Merge pull request #29 from MitchV85/autovpn-lab

AutoVPN Deployment Guide: cLab Topology and Configs

.gitignore

@@ -2,8 +2,9 @@
 **.tok**
 
 # clab auto-created directories and files
-**clab-*
+**.clab-*
+*clab-*/
 *.yml.bak
 
 # license files
-*license*.json
+*license*.json

tech-library/wan/autovpn/zbackend-infra/act/ansible.cfg

@@ -1,45 +1,16 @@
 [defaults]
-
-# Disable host key checking by the underlying tools Ansible uses to connect to target hosts
-host_key_checking = False
-
-# Location of inventory file containing target hosts
-inventory = ./inventory/inventory.yml
-
-# Only gather Ansible facts if explicity directed to in a given play
-gathering = explicit
-
-# Disable the creation of .retry files if a playbook fails
-retry_files_enabled = False
-
-# Path(s) to search for installed Ansible Galaxy Collections
-collections_paths = ~/.ansible/collections
-
-# Enable additional Jinja2 Extensions (https://jinja.palletsprojects.com/en/3.1.x/extensions/)
+roles_path = ./roles
+collections_paths = ../ansible-avd:../ansible-cvp:../ansible_collections:~/.ansible/collections:/usr/share/ansible/collections
 jinja2_extensions =  jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n
+deprecation_warnings = False
+forks = 8
+host_key_checking = False
 
-# Enable the YAML callback plugin, providing much easier to read terminal output. (https://docs.ansible.com/ansible/latest/plugins/callback.html#callback-plugins)
-# stdout_callback = yaml
-
-# Permit the use of callback plugins when running ad-hoc commands
-bin_ansible_callbacks = True
-
-# List of enabled callbacks. Many callbacks shipped with Ansible are not enabled by default
-callbacks_enabled = profile_roles, profile_tasks, timer
-
-# Maximum number of forks that Ansible will use to execute tasks on target hosts
-forks = 15
-
-# Disable cowsay (Why?)
-nocows = True
-
-[paramiko_connection]
-# Automatically add the keys of target hosts to known hosts
-host_key_auto_add = True
+vars_plugins_enabled = arista.avd.global_vars, host_group_vars
 
 [persistent_connection]
-# Set the amount of time, in seconds, to wait for response from remote device before timing out persistent connection.
-command_timeout = 60
+connect_timeout = 120
+command_timeout = 120
 
-# Set the amount of time, in seconds, that a persistent connection will remain idle before it is destroyed.
-connect_timeout = 60
+[vars_global_vars]
+paths = ../global_vars/evpn_vxlan, ../global_vars/avd_defaults, ../global_vars/fabric_defaults

tech-library/wan/autovpn/zbackend-infra/act/config_push.yml

@@ -11,8 +11,16 @@
 
   tasks:
 
-    - name: "Configs from {{ config_dir }}"
+    - name: "Push configs to EOS nodes from {{ config_dir }}"
       eos_config:
         src: "{{ config_dir }}{{ inventory_hostname }}.cfg"
         replace: config
         save_when: changed
+      when: 'HOST' not in {{ inventory_hostname }}
+
+    - name: "Configure end hosts"
+      eos_config:
+        src: "{{ config_dir }}{{ inventory_hostname }}.cfg"
+        replace: config
+        save_when: changed
+      when: 'HOST' in {{ inventory_hostname }}

tech-library/wan/autovpn/zbackend-infra/act/host_networking.yml

@@ -0,0 +1,9 @@
+hostnets:
+  HOSTA1:
+    int: et1
+    ip: 10.10.10.101
+    gw: 10.10.10.1
+  HOSTA2:
+    int: et1
+    ip: 10.20.20.101
+    gw: 10.20.20.1

tech-library/wan/autovpn/zbackend-infra/act/inventory/group_vars/endhosts.yml

@@ -0,0 +1,3 @@
+ansible_user: ansible
+ansible_password: ansible
+ansible_python_interpreter: $(which python3)

tech-library/wan/autovpn/zbackend-infra/act/inventory/inventory.yml

@@ -44,4 +44,10 @@ all:
             S1-R2:
               ansible_host: 192.168.0.24
             S2-R1:
-              ansible_host: 192.168.0.26
+              ansible_host: 192.168.0.26
+    endhosts:
+      hosts:
+        HOSTA1:
+          ansible_host: 192.168.0.201
+        HOSTA2:
+          ansible_host: 192.168.0.202

tech-library/wan/autovpn/zbackend-infra/act/test.yml

@@ -0,0 +1,20 @@
+---
+
+- name: Push switch configs
+  hosts: all
+  gather_facts: false
+
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+    config_dir: "{{ playbook_dir }}/../configs/"
+  vars_files:
+    - "./host_networking.yml"
+  tasks:
+
+    - name: "Configure et1 ip address"
+      ansible.builtin.shell: |
+        ip addr add {{ hostnets[inventory_hostname].ip }} dev {{ hostnets[inventory_hostname].int }}
+        ip route add 10.40.40.0/24 via {{ hostnets[inventory_hostname].gw }}
+      register: test
+      become: yes
+      when: "{{ 'HOST' in inventory_hostname }}"

tech-library/wan/autovpn/zbackend-infra/clab/Makefile

@@ -0,0 +1,16 @@
+.PHONY: help
+help: ## Display help message
+	@grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+
+.PHONY: push-configs
+push-configs: ## Push configs to lab
+	ansible-playbook config_push.yml
+
+.PHONY: grab-configs
+grab-configs: ## Grab configs from the lab
+	ansible-playbook config_grab.yml
+
+.PHONY: push-license
+push-license: ## Push license to CloudEOS nodes
+	pip3 install paramiko ansible-pylibssh
+	ansible-playbook push_license.yml -e ansible_connection=network_cli

tech-library/wan/autovpn/zbackend-infra/clab/ansible.cfg

@@ -0,0 +1,17 @@
+[defaults]
+roles_path = ./roles
+inventory = inventory/inventory.yml
+collections_paths = ../ansible-avd:../ansible-cvp:../ansible_collections:~/.ansible/collections:/usr/share/ansible/collections
+jinja2_extensions =  jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n
+deprecation_warnings = False
+forks = 8
+host_key_checking = False
+
+vars_plugins_enabled = arista.avd.global_vars, host_group_vars
+
+[persistent_connection]
+connect_timeout = 120
+command_timeout = 120
+
+[vars_global_vars]
+paths = ../global_vars/evpn_vxlan, ../global_vars/avd_defaults, ../global_vars/fabric_defaults