Ansible Networking Modules - Executing Commands

Ansible Networking Modules –
Executing Commands
Ivan Pepelnjak (ip@ipSpace.net)

Network Architect
ipSpace.net AG
This material is copyrighted and licensed for the sole use by Mikel Maeso (mikel.maeso@gmail.com [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
Who is Ivan Pepelnjak (@ioshints)
Past
• Kernel programmer, network OS and web developer
• Sysadmin, database admin, network engineer, CCIE
• Trainer, course developer, curriculum architect
• Team lead, CTO, business owner
Present
• Network architect, consultant, blogger, webinar and book author
Focus
• SDN and network automation
• Large-scale data centers, clouds and network virtualization
• Scalable application design
• Core IP routing/MPLS, IPv6, VPN
More @ ipSpace.net/About
2 This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso (mikel.maeso@gmail.com
Network [85.87.178.33]).
Automation Workshop – Ansible More information at http://www.ipSpace.net/Webinars
for Networking devices
Ansible Support for Switches and Routers
Introduced in Ansible 2.1
• Similar interface for EOS, IOS, IOS-XR, NX-OS and Junos
• No abstraction – you have to deal with configuration differences
Common tasks (most platforms)

• Get device facts
• Manage system attributes (hostname, DNS)
• Command (execute arbitrary commands)
• Config (manage configurations)
 specify configuration commands and parent context
 configure from a source file (or template) – added in Ansible 2.2
 save configuration to startup configuration
 back up configuration before modifications

Network [85.87.178.33]).
Ansible Networking Modules (Ansible 2.2)
Switches and routers:
• Arista EOS
• Cisco IOS, IOS-XR, NX-OS
• Cumulus Linux
• Dell OS6, OS9, OS10
• Junos
• OpenSwitch
• Vyos
Load balancers: A10, Citrix, F5
Firewalls: ASA, Palo Alto (Galaxy)
Other:
• Open vSwitch
• NETCONF config

Network [85.87.178.33]).
Ansible Networking Modules (Ansible 2.3)
Switches and routers: Load balancers:
• Arista EOS • A10
• Cisco IOS, IOS-XR, NX-OS • Avi
• Cumulus Linux • Citrix
• Dell OS6, OS9, OS10 • F5
• Huawei Cloudengine
Firewalls:
• Junos
• ASA
• Lenovo CNOS
• Fortigate
• Nokia (ALU) SROS
• Palo Alto (Galaxy)
• OpenSwitch
• Pluribus Netvisor Other:
• Vyos • Apstra AOS
• Big Switch Bigmon
• Open vSwitch
• NETCONF config

Network [85.87.178.33]).
Ansible Networking Support (Vendor Specific)
Arista EOS:
• Execute EAPI calls (return JSON objects)
Junos:
• Enable NETCONF
• Install packages
Nexus OS:
• Manage features
• Execute NX-API calls
• Configure interfaces, IPv4 and IPv6 addresses, switchports, VLANs and VRFs…
(over 50 declarative intent modules)

Network [85.87.178.33]).
Connecting and
Authenticating
Connecting to a Device
---
- connection: local
tasks:
- nxos_command:
commands: show arp
transport: nxapi
• Ansible uses SSH to connect to a network device

• Some modules can use device-specific transport (NXAPI, eAPI…)
• Connection must be set to local
• Use delegate-to to execute on SSH proxy

Network [85.87.178.33]).
Specifying SSH Parameters
ansible.cfg
[defaults]
transport=local
[paramiko_connection]
look_for_keys=True|False
host_key_auto_add=True|False
record_host_keys=True|False
• Networking modules use paramiko library (cannot be changed)

• Specify paramiko parameters in environment variables or ansible.cfg
• Usual suspects: don’t use SSH keys, add keys to known_hosts
• Best practice: pre-populate known_hosts file
https://github.com/ipspace/NetOpsWorkshop/tree/master/tools/ssh-keys
Network [85.87.178.33]).
Connecting and Authenticating (Ansible 2.3)
---
- tasks:
- ios_command:
commands: show arp
authorize: yes|no
auth_pass: password
Ansible uses
• ansible_host or inventory_hostname as device host name or IP address
• ansible_user and ansible_ssh_pass to authenticate to the device
Most modules support
• authorize to enter enable mode (alternative: use user privilege level)
• auth_pass (or ANSIBLE_NET_AUTH_PASS) for enable password
10This material is copyrighted

