Last active
May 13, 2020 16:09
-
-
Save awilki01/54d459cadfdecd72a42a67393570e8fe to your computer and use it in GitHub Desktop.
Cisco Switch IOS Upgrade Ansible Playbook
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Upgrade a Cisco IOS Device | |
hosts: ios_switch | |
tasks: | |
- name: Gathering Facts | |
ios_facts: | |
gather_subset: hardware | |
provider: "{{ creds_ssh }}" | |
tags: always | |
- name: Copying image to device flash | |
ntc_file_copy: | |
platform: cisco_ios_ssh | |
local_file: images/{{ image }} | |
host: "{{ inventory_hostname }}" | |
username: "{{ username }}" | |
password: "{{ password }}" | |
when: ansible_net_version != "{{ standard_version }}" | |
tags: copy | |
- name: Setting boot image | |
ios_config: | |
lines: | |
- no boot system | |
- boot system flash:{{ image }} | |
provider: "{{ creds_ssh }}" | |
host: "{{ inventory_hostname }}" | |
when: ansible_net_version != "{{ standard_version }}" | |
tags: set_boot | |
notify: save config | |
- name: Backup config | |
ntc_save_config: | |
platform: cisco_ios_ssh | |
host: "{{ inventory_hostname }}" | |
username: "{{ username }}" | |
password: "{{ password }}" | |
local_file: backup/{{ inventory_hostname }}.cfg | |
when: ansible_net_version != "{{ standard_version }}" | |
tags: backup | |
- name: Reloading the device | |
ntc_reboot: | |
platform: cisco_ios_ssh | |
confirm: true | |
timer: 2 | |
host: "{{ inventory_hostname }}" | |
username: "{{ username }}" | |
password: "{{ password }}" | |
when: ansible_net_version != "{{ standard_version }}" | |
tags: reload | |
- name: Verifying connectivity | |
wait_for: | |
port: 22 | |
host: "{{ inventory_hostname }}" | |
timeout: 600 | |
- ios_command: | |
commands: ping 8.8.8.8 | |
provider: "{{ creds_ssh }}" | |
wait_for: | |
- result[0] contains "!!!" | |
register: result | |
failed_when: "not '!!!' in result.stdout[0]" | |
tags: verify | |
handlers: | |
- name: save config | |
ios_config: | |
provider: "{{ creds_ssh }}" | |
save_when: always |
Interesting stuff.
Gives me an idea or two on how to improve on my script too :).
Check it out here:
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi awilki01,
I need to provide port security to cisco switch but i am facing problems can u plz help me ?
here is my playbook:-
gather_facts: true
vars:
ansible_become: yes
ansible_become_method: enable
ansible_user: cisco
ansible_password: cisco
ansible_become_pass: cisco
ansible_network_os: ios
ansible_connection: network_cli
tasks:
ios_config:
lines:
here the error:-
**The full traceback is:
WARNING: The below traceback may not be related to the actual failure.
File "/tmp/ansible_ios_command_payload_6a9kGj/ansible_ios_command_payload.zip/ansible/module_utils/network/ios/ios.py", line 145, in run_commands
return connection.run_commands(commands=commands, check_rc=check_rc)
File "/tmp/ansible_ios_command_payload_6a9kGj/ansible_ios_command_payload.zip/ansible/module_utils/connection.py", line 182, in rpc
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [cisco]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"auth_pass": null,
"authorize": null,
"commands": [
"interface fastEthernet0/24",
"switchport mode access",
"switchport port security",
"switchport security maximum 1",
"switchport port security mac-address sticky",
"switchport port security voilation shutdown"
],
"host": null,
"interval": 1,
"match": "all",
"password": null,
"port": null,
"provider": null,
"retries": 10,
"ssh_keyfile": null,
"timeout": null,
"username": null,
"wait_for": null
}
},
"msg": "interface fastEthernet0/24\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\r\nSwitch#"
}
to retry, use: --limit @/var/lib/awx/projects/network/switch/tasks/portsecurity.retry
PLAY RECAP *************************************************************************************************************************************************************
cisco : ok=0 changed=0 unreachable=0 failed=1**