Coder Social home page Coder Social logo

ansible-nfvis's Introduction

ansible-nfvis

An Ansible Role for automating Cisco NFVIS

This is a hybrid role that contains the following modules:

  • nfvis_system
  • nfvis_bridge
  • nfvis_network
  • nfvis_vlan
  • nfvis_depoloyment
  • nfvis_package

To use this role, clone it into your roles directory:

git clone https://github.com/ciscops/ansible-nfvis.git

To load the modules for use in your playbook:

- hosts: nfvis
  connection: local
  gather_facts: no
  roles:
    - ansible-nfvis
  tasks:
    - name: Build Bridges
      nfvis_bridge:
        host: 1.2.3.4
        user: admin
        password: cisco
        name: service
        state: present

Tasks

In addition to the modules, the role can be called to help create packages:

Build Packages

The build-package task can be called to build the packages that can be uploaded to the NFVIS host with the nfvis_package module.

- name: Build packages
  include_role:
    name: ansible-nfvis
    tasks_from: build-package
  vars:
    package_name: asav
    package_version: 9.10.1
    package_image: asav9101.qcow2
    package_template: centos.image_properties.xml.j2
  • package_name: The name of the package as referecned in deployments
  • package_version: The version of the package
  • package_image: The image with which to build the package
  • package_template: The template from which the image_properties is derived. This uses the default Ansible search behavior for templates. Sock templates are located in ansible-nfvis/tempaltes.

The build-package task looks for the image files used to build the packages in the directory specified by nfvis_package_dir (Default: "{{ playbook_dir }}/packages"). It builds the packages in the directory specified by nfvis_temp_dir (Default: /tmp/nfvis_packages) and stores the packages in the directory specified in nfvis_package_dir (Default: "{{ playbook_dir }}/packages").

The default values for nfvis_package_dir, nfvis_temp_dir, and nfvis_package_dir are found in ansible-nfvis/defaults/main.yml.

Note: Since nfvis_deployment inject the config into the deployments, this task does not include any configuration.

Modules

All modules require authentication information for the NFVIS host:

  • host: The address of the NFVIS device in which the API can be reached
  • user: The username with which to authenticate to the NFVIS API
  • password: The password with which to authenticate to the NFVIS API

Get System Facts:

- name: Configure system
  nfvis_facts:
    host: 1.2.3.4
    user: admin
    password: cisco

Returns:

  • System settings
  • CPU usage
  • VLANs
  • Bridges
  • Networks
  • Deployments

Configure System Settings:

- name: Configure system
  nfvis_system:
    host: 1.2.3.4
    user: admin
    password: cisco
    mgmt: 2.3.4.5/24
    gateway_ip: 2.3.4.1
    hostname: "{{ inventory_hostname }}"
    trusted_source:
      - 0.0.0.0/0
  • hostname: The hostname of the NFVIS host (required)
  • mgmt: The management IP of the NFVIS host in CIDR notation or dhcp for DHCP (required)
  • gateway_ip: The IP address of the gateway of the NFVIS host
  • trusted_source: A list of trusted sources in CIDR notation

Configure VLANs:

The nfvis_vlan module maintains vlans on the switch:

- nfvis_vlan:
    host: 1.2.3.4
    user: admin
    password: cisco
    state: present
    vlan_id: 100
  • vlan_id: The VLAN ID to add to the NFVIS host
  • state: The state of the VLAN. Can be present to add the VLAN or absent to delete the VLAN. (default: present)

Note: This requires that the NFVIS device contain an embedded switch (e.g. ENCS)

Configure Bridges:

- nfvis_bridge:
    host: 1.2.3.4
    user: admin
    password: cisco
    name: service-br
    state: present
  • name: Name of the bridge (required)
  • state: The state of the bridge ('present' or 'absent')
  • ports: List of ports to which the bridge is attached
  • ip: IP address and netmask of the bridge
  • vlan: VLAN tag
  • dhcp: Flag to specify DHCP configuration

Configure Networks:

- nfvis_network:
    host: 1.2.3.4
    user: admin
    password: cisco
    name: new-network
    bridge: net-bridge
    trunk: no
    vlan: 100
    state: present

  • name: Name of the network (required)

  • state: The state if the network ('present' or 'absent')

  • bridge: The bridge to which the network is associated

  • trunk: Set network to trunk mode

  • sriov: SR-IOV supported on the network

  • native_tagged: Specifies if the netowrk is tagged or not

  • native_vlan: Specifies a native VLAN. It sets the native characteristics when the interface is in trunk mode. If you do not configure a native VLAN, the default VLAN 1 is used as the native VLAN

  • vlan: Specifies the VLAN ID when the network is in access mode (i.e NOT a trunk)

Deploy VNF:

