#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2018, Ansible by Red Hat, inc # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function __metaclass__ = type ANSIBLE_METADATA = {'metadata_version': '1.1', 'status': ['preview'], 'supported_by': 'network'} DOCUMENTATION = """ --- module: cli_config version_added: "2.7" author: "Trishna Guha (@trishnaguha)" short_description: Push text based configuration to network devices over network_cli description: - This module provides platform agnostic way of pushing text based configuration to network devices over network_cli connection plugin. options: config: description: - The config to be pushed to the network device. This argument is mutually exclusive with C(rollback) and either one of the option should be given as input. The config should have indentation that the device uses. type: 'str' commit: description: - The C(commit) argument instructs the module to push the configuration to the device. This is mapped to module check mode. type: 'bool' replace: description: - If the C(replace) argument is set to C(yes), it will replace the entire running-config of the device with the C(config) argument value. For NXOS devices, C(replace) argument takes path to the file on the device that will be used for replacing the entire running-config. Nexus 9K devices only support replace. Use I(net_put) or I(nxos_file_copy) module to copy the flat file to remote device and then use set the fullpath to this argument. type: 'str' backup: description: - This argument will cause the module to create a full backup of the current running config from the remote device before any changes are made. If the C(backup_options) value is not given, the backup file is written to the C(backup) folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created. type: bool default: 'no' version_added: "2.8" rollback: description: - The C(rollback) argument instructs the module to rollback the current configuration to the identifier specified in the argument. If the specified rollback identifier does not exist on the remote device, the module will fail. To rollback to the most recent commit, set the C(rollback) argument to 0. This option is mutually exclusive with C(config). commit_comment: description: - The C(commit_comment) argument specifies a text string to be used when committing the configuration. If the C(commit) argument is set to False, this argument is silently ignored. This argument is only valid for the platforms that support commit operation with comment. type: 'str' defaults: description: - The I(defaults) argument will influence how the running-config is collected from the device. When the value is set to true, the command used to collect the running-config is append with the all keyword. When the value is set to false, the command is issued without the all keyword. default: 'no' type: 'bool' multiline_delimiter: description: - This argument is used when pushing a multiline configuration element to the device. It specifies the character to use as the delimiting character. This only applies to the configuration action. type: 'str' diff_replace: description: - Instructs the module on the way to perform the configuration on the device. If the C(diff_replace) argument is set to I(line) then the modified lines are pushed to the device in configuration mode. If the argument is set to I(block) then the entire command block is pushed to the device in configuration mode if any line is not correct. Note that this parameter will be ignored if the platform has onbox diff support. choices: ['line', 'block', 'config'] diff_match: description: - Instructs the module on the way to perform the matching of the set of commands against the current device config. If C(diff_match) is set to I(line), commands are matched line by line. If C(diff_match) is set to I(strict), command lines are matched with respect to position. If C(diff_match) is set to I(exact), command lines must be an equal match. Finally, if C(diff_match) is set to I(none), the module will not attempt to compare the source configuration with the running configuration on the remote device. Note that this parameter will be ignored if the platform has onbox diff support. choices: ['line', 'strict', 'exact', 'none'] diff_ignore_lines: description: - Use this argument to specify one or more lines that should be ignored during the diff. This is used for lines in the configuration that are automatically updated by the system. This argument takes a list of regular expressions or exact line matches. Note that this parameter will be ignored if the platform has onbox diff support. backup_options: description: - This is a dict object containing configurable options related to backup file path. The value of this option is read only when C(backup) is set to I(yes), if C(backup) is set to I(no) this option will be silently ignored. suboptions: filename: description: - The filename to be used to store the backup configuration. If the the filename is not given it will be generated based on the hostname, current time and date in format defined by _config.@ dir_path: description: - This option provides the path ending with directory name in which the backup configuration file will be stored. If the directory does not exist it will be first created and the filename is either the value of C(filename) or default filename as described in C(filename) options description. If the path value is not given in that case a I(backup) directory will be created in the current working directory and backup configuration will be copied in C(filename) within I(backup) directory. type: path type: dict version_added: "2.8" """ EXAMPLES = """ - name: configure device with config cli_config: config: "{{ lookup('template', 'basic/config.j2') }}" - name: configure device with config with defaults enabled cli_config: config: "{{ lookup('template', 'basic/config.j2') }}" defaults: yes - name: Use diff_match cli_config: config: "{{ lookup('file', 'interface_config') }}" diff_match: none - name: nxos replace config cli_config: replace: 'bootflash:nxoscfg' - name: commit with comment cli_config: config: set system host-name foo commit_comment: this is a test - name: configurable backup path cli_config: config: "{{ lookup('template', 'basic/config.j2') }}" backup: yes