Destroy the Barriers - Use Ansible Today on Your Home Lab | Cisco CCNA 200-301

And welcome everyone to Keith Barker's channel, where our goal is to give you tips and tools

today

to help you earn

your

CCNA. I was reviewing the plan. Keep it closed at all times. Well, I keep it in the office all the time. I don't ride with it, but it's 6.6. It recognized the capabilities of configuration management mechanisms like Puppet Chef and Ansible and I thought, You know, I'm going to dabble a little bit

today

. This started three days ago with Ansible. I want to get more. I am familiar with it, how can I use it to manage the network and check for network changes.

It's great, it's a fantastic tool and then I discovered a bunch of TD W and I thought, I know why the average human being will never use this.

ansible

at the entry level to automate his network and that's because there's too many TDWs and here's Keith, what did we have? What exactly is a TD W? It's a moment where you say that doesn't work while I worked with danceable and getting automated I was watching videos and reading documentation like boom no boom no boom no. I wanted to share it with you and the purpose of this video is if you are interested, I hope you are at the entry level with a CCNA or anyone who is I'm just interested in working with

ansible

as an automation tool for

your

networks.

I wanted to give you a very clear step-by-step process that will work. I have tested it on multiple systems. I'll share the details with you on those. in just a moment and then I went through it several times and also used github for the script that can actually be used to deploy it, that way anyone who wants to know that I'm not talking to a person behind you. or left or right, I'm talking to you if you are interested in setting up and seeing a working solution, which is the part that took me 2 and a half days to come up with a working solution where you can use ansible to manage our networks, this video is for you so I'm going to walk you through step by step so here's my management PC and this is where I'm currently sitting and I also have a Raspberry Pi that I used in a previous video on setup.

It is configured as a terminal server, so it is wireless. I can connect remotely. It has console cables for my devices. My network device is just a representation of that. What I did was I took this Raspberry Pi and its existing configuration was like the current one. default operating system for Raspberry Pi and then I installed the steps that we did in the previous video for the reverse telnet, you don't have to use that part and then what I did was follow step by step step to install and get ansible working on this so that can manage these devices so the blue wires here this is great the blue wires are the parts of the console that I have access to or out of band management so I could actually use ansible to configure and it also works with those devices, so I tried this on a Raspberry Pi to a Raspberry Pi 3 and I haven't done a Raspberry Pi 5 yet because at the time of this recording there is only a 4, but I did it on the 4.

I did all three because I wanted to give you the exact steps and that way, if you have a Raspberry Pi lying around, you can grab it and try it out with this. It works great too if you are purchasing a Raspberry Pi from the links below. I have an affiliate link or the county kit, that's easy, but I actually bought two a couple of days ago to do this demo and they're great, they have the sub version for all the details, so there's a link below. If you are anyone, use that link to support the channel.

It would be amazing. This is all I like to do. I would like to explain to you step by step the details on how to get this Raspberry Pi that you use to control and work with these network devices and one of the requirements here is that you need to have at least one device that you can access and that you can manage via SSH, so it could be a genus 3 device in your

home

, it could be a G peer in your

home

, it could be a router or a switch in your home or it can be if it is accessible over a network, this will work, so you need to have at least one network device that we can work with and manage if we want to use ansible to manage that device, so here on the left I have the step by step instructions to do this on this Raspberry Pi and I also provided a link in the description so you can download it and see the step by step. -Step by step instructions.

I've tested this three times on three different devices and it has worked consistently, so you'll want to enable SSH on your iOS devices. These are your routers or switches and this is the syntax I use to do what I would like to point out. find out the password I used if you use a different password that's great too if you're on a switch or something else where it's a little bit older version you can generate an RSA cryptographic key and then log in and then it will ask you about the module as well okay so you have to set it up and then I would recommend testing it, it's another TV, oh, that doesn't work, and then I can't connect to your devices either, so to test it like this, my IP addresses are 192 168 1 . 33 and 34 and this will ssh to my Cisco devices to make sure everything works and cache the keys if necessary and then we'll log in as administrator there at one ninety-two points one sixty-eight points one point. 33 is the first one and there's my cool password, that's switch thirty-five sixty and then I have another one on thirty-four that's a router and that's cool and if that hadn't worked, I could go to my little raspberry. pi, which is actually a terminal server and I could talk to those devices directly on the serial port that's right there, so I'll exit and now I have an ssh connection, that's a big step I want to take.