Network [85.87.178.33]).
Connecting and Authenticating (Ansible 2.3)
ios-show-arp.yml
---
- connection: local
tasks:
- ios_command:
commands: show arp
hosts
r1.lab.local
r2.lab.local ansible_host=172.16.1.110
[all:vars]
ansible_user=cisco
ansible_ssh_pass=cisco

Network [85.87.178.33]).
Connecting and Authenticating (Ansible 2.1 – 2.2)
---
- hosts: ios
tasks:
- ios_command:
commands: show arp
host: "{{ansible_host|default(inventory_hostname)}}"
username: "{{ansible_user}}"
password: "{{ansible_ssh_pass}}"
All connection/authentication parameters were passed to network device module

• host: the device to connect to (IP address or FQDN)
• username and password used to authenticate to the device
• port used by SSH daemon and command timeout
• Optional transport, authorize and auth_pass parameters

Network [85.87.178.33]).
Connecting and Authenticating (Ansible 2.1 – 2.2)
---
- hosts: ios
tasks:
- ios_command:
commands: show arp
provider:
host: "{{ansible_host|default(inventory_hostname)}}"
password: "{{ansible_ssh_pass}}"
transport: cli
Alternative syntax:
• Specify connection parameters in provider dictionary
• Override specific parameters (if needed) in individual module calls

Network [85.87.178.33]).
Using Provider Dictionary
ios-show-arp.yml
---
- connection: local
tasks:
- ios_command:
commands: show arp
provider: "{{cli}}"
group_vars/all.yml
---
cli:
Alternative syntax:
password: "{{ansible_password}}"
• Specify
host:connection parameters in provider dictionary
"{{ansible_host|default(inventory_hostname)}}"
• Override
transport: cliparameters (if needed) in individual module calls
specific

Network [85.87.178.33]).
Executing Commands
Execute a Cisco IOS command
---
- hosts: ios
tasks:
- ios_command:
commands: show arp
host: "{{inventory_hostname}}"
username: cisco
password: cisco
• Use ios_command action to execute a command on Cisco IOS device

• Ansible uses SSH to connect to the device
• Mandatory parameters: host, username, password (or SSH keys)
Demo 1
Network [85.87.178.33]).
Execute a Cisco IOS command
$ ansible-playbook -v command-ios.yml

Network [85.87.178.33]).
Networking Modules: Multi-Vendor Support (IOS)
---
- hosts: ios
tasks:
- ios_command:
commands: show arp
provider: "{{cli}}"
# group_vars/ios.yml
---
Notes:
ansible_device_os: ios
• Cisco IOS devices are accessed via cli:
SSH (transport: cli)
• No other mechanisms are available password: "{{ansible_password}}"
• Results are returned as text strings host: "{{inventory_hostname}}"
transport: cli

Network [85.87.178.33]).
Networking Modules: Multi-Vendor Support (Nexus OS)
---
- hosts: nxos
tasks:
- nxos_command:
commands: show ip arp
provider: "{{cli}}"
# group_vars/nxos.yml
---
Notes:
ansible_device_os: nxos
• Cisco Nexus OS devices are cli:
accessed via SSH or NX-API
• Results are returned as text strings password: "{{ansible_password}}"
• JSON-formatted results can be host: "{{inventory_hostname}}"
transformed into Ansible objects
transport: cli

Network [85.87.178.33]).
Networking Modules: Multi-Vendor Support (Junos)
---
- hosts: junos
tasks:
- junos_command:
commands: show arp
provider: "{{netconf}}"
# group_vars/junos.yml
---
Notes:
ansible_device_os: junos
• Junos devices are accessed only via netconf:
NETCONF (using junos-eznc)
• Command printouts are received in password: "{{ansible_password}}"
XML format and transformed into
Ansible objects that can be used in host: "{{inventory_hostname}}"
further tasks transport: netconf
Demo 3
Network [85.87.178.33]).
Execute “show arp” on Multiple Platforms
$ ansible-playbook -v command-multi.yml

Network [85.87.178.33]).
Execute “show arp” on Multiple Platforms (2)

Network [85.87.178.33]).
Logging Commands Executed by Ansible
login on-success log

!
event manager applet CLIlog
event cli pattern ".*" sync no skip no
action 1.0 syslog priority informational msg "$_cli_msg"
action 2.0 set _exit_status "1"
Use logging features available on your networking device

