I mean I guess I can build them all out and may be easier, however I was
hoping to figure out this iterative process mostly because I'm looking at
rolling out somewhere around 100 appliances across the globe (not just
proxySG), that will all need similar interface tweaks.
On Friday, February 23, 2018 at 12:47:57 PM UTC-8, Andrew Latham wrote:
>
> One of the many methods is to scp or sftp the full config as a template to
> the device and save as startup or running config and reload it. Then you
> don't need to muck around with as much expect logic.
>
> On Fri, Feb 23, 2018 at 2:42 PM, Jonathan Umpleby <umpl...@gmail.com
> <javascript:>> wrote:
>
>> So here's an example:
>>
>>
>>
>> enable
>> *<password>*
>> config terminal
>> appliance-name "*proxy1*"
>>
>> interface 0:0 ;mode
>> label "MGMT"
>> ip-address *10.0.0.100* 255.255.255.0
>> exit
>>
>> interface 1:0 ;mode
>> label "unused"
>> reject-inbound enable
>> disable
>> exit
>>
>> interface 1:1 ;mode
>> label "VLAN TAG#"
>> ip-address *10.0.0.10* 255.255.255.128
>> native-vlan #
>> exit
>>
>> interface 2:0 ;mode
>> label "unused"
>> reject-inbound enable
>> disable
>> exit
>>
>> interface 2:1 ;mode
>> label "VLAN TAG#"
>> ip-address *10.0.0.140* 255.255.255.128
>> native-vlan #
>> exit
>>
>> Now, obviously the items in bold are values that need to be customized in
>> the ansible script. So I don't think I can put this into the response
>> file, unless I can somehow pass values into a response file for example:
>>
>> NAME-file (list of 10 machine names)
>> MGMT-file (IP address the mgmt port)
>> if1:1-file (IP addresses of this interface)
>> if2:1-file (IP address of the third interface)
>>
>> It was either that, or possibly figuring out a way to do a for loop style
>> playbook where each loop would target the next machine in the list.
>> Fortunately, the IP addresses for these devices are sequential.
>>
>> ----
>> Jon
>>
>>
>> On Friday, February 23, 2018 at 7:52:48 AM UTC-8, Kai Stian Olstad wrote:
>>>
>>> On Thursday, 22 February 2018 19.44.51 CET Jonathan Umpleby wrote:
>>> > So, I'm new to ansible, and I'm hoping to find ways to meet a
>>> > customize-able CLI deployment scenario, where 99% of the commands are
>>> the
>>> > same across devices, but a handful will be unique.
>>> >
>>> > I was originally thinking about using a single response file would
>>> cover
>>> > the 99% (in my example I'm trying to configure multiple ProxySG's at
>>> the
>>> > same time).
>>> >
>>> >
>>> > There are really two unknowns here (possibly 3).
>>> >
>>> > The first:
>>> >
>>> > I need to configure 3 network interfaces across 12 devices, all having
>>> a
>>> > different IP's and subnet masks. Is there a way to sequentially pull
>>> this
>>> > from a list lets say I have response files like:
>>> >
>>> > interface 1 list
>>> >
>>> > 10.0.0.100 - coordinates to the first device
>>> > 10.0.0.101
>>> > etc
>>> >
>>> > interface 2 list
>>> > 10.0.1.100
>>> > 10.0.1.101
>>> >
>>> > or what would be the best way to accomplish this kind of task.
>>>
>>> The information is a little sparse so it difficult to give a exact
>>> answer.
>>> Ansible can loop over list and dictionary, and a combination of them.
>>>
>>> Variables can be assign to host/device or to group, how you structure it
>>> depends on what you are trying to do.
>>>
>>>
>>> > The second:
>>> >
>>> > I'd like for obvious reasons, not store passwords in the playbook
>>> >
>>> >
>>> > If I added something like this:
>>> >
>>> > vars_prompt:
>>> > - name: 'enable_password'
>>> > prompt: 'Enable password:'
>>> > private: yes
>>> > encrypt: 'sha512_crypt'
>>> > confirm: yes
>>> > salt_size: 7
>>> >
>>> >
>>> > how would I use this in the script. After I ssh into the device I
>>> would
>>> > need to type a password for the enable which is what i'm trying to
>>> then
>>> > present through the script in a secure way.
>>>
>>> vars_prompt create a variable with the name you give in name: that
>>> contain the content.
>>> You use is with {{ enable_password }} in Ansible.
>>>
>>> Since you need to do this interactively you need to use the expect
>>> module.
>>>
>>>
>>> --
>>> Kai Stian Olstad
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-proje...@googlegroups.com <javascript:>.
>> To post to this group, send email to ansible...@googlegroups.com
>> <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/518f5c57-f72d-444a-b907-f07a8c00b948%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/518f5c57-f72d-444a-b907-f07a8c00b948%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> - Andrew "lathama" Latham -
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7385c216-d66a-4ba4-a588-2450e05ff506%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
