[FEATURE-REQUEST]: `unset`ting of a param in `state:present`
Opened this issue · 4 comments
Summary
Continuing issue #346
The provided solution works with servicegroup, but fails with service & lbvserver.
In case of servicegroup it provides expected result - after running special task with state:unset the netprofile is no longer assigmend to the servicegroup.
Although this method is not easy to use and seems hard to fit into the automation we have with Ansible ADC. It means we need extra tasks just to remove netprofile. If we use this way, I'll have to make 3 new types of tasks for services, service groups, and lbv servers. This makes our automation more complicated and it might not be worth it. I think it's better to just mention in our release notes that if someone needs to remove a netprofile, they should update the code as usual and do the change manually using the CLI. This will be easier than making big changes to our system.
Is there a way to handle this "unset" situation by using "state: present" with a special word, like netprofile:NONE? This would make it much simpler to add to our current automation.
Issue Type
Bug Report
Component Name
service/servicegroup/lbvserver
Python Version
$ python3 --version; ansible --version; ansible-galaxy collection list netscaler.adc
Python 3.9.5
ansible [core 2.15.6]
config file = None
configured module search path = ['/home/pkodzis/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/pkodzis/.local/lib/python3.9/site-packages/ansible
ansible collection location = /home/pkodzis/.ansible/collections:/usr/share/ansible/collections
executable location = /home/pkodzis/.local/bin/ansible
python version = 3.9.5 (default, Nov 18 2021, 16:00:48) [GCC 10.3.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
# /home/pkodzis/.ansible/collections/ansible_collections
Collection Version
------------- -------
netscaler.adc 2.4.0
Ansible Version
$ python3 --version; ansible --version; ansible-galaxy collection list netscaler.adc
Python 3.9.5
ansible [core 2.15.6]
config file = None
configured module search path = ['/home/pkodzis/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/pkodzis/.local/lib/python3.9/site-packages/ansible
ansible collection location = /home/pkodzis/.ansible/collections:/usr/share/ansible/collections
executable location = /home/pkodzis/.local/bin/ansible
python version = 3.9.5 (default, Nov 18 2021, 16:00:48) [GCC 10.3.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
# /home/pkodzis/.ansible/collections/ansible_collections
Collection Version
------------- -------
netscaler.adc 2.4.0
Ansible Configuration
$ ansible-config dump --only-changed
netscaler.adc Collection Version
$ python3 --version; ansible --version; ansible-galaxy collection list netscaler.adc
Python 3.9.5
ansible [core 2.15.6]
config file = None
configured module search path = ['/home/pkodzis/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/pkodzis/.local/lib/python3.9/site-packages/ansible
ansible collection location = /home/pkodzis/.ansible/collections:/usr/share/ansible/collections
executable location = /home/pkodzis/.local/bin/ansible
python version = 3.9.5 (default, Nov 18 2021, 16:00:48) [GCC 10.3.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
# /home/pkodzis/.ansible/collections/ansible_collections
Collection Version
------------- -------
netscaler.adc 2.4.0
Target NetScaler Version
> show ns version
Equivalent NetScaler CLI Command
Steps to Reproduce
- name: setup service
delegate_to: localhost
netscaler.adc.service:
nsip: "{{ provider.nsip }}"
nitro_auth_token: "{{ provider.nitro_auth_token | default(omit) }}"
state: present
name: example-service1
ipaddress: 1.2.3.4
port: 12345
servicetype: TCP
netprofile: cert-source-ip
- name: setup servicegroup
delegate_to: localhost
netscaler.adc.servicegroup:
nsip: "{{ provider.nsip }}"
nitro_auth_token: "{{ provider.nitro_auth_token | default(omit) }}"
state: present
servicegroupname: example-servicegroup
servicetype: TCP
netprofile: cert-source-ip
- name: UNSET netprofile from servicegroup
delegate_to: localhost
netscaler.adc.servicegroup:
nsip: "{{ provider.nsip }}"
nitro_auth_token: "{{ provider.nitro_auth_token | default(omit) }}"
state: unset
servicegroupname: example-servicegroup
netprofile: "true"
- name: UNSET netprofile from service
delegate_to: localhost
netscaler.adc.service:
nsip: "{{ provider.nsip }}"
nitro_auth_token: "{{ provider.nitro_auth_token | default(omit) }}"
state: unset
servicegroupname: example-service1
netprofile: "true"
Expected Results
netrpfiles removed
Actual Results
TASK [setup service] ********************************************************************************************************************************************************************************************
--- before
+++ after
@@ -1 +1,7 @@
-{}
+{
+ "ipaddress": "1.2.3.4",
+ "name": "example-service1",
+ "netprofile": "cert-source-ip",
+ "port": 12345,
+ "servicetype": "TCP"
+}
TASK [setup servicegroup] ***************************************************************************************************************************************************************************************
--- before
+++ after
@@ -1 +1,5 @@
-{}
+{
+ "netprofile": "cert-source-ip",
+ "servicegroupname": "example-servicegroup",
+ "servicetype": "TCP"
+}
TASK [UNSET netprofile from servicegroup] ***********************************************************************************************************************************************************************
changed: [10.133.254.35 -> localhost]
TASK [UNSET netprofile from service] ****************************************************************************************************************************************************************************
fatal: [10.133.254.35 -> localhost]: FAILED! => {"changed": false, "msg": "Unsupported parameters for (netscaler.adc.service) module: servicegroupname. Supported parameters include: accessdown, all, api_path, appflowlog, cacheable, cachetype, cip, cipheader, cka, cleartextport, clttimeout, cmp, comment, contentinspectionprofilename, customserverid, delay, dnsprofilename, downstateflush, graceful, hashid, healthmonitor, httpprofilename, internal, ip, ipaddress, maxbandwidth, maxclient, maxreq, monconnectionclose, monitor_name_svc, monthreshold, name, netprofile, newname, nitro_auth_token, nitro_pass, nitro_protocol, nitro_user, nsip, pathmonitor, pathmonitorindv, port, processlocal, rtspsessionidremap, save_config, serverid, servername, service_lbmonitor_binding, servicegroup_lbmonitor_binding, servicegroup_servicegroupmember_binding, servicetype, sp, state, svrtimeout, tcpb, tcpprofilename, td, useproxyport, usip, validate_certs, weight."}
# AFTER THE PLAYBOOK:
> sh run | grep example
add service example-service1 1.2.3.4 TCP 12345 -gslb NONE -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -sp OFF -cltTimeout 9000 -svrTimeout 9000 -CKA NO -TCPB NO -CMP NO -netProfile cert-source-ip
add serviceGroup example-servicegroup TCP -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 9000 -svrTimeout 9000 -CKA NO -TCPB NO -CMP NO
Additioinal Notes
No response
Your point is valid w.r.t. desired state paradigm @pkodzis. Thank you for bringing up.
I will see what can be done and update you here.
(Thinking aloud) Would empty-string
value be a good option to consider to UNSET instead of NONE
?
- name: ADD SG
delegate_to: localhost
netscaler.adc.servicegroup:
state: present
servicegroupname: test1-1
servicetype: TCP
netprofile: "" # <<<<<<<< This will UNSET netprofile
NONE
is a valid option for some of the keys.
Absolutely - whatever that lets move on with 'state: present' works, including empty string
Absolutely - whatever that lets move on with 'state: present' works, including empty string
I will consider your feedback and keep this in mind while designing. Thank you