You certainly remember the first time you ran an Ansible playbook: a few lines of code grouped together in a bunch of tasks that did a lot of magic. Struck by curiosity, you surely asked yourself what could be concealed behind that thing called module. How was it possible that a few key/value pairs could abstract what usually would have been tens of lines of bash code? Well, we know that in software engineering there is not such a thing as magic, same is true for Ansible and Ansible modules.

From Ansible documentation a module is:

a reusable, standalone script…


Because you are reading this post, you’re likely aware of the great power of the Jinja2 templating language. You might have turned an entire data center configuration in one huge complex template, doing crazy conditionals to render some lines and skip some others. Spines or leaves devices do not make any difference to you, as long as you have a device_role variable which helps you to build the right config. Multi-vendor is not a thing for you anymore - Juniper, Cisco, Nexus (…you name them) all together in your super_master.j2. One template to rule them all! Hundreds and hundreds of…


Let’s keep it nice and short because if you are reading this post, probably you are looking for a practical solution and you do not want to wast time reading about how Ansible is cool or to use this module or that filter. So, let’s dig straight into it.

(Short) Intro.

Let’s assume you have 400 routers across your network. Different hardware and software version. Now, let’s assume that InfoSec guys knock on your office and asking you to enforce some sort of security compliance for all management configuration on those 400 devices (NTP, SNMP, AAA, etc.) …


We all know how painful it is moving from a technology that we are well confident to work with, to a new one where we have zero experience. Think about the first time you change OS in your laptop or server, or when you started to work with a new vendor product: the learning curve was so steep, slow and full of pain. Now, try to imagine if a day you suddenly decide to move from your daily job, where you have decades of experience, to a totally different one. To make thing more difficult, the new job you are…


Me, moving around git.

Let’ s be honest: git is so damn complex. Whoever does not admit that is either a liar or someone who does not have a great social life.

Whenever I have to work with git, I feel like I have been dropped in the middle of a minefield and I have to find my way out thanks to a map written in cuneiform (...try to read some git documentation and then you’ ll let me know!). So many times I stepped on a mine and blew-up the repository in which I was working , or I covered my eyes and…


First of all, apologies to all of those people who are feeling hurt by decoupling the term “Network” from “Infrastructure”. I am one of you. But that’ s not my fault. I am well aware that a network is part of an infrastructure (especially in these days where the boundaries between the two are shrinking day after day) but wherever you look for infrastructure, you will find Docker, API, VMs, Cloud, AWS, Kubernetes, etc. but not a single word about router or switch (kind of Dockers, running in VMs, installed in a Cloud, are communicating each other by magic…aren’t they?)…


Network Telemetry presentation at Cloud Expo 2019

Yes, that happens when you write (probably by coincidence…) a good piece of python crap that just works, it does its job without complaining about errors and exceptions. I deployed it 2 years ago and almost forgotten about its existence in our infrastructure..until now. But let’s go in order and tell you all the story from the beginning.

As all network engineers on this globe have experienced, whenever there is a some kind of slow DNS response or HTTP error in some application, the first thing to be blamed (try to guess…) is always (and always be, no matter what)…


Long intro that you cannot skip.

In January 2020 I had the pleasure to attend Cisco Live in Barcelona. It was my first time and I was so excited that basically I signed up for all possible sessions for DevNet zone. To be honest, I was not sure what I was looking for to. The main idea was to attend as much as sessions possible, to bother all possible Cisco Automation folks and to try to understand at least 50% of what I could listen (…let’ s be realistic: 30%). I was sure that was the perfect plan to keep…


Yes, that is exactly the representation of my last experience with Ansible PR.

A long run and a dead-end in the middle of a harsh desert: surviving between git conversations, trying to read someone’s else mind, chasing people, giving up my ideas and trying to find a meaning to a test result and guessing fixes. That has not always been the case though, so let’s go in order and let me tell you the full story.

  • Why on Earth would I submit a PR to Ansible?

In the last couple of years I have been asked to develop some projects…


As Network Automation Engineer I had to deal with complex CI/CD workflows for provisioning and maintaining multi-brand networks made up of hundreds of networking devices. In most cases (read — always) the CI/CD pipeline does template rendering, device configuration backups and collects pre and post check tests. While I could see the satisfying pipeline results via AWX (the Ansible Tower community version) I had to dig into the Docker containers in order to extract the files generated during the provisioning process.

Having a CI/CD workflow, most of the time it means having temporary folders with weird names and scattered files…

Federico Olivieri

Network Automation Engineer with a strong passion in mechanical engineer and exploring the unknown. What is it better than travel around the world with a Vespa?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store