From 53fa6fa3599da52f722274a982e3191cff08e3fd Mon Sep 17 00:00:00 2001
From: Todd Ruch <toddruch@me.com>
Date: Mon, 13 Jan 2025 16:47:32 -0500
Subject: [PATCH] Added Network Backups to show using validated content to back
 up network devices (#214)

Co-authored-by: Todd Ruch <truch@redhat.com>
---
 network/README.md  | 12 ++++++++-
 network/backup.yml | 63 ++++++++++++++++++++++++++++++++++++++++++++++
 network/hosts      | 42 +++++++++++++++++++++++++++++++
 network/setup.yml  | 24 +++++++++++++++---
 4 files changed, 137 insertions(+), 4 deletions(-)
 create mode 100644 network/backup.yml
 create mode 100644 network/hosts

diff --git a/network/README.md b/network/README.md
index 0450ae8..aa3df66 100644
--- a/network/README.md
+++ b/network/README.md
@@ -12,6 +12,8 @@
 This category of demos shows examples of network operations and management with Ansible Automation Platform. The list of demos can be found below. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
 - [**NETWORK / Configuration**](https://github.com/nleiva/ansible-net-modules/blob/main/main.yml) - Deploy golden configurations for different resources to Cisco IOS, IOSXR, and NXOS.
 
+To run the demos, deploy them using Infrastructure as Code, run either the "Product Demos | Multi-demo setup" or the "Product Demos | Single demo setup" and select 'Network' in the "Product Demos" deployment, or utilize the steps in the repo level README.
+
 ### Project
 
 These demos leverage playbooks from a [git repo](https://github.com/nleiva/ansible-net-modules) that is added as the **`Network Golden Configs`** Project in your Ansible Controller. Review this repo for the playbooks to configure different resources and network config templates that will be configured.
@@ -25,7 +27,7 @@ A **`Demo Inventory`** is created when setting up these demos and a dynamic sour
 ## Suggested Usage
 
 **NETWORK / Report** - Use this job to gather facts from Cisco Network devices and create a report with information about the device such as code version, along with configuration information about layers 1, 2, and 3.  This shows how Ansible can be used to gather facts and build reports.  Generating html pages is just one potential output.  This information can be used in a number of ways, such as integration with different network management tools.
-  - to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server.  This will ask you for an SSH public key.  After running this playbook, you will need to add the SSH private key to the **`Demo Credential`** before you can run the report, so it can connect to the report server.
+  - to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server.  If using a demo.redhat.com Product Demos instance you should use the public key provided in the demo page in the Bastion Host Credentials section. If you are using a different environment, you may need to update the "Demo Credential".
 