• Log log-in attempts
• Log executed commands (TACACS+ or locally)
Demo 4
Network [85.87.178.33]).
Logging Commands Executed by Ansible
$ ansible-playbook -v command-ios-provider.yml
%SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: cisco]

[Source: 172.16.1.12] [localport: 22] at 08:37:06 UTC Tue
Aug 9 2016
%HA_EM-6-LOG: CLIlog: terminal length 0
%HA_EM-6-LOG: CLIlog: show arp
%SYS-6-LOGOUT: User cisco has exited tty session
579(172.16.1.12)

Network [85.87.178.33]).
Limit Commands Executed by Ansible
username ansible password 0 ansible

username ansible privilege 2 view Ansible
!
parser view Ansible
secret 5 $1$slTy$cA/Hk/M4F72Msr5BZaHzA/
commands exec include terminal length
commands exec include show arp
commands exec include show version
• Create Ansible user

• Use role-based access control (or commit scripts)

Network [85.87.178.33]).
Testing the Limited Command Set
---
---
- hosts: ios
tasks:
- ios_command:
This command should succeed
commands:
- show arp
username: ansible
password: ansible
- ios_command:
This command should fail
commands:
- show ip route
username: ansible
password: ansible
Demo 5
Network [85.87.178.33]).
Limit Commands Executed by Ansible
$ ansible-playbook -v command-ios-limited.yml

Network [85.87.178.33]).
Simple Command-
Based Playbooks
Check Device
Versions
Task: Check Device Version
• Define target software version in host or group variables
Compliance check:
• Log into individual devices
• Execute show version
• Compare printout with desired software version
• Report (or fail) when there’s a version mismatch

Network [85.87.178.33]).
Check Cisco IOS Version
---
- hosts: ios
tasks:
- ios_command:
commands: show version
provider: "{{cli}}"
register: result
- fail: msg="Wrong Cisco IOS version"
when: "not ('Version {{version}}' in result.stdout[0])"
---
ansible_device_os: ios
version: "15.5(4)M"
cli:
…
Demo 6
Network [85.87.178.33]).
Aside: Register Action Results
---
- hosts: ios
tasks:
- ios_command:
provider: "{{cli}}"
register: result
• Every Ansible action returns results

• These results are usually discarded
• To save the results for further use, use register option
• Register stores all results returned by an action as properties of the
specified variable

Network [85.87.178.33]).
Aside: Working with *_command Results
• All *_command actions return stdout and stdout_lines lists

• stdout list contains one string (Junos: object) per executed command
• stdout_lines list contains a list of lines per executed command
• junos_command also returns a list of XML results in the xml variable
To access string returned by first command and saved in variable result

use result.stdout[0]

Network [85.87.178.33]).
Check Cisco IOS Version
$ ansible-playbook check-version.yml

Network [85.87.178.33]).
Check Junos Version
---
- hosts: junos
tasks:
- junos_command:
register: result
- fail: msg="Wrong Junos version"
when: "not ('{{version}}' in result.stdout[0] 
['software-information'] 
['package-information'].comment)"
---
ansible_device_os: junos
version: "12.1X47"
Demo 7
Network [85.87.178.33]).
Aside: Working with junos_command Results
---
- fail: msg="Wrong Junos version"
when: "not ('{{version}}' in result.stdout[0] 
['software-information'] 
['package-information'].comment)"
• junos_command returns structured data (Python dictionary) for every

command executed
• To navigate through the result tree, use [‘name’] syntax when Junos uses
names that are not valid Python variables (ex: software-information)
• Use .name syntax when Junos property is a valid variable name
(ex: comment)

Network [85.87.178.33]).
Log Routers with Incorrect Software Version
---
- hosts: ios
tasks:
- ios_command:
provider: "{{cli}}"
register: result
- lineinfile:
dest: version_report.txt
regexp: "{{inventory_hostname}}"
line: "{{inventory_hostname}}: wrong IOS version"

Network [85.87.178.33]).
Aside: Adding Lines to Result Files
- lineinfile:
dest: version_report.txt
regexp: "{{inventory_hostname}}"
line: "{{inventory_hostname}}: wrong IOS version"
Lineinfile: ensure the specified line is in the specified file
dest  target file

regexp  regexp used to find exiting line in the file
line  new line content
when  execute the task only if the condition is met