We're sure we'll have nice clean ssh communications before we start working with ansible. Right now, look at this. This is so important that it happens all the time. If we open a new session, a new session on one of my Cisco devices, I went to one. ninety two point one sixty eight point one point 33 and I said the SSH username is admin great and I clicked connect boom-boom-boom-boom key exchange failed no key exchange supported to film de anyway and then there are also console messages, so if we go to the console of that device, we will have log messages about the key exchange not working, so with PuTTY what we would do is go to that session to get options access and down here in key exchange we would say ok let's go Also add Diffie-Hellman and Boom and now this guy keeps working he accepts and saves the key and the password is Cisco and we are on that device.

Now the trick is if we're sitting on a Raspberry Pi and it does that to us. You'll most likely want to go ahead and modify this file right here, so if you're having the problem of no matching key exchange method being found or no matching encryption, you'll want to do sudo, which puts you on the hook for King-kong and then nano. which is a pretty simple text editor that I recommend if you're just getting started with your friend and then we're going to put it in the Etsy SSH SSH underscore settings folder and then you're going to put these two lines in the settings without a pound sign in front of it. them, so if I show you this very quick fact that was copy and paste, all of these files are ready to go for you in this documentation that you can download and walk through step by step, so I'm going to Go ahead and do Nano and then that file .

I just copy and pasted the key exchange algorithms and ciphers and that works. This one here in this file works for iOS running even on G. It works for iOS running on Modeled Disk. labs works on gns3 works on live equipment so it basically has you covered and will make sure you can get your ansible working, that was one of the things that stopped me early. I thought, well, I can't even get SSH to work and so this is a solution. I'm going to do an X check to exit without any changes. Great, if you have to make changes, make the changes in an X control.

It will say: do you want to save the changes? You press Y. and then press ENTER to continue and exit fine, then the next steps are to install ansible on the PI and here are the instructions, just follow the bouncing ball and it does it and that will give us version 2.7 or something like that depending on the day, but if you want to get a more current version like 2.9, you can follow the rest of these instructions and what it will do is end up giving you version two point nine nine, I think, and we can use this command here just to verify that we've pasted it into yeah 2.99 which is great, that's how you get the ansible installation by following those steps, then we'll change the directories to etsy slash ansible and then edit the host file now in the host file as your inventory of your devices on your network, so I have two devices and I assume I attack aghori with bracket iOS I close bracket with iOS in the middle and I put these two IP addresses, mice, which ones my router, I just wanted to keep it pretty simple, so what I would do is I would put the IP addresses of your devices that you can access and that you can access via SSH here in this host file, that's all you need, just those entries right there to get outside and control X, then you press Y and then you press Enter and that does it. save, so now we have a host file with your inventory and then we'll edit our CFG dot file.

This will do a couple of things for us. First there will be a little warning message for a couple of things, this will reduce that and also make the process a little faster by changing the default way an SLO works when it interacts with our network here, so there is a section default and it has I added these two parts right here, you can copy and paste them with Nano. There are the instructions on a Bing bada boom. I've also seen it occasionally, but not on the Raspberry Pi. I have seen the host underscore key. We're just checking. equates to it being commented false, so if you want it to be active, if you need to, you can uncomment that, remove the hash tag or the pound symbol and that will activate it in that configuration as well.

