Add iosxr platform guide (#60936)

Signed-off-by: NilashishC <nilashishchakraborty8@gmail.com>
This commit is contained in:
Nilashish Chakraborty 2019-08-22 23:35:15 +05:30 committed by Sandra McCann
parent cedc012e30
commit d06930d6f6
18 changed files with 169 additions and 22 deletions

View file

@ -20,6 +20,7 @@ Some Ansible Network platforms support multiple connection types, privilege esca
platform_exos platform_exos
platform_icx platform_icx
platform_ios platform_ios
platform_iosxr
platform_ironware platform_ironware
platform_junos platform_junos
platform_netvisor platform_netvisor

View file

@ -0,0 +1,124 @@
.. _iosxr_platform_options:
***************************************
IOS-XR Platform Options
***************************************
IOS-XR supports multiple connections. This page offers details on how each connection works in Ansible and how to use it.
.. contents:: Topic
Connections Available
================================================================================
.. table::
:class: documentation-table
==================== ========================================== =========================
.. CLI NETCONF
only for modules ``iosxr_banner``,
``iosxr_interface``, ``iosxr_logging``,
``iosxr_system``, ``iosxr_user``
==================== ========================================== =========================
Protocol SSH XML over SSH
Credentials uses SSH keys / SSH-agent if present uses SSH keys / SSH-agent if present
accepts ``-u myuser -k`` if using password accepts ``-u myuser -k`` if using password
Indirect Access via a bastion (jump host) via a bastion (jump host)
Connection Settings ``ansible_connection: network_cli`` ``ansible_connection: netconf``
|enable_mode| not supported not supported
Returned Data Format Refer to individual module documentation Refer to individual module documentation
==================== ========================================== =========================
.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation)
For legacy playbooks, Ansible still supports ``ansible_connection=local`` on all IOS-XR modules. We recommend modernizing to use ``ansible_connection=netconf`` or ``ansible_connection=network_cli`` as soon as possible.
Using CLI in Ansible
====================
Example CLI inventory ``[iosxr:vars]``
--------------------------------------
.. code-block:: yaml
[iosxr:vars]
ansible_connection=network_cli
ansible_network_os=iosxr
ansible_user=myuser
ansible_password=!vault...
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_password`` configuration.
- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration.
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables.
Example CLI Task
----------------
.. code-block:: yaml
- name: Retrieve IOS-XR version
iosxr_command:
commands: show version
when: ansible_network_os == 'iosxr'
Using NETCONF in Ansible
========================
Enabling NETCONF
----------------
Before you can use NETCONF to connect to a switch, you must:
- install the ``ncclient`` python package on your control node(s) with ``pip install ncclient``
- enable NETCONF on the Cisco IOS-XR device(s)
To enable NETCONF on a new switch via Ansible, use the ``iosxr_netconf`` module via the CLI connection. Set up your platform-level variables just like in the CLI example above, then run a playbook task like this:
.. code-block:: yaml
- name: Enable NETCONF
connection: network_cli
iosxr_netconf:
when: ansible_network_os == 'iosxr'
Once NETCONF is enabled, change your variables to use the NETCONF connection.
Example NETCONF inventory ``[iosxr:vars]``
------------------------------------------
.. code-block:: yaml
[iosxr:vars]
ansible_connection=netconf
ansible_network_os=iosxr
ansible_user=myuser
ansible_password=!vault |
ansible_ssh_common_args='-o ProxyCommand="ssh -W %h:%p -q bastion01"'
Example NETCONF Task
--------------------
.. code-block:: yaml
- name: Configure hostname and domain-name
iosxr_system:
hostname: iosxr01
domain_name: test.example.com
domain_search:
- ansible.com
- redhat.com
- cisco.com
.. include:: shared_snippets/SSH_warning.txt

View file

@ -28,9 +28,13 @@ deprecated:
removed_in: '2.13' removed_in: '2.13'
alternative: iosxr_interfaces alternative: iosxr_interfaces
why: Newer and updated modules released with more functionality in Ansible 2.9 why: Newer and updated modules released with more functionality in Ansible 2.9
requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- Tested against IOS XRv 6.1.2 - This module works with connection C(network_cli) and C(netconf). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against IOS XRv 6.1.3.
- Preconfiguration of physical interfaces is not supported with C(netconf) transport. - Preconfiguration of physical interfaces is not supported with C(netconf) transport.
options: options:
name: name:

