dpflick · October 2, 2019 02:36
diff --git a/samplecode b/samplecode
 The idea was to write code generic enough to be able to handle multiple variable sets so that I could run the same code and generate a different VPN depending on the particular host variable.  Here is some concept code:

 host_vars at inventory level
 file: myasa.yml
 contents:

 ---
 vpnpeername: 'skyppyvpn'  
 ...

 Top level group_vars would have all possible VPN connections

 sample group_vars at playbook level	 

 file: skippyvpn.yml
 contents: 
 services_legacy_network_description: 'Skippy Data Center Network'
 services_legacy_network_ip: '10.10.1.0'
 services_legacy_network_mask: '255.255.255.0'
  
 file: jiffvpn.yml
 contents: 
 services_legacy_network_description: 'Jiff Data Center Network'
 services_legacy_network_ip: '10.11.1.0'
 services_legacy_network_mask: '255.255.255.0'
  
 file: smuckersvpn.yml
 contents: 
 services_legacy_network_description: 'Smuckers Data Center Network'
 services_legacy_network_ip: '10.12.1.0'
 services_legacy_network_mask: '255.255.255.0'
  
 And in the playbook, reference these variables like this:

 - name: Load Skippy variables into L2L VPN role when a vpnpeername = skyppyvpn
  include_vars:
    file: group_vars\skippyvpn.yml
  when: vpnpeername == 'skyppyvpn' 
  
 - name: Load Jiff variables into L2L VPN role when a vpnpeername = jiffyvpn
  include_vars:
    file: group_vars\jiffyvpn.yml
  when: vpnpeername == 'jiffyvpn' 
  
 - name: Load Smuckers variables into L2L VPN role when a vpnpeername = smuckersvpn
  include_vars:
    file: group_vars\smuckersvpn.yml
  when: vpnpeername == 'smuckersvpn' 
  
 And in the role, reference these variables like this:

 - name: configure network object-group for '{{ vpnpeername }}'
  asa_og:
    name: '{{ vpnpeername }}'_services
    group_type: network-object
    state: present
    description: {{ services_legacy_network_description }}
    ip_mask:
      - {{ services_legacy_network_ip }} {{ services_legacy_network_mask }}
	The idea was to write code generic enough to be able to handle multiple variable sets so that I could run the same code and generate a different VPN depending on the particular host variable. Here is some concept code:

	host_vars at inventory level
	file: myasa.yml
	contents:

	---
	vpnpeername: 'skyppyvpn'
	...

	Top level group_vars would have all possible VPN connections

	sample group_vars at playbook level

	file: skippyvpn.yml
	contents:
	services_legacy_network_description: 'Skippy Data Center Network'
	services_legacy_network_ip: '10.10.1.0'
	services_legacy_network_mask: '255.255.255.0'

	file: jiffvpn.yml
	contents:
	services_legacy_network_description: 'Jiff Data Center Network'
	services_legacy_network_ip: '10.11.1.0'
	services_legacy_network_mask: '255.255.255.0'

	file: smuckersvpn.yml
	contents:
	services_legacy_network_description: 'Smuckers Data Center Network'
	services_legacy_network_ip: '10.12.1.0'
	services_legacy_network_mask: '255.255.255.0'

	And in the playbook, reference these variables like this:

	- name: Load Skippy variables into L2L VPN role when a vpnpeername = skyppyvpn
	include_vars:
	file: group_vars\skippyvpn.yml
	when: vpnpeername == 'skyppyvpn'

	- name: Load Jiff variables into L2L VPN role when a vpnpeername = jiffyvpn
	include_vars:
	file: group_vars\jiffyvpn.yml
	when: vpnpeername == 'jiffyvpn'

	- name: Load Smuckers variables into L2L VPN role when a vpnpeername = smuckersvpn
	include_vars:
	file: group_vars\smuckersvpn.yml
	when: vpnpeername == 'smuckersvpn'

	And in the role, reference these variables like this:

	- name: configure network object-group for '{{ vpnpeername }}'
	asa_og:
	name: '{{ vpnpeername }}'_services
	group_type: network-object
	state: present
	description: {{ services_legacy_network_description }}
	ip_mask:
	- {{ services_legacy_network_ip }} {{ services_legacy_network_mask }}