最近開始學Ansible, 現(xiàn)網(wǎng)環(huán)境全是華為設備(公司為了省錢……),所以用EVE-NG模擬思科設備來搭建環(huán)境。
下面這個圖是EVE-NG要求的硬件和虛擬機條件,我自己的MAC只有8G內存,所以從公司找了一臺比較空閑的服務器(Ubuntu),用VMware虛擬了一臺機器安裝EVE-NG。用的是官網(wǎng)下載的最新社區(qū)版,還有一些其他資源我也放了在網(wǎng)盤上,請參考另外一篇文章: 2018-11-02 EVE-NG 安裝使用中設備無法啟動的問題
用VMware打開EVE-NG的虛擬機文件,進入EVE-NG,再做一些初始設置:
上傳以下文件到/opt/unetlab/addons/iol/bin 目錄:
root@eve-ng:/opt/unetlab/addons/iol/bin# ls
CiscoIOUKeygen.py L3-ADVENTERPRISEK9-M-15.2-M5.3.bin
iourc L3-ADVENTERPRISEK9-M-15.4-2T.bin
L2-ADVENTERPRISEK9-M-15.2-20150703.bin
運行 python CiscoIOUKeygen.py 文件生成序列號。
上傳幾個image文件到/opt/unetlab/addons/dynamips 目錄
root@eve-ng:/opt/unetlab/addons/dynamips# ls
c3725-adventerprisek9-mz.124-15.T14.image
c7200-adventerprisek9-mz.152-4.S7.image
通過網(wǎng)頁登錄EVE-NG,看到一些設備已經(jīng)點亮了
把Ansible也安裝在這臺服務器上,具體安裝過程請參考另一篇2018-10-31 Ansible 2.7.1在Ubuntu 16.4安裝使用
現(xiàn)在給虛擬機增加一塊網(wǎng)卡,編輯/etc/network/interfaces文件。這里說一下,我的第一塊網(wǎng)卡設定了一個公網(wǎng)地址,你也可以設置DHCP,用于上網(wǎng)和管理,第二塊網(wǎng)卡我用來和EVE-NG里的路由器互通。
root@eve-ng:/opt/unetlab/addons/dynamips#more /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
iface eth0 inet manual
auto pnet0
iface pnet0 inet static
address XX.XX.XX.XX
netmask 255.255.255.240
gateway XX.XX.XX.XX
dns-domain axing.com
dns-nameservers 8.8.8.8 8.8.4.4
bridge_ports eth0
bridge_stp off
# Cloud devices
iface eth1 inet manual
auto pnet1
iface pnet1 inet static
address 10.20.1.1
netmask 255.255.255.0
bridge_ports eth1
bridge_stp off
….
完了重啟網(wǎng)卡
root@eve-ng:~# /etc/init.d/networking restart
[ ok ] Restarting networking (via systemctl): networking.service.
現(xiàn)在要在在本機與EVE-NG模擬出來的路由器通訊,需要在模擬器里增加一個網(wǎng)絡,這里的Cloud1,會自動橋接到第二塊網(wǎng)卡(編號從0開始),模擬的路由器連接到這個網(wǎng)絡上,IP地址配到同一個網(wǎng)段,就可以互通了。
端口E0/0的地址和第二塊網(wǎng)卡在同一個網(wǎng)段,路由器啟用SSH(請參考2018-11-01 Cisco route enable ssh version 2),就可以用Ansible去管理了。
root@eve-ng:~# ping 10.20.1.4
PING 10.20.1.4 (10.20.1.4) 56(84) bytes of data.
64 bytes from 10.20.1.4: icmp_seq=1 ttl=255 time=1.18 ms
64 bytes from 10.20.1.4: icmp_seq=2 ttl=255 time=0.460 ms
64 bytes from 10.20.1.4: icmp_seq=3 ttl=255 time=0.486 ms
64 bytes from 10.20.1.4: icmp_seq=4 ttl=255 time=0.465 ms
^C
--- 10.20.1.4 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3048ms
rtt min/avg/max/mdev = 0.460/0.648/1.183/0.309 ms
root@eve-ng:~# ssh 10.20.1.4 -l cisco
Password:
R3>
root@eve-ng:~/ansible# ansible-playbook iso_facts_playbook-2.yaml
PLAY [Axing playbook] **********************************************************
TASK [use ios_facts to gather info] ********************************************
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for
more information. This feature will be removed in version 2.9\. Deprecation
warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
ok: [R1]
TASK [debug the result] ********************************************************
ok: [R1] => {
"msg": {
"ansible_facts": {
"ansible_net_all_ipv4_addresses": [
"10.20.1.2"
],
"ansible_net_all_ipv6_addresses": [],
"ansible_net_config”:
…... 省略
"ansible_net_hostname": "R1",
"ansible_net_image": "unix:/opt/unetlab/addons/iol/bin/L3-ADVENTERPRISEK9-M-15.4-2T.bin",
"ansible_net_interfaces": {
"Ethernet0/0": {
"bandwidth": 10000,
"description": null,
"duplex": null,
"ipv4": [
{
"address": "10.20.1.2",
"subnet": "24"
}
],
"lineprotocol": "up ",
"macaddress": "aabb.cc00.1000",
"mediatype": null,
"mtu": 1500,
"operstatus": "up",
"type": "AmdP2"
},
……省略
PLAY RECAP *********************************************************************
R1 : ok=2 changed=0 unreachable=0 failed=0
root@eve-ng:~/ansible#