F5 Private Cloud Solutions > 3. Class 3: Automation of Cisco APIC and F5 BIG-IP using Ansible Source | Edit on

3.1. Lab Topology

3.1.1. Install Ansible

  • On dCloud once logged into RDP, open Putty and go to server ‘Tools’ (root/C1sco12345). Run the following commands to install Ansible
    • pip install --upgrade pip
    • yum install openssl-devel
    • yum install python-devel
    • yum install gcc
    • pip install cryptography
    • pip install ansible
  • Once ansible is installed successfully, run following command from /root directory
    • export ANSIBLE_LIBRARY=/root/library

3.1.2. Environment setup

  • Download ansible_automation_files.tar from https://tinyurl.com/y9zvj6nl to desktop

  • Open WinSCP, click on with windows startup button and then click WinSCP

    image1

  • On WinSCP

    • Hostname: tools.dcloud.cisco.com

    • Port: 22

    • Click on the EDIT button to change username and password

      • Username: root
      • Password: C1sco12345
    • Click Save

    • Click login

    • In the right hand pane click on the /home/user01/Scripts tab, change it to /root

      image3

    • Click OK

    • Similarly change the left hand pane from C:\Scripts to C:\Users\demouser\Desktop

    • Copy the download tar file from the desktop to the root directory on the ansible host

  • SSH to the ‘Tools’ host using Putty

    • Username: root

    • Password: C1sco12345

    • Untar the ansible_automation_files.tar file using command:

      tar xvf ansible_automation_files.tar

3.1.3. Directory structure

All the files and folders are under /root directory itself. Let’s take a look at the files and directories. This is for reading and familiarizing yourself with the playbooks and files we are going to use. No task to be performed in this section

image4

  • File ansible.cfg

  • File host_file

    • This file is the ansible inventory file, which stored information about the host(s) that we want to run the playbook against, and variable information pertaining to those hosts. For more information about the inventory file refer to link http://docs.ansible.com/ansible/intro_inventory.html#inventory

    • The host file is specific to your environment

    • Sample host_file for the dCloud environment

      [iworkflow]
      198.18.128.135
      
      [iworkflow:vars]
      username=admin
      password=C1sco12345
      
      [apic]
      198.18.133.200
      
      [apic:vars]
      username=admin
      password=C1sco12345
      
  • Directory playbooks – This directory contains

    • All the playbooks we are going to run in this lab

      • iworkflow_setup.yaml – Configure setting on iWorkflow
      • aci_tenant_setup.yaml – Create a tenant and related parameters on APIC
      • logical_device_cluster.yaml – Create a logical device cluster on APIC (this enabled communication of APIC with BIG-IP)
      • service_insertion.yaml - Configure service insertion on APIC
      • aci_delete_service.yaml – Clean up of the configuration done on APIC
    • The variable file which we are going to edit to customize it to our needs

      • This is a sample input to the variable file, you can modify it to fit your environment

        bigip_ip 198.18.128.130
        bigip_username admin
        bigip_password C1sco12345
        bigip_hostname bigip1.dcloud.cisco.com
           
        iworkflow_ip 198.18.128.135
        iworkflow_username admin
        iworkflow_password C1sco12345
           
        tenant_name Demo
        context_name {{tenant_name}}_ctx1
        app_profile_name App_profile
        provider_bd_name {{tenant_name}}_BDApp
        provider_ip 192.168.10.220
        provider_mask 24
        provider_epg_name prov_EPG_app
        consumer_bd_name {{tenant_name}}_BDWeb
        consumer_ip 10.10.10.220
        consumer_mask 24
        consumer_epg_name cons_EPG_web
           
        contract_name web2app-demo-contract
        filter_name {{contract_name}}_filter
        subject_name1 http
        subject_name2 https
           
        iworkflow_servicetemplate_name SimpleHTTP
        devicePackage_name dCloudConnector
        downloaded_devicePackage_name F5DevicePackageSimple
        logicalDeviceCluster_name StandaloneBIGIP
        SGtemplate_name SimpleHTTP_ServiceGraphTemplate
           
        external_selfip 10.10.10.120
        external_netmask 255.255.255.0
        internal_selfip 192.168.10.120
        internal_netmask 255.255.255.0
        vip_ip 10.10.10.100
        vip_port 80
        poolMember_ip 192.168.10.140
        lb_method round-robin
  • Directory aci_posts

    • This directory has all the aci posts we are going to execute on the APIC
    • Each post is a j2 (jinja2) template file. This template file contains variables which are going to be substituted at run time from information present in the variable file. The XML file then created after the substitution will be then run on the APIC
  • JSON blob for creating a service template on iWorkflow

  • Directory library

    • This contains the python files which are responsible for running code for modules. For this lab we have the one aci module aci_rest.py which will be used to run the posts on the APIC