This repository has been archived by the owner on Oct 11, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
pb.conf.bgp.oc.yaml
140 lines (119 loc) · 4.29 KB
/
pb.conf.bgp.oc.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
---
- name: create BGP Openconfig configuration
hosts: Openconfig_Routers
connection: local
gather_facts: no
tags:
- configuration
tasks:
- name: Render the template for devices.
template:
src: "{{ playbook_dir }}/bgp.j2"
dest: "{{ playbook_dir }}/{{ inventory_hostname }}.txt"
- name: Backup locally the config from the routers. Push on routers OC BGP config from templates, and commit.
junos_config:
provider: "{{ credentials }}"
src: "{{ playbook_dir }}/{{inventory_hostname}}.txt"
comment: "ansible playbook pb.conf.bgp.oc.yaml"
backup: yes
update: replace
src_format: text
- name: Send Slack notification to the team
local_action:
module: slack
#http://docs.ansible.com/ansible/slack_module.html
username: "Ansible on {{ inventory_hostname }}"
channel: openconfig
token: T2MBN64JX/B2N0Z2MEU/1OoB46XLX6Q1oFf89Xl2X9gq
icon_url: "https://www.ansible.com/hs-fs/hub/330046/file-448313641-png/favicon.png"
msg: "configuration commited using pb.conf.bgp.oc.yaml"
validate_certs: false
- name: wait for peers to establish BGP connections
hosts: localhost
gather_facts: no
tasks:
- pause: seconds=25
#http://docs.ansible.com/ansible/pause_module.html
- name: check bgp states
hosts: Openconfig_Routers
connection: local
gather_facts: no
roles:
- Juniper.junos
tags:
- audit
tasks:
- name: Check if physical Interfaces operational state are up
junos_command:
commands:
- "show interfaces terse {{ item.interface }}"
provider: "{{ credentials }}"
display: 'xml'
waitfor:
- "result[0]['rpc-reply']['interface-information']['physical-interface']['oper-status'] eq up"
with_items:
- "{{ topology }}"
when: ansible_version['major'] == 2 and ansible_version['minor']|int >= 4
- name: check if lldp neighbors are the ones we expect
junos_command:
provider: "{{ credentials }}"
commands:
- show lldp neighbors interface {{ item.interface }}
display: 'xml'
waitfor:
- "result[0]['rpc-reply']['lldp-neighbors-information']['lldp-neighbor-information']['lldp-remote-system-name'] == {{ item.neighbor }}"
retries: 5
interval: 2
with_items:
- "{{ topology }}"
when: ansible_version['major'] == 2 and ansible_version['minor']|int >= 4
- name: check if junos devices can ping BGP peer ip addresses
junos_ping:
host: "{{ junos_host }}"
user: "{{ ADMUSER }}"
passwd: "{{ ADMPASS }}"
dest_ip: "{{ item.address }}"
source_ip: "{{ item.local_address }}"
ttl: 1
with_items:
- "{{ bgp_neighbors }}"
- name: check bgp peers states
junos_command:
#http://docs.ansible.com/ansible/junos_command_module.html
provider: "{{ credentials }}"
display: 'xml'
commands:
- show bgp neighbor "{{ item.address }}"
waitfor:
- "result[0]['rpc-reply']['bgp-information']['bgp-peer']['peer-state'] eq Established"
retries: 10
interval: 2
with_items:
- "{{ bgp_neighbors }}"
when: ansible_version['major'] == 2 and ansible_version['minor']|int >= 4
# no_log: True
- name: check if junos devices learnt some routes with BGP
junos_command:
#http://docs.ansible.com/ansible/junos_command_module.html
provider: "{{ credentials }}"
commands:
- show route receive-protocol bgp "{{ item.address }}" table inet.0
waitfor:
- "result[0]['rpc-reply']['route-information']['route-table']['total-route-count'] gt 2"
display: 'xml'
retries: 10
interval: 2
with_items:
- "{{ bgp_neighbors }}"
when: ansible_version['major'] == 2 and ansible_version['minor']|int >= 4
# no_log: True
- name: Send Slack notification to the team
local_action:
module: slack
#http://docs.ansible.com/ansible/slack_module.html
icon_url: "https://www.ansible.com/hs-fs/hub/330046/file-448313641-png/favicon.png"
token: T2MBN64JX/B2N0Z2MEU/1OoB46XLX6Q1oFf89Xl2X9gq
username: "Ansible on {{ inventory_hostname }}"
channel: openconfig
msg: "audit completed using pb.conf.bgp.oc.yaml"
validate_certs: false