[Ansible] CML을 이용한 Ansible 구축

1. CML 네트워크 구축

 

2. Ansible 구축(CentOS Stream 9)

• 의존성 Update

sudo dnf update -y

• EPEL(Extra Packages for Enterprise Linux) 저장소 설치

sudo dnf install epel-release -y

• Python3 및 pip 설치

sudo dnf install -y python3 python3-pip sudo pip3 install --upgrade pip setuptools

• Ansible 및 Ansible Galaxy 컬렉션 설치

sudo dnf install -y ansible ansible-galaxy collection install cisco.ios ansible.netcommon

• Ansible 관련 추가 라이브러리 설치

pip3 install ansible-pylibssh pip3 install paramiko

• ansible-core 설치

pip install --upgrade ansible-core

 

3. SSH 설정

• CentOS에 공개 키 및 정책 설정

ssh-keygen -t rsa -b 2048

update-crypto-policies --set LEGACY

 

4. 네트워크 장비에 SSH 설정

# usern cisco pas cisco # usern cisco priv 15 # lin vty 0 4 # tr i a # logi loc # exit # ip domain-n automation.com # cry key gen rsa # 2048

 

5. 공개 키 복사 및 접속

• 공개 키 복사

ssh-copy-id -i ~/.ssh/id_rsa.pub cisco@203.230.7.1

 

• SSH 접속

ssh cisco@203.230.7.1

 

 

6.  Ansible 파일 구성 및 실행

• Inventory 파일 : /etc/ansible/hosts

[routers] Router1 ansible_host=203.230.7.1 ansible_user=cisco ansible_password=cisco ansible_network_os=ios ansible_connection=network_cli Router2 ansible_host=203.230.8.2 ansible_user=cisco ansible_password=cisco ansible_network_os=ios ansible_connection=network_cli

• Python 인터프리터 경로 추가

[routers:vars] ansible_python_interpreter=/usr/libexec/platform-python

• Playbook 작성(check_interfaces.yml)

- name: Check Cisco interfaces   hosts: routers   gather_facts: no   tasks:     - name: Run "show ip int bri"       ios_command:         commands:           - show ip int bri         register: interface_output       - name: Display output       debug:         var: interface_output.stdout_lines

• Ansible Playbook 실행

ansible-playbook -i /etc/ansible/hosts check_interfaces.yml