Example playbooks for demo (#21)

* Example playbooks for demo * add task for detach
cisco-en-programmability · Aug 13, 2024 · 57a9afd · 57a9afd
1 parent 06d7959
commit 57a9afd
Show file tree

Hide file tree

Showing 7 changed files with 329 additions and 8 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -26,6 +26,9 @@ mock_modules:
   - cisco.catalystwan.cli_templates
   - cisco.catalystwan.device_templates
   - cisco.catalystwan.devices_info
+  - cisco.catalystwan.feature_templates
+  - cisco.catalystwan.device_templates_info
+  - cisco.catalystwan.feature_templates_info
 #   - zuul_return
 #   # note the foo.bar is invalid as being neither a module or a collection
 #   - fake_namespace.fake_collection.fake_module

diff --git a/.gitignore b/.gitignore
@@ -1,17 +1,15 @@
 .vscode
+ansible_catalystwan_module.log
+ansible_catalystwan.log
 ansible.log
 poetry.lock
 run
 playbooks/shared/
 playbooks/results/
 playbooks/aws/results/
 playbooks/azure/results/
-playbooks/ansible_catalystwan.log
-playbooks/aws/ansible_catalystwan.log
-playbooks/azure/ansible_catalystwan.log
-playbooks/ansible_catalystwan_module.log
-playbooks/azure/ansible_catalystwan_module.log
-playbooks/aws/ansible_catalystwan_module.log
 vault-password.txt
 playbooks/catalystwan.log
 playbooks/sdwan_config_dev.yml
+playbooks/templates_examples/output_backup_device_configuration
+playbooks/templates_examples/output_backup_running_config
diff --git a/playbooks/backup_restore/restore_running_config.yml b/playbooks/backup_restore/restore_running_config.yml
@@ -6,8 +6,6 @@
 - name: Testing playbook to verify backup & restore operations
   hosts: localhost
   gather_facts: false
-  vars_files:
-    - configuration_file_dev_vars.yml
   vars:
     manager_authentication: &manager_authentication
       url: # your manager url