Network [85.87.178.33]).
Aside: Creating an Empty File
---
- hosts: localhost
connection: local
tasks:
- file: path=version_report.txt state=absent
- file: path=version_report.txt state=touch
hosts: localhost  execute the play only on one host

connection: local  make sure we’re working on local file
file: state=absent  delete file
file: state=touch  create an empty file if it’s missing
Demo 8
Network [85.87.178.33]).
Log Routers with Wrong Software Version
$ ansible-playbook check-version-log.yml

Network [85.87.178.33]).
Specify Target Version on Command Line

Network [85.87.178.33]).
Simple Connectivity
Tests
Task: Perform Connectivity Tests
• Define targets for connectivity tests in host or group variables
Connectivity test
• Log into individual devices
• Execute ping target
• Wait for “!!!” in the printout, fail if it’s not there

Network [85.87.178.33]).
Perform Pings from Cisco IOS
---
- hosts: ios
tasks:
- name: "Ping targets from IOS devices"
ios_command:
commands: ping {{item}}
timeout: 3 New in Ansible 2.2
retries: 1
wait_for: ---
- result[0] contains "!!!" …
provider: "{{cli}}" ping_target:
with_items: "{{ping_target}}" - '172.16.1.1'
ignore_errors: yes - '172.16.1.12'
- '172.16.1.100'
- '172.16.1.105'
Network [85.87.178.33]).
IOS_Command Parameters
---
- hosts: ios
tasks:
ios_command:
timeout: 3
retries: 1
wait_for:
- result[0] contains "!!!"
timeout  idle timeout (in case command gets stuck)

retries  how many times a command will be executed
wait_for  conditional specifying when the command succeeded
Command will fail if the wait_for condition is not satisfied in retries

attempts

Network [85.87.178.33]).
Aside: Ansible Loops
---
- hosts: ios
tasks:
ios_command: <parameters>
with_items: "{{ping_target}}"
Executes the Ansible task for every item in with_items list

• with_items value must be a list (not a string)
• item variable contains current item value
• Results of every iteration are included in the playbook printout

Network [85.87.178.33]).
Perform Pings from Nexus OS
- hosts: nxos
tasks:
- name: "Ping targets from NXOS devices"
nxos_command:
provider: "{{cli}}"
register: result
failed_when: "not 'icmp_seq' in result.stdout[0]"
ignore_errors: yes
failed_when is used as a workaround (requires register to work) when you

don’t have waitfor parameter

Network [85.87.178.33]).
Perform Pings from Junos
- hosts: junos
tasks:
- name: "Ping targets from Junos devices"
junos_command:
register: result
failed_when: "result.stdout[0]['ping-results'] 
['ping-failure'] is defined"
ignore_errors: yes
Junos returns ping results as an XML object, so we can test for a specific
object property

Network [85.87.178.33]).
Aside: Ansible Error Control
---
- fail: msg
when: condition
any_errors_fatal: true
- some-other-task
failed_when: condition
ignore_errors: yes
• Include a fail task in a play (hopefully with when condition) to fail the play
• Use failed_when condition to fail any other task
• Add ignore_errors to ensure a task failure doesn’t fail the playbook
• Use any_errors_fatal will mark all hosts as failed even if only one fails
(otherwise all tasks in a play are executed for other hosts)
Demo 9
Network [85.87.178.33]).
Perform Simple Connectivity Tests
$ ansible-playbook check-connectivity.yml

Network [85.87.178.33]).
Perform Simple Connectivity Tests (Junos)

Network [85.87.178.33]).
Other Ideas
Other Ideas
• Device inventory (serial numbers, chassis numbers…)
• Periodic health monitoring
• Validate OSPF or BGP neighbors
• Validate HSRP/VRRP setup
• Collect ARP tables

Network [85.87.178.33]).
Getting Operational
Data
Getting Operational Data from a Networking Device
Shipping with Ansible 2.2
• Device-specific get_facts (when available)
• Execute commands that generate JSON or XML output, parse
JSON/XML in Ansible
• NETCONF can get XML data from the device (very limited in Cisco IOS)
• Device-specific API (NXOS or EOS) get data in JSON format
• SNMP can be used to get data from the device
• Regular expressions can extract data from stdout or stdout_lines
Third-party options:
• Use TextFSM to parse printouts
https://github.com/networktocode/ntc-ansible
• Use get_facts in NAPALM

