Gain insights into automating network reconnaissance, orchestrating repetitive changes, and transforming network configuration management. Discover CI/CD pipeline migration for full network automation.

ansibleFinal1.tar.gz

gitjob

CIPhosts

CIPhosts-copy

gather_info

gather_important_facts

facts_to_md

facts_to_csv_html

tools

frr01

frr02

first_gather_important_facts

​​Network automation begins with automating network reconnaissance. This is accomplished by gathering important information from network devices while building a library of dynamic on-demand utilities and generating living documentation. Starting small, the course exhibits the simplicity and elegance of network automation.

Next, you will learn how to automate larger changes that require a high number of repetitive steps. These changes will be executed serially in a specific orchestrated order, making them perfect for an automated solution. After gaining comfort with the new tools, you can fully transform network configuration management to an automated, intent-based, self-documenting system.

The final step is learning how to migrate to a continuous integration/continuous delivery (CI/CD) pipeline, thereby fully automating the network.

Automate Your Network

# Start gathering information
Gathering information about network devices and logical topology are the
next steps to network automation. The Ansible/Cisco `ios_facts` module is used to gather platform information, while the `ios_command` module is used to run commands and gather output. These are foundational
steps to build upon.

# Sample enterprise network topology 
The illustration below shows sample network topology typically used by enterprises:


This illustration shows the layers of the sample network:


# Start automating the network

Before we start making changes to the repo, make sure to create a new branch.

1. Create a new branch called **campus_ios_facts**.

2. Perform a `git pull` to refresh the local repository.

3. Change to the `campus_ios_facts` branch just created using `git checkout`.


>### Warning
>Embedding passwords in plain text is never a good idea and is always a
security concern. Therefore, it's considered a bad practice and There are ways, specifically **vaulting**, to
protect system account passwords that provide access to the network
device CLI. For the sake of educating and being able to proceed without
vaulting in this course, use this method for
now. **Vaulting** also prompts for a password at run time, which may
interfere with full automation.
>
>The best option is to "hard-code" it into a fresh repository after
vaulting passwords and secrets. Migrate all folders and files, without
the git history, into a fresh repository without passwords being
visible. To get started, either hard-code or prompt for credentials.
>
>An alternative method is to prompt the user for credentials at run time.
Hard-code the service account username and prompt for the password when
the Ansible playbook is executed. This approach is secure, although it offers
less flexibility for full automation, as a password is required at runtime. Ansible `vars_prompt` can be used to create interactive
playbooks that prompt the user for username and password.
>
>Be aware that as soon as Git commits the local changes, the password
becomes visible in the clear as part of the branch. After a pull request is merged, the password becomes available in clear text as part of the master branch. **This history cannot be deleted**. It is part of the Git
version control.

4. Navigate to `/group_vars/`. A file called `all.yml` will hold the username and password with credentials that will allow Ansible
to log into the devices.

Let's get started with network reconnaissance for network automation. 

Gathering Information

Let's get started with network reconnaissance for network automation.

Introduction

What Is Network Automation?

Why Automate the Network?

How to Automate the Network

Where to Start with Network Automation

Repository Structure

Network Reconnaissance

Tactical Playbooks

Data Models and Dynamic Templates

Dynamic Intent-Based Documentation

Configuration Management

Continuous Integration/Continuous Delivery

Conclusion

Gathering Information

Start gathering information