Skip to content

Commit

Permalink
Add switch creation playbook
Browse files Browse the repository at this point in the history
  • Loading branch information
@knewell
knewell committed Nov 5, 2020
1 parent c857fd5 commit cdcb992
Show file tree
Hide file tree
Showing 33 changed files with 1,960 additions and 207 deletions.
36 changes: 36 additions & 0 deletions esxi-switches.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
- name: Create internode vswitches
hosts: "{{ variable_hosts }}"
serial: 1
tags: node_switches
gather_facts: no
vars_files:
- group_vars/vmware
- switch-list-input.yml
tasks:
- name: Create the vswitch
vmware_vswitch:
hostname: "{{ esxi_hostname }}"
username: "{{ esxi_username }}"
password: "{{ esxi_password }}"
esxi_hostname: "{{ esxi_hostname }}"
validate_certs: False
switch_name: "{{ item }}"
mtu: 9000
loop: "{{ switches }}"
delegate_to: localhost
- name: Create the portgroup
vmware_portgroup:
hostname: "{{ esxi_hostname }}"
username: "{{ esxi_username }}"
password: "{{ esxi_password }}"
esxi_hostname: "{{ esxi_hostname }}"
validate_certs: False
switch_name: "{{ item }}"
portgroup_name: "{{ item }}"
security:
promiscuous_mode: True
forged_transmits: True
mac_changes: True
vlan_id: 4095
loop: "{{ switches }}"
delegate_to: localhost
141 changes: 141 additions & 0 deletions files/nessus/config/nessus-vmx1-config.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@

version VERSION
system {
host-name nessus-vmx1;
no-redirects;
root-authentication {
encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA
}
login {
user salt {
uid 2001;
class super-user;
authentication {
encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
}
extension-service {
request-response {
grpc {
clear-text;
max-connections 8;
skip-authentication;
}
}
}
netconf {
ssh;
traceoptions {
file nc.txt size 1m world-readable;
flag all;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
network-services enhanced-ip;
}
interfaces {
ge-0/0/0 {
description "nessus-vmx1"
unit 0 {
family inet {
address 10.0.0.0/31
}
family inet6;
family mpls;
family iso;
}
}

fxp0 {
description "OOB to MGMT Network";
unit 0 {
family inet {
address 10.39.0.200/21;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family inet6 {
address fec0:0:0:1111::1/128;
}

family iso {
address 49.0001.0010.0100.1001.00;
}

}
}
}
routing-options {
router-id 192.168.0.1;
autonomous-system 65000;
forwarding-table {
export LOAD-BALANCE;
}
static {
route 0.0.0.0/0 {
next-hop 10.39.0.1;
no-readvertise;
preference 255;
}
}
}
protocols {
isis {
source-packet-routing {
srgb start-label 16000 index-range 8000;
node-segment {
ipv4-index 401;
ipv6-index 601;
}
}
level 1 disable;
level 2 wide-metrics-only;
interface ge-0/0/0.0 {
point-to-point;
level 2 metric 1000;
}
interface lo0.0 {
passive;
}
}
mpls {
interface ge-0/0/0.0;
}
lldp {
port-id-subtype interface-name;
neighbour-port-info-display port-id;
interface ge-0/0/0;
}
}
policy-options {
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
}
}
}
24 changes: 24 additions & 0 deletions files/nessus/nessus_nodes.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
common:
bgp_asn: 65000
gateway: 10.39.0.1
nodes:
nessus-vmx1:
asn: 65000
iso: 49.0001.0010.0100.1001.00
links:
ge-0/0/0.0:
cost: 1000
ip: 10.0.0.0
iso: true
mask: 31
mpls: true
remote: nessus-vmx1
vlan: 0
mgmt: 10.39.0.200
rid: 192.168.0.1
rid6: fec0:0:0:1111::1
sid: 401
sid6: 601
switches:
- nessus-vmx1-0--nessus-vmx1-1
- nessus-vmx1-0--nessus-vmx1-1
40 changes: 40 additions & 0 deletions files/nessus/tasks/nessus-vmx1_task.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
- name: Update vmx networking
vmware_guest:
hostname: "{{ esxi_hostname }}"
username: "{{ esxi_username }}"
password: "{{ esxi_password }}"
esxi_hostname: "{{ esxi_hostname }}"
validate_certs: False
name: "nessus-vmx1-vfpc"
folder: /
datastore: datastore2
networks:
- name: NS-DEV-NAT
- name: "nessus-vmx1-br-int"
- name: "nessus-vmx1-0--nessus-vmx1-1"
device_type: vmxnet3
- name: "nessus-vmx1-0--nessus-vmx1-1"
device_type: vmxnet3
- name: "DUMMY"
start_connected: False
- name: "nessus-vmx1-0--nessus-vmx1-1"
device_type: vmxnet3
- name: "nessus-vmx1-0--nessus-vmx1-1"
device_type: vmxnet3
- name: "DUMMY"
start_connected: False
- name: "DUMMY"
start_connected: False
- name: "DUMMY"
start_connected: False
- name: "DUMMY"
start_connected: False
- name: "DUMMY"
start_connected: False
- name: "DUMMY"
start_connected: False
hardware:
num_cpus: 3
memory_mb: 8192
state: present
delegate_to: localhost
5 changes: 0 additions & 5 deletions files/ova/README-fullk9-R-XRV9000-701.txt
View file

This file was deleted.

2 changes: 0 additions & 2 deletions files/ova/ubuntu-bionic-18.04-cloudimg.mf
View file

This file was deleted.

Loading

0 comments on commit cdcb992

Please sign in to comment.