最近开始学Ansible, 现网环境全是华为设备(公司为了省钱……),所以用EVE-NG模拟思科设备来搭建环境。
下面这个图是EVE-NG要求的硬件和虚拟机条件,我自己的MAC只有8G内存,所以从公司找了一台比较空闲的服务器(Ubuntu),用VMware虚拟了一台机器安装EVE-NG。用的是官网下载的最新社区版,还有一些其他资源我也放了在网盘上,请参考另外一篇文章: 2018-11-02 EVE-NG 安装使用中设备无法启动的问题
用VMware打开EVE-NG的虚拟机文件,进入EVE-NG,再做一些初始设置:
上传以下文件到/opt/unetlab/addons/iol/bin 目录:
root@eve-ng:/opt/unetlab/addons/iol/bin# ls
CiscoIOUKeygen.py L3-ADVENTERPRISEK9-M-15.2-M5.3.bin
iourc L3-ADVENTERPRISEK9-M-15.4-2T.bin
L2-ADVENTERPRISEK9-M-15.2-20150703.bin
运行 python CiscoIOUKeygen.py 文件生成序列号。
上传几个image文件到/opt/unetlab/addons/dynamips 目录
root@eve-ng:/opt/unetlab/addons/dynamips# ls
c3725-adventerprisek9-mz.124-15.T14.image
c7200-adventerprisek9-mz.152-4.S7.image
通过网页登录EVE-NG,看到一些设备已经点亮了
把Ansible也安装在这台服务器上,具体安装过程请参考另一篇2018-10-31 Ansible 2.7.1在Ubuntu 16.4安装使用
现在给虚拟机增加一块网卡,编辑/etc/network/interfaces文件。这里说一下,我的第一块网卡设定了一个公网地址,你也可以设置DHCP,用于上网和管理,第二块网卡我用来和EVE-NG里的路由器互通。
root@eve-ng:/opt/unetlab/addons/dynamips#more /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
iface eth0 inet manual
auto pnet0
iface pnet0 inet static
address XX.XX.XX.XX
netmask 255.255.255.240
gateway XX.XX.XX.XX
dns-domain axing.com
dns-nameservers 8.8.8.8 8.8.4.4
bridge_ports eth0
bridge_stp off
# Cloud devices
iface eth1 inet manual
auto pnet1
iface pnet1 inet static
address 10.20.1.1
netmask 255.255.255.0
bridge_ports eth1
bridge_stp off
….
完了重启网卡
root@eve-ng:~# /etc/init.d/networking restart
[ ok ] Restarting networking (via systemctl): networking.service.
现在要在在本机与EVE-NG模拟出来的路由器通讯,需要在模拟器里增加一个网络,这里的Cloud1,会自动桥接到第二块网卡(编号从0开始),模拟的路由器连接到这个网络上,IP地址配到同一个网段,就可以互通了。
端口E0/0的地址和第二块网卡在同一个网段,路由器启用SSH(请参考2018-11-01 Cisco route enable ssh version 2),就可以用Ansible去管理了。
root@eve-ng:~# ping 10.20.1.4
PING 10.20.1.4 (10.20.1.4) 56(84) bytes of data.
64 bytes from 10.20.1.4: icmp_seq=1 ttl=255 time=1.18 ms
64 bytes from 10.20.1.4: icmp_seq=2 ttl=255 time=0.460 ms
64 bytes from 10.20.1.4: icmp_seq=3 ttl=255 time=0.486 ms
64 bytes from 10.20.1.4: icmp_seq=4 ttl=255 time=0.465 ms
^C
--- 10.20.1.4 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3048ms
rtt min/avg/max/mdev = 0.460/0.648/1.183/0.309 ms
root@eve-ng:~# ssh 10.20.1.4 -l cisco
Password:
R3>
root@eve-ng:~/ansible# ansible-playbook iso_facts_playbook-2.yaml
PLAY [Axing playbook] **********************************************************
TASK [use ios_facts to gather info] ********************************************
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for
more information. This feature will be removed in version 2.9\. Deprecation
warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
ok: [R1]
TASK [debug the result] ********************************************************
ok: [R1] => {
"msg": {
"ansible_facts": {
"ansible_net_all_ipv4_addresses": [
"10.20.1.2"
],
"ansible_net_all_ipv6_addresses": [],
"ansible_net_config”:
…... 省略
"ansible_net_hostname": "R1",
"ansible_net_image": "unix:/opt/unetlab/addons/iol/bin/L3-ADVENTERPRISEK9-M-15.4-2T.bin",
"ansible_net_interfaces": {
"Ethernet0/0": {
"bandwidth": 10000,
"description": null,
"duplex": null,
"ipv4": [
{
"address": "10.20.1.2",
"subnet": "24"
}
],
"lineprotocol": "up ",
"macaddress": "aabb.cc00.1000",
"mediatype": null,
"mtu": 1500,
"operstatus": "up",
"type": "AmdP2"
},
……省略
PLAY RECAP *********************************************************************
R1 : ok=2 changed=0 unreachable=0 failed=0
root@eve-ng:~/ansible#