diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b1f3b64 --- /dev/null +++ b/.gitignore @@ -0,0 +1,102 @@ +id_rsa +id_rsa.pub +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*,cover +.hypothesis/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# IPython Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule + +# dotenv +.env + +# virtualenv +venv/ +ENV/ +.Python +[Bb]in +[Ii]nclude +[Ll]ib +[Ll]ib64 +[Ll]ocal +[Ss]cripts +[Ss]hare +pyvenv.cfg +.venv +pip-selfcheck.json + +# Spyder project settings +.spyderproject + +# Rope project settings +.ropeproject diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..b834221 --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,10 @@ +[defaults] +roles_path = /srv/ansible/roles +host_key_checking = False +library = /srv/ansible/lib/python3.5/site-packages/napalm_ansible-0.9.1-py3.5.egg/napalm_ansible/modules +action_plugins = /srv/ansible/lib/python3.5/site-packages/napalm_ansible-0.9.1-py3.5.egg/napalm_ansible/plugins/action + +[persistent_connection] +command_timeout=100 +connect_timeout=100 +connect_retry_timeout=100 diff --git a/backup.yml b/backup.yml new file mode 100644 index 0000000..ec634ec --- /dev/null +++ b/backup.yml @@ -0,0 +1,24 @@ +--- + +- name: Network Getting Started First Playbook + hosts: vmx + gather_facts: false + tasks: + + - name: Backup JunOS config + junos_config: + backup: yes + register: backup_junos_location + when: ansible_network_os == 'junos' + + - name: Create backup dir + file: + path: "/tmp/backups/{{ inventory_hostname }}" + state: directory + recurse: yes + + - name: Copy backup files into /tmp/backups/ (junos) + copy: + src: "{{ backup_junos_location.backup_path }}" + dest: "/tmp/backups/{{ inventory_hostname }}/{{ inventory_hostname }}.bck" + when: ansible_network_os == 'junos' diff --git a/backup/vmx1_config.2018-04-18@13:54:21 b/backup/vmx1_config.2018-04-18@13:54:21 new file mode 100644 index 0000000..e9b251f --- /dev/null +++ b/backup/vmx1_config.2018-04-18@13:54:21 @@ -0,0 +1,102 @@ +set version 15.1F6.9 +set system host-name nslab-vmx1 +set system root-authentication encrypted-password "$5$CRmQ12uP$4jBHGU7gqS7LxxQNBW7bnBdex2sZhzhV6UUprQIRZf1" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system syslog user * any emergency +set system syslog file messages any notice +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set system ntp boot-server 192.241.206.171 +set system ntp server 10.39.8.14 +deactivate system ntp server 10.39.8.14 +set system ntp server 129.6.15.29 +set system ntp source-address 10.39.8.10 +set chassis fpc 0 lite-mode +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx2 ge-0/0/0 test" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.21/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/1 description "1000BaseT to nsdev-vmx6 ge-0/0/1" +set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.34/31 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces ge-0/0/2 description "1000BaseT to nslab-mx240-1 ge-1/0/9 via vmx1-p2p2" +set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.23/31 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/3 description "1000BaseT to nslab-vmx7-cust1-ce1 ge-0/0/0" +set interfaces ge-0/0/3 unit 0 +set interfaces ge-0/0/4 unit 0 family inet +set interfaces fxp0 unit 0 family inet address 10.39.0.22/20 +set interfaces lo0 unit 0 family inet address 10.39.8.10/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8010.00 +set interfaces lo0 unit 4 family inet address 1.1.1.1/32 +set snmp community public authorization read-only +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options flow route test_discard then discard +set routing-options flow route test_discard match source 2.2.2.1/32 +deactivate routing-options flow route test_discard +set routing-options flow term-order standard +set routing-options router-id 10.39.8.10 +set routing-options autonomous-system 65150 +set routing-options validation group rpki-validator session 163.253.39.165 port 8282 +set protocols rsvp interface ge-0/0/1.0 +set protocols mpls label-switched-path vmx1-to-vmx3 to 10.39.8.12 +set protocols mpls label-switched-path