Fatal编程技术网
  • ansible/
  • Ansible 关于提高我的剧本效率的建议?

Ansible 关于提高我的剧本效率的建议?

ansible

Ansible 关于提高我的剧本效率的建议?,ansible,cisco,Ansible,Cisco,开始尝试使用Ansible并使用Playbook在网络设备上自动化一些常规任务。我能够在这个过程中学习一些基本的东西,但我知道我的知识是有限的,所以当我看到这个剧本以及有多少东西看起来是多余的时,我不得不假设有更好的方法来消除一些多余的东西,使事情更干净、更高效 我想尝试使用并解释的示例是关于在一组设备上配置一个新的vlan,以便了解一些想法 通常,首先需要在两个分发交换机上配置一个新的vlan,然后在这两个交换机上有我们必须添加vlan的特定接口 因此,对于第一部分,在我的hosts文件中,有

开始尝试使用Ansible并使用Playbook在网络设备上自动化一些常规任务。我能够在这个过程中学习一些基本的东西,但我知道我的知识是有限的,所以当我看到这个剧本以及有多少东西看起来是多余的时,我不得不假设有更好的方法来消除一些多余的东西,使事情更干净、更高效

我想尝试使用并解释的示例是关于在一组设备上配置一个新的vlan,以便了解一些想法

通常,首先需要在两个分发交换机上配置一个新的vlan,然后在这两个交换机上有我们必须添加vlan的特定接口

因此,对于第一部分,在我的hosts文件中,有两个主机位于一个名为“dist”的组中:

[dist]
DIST01 ansible_host=10.10.1.1
DIST02 ansible_host=10.10.1.2
然后,我在我的剧本中创建了以下内容:

- name: Add Heartbeat VLAN to DIST
  hosts: dist
  connection: local
  gather_facts: no

  tasks:
  - name: Include Login Credentials
    include_vars: secrets.yml

  - name: Define Provider
    set_fact:
      provider:
        host: "{{ ansible_host }}"
        username: "{{ creds['username'] }}"
        password: "{{ creds['password'] }}"

  tasks:
    - name: Ensure VLAN Exists
      provider: "{{ provider }}"
      nxos_vlan: vlan_id="2600" state=present host={{ ansible_host }}

    - name: Ensure VLAN Name Configured
      provider: "{{ provider }}"
      nxos_vlan: vlan_id={{ item.vid }} name={{ item.name }} host={{ ansible_host }} state=present
      with_items:
        - { vid: 2600, name: Ansible Heartbeat VLAN }

    - name: ASSIGN VLAN TO TRUNK PORTS
      nxos_switchport:
        interface: "{{ item.interface }}"
        mode: trunk
        trunk_vlans: "{{ item.vlan }}"
        provider: "{{ provider }}"
      with_items: 
      - { interface: po850, vlan: 2600 }
      - { interface: po860, vlan: 2600 }
      - { interface: po865, vlan: 2600 }
      - { interface: po868, vlan: 2600 }
      - { interface: po871, vlan: 2600 }
      - { interface: po872, vlan: 2600 }
      - { interface: po875, vlan: 2600 }
      - { interface: po877, vlan: 2600 }
      - { interface: po884, vlan: 2600 }

tasks:
      - name: Include Login Credentials
        include_vars: secrets.yml

      - name: Define Provider
        set_fact:
          provider:
            host: "{{ ansible_host }}"
            username: "{{ creds['username'] }}"
            password: "{{ creds['password'] }}"
因此,对于该组中的每台主机,它会遍历接口/端口列表,并添加指定的vlan

问题1. 在我看来,第一件“效率低下”的事情是,我不认为在任何地方都必须指定“vlan:2600”是非常明智的

我认为我应该将vlan设置为一个变量(在剧本中?在其他被调用的文件中?)以便在需要它的情况下使用

下一组任务:

- { interface: po850, vlan: 2700 }
在上一个任务之后,下一个任务要求我们连接到需要部署vlan的每个接入交换机,并在那里配置新的vlan