View file

@ -24,9 +24,13 @@ description:
- This module will configure both exec and motd banners on remote device - This module will configure both exec and motd banners on remote device
running Cisco IOS XR. It allows playbooks to add or remove running Cisco IOS XR. It allows playbooks to add or remove
banner text from the running configuration. banner text from the running configuration.
requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- Tested against IOS XRv 6.1.2 - Tested against IOS XRv 6.1.3.
- This module works with connection C(network_cli) and C(netconf). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
options: options:
banner: banner:
description: description:

View file

@ -25,7 +25,7 @@ description:
on devices running Cisco IOS-XR on devices running Cisco IOS-XR
notes: notes:
- Tested against Cisco IOS XR Software Version 6.1.3 - Tested against Cisco IOS XR Software Version 6.1.3
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
options: options:
config: config:
description: description:

View file

@ -27,8 +27,9 @@ description:
Please use M(iosxr_config) to configure iosxr devices. Please use M(iosxr_config) to configure iosxr devices.
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- This module does not support netconf connection - This module works with C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against IOS XR 6.1.2 - This module does not support C(netconf) connection.
- Tested against IOS XR 6.1.3
options: options:
commands: commands:
description: description:

View file

@ -25,8 +25,9 @@ description:
a deterministic way. a deterministic way.
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- Tested against IOS XRv 6.1.2 - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- This module does not support netconf connection - Tested against IOS XRv 6.1.3.
- This module does not support C(netconf) connection
- Abbreviated commands are NOT idempotent, see - Abbreviated commands are NOT idempotent, see
L(Network FAQ,../network/user_guide/faq.html#why-do-the-config-modules-always-return-changed-true-with-abbreviated-commands). L(Network FAQ,../network/user_guide/faq.html#why-do-the-config-modules-always-return-changed-true-with-abbreviated-commands).
- Avoid service disrupting changes (viz. Management IP) from config replace. - Avoid service disrupting changes (viz. Management IP) from config replace.

View file

@ -28,6 +28,9 @@ description:
respective resource name. The facts module will always collect a respective resource name. The facts module will always collect a
base set of facts from the device and can enable or disable base set of facts from the device and can enable or disable
collection of additional facts. collection of additional facts.
notes:
- Tested against IOS-XR 6.1.3.
- This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
author: author:
- Ricardo Carrillo Cruz (@rcarrillocruz) - Ricardo Carrillo Cruz (@rcarrillocruz)
- Nilashish Chakraborty (@Nilashishc) - Nilashish Chakraborty (@Nilashishc)

View file

@ -41,7 +41,7 @@ description: This module manages the interface attributes on Cisco IOS-XR networ
author: Sumit Jaiswal (@justjais) author: Sumit Jaiswal (@justjais)
notes: notes:
- Tested against Cisco IOS-XRv Version 6.1.3 on VIRL. - Tested against Cisco IOS-XRv Version 6.1.3 on VIRL.
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
options: options:
config: config:
description: A dictionary of interface options description: A dictionary of interface options

View file

@ -44,7 +44,7 @@ description:
- This module manages Global Link Aggregation Control Protocol (LACP) on IOS-XR devices. - This module manages Global Link Aggregation Control Protocol (LACP) on IOS-XR devices.
notes: notes:
- Tested against IOS-XR 6.1.3. - Tested against IOS-XR 6.1.3.
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
author: Nilashish Chakraborty (@nilashishc) author: Nilashish Chakraborty (@nilashishc)
options: options:
config: config:

View file

@ -44,7 +44,7 @@ description:
- This module manages Link Aggregation Control Protocol (LACP) attributes of interfaces on IOS-XR devices. - This module manages Link Aggregation Control Protocol (LACP) attributes of interfaces on IOS-XR devices.
notes: notes:
- Tested against IOS-XR 6.1.3. - Tested against IOS-XR 6.1.3.
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
author: Nilashish Chakraborty (@nilashishc) author: Nilashish Chakraborty (@nilashishc)
options: options:
config: config:

View file

@ -44,7 +44,7 @@ description:
- This module manages Global Link Layer Discovery Protocol (LLDP) settings on IOS-XR devices. - This module manages Global Link Layer Discovery Protocol (LLDP) settings on IOS-XR devices.
notes: notes:
- Tested against IOS-XR 6.1.3. - Tested against IOS-XR 6.1.3.
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
author: Nilashish Chakraborty (@NilashishC) author: Nilashish Chakraborty (@NilashishC)
options: options:
config: config:

