Ansible Switch Basics - Apt Setup


The goal of this article is to provide a set of Ansible tasks to cover the basics of an initial switch setup. These tasks are typically run once when the switch is initially provisioned.
The assumption is you have Ansbile installed on a server that can reach the switch management network and that you have a basic understanding of Ansible. The examples below make use of only Ansible core modules so a default Ansible installation should work fine.
Details on apt Setup
Using the Debian package management utility apt (Advanced Package Tool) allows you to install new applications without having to worry about managing the proper dependencies and configurations files needed for the application. Luckily Ansible already has a built in core module apt to install packages onto a switch running Cumulus Linux. By default Cumulus Linux is configured to pull packages from the Cumulus hosted repository repo.cumulusnetworks.com which you can browse at http://repo.cumulusnetworks.com. In many data centers the switches will not have direct internet access on their management network to reach the Cumulus repository. In this situation there is a need to host a local proxy in the data center to mirror or cache the Cumulus repository. The following examples will show how to setup an apt proxy, install packages from the Cumulus repository, and how to add additional repositories to install packages not hosted by Cumulus.
Ansible Tasks
  • Set up the proxy configuration on the switch
  • Update the apt package list
  • Install packages hosted by Cumulus
  • Set up additional repositories
  • Update the apt package list
  • Install a package from the new repository
  • Remove additional repositories
#Example for configuring an apt cache or mirror proxy#Contents of the 90apt-proxy file:
- name: configure apt cache proxy
copy: content='Acquire::http::Proxy "http://192.168.1.254:3142";\n'
dest=/etc/apt/apt.conf.d/90apt-proxy
tags:
- apt_setup
- initial_setup

#Retrieve the updated package list
#You can use update_cache=yes on each package install or this single task
- apt: update_cache=yes
tags:
- apt_setup
- initial_setup

#You should be able to use with_items and have a list of packages in Ansible 2.0
#But in 1.9.x I still do them individually so Ansible can prepare the dependencies one at a time

#Install htop (Detailed process viewer)
- apt: name=htop
tags:
- apt_setup
- initial_setup

#Install tcptrace (Tool for analyzing tcpdump output)
- apt: name=tcptrace
tags:
- apt_setup
- initial_setup

#Example to enable Debian wheezy repo
- name: Add Debian wheezy repo
apt_repository: state=present repo="{{ item }}"
with_items:
- deb http://ftp.us.debian.org/debian/ wheezy main contrib non-free
- deb-src http://ftp.us.debian.org/debian/ wheezy main contrib non-free
tags:
- apt_setup
- initial_setup

#Retrieve the updated package list from the debian wheezy repo above
- apt: update_cache=yes
tags:
- apt_setup
- initial_setup

#Install bwm-ng (not in the Cumulus repo)
- apt: name=bwm-ng
tags:
- apt_setup
- initial_setup

#Remove the Debian wheezy repositories from the sources list (Best practice)
- name: Add Debian wheezy repo
apt_repository: state=absent repo="{{ item }}"
with_items:
- deb http://ftp.us.debian.org/debian/ wheezy main contrib non-free
- deb-src http://ftp.us.debian.org/debian/ wheezy main contrib non-free
tags:
- apt_setup
- initial_setup

For more information on installing Ansible, Ansible modules, and apt used in these examples

1 reply

David Marshall wrote:

There is a module for adding repos that we could use here instead of lineinfile:

- name: add...

Just tested it and it works. It drops a new file in the sources.list.d dir with the repos listed in the file. Not sure which is better here but I guess might as well use the Ansible module.

Reply