diff --git a/docs/docsite/rst/network/user_guide/platform_frr.rst b/docs/docsite/rst/network/user_guide/platform_frr.rst new file mode 100644 index 00000000000..0003204eb65 --- /dev/null +++ b/docs/docsite/rst/network/user_guide/platform_frr.rst @@ -0,0 +1,72 @@ +.. _frr_platform_options: + +*************************************** +FRR Platform Options +*************************************** + +This page offers details on connection options to manage FRR using Ansible. + +.. contents:: Topics + +Connections Available +================================================================================ + +.. table:: + :class: documentation-table + + ==================== ========================================== + .. CLI + ==================== ========================================== + Protocol SSH + + Credentials uses SSH keys / SSH-agent if present + + accepts ``-u myuser -k`` if using password + + Indirect Access via a bastion (jump host) + + Connection Settings ``ansible_connection: network_cli`` + + |enable_mode| not supported + + Returned Data Format ``stdout[0].`` + ==================== ========================================== + +.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) + + +Using CLI in Ansible +==================== + +Example CLI ``group_vars/frr.yml`` +---------------------------------- + +.. code-block:: yaml + + ansible_connection: network_cli + ansible_network_os: frr + ansible_user: frruser + ansible_password: !vault... + ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' + +- The `ansible_user` should be a part of the `frrvty` group and should have the default shell set to `/bin/vtysh`. +- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_password`` configuration. +- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. +- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords via environment variables. + +Example CLI Task +---------------- + +.. code-block:: yaml + + - name: Gather FRR facts + frr_facts: + gather_subset: + - config + - hardware + +.. include:: shared_snippets/SSH_warning.txt + +.. seealso:: + + :ref:`timeout_options` diff --git a/docs/docsite/rst/network/user_guide/platform_index.rst b/docs/docsite/rst/network/user_guide/platform_index.rst index 7923de3b791..d62ecfc7a18 100644 --- a/docs/docsite/rst/network/user_guide/platform_index.rst +++ b/docs/docsite/rst/network/user_guide/platform_index.rst @@ -19,6 +19,7 @@ Some Ansible Network platforms support multiple connection types, privilege esca platform_eos platform_eric_eccli platform_exos + platform_frr platform_icx platform_ios platform_iosxr diff --git a/docs/docsite/rst/network/user_guide/platform_vyos.rst b/docs/docsite/rst/network/user_guide/platform_vyos.rst index 7f3c9cea65a..f3bb5a9a432 100644 --- a/docs/docsite/rst/network/user_guide/platform_vyos.rst +++ b/docs/docsite/rst/network/user_guide/platform_vyos.rst @@ -4,7 +4,7 @@ VyOS Platform Options *************************************** -VyOS supports Enable Mode (Privilege Escalation). This page offers details on how to use Enable Mode on VyOS in Ansible. +This page offers details on connection options to manage VyOS using Ansible. .. contents:: Topics