ansible-collections/cisco.nxos

nxos_lag_interfaces: idempotency issue causes module failure

andrewbonney opened this issue · 1 comments

andrewbonney commented
SUMMARY

nxos_lag_interfaces works correctly on first run, but fails each time it is run against existing config with the following error:

CLI execution error: Port-channel mode cannot be changed in a non-empty port-channel, and port mode must match with port-channel mode
ISSUE TYPE
  • Bug Report
COMPONENT NAME
  • nxos_lag_interfaces
ANSIBLE VERSION
ansible [core 2.14.4]
  config file = /home/andrewbo/repos/ansible/ansible.cfg
  configured module search path = ['/home/andrewbo/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/andrewbo/repos/ansible/venv/lib/python3.9/site-packages/ansible
  ansible collection location = /home/andrewbo/repos/ansible/collections
  executable location = /home/andrewbo/repos/ansible/venv/bin/ansible
  python version = 3.9.5 (default, Nov 23 2021, 15:27:38) [GCC 9.3.0] (/home/andrewbo/repos/ansible/venv/bin/python3.9)
  jinja version = 3.1.2
  libyaml = True
COLLECTION VERSION
# /home/andrewbo/repos/ansible/collections/ansible_collections
Collection Version
---------- -------
cisco.nxos 5.1.0
CONFIGURATION
CALLBACKS_ENABLED(/home/andrewbo/repos/ansible/ansible.cfg) = ['profile_tasks']
COLLECTIONS_PATHS(/home/andrewbo/repos/ansible/ansible.cfg) = ['/home/andrewbo/repos/ansible/collections']
CONFIG_FILE() = /home/andrewbo/repos/ansible/ansible.cfg
DEFAULT_ACTION_PLUGIN_PATH(/home/andrewbo/repos/ansible/ansible.cfg) = ['/home/andrewbo/repos/ansible/plugins/config_template/action']
DEFAULT_FILTER_PLUGIN_PATH(/home/andrewbo/repos/ansible/ansible.cfg) = ['/home/andrewbo/repos/ansible/plugins/filter']
DEFAULT_FORCE_HANDLERS(/home/andrewbo/repos/ansible/ansible.cfg) = True
DEFAULT_GATHERING(/home/andrewbo/repos/ansible/ansible.cfg) = smart
DEFAULT_HASH_BEHAVIOUR(/home/andrewbo/repos/ansible/ansible.cfg) = merge
DEFAULT_INTERNAL_POLL_INTERVAL(/home/andrewbo/repos/ansible/ansible.cfg) = 0.0001
DEFAULT_ROLES_PATH(/home/andrewbo/repos/ansible/ansible.cfg) = ['/home/andrewbo/repos/ansible/roles-dev', '/home/andrewbo/repos/ansible/roles']
DEFAULT_STRATEGY(/home/andrewbo/repos/ansible/ansible.cfg) = mitogen_linear
DEFAULT_STRATEGY_PLUGIN_PATH(/home/andrewbo/repos/ansible/ansible.cfg) = ['/home/andrewbo/repos/ansible/repos/mitogen/ansible_mitogen/plugins/strategy']
HOST_KEY_CHECKING(/home/andrewbo/repos/ansible/ansible.cfg) = False
INVENTORY_UNPARSED_IS_FAILED(/home/andrewbo/repos/ansible/ansible.cfg) = True
RETRY_FILES_ENABLED(/home/andrewbo/repos/ansible/ansible.cfg) = False
OS / ENVIRONMENT

Ubuntu 20.04
Nexus C92160YC-X
NXOS 9.3(11)

STEPS TO REPRODUCE

Set up a port channel named 'port-channel1' using the following command to add a single member to it.

- cisco.nxos.nxos_lag_interfaces:
    config:
      - members:
          - force: true
            member: "Ethernet1/1"
            mode: "active"
        name: "port-channel1"

This should generate config similar to the following (the additional config options may or may not make a difference):

interface Ethernet1/1
  lacp rate fast
  switchport
  switchport mode trunk
  switchport trunk native vlan 999
  switchport trunk allowed vlan 1949-1950
  mtu 9216
  channel-group 1 mode active
  no shutdown

After this has run, re-run the playbook.

EXPECTED RESULTS

The second run should result in success, but no changes being made.

ACTUAL RESULTS
TASK [Add members and set channel group] ******************************************************************************************************************************************************************
task path: /home/andrewbo/repos/ansible/playbooks/switches/nxos_fabric_access.yml:153
Thursday 31 August 2023  08:56:47 +0100 (0:00:02.334)       0:01:27.350 ******* 
redirecting (type: action) cisco.nxos.nxos_lag_interfaces to cisco.nxos.nxos
redirecting (type: action) cisco.nxos.nxos_lag_interfaces to cisco.nxos.nxos
fatal: [bs0-rack-1]: FAILED! => {
    "changed": false,
    "module_stderr": ": CLI execution error: Port-channel mode cannot be changed in a non-empty port-channel, and port mode must match with port-channel mode\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"
}
NilashishC commented

The challenge here is that, force although being a valid option while configuring, doesn't show up in running config as a part of the channel-group 1 force mode active, neither does it appear in show running-config all.

nxos-9k-936-psi(config)# interface Ethernet1/1
nxos-9k-936-psi(config-if)# channel-group 1 force mode active

nxos-9k-936-psi(config-if)# show run | section "^interface Ethernet1/1"
interface Ethernet1/1
  switchport
  channel-group 1 mode active
  no shutdown

nxos-9k-936-psi(config-if)# show run all | section "^interface Ethernet1/1"
interface Ethernet1/1
  no description
  lacp port-priority 32768 
  lacp rate normal
 < ....redacted for brevity .... >
  channel-group 1 mode active
  no shutdown
 < ....redacted for brevity .... >