- nfvis_deployment:
    host: 1.2.3.4
    user: admin
    password: cisco
    name: isrv1
    state: present
    image: isrv
    flavor: isrv-small
    interfaces:
      - network: int-mgmt-net
      - network: wan-net
      - network: lan-net
    bootup_time: 600
    port_forwarding:
      - proxy_port: 20001
        source_bridge: 'wan-br'
    config_data:
      - dst: iosxe_config.txt
        data: "{{ lookup('template', 'iosxe_config.txt.j2') }}"
  • name: Name of the deployment (required)
  • state: The state of the VLAN. Can be present to add the VLAN or absent to delete the deployment. (default: present)
  • image: The name of the image to use for the deployment (required)
  • flavor: The name of the flavor to use for the deployment (required)
  • interfaces: A list of dictionaries specifying the interfaces to create for the VNF
    • network: The name of the network to attach the interface (required)
    • nicid: The nic id of the interface. (Default: the index of that element in the list)
    • model: The model of the deriver to use (default vitio)
  • bootup_time: The time to allow the VNF to boot before starting monitoring
  • port_forwarding: A list of dictionaries specifying which ports to proxy to the VNF (Note: monitoring must be enabled)
    • proxy_port: The port on the NFVIS device to be proxied to the VNF (required)
    • vnf_port: The destination port on the VNF (Default: 22)
    • source_bridge: The bridge on the NFVIS device to attach the proxy (Default: MGMT)
    • protocol: The protocol of the port to be proxied (default tcp)
    • type: The type of proxy (default ssh)
  • config_data: A list of dictionaries defining the configuration data to feed to the deployment via cloud-init:
    • dst: The name of the file to place in the config drive
    • data

Upload Packages

- name: Package
  nfvis_package:
    host: 1.2.3.4
    user: admin
    password: cisco
    file: asav.tar.gz
    name: asav
    state: present
  • name: The name of the package
  • file: The file name of the package
  • state: The state of the VLAN. Can be present to add package or absent to delete the package. (default: present)

License

CISCO SAMPLE CODE LICENSE

ansible-nfvis's People

Contributors

ismc avatar jlothian avatar stevenca avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

youness92 jlothian lwlxwang network-tools pushou

ansible-nfvis's Issues

nfvis_deployment - Error during Memory Precheck: memory is not available

ansible version: 2.8.5
ansible tower version: 3.5.3
nfvis version: NFVIS-3.12.2-FC2
nfvis platform: encs 5408

I don't think this is an issue with this module but more so with nfvis and ansible, but I hit the error "Error during Memory Precheck: memory is not available" when attempting to use the nfvis_deployment module. I also get the same error when attempting to use the ansible uri module to talk to the nfvis api directly. I do not get the error when using postman and hitting the nfvis api directly.

play info:

- name: deploy vnfs
  hosts: nfvis
  connection: local
  gather_facts: no
  roles:
    - ansible-nfvis

  tasks:
    - name: deploy vedge
      nfvis_deployment:
        host: "{{ ansible_host }}"
        user: "{{ ansible_user }}"
        password: "{{ ansible_password }}"
        name: site1_vedge_01
        state: present
        image: vedge-18.4.1
        flavor: vedge-medium
        interfaces:
          - network: int-mgmt-inet
          - network: wan-net

ansible error (password starred out):

{
    "status": 400,
    "body": {
        "errors": {
            "error": [
                {
                    "error-tag": "malformed-message",
                    "error-message": "Error during Memory Precheck: memory is not available",
                    "error-urlpath": "/api/config/vm_lifecycle/tenants/tenant/admin/deployments/deployment/site1_vedge_01"
                }
            ]
        }
    },
    "payload": "{\"deployment\": {\"vm_group\": {\"kpi_data\": {\"enabled\": false}, \"placement\": {\"enforcement\": \"strict\", \"host\": \"datastore1\", \"type\": \"zone_host\"}, \"name\": \"site1_vedge_01\", \"bootup_time\": -1, \"image\": \"vedge-18.4.1\", \"scaling\": {\"min_active\": 1, \"max_active\": 1, \"elastic\": false}, \"recovery_wait_time\": 0, \"recovery_policy\": {\"recovery_type\": \"AUTO\", \"action_on_recovery\": \"REBOOT_ONLY\"}, \"flavor\": \"vedge-medium\", \"interfaces\": [{\"interface\": {\"nicid\": 0, \"network\": \"int-mgmt-inet\"}}, {\"interface\": {\"nicid\": 1, \"network\": \"wan-net\"}}]}, \"name\": \"site1_vedge_01\"}}",
    "_ansible_no_log": false,
    "warnings": [
        "Module did not set no_log for password"
    ],
    "url": "https://10.253.202.38/api/config/vm_lifecycle/tenants/tenant/admin/deployments",
    "changed": false,
    "method": "POST",
    "invocation": {
        "module_args": {
            "kpi_data": false,
            "config_data": null,
            "url_username": "admin",
            "bootup_time": -1,
            "placement_enforcement": "strict",
            "scaling_min_active": 1,
            "image": "vedge-18.4.1",
            "force_basic_auth": true,
            "scaling": false,
            "host": "10.253.202.38",
            "recovery_wait_time": 0,
            "user": "admin",
            "flavor": "vedge-medium",
            "password": "*******",
            "port_forwarding": null,
            "action_on_recovery": "REBOOT_ONLY",
            "scaling_max_active": 1,
            "placement_host": "datastore1",
            "url_password": "******",
            "name": "site1_vedge_01",
            "recovery_type": "AUTO",
            "placement_type": "zone_host",
            "state": "present",
            "tenant": "admin",
            "timeout": 60,
            "validate_certs": false,
            "interfaces": [
                {
                    "network": "int-mgmt-inet"
                },
                {
                    "network": "wan-net"
                }
            ]
        }
    },
    "response": "HTTP Error 400: Bad Request",
    "msg": "Request failed for https://10.253.202.38/api/config/vm_lifecycle/tenants/tenant/admin/deployments: 400 - HTTP Error 400: Bad Request"
}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.