vmx1-to-vmx6 to 10.39.8.15 +set protocols mpls interface lo0.0 +set protocols mpls interface ge-0/0/1.0 +set protocols bgp group CONNECTOR neighbor 10.39.10.1 description "vmx7-cust1-ce1 R&E Peering" +set protocols bgp group CONNECTOR neighbor 10.39.10.1 import vmx7-cust1-ce1-BGP-IN +set protocols bgp group CONNECTOR neighbor 10.39.10.1 export vmx7-cust1-ce1-BGP-OUT +set protocols bgp group CONNECTOR neighbor 10.39.10.1 peer-as 65151 +set protocols bgp group INTERNET2 type internal +set protocols bgp group INTERNET2 local-address 10.39.8.10 +set protocols bgp group INTERNET2 family inet flow +set protocols bgp group INTERNET2 family inet any +set protocols bgp group INTERNET2 family inet-vpn unicast +set protocols bgp group INTERNET2 family inet-vpn flow +set protocols bgp group INTERNET2 family inet6-vpn unicast +set protocols bgp group INTERNET2 peer-as 65150 +set protocols bgp group INTERNET2 neighbor 10.39.8.15 +set protocols bgp group INTERNET2 neighbor 10.39.8.14 +set protocols bgp group INTERNET2 neighbor 10.39.8.13 +set protocols bgp group INTERNET2 neighbor 10.39.8.12 +set protocols isis reference-bandwidth 1000g +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/1.0 +set protocols isis interface ge-0/0/2.0 +set protocols isis interface ge-0/0/3.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp port-description-type interface-alias +set protocols lldp interface all +deactivate policy-options policy-statement nslab-tsg-bgp-in term 10 from route-filter 0.0.0.0/32 exact +set policy-options policy-statement nslab-tsg-bgp-in term 10 from route-filter 163.253.39.160/27 exact +set policy-options policy-statement nslab-tsg-bgp-in term 10 then accept +set policy-options policy-statement nslab-tsg-bgp-in then reject +set policy-options policy-statement nslab-tsg-bgp-out term 10 from protocol aggregate +set policy-options policy-statement nslab-tsg-bgp-out term 10 then accept +set policy-options policy-statement nslab-tsg-bgp-out term 20 then reject +set policy-options policy-statement nslab-tsg-bgp-out then reject +set policy-options policy-statement vmx7-cust1-ce1-BGP-IN term 10 from route-filter 172.168.8.0/24 exact +set policy-options policy-statement vmx7-cust1-ce1-BGP-IN term 10 then accept +set policy-options policy-statement vmx7-cust1-ce1-BGP-IN then reject +set policy-options policy-statement vmx7-cust1-ce1-BGP-OUT then accept +set routing-instances NTP instance-type vrf +set routing-instances NTP interface lo0.4 +set routing-instances NTP route-distinguisher 10.39.8.10:123 +set routing-instances NTP vrf-target target:123:123 +set routing-instances NTP vrf-table-label +set routing-instances NTP routing-options flow route test_vrf then discard +set routing-instances NTP routing-options flow route test_vrf match source 2.2.2.1/32 +set routing-instances NTP routing-options flow term-order standard \ No newline at end of file diff --git a/backup/vmx2_config.2018-04-18@13:54:20 b/backup/vmx2_config.2018-04-18@13:54:20 new file mode 100644 index 0000000..7670d06 --- /dev/null +++ b/backup/vmx2_config.2018-04-18@13:54:20 @@ -0,0 +1,44 @@ +set version 15.1F6.9 +set system host-name nslab-vmx2 +set system root-authentication encrypted-password "$5$7Z4KJmOq$Gfcu80MW1h04eXYAT08jw6FY3YJ4qUFK.nH.OeQBjH9" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system syslog user * any emergency +set system syslog user * match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" +set system syslog file messages any notice +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set system ntp boot-server 192.241.206.171 +set system ntp server 10.39.8.14 +set system ntp source-address 10.39.8.11 +set chassis fpc 0 lite-mode +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx1 ge-0/0/0" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.20/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx4 ge-0/0/0" +set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.26/31 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx5:ge-0/0/2" +set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.36/31 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces fxp0 unit 0 family inet address 10.39.0.23/20 +set interfaces lo0 unit 0 family inet address 10.39.8.11/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8011.00 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set protocols isis reference-bandwidth 1000g +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/1.0 +set protocols isis interface ge-0/0/2.