diff --git a/playbooks/templates_examples/backup_workflow.yml b/playbooks/templates_examples/backup_workflow.yml
@@ -0,0 +1,75 @@
+# --- Backup device configuration workflow --- #
+
+# Scenario includes following operations:
+
+# Backup device configuration (device/feature templates and policies)
+# Removal all Non-Default templates
+# Restore all templates from backup directory
+
+---
+
+- name: Backup device configuration workflow
+  hosts: localhost
+  gather_facts: false
+  vars_files:
+    - configuration_file.yml
+  vars:
+    manager_authentication: &manager_authentication
+      url: "{{ (vmanage_instances | first).mgmt_public_ip }}"
+      username: "{{ (vmanage_instances | first).admin_username }}"
+      password: "{{ (vmanage_instances | first).admin_password }}"
+  tasks:
+    - name: Perform backup of all non factory default Device Templates (no filters == backup non factory default)
+      cisco.catalystwan.device_templates_recovery:
+        mode: backup
+        backup_dir_path: ./output_backup_device_configuration
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Get all Device Templates that are not attached to any device and are Feature based
+      cisco.catalystwan.device_templates_info:
+        filters:
+          devices_attached: 0
+          factory_default: false
+          config_type: template
+        manager_credentials:
+          <<: *manager_authentication
+      register: device_templates
+
+    - name: Delete selected Device Templates from vManage
+      cisco.catalystwan.device_templates:
+        state: absent
+        template_name: "{{ device_template.name }}"
+        manager_credentials:
+          <<: *manager_authentication
+      loop: "{{ device_templates.templates_info | default([], True) }}"
+      loop_control:
+        loop_var: device_template
+      when: device_templates.templates_info | length > 0
+
+    - name: Get all Non-Default Feature Templates available
+      cisco.catalystwan.feature_templates_info:
+        filters:
+          factory_default: false
+          devices_attached: 0
+        manager_credentials:
+          <<: *manager_authentication
+      register: feature_templates
+
+    - name: Delete all Non-Default Feature templates
+      cisco.catalystwan.feature_templates:
+        state: absent
+        template_name: "{{ template.name }}"
+        manager_credentials:
+          <<: *manager_authentication
+      loop: "{{ feature_templates.templates_info | default([], true) }}"
+      loop_control:
+        loop_var: template
+        label: "template: {{ template.name }}"
+
+    - name: Restore configuration from provided backup directory
+      cisco.catalystwan.device_templates_recovery:
+        mode: restore
+        backup_dir_path: ./output_backup_device_configuration
+        manager_credentials:
+          <<: *manager_authentication
diff --git a/playbooks/templates_examples/configuration_file.yml b/playbooks/templates_examples/configuration_file.yml
@@ -0,0 +1,11 @@
+---
+
+vmanage_instances:
+  - admin_password: # password
+    admin_username: # user
+    mgmt_public_ip: # mgmt_public_ip
+
+template_data:
+  admin_password: # admin_password
+  admin_username: # admin_username
+  vsmart_hostname: # vsmart_hostname
diff --git a/playbooks/templates_examples/creation_workflow.yml b/playbooks/templates_examples/creation_workflow.yml
@@ -0,0 +1,180 @@
+# --- Templates creation and attachment - created from Feature Templates --- #
+
+# Scenario includes following operations:
+
+# Create Following templates for vSmart devices:
+# - AAA
+# - System
+# - VPN - VPN 0
+# - VPN - VPN 512
+# - VPN Interface - VPN 0
+# - VPN Interface - VPN 512
+# Create Device Template for vSmart
+# Attach Device Template for vSmart
+
+
+- name: Workflow for Templates creation and attachment - created from Feature Templates
+  hosts: localhost
+  gather_facts: false
+  vars_files:
+    - configuration_file.yml
+  vars:
+    manager_authentication: &manager_authentication
+      url: "{{ (vmanage_instances | first).mgmt_public_ip }}"
+      username: "{{ (vmanage_instances | first).admin_username }}"
+      password: "{{ (vmanage_instances | first).admin_password }}"
+  tasks:
+    - name: Create AAA Template for vSmart devices
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "AAA_for_vSmart"
+        template_description: "AAA Template"
+        device_models: vsmart
+        aaa:
+          auth_fallback: false
+          admin_auth_order: false
+          accounting: false
+          usergroup:
+            - name: basic
+              task:
+                - mode: system
+                  permission:
+                    - read
+                - mode: interface
+                  permission:
+                    - read
+            - name: netadmin
+              task: []
+            - name: operator
+              task:
+                - mode: system
+                  permission:
+                    - read
+                - mode: interface
+                  permission:
+                    - read
+                - mode: policy
+                  permission:
+                    - read
+                - mode: routing
+                  permission:
+                    - read
+                - mode: security
+                  permission:
+                    - read
+          user:
+            - name: "{{ template_data.admin_username }}"
+              password: "{{ template_data.admin_password }}"
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create System Template for vSmart devices
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "System_for_vSmart"
+        template_description: "System Template"
