Login
Contents x
IAG 2023.1+ Execution Flow by Role Type
  • 06 Apr 2024
  • Dark
    Light
  • PDF
Contents

IAG 2023.1+ Execution Flow by Role Type

  • Updated on 06 Apr 2024
  • Dark
    Light
  • PDF
Article summary

Below are the different Ansible role templates provided within an IAG release. Users can modify the templates to support a variety of devices within an Ansible inventory.

Role Execution Paths

Depending on the inventory variables present for a device within the IAG Ansible inventory, an Itential role will take one of three different execution paths. The role execution paths are categorized as follows:

  • Fully Integrated
  • Netmiko Customized Templates
  • Ansible Customized Templates

Fully Integrated

The Fully Integrated execution path includes a set of Ansible roles provided by IAG that are utilized for device types found in an internal “integrated device” table. The roles use well known Ansible modules supported by the Ansible community to retrieve operational state data from devices as well as retrieve and set the device configuration. A list of fully integrated devices can be found on this IAP Compatibility page. Users do not need to make any modifications in order to get the functionality provided by the Fully Integrated roles.

Executing a role against a fully integrated device enables users to utilize the full suite of Automation Gateway and Automation Platform features, such as Configuration Manager, Golden Configuration, and Command Templates.

Requirements

The device must be explicitly in the IAG list of integrated devices, and you can successfully connect to the device using Ansible connection parameters.

Important Variables

The ansible_network_os variable must match a valid Ansible OS type, and it must be in the list of integrated devices, such as "ios" for Cisco IOS.

 {
  "name": "Example_IOS",
  "ansible_host": "ios.example.com",
  "ansible_connection": "network_cli",
  "ansible_network_os": "ios",
  "ansible_user": "username",
  "ansible_password": "password",
  "ansible_become": true,
  "ansible_become_password": "password"
}

Netmiko Customized Templates

IAG provides a set of Ansible role templates that use the Netmiko library to connect and communicate with devices. The templates can be customized by users in order to communicate with devices that do not fall under the Fully Integrated category. This is only an option for devices which have prebuilt support from the Netmiko library. The list of devices supported by Netmiko is very large, however it has its own caveats and levels of support from that library. See Netmiko Platforms for additional information regarding the device_type variable and options.

Executing a role that has been properly customized to use the Netmiko library enables users to utilize the majority of Automation Gateway and Automation Platform features, such as Configuration Manager, Golden Configuration, and Command Templates.

Note:

It is assumed the user will most likely have to make a variety of changes to the files within the template in order to get Netmiko to successfully connect to the device and operate against the device exactly as expected. The templates are provided as a reasonable starting point and with the expectation that if Netmiko has a device_type for your device, you can easily enable connectivity and test the available functionality, such as sending commands and updating the configuration.

Requirements

The device is not in the IAG list of integrated devices, and you can successfully connect to the device using Netmiko connection parameters.

Directory Path

The templates for the Ansible roles that use the Netmiko library can be found in the IAG release package at the following directory path:

automation_gateway/integrations/extensible_device_roles/ansible_netmiko

The roles should be copied to a new directory on the IAG server before they are modified in order to avoid being overwritten upon the next upgrade of IAG.

# ls
itential_netmiko_cli  itential_netmiko_get_config  itential_netmiko_get_state  itential_netmiko_load_config  itential_netmiko_set_config
# cp -R * /new/path/to/custom/ansible_netmiko
Note:

The names of the roles (i.e.,itential_netmiko_cli, itential_netmiko_get_config, etc.) should not be modified. The main Itential roles (i.e., itential_cli, itential_get_config, etc.) are written to search for those explicit names at execution time.

The templates contain the minimum directory structure required for an Ansible role. Users can modify the files in the template, including adding other directories, as they see fit in order to support their devices.

Configuration

In order for the itential_netmiko_* roles to be found at execution time, the directory path where they were saved to needs to be configured using the Automation Gateway UI. After logging into the IAG, go to the Configuration → Ansible tab, add the full directory path to the Extended Device Role Path parameter, and save the configuration.

01_Extended_Device_2023.1

Execution

The main Itential roles (i.e., itential_cli, itential_get_config, etc.) are used as an entry point to execute the Ansible roles using the Netmiko library (i.e., itential_netmiko_cli, itential_netmiko_get_config, etc.). The Itential roles decide which code path to execute based on the presence and contents of different Ansible inventory variables. Below is the criteria that will cause the Netmiko Customized Template roles to be executed along with some example devices with variables that will match the criteria.

Important Variables

  • The ansible_network_os variable must not match the name of a fully integrated device and should generally be omitted to avoid confusion and ensure the correct execution path is followed.

  • A local connection type is required; therefore ansible_connection must be set to local.