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp interface all \ No newline at end of file diff --git a/backup/vmx3_config.2018-04-18@13:54:23 b/backup/vmx3_config.2018-04-18@13:54:23 new file mode 100644 index 0000000..c79ecfe --- /dev/null +++ b/backup/vmx3_config.2018-04-18@13:54:23 @@ -0,0 +1,72 @@ +set version 15.1F6.9 +set system host-name nslab-vmx3 +set system root-authentication encrypted-password "$5$T4cqYSkh$kzSdkdnZGussQSb/c3MoJmKCyVVUjEN1KfObDwfhNoC" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system services netconf rfc-compliant +set system syslog user * any emergency +set system syslog file messages any notice +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set system ntp server 10.39.8.14 +set chassis fpc 0 lite-mode +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx4 ge-0/0/0" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.28/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx2 ge-0/0/1" +set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.27/31 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx8 ge-0/0/0" +set interfaces ge-0/0/2 unit 0 +set interfaces ge-0/0/3 description trex-port1 +set interfaces ge-0/0/3 unit 0 family inet address 2.2.2.2/24 +set interfaces fxp0 unit 0 family inet address 10.39.0.24/20 +set interfaces lo0 unit 0 family inet address 10.39.8.12/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8012.00 +set interfaces lo0 unit 4 family inet address 3.3.3.3/32 +set snmp community public authorization read-only +set snmp community public routing-instance NTP +set snmp routing-instance-access access-list * +set snmp traceoptions file snmp +set snmp traceoptions flag all +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options flow term-order standard +set routing-options router-id 10.39.8.12 +set routing-options autonomous-system 65150 +set protocols rsvp interface ge-0/0/0.0 +set protocols mpls label-switched-path vmx3-to-vmx1 to 10.39.8.10 +set protocols mpls interface ge-0/0/0.0 +set protocols bgp group INTERNET2 type internal +set protocols bgp group INTERNET2 local-address 10.39.8.12 +set protocols bgp group INTERNET2 family inet flow +set protocols bgp group INTERNET2 family inet any +set protocols bgp group INTERNET2 family inet-vpn unicast +set protocols bgp group INTERNET2 family inet-vpn flow +set protocols bgp group INTERNET2 family inet6-vpn unicast +set protocols bgp group INTERNET2 peer-as 65150 +set protocols bgp group INTERNET2 neighbor 10.39.8.15 +set protocols bgp group INTERNET2 neighbor 10.39.8.14 +set protocols bgp group INTERNET2 neighbor 10.39.8.13 +set protocols bgp group INTERNET2 neighbor 10.39.8.10 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/1.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp interface all +set routing-instances NTP instance-type vrf +set routing-instances NTP interface lo0.4 +set routing-instances NTP route-distinguisher 10.39.8.12:123 +set routing-instances NTP vrf-target target:123:123 +set routing-instances NTP vrf-table-label +set routing-instances NTP routing-options flow term-order standard \ No newline at end of file diff --git a/backup/vmx4_config.2018-04-18@13:54:21 b/backup/vmx4_config.2018-04-18@13:54:21 new file mode 100644 index 0000000..ca23b0e --- /dev/null +++ b/backup/vmx4_config.2018-04-18@13:54:21 @@ -0,0 +1,64 @@ +set version 15.1F6.9 +set system host-name nslab-vmx4 +set system root-authentication encrypted-password "$5$B6X5NhtH$wGQuvhwZRwdG9q1p3vvzgcFAmpjGhcVJSOC0RWbBxBB" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system syslog user * any emergency +set system syslog file messages any notice +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set system ntp server 10.39.8.14 +set chassis fpc 0 lite-mode +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx3 