Skip to content

Ansible - Network Settings

A quick guide to Ansible network settings and how to use them for network automation tasks.

Overview

Ansible provides modules and connection plugins for automating network devices. You can use the network_cli connection for most network platforms (Cisco, Arista, Juniper, etc.).

Step 1: Inventory Setup (Copy-Paste Example)

Create an inventory file (e.g., inventory.yml):

all:
  children:
    routers:
      hosts:
        r1:
          ansible_host: 192.0.2.11
          ansible_user: admin
          ansible_password: Cisco123
          ansible_network_os: ios
        r2:
          ansible_host: 192.0.2.12
          ansible_user: admin
          ansible_password: Arista123
          ansible_network_os: eos

Step 2: ansible.cfg for Network Automation

Create an ansible.cfg in your project directory:

[defaults]
inventory = ./inventory.yml
host_key_checking = False
retry_files_enabled = False

[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
  • host_key_checking = False disables SSH host key checking (useful for labs).
  • ssh_args enables SSH connection reuse for speed.

Step 3: Example Playbook - Get Facts and Validate Connection

---
- name: Validate network device connection and get facts
  hosts: routers
  gather_facts: no
  connection: network_cli
  tasks:
    - name: Validate device connection
      ping:

    - name: Get device facts
      ios_facts:
      when: ansible_network_os == 'ios'
      register: iosfacts

    - name: Show facts
      debug:
        var: iosfacts

For Arista, use eos_facts: instead of ios_facts:.

Step 4: Example - Run a Command and Validate Output

---
- name: Run show version and validate output
  hosts: routers
  gather_facts: no
  connection: network_cli
  tasks:
    - name: Run show version
      ios_command:
        commands:
          - show version
      register: version_output
      when: ansible_network_os == 'ios'

    - name: Validate output contains IOS
      assert:
        that:
          - "'IOS' in version_output.stdout[0]"
      when: ansible_network_os == 'ios'

When to Use network_cli (and When Not)

  • Use network_cli for most network devices (Cisco IOS, NX-OS, Arista EOS, Juniper, etc.) that support SSH CLI access.
  • Do NOT use network_cli for:
  • Devices that only support API/NETCONF/REST (use httpapi, netconf, or restconf connection plugins instead).
  • Linux servers (use the default ssh connection).

SSH Settings for Network Devices

  • Ensure SSH is enabled on all network devices.
  • Use strong passwords or SSH keys.
  • For lab/dev, you can disable host key checking (see ansible.cfg above).
  • If using SSH keys, add: 
    ansible_ssh_private_key_file: /path/to/key
    to your host/group vars.

More Resources