Getting Started with Network Automation Using Ansible
Learn the fundamentals of network automation with Ansible. This comprehensive guide covers inventory management, playbooks, and real-world examples.
Getting Started with Network Automation Using Ansible
Network automation is no longer optional—it's essential for modern infrastructure. In this guide, we'll explore how Ansible can transform your network operations.
Why Ansible for Network Automation?
Ansible offers several advantages for network engineers:
- Agentless - No software to install on network devices
- YAML-based - Human-readable configuration
- Idempotent - Safe to run multiple times
- Vendor-agnostic - Works with Cisco, Juniper, Arista, and more
Prerequisites
Before we begin, ensure you have:
- Python 3.8+ installed
- Ansible 2.9 or later
- Access to network devices (physical or virtual)
Installation
# Install Ansible via pip
pip install ansible
# Verify installation
ansible --version
Your First Network Playbook
Let's create a simple playbook to gather facts from Cisco devices:
---
# save as gather_facts.yml
- name: Gather Network Facts
hosts: all
gather_facts: false
connection: network_cli
vars:
ansible_network_os: ios
tasks:
- name: Get device facts
ios_facts:
gather_subset: all
- name: Display hostname
debug:
var: ansible_hostname
- name: Display interfaces
debug:
var: ansible_net_interfaces
Inventory Configuration
Create your inventory file:
# save as inventory
[switches]
192.168.1.1
192.168.1.2
[routers]
192.168.1.100
[all:vars]
ansible_user=admin
ansible_ssh_pass=your_password
ansible_become_pass=enable_password
Running the Playbook
# Dry run first
ansible-playbook gather_facts.yml --check
# Actually run it
ansible-playbook gather_facts.yml
Real-World Example: Backup Configuration
Here's a more practical playbook that backs up running configurations:
---
- name: Network Configuration Backup
hosts: all
gather_facts: false
connection: network_cli
vars:
backup_dir: /path/to/backups
tasks:
- name: Create backup directory
file:
path: "{{ backup_dir }}"
state: directory
mode: '0755'
- name: Fetch running config
ios_config:
backup: yes
backup_options:
filename: "{{ inventory_hostname }}-{{ ansible_date_time.date }}.cfg"
dir_path: "{{ backup_dir }}"
Best Practices
1. Use Ansible Vault for Secrets
# Create encrypted vault file
ansible-vault create group_vars/all/vault.yml
# Edit vault
ansible-vault edit group_vars/all/vault.yml
2. Organize with Group Variables
inventory/
group_vars/
all/
vault.yml # Secrets
global.yml # Global settings
switches/
switches.yml # Switch-specific
routers/
routers.yml # Router-specific
3. Use Dynamic Inventory
For cloud environments, use dynamic inventory plugins:
# aws_ec2.yml
plugin: amazon.aws.aws_ec2
regions:
- us-east-1
filters:
tag:Environment: production
Common Modules Reference
| Module | Purpose |
|--------|---------|
| ios_config | Configure Cisco IOS |
| ios_facts | Gather IOS facts |
| eos_config | Configure Arista EOS |
| junos_config | Configure Juniper Junos |
| netconf_config | Configure via NETCONF |
Next Steps
- Explore NAPALM - Network Automation with Python and LLMs
- Integrate with CI/CD - Test configurations before deployment
- Build custom modules - For vendor-specific needs
Resources
- Ansible Network Documentation
- Ansible Galaxy - Pre-built roles
- Network to Code - Community resources
Conclusion
Network automation with Ansible is accessible and powerful. Start small, automate one task at a time, and gradually expand your automation footprint.
Need help implementing network automation? We offer consulting services for network automation, security assessments, and infrastructure optimization. Get in touch.