Hello my fellow scotch addicts of /r/networking. Lately I've been getting more and more into automation in my network and have been doing stuff in Ansible and now recently AWX. My org has a small datacenter (nexus 7K + Nexus 9K NX-OS and a soon to be ACI fabric), and a small size multi facility campus (roughly 200 switch stacks) trying to flesh out ideas for what others are using Ansible/AWX in their environments.
Here's what I've been doing with it in case anyone cares (no one probably does)-
Ansible:
Configuration auditing. Nightly configuration backup jobs that perform diffs to spit out a quick and easy to digest config change report every day
Unused switchports - how many ports on a switch are actually in use despite what may be patched into them.
OUI Reports- punch in an OUI and itll spit out every instance of the OUI in the campus. Helpful for locating stray vendor devices.
Web GUI for "show" commands- allows a web user to run show commands on switches/routers.
Mass config updates- such as pushing major changes to AAA or ACLs. Validating mgmt interface restrictions.
AWX:
Data VLAN Assignment
This is something that I recently put together for our customer support team. Instead of coming to network team for VLAN changes , I've written a few plays for them to have access to change VLANs on their own. Not like assigning a VLAN is very hard given the size of my network, but I'm hoping it saves time when our network team is preoccupied. More importantly I hope this gives the customer support team as sense of ownership of making sure things are right with their end devices in terms of networking. They pay more attention to what IPs they are putting into vendor machines, PACS devices, etc. I find if they are more involved they have a better understanding of what exactly they are doing. Atleast that's my unrealistic dream.
Voice VLAN assignment
At one facility in particular I have two voice VLANs that need to be adjusted as we phase out the old (Avaya) and move to the new. This play allows the user to punch in the MAC and Voice VLAN assignment of the phone, itll find the proper port that the phone is connected to, swap the VLAN assignment, and bounce the POE on the port to force a phone reset.
I'm just looking to see what others have come up with for ansible in their campus and/or datacenter for network configuration, validation, or whatever the hell else. I'm been writing python for various other network tasks and needs as well, but have lately been getting more and more into ansible and enjoy it quite a lot.
Cheers to all.
No comments:
Post a Comment