ge-0/0/0" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.29/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description "1000BaseT to nsdev-vmx5 ge-0/0/0" +set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.30/31 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces fxp0 unit 0 family inet address 10.39.0.25/20 +set interfaces lo0 unit 0 family inet address 10.39.8.13/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8013.00 +set interfaces lo0 unit 4 family inet address 4.4.4.4/32 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options router-id 10.39.8.13 +set routing-options autonomous-system 65150 +set protocols rsvp interface ge-0/0/1.0 +set protocols rsvp interface ge-0/0/0.0 +set protocols mpls label-switched-path vmx4-vmx6 to 10.39.8.15 +set protocols mpls label-switched-path vmx4-to-vmx-5 to 10.39.8.14 +set protocols mpls interface all +set protocols bgp local-address 10.39.8.13 +set protocols bgp log-updown +set protocols bgp group INTERNET2 type internal +set protocols bgp group INTERNET2 local-address 10.39.8.13 +set protocols bgp group INTERNET2 family inet any +set protocols bgp group INTERNET2 family inet-vpn unicast +set protocols bgp group INTERNET2 family inet6-vpn unicast +set protocols bgp group INTERNET2 peer-as 65150 +set protocols bgp group INTERNET2 neighbor 10.39.8.15 +set protocols bgp group INTERNET2 neighbor 10.39.8.14 +set protocols bgp group INTERNET2 neighbor 10.39.8.10 +set protocols bgp group INTERNET2 neighbor 10.39.8.12 +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/1.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp interface all +set routing-instances NTP instance-type vrf +set routing-instances NTP interface lo0.4 +set routing-instances NTP route-distinguisher 10.39.8.13:123 +set routing-instances NTP vrf-target target:123:123 +set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/backup/vmx5_config.2018-04-18@13:54:23 b/backup/vmx5_config.2018-04-18@13:54:23 new file mode 100644 index 0000000..5fbccf7 --- /dev/null +++ b/backup/vmx5_config.2018-04-18@13:54:23 @@ -0,0 +1,86 @@ +set version 15.1F6.9 +set system host-name nslab-vmx5 +set system root-authentication encrypted-password "$5$dtzjbbOB$kRjqCbWTMGPGR182yFSH/yD1dUEt7uKn1DHEaQUWgt6" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system syslog user * any emergency +set system syslog user * match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" +set system syslog file messages any any +set system syslog file messages authorization info +set system syslog file messages match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" +set system syslog file interactive-commands interactive-commands any +set system ntp server 132.163.97.4 +deactivate system ntp server 132.163.97.4 +set system ntp server 10.39.8.14 +deactivate system ntp server 10.39.8.14 +set system ntp server 129.6.15.29 +deactivate system ntp server 129.6.15.29 +set system ntp server 10.39.8.10 +deactivate system ntp server 10.39.8.10 +set system ntp server 163.253.39.173 +set chassis fpc 0 lite-mode +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx4 ge-0/0/1" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.31/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx6 ge-0/0/0" +set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.32/31 +set interfaces ge-0/0/1 unit 0 family iso +set interfaces ge-0/0/1 unit 0 family mpls +set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx2:ge-0/0/2" +set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.37/31 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces fxp0 unit 0 family inet address 10.39.0.26/20 +set interfaces lo0 unit 0 family inet address 10.39.8.14/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8014.00 +set interfaces lo0 unit 4 family inet filter input loopback-strict-in +set interfaces lo0 unit 4 family inet address 5.5.5.5/32 +set snmp community public authorization read-only +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options autonomous-system 65150 +set protocols rsvp interface ge-0/0/0.0 +set protocols rsvp interface ge-0/0/1.0 +set protocols mpls label-switched-path vmx5-to-vmx4 to 10.39.8.13 +set protocols mpls label-switched-path vmx5-to-vmx6 to 10.39.8.15 +set protocols mpls interface all +set protocols bgp log-updown +set protocols bgp group INTERNET2 type internal +set protocols bgp group INTERNET2 local-address 10.39.8.14 +set protocols bgp group INTERNET2 family inet any +set protocols bgp group INTERNET2 family inet-vpn unicast +set protocols bgp group INTERNET2 family inet6-vpn unicast +set protocols bgp group INTERNET2 peer-as 65150 +set protocols bgp group INTERNET2 neighbor 10.39.8.15 +set protocols bgp group INTERNET2 neighbor 10.39.8.13 +set protocols bgp group INTERNET2 neighbor 10.39.8.10 +set protocols bgp group INTERNET2 neighbor 10.39.8.12 +set protocols isis reference-bandwidth 1000g +set protocols isis level 1 disable +set protocols isis level 2 wide-metrics-only +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/1.0 +set protocols isis interface ge-0/0/2.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp interface all +set firewall family inet filter loopback-strict-in term lsp-ping-discard from port 3503 +set firewall family inet filter loopback-strict-in term lsp-ping-discard then count lsp-ping-discard +set firewall family inet filter loopback-strict-in term lsp-ping-discard then log +set firewall family inet filter loopback-strict-in term lsp-ping-discard then discard +set firewall family inet filter loopback-strict-out term block-nist from address 129.6.15.29/32 +set firewall family inet filter loopback-strict-out term block-nist then count nist +set firewall family inet filter loopback-strict-out term block-nist then discard +set firewall family inet filter loopback-strict-out term accept then accept +set routing-instances NTP instance-type vrf +set routing-instances NTP interface lo0.4 +set routing-instances NTP route-distinguisher 10.39.8.14:123 +set routing-instances NTP vrf-target target:123:123 +set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/backup/vmx6_config.2018-04-18@13:54:22 b/backup/vmx6_config.2018-04-18@13:54:22 new file mode 100644 index 0000000..2143a71 --- /dev/null +++ b/backup/vmx6_config.2018-04-18@13:54:22 @@ -0,0 +1,70 @@ +set version 15.1F6.9 +set system host-name nsdev-vmx6 +set system root-authentication encrypted-password "$5$qRd0mli.$29xCBLe2nBf4MX2awxZA7wf6yD4kx5OTHyge.b9iGmA" +set system login user rancid uid 2000 +set system login user rancid class super-user +set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" +set system login user salt uid 2001 +set system login user salt class super-user +set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" +set system services ssh protocol-version v2 +set system services netconf ssh +set system syslog user * any emergency +set system syslog file messages any notice +set system syslog file messages authorization info +set system syslog file interactive-commands interactive-commands any +set system ntp server 10.39.8.14 +set chassis fpc 0 lite-mode +set chassis network-services enhanced-ip +set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx5 ge-0/0/1" +set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.33/31 +set interfaces ge-0/0/0 unit 0 family iso +set interfaces ge-0/0/0 unit 0 family mpls +set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx10-cust4-ce1 ge-0/0/0" +set interfaces ge-0/0/1 unit 0 +set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx1 ge-0/0/3" +set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.35/31 +set interfaces ge-0/0/2 unit 0 family iso +set interfaces ge-0/0/2 unit 0 family mpls +set interfaces ge-0/0/3 description unused +set interfaces ge-0/0/4 unit 0 +set interfaces fxp0 unit 0 family inet address 10.39.0.27/20 +set interfaces lo0 unit 0 family inet address 10.39.8.15/32 +set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8015.00 +set interfaces lo0 unit 4 family inet address 6.6.6.6/32 +set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 +set routing-options static route 0.0.0.0/0 no-readvertise +set routing-options static route 0.0.0.0/0 preference 255 +set routing-options static route 16.0.0.0/8 next-hop 1.1.1.1 +set routing-options static route 48.0.0.0/8 next-hop 