I didn't have to do that in my setup. but I left it there as a note and controlled x and a y and boom that's for sure so next let's talk about some instructions that ansible is going to do, in fact let's go to the screen for that if you and I were the president of a company, our co-presidents, you and I, we had different departments, we could talk to each department slightly differently, we spoke in their language, we spoke in the language of accounting with the finance people, we spoke in the language of humans with the people in human Resources.

We had to talk in the programming language with the programming people or if you're using SNMP on a network, we have MIPS management information bases and we have different MIPS and we communicate slightly differently to talk to different devices on our network and with ansible. It has a lot of built-in methods that you can use to talk to different devices. I mean, you can be talking to servers, you can be talking to switches, you can be talking to different providers or routers, so you have different modules that you use how you communicate with each one now, if ansible is communicating with a router or a switch, not only does it have a set of modules that can be used to talk to that device, but it also has separate modules, one for a show command or a separate module. to get information out of the box or a separate module to create an interface, a separate module to write or configure a layer 3 interface, so there's a bit of learning that would have to be done to where okay, what do I want to happen?

So what modules do I turn to and can I do that? That said, I'm going to give you a working solution that you can use as a starting point and then you'll realize that if you continue on this automation journey, there are a lot of additional options that we can use thousands and thousands of options that we can use including variables additional ones that are entered but from additional files and subdirectories, but the basic point is that ansible has a set of modules that it can use if we tell it to go ahead and do specific things with our network equipment, which may include configuration or display commands , we are getting information from that device.

Now, the way we tell Ansible what we want it to do is by using a file with some text and stuff. the text has to be in a fairly specific format and the format we are looking for is yes Mille yes it makes me laugh yes Mille is an acronym for yes Mille is not a markup language and it's called amal and it's basically very readable and what I would like to do is share with you a Yambol file that you can create. You can copy and paste it and it will work. Simply change the IP addresses you need according to your home network and you can use this call. file to tell ansible what you want it to do with your network devices, let's take a look at this syntax, in fact, let me show it here to do more or B and then like Cisco IOS if you get a single string and tab, it will fill it in byyou so this is what I currently have on this Raspberry Pi and it's basically this file called ber and host yml just one file created it and then for a format I call the way you know what CML. it's the first three characters - - - on the top line and that's one of the yellow file elements like oh, I recognize it and it's not a bad idea to be able to recognize this file based on those three dashes and then there are some other rules about indentation and spaces are important so if you copy and paste this as is you're in good shape so I'm going to call it iOS fax and the host I wanted to go to is this host here 192 168 1 point 33.and then I have the tasks which I wanted to do and the first task is to collect data from iOS, so this right here is a fact underline, it's a module that is part of ansible that we can call to do the job and it says ok.

Great to collect iOS data, so we are using this module called iOS Data, so in provider it has the host information, the port information, the username and password, also the Cisco password. I've set up the enable secret for Cisco on your network if they're different, you're also going to want to use the appropriate passwords, okay, so once you do this, you're going to log in with this module called iOS Packets, it's just going to capture a ton of information, but once you get all this information, that doesn't necessarily mean it's We'll show it to us, so if we want to see multiple parts of that, we can request it and that's what they call these next two parts: what is the version of iOS that is for we humans and then we debug a colon and then var: ansible underscore net underscore. version when it came in and we were able to find this in the documentation Francois, what came in with this module right here, iOS fax, it has dozens, I think of pieces that come out and all we do is say we want to move forward and we want to have information about this variable that represents the iOS version and we want to have information about this variable that represents the hostname that way it spits it out on our screen and then yellow files, you don't have to do it, but it's not a bad idea to do it and show that part of ml file is ready.

You can use dot dot dot and then save it, so I did an X control and then a Y and then I went in to save that file and that's what we see here. on the right, so that's an example, let's do one more example that uses a different network device and this is a playbook called show IP interface. Briefly guess what it does this is how you create it if I let me open it dogs do it LS script L let's do more for the short IP interface yeah Mille and here's the syntax so just copy paste copy paste , my friend, to get your initial setup working because one of the initial things I saw when I was watching the videos and looking at the documentation. try this and just note in this notice that it was very frustrating, it's like, well, I guess I'll never do this, so start with something that works and then you can start modifying things and extracting and creating additional variables and files.

