cisco.nxos.nxos_interfaces module does not enable/disable interfaces on cisco Nexus3000 C31128PQ-10GE Chassis
digitalfiend64 opened this issue · 1 comments
digitalfiend64 commented
SUMMARY
cisco.nxos.nxos_interfaces module does not enable/disable interfaces on cisco Nexus3000 C31128PQ-10GE Chassis (Nexus 9000 Series) version 7.0(3)I7(6) and cisco Nexus3000 C3232C Chassis (Nexus 9000 Series) version 7.0(3)I7(4).
- If parameter enabled == false and interface is shut the playbook shows task as 'changed'. The task shouldn't show 'changed' since the interface was already shut so the interface status didn't change.
- If parameter enabled == true and interface is shut the interface is still shut and playbook shows task as 'ok'. The task should show 'changed' and no shut the interface.
ISSUE TYPE
Bug Report
COMPONENT NAME
cisco.nxos.nxos_interfaces v4.4.0
ANSIBLE VERSION
Ansible v2.9.27
Ansible v2.12.6
COLLECTION VERSION
Collection Version
---------- -------
cisco.nxos 4.1.0
CONFIGURATION
DEFAULT_LOAD_CALLBACK_PLUGINS(/home/<username>/.ansible.cfg) = True
DEFAULT_STDOUT_CALLBACK(/home/<username>/.ansible.cfg) = yaml
DEFAULT_TIMEOUT(/home/<username>/.ansible.cfg) = 120
DEPRECATION_WARNINGS(/home/<username>/.ansible.cfg) = False
GALAXY_IGNORE_CERTS(/home/<username>/.ansible.cfg) = True
GALAXY_SERVER_LIST(/home/<username>/.ansible.cfg) = ['inbound_yeti_repo', 'published_repo', 'rh-certified_repo']
HOST_KEY_CHECKING(/home/<username>/.ansible.cfg) = False
PARAMIKO_HOST_KEY_AUTO_ADD(/home/<username>/.ansible.cfg) = True
PERSISTENT_COMMAND_TIMEOUT(/home/<username>/.ansible.cfg) = 300
PERSISTENT_CONNECT_TIMEOUT(/home/<username>/.ansible.cfg) = 120
RETRY_FILES_ENABLED(/home/<username>/.ansible.cfg) = False
OS / ENVIRONMENT
cisco Nexus3000 C31128PQ-10GE Chassis (Nexus 9000 Series)
version 7.0(3)I7(6)
cisco Nexus3000 C3232C Chassis (Nexus 9000 Series)
version 7.0(3)I7(4)
STEPS TO REPRODUCE
Run the Interface Update Implementation playbook
---
- name: Interface Update Implementation
hosts: all
gather_facts: no
tasks:
- name: Update Interface Status
cisco.ios.ios_l3_interfaces:
config:
- name: Vlan50
ipv4:
- address: 192.168.1.3/31
dhcp:
enable: false
hostname: some_string
pool: some_string
secondary: true
state: merged
EXPECTED RESULTS
Step #1 should shut/no shut interface
ACTUAL RESULTS
Step #1 Interface does not shut/no shut
[username@YETI_RHEL8 yeti-modular-network-services]$ ansible-playbook -i staging/interfaces/service_activities/cable_testing/create/hosts_sandbox.yml test-playbook.yml -l 31128-11 -e @/opt/yeti/yeti_secrets.yml -e @~/local_secrets.yml --ask-vault-pass -vvv
ansible-playbook [core 2.12.6]
config file = /home/username/.ansible.cfg
configured module search path = ['/home/username/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.8/site-packages/ansible
ansible collection location = /home/username/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.8.12 (default, Sep 16 2021, 10:46:05) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
jinja version = 3.0.2
libyaml = True
Using /home/username/.ansible.cfg as config file
Vault password:
host_list declined parsing /home/username/gitlab/playbooks/yeti-modular-network-services/staging/interfaces/service_activities/cable_testing/create/hosts_sandbox.yml as it did not pass its verify_file() method
script declined parsing /home/username/gitlab/playbooks/yeti-modular-network-services/staging/interfaces/service_activities/cable_testing/create/hosts_sandbox.yml as it did not pass its verify_file() method
Parsed /home/username/gitlab/playbooks/yeti-modular-network-services/staging/interfaces/service_activities/cable_testing/create/hosts_sandbox.yml inventory source with yaml plugin
redirecting (type: action) cisco.nxos.nxos_interfaces to cisco.nxos.nxos
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: test-playbook.yml *********************************************************************************************************
1 plays in test-playbook.yml
PLAY [Interface Update Implementation] **********************************************************************************************
