Scribd
Upload
196 views44 pages

Use Jinja2 To Create Templates

Uploaded by

m
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
196 views44 pages

Use Jinja2 To Create Templates

Uploaded by

m
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 44

Use Jinja2 to Create Templates

Ivan Pepelnjak ([email protected])


Network Architect

ipSpace.net AG

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
Review: The Goal
Network parameters Configuration
database templates

Configuration
builder

Device configurations

Most programming languages have a templating library/toolkit


• Template::Toolkit and HTML::Template in Perl
• Jinja2 and Django in Python
• FreeMarker in Java
… or you could use Excel formulas

2 This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Assumptions for This Section
YAML Jinja2
template

Python script

Result

• YAML document is a dictionary (key-value object)


• Every key-value pair from YAML document appears as an independent
variable in Jinja2 template
• Ansible uses the same model  templates from this section work in
Ansible

3 This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Live demos
Jinja2 renderer in Python:
• Read YAML data model
• Render YAML data model with a Jinja2 template
• Print YAML data model and Jinja2 results

Environment
• Ubuntu 14.04 LTS
• Python 2.7
• Jinja2 2.8

Source code in ipSpace.net Github repository

github.com/ipspace/NetOpsWorkshop/tree/master/Jinja2

4 This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Introduction to
Jinja

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
What Is Jinja2?
Welcome to Jinja2 (from jinja.pocoo.org)
Jinja2 is a modern and designer-friendly templating language for Python,
modelled after Django’s templates. It is fast, widely used and secure with
the optional sandboxed template execution environment.

• Python-like code inserted in boilerplate text


• Simple expressions and built-in functions and filters
• Control structures: conditionals, loops
• Macros
• Template importing and inheritance
• Easy to use with simple text files, HTML, XML, JSON…
• Extensible with custom functions and libraries

6 This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
1-basics

Basic Variable Substitution

{# This is a template comment #}


service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
{# Device name is in the hostname variable #}
hostname {{hostname}}
!
logging buffered 4096
logging host {{syslog}}
!
no aaa new-model ---
hostname: R1
syslog: 172.16.0.1

Blocks generate extra newlines unless you modify Jinja2 environment


7 This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
1-basicFail

What If There’s No Variable?

service timestamps debug datetime msec


service timestamps log datetime msec
no service password-encryption
!
hostname {{hostname}}
!
logging buffered 4096
logging host {{syslog}}
!
no aaa new-model

---
hostname: R1
syslog: 172.16.0.1

8 This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
2-conditionals

Conditionals

no service password-encryption
!
hostname {{hostname}}
!
no aaa new-model
!
{% if syslog %}
logging host {{syslog}}
{% else %}
! no syslog
{% endif %}
---
hostname: R1
syslog: 172.16.0.1

Alternate syntax: syslog is defined or defined(syslog)


9 This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Rules to Remember

{# This is a template comment #}

Jinja2 comment. Will not appear in the generated output

logging host {{syslog}}

Jinja2 expression. Text within curly brackets is evaluated and inserted in the
output stream.

{% if syslog %}

{% endif %}

Jinja2 code block. Must start with a keyword (if, for, set …). Does not generate
output.

10This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Defined Variables and Boolean Values

{% if syslog is defined %}

True whenever the syslog variable has any value (including empty string or zero)

{% if syslog %}

• The expression specified in if statement is evaluated


• Result is converted into Boolean value – anything that is not empty (string, list
or dictionary) or zero is true

11This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Good to Know: trim_blocks
{# This is a template comment #}
!
{# Set hostname #}
hostname {{hostname}}
!
{% if syslog %}
logging host {{syslog}}
{% endif %}

!
! hostname {{hostname}}
!
hostname {{hostname}} logging host {{syslog}}
!

logging host {{syslog}} With trim_blocks (incl. Ansible)

Without trim_blocks (default)

12This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Complex Data Objects
and Loops

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
3-complex

Complex Objects

service timestamps debug datetime msec


service timestamps log datetime msec
!
hostname {{hostname}}
!
logging buffered 4096
!
no aaa new-model
!
interface loopback 0
ip address {{loopback.ip}} {{loopback.subnet}}

