Omg is that Frostmourne in the background!?!?! Also, it is almost as if you are reading my mind and producing the videos I was thinking about. Keep up the great work, it helps me a lot :)
Frostmourne Hungers! I have a miniature Frostmourne hanging from my car's rear view mirror too, although that in the background was another contraption that I collected in my younger years. I would love having an actual replica of that iconic blade. Massive Arthas and LK fanboy, Warcraft and WoW has been a huge part of my life.
Great setup! Are you using management cloud net as a bridged adapter to your network to allow traffic from ubuntu to the lab? Or are you doing this with some sort of network inside of vmware workstation? Great video by the way.
Correct, I am only using the Management (Cloud0) adapter. So my Ubuntu VM can communicate with my EVE-NG server directly through my Vmware Workstation hypervisor.
Ansible Docs: docs.ansible.com/ MikroTik Playbook Template: github.com/TheNetworkBerg/TheNetworkBerg/blob/master/MikroTik%20Template (Note I called YAML files "Yet Another Machine Language" which is incorrect, this used to stand for "Yet Another Markup Language")
Are these tasks idempotent? Seems like it will run these commands no matter what. Then you have to query and check first before running. Then it's probably better to simply push the config and import it, right?
That is correct, the only module available for MT is to basically "Run commands" so Ansible will just run/re-run things regardless if the config already exists. Hoping more modules become available, but I don't think there is much care for automation with ansible when it comes to MikroTik. Checking if we can leverage the API though!
@@TheNetworkBerg Uff, that's rough... Did you find out how to implement immutability? I'm currently also in the process of automating it, but I'm a brainless monkey and want my playbooks to be immutable, otherwise I might fry that thing. Especially since I have black lists with ~30000 entries 😕
ive avoided ansible so much.. personally it felt a bit too much like python+bash scripting.. and I got a lot further by writing declarative stuff in tools like terraform /juju instead .. but the thing missing from those tools is more networking stuff.. interesting to see how things have progressed in ansible but I still will likely try to keep to other stuff
Well... this video I am focusing on RoS with Ansible which is honestly very basic :C. And LOL I first got into Ansible in the start of 2020, and also just went NOPE after a while. I just recently got back into it after more viewers asked me about Ansible and I covered Unimus. I do love all the different modules you can use with Ansible for bigger vendors and server stuff. I think Ansible truly shines when you can work on Ansible Tower. Although that means paying for a service, which is not always open for individuals just doing research like myself. I've also had great fun on Unimus and I am actually busy making a mini series with them regarding MikroTik scripting and more in-dept automation with Unimus.
This video is kind of a bad example of what makes Ansible so great. In my opinion it's the immutability and the templating. For example what I did the other day was to configure load balancers. Our scenario was as follows: Multiple sites with multiple load balancers each. So in the inventory, you group the load balancers for each site together and mark one of them as primary (with a variable). This primary LB has certbot installed and serves as a reverse proxy with TLS termination however, it also has a script installed and added by cron job that gets called each time certbot is done renewing (with post-hook) and sends the new certificates to all other load balancers in his group. And the cool thing is: I only had to write the script once. If I add a new load balancer to the group and run the playbook, the new load balancer gets added to the script and the script is then copied onto the server. But if nothing has changed, the playbook will change nothing. And that's so great about it.
Hi network berg , i do believe there is a video about that. And If i remember well you spend +3 hours, and you didn't do it. On this video works well. I'm wondering what you was missing?
Yes you are referring the the stream where I was "Re-Learning" Ansible. To be honest Ansible was working in the stream, however, since I did not use the PPA to install Ansible and I only did and apt-get install Ansible I did not have any reference material. Ideally you want to create an Ansible.Cfg file in the directory where you will be running your playbooks from, then all you need to do is add an inventory file and reference that inventory file in the Ansible.cfg file. If you use the PPA these files are added for you and there is a baseline directory which most other channels/videos use to talk about everything. It's actually silly that if I just used the PPA correctly on stream then I am certain we would have had everything working in that video :P
When i make an typo in an command, the playbook still gets executed. I expect to get an error output, but it executed "succesfull". Can someone verify that this is "normal" behaviour for ansible and microtic?
Unfortunately yes, this is the expected behavior as MikroTik only has the RouterOS module which works like a terminal client. So Ansible will connect and push any commands even ones with typos and see it as successful.
could u add in ur playbook an exist checks i.e 1. check user exist or not 2. check gateway exist, otherwise it will keep adding gw if I rereun the playbook 3. check vlan exist 4. check "dhcp-server network" exist otherwise it will give failure
Both tools are multi-vendor and clientless. So to me that is really preferential. I personally LOVE Unimus as well. It is a great automation tool and I am actually busy with a mini-series that will be covering MikroTik scripting and automation a bit more in-depth with Unimus. So I would say stick with Unimus :)!
