This is my Ansible Playbook for a Cumulus Linux BGP IP-Fabric using BGP unnumbered and Cumulus NetQ to validate the configuration in a CICD pipeline. I use the same CICD pipeline from my previous post about Continuous Integration and Delivery for Networking with Cumulus Linux but added the Cumulus NetQ validation in the production stage to check BGP and CLAG configuration.
Network overview:
Here’s my Github repository where you find the complete Ansible Playbook: https://github.com/berndonline/cumulus-lab-provision
The variables are split between group_vars and host_vars. Still need to see if I can find a better way for the variables because interface settings for spine and edge switches are in group_vars, and for leaf switches the interface configuration is per host in host_vars. Not ideal at the moment, it should be the same for all devices.
Roles:
- Hostname: This task changes the hostname
- Interfaces: This creates the interfaces and bridge (only leafs and edges) configuration. The task uses templates interfaces.j2 and interfaces_config.j2 to create the configuration files under /etc/network/…
- Routing: The template frr.j2 creates the FRR (Free Range Routing) configuration file. FRR replaces Quagga since Cumulus Linux version 3.4.x
- PTM: Uses as well an template topology.j2 to generate the topology file for the Prescriptive Topology Manager (PTM)
- NTP: Ntp and timezone settings
In most of the cases I use Jinja2 templates to generate configuration files. The site.yml is otherwise very simple. It executes the different roles, and triggers the handlers if a change is made by a role.
--- - hosts: network strategy: free user: cumulus become: 'True' gather_facts: 'False' handlers: - name: reload networking command: "{{item}}" with_items: - ifreload -a - sleep 10 - name: reload frr service: name=frr state=reloaded - name: apply hostname command: hostname -F /etc/hostname - name: restart netq agent command: netq config agent restart - name: reload ptmd service: name=ptmd state=reloaded - name: apply timezone command: /usr/sbin/dpkg-reconfigure --frontend noninteractive tzdata - name: restart ntp service: name=ntp state=restarted roles: - hostname - interfaces - routing - ptm - ntp
Like mentioned in previous posts, I use Gitlab-CI for my Continuous Integration / Continuous Delivery (CICD) pipeline to simulate changes against a virtual Cumulus Linux network using Vagrant. You can find more information about the pipeline configuration in the .gitlab-ci.yml.
Changes in the staging branch will spin-up the Vagrant environment but only executes the the Ansible Playbook:
Cumulus NetQ configuration validation in production:
The production stage in the pipeline spins-up the Vagrant environment and executes the Ansible Playbook, then continues executing the two NetQ checks netq_check_bgp.yml and netq_check_clag.yml to validate the BGP and CLAG configuration:
The result will look like this when all stages finish successfully:
I will continue to improve the Playbook and the CICD pipeline so come back later to check it out.
In my repository I have some other useful Playbooks for config backup and restore but also to collect and remove cl-support.
Please tell me if you like it and share your feedback.
See my new post about BGP EVPN and VXLAN with Cumulus Linux