Before leaving the NetDevOps section where Ansible is used to manage our staging and production fabrics, we will reset the staging fabric in preparation for taking a look at how Terraform can be used to manage the same fabric. This is a good practice to ensure that the fabric is in a clean state before we start using Terraform to manage it. This section will demonstrate how to use Ansible to remove configuration objects from the fabric, which is a common task in network automation.
Staging FabricReturn to your VSCode window.
This step is to create a quick Ansible playbook to wipe and remove the staging fabric. The idea in this section is to demonstrate how you can use an existing framework, Ansible in this case, in different ways and in preparation for the next section that is fully declarative in intent.
Like prior sections of the lab, we're making use of inline Jinja2 templating to generate the configuration for the Ansible playbook to send in one configuration transaction to the switches to optimize the execution time.
touch /home/pod26/workspace/nxapilab/ansible-nxos/reset.yml
cat << EOF > /home/pod26/workspace/nxapilab/ansible-nxos/reset.yml
---
- name: Reset Staging Fabric
hosts: nxos
gather_facts: false
tasks:
- name: Remove VRFs
cisco.nxos.nxos_vrf:
aggregate: >-
{%- set vrf_list = [] -%}
{%- for vrf in vrfs | default([]) -%}
{%- set _ = vrf_list.append(dict(name=vrf.vrf_name )) -%}
{%- endfor -%}
{{ vrf_list }}
state: absent
- name: Remove SVIs
cisco.nxos.nxos_interfaces:
config: >-
{%- set svi_list = [] -%}
{%- for svi in vrfs | default([]) + networks | default([]) -%}
{%- set _ = svi_list.append(dict(name="Vlan" + svi.vlan_id | string )) -%}
{%- endfor -%}
{%- set loopback_list = [] -%}
{%- for loopback in loopback_interfaces | default([]) -%}
{%- set _ = loopback_list.append(dict(name=loopback.interface)) -%}
{%- endfor -%}
{{ svi_list + loopback_list }}
state: purged
- name: Remove NVE Interface
cisco.nxos.nxos_interfaces:
config: [name: nve1]
state: purged
- name: Remove VLANs
cisco.nxos.nxos_vlans:
config: >-
{%- set vlan_list = [] -%}
{%- for vlan in vrfs | default([]) + networks | default([]) -%}
{%- set _ = vlan_list.append(dict(vlan_id=vlan.vlan_id)) -%}
{%- endfor -%}
{{ vlan_list }}
state: deleted
when:
- vrfs is defined and vrfs is iterable
- networks is defined and networks is iterable
- name: Default Interfaces
cisco.nxos.nxos_interfaces:
config: >-
{%- set physical_interface_list = [] -%}
{%- for interface in layer3_physical_interfaces | default([]) -%}
{%- set _ = physical_interface_list.append(dict(name=interface.interface)) -%}
{%- endfor -%}
{{ physical_interface_list }}
state: deleted
- name: Remove All BGP
cisco.nxos.nxos_bgp_global:
state: purged
- name: Remove OSPF Process
cisco.nxos.nxos_ospfv2:
config:
processes:
- process_id: UNDERLAY
state: deleted
- name: Remove Features
cisco.nxos.nxos_feature:
feature: "{{ item }}"
state: disabled
loop: "{{ features | reject('search', 'netconf') | reject('search', 'restconf') | list }}"
EOF
Staging FabricFrom the root ansible project directory execute the following command.
cd /home/pod26/workspace/nxapilab/ansible-nxos
ansible-playbook -i staging.yml reset.yml
Upon a successful run of the playbook your output should look as follows:
PLAY [Reset Staging Fabric] *******************************************************************************************************************************************************************************
TASK [Remove VRFs] ****************************************************************************************************************************************************************************************
ok: [10.15.26.11]
changed: [10.15.26.12]
changed: [10.15.26.13]
TASK [Remove SVIs] ****************************************************************************************************************************************************************************************
changed: [10.15.26.13]
changed: [10.15.26.12]
changed: [10.15.26.11]
TASK [Remove NVE Interface] *******************************************************************************************************************************************************************************
ok: [10.15.26.11]
changed: [10.15.26.12]
changed: [10.15.26.13]
TASK [Remove VLANs] ***************************************************************************************************************************************************************************************
skipping: [10.15.26.11]
changed: [10.15.26.13]
changed: [10.15.26.12]
TASK [Default Interfaces] *********************************************************************************************************************************************************************************
changed: [10.15.26.12]
changed: [10.15.26.13]
changed: [10.15.26.11]
TASK [Remove All BGP] *************************************************************************************************************************************************************************************
changed: [10.15.26.13]
changed: [10.15.26.12]
changed: [10.15.26.11]
TASK [Remove OSPF Process] ********************************************************************************************************************************************************************************
changed: [10.15.26.11]
changed: [10.15.26.13]
changed: [10.15.26.12]
TASK [Remove Features] ************************************************************************************************************************************************************************************
changed: [10.15.26.12] => (item=ospf)
changed: [10.15.26.11] => (item=ospf)
changed: [10.15.26.13] => (item=ospf)
changed: [10.15.26.12] => (item=pim)
changed: [10.15.26.13] => (item=pim)
changed: [10.15.26.11] => (item=pim)
changed: [10.15.26.12] => (item=bgp)
changed: [10.15.26.11] => (item=bgp)
changed: [10.15.26.13] => (item=bgp)
changed: [10.15.26.11] => (item=nv overlay)
changed: [10.15.26.12] => (item=nv overlay)
changed: [10.15.26.13] => (item=nv overlay)
changed: [10.15.26.12] => (item=vn-segment-vlan-based)
changed: [10.15.26.13] => (item=vn-segment-vlan-based)
changed: [10.15.26.12] => (item=interface-vlan)
changed: [10.15.26.13] => (item=interface-vlan)
PLAY RECAP ************************************************************************************************************************************************************************************************
10.15.26.11 : ok=7 changed=5 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0
10.15.26.12 : ok=8 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
10.15.26.13 : ok=8 changed=8 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Examine the output above. The configuration for the VLANs, VRFs, SVIs, NVE interfaces, BGP, OSPF, and features have all been removed.