Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AnsibleではじめるNW設定の自動化について - Cisco(VIRL)編 -

2,958 views

Published on

2018年10月の#ssmjp
~Ansibleを語る会~

Published in: Technology
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/y6a5rkg5 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download Full EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ACCESS WEBSITE for All Ebooks ......................................................................................................................... Download Full PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... Download doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

AnsibleではじめるNW設定の自動化について - Cisco(VIRL)編 -

  1. 1. Ansibleではじめる
 NW設定の自動化について - Cisco(VIRL)編 - 2018/10/12 1
  2. 2. - 非ネットワークエンジニア:
 - サーバ・インフラ/アプリケーション側の人 - お仕事柄、NW関係に携わることが多い: - NWの構成管理,自動設定, SDN etc.. - NW技術が好き - 最近のつらみ: Java有償化 https://www.facebook.com/yasuyuki.sugai よろしくお願いしまーす ※この資料の内容は、 個人の見解です 自己紹介 菅井 康之 2
  3. 3. 
 
 ・副題 ・VIRLすごいよ! V・I・R・L! V・I・R・L! ・余談 ・ngrokまぢ便利 3
  4. 4. 4 https://www.slideshare.net/akira6592/ansiblesvnwautomation20181012ssmjp-119201162 
 

  5. 5. 
 
 5 重くてとても持ってこれません。。。
  6. 6. 6 
 
 
 自動化業務する人におすすめ!!
  7. 7. 
 7
  8. 8. 
 8
  9. 9. 
 
 9
  10. 10. 
 10
  11. 11. 
 
 
 
 11 下手するとNW機器買わずにVIRLだけで
 本番のNW組めちゃうけど、それはやっちゃダメ
  12. 12. 
 12
  13. 13. 
 
 
 
 13 下手するとNW機器買わずに(ry https://learningnetwork.cisco.com/docs/DOC-30476
  14. 14. 
 14
  15. 15. 
 
 
 
 15 http://archive.virl.info/virl.cluster.php 下手すると(ry
  16. 16. 今日はAnsibleの話をしないといけないので、 一旦ここまで・・・
  17. 17. 18
  18. 18. 19 えっ・・・、私のMacBookAir スペック低すぎ!?
  19. 19. 20
  20. 20. 21 
 

  21. 21. 22
  22. 22. 23 https://ngrok.com/product セキュリティには 十分留意ください 見られても良いやつだけ
  23. 23. 25 VIRL-NW 172.16.1.0/16 WORK-NW 10.102.0.0/22 my-pc internet VIRL VM 172.16.1.250 10.102.3.125 10.102.2.193 static なぜか/22なのは、うちのマンションの仕様です。。。
  24. 24. 26 全部VIRLの上に載っけています
  25. 25. 27
  26. 26. 28
  27. 27. 29 vlan10 vlan20 vlan10 vlan20
  28. 28. 30
  29. 29. switch# configure terminal switch(config)# hostname core-sw core-sw(config)# no feature ssh core-sw(config)# ssh key rsa 1024 core-sw(config)# feature ssh core-sw(config)# vrf context management core-sw(config-vrf)# ip route 0.0.0.0/0 172.16.1.250 core-sw(config-vrf)# exit core-sw(config)# interface mgmt0 core-sw(config-if)# ip address 172.16.1.200/16 core-sw(config-if)# no shutdown core-sw(config-if)# end core-sw# copy running-config startup-config 
  30. 30. Switch>enable Switch#configure terminal Switch(config)#enable secret cisco Switch(config)#hostname edge-sw-a edge-sw-a(config)#username cisco password cisco edge-sw-a(config)#ip domain-name sugawi.jp edge-sw-a(config)#crypto key generate rsa How many bits in the modulus [512]: 1024 edge-sw-a(config)#ip ssh version 2 edge-sw-a(config)#line vty 0 4 edge-sw-a(config-line)#transport input telnet ssh edge-sw-a(config-line)#login local edge-sw-a(config-line)#exit edge-sw-a(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.250 edge-sw-a(config)#interface Vlan1 edge-sw-a(config-if)#ip address 172.16.1.210 255.255.0.0 edge-sw-a(config-if)#no shutdown edge-sw-a(config-if)#end edge-sw-a#write memory
  31. 31. 33 172.16.1.200 core-sw 172.16.1.210 edge-sw-a 172.16.1.220 edge-sw-b 172.16.1.230 edge-sw-c 172.16.1.110 server-1 172.16.1.120 server-2 172.16.1.130 server-3 172.16.1.140 server-4
  32. 32. 34 fatal: [172.16.1.30]: FAILED! => {"msg": "paramiko: The authenticity of host 'XXXX' can't be established.nThe ssh-rsa key fingerprint is XXXX."}
  33. 33. 35 [edge-sw_ios] edge-sw-a edge-sw-b edge-sw-c [core-sw_nxos] core-sw [edge-sw_ios:vars] ansible_connection=network_cli ansible_network_os=ios ansible_user=cisco ansible_ssh_pass=cisco ansible_become=yes ansible_become_method=enable ansible_become_pass=cisco [core-sw_nxos:vars] ansible_connection=network_cli ansible_network_os=nxos ansible_user=admin ansible_ssh_pass=admin ansible_become=no
  34. 34. 36 