Network [85.87.178.33]).
Network Device Facts
Network Device Fact Gathering Available in Ansible 2.2
Cisco IOS:
• Hostname, model, serial number, software version, memory, images
• Interface, IPv4 and IPv6 addresses
• LLDP neighbors
• Running configuration (when requested)
Junos: see Junos PyEZ documentation for more details
Nexus OS:
• Interfaces and VLANs
• Modules
• Environment information

Network [85.87.178.33]).
Gather Cisco IOS and NXOS Facts (New in Ansible 2.2)
---
- hosts: ios
tasks:
- ios_facts: provider="{{cli}}"
Use individual facts
register: facts
- debug: var=ansible_net_all_ipv4_addresses
- debug: var=facts
Dump all facts via a registered variable
- hosts: nxos
tasks:
- nxos_facts: provider="{{cli}}"
register: facts
- debug: var=facts
Demo 10
Network [85.87.178.33]).
Ansible Facts on Cisco IOS

Network [85.87.178.33]).
Commands Executed on Cisco IOS
%SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: cisco]

[Source: 172.16.1.12] [localport: 22]
%HA_EM-6-LOG: CLIlog: terminal length 0
%HA_EM-6-LOG: CLIlog: dir all-filesystems
%HA_EM-6-LOG: CLIlog: show version
%HA_EM-6-LOG: CLIlog: show memory statistics
%HA_EM-6-LOG: CLIlog: show version
%HA_EM-6-LOG: CLIlog: show interfaces
%HA_EM-6-LOG: CLIlog: show ipv6 interface
%HA_EM-6-LOG: CLIlog: show lldp
%HA_EM-6-LOG: CLIlog: show lldp neighbors detail
*Aug 9 12:32:06.326: %SYS-6-LOGOUT: User cisco has
exited tty session 578(172.16.1.12)

Network [85.87.178.33]).
Ansible Facts on Nexus OS
Demo 10
Network [85.87.178.33]).
Ansible Facts on Junos
Demo 10
Network [85.87.178.33]).
Get JSON Data from
Show Commands
Get JSON or XML Data from Show Commands
Some networking device generate operational data in XML or JSON format
• Cisco IOS: XML (few built-in commands, custom ODM files)
• Nexus OS: JSON or XML
• Cumulus Linux: JSON
• Junos: XML (converted to JSON in junos_command)
XML or JSON results can be converted into Ansible variables

• Use set_fact to set the variable
• No additional module needed to parse JSON format
• Third-party ansible-xml module parses XML format

Network [85.87.178.33]).
Generate JSON Output on Nexus OS
SW# show ip arp | json

Network [85.87.178.33]).
Collect ARP Tables from Nexus Switches
---
- hosts: nxos
tasks:
Create JSON printout
- nxos_command:
commands: "show ip arp | json"
provider: "{{cli}}"
Convert JSON printout to variable
register: result
- set_fact: json_result="{{ result.stdout[0] }}"
- set_fact: arp_table="{{ json_result.TABLE_vrf.
ROW_vrf.TABLE_adj }}"
- lineinfile: …
Dig into the data structure to get ARP table
Older versions of Ansible might need result.stdout[0] | from_json

Network [85.87.178.33]).
Collect ARP Tables from Nexus Switches
Demo 11
Network [85.87.178.33]).
Result: arp_table.csv
- lineinfile:
dest: arp_table.csv
regexp: "^{{inventory_hostname}},
{{item['intf-out']}},
{{item['ip-addr-out']}}"
line: "{{inventory_hostname}},
{{item['intf-out']}},
{{item['ip-addr-out']}},{{item['mac']}}"
with_items: "{{arp_table.ROW_adj}}"
s1.lab.local,Vlan100,172.16.1.1,0050.56c0.0002
s1.lab.local,Vlan100,172.16.1.12,000c.29e5.30a3

Network [85.87.178.33]).
Collect ARP Tables from Junos Devices
---
- hosts: junos
tasks:
- junos_command:
commands: "show arp"
provider: "{{netconf}}" Result.stdout[0] is already and object
register: result
- set_fact: arp_table="{{ result.stdout[0] 
['arp-table-information'] 
['arp-table-entry'] }}" Dig into the data structure
- lineinfile: to get ARP table
dest: arp_table.csv
regexp: "^{{inventory_hostname}}, 
{{item['interface-name']}},{{item['ip-address']}}“
…
Demo 12
Network [85.87.178.33]).
Use Vendor API
Executing Vendor API Calls from Ansible
---
- hosts: nxos
tasks:
- nxos_command:
commands: "show ip arp"
provider: "{{cli}}"
transport: "nxapi"
register: result
Ansible can execute vendor-specific API calls