我在这里遇到的问题是,每个交换机上的端口通道都是不同的接口。因此,我不能通过遍历设备列表来应用相同的配置

例如,我要做的是这样的事情:

host: ACCESS01    interface: po850    vlan: 2600
host: ACCESS02    interface: po860    vlan: 2600
host: ACCESS03    interface: po870    vlan: 2600

- name: ASSIGN VLAN TO TRUNK PORTS
  nxos_switchport:
    interface: "{{ item.interface }}"
    mode: trunk
    trunk_vlans: "{{ item.vlan | default('2600') }}"
    provider: "{{ provider }}"
  with_items: 
  - interface: po850
  - interface: po860
  - interface: po865
  - interface: po868
  - interface: po871
  - interface: po872
  - interface: po875
  - interface: po884
因此,对于每个主机/交换机,您将vlan添加到与该交换机关联的接口

我刚刚为每个设备创建了一个新任务,指定要为该交换机配置的接口

例如:

- name: Add Heartbeat VLAN to ACCESS01
  hosts: ACCESS01
  connection: local
  gather_facts: no

  tasks:
  - name: Include Login Credentials
    include_vars: secrets.yml

  - name: Define Provider
    set_fact:
      provider:
        host: "{{ ansible_host }}"
        username: "{{ creds['username'] }}"
        password: "{{ creds['password'] }}"

  tasks:
    - name: Ensure VLAN Exists
      provider: "{{ provider }}"
      nxos_vlan: vlan_id="2600" state=present host={{ ansible_host }}

    - name: Ensure VLAN Name Configured
      provider: "{{ provider }}"
      nxos_vlan: vlan_id={{ item.vid }} name={{ item.name }} host={{ ansible_host }} state=present
      with_items:
        - { vid: 2600, name: Ansible Heartbeat VLAN }

    - name: ASSIGN VLAN TO PORTS
      nxos_switchport:
        interface: "{{ item.interface }}"
        mode: trunk
        trunk_vlans: "{{ item.vlan }}"
        provider: "{{ provider }}"
      with_items: 
      - { interface: po850, vlan: 2600 }


- name: Add Heartbeat VLAN to ACCESS02
  hosts: ACCESS02
  connection: local
  gather_facts: no

  tasks:
  - name: Include Login Credentials
    include_vars: secrets.yml

  - name: Define Provider
    set_fact:
      provider:
        host: "{{ ansible_host }}"
        username: "{{ creds['username'] }}"
        password: "{{ creds['password'] }}"

  tasks:
    - name: Ensure VLAN Exists
      provider: "{{ provider }}"
      nxos_vlan: vlan_id="2600" state=present host={{ ansible_host }}

    - name: Ensure VLAN Name Configured
      provider: "{{ provider }}"
      nxos_vlan: vlan_id={{ item.vid }} name={{ item.name }} host={{ ansible_host }} state=present
      with_items:
        - { vid: 2600, name: Ansible Heartbeat VLAN }

    - name: ASSIGN VLAN TO PORTS
      nxos_switchport:
        interface: "{{ item.interface }}"
        mode: trunk
        trunk_vlans: "{{ item.vlan }}"
        provider: "{{ provider }}"
      with_items: 
      - { interface: po860, vlan: 2600 }

- name: Add Heartbeat VLAN to ACCESS03
  hosts: ACCESS03
  connection: local
  gather_facts: no

  tasks:
  - name: Include Login Credentials
    include_vars: secrets.yml

  - name: Define Provider
    set_fact:
      provider:
        host: "{{ ansible_host }}"
        username: "{{ creds['username'] }}"
        password: "{{ creds['password'] }}"

  tasks:
    - name: Ensure VLAN Exists
      provider: "{{ provider }}"
      nxos_vlan: vlan_id="2600" state=present host={{ ansible_host }}