  35. 35. 37 https://docs.ansible.com/ansible/2.6/modules/
  36. 36. 38
  37. 37. 39 https://docs.ansible.com/ansible/2.6/modules/nxos_vlan_module.html - hosts: core-sw_nxos tasks: - name: Create vlan nxos_vlan: vlan_id: 120 name: test-vlan state: present
  38. 38. 40 $ ansible-playbook -i inventory vlan_for_nxos.yml -vvv PLAYBOOK: vlan_for_nxos.yml ************ 1 plays in vlan_for_nxos.yml PLAY [core-sw_nxos] ******************** TASK [Gathering Facts] ***************** ok: [core-sw] TASK [Create vlan] ********************* changed: [core-sw] => { "changed": true, "commands": [ "vlan 120", "name test-vlan", "state active", "no shutdown", "exit" ], PLAY RECAP ***************************** core-sw : ok=2 changed=1 unreachable=0 failed=0
  39. 39. 41 core-sw# show running-config : vlan 1,120 vlan 120 name test-vlan : $ ansible-playbook -i inventory vlan_for_nxos.yml -vvv PLAY RECAP ******************************************************************** core-sw : ok=2 changed=0 unreachable=0 failed=0
  40. 40. 42
  41. 41. 43 
 

  42. 42. 44 - hosts: core-sw_nxos tasks: - name: Create vlan v2 nxos_vlan: vlan_id: 130 name: test-vlan2 interfaces: - Ethernet3/1 state: present core-sw# show running-config : interface Ethernet3/1 shutdown no switchport mac-address 0000.0000.002f :
  43. 43. 45 $ ansible-playbook -i inventory vlan_for_nxos_v2.yml -vvv PLAYBOOK: vlan_for_nxos_v2.yml **************************************** 1 plays in vlan_for_nxos_v2.yml PLAY [core-sw_nxos] *************************************************** TASK [Gathering Facts] ************************************************ ok: [core-sw] TASK [Create vlan v2] ************************************************* changed: [core-sw] => { "changed": true, "commands": [ "vlan 130", "name test-vlan2", "state active", "no shutdown", "exit", "interface Ethernet3/1", "switchport", "switchport mode access", "switchport access vlan 130" ], PLAY RECAP ************************************************************ core-sw : ok=2 changed=1 unreachable=0 failed=0
  44. 44. 46 core-sw# show running-config : vlan 1,120,130 vlan 120 name test-vlan vlan 130 name test-vlan2 : interface Ethernet3/1 shutdown switchport switchport access vlan 130 :
  45. 45. 47 https://docs.ansible.com/ansible/2.6/modules/nxos_l2_interface_module.html - hosts: core-sw_nxos tasks: - name: mode to tagged port nxos_l2_interface: name: Ethernet3/2 mode: trunk trunk_allowed_vlans: 130
  46. 46. 48 $ ansible-playbook -i inventory l2port_for_nxos.yml -vvv PLAYBOOK: l2port_for_nxos.yml ************************************ 1 plays in l2port_for_nxos.yml PLAY [core-sw_nxos] ********************************************** TASK [Gathering Facts] ******************************************* ok: [core-sw] TASK [mode to tagged port] *************************************** fatal: [core-sw]: FAILED! => { "changed": false, "msg": "Ensure interface is configured to be a L2nport first before using this module. You can usenthe nxos_interface module for this." } PLAY RECAP ******************************************************* core-sw : ok=1 changed=0 unreachable=0 failed=1
  47. 47. 49 - hosts: core-sw_nxos tasks: - name: mode to layer2 nxos_interface: name: Ethernet3/2 mode: layer2 - name: mode to tagged port nxos_l2_interface: name: Ethernet3/2 mode: trunk trunk_allowed_vlans: 130 core-sw# show running-config : interface Ethernet3/2 shutdown no switchport mac-address 0000.0000.002f : 

