF inventory ``[iosxr:vars]``
.. code-block:: yaml .. code-block:: yaml
[iosxr:vars] [iosxr:vars]
ansible_connection=netconf ansible_connection=ansible.netcommon.netconf
ansible_network_os=iosxr ansible_network_os=cisco.iosxr.iosxr
ansible_user=myuser ansible_user=myuser
ansible_password=!vault | ansible_password=!vault |
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
Example NETCONF Task Example NETCONF task
-------------------- --------------------
.. code-block:: yaml .. code-block:: yaml
- name: Configure hostname and domain-name - name: Configure hostname and domain-name
iosxr_system: cisco.iosxr.iosxr_system:
hostname: iosxr01 hostname: iosxr01
domain_name: test.example.com domain_name: test.example.com
domain_search: domain_search:

40
docs/docsite/rst/network/user_guide/platform_junos.rst
View file

@ -4,11 +4,12 @@
Junos OS Platform Options Junos OS Platform Options
*************************************** ***************************************
Juniper Junos OS supports multiple connections. This page offers details on how each connection works in Ansible and how to use it. The `Juniper Junos OS <https://galaxy.ansible.com/junipernetworks/junos>`_ supports multiple connections. This page offers details on how each connection works in Ansible and how to use it.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -28,7 +29,8 @@ Connections Available
Indirect Access via a bastion (jump host) via a bastion (jump host) Indirect Access via a bastion (jump host) via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` ``ansible_connection: netconf`` Connection Settings ``ansible_connection: ``ansible_connection:
``ansible.netcommon.network_cli`` ``ansible.netcommon.netconf``
|enable_mode| not supported by Junos OS not supported by Junos OS |enable_mode| not supported by Junos OS not supported by Junos OS
@ -40,7 +42,7 @@ Connections Available
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, Ansible still supports ``ansible_connection=local`` on all JUNOS modules. We recommend modernizing to use ``ansible_connection=netconf`` or ``ansible_connection=network_cli`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` or ``ansible_connection: ansible.netcommon.netconf`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -51,8 +53,8 @@ Example CLI inventory ``[junos:vars]``
.. code-block:: yaml .. code-block:: yaml
[junos:vars] [junos:vars]
ansible_connection=network_cli ansible_connection=ansible.netcommon.network_cli
ansible_network_os=junos ansible_network_os=junipernetworks.junos.junos
ansible_user=myuser ansible_user=myuser
ansible_password=!vault... ansible_password=!vault...
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
@ -62,15 +64,15 @@ Example CLI inventory ``[junos:vars]``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Retrieve Junos OS version - name: Retrieve Junos OS version
junos_command: junipernetworks.junos.junos_command:
commands: show version commands: show version
when: ansible_network_os == 'junos' when: ansible_network_os == 'junipernetworks.junos.junos'
Using NETCONF in Ansible Using NETCONF in Ansible
@ -84,14 +86,14 @@ Before you can use NETCONF to connect to a switch, you must:
- install the ``ncclient`` python package on your control node(s) with ``pip install ncclient`` - install the ``ncclient`` python package on your control node(s) with ``pip install ncclient``
- enable NETCONF on the Junos OS device(s) - enable NETCONF on the Junos OS device(s)
To enable NETCONF on a new switch via Ansible, use the ``junos_netconf`` module via the CLI connection. Set up your platform-level variables just like in the CLI example above, then run a playbook task like this: To enable NETCONF on a new switch via Ansible, use the ``junipernetworks.junos.junos_netconf`` module through the CLI connection. Set up your platform-level variables just like in the CLI example above, then run a playbook task like this:
.. code-block:: yaml .. code-block:: yaml
- name: Enable NETCONF - name: Enable NETCONF
connection: network_cli connection: ansible.netcommon.network_cli
junos_netconf: junipernetworks.junos.junos_netconf:
when: ansible_network_os == 'junos' when: ansible_network_os == 'junipernetworks.junos.junos'
Once NETCONF is enabled, change your variables to use the NETCONF connection. Once NETCONF is enabled, change your variables to use the NETCONF connection.
@ -101,23 +103,23 @@ Example NETCONF inventory ``[junos:vars]``
.. code-block:: yaml .. code-block:: yaml
[junos:vars] [junos:vars]
ansible_connection=netconf ansible_connection=ansible.netcommon.netconf
ansible_network_os=junos ansible_network_os=junipernetworks.junos.junos
ansible_user=myuser ansible_user=myuser
ansible_password=!vault | ansible_password=!vault |
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
Example NETCONF Task Example NETCONF task
-------------------- --------------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (junos) - name: Backup current switch config (junos)
junos_config: junipernetworks.junos.junos_config:
backup: yes backup: yes
register: backup_junos_location register: backup_junos_location
when: ansible_network_os == 'junos' when: ansible_network_os == 'junipernetworks.junos.junos'
.. include:: shared_snippets/SSH_warning.txt .. include:: shared_snippets/SSH_warning.txt

