A turnkey containerlab environment for demonstrating Ansible automation with HPE Aruba AOS-CX virtual switches in a spine-leaf topology.
# After completing Windows/WSL setup below, run these commands in WSL:
git clone https://github.com/laketec/ansible-lab.git
cd ansible-lab
./scripts/setup-environment.sh
sudo clab deploy -t lab01.clab.yml
ansible-playbook playbooks/00_setup_rest_api.yml
ansible-playbook playbooks/full_demo.yml- Prerequisites
- Windows Setup with WSL2
- Docker Installation
- Containerlab Installation
- Azure Container Registry - AOS-CX Image
- VS Code Setup
- Lab Deployment
- Running the Demo
- Troubleshooting
- CPU: Hardware virtualization enabled in BIOS (Intel VT-x or AMD-V/SVM)
- RAM: 16GB minimum (32GB recommended for full lab)
- Disk: 50GB free space
- OS: Windows 10 (version 2004+) or Windows 11
- WSL2 with Ubuntu
- Docker
- Containerlab
- Ansible 2.10+
- Python 3.8+
- VS Code with extensions
- Reboot your computer and enter BIOS/UEFI settings (usually F2, F10, F12, or Del during boot)
- Find virtualization settings:
- Intel: Enable "Intel VT-x" or "Intel Virtualization Technology"
- AMD: Enable "SVM Mode" or "AMD-V"
- Save and exit BIOS
Open PowerShell as Administrator and run:
wsl --installRestart your computer when prompted.
Open PowerShell as Administrator and run:
# Enable WSL feature
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
# Enable Virtual Machine Platform
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestartRestart your computer, then:
- Download the WSL2 Linux kernel update package
- Run the installer
- Set WSL2 as default:
wsl --set-default-version 2The Containerlab team provides a pre-configured WSL distribution with everything you need.
- Verify WSL version (need 2.4.4 or newer):
wsl --version-
Download the latest
.wslfile from: https://github.com/srl-labs/wsl-containerlab/releases/latest -
Install by double-clicking the
.wslfile, or run:
wsl --install --from-file C:\Users\YourName\Downloads\clab.wsl- Follow the setup wizard to:
- Select your preferred shell (bash/zsh/fish)
- Generate SSH keys for passwordless access
- Complete initial configuration
If you prefer a manual setup:
wsl --install -d Ubuntu-22.04Then launch Ubuntu from the Start menu and create your user account.
Docker is pre-installed. Verify with:
sudo docker versionImportant: Do NOT use Docker Desktop's WSL integration. Install Docker directly in WSL.
# Update packages
sudo apt update && sudo apt -y install curl
# Install Docker and Containerlab together
curl -sL https://containerlab.dev/setup | sudo -E bash -s "all"
# Verify installation
docker versionAdd your user to the docker group (avoids needing sudo):
sudo usermod -aG docker $USER
newgrp dockerContainerlab is pre-installed. Verify with:
clab version# Install containerlab
curl -sL https://containerlab.dev/setup | sudo -E bash -s "all"
# Verify installation
clab versionThe AOS-CX virtual switch images must be pulled from Azure Container Registry.
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bashaz loginStep 3: OPTIONAL STEP Login to Azure Container Registry (If you have an Azure Login but not Required!)
# Login to ACR
az acr login --name laketec
# Or use docker login directly
docker login laketec.azurecr.io# Pull from ACR
docker pull laketec.azurecr.io/aoscx:10.15.1005
# Tag for local use (matches lab topology file)
docker tag laketec.azurecr.io/aoscx:10.15.1005 aoscx:10.15.1005docker pull laketec.azurecr.io/ubuntu-ssh:24.04
docker tag laketec.azurecr.io/ubuntu-ssh:24.04 ubuntu-ssh:24.04If you need to upload the an image to your ACR:
# Create ACR (if not exists)
az acr create --resource-group <your-rg> --name <your-acr-name> --sku Basic
# Enable admin user (for docker login)
az acr update --name <your-acr-name> --admin-enabled true
# Get ACR credentials
az acr credential show --name <your-acr-name>
# Login to ACR
az acr login --name <your-acr-name>
# Tag and push a new image
docker tag <containername> laketec.azurecr.io/<containername>
docker push laketec.azurecr.io/<containername>The Containerlab extension for VS Code provides an integrated graphical interface for managing container-based network labs directly within your editor.
Key Features
- Topology Visualization: View your network topology as an interactive graph diagram, making it easier to understand complex multi-node designs
- Lab Management: Deploy, destroy, and inspect labs without leaving VS Code
- Node Interaction: Connect to lab nodes (routers, switches, hosts) via SSH directly from the editor
- YAML Support: Syntax highlighting and validation for .clab.yml topology files
- Status Monitoring: See which labs are running and the state of individual nodes
Why It's Important
- Streamlined Workflow: Eliminates context-switching between terminal and editor - you can edit configs, deploy labs, and troubleshoot all in one place
- Visual Understanding: Network topologies are inherently visual. Seeing a graph of spine/leaf connections (like your lab with 2 spines, 3 leaves, and 2 hosts) is far more intuitive than reading YAML
- Faster Troubleshooting: One-click SSH access to nodes speeds up debugging and testing
- Lower Barrier to Entry: Makes containerlab more accessible to those less comfortable with CLI-only workflows
- Ansible Integration: Pairs well with the Ansible extension - you can visualize your lab topology while developing and testing playbooks against it
For your demo environment with Aruba AOS-CX switches and Ubuntu hosts, this extension would let participants visually see the network topology and quickly connect to any device for hands-on learning.
Download and install from: https://code.visualstudio.com/
Open VS Code and install these extensions (Ctrl+Shift+X):
- WSL (ms-vscode-remote.remote-wsl) - Required for WSL integration
- Containerlab (srl-labs.containerlab) - Lab management and visualization
- Ansible (redhat.ansible) - Ansible syntax highlighting and IntelliSense
- YAML (redhat.vscode-yaml) - YAML language support
Or install via command line:
code --install-extension ms-vscode-remote.remote-wsl
code --install-extension srl-labs.containerlab
code --install-extension redhat.ansible
code --install-extension redhat.vscode-yaml- Open VS Code
- Press
F1orCtrl+Shift+P - Type "WSL: Connect to WSL" and select it
- VS Code will reload connected to your WSL environment
In VS Code (connected to WSL):
# Clone the repository
cd ~
git clone https://github.com/laketec/ansible-lab.git
cd ansible-lab
code .Once connected to WSL with the Containerlab extension:
- Explorer Panel: View discovered topologies and running labs
- TopoViewer: Graphical topology visualization (
Ctrl+Alt+G) - Quick Deploy: Deploy labs directly from editor (
Ctrl+Alt+D) - Quick Destroy: Stop labs (
Ctrl+Alt+K) - SSH Access: Click on nodes to open terminal connections
- Draw.io Diagrams: Right-click labs to generate network diagrams
Keyboard Shortcuts:
| Shortcut | Action |
|---|---|
Ctrl+Alt+D |
Deploy topology |
Ctrl+Alt+R |
Redeploy topology |
Ctrl+Alt+K |
Destroy topology |
Ctrl+Alt+G |
Open graph view |
cd ~
git clone https://github.com/laketec/ansible-lab.git
cd ansible-labchmod +x scripts/setup-environment.sh
./scripts/setup-environment.shThis script will:
- Install Ansible and required Python packages
- Install the HPE Aruba AOS-CX Ansible collection
- Verify Docker and Containerlab are working
- Check that required container images are available
sudo clab deploy -t lab01.clab.ymlExpected output:
+---+-----------------+--------------+-------------------+-------+---------+----------------+
| # | Name | Container ID | Image | Kind | State | IPv4 Address |
+---+-----------------+--------------+-------------------+-------+---------+----------------+
| 1 | clab-lab01-host1| xxxxxxxxxxxx | ubuntu-ssh:24.04 | linux | running | 172.20.20.x/24 |
| 2 | clab-lab01-host2| xxxxxxxxxxxx | ubuntu-ssh:24.04 | linux | running | 172.20.20.x/24 |
| 3 | clab-lab01-leaf1| xxxxxxxxxxxx | aoscx:10.15.1005 | aoscx | running | 172.20.20.3/24 |
| 4 | clab-lab01-leaf2| xxxxxxxxxxxx | aoscx:10.15.1005 | aoscx | running | 172.20.20.4/24 |
| 5 | clab-lab01-leaf3| xxxxxxxxxxxx | aoscx:10.15.1005 | aoscx | running | 172.20.20.2/24 |
| 6 | clab-lab01-spine1| xxxxxxxxxxxx | aoscx:10.15.1005 | aoscx | running | 172.20.20.5/24 |
| 7 | clab-lab01-spine2| xxxxxxxxxxxx | aoscx:10.15.1005 | aoscx | running | 172.20.20.6/24 |
+---+-----------------+--------------+-------------------+-------+---------+----------------+
AOS-CX virtual switches take 2-3 minutes to fully boot. Check status:
# Check if switches are responding
ansible aoscx_switches -m ping +----------+ +----------+
| spine1 | | spine2 |
|172.20.20.5| |172.20.20.6|
+----+-----+ +----+-----+
| |
+--------------+----------------+--------------+
| | | |
+----+-----+ +----+-----+ +----+-----+
| leaf1 | | leaf2 | | leaf3 |
|172.20.20.3| |172.20.20.4| |172.20.20.2|
+----+-----+ +----+-----+ +----------+
| |
+----+-----+ +----+-----+
| host1 | | host2 |
+----------+ +----------+
ansible-playbook playbooks/00_setup_rest_api.ymlansible-playbook playbooks/01_test_connectivity.ymlansible-playbook playbooks/full_demo.yml| Playbook | Description |
|---|---|
00_setup_rest_api.yml |
Enable HTTPS REST API on all switches |
01_test_connectivity.yml |
Test SSH and REST API connectivity |
02_gather_facts.yml |
Collect device info (version, serial, etc.) |
03_configure_vlans.yml |
Create demo VLANs (100-400) |
04_configure_snmpv3.yml |
Configure SNMPv3 with SHA/AES |
05_configure_syslog.yml |
Enable centralized syslog |
06_configure_ntp.yml |
Configure NTP servers |
07_backup_configs.yml |
Backup running configurations |
08_cleanup_vlans.yml |
Remove demo VLANs |
09_configure_dns.yml |
Configure DNS settings |
full_demo.yml |
Run all configuration steps |
reset_lab.yml |
Remove all demo configurations |
# Run on spine switches only
ansible-playbook playbooks/03_configure_vlans.yml --limit spines
# Run on a single device
ansible-playbook playbooks/02_gather_facts.yml --limit leaf1sudo clab inspect --allsudo clab destroy -t lab01.clab.ymlssh admin@172.20.20.5 # spine1
# Password: admindocker logs clab-lab01-spine1ansible-lab/
├── README.md # This file
├── DEMO_GUIDE.md # Presentation guide for demos
├── lab01.clab.yml # Containerlab topology definition
├── ansible.cfg # Ansible configuration
├── inventory/
│ └── hosts.yml # Device inventory (5 switches)
├── group_vars/
│ └── aoscx_switches.yml # Shared variables (VLANs, SNMP, etc.)
├── playbooks/
│ ├── 00_setup_rest_api.yml # Enable REST API (run first!)
│ ├── 01_test_connectivity.yml
│ ├── 02_gather_facts.yml
│ ├── 03_configure_vlans.yml
│ ├── 04_configure_snmpv3.yml
│ ├── 05_configure_syslog.yml
│ ├── 06_configure_ntp.yml
│ ├── 07_backup_configs.yml
│ ├── 08_cleanup_vlans.yml
│ ├── 09_configure_dns.yml
│ ├── full_demo.yml
│ └── reset_lab.yml
├── backups/ # Configuration backups
└── scripts/
└── setup-environment.sh # Automated environment setup
All configuration is centralized in group_vars/aoscx_switches.yml:
demo_vlans:
- id: 100
name: LAKETEC_MGMT
- id: 200
name: LAKETEC_DATA
- id: 300
name: LAKETEC_VOICE
- id: 400
name: LAKETEC_IOTsnmpv3_user: laketec_monitor
syslog_server: 10.0.0.1
ntp_servers:
- 10.0.0.1
- pool.ntp.orgWSL not starting:
# Check WSL status
wsl --status
# Update WSL
wsl --update
# Restart WSL
wsl --shutdownCannot enable virtualization:
- Verify hardware virtualization is enabled in BIOS
- Disable Hyper-V conflicts:
bcdedit /set hypervisorlaunchtype off
Docker not running:
sudo systemctl start docker
sudo systemctl enable dockerPermission denied:
sudo usermod -aG docker $USER
newgrp dockerDocker Desktop conflicts:
- Disable Docker Desktop WSL integration in Docker Desktop settings
- Uninstall Docker Desktop if only using WSL
Lab won't deploy:
# Check Docker is running
docker ps
# Check images are available
docker images | grep aoscx
# Deploy with debug output
sudo clab deploy -t lab01.clab.yml --debugSwitches not responding:
# Wait longer - AOS-CX takes 2-3 minutes to boot
sleep 180
# Check container status
docker ps -a
# View switch logs
docker logs clab-lab01-spine1Connection timeouts:
# Increase timeout in ansible.cfg
[persistent_connection]
connect_timeout = 120
command_timeout = 120REST API errors:
# Ensure REST API is enabled first
ansible-playbook playbooks/00_setup_rest_api.ymlCollection not found:
ansible-galaxy collection install arubanetworks.aoscx --forceAuthentication failed:
# Re-login to Azure
az login
# Re-login to ACR
az acr login --name <your-acr-name>Image not found:
# List available images in ACR
az acr repository list --name <your-acr-name>
# List tags for an image
az acr repository show-tags --name <your-acr-name> --repository aoscx- Default credentials (
admin/admin) are used for this demo environment - In production, use Ansible Vault to encrypt sensitive variables:
ansible-vault encrypt group_vars/aoscx_switches.yml
ansible-playbook playbooks/full_demo.yml --ask-vault-pass- Idempotency: Playbooks can be run multiple times safely
- Parallel Execution: All 5 switches configured simultaneously
- Infrastructure as Code: All configurations version-controlled
- Variable-Driven: Change
group_varsto modify all configurations - Automated Backups: Timestamped configuration snapshots
- Containerlab Documentation
- Containerlab Windows Guide
- VS Code Containerlab Extension
- HPE Aruba AOS-CX Ansible Collection
- Ansible Documentation
This project is provided as a demonstration environment.
Laketec - Network Automation Demo