Cisco IOS - Ansible Automated Configuration Rollback

Описание: In this video we will utilise Ansible, EEM scripts and IP SLA to configure a remote router (R3) and rollback automatically; with an EEM script that triggers upon tracked object failure. This will trigger when changes applied leave the R3 in an unreachable state. I don’t necessarily recommend using these playbooks in production, especially as any automation can be risky. However, this automation rollback method is important to know for use in specific situations.

I will outline and demonstrate three playbooks of varied complexity, the third being the most complex:

• The first playbook will just apply multiple commands to R3 through a single EEM applet with no rollback ability.

• The second playbook will use two EEM applets, the first for the application of a configuration and the second to be triggered with an IP SLA tracked object for configuration rollback.

• The third playbook is more reliable than the others and utilises the archive and configure replace function present in Cisco IOS. Rather than manually negating each configuration applied in the rollback EEM applet, the applet will

The use case of the final playbook would be to configure a remote router interface or the application of any configuration that may make the router become unreachable, especially if multiple changes are applied. The configure replace feature should (hopefully) save you. You could accidently apply “no ip routing” in the first EEM configuration applet and it should still rollback successfully. I would highly advise that you do not test this outside of a lab environment though haha…

As promised, the playbooks from this video are on my GitHub below:
https://github.com/STP-Tech/Ansible-R...

I thought of this method a few years ago; using Ansible to create EEM Scripts that trigger through an IP SLA / tracked object failure to rollback configs (specifically with use of the archive + configure replace). I hadn’t had time to create a video on until now. Let me know what you think…

Once again, the use case for this script would be for a remote router interface that may become unreachable if multiple changes are applied.

If you have any questions, ask me! Also, feel free to suggest any other Cisco / networking video topics. What should I create a video on next?