How do you open the HTML5 Console in EVE-NG in window mode? On my fresh EVE-NG instance it always opens a new tab. AFAIK they use Guacamole in the background... Thanks for the video!
Are you using the community or pro edition of EVE-NG? I am using pro and it has always worked this way for me. No special tuning required, I think it's just one of those "nice" features they add on Pro
CHR does not have this limitation and will run indefinitely, your ports will only work at 1Mb but for all labbing and learning purposes this is generally fine
Do you mean directly to a Tik as opposed to doing it from Ansible? Either way works fine I guess, Ansible is just structured around the concept of SDNs and being able to manage your configurations from a central point. The only Ansible module for MikroTik is basically just to run commands from the CLI which is very rudimentary, although once you start adding more vendors and larger networks it definitely makes sense using Ansible or any other orchestrator.
Will Ansible support the new rest API in ROS7? Using the actual command line is a poor mans way of automating.... so many ways of fucking up if you dont do things in the correct order, or do some tasks too many times etc :D
Currently no, and I agree with you this is definitely very rudimentary. I am hoping new modules are added for ROS that can use the new rest API. I'll still be digging around a lot more on Ansible and will be using some RoS7 test images to see what we can achieve on them.
God Damn. Your timing is perfect. I just got task to install 70 Mikrotiks. BIG THX !!!
Ansible & Unimus are both great for tasks like that :D! Good luck with setting up all them routers!
Omg is that Frostmourne in the background!?!?! Also, it is almost as if you are reading my mind and producing the videos I was thinking about. Keep up the great work, it helps me a lot :)
Frostmourne Hungers! I have a miniature Frostmourne hanging from my car's rear view mirror too, although that in the background was another contraption that I collected in my younger years. I would love having an actual replica of that iconic blade. Massive Arthas and LK fanboy, Warcraft and WoW has been a huge part of my life.
Hello, please can you give me a link for video where you importing SSH key? I can't find it among your videos. Thank you.
Great setup! Are you using management cloud net as a bridged adapter to your network to allow traffic from ubuntu to the lab? Or are you doing this with some sort of network inside of vmware workstation?
Great video by the way.
Correct, I am only using the Management (Cloud0) adapter. So my Ubuntu VM can communicate with my EVE-NG server directly through my Vmware Workstation hypervisor.
Ansible Docs:
docs.ansible.com/
MikroTik Playbook Template:
github.com/TheNetworkBerg/TheNetworkBerg/blob/master/MikroTik%20Template
(Note I called YAML files "Yet Another Machine Language" which is incorrect, this used to stand for "Yet Another Markup Language")
Are these tasks idempotent? Seems like it will run these commands no matter what. Then you have to query and check first before running. Then it's probably better to simply push the config and import it, right?
That is correct, the only module available for MT is to basically "Run commands" so Ansible will just run/re-run things regardless if the config already exists. Hoping more modules become available, but I don't think there is much care for automation with ansible when it comes to MikroTik. Checking if we can leverage the API though!
@@TheNetworkBerg Uff, that's rough... Did you find out how to implement immutability? I'm currently also in the process of automating it, but I'm a brainless monkey and want my playbooks to be immutable, otherwise I might fry that thing. Especially since I have black lists with ~30000 entries 😕
ive avoided ansible so much.. personally it felt a bit too much like python+bash scripting.. and I got a lot further by writing declarative stuff in tools like terraform /juju instead .. but the thing missing from those tools is more networking stuff.. interesting to see how things have progressed in ansible but I still will likely try to keep to other stuff
Well... this video I am focusing on RoS with Ansible which is honestly very basic :C. And LOL I first got into Ansible in the start of 2020, and also just went NOPE after a while. I just recently got back into it after more viewers asked me about Ansible and I covered Unimus.
I do love all the different modules you can use with Ansible for bigger vendors and server stuff. I think Ansible truly shines when you can work on Ansible Tower. Although that means paying for a service, which is not always open for individuals just doing research like myself. I've also had great fun on Unimus and I am actually busy making a mini series with them regarding MikroTik scripting and more in-dept automation with Unimus.
This video is kind of a bad example of what makes Ansible so great. In my opinion it's the immutability and the templating.
For example what I did the other day was to configure load balancers.