31
docs/docsite/rst/network/user_guide/platform_netconf_enabled.rst
View file

@ -6,9 +6,10 @@ Netconf enabled Platform Options
This page offers details on how the netconf connection works in Ansible and how to use it. This page offers details on how the netconf connection works in Ansible and how to use it.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
:class: documentation-table :class: documentation-table
@ -27,11 +28,11 @@ Connections Available
Indirect Access via a bastion (jump host) Indirect Access via a bastion (jump host)
Connection Settings ``ansible_connection: netconf`` Connection Settings ``ansible_connection: ansible.netcommon.netconf``
==================== ========================================== ==================== ==========================================
For legacy playbooks, Ansible still supports ``ansible_connection=local`` for the netconf_config module only. We recommend modernizing to use ``ansible_connection=netconf`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.netconf`` instead.
Using NETCONF in Ansible Using NETCONF in Ansible
======================== ========================
@ -50,9 +51,9 @@ For example set up your platform-level variables just like in the CLI example ab
.. code-block:: yaml .. code-block:: yaml
- name: Enable NETCONF - name: Enable NETCONF
connection: network_cli connection: ansible.netcommon.network_cli
junos_netconf: junipernetworks.junos.junos_netconf:
when: ansible_network_os == 'junos' when: ansible_network_os == 'junipernetworks.junos.junos'
Once NETCONF is enabled, change your variables to use the NETCONF connection. Once NETCONF is enabled, change your variables to use the NETCONF connection.
@ -62,37 +63,37 @@ Example NETCONF inventory ``[junos:vars]``
.. code-block:: yaml .. code-block:: yaml
[junos:vars] [junos:vars]
ansible_connection=netconf ansible_connection=ansible.netcommon.netconf
ansible_network_os=junos ansible_network_os=junipernetworks.junos.junos
ansible_user=myuser ansible_user=myuser
ansible_password=!vault | ansible_password=!vault |
Example NETCONF Task Example NETCONF task
-------------------- --------------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config - name: Backup current switch config
netconf_config: junipernetworks.junos.netconf_config:
backup: yes backup: yes
register: backup_junos_location register: backup_junos_location
Example NETCONF Task with configurable variables Example NETCONF task with configurable variables
------------------------------------------------ ------------------------------------------------
.. code-block:: yaml .. code-block:: yaml
- name: configure interface while providing different private key file path - name: configure interface while providing different private key file path
netconf_config: junipernetworks.junos.netconf_config:
backup: yes backup: yes
register: backup_junos_location register: backup_junos_location
vars: vars:
ansible_private_key_file: /home/admin/.ssh/newprivatekeyfile ansible_private_key_file: /home/admin/.ssh/newprivatekeyfile
Note: For netconf connection plugin configurable variables see :ref:`netconf <netconf_connection>`. Note: For netconf connection plugin configurable variables see :ref:`ansible.netcommon.netconf <ansible_collections.ansible.netcommon.netconf_connection>`.
Bastion/Jumphost Configuration Bastion/Jumphost configuration
------------------------------ ------------------------------
To use a jump host to connect to a NETCONF enabled device you must set the ``ANSIBLE_NETCONF_SSH_CONFIG`` environment variable. To use a jump host to connect to a NETCONF enabled device you must set the ``ANSIBLE_NETCONF_SSH_CONFIG`` environment variable.