+        device_specific_variables:
+          site_id: "side_id_variable"
+        device_models: vsmart
+        system_vsmart:
+          site_id: device_specific_variable
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create VPN template for vSmart devices - VPN 0
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "VPN_0_for_vSmart"
+        template_description: "VPN_0 Template"
+        device_models: vsmart
+        vpn_vsmart:
+          vpn_id: 0
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create VPN template for vSmart devices - VPN 512
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "VPN_512_for_vSmart"
+        template_description: "VPN_512 Template"
+        device_models: vsmart
+        vpn_vsmart:
+          vpn_id: 512
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create VPN Interface template for vSmart devices - VPN 0
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "VPN_0_Interface_for_vSmart"
+        template_description: "VPN_0 Interface Template"
+        device_models: vsmart
+        vpn_vsmart_interface:
+          if_name: eth1
+          shutdown: false
+          dhcp_ipv4_client: true
+          dhcp: true
+          dns: true
+          icmp: true
+          sshd: true
+          netconf: true
+          ntp: false
+          stun: false
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create VPN Interface template for vSmart devices - VPN 512
+      cisco.catalystwan.feature_templates:
+        state: present
+        template_name: "VPN_512_Interface_for_vSmart"
+        template_description: "VPN_512 Interface Template"
+        device_models: vsmart
+        vpn_vsmart_interface:
+          if_name: eth0
+          shutdown: false
+          dhcp_ipv4_client: true
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Create example Device Template for vSmart
+      cisco.catalystwan.device_templates:
+        state: present
+        template_name: "vSmart-test-device-template"
+        template_description: "vSmart-test-device-template"
+        device_type: vsmart
+        general_templates:
+          - name: "System_for_vSmart"
+            subtemplates:
+              - "Factory_Default_Logging_Template_V01"
+          - name: "AAA_for_vSmart"
+          - name: "Factory_Default_vSmart_OMP_Template"
+          - name: "Factory_Default_vSmart_vManage_Security_Template"
+          - name: "VPN_0_for_vSmart"
+            subtemplates:
+              - "VPN_0_Interface_for_vSmart"
+          - name: "VPN_512_for_vSmart"
+            subtemplates:
+              - "VPN_512_Interface_for_vSmart"
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Attach example Device Template to vSmart
+      cisco.catalystwan.device_templates:
+        state: attached
+        template_name: "vSmart-test-device-template"
+        device_type: vsmart
+        hostname: "{{ template_data.vsmart_hostname }}"
+        device_specific_vars:
+          - "//system/site-id": "333"
+          - "//system/host-name": "{{ template_data.vsmart_hostname }}"
+          - "//system/system-ip": "192.168.2.1"
+          - "//system/ipv6-strict-control": false
+        manager_credentials:
+          <<: *manager_authentication
+
+    - name: Detach example Device Template from vSmart
+      cisco.catalystwan.device_templates:
+        state: detached
+        hostname: "{{ template_data.vsmart_hostname }}"
+        manager_credentials:
+          <<: *manager_authentication
diff --git a/playbooks/templates_examples/running_config_workflow.yml b/playbooks/templates_examples/running_config_workflow.yml
@@ -0,0 +1,56 @@
+# --- Running config for cEdge devices workflow --- #
+
+# Scenario includes following operations:
+
+# Backup running config to CWD directory
+# Reuse running configuration to create templates
+# Attach backup templates
+
+---
+
+- name: Running config workflow
+  hosts: localhost
+  gather_facts: false
+  vars_files:
+    - configuration_file.yml
+  vars:
+    manager_authentication: &manager_authentication
+      url: "{{ (vmanage_instances | first).mgmt_public_ip }}"
+      username: "{{ (vmanage_instances | first).admin_username }}"
+      password: "{{ (vmanage_instances | first).admin_password }}"
+  tasks:
+    - name: Backup running-config for all c8000V devices with default backup dir (in CWD)
+      cisco.catalystwan.devices_info:
+        backup: true
+        backup_dir_path: ./output_backup_running_config
+        filters:
+          personality: "vedge"
+        manager_credentials:
+          <<: *manager_authentication
+      register: backup_info
+
+    - name: Using backup files, create CLI templates for each Edge device
+      cisco.catalystwan.cli_templates:
+        state: present
+        template_name: "backup-template-{{ device_item.filename }}"
+        template_description: "Template for {{ device_item.hostname }} created from backup file."
+        config_file: "{{ device_item.backup_path }}"
+        device_model: vedge-C8000V
+        manager_credentials:
+          <<: *manager_authentication
+      loop: "{{ backup_info.backup_paths }}"
+      loop_control:
+        loop_var: device_item
+      when: backup_info.backup_paths | length > 0
+
+    - name: Attach backup templates to the Edge devices
+      cisco.catalystwan.device_templates:
+        state: attached
+        template_name: "backup-template-{{ device_item.filename }}"
+        hostname: "{{ device_item.hostname }}"
+        manager_credentials:
+          <<: *manager_authentication
+      loop: "{{ backup_info.backup_paths }}"
+      loop_control:
+        loop_var: device_item
+      when: backup_info.backup_paths | length > 0