Improve Aggregate Interface & Sub Interface Modules
Closed this issue · 1 comments
jamesholland-uk commented
Is your feature request related to a problem?
When creating aggregate interfaces or sub-interfaces, "vsys" is not a required/mandatory parameter, and there is not an explicit default value. When using of either of the interface/l3-subinterface modules to target Panorama, if no vsys is specified:
- the task will fail because the interface/subinterface cannot be assigned to a zone (because the interface/subinterface has not been imported to a vsys, therefore there are no zones available to be assigned to because zones are within vsys);
- the task fails but the interface/subinterface will be left half-configured, where IP address, comment etc will be configured, but there will be no zone for the interface/subinterface, there is no atomicity with this operation.
Describe the solution you'd like
There are various approaches, including but not limited to:
- An explicit default value for vsys of "vsys1", either for all interfaces or just for aggregate interfaces or sub-interfaces, to try to avoid the failure scenario
- Make vsys a required/mandatory parameter, either for all interfaces or just for aggregate interfaces or sub-interfaces, to try to avoid the failure scenario
- Because the interface modules have to do a two-stage process (first create the interface, then second assign it to a zone), if the second stage fails, then go back and revert the configuration changes made in the first stage, to preserve the atomicity of this operation
Describe alternatives you've considered
A variety of approaches are discussed above, they are almost certainly not exhaustive, so other approaches may also work. Ideally we would stop the failure happening in the first place AND make the interface module operations atomic.
Additional context
github-actions commented
🎉 This issue has been resolved in version 2.10.0 🎉
The release is available on Ansible Galaxy and GitHub release
Posted by semantic-release bot