44
docs/docsite/rst/network/user_guide/platform_nxos.rst
View file

@ -4,11 +4,12 @@
NXOS Platform Options NXOS Platform Options
*************************************** ***************************************
Cisco NXOS supports multiple connections. This page offers details on how each connection works in Ansible and how to use it. The `Cisco NXOS <https://galaxy.ansible.com/cisco/nxos>`_ supports multiple connections. This page offers details on how each connection works in Ansible and how to use it.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -25,13 +26,8 @@ Connections Available
Indirect Access via a bastion (jump host) via a web proxy Indirect Access via a bastion (jump host) via a web proxy
Connection Settings ``ansible_connection: network_cli`` ``ansible_connection: httpapi`` Connection Settings ``ansible_connection:`` ``ansible_connection:``
``ansible.netcommon.network_cli`` ``ansible.netcommon.httpapi``
OR
``ansible_connection: local``
with ``transport: nxapi``
in the ``provider`` dictionary
|enable_mode| supported: use ``ansible_become: yes`` not supported by NX-API |enable_mode| supported: use ``ansible_become: yes`` not supported by NX-API
with ``ansible_become_method: enable`` with ``ansible_become_method: enable``
@ -43,7 +39,7 @@ Connections Available
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) |br| supported as of 2.5.3 .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) |br| supported as of 2.5.3
For legacy playbooks, NXOS still supports ``ansible_connection: local``. We recommend modernizing to use ``ansible_connection: network_cli`` or ``ansible_connection: httpapi`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` or ``ansible_connection: ansible.netcommon.httpapi`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -53,8 +49,8 @@ Example CLI ``group_vars/nxos.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: network_cli ansible_connection: ansible.netcommon.network_cli
ansible_network_os: nxos ansible_network_os: cisco.nxos.nxos
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
ansible_become: yes ansible_become: yes
@ -67,16 +63,16 @@ Example CLI ``group_vars/nxos.yml``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (nxos) - name: Backup current switch config (nxos)
nxos_config: cisco.nxos.nxos_config:
backup: yes backup: yes
register: backup_nxos_location register: backup_nxos_location
when: ansible_network_os == 'nxos' when: ansible_network_os == 'cisco.nxos.nxos'
@ -91,10 +87,10 @@ Before you can use NX-API to connect to a switch, you must enable NX-API. To ena
.. code-block:: yaml .. code-block:: yaml
- name: Enable NX-API - name: Enable NX-API
nxos_nxapi: cisco.nxos.nxos_nxapi:
enable_http: yes enable_http: yes
enable_https: yes enable_https: yes
when: ansible_network_os == 'nxos' when: ansible_network_os == 'cisco.nxos.nxos'
To find out more about the options for enabling HTTP/HTTPS and local http see the :ref:`nxos_nxapi <nxos_nxapi_module>` module documentation. To find out more about the options for enabling HTTP/HTTPS and local http see the :ref:`nxos_nxapi <nxos_nxapi_module>` module documentation.
@ -105,8 +101,8 @@ Example NX-API ``group_vars/nxos.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: httpapi ansible_connection: ansible.netcommon.httpapi
ansible_network_os: nxos ansible_network_os: cisco.nxos.nxos
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
proxy_env: proxy_env:
@ -116,23 +112,23 @@ Example NX-API ``group_vars/nxos.yml``
- If you are accessing your host through a web proxy using ``https``, change ``http_proxy`` to ``https_proxy``. - If you are accessing your host through a web proxy using ``https``, change ``http_proxy`` to ``https_proxy``.
Example NX-API Task Example NX-API task
------------------- -------------------
.. code-block:: yaml .. code-block:: yaml
- name: Backup current switch config (nxos) - name: Backup current switch config (nxos)
nxos_config: cisco.nxos.nxos_config:
backup: yes backup: yes
register: backup_nxos_location register: backup_nxos_location
environment: "{{ proxy_env }}" environment: "{{ proxy_env }}"
when: ansible_network_os == 'nxos' when: ansible_network_os == 'cisco.nxos.nxos'
In this example the ``proxy_env`` variable defined in ``group_vars`` gets passed to the ``environment`` option of the module used in the task. In this example the ``proxy_env`` variable defined in ``group_vars`` gets passed to the ``environment`` option of the module used in the task.
.. include:: shared_snippets/SSH_warning.txt .. include:: shared_snippets/SSH_warning.txt
Cisco Nexus Platform Support Matrix Cisco Nexus platform support matrix
=================================== ===================================
The following platforms and software versions have been certified by Cisco to work with this version of Ansible. The following platforms and software versions have been certified by Cisco to work with this version of Ansible.

21
docs/docsite/rst/network/user_guide/platform_vyos.rst
View file

@ -4,11 +4,12 @@
VyOS Platform Options VyOS Platform Options
*************************************** ***************************************
This page offers details on connection options to manage VyOS using Ansible. The `VyOS <https://galaxy.ansible.com/vyos/vyos>`_ collection supports the ``ansible.netcommon.network_cli`` connection type. This page offers details on connection options to manage VyOS using Ansible.
.. contents:: Topics .. contents::
:local:
Connections Available Connections available
================================================================================ ================================================================================
.. table:: .. table::
@ -25,7 +26,7 @@ Connections Available
Indirect Access via a bastion (jump host) Indirect Access via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` Connection Settings ``ansible_connection: ansible.netcommon.network_cli``
|enable_mode| not supported |enable_mode| not supported
@ -35,7 +36,7 @@ Connections Available
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) .. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, VyOS still supports ``ansible_connection: local``. We recommend modernizing to use ``ansible_connection: network_cli`` as soon as possible. The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` instead.
Using CLI in Ansible Using CLI in Ansible
==================== ====================
@ -45,8 +46,8 @@ Example CLI ``group_vars/vyos.yml``
.. code-block:: yaml .. code-block:: yaml
ansible_connection: network_cli ansible_connection: ansible.netcommon.network_cli
ansible_network_os: vyos ansible_network_os: vyos.vyos.vyos
ansible_user: myuser ansible_user: myuser
ansible_password: !vault... ansible_password: !vault...
ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"'
@ -56,15 +57,15 @@ Example CLI ``group_vars/vyos.yml``
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. - If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. - If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task Example CLI task
---------------- ----------------
.. code-block:: yaml .. code-block:: yaml
- name: Retrieve VyOS version info - name: Retrieve VyOS version info
vyos_command: vyos.vyos.vyos_command:
commands: show version commands: show version
when: ansible_network_os == 'vyos' when: ansible_network_os == 'vyos.vyos.vyos'
.. include:: shared_snippets/SSH_warning.txt .. include:: shared_snippets/SSH_warning.txt