---
hostname: R1
loopback: { ip: 172.16.0.1, subnet: 255.255.255.255 }
Alternate syntax: loopback[‘ip’]
14This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Dealing with Default Values

service timestamps debug datetime msec


service timestamps log datetime msec
!
hostname {{hostname}}
!
logging buffered 4096
!
no aaa new-model
!
interface loopback 0
ip address {{loopback.ip}} 
{% if loopback.subnet %}{{loopback.subnet}} 
{% else %}255.255.255.255{% endif %}

15This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
4-default

Default Filter

service timestamps debug datetime msec


service timestamps log datetime msec
!
hostname {{hostname}}
!
logging buffered 4096
!
no aaa new-model
!
interface loopback 0
ip address {{loopback.ip}} 
{{loopback.subnet|default("255.255.255.255")}}

---
hostname: R1
loopback: { ip: 172.16.0.1 }

16This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Other Interesting Filters
• dictsort – sorts a dictionary (when you want to get sorted outputs)
• first, last – returns first or last item in a sequence
• format – applies Python string formatting (great for formatted outputs)
• groupby – groups sequence of objects by selected value
• join – joins a sequence of values with specified separator
• replace – replaces a substring
• truncate – truncates a string to a maximum length

17This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
5-sequence

Iterating over a Sequence: For Loop

service timestamps debug datetime msec


service timestamps log datetime msec
no service password-encryption
!
hostname {{hostname}}
!
logging buffered 4096
{% for hostip in syslog %}
!
logging host {{hostip}}
{% endfor %}
---
hostname: R1
syslog:
- 172.16.0.1
- 172.16.0.2
18This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
5-sequenceFail

What If We Have a Single Syslog Server?

service timestamps debug datetime msec


service timestamps log datetime msec
no service password-encryption
!
hostname {{hostname}}
!
logging buffered 4096
{% for hostip in syslog %}
logging host {{hostip}}
{% endfor %}

---
hostname: R1
syslog: 172.16.0.1

19This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
6-iterable

Identifying Strings and Sequences

value: {{value}}
sequence: {{sequence}}

Is a string?
{% if value is string%}--> Value is string{% endif %}
{% if sequence is string%}--> Sequence is string{% endif %}

Is iterable?
{% if value is iterable%}--> Value is iterable{% endif %}
{% if sequence is iterable%}--> Sequence is iterable{% endif %}

Is sequence?
{% if value is sequence%}--> Value is sequence{% ---
endif %}
{% if sequence is sequence%}--> Sequence is sequence{% endif %}
value: R1
sequence:
- 172.16.0.1
- 172.16.0.2

20This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
6-syslog

One or More Syslog Servers

service timestamps debug datetime msec


service timestamps log datetime msec
no service password-encryption
!
hostname {{hostname}}
!
logging buffered 4096
{% if syslog is string %}
logging host {{syslog}}
{% else %}
{% for hostip in syslog %}
logging host {{hostip}}
{% endfor %} ---
{% endif %} hostname: R1
syslog: 172.16.0.1

21This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
7-sequenceObjects

Iterating over Sequences of Objects

! Local users
{% for user in users %}
!
user {{user.username}} password {{user.password}}
{% if user.privilege is defined %}
user {{user.username}} privilege {{user.privilege}}
{% endif %}
{% endfor %}
---
hostname: R1
users:
- { username: cisco, password: cisco }
- username: admin
password: admin
privilege: 15

122This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
8-iterateDictionary

Iterating over a Dictionary

! Local users:
! {{passwords.keys()}}
!
! Nicely formatted: {{passwords.keys()|join(",")}}
!
{% for username,password in passwords.iteritems() %}
user {{username}} password {{password}}
{% endfor %}

---
passwords:
cisco: c1sc0
admin: DoNotTouch
guest: guest
default: noPassword

123This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Iterating over a Dictionary: Summary
Useful dictionary functions:
• Value.keys() – list of keys (property names)
• Value.values() – list of values
• Value.iteritems () – (key, value) pairs in internal order (can change)
• Value | length – length of the object (number of values or string length)
• Value | dictsort – sorted (key,value) pairs

24This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
9-loopVariable

Identifying First and Last Iteration

{% for username,password in passwords|dictsort %}


{% if loop.first %}
! Local user database
{% endif %}
user {{username}} password {{password}}
{% if loop.last %}
! Total number of users {{passwords|length}}
{% endif %}
{% endfor %}
---
passwords:
cisco: c1sc0
admin: DoNotTouch
guest: guest
default: noPassword

