Use Ansible to Execute a Single Command on All Routers

I was using Ansible playbooks to configure Cisco IOS routers running in VIRL and wanted to extract the router configurations before stopping the simulation.

You can download the playbooks from my Github repository, and here’s how you can run Ansible with VIRL.

Unfortunately, VIRL extracts startup configurations not running ones, so I’d have to log into each router and execute write memory (the command youngsters know as copy running startup). Making it worse, my lab had six routers. Yes, I know, I have first-world problems.

Fortunately, I was using Ansible, and had the inventory file describing all the routers, so it should be relatively easy to execute write memory on all of them with the raw module, but my default Ansible connection plugin was local to make networking modules work correctly.

Update 2017-02-14: As Nikolay pointed out in the comments, I might be able to use the ios_command module.

Here’s the workaround that worked for me: specify connection plugin to use with the –c command line option:

ansible all -i hosts -m raw -c paramiko -a "write mem"

And here’s another gotcha: the –c command line option supersedes the transport option in ansible.cfg but not the ansible_connection variable specified on a host or a group of hosts in inventory file, so make sure you specify the default connection method in the right place.

Want to do something similar?

It’s amazing how many small problems you can solve once you have an infrastructure like Ansible in place. To learn more about using Ansible for network automation, watch the Ansible for Networking Engineers webinar, and if you want to get your own real-life network automation project off the ground, sign up for the Building Network Automation Solutions online course.

6 comments:

  1. You could always use the Cisco Router Action Performing Perl Script (https://github.com/vinsworldcom/crapps) if you're just dealing with Cisco. Supports "write mem" through SNMP as well as commands via command line (Telnet or SSH).
  2. Why not use ios_command module?
    https://docs.ansible.com/ansible/ios_command_module.html
    Replies
    1. Of course I could (stupid me), but it doesn't work with older versions of Ansible (that's me weaseling out :)
  3. Nice work Ivan...

    What about good old SSH? I have been playing with Parallel SSH for the the past few days and really like it to the point where I'm writing a blog post about it. With a single command and without installing any automation tools, PSSH allows you to run a single or multiple commands on all devices:

    pssh -h hosts -l cisco -A "wr mem"
    Replies
    1. Well, I want to do way more than just executing parallel SSH commands (look at those playbooks ;), being able to do "write mem" on all routers simultaneously was juts a cool side benefit.
  4. Maybe we should keep repeating that automation & orchestration should be (more) about intent (declarative) than about the individual commands (imperative).
    Like what Ivan is showing here: the advantages of a tool like ansible to be able to express his intent to save the configuration on all switches instead of writing a loop (well yes, one could argue that 'write mem' is a command, but that's not the point :-)

    Along these lines, including something about loops:
    https://www.youtube.com/watch?v=nrVIlhtoE3Y&t=460s

Add comment
Sidebar