Have you ever faced a situation where you had to perform a disaster recovery or a configuration change rollback? That’s when the – hopefully recent – backups come to play. Ansible has the beauty of network automation and can perform these tasks for you with zero effort.
This article shows how you can easily backup your entire Alcatel-Lucent Enterprise Omniswitch environment by using Ansible. For AOS6 devices we use Gilbert Moisio’s Ansible collection to scrape the CLI through the popular Netmiko Python library. AOS8 devices have the advantage of a REST API, so we can authenticate with the return cockie and request the running configuration in a JSON structured format through a https REST call.
You can store the backup files locally or even better, push them to a remote GIT repository. The result is a CMDB (configuration management database) in which the different backup versions are stored and where you can easily compare them to track changes.
But first, what is Ansible? Ansible is an open-source agentless automating and orchestration tool for cross-platform application deployment and configuration management, enabling infrastructure as a code. Ansible uses it’s own easy to learn domain specific language and keeps complexity behind the scene. Good to know: Ansible is only available for Linux, but easily installed on Windows WSL.
Initial setup and installation
Want to get a head start? All demo files are available through following GitHub remote repository, ready to be cloned locally.
Before we get started, create a virtual Python environment, install the required Python packages as found in requirements.txt and install the Ansible modules found in requirements.yml. These modules extend the Ansible functionality and can be called in the Ansible Playbooks, the files where the job logic gets described in sequential tasks.
Quick check if Ansible and the packages are installed correctly:
Inventory host and variable configuration
By default Ansible will look for hosts in the inventory.yml file, so this is where we are going to build our inventory. Ansible needs an “ansible_host” parameter to identify the device management IP and a “device_os” parameter to determinate the appropriate Alcatel-Lucent Operating System version.
For authentication we use the variables “ale_username” and “ale_password” found in group_vars/all/all.yml. By adding these as a group variable to the “all” group, all hosts from our inventory will inherit these variables.
By altering the “backup_git” Boolean variable you can enable or disable the GIT playbook tasks. When enabled don’t forget to provide the git token, username, URL and desired branch.
Run Ansible playbook backup-all.yml
Preparations done, now we can run the backup-all.yml playbook to backup all our devices and store a local copy and/or push the configuration changes to a remote repository. If all goes well the failed tasks counters remains at zero and task summary shows handled hosts for every task.
Note for production:
Variables are stored in plain text, which is definitly not best practice. Ansible provides the Vault functionality that encrypts variables and files to secure sensitive information.
Now we have a fully automated Alcatel-Lucent Enterprise backup solution in place. This playbook just scratches the surface but is easy to understand and get started with so you could certainly think of different use cases.