ptoal/product-demos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Resolve issue #107 to restore network report demo (#175)

Browse Source 
Co-authored-by: Todd Ruch <truch@redhat.com>
Co-authored-by: Chris Edillon <67980205+jce-redhat@users.noreply.github.com>
This commit is contained in:
Todd Ruch
2024-09-18 11:27:11 -04:00
committed by GitHub
parent 0c4030d932
commit a359559cb2
5 changed files with 64 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml
View File

@@ -6,32 +6,34 @@
mode: "0755"
- name: Create HTML report
check_mode: false
ansible.builtin.template:
src: report.j2
dest: "{{ file_path }}/network.html"
mode: "0644"
check_mode: false
- name: Copy CSS over
check_mode: false
ansible.builtin.copy:
src: "css"
dest: "{{ file_path }}"
directory_mode: true
mode: "0775"
check_mode: false
- name: Copy logos over
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ file_path }}"
directory_mode: true
mode: "0644"
loop:
- "webpage_logo.png"
- "redhat-ansible-logo.svg"
- "router.png"
loop_control:
loop_var: logo
check_mode: false
ansible.builtin.copy:
src: "{{ logo }}"
dest: "{{ file_path }}"
directory_mode: true
mode: "0644"
# - name: Display link to Linux patch report
# ansible.builtin.debug:
# msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/network.html"
- name: Display link to Linux patch report
ansible.builtin.debug:
msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/network.html"

12
collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml
View File

@@ -2,14 +2,6 @@
- name: Include system variables
ansible.builtin.include_vars: "{{ ansible_system }}.yml"
- name: Permit traffic in default zone for http service
ansible.posix.firewalld:
service: http
permanent: true
state: enabled
immediate: true
check_mode: false
- name: Install httpd package
ansible.builtin.yum:
name: httpd
@@ -30,8 +22,10 @@
mode: "0644"
check_mode: false
- name: Install httpd service
- name: Start httpd service
ansible.builtin.service:
name: httpd
state: started
check_mode: false
...

45
network/README.md
View File

@@ -18,12 +18,15 @@ These demos leverage playbooks from a [git repo](https://github.com/nleiva/ansib
### Inventory
These demos leverage "always-on" instances for Cisco IOS, IOSXR, and NXOS from [Cisco DevNet Sandboxes](https://developer.cisco.com/docs/sandbox/#!getting-started/always-on-sandboxes). These instances are shared and do not provide admin access but they are instantly avaible all the time meaning not setup time is required.
These demos leverage "always-on" instances for Cisco IOS, IOSXR, and NXOS from [Cisco DevNet Sandboxes](https://developer.cisco.com/docs/sandbox/#!getting-started/always-on-sandboxes). These instances are shared and do not provide admin access but they are instantly avaible all the time meaning no setup time is required.
A **`Network Inventory`** is created when setting up these demos and a dynamic source is added to populate the Always-On instances. Review the inventory file [here](https://github.com/nleiva/ansible-net-modules/blob/main/hosts).
A **`Demo Inventory`** is created when setting up these demos and a dynamic source is added to populate the Always-On instances. Review the inventory file [here](https://github.com/nleiva/ansible-net-modules/blob/main/hosts). Demo Inventory is the default inventory for **`Product Demos`**.
## Suggested Usage
**NETWORK / Report** - Use this job to gather facts from Cisco Network devices and create a report with information about the device such as code version, along with configuration information about layers 1, 2, and 3. This shows how Ansible can be used to gather facts and build reports. Generating html pages is just one potential output. This information can be used in a number of ways, such as integration with different network management tools.
- to run this you will first need to run the **`Deploy Cloud Stack in AWS`** job template to deploy the report server. This will ask you for an SSH public key. After running this playbook, you will need to add the SSH private key to the **`Demo Credential`** before you can run the report, so it can connect to the report server.
**NETWORK / Configuration** - Use this job to execute different [Ansible Network Resource Modules](https://docs.ansible.com/ansible/latest/network/user_guide/network_resource_modules.html) to deploy golden configs. Below is a list of the different resources the can be configured with a link to their golden config.
- [acls](https://github.com/nleiva/ansible-net-modules/blob/main/acls.cfg)
- [banner](https://github.com/nleiva/ansible-net-modules/blob/main/banner.cfg)
@@ -36,3 +39,41 @@ A **`Network Inventory`** is created when setting up these demos and a dynamic s
- [prefix_lists](https://github.com/nleiva/ansible-net-modules/blob/main/prefix_lists.cfg)
- [snmp](https://github.com/nleiva/ansible-net-modules/blob/main/snmp.cfg)
- [user](https://github.com/nleiva/ansible-net-modules/blob/main/user.cfg)
**NETWORK / DISA STIG** - Use this job to run the DISA STIG role (in check mode) and show how Ansible can be used for configuration compliance of network devices. Click into tasks to see what is changed for each compliance rule, i.e.:
{
"changed": true,
"warnings": [
"To ensure idempotency and correct diff the input configuration lines should be similar to how they appear if present in the running configuration on device"
],
"commands": [
"ip http max-connections 2"
],
"updates": [
"ip http max-connections 2"
],
"banners": {},
"invocation": {
"module_args": {
"defaults": true,
"lines": [
"ip http max-connections 2"
],
"match": "line",
"replace": "line",
"multiline_delimiter": "@",
"backup": false,
"save_when": "never",
"src": null,
"parents": null,
"before": null,
"after": null,
"running_config": null,
"intended_config": null,
"backup_options": null,
"diff_against": null,
"diff_ignore_lines": null
}
},
"_ansible_no_log": false
}

6
network/report.yml
View File

@@ -21,16 +21,12 @@
when: ansible_network_os == 'cisco.nxos.nxos'
- name: Gather all network resource and minimal legacy facts [Cisco IOS XR]
ignore_errors: true
cisco.iosxr.iosxr_facts:
gather_subset: min
gather_network_resources: all
when: ansible_network_os == 'cisco.iosxr.iosxr'
# # The dig lookup requires the python 'dnspython' library
# - name: Resolve IP address
# ansible.builtin.set_fact:
# ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}"
- name: Create network reports
hosts: "{{ report_server }}"
become: true

17
network/setup.yml
View File

@@ -15,28 +15,21 @@ controller_projects:
default_environment: Networking Execution Environment
controller_inventories:
- name: Network Inventory
- name: Demo Inventory
organization: Default
controller_inventory_sources:
- name: DevNet always-on sandboxes
source: scm
inventory: Network Inventory
inventory: Demo Inventory
overwrite: true
source_project: Network Golden Configs
source_path: hosts
controller_hosts:
- name: node1
inventory: Network Inventory
variables:
ansible_user: rhel
ansible_host: node1
controller_templates:
- name: NETWORK / Configuration
organization: Default
inventory: Network Inventory
inventory: Demo Inventory
survey_enabled: true
project: Network Golden Configs
playbook: main.yml
@@ -70,7 +63,7 @@ controller_templates:
- name: "NETWORK / Report"
job_type: check
organization: Default
inventory: Network Inventory
inventory: Demo Inventory
project: "Ansible official demo project"
playbook: "network/report.yml"
notification_templates_started: Telemetry
@@ -99,7 +92,7 @@ controller_templates:
- name: "NETWORK / DISA STIG"
job_type: check
organization: Default
inventory: Network Inventory
inventory: Demo Inventory
project: "Ansible official demo project"
playbook: "network/compliance.yml"
notification_templates_started: Telemetry