  • Either provider.device_type or netmiko_device_type must be a valid netmiko device_type.

Example Host (Explicit Usage)

The following example host shows an explicit set of Netmiko-related variables nested under the provider object so that it is very clear that this host is meant to be used only with the Netmiko roles.

{
    "name": "Example_IOS",
    "variables": {

        "**********REQUIRED VARIABLES**********": "",

        "ansible_connection": "local",
        "provider": {
            "host": "ios.example.com",
            "device_type": "cisco_ios",
            "username": "username",
            "password": "password"
        },

        "**********END REQUIRED VARIABLES**********": "",


        "**********OPTIONAL VARIABLES**********": "",

        "end_command": "end",
        "save_command": "commit apply",
        "get_config_command": "show run",
        "get_state_command": "show version",

        "**********END OPTIONAL VARIABLES**********": ""
    }
}

Example Host (Implicit Usage)

The following example host shows an implicit set of Netmiko-related variables which are declared outside of the provider object. This method allows the user to use mostly Ansible variables, which are converted into the provider object within the role template, along with the addition of netmiko_device_type so that it is correctly routed to the Netmiko roles.

{
    "name": "Example_IOS",
    "variables": {

      "**********REQUIRED VARIABLES**********": "",

      "ansible_connection": "local",
      "ansible_host": "ios.example.com",
      "ansible_user": "username",
      "ansible_password": "password",
      "netmiko_device_type": "cisco_ios",

      "**********END REQUIRED VARIABLES**********": "",


      "**********OPTIONAL VARIABLES**********": "",

      "ansible_port": 22,
      "end_command": "end",
      "save_command": "commit apply",
      "get_config_command": "show run",
      "get_state_command": "show version",

      "**********END OPTIONAL VARIABLES**********": ""
  }
}

Ansible Customized Templates

Automation Gateway provides a set of Ansible role templates that can be customized by users to use their Ansible modules of choice to connect and communicate with devices. The templates are available for use with devices that do not fall under the fully integrated list and cannot be configured to work with the Netmiko library.

Executing a role that has been properly customized enables users to utilize the majority of Automation Gateway and Automation Platform features, such as Configuration Manager, Golden Configuration, and Command Templates.

Note:

It is assumed the user will have to make a variety of changes to the files within the template in order to successfully connect to the device and operate against the device exactly as expected. The templates are provided as a reasonable starting point and are an example implementation of adding support for a Cisco IOS device.

Requirements

  • The device in question cannot be executed against the Fully Integrated or Netmiko Customized roles.

  • The ansible_network_os variable must not be in the list of integrated device types and should instead be a made-up value that matches the custom role you created (see the templates for additional information).

Directory Path

The Ansible Customized Template roles can be found in the IAG release package at the directory path:

automation_gateway/integrations/extensible_device_roles/ansible_custom.

The roles should be copied to a new directory on the IAG server before they are modified in order to avoid being overwritten upon the next upgrade of IAG.

# ls
iag_cli  iag_get_config  iag_get_state  iag_load_config  iag_set_config
# cp -R * /new/path/to/custom/ansible_custom
Note:

The names of the roles (i.e., iag_cli, iag_get_config, etc.) should not be modified. The main Itential roles (i.e., itential_cli, itential_get_config, etc.) are written to search for those explicit names at execution time.

The templates contain the minimum directory structure required for an Ansible role. Users can modify the files in the template, including adding other directories, as they see fit in order to support their devices.

Configuration

In order for the iag_* roles to be found at execution time, the directory path that they were saved to needs to be configured using the IAG UI. After logging into the UI, traverse to the Configuration → Ansible tab, add the full directory path to the Extended Device Role Path parameter, and save the configuration.

01_Extended_Device_2023.1

Execution

The main Itential roles (i.e., itential_cli, itential_get_config, etc.) are used as an entry point to execute the Ansible customized roles (i.e., iag_cli, iag_get_config, etc.). The Itential roles decide which code path to execute based on the presence and contents of different Ansible inventory variables. Below is the criteria that will cause the Ansible Customized Template roles to be executed along with an example device with variables that will match the criteria.

Important Variables

  • The ansible_network_os variable must not match the name of a fully integrated device and the variables netmiko_device_type and provider.device_type must not be present.

Example Host

The following example host shows a set of Ansible Custom variables.

{
  "name": "Example_IOS",
  "ansible_host": "ios.example.com",
  "ansible_connection": "network_cli",
  "ansible_network_os": "custom_unsupported_ios",
  "...any other custom variables for your custom role...": "..."
}
Was this article helpful?
What's Next
Privacy Policy
Cookie Policy
Terms of Use
EULA
Copyright © 2022 Itential for Developers
Change password!
Changing your password will log you out immediately. Use the new password to log back in.
Change profile
Success!
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
Logout