backup_options: filename: backup.cfg dir_path: /home/user """ RETURN = """ commands: description: The set of commands that will be pushed to the remote device returned: always type: list sample: ['interface Loopback999', 'no shutdown'] backup_path: description: The full path to the backup file returned: when backup is yes type: str sample: /playbooks/ansible/backup/hostname_config.2016-07-16@22:28:34 """ import json from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.connection import Connection from ansible.module_utils._text import to_text def validate_args(module, capabilities): """validate param if it is supported on the platform """ if (module.params['replace'] and not capabilities['device_operations']['supports_replace']): module.fail_json(msg='replace is not supported on this platform') if (module.params['rollback'] is not None and not capabilities['device_operations']['supports_rollback']): module.fail_json(msg='rollback is not supported on this platform') if (module.params['commit_comment'] and not capabilities['device_operations']['supports_commit_comment']): module.fail_json(msg='commit_comment is not supported on this platform') if (module.params['defaults'] and not capabilities['device_operations']['supports_defaults']): module.fail_json(msg='defaults is not supported on this platform') if (module.params['multiline_delimiter'] and not capabilities['device_operations']['supports_multiline_delimiter']): module.fail_json(msg='multiline_delimiter is not supported on this platform') if (module.params['diff_replace'] and not capabilities['device_operations']['supports_diff_replace']): module.fail_json(msg='diff_replace is not supported on this platform') if (module.params['diff_match'] and not capabilities['device_operations']['supports_diff_match']): module.fail_json(msg='diff_match is not supported on this platform') if (module.params['diff_ignore_lines'] and not capabilities['device_operations']['supports_diff_ignore_lines']): module.fail_json(msg='diff_ignore_lines is not supported on this platform') def run(module, capabilities, connection, candidate, running, rollback_id): result = {} resp = {} config_diff = [] banner_diff = {} replace = module.params['replace'] commit_comment = module.params['commit_comment'] multiline_delimiter = module.params['multiline_delimiter'] diff_replace = module.params['diff_replace'] diff_match = module.params['diff_match'] diff_ignore_lines = module.params['diff_ignore_lines'] commit = not module.check_mode if replace in ('yes', 'true', 'True'): replace = True elif replace in ('no', 'false', 'False'): replace = False if rollback_id is not None: resp = connection.rollback(rollback_id, commit) if 'diff' in resp: result['changed'] = True elif capabilities['device_operations']['supports_onbox_diff']: if diff_replace: module.warn('diff_replace is ignored as the device supports onbox diff') if diff_match: module.warn('diff_mattch is ignored as the device supports onbox diff') if diff_ignore_lines: module.warn('diff_ignore_lines is ignored as the device supports onbox diff') if not isinstance(candidate, list): candidate = candidate.strip('\n').splitlines() kwargs = {'candidate': candidate, 'commit': commit, 'replace': replace, 'comment': commit_comment} resp = connection.edit_config(**kwargs) if 'diff' in resp: result['changed'] = True elif capabilities['device_operations']['supports_generate_diff']: kwargs = {'candidate': candidate, 'running': running} if diff_match: kwargs.update({'diff_match': diff_match}) if diff_replace: kwargs.update({'diff_replace': diff_replace}) if diff_ignore_lines: kwargs.update({'diff_ignore_lines': diff_ignore_lines}) diff_response = connection.get_diff(**kwargs) config_diff = diff_response.get('config_diff') banner_diff = diff_response.get('banner_diff') if config_diff: if isinstance(config_diff, list): candidate = config_diff else: candidate = config_diff.splitlines() kwargs = {'candidate': candidate, 'commit': commit, 'replace': replace, 'comment': commit_comment} connection.edit_config(**kwargs) result['changed'] = True if banner_diff: candidate = json.dumps(banner_diff) kwargs = {'candidate': candidate, 'commit': commit} if multiline_delimiter: kwargs.update({'multiline_delimiter': multiline_delimiter}) connection.edit_banner(**kwargs) result['changed'] = True if module._diff: if 'diff' in resp: result['diff'] = {'prepared': resp['diff']} else: diff = '' if config_diff: if isinstance(config_diff, list): diff += '\n'.join(config_diff) else: diff += config_diff if banner_diff: diff += json.dumps(banner_diff) result['diff'] = {'prepared': diff} return result def main(): """main entry point for execution """ backup_spec = dict( filename=dict(), dir_path=dict(type='path') ) argument_spec = dict( backup=dict(default=False, type='bool'), backup_options=dict(type='dict', options=backup_spec), config=dict(type='str'), commit=dict(type='bool'), replace=dict(type='str'), rollback=dict(type='int'), commit_comment=dict(type='str'), defaults=dict(default=False, type='bool'), multiline_delimiter=dict(type='str'), diff_replace=dict(choices=['line', 'block', 'config']), diff_match=dict(choices=['line', 'strict', 'exact', 'none']), diff_ignore_lines=dict(type='list') ) mutually_exclusive = [('config', 'rollback')] required_one_of = [['backup', 'config', 'rollback']] module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=mutually_exclusive, required_one_of=required_one_of, supports_check_mode=True) result = {'changed': False} connection = Connection(module._socket_path) capabilities = module.from_json(connection.get_capabilities()) if capabilities: validate_args(module, capabilities) if module.params['defaults']: if 'get_default_flag' in capabilities.get('rpc'): flags = connection.get_default_flag() else: flags = 'all' else: flags = [] candidate = module.params['config'] candidate = to_text(candidate, errors='surrogate_then_replace') if candidate else None running = connection.get_config(flags=flags) rollback_id = module.params['rollback'] if module.params['backup']: result['__backup__'] = running if candidate or rollback_id: try: result.update(run(module, capabilities, connection, candidate, running, rollback_id)) except Exception as exc: module.fail_json(msg=to_text(exc)) module.exit_json(**result) if __name__ == '__main__': main()