25This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
A-valueLookup

Dictionary Lookups

{% for name,vlan in vlans|dictsort %}


vlan {{vlan.id}}
name {{name}}
description {{vlan.description}}
{% endfor %}
!
{% for name,intf in interfaces|dictsort %}
interface {{name}}
switchport access vlan {{vlans[intf.vlan].id}}
{% endfor %}
---
vlans:
mgmt: { id: 10, description: management }
user: { id: 20, description: Users }
interfaces:
fa0/0: { vlan: mgmt }
fa0/1: { vlan: user }

126This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Variables, Macros
and Includes

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
B-ACL-Simple

Example: Create ACLs

{% for name,list in acls.iteritems() %}


ip access-list extended {{name}}
{% for line in list %}
{{ line }}
{% endfor %} ---
acls:
{% endfor %}
noweb:
- deny tcp any any eq 80 log
- deny tcp any eq 80 any log
ip access-list extended noweb - permit ip any any
deny tcp any any eq 80 log noudp:
- deny udp any any log
deny tcp any eq 80 any log
- permit tcp any any
permit ip any any
ip access-list extended noudp
deny udp any any log
permit tcp any any

28This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
B-ACL-Sequenced

Requirement: Sequenced ACLs

{% for name,list in acls.iteritems() %}


ip access-list extended {{name}}
{% set count = 0 %}
{% for line in list %}
{% set count = count + 10 %} ---
acls:
{{ count }}{{ line }}
noweb:
{% endfor %} - deny tcp any any eq 80 log
- deny tcp any eq 80 any log
- permit ip any any
set – sets a value of Jinja2 variable noudp:
- deny udp any any log
• Variables can be set to any value - permit tcp any any
(including lists, dictionaries…)
• Variables created with set statement can be used like any other
variable in Jinja2 expressions

29This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
C-macros

Macros

{% macro ifaddr(intf,mask) %}
ip address {{intf.ip}} {{mask|default(intf.mask)| 
default('255.255.255.0')}}
{% endmacro %}
!
interface loopback 0
{{ ifaddr(loopback,'255.255.255.255') }}
!
interface fa0/0
{{ ifaddr(LAN) }}
!
interface serial0/1 ---
{{ ifaddr(WAN.0) }} loopback: { ip: 172.16.0.1 }
LAN: { ip: 172.16.10.1 }
WAN:
0: { ip: 172.16.22.2, mask: 255.255.255.240 }

30This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Includes and Imports

{% include 'filename' %}

• Includes the results of the template into the output stream


• Add ignore missing if the included template could be missing
• Alternatively, specify a list of alternate templates – the first one will be included

{% import 'template' as variable %}

• Imports a template into a variable


• Does not add template results to output stream
• Macros defined in the template can be called as variable.macro

31This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
D-import-include

Includes and Imports


interfaces.j2
{% macro ifaddr(intf,mask) %}
ip address {{intf.ip}} {{mask|default(intf.mask)| 
default('255.255.255.0')}}
{% endmacro %}

loopback.j2
interface loopback 0
{{ interfaces.ifaddr(loopback,'255.255.255.255') }}

{% import 'interfaces.j2' as interfaces %}


{% include 'loopback.j2' %}
!
interface fa0/0
{{ interfaces.ifaddr(LAN) }}
!
interface serial0/1
{{ interfaces.ifaddr(WAN.0) }}

32This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Python Methods in
Jinja2

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
Using Python Methods in Jinja2
• Jinja2 uses Python data types (string, list…)
• Standard Python methods work in Jinja2 expressions

Examples:
• String.find (find a substring in a string)
• String.partition (split a string into prefix, separator and suffix)
• String.split (split a string into a list based on a separator)

34This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
P1-strings

Python String Methods in Jinja2


Split into:
[0] – part before the dot
hostname {{hostname}} [1] – separator (dot)
[2] – part after the dot
{% if hostname.find('.') > 0 %}
ip domain name {{ hostname.partition('.')[2] }}
{% endif %}
{% set host = hostname.partition('.')[0] %}
{% set idx = host.partition('-')[2] | int %}
{% if idx %}
router bgp {{ 64600 + idx }} Works even when
separator is not found
{% endif %}
Convert string to integer

