Automate Day-to-day Network Operations Using Ansible Playbooks in Pica8’s AmpCon Network Controller
With automation, processes that used to take days and hours can now take minutes. You can use the Ansible Playbook mechanism in Pica8’s AmpCon Network Controller for day-to-day operations like compliance checks, policy enforcement, checking status of the network and performing automated policy enforcement when needed. This blog demonstrates how Ansible Playbook is used in AmpCon to customize automation to suit your needs.
Picos_config Ansible Module
To make things easy Pica8 has created the picos_config Ansible module for performing operations like compliance checks, policy enforcement, and checking run-time status of the network in order to take any corrective actions. For more details on picos_config please refer to the documentation page on picos_config. The picos_config Ansible module is already integrated with AmpCon.
Playbook Examples Provided by Pica8
The first step in automation is creating new automation content. Pica8 provides a collection of Ansible Playbook examples in Pica8’s Documentation website. You can download and simply use these example Playbooks or modify the PicOS commands in these Playbooks to create custom workflows. Once you have the content for automation, it will free your team to focus on more interesting projects by helping them to automate time-consuming tasks.
Push-button Mechanism
Executing Playbooks from the AmpCon Network Controller is simple. Use the AmpCon UI in point-and-click fashion to run the Ansible Playbooks. You do not need to know programming. This is not the case with other vendor solutions. Please refer to the documentation link for running Ansible Playbooks via the AmpCon UI for more details.
Using Ansible Playbooks in AmpCon to Customize Automation
Let us look at an Ansible Playbook example. Say you wanted to enforce compliance checks on access ports to ensure dot1x is enabled on all ports. Sometimes IT admins disable dot1x on a port or two for testing purposes. Then they forget to re-enable dot1x on the test ports after testing. Also someone can maliciously disable dot1x on certain ports. Our goal is check whether dot1x is enabled on all access ports in all access switches.
Ansible Playbook Example
This Playbook is going to scan through all the switches looking for ports in which dot1x is disabled, and if found, it will re-enable 802.1x in automated fashion to enforce compliance. You can take this Playbook and customize it easily for other uses cases by changing the show or set CLI command or changing the pattern string as shown below.
Demo Video: Customize Automation Using Ansible Playbooks
As you can see from this short demo, Ansible Playbooks are a powerful yet easy means to automate compliance. We scanned a group of switches for 802.1x. We found the offending port configurations, and enabled them to comply with the established policies. This saves a ton of time and ensures your network is running in great shape.
Contact us today to learn more about AmpCon Automation with Ansible Playbooks.
—-
Mani Subramanian is Senior Technical Marketing Manager for Pica8