Our scenario was as follows: Multiple sites with multiple load balancers each.
So in the inventory, you group the load balancers for each site together and mark one of them as primary (with a variable).
This primary LB has certbot installed and serves as a reverse proxy with TLS termination however, it also has a script installed and added by cron job that gets called each time certbot is done renewing (with post-hook) and sends the new certificates to all other load balancers in his group.
And the cool thing is: I only had to write the script once. If I add a new load balancer to the group and run the playbook, the new load balancer gets added to the script and the script is then copied onto the server. But if nothing has changed, the playbook will change nothing.
And that's so great about it.
Funny!
Hi network berg ,
i do believe there is a video about that. And If i remember well you spend +3 hours, and you didn't do it. On this video works well. I'm wondering what you was missing?
Yes you are referring the the stream where I was "Re-Learning" Ansible. To be honest Ansible was working in the stream, however, since I did not use the PPA to install Ansible and I only did and apt-get install Ansible I did not have any reference material.
Ideally you want to create an Ansible.Cfg file in the directory where you will be running your playbooks from, then all you need to do is add an inventory file and reference that inventory file in the Ansible.cfg file.
If you use the PPA these files are added for you and there is a baseline directory which most other channels/videos use to talk about everything. It's actually silly that if I just used the PPA correctly on stream then I am certain we would have had everything working in that video :P
Hello! can you share the .yml files?
When i make an typo in an command, the playbook still gets executed. I expect to get an error output, but it executed "succesfull". Can someone verify that this is "normal" behaviour for ansible and microtic?
Unfortunately yes, this is the expected behavior as MikroTik only has the RouterOS module which works like a terminal client. So Ansible will connect and push any commands even ones with typos and see it as successful.
could u add in ur playbook an exist checks i.e
1. check user exist or not
2. check gateway exist, otherwise it will keep adding gw if I rereun the playbook
3. check vlan exist
4. check "dhcp-server network" exist otherwise it will give failure
Could check it out, however, MikroTik has a single module for Ansible that essential just runs commands as if you were on the CLI.
could u pls share ur playbook in github. so that I don't have to write from scratch. tq
could u increase ur font size so that I don't have to zoom it
But ansible with routeros module is a disaster. Simple SSH with keys doesn't work :/
Honestly speaking, I think Ansible with ROS isn't very nice either... I also think Ansible is starting to be replaced by other tools like Terraform.
Im currently using Unimus, is this better?
Both tools are multi-vendor and clientless. So to me that is really preferential. I personally LOVE Unimus as well. It is a great automation tool and I am actually busy with a mini-series that will be covering MikroTik scripting and automation a bit more in-depth with Unimus. So I would say stick with Unimus :)!
How do you open the HTML5 Console in EVE-NG in window mode? On my fresh EVE-NG instance it always opens a new tab.
AFAIK they use Guacamole in the background... Thanks for the video!
Are you using the community or pro edition of EVE-NG? I am using pro and it has always worked this way for me. No special tuning required, I think it's just one of those "nice" features they add on Pro
@@TheNetworkBerg Community (NG). Provably thats the difference:)
Do You have any video using ansible with Mikrotik rest api?
No but it is something I still have on my radar. Can maybe check out Mksit on CZcams
is there a script to install and bootstrap management ip for a ros vm? i have trouble setup ros vm every 24 hrs by their license limitation.
CHR does not have this limitation and will run indefinitely, your ports will only work at 1Mb but for all labbing and learning purposes this is generally fine
@@TheNetworkBerg ah thank you, I download the chr image now works fine now.
Why wouldnt you just upload a config?
Do you mean directly to a Tik as opposed to doing it from Ansible? Either way works fine I guess, Ansible is just structured around the concept of SDNs and being able to manage your configurations from a central point. The only Ansible module for MikroTik is basically just to run commands from the CLI which is very rudimentary, although once you start adding more vendors and larger networks it definitely makes sense using Ansible or any other orchestrator.
Will Ansible support the new rest API in ROS7? Using the actual command line is a poor mans way of automating.... so many ways of fucking up if you dont do things in the correct order, or do some tasks too many times etc :D
Currently no, and I agree with you this is definitely very rudimentary. I am hoping new modules are added for ROS that can use the new rest API.
I'll still be digging around a lot more on Ansible and will be using some RoS7 test images to see what we can achieve on them.
YAML use to stand for Yet Another Markup Language, but it got "repurposed" to "YAML Ain't Markup Language"
Ah thank you for the correction!
Sub title Indonesia please 🙏