  48. 48. 50 $ ansible-playbook -i inventory l2port_for_nxos_v2.yml -vvv PLAYBOOK: l2port_for_nxos_v2.yml ***************************************************** 1 plays in l2port_for_nxos_v2.yml PLAY [core-sw_nxos] ****************************************************************** TASK [Gathering Facts] *************************************************************** ok: [core-sw] TASK [mode to layer2] **************************************************************** changed: [core-sw] => { "changed": true, "commands": [ "interface Ethernet3/2", "switchport", "no shutdown", "interface Ethernet3/2", "no shutdown" ], TASK [mode to tagged port] *********************************************************** changed: [core-sw] => { "changed": true, "commands": [ "interface ethernet3/2", "switchport mode trunk", "switchport trunk allowed vlan 130" ], PLAY RECAP *************************************************************************** core-sw : ok=3 changed=2 unreachable=0 failed=0
  49. 49. 51 core-sw# show running-config : interface Ethernet3/2 switchport switchport mode trunk switchport trunk allowed vlan 130 no shutdown : PLAY RECAP ********************************************************************* core-sw : ok=3 changed=0 unreachable=0 failed=0
  50. 50. 52
  51. 51. 53 https://docs.ansible.com/ansible/2.6/modules/ios_vlan_module.html - hosts: edge-sw_ios tasks: - name: Create vlan ios_vlan: vlan_id: 120 name: test-vlan interfaces: - GigabitEthernet0/4 state: present
  52. 52. 54 $ ansible-playbook -i inventory vlan_for_ios.yml -vvv PLAYBOOK: vlan_for_ios.yml ********************************************** 1 plays in vlan_for_ios.yml PLAY [edge-sw_ios] ****************************************************** TASK [Gathering Facts] ************************************************** ok: [edge-sw-a] TASK [Create vlan] ****************************************************** changed: [edge-sw-a] => { "changed": true, "commands": [ "vlan 120", "name test-vlan", "interface GigabitEthernet0/4", "switchport mode access", "switchport access vlan 120" ], PLAY RECAP ************************************************************** edge-sw-a : ok=2 changed=1 unreachable=0 failed=0
  53. 53. 55 edge-sw-a#show running-config : interface GigabitEthernet0/4 switchport access vlan 120 switchport mode access media-type rj45 negotiation auto : PLAY RECAP ************************************************************* edge-sw-a : ok=2 changed=0 unreachable=0 failed=0 interface GigabitEthernet0/4 media-type rj45 negotiation auto
  54. 54. 56
  55. 55. 57 https://docs.ansible.com/ansible/2.6/modules/ios_l2_interface_module.html - hosts: edge-sw_ios tasks: - name: mode to tagged port ios_l2_interface: name: GigabitEthernet0/5 mode: trunk trunk_allowed_vlans: 120
  56. 56. 58 $ ansible-playbook -i inventory l2port_for_ios.yml -vvv PLAYBOOK: l2port_for_ios.yml ***************************************************** 1 plays in l2port_for_ios.yml PLAY [edge-sw_ios] *************************************************************** TASK [Gathering Facts] *********************************************************** ok: [edge-sw-a] TASK [mode to tagged port] ******************************************************* changed: [edge-sw-a] => { "changed": true, "commands": [ "interface gigabitethernet0/5", "switchport mode trunk", "switchport trunk allowed vlan 120" ], PLAY RECAP *********************************************************************** edge-sw-a : ok=2 changed=1 unreachable=0 failed=0
  57. 57. 59 edge-sw-a#show running-config : interface GigabitEthernet0/5 switchport trunk allowed vlan 120 media-type rj45 negotiation auto :
  58. 58. 60 - hosts: edge-sw_ios tasks: - name: encapsulation dot1q ios_config: lines: - switchport trunk encapsulation dot1q parents: interface GigabitEthernet0/5 - name: mode to tagged port ios_l2_interface: name: GigabitEthernet0/5 mode: trunk trunk_allowed_vlans: 120
  59. 59. 61 $ ansible-playbook -i inventory l2port_for_ios_v2.yml -vvv PLAYBOOK: l2port_for_ios_v2.yml ********************************************* 1 plays in l2port_for_ios_v2.yml PLAY [edge-sw_ios] ********************************************************** TASK [Gathering Facts] ****************************************************** ok: [edge-sw-a] TASK [encapsulation dot1q] ************************************************** changed: [edge-sw-a] => { "changed": true, "commands": [ "interface GigabitEthernet0/5", "switchport trunk encapsulation dot1q" ], TASK [mode to tagged port] ************************************************* changed: [edge-sw-a] => { "changed": true, "commands": [ "interface gigabitethernet0/5", "switchport mode trunk" ], PLAY RECAP ***************************************************************** edge-sw-a : ok=3 changed=2 unreachable=0 failed=0
  60. 60. 62 edge-sw-a#show running-config : interface GigabitEthernet0/5 switchport trunk allowed vlan 120 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto :
  61. 61. 63 PLAY RECAP ****************************************************************** edge-sw-a : ok=3 changed=0 unreachable=0 failed=0
  62. 62. 64 https://qiita.com/akira6592/items/92e6efc478978eb41eac
  63. 63. 
 