2.2.2.1 +set routing-options router-id 10.39.8.15 +set routing-options autonomous-system 65150 +set protocols rsvp interface ge-0/0/0.0 +set protocols rsvp interface ge-0/0/2.0 +set protocols mpls label-switched-path vmx6-vmx4 to 10.39.8.13 +set protocols mpls label-switched-path vmx6-to-vmx5 to 10.39.8.14 +set protocols mpls label-switched-path vmx6-to-vmx1 to 10.39.8.10 +set protocols mpls interface all +set protocols bgp log-updown +set protocols bgp group INTERNET2 type internal +set protocols bgp group INTERNET2 local-address 10.39.8.15 +set protocols bgp group INTERNET2 family inet any +set protocols bgp group INTERNET2 family inet-vpn unicast +set protocols bgp group INTERNET2 family inet6-vpn unicast +set protocols bgp group INTERNET2 peer-as 65150 +set protocols bgp group INTERNET2 neighbor 10.39.8.14 +set protocols bgp group INTERNET2 neighbor 10.39.8.13 +set protocols bgp group INTERNET2 neighbor 10.39.8.10 +set protocols bgp group INTERNET2 neighbor 10.39.8.12 +set protocols isis level 2 wide-metrics-only +set protocols isis level 1 disable +set protocols isis interface ge-0/0/0.0 +set protocols isis interface ge-0/0/2.0 +set protocols isis interface lo0.0 +set protocols lldp port-id-subtype interface-name +set protocols lldp interface all +set routing-instances NTP instance-type vrf +set routing-instances NTP interface lo0.4 +set routing-instances NTP route-distinguisher 10.39.8.15:123 +set routing-instances NTP vrf-target target:123:123 +set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/facts.yml b/facts.yml new file mode 100644 index 0000000..6d2d219 --- /dev/null +++ b/facts.yml @@ -0,0 +1,14 @@ +--- + +- name: Network Getting Started First Playbook + hosts: vmx + gather_facts: false + tasks: + + - name: Get config for JunOS devices + junos_facts: + when: ansible_network_os == 'junos' + register: results + + - name: Display facts + debug: var=results diff --git a/facts_napalm.yml b/facts_napalm.yml new file mode 100644 index 0000000..1389b49 --- /dev/null +++ b/facts_napalm.yml @@ -0,0 +1,18 @@ +--- + +- name: Get NAPALM Facts + hosts: vmx + gather_facts: false + tasks: + + - name: Get facts + napalm_get_facts: + hostname: "{{ ansible_host }}" + username: "{{ ansible_user }}" + dev_os: "{{ ansible_network_os }}" + optional_args: + key_file: "{{ ansible_ssh_private_key_file }}" + register: results + + - name: Display facts + debug: var=results diff --git a/group_vars/junos b/group_vars/junos new file mode 100644 index 0000000..5d8a140 --- /dev/null +++ b/group_vars/junos @@ -0,0 +1,5 @@ +--- +ansible_connection: netconf +ansible_network_os: junos +ansible_user: salt +ansible_ssh_private_key_file: /srv/salt/ssh/id_rsa diff --git a/hosts b/hosts new file mode 100644 index 0000000..eba9a4a --- /dev/null +++ b/hosts @@ -0,0 +1,41 @@ +--- +all: + children: + junos: + children: + vmx: + hosts: + vmx1: + ansible_host: 10.39.8.10 + vmx2: + ansible_host: 10.39.8.11 + vmx3: + ansible_host: 10.39.8.12 + vmx4: + ansible_host: 10.39.8.13 + vmx5: + ansible_host: 10.39.8.14 + vmx6: + ansible_host: 10.39.8.15 + mx5: + hosts: + mx5-1: + ansible_host: 10.39.8.1 + mx5-2: + ansible_host: 10.39.8.2 + mx5-3: + ansible_host: 10.39.8.3 + mx5-4: + ansible_host: 10.39.8.4 + mx5-5: + ansible_host: 10.39.8.5 + mx5-6: + ansible_host: 10.39.8.6 + mx240: + hosts: + mx240-1: + ansible_host: 10.39.8.7 + mx240-2: + ansible_host: 10.39.8.8 + mx240-3: + ansible_host: 10.39.8.9 diff --git a/hosts.ini b/hosts.ini new file mode 100644 index 0000000..b4cd2a4 --- /dev/null +++ b/hosts.ini @@ -0,0 +1,11 @@ +[vmx] +vmx1 ansible_host=10.39.8.10 +vmx2 ansible_host=10.39.8.11 +vmx3 ansible_host=10.39.8.12 +vmx4 ansible_host=10.39.8.13 +vmx5 ansible_host=10.39.8.14 +vmx6 ansible_host=10.39.8.15 + +[junos:children] +vmx + diff --git a/show.yml b/show.yml new file mode 100644 index 0000000..821a6a3 --- /dev/null +++ b/show.yml @@ -0,0 +1,15 @@ +--- + +- name: Network Getting Started First Playbook + hosts: vmx + gather_facts: false + tasks: + + - name: show bgp summary + junos_command: + commands: show bgp summary + display: xml + when: ansible_network_os == 'junos' + register: _ + + - debug: msg="{{ _ }}"