A collection of Ansible roles and playbooks to provision, sketch and backup a network running Junos OS, without the need of manually feeding extra data to represent the physical topology.
MIT License
DRY Ansible for Network Automation (DANA) is a collection of Ansible roles and playbooks that allow you to provision, sketch and backup a network running Junos OS, without the need of manually feeding extra data to represent the physical topology.
This is achieved by leveraging a topology inspection role that automatically discovers every link and interface that connect all the devices of particular Ansible group.
The primary goal of this project is to assist network (and DevOps) engineers who need to deploy a testing network quickly, reliably and with as few manual inputs as possible.
Another intent is to illustrate some practical examples of how the Junos OS Automation stack can be integrated with open source building blocks such as Ansible, Python and Jinja2;
Don't Repeat Yourself (DRY) is the core paradigm driving this project:
Suppose you spent few hours in the lab cabling up the following network topology for testing purposes.
The switches only got your Lab default configuration, which includes management and loopback interfaces.
Your ultimate goal is to configure an IP Fabric:
The playbook pb_provision_ebgp_underlay is what you need:
ip_underlay
in your inventory file (hosts.ini) in which you include the devices that must be# hosts.ini
[ip_underlay]
qfx5120-1
qfx5120-2
qfx5120-3
qfx5120-4
qfx5200-1
qfx5200-2
ansible-playbook pb_provision_ebgp_underlay.yml -i hosts.ini -t push_config
The tag push_config
tells the playbook to both generate and commit the configuration to the remote devices.
You can omit this tag if you only want to generate the files locally. They will be stored in a folder
_ebgp_underlay_config in your inventory directory.
A quick summary of what just happened:
You can find out more about how the discovery is carried out and how you can tune the default variables to suite your needs in the Usage section of the documentation below.
The leaf device qfx5120-1 in this example will be provisioned with the following configuration:
interfaces {
xe-0/0/1 {
mtu 9216;
unit 0 {
family inet {
address 10.100.0.0/31;
}
}
}
xe-0/0/2 {
mtu 9216;
unit 0 {
family inet {
address 10.100.0.2/31;
}
}
}
}
protocols {
bgp {
group ebgp-underlay {
type external;
family inet {
unicast;
}
multipath {
multiple-as;
}
export pl-local_loopback;
local-as 4200000101;
neighbor 10.100.0.1 {
description qfx5200-1;
peer-as 4200000106;
}
neighbor 10.100.0.3 {
description qfx5200-2;
peer-as 4200000105;
}
}
}
}
policy-options {
policy-statement pl-local_loopback {
term 1 {
from {
protocol direct;
interface lo0.0;
}
then accept;
}
}
policy-statement ECMP {
then {
load-balance per-packet;
}
}
}
routing-options {
forwarding-table {
export ECMP;
}
}
On the machine that you want to use as Ansible controller (can be your laptop or a dedicated server/VM):
Clone or download this repository;
Make sure Python 3.7 (or above) is installed, or create and activate a Python 3 virtual environment (recommended when running Ansible locally);
Install the requirements
pip install -r requirements.txt
At this point you are ready to execute the playbooks.
Each individual operation is defined as a custom Ansible role. Roles are then imported across different ready-to-use playbooks.
You can use this project in two ways:
You can check each individual playbook documentation for more details and examples: