Ansible Network Backup

About

• The Ansible Network Backup Validated Content provides a comprehensive solution for managing network backups and restores across supported network platforms. This validated content offers two key functionalities: backup and restore, each designed to be platform-agnostic and user-friendly.

• The backup role allows users to create, compare, and tag backups, supporting both local and remote data stores. This ensures that network configurations are regularly and securely backed up, providing a reliable method to safeguard network infrastructure.

• The restore role enables users to fetch backups from local or remote data stores and perform configuration restores. This functionality ensures that network configurations can be swiftly and accurately restored when needed, minimizing downtime and maintaining network stability.

• The Network Backup Content is ideal for system administrators and IT professionals who need to manage and maintain network infrastructure, automate the backup and restore process, and ensure data is regularly and securely backed up and available for restoration as required.

Included content

Click on the name of a role, playbook, or rulebook to view that content's documentation:

Roles

Name	Description
network.backup.backup	A platform agnostic role to manage network backup operations.
network.backup.restore	A platform agnostic role to manage network restore operations.

Requirements

• Requires Ansible
• Requires Content Collections
• Testing Requirements
• Users also need to include platform collections as per their requirements. The supported platform collections are:
  • arista.eos >= v9.0.0
  • cisco.ios >= v8.0.0
  • cisco.iosxr >= v9.0.0
  • cisco.nxos >= v8.0.0
  • junipernetworks.junos >= v8.0.0

Installation

To consume this Validated Content from Automation Hub, the following needs to be added to ansible.cfg:

[galaxy]
server_list = automation_hub

[galaxy_server.automation_hub]
url=https://console.redhat.com/api/automation-hub/content/validated/
auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
token=<SuperSecretToken>

Utilize the current Token, and if the token has expired, obtain the necessary token from the Automation Hub Web UI.

With this configured, simply run the following commands:

ansible-galaxy collection install network.backup

Use Cases

Full Backup:

• Allows users to retrieve the running network configuration from the device and save it to a local or remote data store.
• Users can also upload backup files to GitHub, with the option to add tags for better organization.

Differential Backup:

• Enables users to back up the network configuration only if there have been changes since the last backup.
• Users can perform a differential backup and save the updated files either to a local data store or a GitHub repository, with the option to add tags for better organization.

Restore Configuration:

• Allows users to restore a previously backed-up configuration.
• Users can compare the running configuration with the backup to identify differences and restore the configuration only if differences are found.

Full Network Backup

fetch running config and saves the backup to the local data store.

run.yml
---
- hosts: rtr1
  gather_facts: true
  tasks:
    - name: Backup Network Configuration to Local Storage
      ansible.builtin.include_role:
        name: network.backup.backup
      vars:
        operation: backup
        type: full
        data_store:
          local: "./network_local_backup/network"

fetch running config and publish the backup to a remote repository.

run.yml
---
- hosts: rtr1
  gather_facts: true
  tasks:
    - name: Backup Network Configuration to Remote/Cloud Storage
      ansible.builtin.include_role:
        name: network.backup.backup
      vars:
        operation: backup
        type: full
        data_store:
          scm:  
            origin:
              url: "{{ GIT_REPO }}"
              token: "{{ GH_ACCESS_TOKEN }}"
              user:
                name: "{{ username }}"
                email: "{{ email }}"

Differential Network Backup

fetch running config and saves the backup to the local data store.

run.yml
---
- hosts: rtr1
  gather_facts: true
  tasks:
    - name: Backup Network Configuration to Local Storage when Config Diff Found.
      ansible.builtin.include_role:
        name: network.backup.backup
      vars:
        operation: backup
        type: diff
        data_store:
          local: "./network_local_backup/network"

fetch running config and publish the backup to a remote repository.

run.yml
---
- hosts: rtr1
  gather_facts: true
  tasks:
    - name: Backup Network Configuration to Remote/CLoud Storage when Config Diff Found.
      ansible.builtin.include_role:
        name: network.backup.backup
      vars:
        operation: backup
        type: diff
        data_store:
          scm:  
            origin:
              url: "{{ GIT_REPO }}"
              token: "{{ GH_ACCESS_TOKEN }}"
              tag: default 
              user:
                name: "{{ username }}"
                email: "{{ email }}"

Fetch backup and restore a network appliance's configuration.

run.yml
---
- name: Restore config
  hosts: ios
  gather_facts: true

  tasks:
    - name: Restore Network Configuration from Local Storage
      ansible.builtin.include_role:
        name: network.backup.restore
      vars:
        operation: restore
        data_store:
          local: "{{ network_backup_path }}"

Fetch backup from remote repo and restore to a network appliance's configuration.

run.yml
---
- name: Restore config
  hosts: ios
  gather_facts: true

  tasks:
    - name: Restore Network Configuration from Remote Storage
      ansible.builtin.include_role:
        name: network.backup.restore
      vars:
        operation: restore
        data_store:
          scm:
            origin:
              url: "{{ github_repo }}"
              user:
                name: "{{ github_username }}"
                email: "{{ user_email }}"
              token: "{{ token }}"
              path: "{{ path_to_backup_file }}"

Testing

The project uses tox to run ansible-lint and ansible-test sanity. Assuming this repository is checked out in the proper structure, e.g. collections_root/ansible_collections/network/backup, run:

  tox -e ansible-lint
  tox -e py39-sanity

To run integration tests, ensure that your inventory has a network_backup group. Depending on what test target you are running, comment out the host(s).

[network_hosts]
ios
junos

[ios:vars]
< enter inventory details for this group >

[junos:vars]
< enter inventory details for this group >

  ansible-test network-integration -i /path/to/inventory --python 3.9 [target]

Contributing

We welcome community contributions to this collection. If you find problems, please open an issue or create a PR against this repository.

Don't know how to start? Refer to the Ansible community guide!

Want to submit code changes? Take a look at the Quick-start development guide.

We also use the following guidelines:

• Collection review checklist
• Ansible development guide
• Ansible collection development guide

Code of Conduct

This collection follows the Ansible project's Code of Conduct. Please read and familiarize yourself with this document.

Release notes

Release notes are available here.

Related information

• Developing network resource modules
• Ansible Networking docs
• Ansible Collection Overview
• Ansible Roles overview
• Ansible User guide
• Ansible Developer guide
• Ansible Community Code of Conduct

Licensing

GNU General Public License v3.0 or later.

See LICENSE to see the full text.