Hello and welcome to the seventh video in our Ansible workbook series where we will look at iBGP with Ansible along side Juniper ospf.and following on directly from Lab-06.
As we can see here, another Junos router has been added into our topology.
The Scenario
In our scenario here is we’ve been requested by our manager to add in the second Juniper router and configure both routers for OSPF.
We have also been tasked with setting up iBGP between the four named routers in preparation for future configurations.
OSPF has been removed from the edge routers, and the non-area 0 OSPF configurations have been removed from the named routers.
Our tasks are to inspect the host YAML files for the Juniper devices, apply OSPF via a playbook to Junos one and Junos two, and create a playbook to verify the OSPF configurations on the Juniper devices.
Then, we need to inspect the host YAML files for the named routers, create a BGP Jinja2 template based off the host YAML files,
write a playbook that will add BGP to the named routers using the Jinja2 template, and build a playbook to validate the BGP configuration on the named routers. All in all, not an awful lot to where we’re up to with this.
So, let’s get the pen up so we can see where we, what we need to do.
Okay. So, what, what we, where we are so far is we have removed the OSPF between these devices. So, there are no OSPF neighbor relationships and no OSPF configuration on any of the edge devices.
We’ve removed the OSPF from the named routers that link back to it. So, they only have OSPF area 0 now.
The Host files
In regards to the Junos routers, what we have already is the basic host file structure. We need to ensure that the interfaces we intend to use for OSPF are listed within the interfaces section of our host YAML files for both Junos1 and Junos2.
interfaces:
- name: ge-0/0/0.0
- name: ge-0/0/1.0
- name: ge-0/0/2.0
- name: lo0.0
These interface names, like ge-0/0/0.0 and the loopback interface lo0.0, are the ones we will be referencing in our Ansible playbook to enable OSPF on them.
Moving on to the named routers – London, Manchester, America, and Asia – we need to examine their host YAML files as well. These files contain the necessary information for configuring iBGP.
For a router like Manchester, we have a section labeled ibgp which contains its Autonomous System Number (asn), its BGP router ID (bgp_router_id), and details about its BGP peers.
ibgp:
asn: "65000"
bgp_router_id: 1.1.1.1
peers:
- neighbor: "2.2.2.2"
peer_asn: "65000"
update_source: "lo0"
- neighbor: "4.4.4.4"
peer_asn: "65000"
update_source: "lo0"
Here, we can see Manchester’s ASN is 65000, its router ID is 1.1.1.1, and it has two iBGP peers with neighbor addresses 2.2.2.2 and 4.4.4.4, both also in ASN 65000.
The update_source is set to the loopback interface lo0, which is a common practice for establishing stable BGP peerings.
It’s crucial that these details are accurate in our host files, as the Ansible playbook will use this information to configure BGP.
Now that we’ve had a look at the host files, we can proceed to the next step, which is applying the OSPF configuration to the two Junos routers.
We’ll achieve this using an Ansible playbook. This playbook will target the hosts in the junos group and will use the junipernetworks.junos.junos_ospfv2 module to push the OSPF configuration.
Creating Juniper Playbook
---
- name: Add OSPF to Junos Routers
hosts: junos
gather_facts: no
tasks:
- name: Add OSPF Configuration
junipernetworks.junos.junos_ospfv2:
config:
- areas:
- area_id: 0.0.0.0
interfaces:
- name: ge-0/0/0.0
- name: ge-0/0/1.0
- name: ge-0/0/2.0
- name: lo0.0
passive: true
In this playbook, we define a task named “Add OSPF Configuration.” This task utilizes the junos_ospfv2 module to configure OSPF.
We are specifying that we want to configure OSPF area 0 (area_id: 0.0.0.0) and include the interfaces listed under the interfaces section.
Notably, we are also setting the loopback interface lo0.0 as passive, which means it will participate in OSPF but will not form adjacencies. This is often done for loopback interfaces used as router IDs.
