Loading...
right-arrow (6)Back
Blog

Automated Ansible backups for AOS6 & AOS8 in a blink of an eye

Sep 16, 2021

Have you ever faced a situation where you had to perform a disaster recovery or a configuration change rollback? That’s when the – hopefully recent – backups come to play. Ansible has the beauty of network automation and can perform these tasks for you with zero effort.

This article shows how you can easily backup your entire Alcatel-Lucent Enterprise Omniswitch environment by using Ansible. For AOS6 devices we use Gilbert Moisio’s Ansible collection to scrape the CLI through the popular Netmiko Python library. AOS8 devices have the advantage of a REST API, so we can authenticate with the return cockie and request the running configuration in a JSON structured format through a https REST call.

You can store the backup files locally or even better, push them to a remote GIT repository. The result is a CMDB (configuration management database) in which the different backup versions are stored and where you can easily compare them to track changes.

But first, what is Ansible? Ansible is an open-source agentless automating and orchestration tool for cross-platform application deployment and configuration management, enabling infrastructure as a code. Ansible uses it’s own easy to learn domain specific language and keeps complexity behind the scene. Good to know: Ansible is only available for Linux, but easily installed on Windows WSL.
Bold
AOS6 AOS8
AOS6 AOS8

Inventory host and variable configuration

By default Ansible will look for hosts in the inventory.yml file, so this is where we are going to build our inventory. Ansible needs an “ansible_host” parameter to identify the device management IP and a “device_os” parameter to determinate the appropriate Alcatel-Lucent Operating System version.
AOS6 & AOS8
AOS6 & AOS8
AOS6 & AOS8

Run Ansible playbook backup-all.yml

Preparations done, now we can run the backup-all.yml playbook to backup all our devices and store a local copy and/or push the configuration changes to a remote repository. If all goes well the failed tasks counters remains at zero and task summary shows handled hosts for every task.

Note for production: Variables are stored in plain text, which is definitly not best practice. Ansible provides the Vault functionality that encrypts variables and files to secure sensitive information.

What’s next?

Now we have a fully automated Alcatel-Lucent Enterprise backup solution in place. This playbook just scratches the surface but is easy to understand and get started with so you could certainly think of different use cases.
Loading