    - name: Ensure VLAN Name Configured
      provider: "{{ provider }}"
      nxos_vlan: vlan_id={{ item.vid }} name={{ item.name }} host={{ ansible_host }} state=present
      with_items:
        - { vid: 2600, name: Ansible Heartbeat VLAN }

    - name: ASSIGN VLAN TO PORTS
      nxos_switchport:
        interface: "{{ item.interface }}"
        mode: trunk
        trunk_vlans: "{{ item.vlan }}"
        provider: "{{ provider }}"
      with_items: 
      - { interface: po870, vlan: 2600 }
所以你看。。。我知道,当我看到几乎相同的东西一次又一次地重复时,我不得不假设有更好的方法,而我只是还不知道如何独自解决

问题2。我认为有更好的方法来处理剧本中的每个任务重复以下内容:

- name: Add Heartbeat VLAN to DIST
  hosts: dist
  connection: local
  gather_facts: no

  tasks:
  - name: Include Login Credentials
    include_vars: secrets.yml

  - name: Define Provider
    set_fact:
      provider:
        host: "{{ ansible_host }}"
        username: "{{ creds['username'] }}"
        password: "{{ creds['password'] }}"

  tasks:
    - name: Ensure VLAN Exists
      provider: "{{ provider }}"
      nxos_vlan: vlan_id="2600" state=present host={{ ansible_host }}

    - name: Ensure VLAN Name Configured
      provider: "{{ provider }}"
      nxos_vlan: vlan_id={{ item.vid }} name={{ item.name }} host={{ ansible_host }} state=present
      with_items:
        - { vid: 2600, name: Ansible Heartbeat VLAN }

    - name: ASSIGN VLAN TO TRUNK PORTS
      nxos_switchport:
        interface: "{{ item.interface }}"
        mode: trunk
        trunk_vlans: "{{ item.vlan }}"
        provider: "{{ provider }}"
      with_items: 
      - { interface: po850, vlan: 2600 }
      - { interface: po860, vlan: 2600 }
      - { interface: po865, vlan: 2600 }
      - { interface: po868, vlan: 2600 }
      - { interface: po871, vlan: 2600 }
      - { interface: po872, vlan: 2600 }
      - { interface: po875, vlan: 2600 }
      - { interface: po877, vlan: 2600 }
      - { interface: po884, vlan: 2600 }

tasks:
      - name: Include Login Credentials
        include_vars: secrets.yml

      - name: Define Provider
        set_fact:
          provider:
            host: "{{ ansible_host }}"
            username: "{{ creds['username'] }}"
            password: "{{ creds['password'] }}"
问题#3,我是否可以在playbook或其他文件中列出这些数据,然后创建一个任务,该任务可以遍历数据以确定需要配置的端口

host: ACCESS01    interface: po850    vlan: 2600
host: ACCESS02    interface: po860    vlan: 2600
host: ACCESS03    interface: po870    vlan: 2600
在我看来,某种逻辑是这样的,如果“主机”等于“ACCESS01”,那么接口等于po850

因此,任务可能只是引用根据其当前工作的主机填充的变量

非常感谢任何关于改进剧本和我的知识的想法和建议。我想我正在寻找最“安西布尔主义”的方法来实现这一点。这不是一个词吧?

对于问题1,你可以这样使用:

host: ACCESS01    interface: po850    vlan: 2600
host: ACCESS02    interface: po860    vlan: 2600
host: ACCESS03    interface: po870    vlan: 2600

- name: ASSIGN VLAN TO TRUNK PORTS
  nxos_switchport:
    interface: "{{ item.interface }}"
    mode: trunk
    trunk_vlans: "{{ item.vlan | default('2600') }}"
    provider: "{{ provider }}"
  with_items: 
  - interface: po850
  - interface: po860
  - interface: po865
  - interface: po868
  - interface: po871
  - interface: po872
  - interface: po875
  - interface: po884
如果要将不同的vlan分配给一个或多个接口,则可以这样使用:

- { interface: po850, vlan: 2700 }
希望这对你有帮助