Skip to content

Golden Config

During this lab we will be installing and running through the Nautobot Plugin Golden Config. During this lab we are going to:

Before you start

  • Obtain a GitHub Token that has write privileges to the repo
  • Add the files from the golden-config folder into the root of your folder from the https://github.com/networktocode-llc/ntcu-class-2023 repo.
  • Clone golden config plugin from: https://github.com/nautobot/nautobot-plugin-golden-config
  • Enter that directory and copy the environment file with cp development/creds.example.env development/creds.env
  • Download the data file from https://github.com/networktocode-llc/nautobot-data-generation/releases/download/branch_mzb-jathan-persona_legacy_gizmo/nautobot_1.5.16-P-S-latest.tar.gz
  • Extract file and put the nautobot.sql file in root of your nautobot-plugin-golden-config directory
  • Ingest the data with:
    • invoke destroy
    • invoke start --service=db
    • docker cp nautobot.sql nautobot_golden_config-db-1:/tmp/nautobot.sql
    • docker exec -it nautobot_golden_config-db-1 sh -c "psql -h localhost -U nautobot < /tmp/nautobot.sql"
  • Run your instance as you normally would

Build Settings

  • Enable the Jobs
    • Navigate to Jobs -> Jobs
    • Human Instructions: Click edit on each one, enable, and save, you will have to do this 6 times.
      • Note: This is "mostly" done for you already, since it came with the data, but you should be aware of it.
  • Create your Dynamic group or scope
    • Navigate to Organization -> Dynamic Groups
    • Select the GoldenConfigSetting Default Settings scope
    • Edit the dynamic group, select Site and choose ATL01 and Platform is Arista EOS and Role is edge click update.
  • Create the Repo, Extensibility -> Git Repositories -> Add, and fill in:
    • name: GC Repo
    • Remote URL: https://github.com/$yourname/$yourrepo
    • Bransh: $yourbranch
    • User: $youruser
    • Token: $yourtoken
    • Select the following from Provides drop down: backup configs, intended configs, jinja templates
    • Run "Create and Sync", ensure this succeeds
  • Extensibility -> Config Context -> Add
    • name: GC Content
    • Data: (see below)
  • Create a GraphQL Query
    • In the bottom right hand corner, select GraphQL (Hint: It may be helpful to grab atl01-edge-01 uuid before going)
    • Build your GraphQL quey (see below)
    • From the top of the GraphiQL UI select Queries -> Save Current Query As
    • Fill in the Name of GC Query
    • Select Create
  • Create Golden Config Settings
    • Navigate to Golden Config -> Golden Config Settings
    • Select Default Settings and Edit them
    • Backup repository: GC Repo
    • Backup Path in Jinja Template Form: backups/{{obj.name}}.cfg
    • Intended repository: GC Repo
    • Intended Path in Jinja Template Form: intended/{{obj.name}}.cfg
    • Jinja repository: GC Repo
    • Template Path in Jinja Template Form: templates/{{obj.platform.slug}}.j2
    • Sot agg query: GC Query
    • Update

Info

Data for Config Context

{
    "ntp": [
        {
            "name": "10.1.1.1",
            "prefer": true
        },
        {
            "name": "10.2.2.2"
        },
        {
            "name": "10.3.3.3"
        }
    ]
}

Info

Data for GraphQL 

query ($device_id: ID!) {
  device(id: $device_id) {
    config_context
    hostname: name
    position
    serial
    primary_ip4 {
      id
      primary_ip4_for {
        id
        name
      }
    }
    tenant {
      name
    }
    tags {
      name
    }
    device_role {
      name
    }
    platform {
      name
      manufacturer {
        name
      }
      napalm_driver
    }
    location {
      name
      vlans {
        id
        name
        vid
      }
      vlan_groups {
        id
      }
    }
    interfaces {
      description
      mac_address
      enabled
      name
      ip_addresses {
        address
        tags {
          id
        }
      }
      tagged_vlans {
        id
      }
      untagged_vlan {
        id
      }
      tagged_vlans {
        location {
          name
        }
        id
      }
      tags {
        id
      }
    }
  }
}

Run the config generation Job

  • From the Jobs, run the Generate Intended Configurations Job as you normally would.
  • View your config changes in your github Account

Create the compliance definitions

  • Navigate to Golden Config -> Compliance Feature -> Add
    • Fill in the name as aaa then Create and Add Another. Do this 2 more times for hostname and ntp.
  • Navigate to Golden Config -> Compliance Rules -> Add, fill in
    • Platform: Arista EOS
    • Feature: aaa
    • Config to Match: aaa
    • Create and Add Another. Do this 2 more times for hostname and ntp.

Run the Compliance Job

  • From the Jobs, run the Perform Configuration Compliance Job as you normally would.
  • View the results in Golden Config -> Config Overview & Golden Config -> Config Compliance

Challenge

  • Update the Jinja to pull the data from the ntp data in config context.
  • Update the interface to pull from the data. (Hint: it may be easier to start with Loopback0 only at first and may want to change subnet mask within Nautobot to /24)