I have been using Ansible AWX for a short time now. I have had good success with some simple things. I have a scheduled compliance checking playbook running weekly looking for non-standard versions or configurations that enable known vulnerabilities. I also have an NXOS upgrade playbook, I recently further broke out into a workflow so I can re-use portions of that playbook for other platform upgrades/downgrades. This is all well and good.
None of us are Ansible experts, but as the team member with the most working knowledge of AWX I was asked to assist a colleague with migrating a working Ansible playbook into AWX to be able to schedule it and have Ops run it on-demand without access to their own read-write creds.
His playbook uses a lot of Jinja2 which I am not very familiar with at all. He is essentially taking a list of data from a public website, filtering it down to a list of networks and hosts and storing that in a file. Then he imports config from an ACL and runs a diff to find out what needs to be removed from the ACL and what needs to be added to the ACL to match the website, then creates and applies the ACL. Run from a linux CLI this simply writes these data imports to a file and compares and filers the files. I can’t seem to figure out how I can replicate this functionality using AWX. Any have any ideas how to accomplish this or can point me to what I should be reading about to do so?
No comments:
Post a Comment