View file

@ -44,7 +44,7 @@ description:
- This module manages Link Layer Discovery Protocol (LLDP) attributes of interfaces on IOS-XR devices. - This module manages Link Layer Discovery Protocol (LLDP) attributes of interfaces on IOS-XR devices.
notes: notes:
- Tested against IOS-XR 6.1.3. - Tested against IOS-XR 6.1.3.
- This module works with connection C(network_cli). - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
author: Nilashish Chakraborty (@nilashishc) author: Nilashish Chakraborty (@nilashishc)
options: options:
config: config:

View file

@ -23,8 +23,12 @@ short_description: Configuration management of system logging services on networ
description: description:
- This module provides declarative management configuration of system logging (syslog) - This module provides declarative management configuration of system logging (syslog)
on Cisco IOS XR devices. on Cisco IOS XR devices.
requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
notes: notes:
- Tested against IOS XRv 6.1.2 - This module works with connection C(network_cli) and C(netconf). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against IOS XRv 6.1.3
options: options:
dest: dest:
description: description:

View file

@ -51,7 +51,8 @@ options:
default: present default: present
choices: ['present', 'absent'] choices: ['present', 'absent']
notes: notes:
- Tested against Cisco IOS XR Software, Version 6.1.2 - This module works with connection C(network_cli). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against Cisco IOS XR Software, Version 6.1.3
""" """
EXAMPLES = """ EXAMPLES = """

View file

@ -24,9 +24,13 @@ description:
on Cisco IOS XR devices. It provides an option to configure host system on Cisco IOS XR devices. It provides an option to configure host system
parameters or remove those parameters from the device active parameters or remove those parameters from the device active
configuration. configuration.
requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- Tested against IOS XRv 6.1.2 - This module works with connection C(network_cli) and C(netconf). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against IOS XRv 6.1.3
- name-servers I(state=absent) operation with C(netconf) transport is a success, but with rpc-error. This is - name-servers I(state=absent) operation with C(netconf) transport is a success, but with rpc-error. This is
due to XR platform issue. Recommended to use I(ignore_errors) option with the task as a workaround. due to XR platform issue. Recommended to use I(ignore_errors) option with the task as a workaround.
options: options:
@ -85,7 +89,7 @@ EXAMPLES = """
iosxr_system: iosxr_system:
hostname: iosxr01 hostname: iosxr01
domain_name: test.example.com domain_name: test.example.com
domain-search: domain_search:
- ansible.com - ansible.com
- redhat.com - redhat.com
- cisco.com - cisco.com
@ -93,7 +97,7 @@ EXAMPLES = """
iosxr_system: iosxr_system:
hostname: iosxr01 hostname: iosxr01
domain_name: test.example.com domain_name: test.example.com
domain-search: domain_search:
- ansible.com - ansible.com
- redhat.com - redhat.com
- cisco.com - cisco.com
@ -103,7 +107,7 @@ EXAMPLES = """
hostname: iosxr01 hostname: iosxr01
vrf: nondefault vrf: nondefault
domain_name: test.example.com domain_name: test.example.com
domain-search: domain_search:
- ansible.com - ansible.com
- redhat.com - redhat.com
- cisco.com - cisco.com

View file

@ -29,7 +29,8 @@ description:
configuration that are not explicitly defined. configuration that are not explicitly defined.
extends_documentation_fragment: iosxr extends_documentation_fragment: iosxr
notes: notes:
- Tested against IOS XRv 6.1.2 - This module works with connection C(network_cli) and C(netconf). See L(the IOS-XR Platform Options,../network/user_guide/platform_iosxr.html).
- Tested against IOS XRv 6.1.3
options: options:
aggregate: aggregate:
description: description:
@ -121,6 +122,8 @@ options:
public_key.If used with multiple users in aggregates, then the public_key.If used with multiple users in aggregates, then the
same key file is used for all users. same key file is used for all users.
requirements: requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
- base64 when using I(public_key_contents) or I(public_key) - base64 when using I(public_key_contents) or I(public_key)
- paramiko when using I(public_key_contents) or I(public_key) - paramiko when using I(public_key_contents) or I(public_key)
""" """

View file

@ -59,9 +59,6 @@ options:
in the task, the value of environment variable C(ANSIBLE_NET_SSH_KEYFILE) in the task, the value of environment variable C(ANSIBLE_NET_SSH_KEYFILE)
will be used instead. will be used instead.
type: path type: path
requirements:
- ncclient >= 0.5.3 when using netconf
- lxml >= 4.1.1 when using netconf
notes: notes:
- For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>`
- For more information on using Ansible to manage Cisco devices see the `Cisco integration page <https://www.ansible.com/integrations/networks/cisco>`_. - For more information on using Ansible to manage Cisco devices see the `Cisco integration page <https://www.ansible.com/integrations/networks/cisco>`_.