 65
  64. 64. 66
  65. 65. 67 vlan10 vlan20 vlan10 vlan20
  66. 66. 
 
 68 
 
 
 もちろんワンタイム的な使い方もあると思っています
  67. 67. 69  一般的なPlaybookの構成ではなく、 最低限のファイルだけ置いてあります
  68. 68. 70 [edge-sw_ios] edge-sw-a edge-sw-b edge-sw-c [core-sw_nxos] core-sw [edge-sw_ios:vars] ansible_connection=network_cli ansible_network_os=ios ansible_user=cisco ansible_ssh_pass=cisco ansible_become=yes ansible_become_method=enable ansible_become_pass=cisco [core-sw_nxos:vars] ansible_connection=network_cli ansible_network_os=nxos ansible_user=admin ansible_ssh_pass=admin ansible_become=no
  69. 69. 71 

  70. 70. 72 

  71. 71. 73
  72. 72. 74 

  73. 73. 75 

  74. 74. 76 
 

  75. 75. 77
  76. 76. 78 $ ansible-playbook -i inventory add_edge_for_edge_sw.yml PLAY [configuration add edge-sw for edge-sw] *********************************************************************************************************************************** TASK [Gathering Facts] ****************************************************************************************************************************************************** ok: [edge-sw-a] ok: [edge-sw-b] ok: [edge-sw-c] TASK [Create dummy vlan] ******************************************************************************************************************************************************* changed: [edge-sw-a] changed: [edge-sw-b] changed: [edge-sw-c] TASK [upport initialize] ******************************************************************************************************************************************************* changed: [edge-sw-a] changed: [edge-sw-b] changed: [edge-sw-c] TASK [upport mode to tagged port] ********************************************************************************************************************************************** changed: [edge-sw-a] changed: [edge-sw-b] changed: [edge-sw-c] PLAY RECAP ******************************************************************************************************************************************************* ************** edge-sw-a : ok=4 changed=3 unreachable=0 failed=0 edge-sw-b : ok=4 changed=3 unreachable=0 failed=0 edge-sw-c : ok=4 changed=3 unreachable=0 failed=0
  77. 77. 79 $ ansible-playbook -i inventory add_edge_for_edge_sw.yml PLAY [configuration add edge-sw for edge-sw] *********************************************************************************************************************************** TASK [Gathering Facts] ****************************************************************************************************************************************************** ok: [edge-sw-a] ok: [edge-sw-b] ok: [edge-sw-c] TASK [Create dummy vlan] ******************************************************************************************************************************************************* ok: [edge-sw-a] ok: [edge-sw-b] ok: [edge-sw-c] TASK [upport initialize] ******************************************************************************************************************************************************* ok: [edge-sw-a] ok: [edge-sw-b] ok: [edge-sw-c] TASK [upport mode to tagged port] ********************************************************************************************************************************************** ok: [edge-sw-a] ok: [edge-sw-b] ok: [edge-sw-c] PLAY RECAP ******************************************************************************************************************************************************* ************** edge-sw-a : ok=4 changed=0 unreachable=0 failed=0 edge-sw-b : ok=4 changed=0 unreachable=0 failed=0 edge-sw-c : ok=4 changed=0 unreachable=0 failed=0 冪等性確認
  78. 78. 80 $ ansible-playbook -i inventory add_edge_for_core-sw.yml PLAY [configuration add edge-sw for core-sw] ****************************************************************************************************************** TASK [Gathering Facts] ****************************************************************************************************************** ok: [core-sw] TASK [Create dummy vlan] ****************************************************************************************************************** changed: [core-sw] TASK [downport mode to layer2] ****************************************************************************************************************** changed: [core-sw] PLAY RECAP ****************************************************************************************************************** core-sw : ok=3 changed=2 unreachable=0 failed=0