Great, this is a fantastic starting point for anyone who wants to see it in action, including starting to automate your home lab if you have a Cisco lab there, so this is the name of this problem. Show commands the host is 192 168 1.34 that's my router and then here the iOS command which is a module in ansible that allows us to issue a show command and then we specify the command that we want to issue go to the short IP interface and then we give the details so that this module can work. go ahead and do your work including passwords and users etc to get to that device sit here with the output of the interfaces with the debug bar just for now understand that that will show us the relevant output of the command show IP interface brief. show, it would show a little bit more if we didn't limit it here and that would be the topic for another topic, but I wanted to give you some examples of how it works and then you can modify it and adjust it later if you want, then I put three periods an x ​​and a y control to save it and then we just execute it, so I have those playbooks.

Look at this, so we'll go ahead and you know, let's copy here and make ansible: playbook for her and gammal host. and it's running, so Raspberry Pi right now is running this information on that device at point 33 and then it outputs the information, so there's the iOS version, there's the host name, good job, ansible did it achieved, now let's take a look at how to execute the second one. which is against the router and is showing a brief summary of the IP interface, not because the title says that but because the instructions in the file I call say to do that with the correct modules referenced, we'll copy it and just we'll stick it and I'll do it. bring that full screen there, let's go to a larger scale if we had 40 or 50 devices and you had scripts, so in the background a lot of Python is used, but ansible hides it from us, but as you move forward with the automation, you can just say Wow.

I want I want to do my whole network and look for changes I want to look for any configuration changes since the last time I did a scan and I could go out to each one to tell you whether or not there was a change or not and it'll be done so let's do another fun little thing , let's go to 29:11, well, let's do a new loopback and go to the loopback interface and we will do the back interface as well. in use it's pretty fair and we'll use the IP address and now that has a new loopback interface if we go back to our Raspberry Pi running against Bowl, we go home, wow, that's good, and we run the same playbook again and there it is.

There is an opportunity to push configurations to obtain information to compare one configuration with another. All of those options are there and in this video I wanted to give you a specific step-by-step method that you could use to get some engagement and some traction. ansible with your home network here and again, that doesn't have to be a physical machine, if you can connect it via SSH from your PC, you can go ahead and use ansible from that same network, let me share with you where it is and also I had an experience of really good learning with github and I also want to thank John McGovern and also Knox Hutchinson for being incredibly patient with me and helping me while being like, well, wow, they were both fantastic.

I will put URL. for your channels below as well, so to get this script and I will talk about how to configure your ansible step by step on a Raspberry Pi, each of these steps that I have tried on three different Raspberry Pi are the two, three and four with the that they all worked. This is where you go, you would go to this URL github.com slash keith - ogi t slash first steps. I'll put the link in the description below and not only do they have the high performance hands bowl but I also have the script for the details or setting up a terminal server which was our previous video, so again, if you don't have a Raspberry Pi, you can also do this on a linux box that supports the steps and installation and the issues may be slightly different but I wanted to If you are interested I want to give you a specific way you could set up usage and start seeing results with ansible on your home network lab.

This script and my tests can help you do exactly that, so if you're looking to go a little above the rest of the crowd at the CCNA level. I highly recommend you download this script. This information we are getting how to configure it. Practice it once or twice because it's not just about saying "good." works, it also gives you hands-on practice with Linux, how to change directories, use Nano and edit files, those are all important skills that you will get if you do this exercise and have some hands-on practice working with ansible as well. Hope to see you at the next live event every Sunday at 11am.

PST we have our quiz, feel free to join us if you love having it and I hope to see you at the next live event wherever. That's it, have a great day everyone. Goodbye, something is missing for now. I found them.