META: ran handlers
redirecting (type: action) cisco.nxos.nxos_interfaces to cisco.nxos.nxos
TASK [Update Interface Status] ******************************************************************************************************
task path: /home/username/gitlab/playbooks/yeti-modular-network-services/test-playbook.yml:6
[WARNING]: ansible-pylibssh not installed, falling back to paramiko
redirecting (type: action) cisco.nxos.nxos_interfaces to cisco.nxos.nxos
redirecting (type: action) cisco.nxos.nxos_interfaces to cisco.nxos.nxos
changed: [31128-11] => changed=true
after:
- description: Interface_Description
mtu: '9216'
name: Ethernet1/29
speed: '1000'
- description: Interface_Description
mtu: '9216'
name: Ethernet1/30
speed: '1000'
commands:
- interface Ethernet1/29
- duplex auto
- no ip forward
- interface Ethernet1/30
- duplex auto
- no ip forward
invocation:
module_args:
config:
- description: Interface_Description
duplex: auto
enabled: true
fabric_forwarding_anycast_gateway: null
ip_forward: false
mode: layer3
mtu: '9216'
name: Ethernet1/29
speed: '1000'
- description: Interface_Description
duplex: auto
enabled: true
fabric_forwarding_anycast_gateway: null
ip_forward: false
mode: layer3
mtu: '9216'
name: Ethernet1/30
speed: '1000'
running_config: null
state: merged
META: ran handlers
META: ran handlers
PLAY RECAP **************************************************************************************************************************
31128-11 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
NilashishC commented
@digitalfiend64 There are couple of things that need some more clarification in order to debug this issue.
-
The sample playbook shared in the
STEPS TO REPRODUCEsection doesn't align with the issue description or the platform this is being reported for. Can you please check that? -
I inferred what the actual play might look like from the output shared in the
ACTUAL RESULTSsection to be the following. Could you please confirm if that's correct?
---
- name: Test interface enabled
hosts: nxos
gather_facts: false
tasks:
- name: Update Interface Status
cisco.nxos.nxos_interfaces:
state: merged
config:
- description: Interface_Description
duplex: auto
enabled: true
ip_forward: false
mode: layer3
mtu: '9216'
name: Ethernet1/1
speed: '1000'
- description: Interface_Description
duplex: auto
enabled: true
ip_forward: false
mode: layer3
mtu: '9216'
name: Ethernet1/2
speed: '1000'- The above playbook incorrectly reports
changed=Truewhen interface is shut andenabled=Falsebecause of some of the default values mentioned here. As you can notice from the output, the following commands are sent to the device. This is because, the task explicitly sets the default values for the attributes -duplexandip_forwardwhich do not appear in the output forshow running-config | section ^interfacecausing the module code to detect this as a diff and push the commands. Note that this is unrelated to enabling/disabling the interface, which works correctly (the interfaces Eth1/29 and Eth1/30 were already in shutdown state).
commands:
- interface Ethernet1/29
- duplex auto
- no ip forward
- interface Ethernet1/30
- duplex auto
- no ip forwardThis will be fixed if the task is updated as such:
- name: Update Interface Status
cisco.nxos.nxos_interfaces:
state: merged
config:
- description: Interface_Description
enabled: true
mode: layer3
mtu: '9216'
name: Ethernet1/1
speed: '1000'
- description: Interface_Description
enabled: true
mode: layer3
mtu: '9216'
name: Ethernet1/2
speed: '1000'- As for the second issue -
If parameter enabled == true and interface is shut the interface is still shut and playbook shows task as 'ok'. The task should show 'changed' and no shut the interface., this is not reproducible for me. I've tested this with Nexus9300v chassis running NX-OS 10.3.1 and 9.3.6. The config code might be miscalculating the default switchport and shut/no shut state though for your devices. Could you please share the output ofshow running-config all | incl 'system default switchport'from the affected devices?
Thank you.