Avoid third party tools when possible, to keep things simple and easy without additional dependencies. Sometimes it is unavoidable, and with the ansible version 2.10 ansible has been split up in separate packages. There is now ansible and ansible-core. Native and 3-rd party plugins now can be installed using the ansible-galaxy command, this is quite new. The ansible-galaxy tool manages the plugins ansible uses, and there are hundreds of them. Ansible has split working code and the data. The data has been split up in official and community. More information about it found at the official ansible website ROADMAP, the CHANGELOG file on github and the official ansible porting guide to ansible-base.

The goal of this article is to use ArubaOS with ansible v2.10. The running configuration is to be saved to a TFTP server. This is a write up from scratch, so the only things that are working now at the moment are a couple of switches a running gentoo app-admin/ansible version 2.10.1 installation using python3.7 and a working TFTP server. The ansible directory is empty.

In this example the 3800 series switches and 5400zl switches are used. The naming convention is prefix S, switch, 3k and 5k is the product series number:

  • Aruba 5400 (S5k)
  • Aruba 3800 (S3k)

Each switch series needs to have its specific firmware binary. To preserve the overview over the switches and series, variables can be set the group_vars directory. Each switch series has its own .yml file, below in the example S3k and S5k, and there is a global configuration called all.yml. This is how the ansible directory is looking by now. There is also a vault.yml file which contains authentication credentials (user and password). Howto configure vault authentication is described in the 4-th example of the Ansible credentials management article. 2 playbooks, 3 group vars, and the hosts file:

user@host $ tree
.
├── 01-aruba-save-to-tftp.yml
├── 01-arubaoss-save-to-tftp.yml
├── group_vars
│   ├── all.yml
│   ├── S3kk.yml
│   └── S5k.yml
├── hosts
└── vault.yml

This is the content of the group_vars/all.yml. All components use the same TFTP server.

---
tftp_server1: 192.0.2.100
tftp_path: tmp

Content of the hosts file. 2 groups S3k and S5k. Each group contains 2 switches:

---
[S3k]
S3k-1
S3k-2

[S5k]
S5k-1
S5k-2
S3k-1# copy running-config tftp 192.0.2.100 configs/S3k-1-config

TFTP download in progress. S3k-1#

The CLI support for Aruba hardware is found in 2 separate collections. 2 different implementations for Aruba hardware, these do not to be run both. Each of them works separately. One collection is called community.nework the other more official because it is arubas own, is called arubanetworks.aos_switch.

The collection will be installed in home, into the ~/.ansible/collections path. This can be adjusted to be a global path like /etc/ansilbe/collection or local path inside the ansible directory f.e. like ~/ansible/collections/. The path to collections can be set in the *ansible.cfg file. In example below the path is set to the /etc/ansible/collections directory:

...
# colleciton path
collections_paths=/etc/ansible/collections
...

Now after the path has been set, install both collections use following commands:

ansible-galaxy collection install community.network

ansible-galaxy collection install arubanetworks.aos_switch

Further information about ansible-galaxy its features and usage is found in the official documentation. In this example the collection community.network is configured and used. Content of the group_vars/S5k.yml file:

---
ansible_network_os: community.network.aruba

The first playbook using the community.network collection. Notify the connection type for this collection, it is set to local, and the task command refering to the CLI community.network.aruba_command:

Filename= ~/ansible/01-aruba-save-tftp.yml

---
# ansible v2.10
# 
# This playbook saves the running configuration to a TFTP server 
# using the community.network collection
#
- hosts: S5k
  connection: local
  gather_facts: no
  vars_files:
    - vault.yml

  tasks:
    - name: ArubaOS - copy running config to TFTP server
      community.network.aruba_command:
         commands:
            - copy running-config tftp {{ tftp_server1 }} {{ tftp_path}}/{{ inventory_hostname }}-config

The same can be accomplished with the official aruba collection called arubanetworks.aos_switch. Minor changes need to be made. The product group S3k should be saved using this collection. Create the product specific group_vars/s3k.yml configuration file with following content:

---
ansible_network_os: arubanetworks.aos_switch.arubaoss

The playbook using this specific collection looks almost identically. But the connection type is set to network_cli, and in the task directory path arubanetworks.aos_switch.arubaoss_command:

Filename: ~/ansible/01-arubaoss-save-tftp.yml

---
# ansible v2.10
# A playbook to saves the running configuration to TFTP server
# using the arubanetworks.aos_switch collection 
#
- hosts: S3k
  connection: network_cli
  gather_facts: no
  vars_files:
   - vault.yml

  tasks:
    - name: ArubaOS - copy running config to TFTP server
      arubanetworks.aos_switch.arubaoss_command:
        commands:
       - copy running-config tftp {{ tftp_server1 }} tmp/{{ inventory_hostname }}-config

These are the 2 methods currently available to run commands on CLI on a aruba switch. Both ansible collections are not exclusive so both can coexists. If everything worked as explained then the reader has now a working base to build up its own working repository for aruba related tasks. Even go further and start to explore the possibilities of the REST API to handle tasks.