 **NETWORK / Configuration** - Use this job to execute different [Ansible Network Resource Modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html) to deploy golden configs. Below is a list of the different resources the can be configured with a link to their golden config.
   - [acls](https://github.com/nleiva/ansible-net-modules/blob/main/acls.cfg)
@@ -77,3 +79,11 @@ A **`Demo Inventory`** is created when setting up these demos and a dynamic sour
   },
   "_ansible_no_log": false
 }
+
+**NETWORK / BACKUP** - Use this job to show how Ansible can be used to backup network devices using Red Hat validated content. Job Template will create a backup file on the reports server where they can be viewed as a webpage.  This is just an example - backups can also be sent to other repositories such as a Git repo (Github, Gitlab, etc).
+
+To run this demo, you will need to complete a couple of prerequisites:
+  - to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server.
+  - If using a demo.redhat.com Product Demos instance you should use the public key provided in the demo page in the 'Bastion Host Credentials' section. If you are using a different environment, you may need to update the "Demo Credential".
+  - This works with Product Demos for AAP v2.5; which includes the "Product Demos EE" includes the \
+  network.backup collection.
\ No newline at end of file
diff --git a/network/backup.yml b/network/backup.yml
new file mode 100644
index 0000000..f304128
--- /dev/null
+++ b/network/backup.yml
@@ -0,0 +1,63 @@
+---
+- name: Create network reports server
+  hosts: reports
+  become: true
+
+  tasks:
+    - name: Build report server
+      ansible.builtin.include_role:
+        name: "{{ item }}"
+      loop:
+        - demo.patching.report_server
+
+    - name: Create a backup directory if it does not exist
+      run_once: true
+      ansible.builtin.file:
+        path: "/var/www/html/backups"
+        state: directory
+        owner: ec2-user
+        group: ec2-user
+        mode: '0755'
+
+- name: Play to Backup Cisco Always-On Network Devices
+  hosts: routers
+  gather_facts: false
+  vars:
+    report_server: reports
+    backup_dir: "/tmp/network_backups"
+
+  tasks:
+    - name: Network Backup and Resource Manager
+      ansible.builtin.include_role:
+        name: network.backup.run
+      vars:  # noqa var-naming[no-role-prefix]
+        operation: backup
+        type: full
+        data_store:
+          local: "{{ backup_dir }}"
+
+    # This task removes the Current configuration... from the top of IOS routers show run
+    - name: Remove non config lines - regexp
+      delegate_to: localhost
+      ansible.builtin.lineinfile:
+        path: "{{ backup_dir }}/{{ inventory_hostname }}.txt"
+        line: "Building configuration..."
+        state: absent
+
+    - name: Copy backup file
+      delegate_to: "{{ report_server }}"
+      ansible.builtin.copy:
+        src: "{{ backup_dir }}/{{ inventory_hostname }}.txt"
+        dest: "/var/www/html/backups/{{ inventory_hostname }}.cfg"
+        backup: true
+        owner: ec2-user
+        group: ec2-user
+        mode: '0644'
+
+    - name: Review backup on report server
+      delegate_to: "{{ report_server }}"
+      run_once: true
+      ansible.builtin.debug:
+        msg: "To review backed up configurations, go to http://{{ ansible_host }}/backups/"
+
+...
diff --git a/network/hosts b/network/hosts
new file mode 100644
index 0000000..89445ac
--- /dev/null
+++ b/network/hosts
@@ -0,0 +1,42 @@
+[ios]
+sandbox-iosxe-latest-1.cisco.com
+
+[ios:vars]
+ansible_network_os=cisco.ios.ios
+ansible_password=C1sco12345
+ansible_ssh_password=C1sco12345
+ansible_port=22
+ansible_user=admin
+
+[iosxr]
+sandbox-iosxr-1.cisco.com
+
+[iosxr:vars]
+ansible_network_os=cisco.iosxr.iosxr
+ansible_password=C1sco12345
+ansible_ssh_pass=C1sco12345
+ansible_port=22
+ansible_user=admin
+
+[nxos]
+sbx-nxos-mgmt.cisco.com
+sandbox-nxos-1.cisco.com
+
+[nxos:vars]
+ansible_network_os=cisco.nxos.nxos
+ansible_password=Admin_1234!
+ansible_ssh_pass=Admin_1234!
+ansible_port=22
+ansible_user=admin
+
+[routers]
+sbx-nxos-mgmt.cisco.com
+sandbox-nxos-1.cisco.com
+sandbox-iosxr-1.cisco.com
+sandbox-iosxe-latest-1.cisco.com
+
+[routers:vars]
+ansible_connection=ansible.netcommon.network_cli
+
+[webservers]
+reports ansible_host=ec2-18-118-189-162.us-east-2.compute.amazonaws.com ansible_user=ec2-user
diff --git a/network/setup.yml b/network/setup.yml
index af3fedd..d48a1e5 100644
--- a/network/setup.yml
+++ b/network/setup.yml
@@ -11,7 +11,9 @@ controller_projects:
     scm_type: git
     scm_url: https://github.com/nleiva/ansible-net-modules
     update_project: true
-    wait: true
+    wait: false
+    controller_request_timeout: 20
+    controller_configuration_async_retries: 40
     default_environment: Networking Execution Environment
 
 controller_inventories:
@@ -23,8 +25,8 @@ controller_inventory_sources:
     source: scm
     inventory: Demo Inventory
     overwrite: true
-    source_project: Network Golden Configs
-    source_path: hosts
+    source_project: Ansible Product Demos
+    source_path: network/hosts
 
 controller_templates:
   - name: NETWORK / Configuration
@@ -33,6 +35,8 @@ controller_templates:
     survey_enabled: true
     project: Network Golden Configs
     playbook: main.yml
+    credentials:
+      - "Demo Credential"
     execution_environment: Networking Execution Environment
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
@@ -95,9 +99,23 @@ controller_templates:
     inventory: Demo Inventory
     project: "Ansible Product Demos"
     playbook: "network/compliance.yml"
+    credentials:
+      - "Demo Credential"
     notification_templates_started: Telemetry
     notification_templates_success: Telemetry
     notification_templates_error: Telemetry
     use_fact_cache: true
     ask_job_type_on_launch: true
     survey_enabled: true
+
+  - name: "NETWORK / Backup"
+    job_type: run
+    organization: Default
+    inventory: Demo Inventory
+    project: "Ansible Product Demos"
+    playbook: "network/backup.yml"
+    credentials:
+      - "Demo Credential"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry