meraki_device module no longer query's Public IP's

Question

meraki_device module no longer query's Public IP's

mzendan99 opened this issue 2 years ago · 15 comments

mzendan99 commented 2 years ago

Hi, haven't posted on here before, so not sure if I am doing this wrong.

I have been converting my playbooks on RHEL 7.9 & Ansible Version 2.9.27 to RHEL 9 , Ansible Version 2.14.0

Specifically, the "meraki_device" module no longer queries the public IP's from our appliance's uplink tab
I can pull wan1 & wan2 IP but these are not accurate for all devices when looking at the active public IP.
I am running the exact same meraki_device query in both playbooks, and they are pulling different API info.
I haven't been able to find any documentation about this, and I am not sure what is missing.

Any help/insight would be appreciated.

Answer 1 · 2022-12-04T12:53:19.000Z

Hello!
Firstly, can you provide the example code when that incompatibility appeared.
Secondly, from the GUI have you got a the same active public IPs?

Thank you!

--
Marcin (y0rune)

Answer 2 · 2022-12-04T19:05:13.000Z

Hi Marcin, It was a really simple query using ansible meraki_device module. When I query a specific network using the serial and store the result in a var, I can see two different results. When debugging, I was able to use Python requests on my RHEL9 machine with Python 3.9 for the actual query and I was able to pull all the public ips for our organization. It is only the ansible module that does not spit out public ips anymore on upgraded versions of ansible/Python. I can scrub the playbook tomorrow at work and show you example outputs of both machines and simple queries. Thanks for your response! Michael

…

________________________________ From: Marcin Woźniak ***@***.***> Sent: Sunday, December 4, 2022 7:53 AM To: CiscoDevNet/ansible-meraki ***@***.***> Cc: mzendan99 ***@***.***>; Author ***@***.***> Subject: Re: [CiscoDevNet/ansible-meraki] meraki_device module no longer query's Public IP's (Issue #389) Hello! Firstly, can you provide the example code when that incompatibility appeared. Secondly, from the GUI have you got a the same active public IPs? Thank you!

-- Marcin — Reply to this email directly, view it on GitHub<#389 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/A4K2APDK276OLHMK36CRHKTWLSH4TANCNFSM6AAAAAASSH3M74>. You are receiving this because you authored the thread.Message ID: ***@***.***>

Answer 3 · 2022-12-15T13:11:24.000Z

What endpoint are you querying in Python to get the public IP address? The documentation isn't showing the one I use which is basically /networks/{net_id}/devices/{serial} but when I do a query it doesn't show any public IP info. Documentation (https://developer.cisco.com/meraki/api-v1/#!get-organization-devices-statuses) does show public IP is available on another endpoint though.

I'm curious why the Ansible version change is affecting things, if indeed it is. I'd like to work with you on this one more to resolve the issue.

Thank you.

Answer 4 · 2022-12-15T13:32:52.000Z

Endpoint = /organizations/{org_id}/devices/statuses

This was trickey to find again
(https://developer.cisco.com/meraki/api-v1/#!api-reference-early-access-api-platform-monitor-devices-statuses-get-organization-devices-statuses)
This will show public IP's and look like the old version of the ansible module's query.

Answer 5 · 2022-12-15T13:40:41.000Z

That's what is happening. I'm not querying the statuses endpoint. Are you looking to query all devices in the organization or just a single one? I'm using /organizations/{org_id}/devices and swapping it with the statuses would likely be a breaking change. I could potentially add an option to get the statuses for this corner case until I do a major release and clean it up. I'll need to compare the output from mine to the statuses endpoint to see if it indeed would break backwards compatibility.

Answer 6 · 2022-12-15T13:50:30.000Z

I use it to query all the devices in our org and then the rest of my playbook filters and extracts the public IP's to automate conditional access in azure for our meraki sites. I spent a significant amount of time trying to get it working with ansible modules, thinking I was doing something wrong, but this simple python request does the job for now.

Do you need anything from me to help test this?

Answer 7 · 2022-12-16T01:43:46.000Z

At this moment, no. I'll need to do a stare and compare to see what's different between the old and new one. I may come back to you for something though, but nothing now. Thank you for asking.

Answer 8 · 2022-12-16T01:48:20.000Z

Well that was quick. I won't be able to swap out the old endpoint with the new endpoint as the new one lacks geographical information. I'm going to think about how to implement it. My current thought is something like:

state: query
query_type: statuses

Answer 9 · 2023-02-16T13:51:14.000Z

@kbreit Hi, It's been a little while, but I was curious if you implemented any changes for the endpoint?

Answer 10 · 2023-02-16T13:52:34.000Z

I haven't had an opportunity to delve into this yet. There's the possibility this is going to be significant effort so I will try to look soon and give an estimate.

Answer 11 · 2023-02-16T14:07:26.000Z

No worries at all. My work around runs fine so there is no rush. Thanks for the follow up though.

Answer 12 · 2023-02-17T12:46:17.000Z

The way the endpoint works is very different. It needs the organization ID and uses parameters as filters whereas the current one uses the serial number. There are two approaches I could take:

Add a new state value to the current module that adds a requirement for the organization information. In a way this is less than ideal because the endpoint does allow returning multiple devices, which the module doesn't support and the name meraki_device is singular so it's not intuitive.
Create a new module focused on interfacing with this endpoint.

I'm leaning toward the second one but curious if you have a preference.