Network Back Up and Configuration - Solution Guide

Updated -

Overview

In this use case, we'll walk through the process of backing up Cisco network devices and making some simple configuration updates. For purposes of this article, we will be demonstrating the automation of Cisco IOS devices, but this automation could easily be applied to Arista, Juniper or other network components supported by various Ansible Content Collections.

Operational impact: Medium

Business value drivers

  • Reduced downtime
  • Increased productivity
  • Improved network reliability

Technical value drivers

  • Patch your network consistently in minutes, not days
  • Remove human effort and errors during network configuration
  • Enforce configuration policies and system hardening

Recommended demo and self-paced labs:

Prerequisites

This solutions guide assumes a working knowledge of YAML, Ansible Playbooks, the Ansible VS Code extension, execution environments, Ansible navigator, and Git. If these concepts are less familiar to you, please start with these learning paths:

The Ansible Content Collections referenced in this guide can be found in the Red Hat Ansible Automation Hub, which is available to current subscribers. Not currently an Ansible Automation Platform customer? Sign up for a free 60-day trial.

Featured Ansible Content Collections

For this guide we will be using 2 collections:

Note: For the examples below you will need to build an Execution Environment or create a requirements.yml file in your Project to source the network.backup validated collection from Automation Hub, as this collection is not included in the bundled Execution Environments in AAP.

Ansible Automation Platform features used

  • Ansible Playbooks
  • Automation execution
  • Ansible execution environments
  • Automation hub

Other:

Step 1: Backup network devices

Operational impact: Low

---
- name: Create Network Backup
  hosts: all
  gather_facts: true
  vars:
    data_store:
      scm:
        origin:
          user:
            name: "username"
            email: "user@example.com" 
          url: "https://github.com/org_example/repo_example"
          token: "{{ lookup('env', 'gh_token') }}"
          path: "backups/{{ ansible_network_os }}"
          filename: "{{ inventory_hostname }}.txt"
  tasks:
    - name: Set host-level var for backup role
      set_fact:
        data_store: "{{ data_store }}"
    - name: Create Network Backup and Push to GitHub
      ansible.builtin.include_role:
        name: network.backup.backup
  • Create a job template using your network backup playbook project. Save your Job Template as "Create Network Backup".

Network back up job template
Network back up job template

Step 2: Apply network device configuration

Operational impact: Medium

NOTE: Run Steps 1 and 2 in a test environment and confirm settings before repeating these steps in a production environment.

Please refer to the Cisco certified content collection for network configuration modules that are available for download from the Red Hat Ansible Automation Hub. Examples of common network configuration modules include:

  • cisco.ios.ios_bgp_address_family: Configures and manages the attributes of bgp address family.
  • cisco.ios.ios_bgp_global: Configures and manages the attributes of global bgp
  • cisco.ios.ios_vlans: Configures VLANs
  • cisco.ios.ios_acls: Configures and manages the named or numbered ACLs
  • cisco.ios.ios_hostname: Provides declarative management of hostname
  • cisco.ios.ios_interfaces: Manages the interface attributes.
  • cisco.ios.ios_logging_global: Manages the logging attributes.

Using any of the above modules, write a playbook to apply your updated network configurations and save to the Git repository for your project. Below is an example using the ios_ios_vlans module.

---
- name: Network configuration update
  hosts: cisco
  tasks:
    - name: Configure VLANs
      cisco.ios.ios_vlans:
        config:
          - name: Data
            vlan_id: 10
            state: active
          - name: Voice
            vlan_id: 20
            state: active
          - name: Management
            vlan_id: 99
            state: active
        state: merged

Playbook example for configuring VLANs

  • Create a job template for your project and save it as "Network configuration update", then select Launch to run the template.
  • Note: This playbook is stored in your Git repository and can later be used as a source of truth, as the VLANs will be documented there.

Network configuration update
Network configuration update

Step 3: Restore network devices (if needed)

Operational impact: High

  • You can create a "Restore Network Backup" Job Template (example below) to revert any changes and load the backup you generated in step 1. If there are issues with the new network configuration you applied in step 2, you can use this to restore the device to it's previous state.
  • Warning: This is a write operation. Make sure to test the restore Job Template in a development environment before using it in production.
---
- name: Restore Network Backup
  hosts: all
  gather_facts: true
  vars:
    data_store:
      scm:
        origin:
          user:
            name: "username"
            email: "user@example.com" 
          url: "https://github.com/org_example/repo_example"
          token: "{{ lookup('env', 'gh_token') }}"
          path: "backups/{{ ansible_network_os }}"
          filename: "{{ inventory_hostname }}.txt"
  tasks:
    - name: Set host-level var for backup role
      set_fact:
        data_store: "{{ data_store }}"
    - name: Restore network config from saved config
      ansible.builtin.include_role:
        name: network.backup.restore

Next Steps

Once you're comfortable using Ansible Automation Platform for basic network fact gathering, backups, and configuration, we recommend you explore Event-Driven Ansible for Network automation:

Comments