Meta Data for Switch Provisioning

[Heath Brown]

What is everyone using for meta data in order to provision?

We have been using Ansible and yaml, so far.

One of the items, we have found is using yaml files for a high volume of network devices does not scale, or at least cumbersome.

We currently are migrating away from yaml to a home brewed API with a mongodb backend.

I was curious how everyone else is handling this problem.

[Jason Edelman]

Heath,  curious how many devices are you talking about, or what number of devices was your tipping point in realizing managing yaml files did not scale?

Also, did you test Ansible Tower?  Curious if you have feedback on that.

Thanks.

[Heath Brown]

From what I have seen we are currently in the 600 - 700 range, it may be how we are handling our yaml files, however, it becomes tedious.

We have not looked at Ansible Tower, yet.

We are working on scripts to "dynamically" generate the yaml files from an inventory system, however, a dynamic inventory / meta data store seems to be what works out for even the system guys at several thousand devices.

[Matt Oswalt]

I'd say this is all entirely dependent on the infrastructure and how it's laid out. At the kind of scale you're talking about (and I'm wildly speculating because you haven't provided that much detail) your biggest asset will be proper discipline and simplification at the infrastructure layer, not necessarily the semantics of the automation tool in play. 700 or even 1000 sounds like a lot, but if there's any method to the madness, there are plenty of ways to keep things simple from an inventory perspective. 

This is all moot, of course, if each of those 700 devices is a special snowflake with a special configuration....if that's the case you may have a different problem :)

[Adeel Ahmad]

i went to an Ansible conference and asked the same question.  The answer they gave was to design your playbook that it would 'gather facts' from all inventory DBs/IPAMs/etc.  a seperate yaml file for the vars wouldn't be necessary then.  They're also developing some cool plugins like allowing you to look up DNS name server address for a given prefix for example.

Ansible Tower is easy to use, however it can be done without it.

I hope that helps...

[Julien Manteau]

Yep, exactly the approach we took (over 6000 network devices). Central Inventory (iTOP) exported as a CSV and read by Ansible.

[Kirk Byers]

A bit of an old thread, but I wrote an article regarding Ansible's Dynamic Inventory (see https://pynet.twb-tech.com/blog/ansible/dynamic-inventory.html). It is reasonably straight forward to get Ansible variables from an external system.

Kirk

[Michael Kashin]

Nice article, Kirk. Have you considered grouping group/hosts variables in a separate file/directories, similar what they do in ansible examples on github? I've found it easier to have a big group_vars, host_vars directories with variable-size hosts file in the local directory. The only problem is correctly structuring the group hierarchy so as to keep the number of variables to a minimum.

[Kirk Byers]

Yes, you can definitely do this (i.e. use ./group_vars and ./host_vars directories to store inventory information). 

I was trying to show how you could programmatically obtain Ansible inventory information from an external system (so you didn't have to duplicate information that you already had stored elsewhere).

Regards,

Kirk

[Michael Kashin]

Oh, ok. Is there any advantage to have these variables introduced through an inventory file rather than through a custom fact gathering module?

[Mike Biancaniello]

We already have a database that stores all of our server, VM, and network device meta data (I use this for my inventory) coupled with a system that polls each network device daily, collects data, and stores in a database (I use this for 'facts' if not otherwise supported by the vendor).