Project Soon

Ansible: VyOS v2

I mentioned over a year ago about the collection in Ansible I used for VyOS. I had some issues with it regarding differences and performance, so I had to resolve to some odd workaround which was ugly(clear config path and recreate from scratch, which was very slow on big configs), but quite easy to use directly with VyOS. I later on made some custom templates for it to reduce boilerplate and coupling. I later found out that the collection, while being maintained (but never updated on Ansible Galaxy) was supporting VyOS 1.1, which is odd as the stable one is 1.3, and the newest is 1.5 since a couple of months ago. I also learned that VyOS had a builtin API. Therefore I went on to integrate with the API and Ansible, creating a role with some local actions.

First off, I created vyos_api, which is basically a way to easily send a method, key and raw “command”(op and argument). It is there for convenience and backward compatibility, both for the user and for the developer for additional actions.

Second, I created vyos_configure, which is two API commands bundled together with difference of config. It takes a path instead of a method, and will retrieve the configs on that path and then generate a diff on those configs, one being what to remove, and the other what to add. In addition, when removing configs, a “smart search” is being done by generating a diff on the current config and what to be removed, and then traversed to generate paths that can be removed whenever the diff does not have that path. This is necessary both due to efficiency, but also because VyOS configs are dumb in that it wont remove empty branches of configs, even though it can never create those.

Finally there was created some filters to be used to translate existing configs to VyOS configs.

The reason for this addition was as mentioned to both add support for newer VyOS, but also to reduce config time significantly whenever config are changed. Previously it took me 56 seconds to update all configs for VyOS, but now it takes 10 seconds. Though, it will increase whenever the config changes, but now significantly less than before. This also allows me to add more actions in the future for VyOS, some less useful than others.