After applying the OSPF configuration, we need to verify that the configuration has been applied correctly and that OSPF neighbor relationships are being established, For this, we can create another Ansible playbook called show_junos_ospf.yml
Juniper OSPF Show Playbook
---
- name: show OSPF Config
hosts: junos
gather_facts: no
tasks:
- name: Check OSPF Neighbors
junipernetworks.junos.junos_command:
commands: show ospf neighbor
register: ospf_neighbors
- name: Display OSPF Neighbors
debug:
var: ospf_neighbors.stdout_lines
- name: Check OSPF Routes
junipernetworks.junos.junos_command:
commands: show route protocol ospf
register: ospf_routes
- name: Display OSPF Routes
debug:
var: ospf_routes.stdout_lines
This playbook has two main sets of tasks. The first set checks the OSPF neighbors using the show ospf neighbor command on the Junos devices. The output of this command is registered in a variable called ospf_neighbors, and then we display the lines of this output using the debug module. This allows us to see if our OSPF adjacencies have formed successfully.
The second set of tasks checks the OSPF routes using the show route protocol ospf command. The output is registered in ospf_routes, and again, we use the debug module to display the learned OSPF routes. This confirms that routing information is being exchanged via OSPF.
iBGP with Ansible
With OSPF configured and verified on the Junos routers, we now turn our attention to configuring iBGP on the named routers. The first step here is to create a Jinja2 template. This template will define the BGP configuration, and it will use the variables we defined in the host YAML files for each of the named routers.
The BGP jinja Template
router bgp {{ ibgp.asn }}
bgp router-id {{ ibgp.bgp_router_id }}
{% for peer in ibgp.peers %}
neighbor {{ peer.neighbor }} remote-as {{ peer.peer_asn }}
neighbor {{ peer.neighbor }} update-source {{ peer.update_source }}
neighbor {{ peer.neighbor }} next-hop-self
{% endfor %}
In this template, {{ ibgp.asn }} and {{ ibgp.bgp_router_id }} are variables that will be populated from the ibgp section of each router’s host YAML file. The {% for peer in ibgp.peers %} loop iterates through the list of peers defined for each router.
For each peer, it configures the neighbor IP address ({{ peer.neighbor }}), the remote Autonomous System number ({{ peer.peer_asn }}), the update source ({{ peer.update_source }}), and the next-hop-self command, which is often used in iBGP configurations.
iBGP with Ansible Playbook
Once the Jinja2 template is created, we need a playbook to apply this configuration to our named routers. We’ll call this playbook add_bgp.yml
---
- name: Add BGP to Named Routers
hosts: routers
gather_facts: no
tasks:
- name: Configure BGP
cisco.ios.ios_config:
lines: "{{ lookup('template', 'bgp.j2') }}"
This playbook targets the routers group, which includes our named routers. The task named “Configure BGP” uses the cisco.ios.ios_config module to apply configuration lines to the Cisco IOS devices. The lookup('template', 'bgp.j2') function renders our Jinja2 template, using the host-specific variables, and the resulting configuration is then applied to each router.
Finally, to ensure that our BGP configuration is working correctly, we need to create a playbook to validate it. Let’s call this playbook show_bgp.yml
---
- name: show BGP Config
hosts: routers
gather_facts: no
tasks:
- name: Check BGP
cisco.ios.ios_command:
commands:
- show bgp neighbor
- show bgp summary
register: bgp
- name: Display BGP Output
debug:
msg: "{{ bgp.stdout_lines }}"All Done
Ok we have achived our tast of configuring iBGP with Ansible, we run our verify_bgp.yml playbook, and we take a look at the output of those show bgp neighbor and show bgp summary commands.
What we’re really looking for with the show bgp neighbor is to see that our neighbors have come up properly – that the state says Established. If we see that, it means our BGP sessions are active, and the routers are talking to each other and should be able to exchange routes.
Then, with the show bgp summary, we get a bit of a bird’s-eye view of the BGP setup on each router. It tells us things like the router ID, our local ASN, and a quick rundown of our neighbors, including how many routes we’re getting from them. It’s a good way to just double-check that everything looks as it should.
So, after we’ve run that playbook and had a good look at the output of those commands, we can be pretty sure that our iBGP configuration is in place and working the way we expect it to. It’s a really important step to make sure everything’s solid.
And that wraps up this part. We’ve got OSPF running on the Junipers, and we’ve got iBGP set up between our named routers using Ansible and that Jinja2 template. Hopefully, that all made sense. Join me in the next video
Pingback: OSPF configuration with Ansible and Jinja2 templates Lab 06 - RichardKilleen