---
hostname: L-1.example.com

Explore Python string documentation for more details


35This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
P2-slicing

Python Slicing in Jinja2

hostname {{hostname}}
{% set dot = hostname.find('.') %}
{% if dot > 0 %}
! Dot found in hostname at position {{ dot }}
ip domain name {{ hostname[dot+1:] }}
{% set hostname = hostname[:dot] %}
{% endif %}
{% set dash = hostname.find('-') %}
{% if dash > 0 %}
{% set idx = hostname[dash:] | int %}
router bgp {{ 64600 + idx }}
{% endif %}
---
hostname: L-1.example.com

36This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Python Slicing Explained
• Python list reference [n:m] selects a slice from the list from n to m-1
• Missing first parameter  from the beginning of the list
• Missing second parameter  till the end of the list
• String is a list of characters  slicing works on strings as well
• Start and end might be negative numbers
 counting from the end of the list

Find position of the


first dot in the string Select substring
starting at dot+1
(just after the dot)
{% set dot = hostname.find('.') %}
ip domain name {{ hostname[dot+1:] }} Select substring
ending at dot-1
{% set hostname = hostname[:dot] %} (just before the dot)

37This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
IP Address Handling

This material is copyrighted and licensed for the sole use by Mikel Maeso ([email protected] [85.87.178.33]). More information at http://www.ipSpace.net/Webinars
Live demos
Ansible playbook
• Read YAML data model
• Render YAML data model with a Jinja2 template into results.txt
Bash script
• Invoke Ansible playbook with extra variable (template name)
• Print input files and results
Environment
• Ubuntu 14.04 LTS
• Python 2.7 with Jinja 2.8
• Ansible 2.2
Source code in ipSpace.net Github repository

github.com/ipspace/NetOpsWorkshop/tree/master/Jinja2/ipaddr

39This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
IP Address Handling
ipaddr Jinja2 filter provides numerous IP address handling functions:
• Extract IP address or subnet mask from CIDR prefix
• Generate CIDR prefix from IP address and subnet mask
• Generate IP prefix from IP address and subnet length
• Find n-th host or subnet broadcast address within a given prefix
• Check IPv4 and IPv6 address validity
• Extract valid IP, IPv4 or IPv6 addresses from a list
• Select IP addresses within the specified range
• Test whether IPv4 addresses are public or private

Works in Ansible, implemented as Jinja2 plugin


40This material is copyrighted
© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
1-ipaddr

Extract IP Address and Subnet Mask from CIDR Prefix

{% for intf in interfaces %}


interface {{intf.name}}
description IP addr = {{intf.ip}}
ip address {{intf.ip | ipaddr('address')}} 
{{intf.ip | ipaddr('netmask')}}
{% endfor %}

---
interfaces:
- name: GigabitEthernet0/0
ip: 172.16.0.1/24
- name: GigabitEthernet0/1
ip: 172.16.1.1/24

41This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
2-iphost

Set Default Gateway from CIDR Prefix

{% for intf in interfaces %}


!
! prefix = {{intf.prefix}}
! ipaddr(1) = {{intf.prefix | ipaddr(1) }}
!
interface {{intf.name}}
{% set gw = intf.prefix|ipaddr(1) %}
ip address {{gw | ipaddr('address') }} 
{{intf.prefix | ipaddr('netmask')}}
{% endfor %}
---
interfaces:
- name: GigabitEthernet0/0
prefix: 172.16.0.0/24
- name: GigabitEthernet0/1
prefix: 172.16.1.18/30

42This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
3-localACL

Creating ACL Don’t-care Bits from CIDR Prefix

{% set allone = "255.255.255.255" | ipaddr('int') %}


ip access-list extended LocalPrefixes
{% for intf in interfaces %}
{% set netmask = intf.prefix | ipaddr('netmask') 
| ipaddr('int') %}
{% set invmask = (allone - netmask) | ipaddr('address') %}
{% set prefix = intf.prefix | ipaddr(0) %}
permit {{prefix | regex_replace('/.*','') }} {{invmask}}
{% endfor %}

---
interfaces:
- name: GigabitEthernet0/0
prefix: 172.16.0.0/24
- name: GigabitEthernet0/1
prefix: 172.16.1.18/30

43This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars
Questions?

Send them to [email protected] or @ioshints

44This material is copyrighted


© ipSpace.net 2016 and licensed for the sole use by Mikel Maeso
Ansible([email protected] [85.87.178.33]).
Case Study: Automated DMVPN Deployment More information at http://www.ipSpace.net/Webinars

You might also like