• NXAPI for Nexus-OS (nxos_command with transport = nxapi)
• eAPI for Arista EOS (eos_eapi)
• Junos RPC over NETCONF (junos_command)
Demo 13
Network [85.87.178.33]).
Using NXAPI with Ansible
$ ansible-playbook -v nexus-api.yml

Network [85.87.178.33]).
Enable NXAPI
(config)#feature nxapi
• feature nxapi enables Nexus API

• Default: API is available on management interfaces on port 80
• Requests and responses are sent in XML or JSON format
• Request envelope contains a show command
• Response identical to show something | json
Recommended:
• Use HTTPS, disable HTTP
Demo 14
Network [85.87.178.33]).
Using NXAPI with Ansible
$ ansible-playbook -v nexus-api.yml

Network [85.87.178.33]).
Gather SNMP Facts
Gather SNMP Facts
---
- hosts: ios
tasks:
- snmp_facts:
version: v2
community: cisco
register: result
• snmp_facts task gathers standard SNMP MIB variables and adds them to Ansible facts
• Supports SNMP v2, v2c and v3 with encryption and authentication
Information gathered
• IP addresses and subnets
• Interface information: description, MTU, speed, address, status
• System information: description, uptime, contact, name, location
Demo 15
Network [85.87.178.33]).
SNMP Facts Gathered from an IOS device

Network [85.87.178.33]).
Stay in Touch
Web: ipSpace.net
Blog: blog.ipSpace.net
Email: ip@ipSpace.net
Twitter: @ioshints
SDN: ipSpace.net/SDN
Webinars: ipSpace.net/Webinars
Consulting: ipSpace.net/Consulting

Network [85.87.178.33]).
Questions?
Send them to ip@ipSpace.net or @ioshints

Network [85.87.178.33]).

Ansible Networking Modules - Executing Commands

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ansible Networking Modules - Executing Commands

Uploaded by

Copyright:

Available Formats

Ansible Networking Modules –

Ivan Pepelnjak (ip@ipSpace.net)

Common tasks (most platforms)

3 This material is copyrighted

4 This material is copyrighted

5 This material is copyrighted

6 This material is copyrighted

• Ansible uses SSH to connect to a network device

8 This material is copyrighted

• Networking modules use paramiko library (cannot be changed)

10This material is copyrighted

11This material is copyrighted

All connection/authentication parameters were passed to network device module

12This material is copyrighted

13This material is copyrighted

14This material is copyrighted

• Use ios_command action to execute a command on Cisco IOS device

17This material is copyrighted

18This material is copyrighted

19This material is copyrighted

21This material is copyrighted

22This material is copyrighted

login on-success log

Use logging features available on your networking device

%SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: cisco]

24This material is copyrighted

username ansible password 0 ansible

• Create Ansible user

25This material is copyrighted

27This material is copyrighted

30This material is copyrighted

• Every Ansible action returns results

32This material is copyrighted

• All *_command actions return stdout and stdout_lines lists

To access string returned by first command and saved in variable result

33This material is copyrighted

34This material is copyrighted

• junos_command returns structured data (Python dictionary) for every

36This material is copyrighted

37This material is copyrighted

Lineinfile: ensure the specified line is in the specified file

dest  target file

38This material is copyrighted

hosts: localhost  execute the play only on one host

40This material is copyrighted

41This material is copyrighted

43This material is copyrighted

timeout  idle timeout (in case command gets stuck)

Command will fail if the wait_for condition is not satisfied in retries

45This material is copyrighted

Executes the Ansible task for every item in with_items list

46This material is copyrighted

failed_when is used as a workaround (requires register to work) when you

47This material is copyrighted

48This material is copyrighted

50This material is copyrighted

51This material is copyrighted

53This material is copyrighted

55This material is copyrighted

Junos: see Junos PyEZ documentation for more details

57This material is copyrighted

59This material is copyrighted

%SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: cisco]

60This material is copyrighted