  79. 79. 81 $ ansible-playbook -i inventory add_edge_for_core-sw.yml PLAY [configuration add edge-sw for core-sw] ****************************************************************************************************************** TASK [Gathering Facts] ****************************************************************************************************************** ok: [core-sw] TASK [Create dummy vlan] ****************************************************************************************************************** ok: [core-sw] TASK [downport mode to layer2] ****************************************************************************************************************** ok: [core-sw] PLAY RECAP ****************************************************************************************************************** core-sw : ok=3 changed=0 unreachable=0 failed=0 冪等性確認
  80. 80. 82 $ ansible-playbook -i inventory provisioning_for_edge-sw.yml PLAY [configuration provisioning for edge-sw] ********************************************************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************************************************* ok: [edge-sw-a] TASK [add vlan] **************************************************************************************************************************************************************** changed: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) changed: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) TASK [description server name] ************************************************************************************************************************************************* skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) changed: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) changed: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) TASK [allowed trunk vlan] ****************************************************************************************************************************************************** changed: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) : PLAY RECAP ********************************************************************************************************************************************************************* edge-sw-a : ok=4 changed=3 unreachable=0 failed=0 数が多いので、1ノード分だけ+一部省略
  81. 81. 83 $ ansible-playbook -i inventory provisioning_for_edge-sw.yml PLAY [configuration provisioning for edge-sw] ********************************************************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************************************************* ok: [edge-sw-a] TASK [add vlan] **************************************************************************************************************************************************************** ok: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) ok: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) TASK [description server name] ************************************************************************************************************************************************* skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) ok: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) ok: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) TASK [allowed trunk vlan] ****************************************************************************************************************************************************** ok: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}]) skipping: [edge-sw-b] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}]) skipping: [edge-sw-a] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}]) : PLAY RECAP ********************************************************************************************************************************************************************* edge-sw-a : ok=4 changed=0 unreachable=0 failed=0 冪等性確認 whenで対象にならない変数の組み合わせはskippingされます。 変数見て正しいか目視でも確認可能。
