addressOverride being ignored in vspk (ansible)

Question

addressOverride being ignored in vspk (ansible)

Closed this issue 7 years ago · 1 comments

The issue has been tested under vspk 4.0.7, 4.0.8 and 5.0.21 and discussed Marc Wolf of Nokia.

When trying to add a ACLs into the VSD (a IngressACLEntryTemplate) using ansible and vspk the following output is given (and marked with =>), where you can see that the addressOverride values have been ignored:

changed: [localhost] => {
"changed": true,
"entities": [
    {
        "ACLTemplateName": "default",
        "DSCP": "*",
        "ICMPCode": null,
        "ICMPType": null,
        "ID": "90a33493-5ecc-4172-b21c-7b3e47c016d4",
        "IPv6AddressOverride": null,
        "action": "FORWARD",

=> "addressOverride": null,
"associatedApplicationID": null,
"associatedApplicationObjectID": null,
"associatedApplicationObjectType": null,
"associatedLiveEntityID": null,
"creationDate": 1503480166000,
"description": "test-marc2",
"destinationPort": "7443",
"domainName": "sdn-ext_and_int_svc-l3-s-001",
"enterpriseName": "toni-vCPE-test1",
"entityScope": "ENTERPRISE",
"etherType": "0x0800",
"externalID": null,
"flowLoggingEnabled": false,
"lastUpdatedBy": "6be3de5e-b228-454d-a6c8-ad050d726f66",
"lastUpdatedDate": 1503480166000,
"locationID": null,
"locationType": "ANY",
"mirrorDestinationID": null,
"networkID": "5a0d5a3c-e3b5-4a79-a2be-b997bd685b06",
"networkType": "NETWORK_MACRO_GROUP",
"owner": "6be3de5e-b228-454d-a6c8-ad050d726f66",
"parentID": "6af506b8-d72d-46e9-99b6-a22893b55d36",
"parentType": "ingressacltemplate",
"policyState": "LIVE",
"priority": 29,
"protocol": "6",
"reflexive": false,
"sourcePort": "*",
"stateful": false,
"statsID": "426a401a-98c6-47e9-9be5-e55ae3022884",
"statsLoggingEnabled": false
}
],
"id": "90a33493-5ecc-4172-b21c-7b3e47c016d4",
"invocation": {
"module_args": {
"auth": {
"api_enterprise": "toni-vCPE-test1",
"api_password": "EDITED",
"api_url": "https://10.232.103.11:8443",
"api_username": "admin",
"api_version": "v4_0"
},
"children": null,
"command": null,
"id": null,
"match_filter": "description == 'test-marc2'",
"parent_id": "6af506b8-d72d-46e9-99b6-a22893b55d36",
"parent_type": "IngressACLTemplate",
"properties": {
"action": "FORWARD",
=> "addressOverride": "194.128.99.3/32",
"description": "test-marc2",
"destination_port": 7443,
"ether_type": "0x0800",
"location_type": "ANY",
"network_id": "5a0d5a3c-e3b5-4a79-a2be-b997bd685b06",
"network_type": "NETWORK_MACRO_GROUP",
"priority": 29,
"protocol": 6,
"source_port": ""
},
"state": "present",
"type": "IngressACLEntryTemplate"
}
},
"state": "present"
}

Using Ansible and VSPK does not send the addressOverride parameter, but implemented in VSD.

::

Aug 23 11:22:46 vsd-t1-01.test.kpn.com java {"userName":"admin","enterpriseName":"toni-vCPE-test1","type":"CREATE","entityType":"ingressaclentrytemplate","entityVersion":null,"eventReceivedTime":1503480166972,"entities":[{"parentType":"ingressacltemplate","entityScope":"ENTERPRISE","policyState":"LIVE","reflexive":false,"stateful":false,"locationType":"ANY","networkType":"NETWORK_MACRO_GROUP","etherType":"0x0800","description":"test-marc2","sourcePort":"*","destinationPort":"7443","protocol":"6","priority":29,"action":"FORWARD","domainName":"sdn-ext_and_int_svc-l3-s-001","enterpriseName":"toni-vCPE-test1","ID":"90a33493-5ecc-4172-b21c-7b3e47c016d4","networkID":"5a0d5a3c-e3b5-4a79-a2be-b997bd685b06","DSCP":"*","ACLTemplateName":"default"}],"diffMap":null,"ignoreDiffInMediationEvents":false,"updateMechanism":"DEFAULT"}

In case the ACL is created manually using the VSD GUI the following CREATE action is send to the VSD and it works:

::

Aug 23 11:19:29 vsd-t1-01.test.kpn.com java {"userName":"admin","enterpriseName":"toni-vCPE-test1","type":"CREATE","entityType":"ingressaclentrytemplate","entityVersion":null,"eventReceivedTime":1503479969501,"entities":[{"parentType":"ingressacltemplate","entityScope":"ENTERPRISE","policyState":"DRAFT","reflexive":false,"stateful":false,"locationType":"ANY","networkType":"NETWORK_MACRO_GROUP","etherType":"0x0800","description":"test-marc","sourcePort":"","destinationPort":"7443","protocol":"6","priority":31,"action":"FORWARD","addressOverride":"194.128.0.0/32","domainName":"sdn-ext_and_int_svc-l3-s-001","enterpriseName":"toni-vCPE-test1","ID":"9b869b8b-2a08-4ac8-9cc2-dabc5bf1c923","networkID":"5a0d5a3c-e3b5-4a79-a2be-b997bd685b06","DSCP":"","ACLTemplateName":"default"}],"diffMap":null,"ignoreDiffInMediationEvents":false,"updateMechanism":"DEFAULT"}

The ansible code used was:

::

  nuage_vspk:
    auth: "{{ nuage_auth }}"
    type: IngressACLEntryTemplate
    parent_id: "{{ nuage_top_ingress_policy.id }}"
    parent_type: IngressACLTemplate
    state: present
    match_filter: "description == 'test-marc2'"
    properties:
      action: FORWARD
      description: "test-marc2"
      ether_type: "0x0800"
      location_type: ANY
      addressOverride: '194.128.99.3/32'
      network_type: NETWORK_MACRO_GROUP
      network_id: "5a0d5a3c-e3b5-4a79-a2be-b997bd685b06"
      source_port: "*"
      priority: 29
      destination_port: 7443
      protocol: 6

Answer 1 · 2017-08-30T15:41:26.000Z

  addressOverride: '194.128.99.3/32'

has to read

  address_override: '194.128.99.3/32'