  82. 82. 84 $ ansible-playbook -i inventory provisioning_for_core-sw.yml PLAY [configuration provisioning for core-sw] ********************************************************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************************************************* ok: [core-sw] TASK [add vlan] **************************************************************************************************************************************************************** changed: [core-sw] => (item={u'vlan': 10, u'name': u'serviceA'}) changed: [core-sw] => (item={u'vlan': 20, u'name': u'serviceB'}) TASK [allowed trunk vlan] ****************************************************************************************************************************************************** changed: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) changed: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) changed: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) changed: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) PLAY RECAP ********************************************************************************************************************************************************************* core-sw : ok=3 changed=2 unreachable=0 failed=0
  83. 83. 85 $ ansible-playbook -i inventory provisioning_for_core-sw.yml PLAY [configuration provisioning for core-sw] ********************************************************************************************************************************** TASK [Gathering Facts] ********************************************************************************************************************************************************* ok: [core-sw] TASK [add vlan] **************************************************************************************************************************************************************** ok: [core-sw] => (item={u'vlan': 10, u'name': u'serviceA'}) ok: [core-sw] => (item={u'vlan': 20, u'name': u'serviceB'}) TASK [allowed trunk vlan] ****************************************************************************************************************************************************** ok: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) ok: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 10, u'name': u'serviceA'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-1', u'service': u'serviceA', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) ok: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/3', u'name': u'server-2', u'service': u'serviceB', u'edge_sw': u'edge-sw-a'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-3', u'service': u'serviceA', u'edge_sw': u'edge-sw-b'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/1', u'edge_sw': u'edge-sw-a'}]) skipping: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/2', u'edge_sw': u'edge-sw-b'}]) ok: [core-sw] => (item=[{u'vlan': 20, u'name': u'serviceB'}, {u'port': u'GigabitEthernet0/2', u'name': u'server-4', u'service': u'serviceB', u'edge_sw': u'edge-sw-c'}, {u'port': u'Ethernet2/3', u'edge_sw': u'edge-sw-c'}]) PLAY RECAP ********************************************************************************************************************************************************************* core-sw : ok=3 changed=0 unreachable=0 failed=0 冪等性確認
  84. 84. 86 core-sw#show running-config : vlan 1,10,20,99 vlan 10 name Vlan_serviceA" vlan 20 name Vlan_serviceB" vlan 99 name dummy-Vlan" : interface Ethernet2/1 description connect to edge-sw-a switchport switchport mode trunk switchport trunk allowed vlan 10,20,99 no shutdown interface Ethernet2/2 description connect to edge-sw-b switchport switchport mode trunk switchport trunk allowed vlan 10,99 no shutdown interface Ethernet2/3 description connect to edge-sw-c switchport switchport mode trunk switchport trunk allowed vlan 20,99 no shutdown : edge-sw-a#show running-config : interface GigabitEthernet0/1 description connect to core-sw switchport trunk allowed vlan 10,20,99 switchport trunk encapsulation dot1q switchport mode trunk media-type rj45 negotiation auto ! interface GigabitEthernet0/2 description connect to server-1 switchport access vlan 10 switchport mode access media-type rj45 negotiation auto ! interface GigabitEthernet0/3 description connect to server-2 switchport access vlan 20 switchport mode access media-type rj45 negotiation auto ! : なんだかんだで想定通りに設定できました edge-sw-b,edge-sw-cは割愛
  85. 85. 冪等性まぢ大事
  86. 86. 何回か動かしたら分かるレベルの ヤバさなので、まぁ気づくと思いますが。。。
  87. 87. 
 
 89 NW機器もサーバ側もAnsibleでまとめて設定、 動作確認を実施することができます
  88. 88. 
 
 
 90
  89. 89. おわり。 91

×