diff options
Diffstat (limited to 'docs')
27 files changed, 21125 insertions, 0 deletions
diff --git a/docs/vyos.vyos.vyos_banner_module.rst b/docs/vyos.vyos.vyos_banner_module.rst new file mode 100644 index 0000000..0daa5d1 --- /dev/null +++ b/docs/vyos.vyos.vyos_banner_module.rst @@ -0,0 +1,289 @@ +:orphan: + +.. _vyos.vyos.vyos_banner_module: + + +********************* +vyos.vyos.vyos_banner +********************* + +**Manage multiline banners on VyOS devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This will configure both pre-login and post-login banners on remote devices running VyOS. It allows playbooks to add or remote banner text from the active running configuration. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>banner</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>pre-login</li> + <li>post-login</li> + </ul> + </td> + <td> + <div>Specifies which banner that should be configured on the remote device.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>Specifies whether or not the configuration is present in the current devices active running configuration.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>text</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The banner text that should be present in the remote device running configuration. This argument accepts a multiline string, with no empty lines. Requires <em>state=present</em>.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure the pre-login banner + vyos.vyos.vyos_banner: + banner: pre-login + text: | + this is my pre-login banner + that contains a multiline + string + state: present + - name: remove the post-login banner + vyos.vyos.vyos_banner: + banner: post-login + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['banner pre-login', 'this is my pre-login banner', 'that contains a multiline', 'string']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Trishna Guha (@trishnaguha) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_cliconf.rst b/docs/vyos.vyos.vyos_cliconf.rst new file mode 100644 index 0000000..7e5c9da --- /dev/null +++ b/docs/vyos.vyos.vyos_cliconf.rst @@ -0,0 +1,44 @@ + +.. _vyos.vyos.vyos_cliconf: + + +************** +vyos.vyos.vyos +************** + +**Use vyos cliconf to run command on VyOS platform** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This vyos plugin provides low level abstraction apis for sending and receiving CLI commands from VyOS network devices. + + + + + + + + + + + +Status +------ + + +Authors +~~~~~~~ + +- Ansible Networking Team + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_command_module.rst b/docs/vyos.vyos.vyos_command_module.rst new file mode 100644 index 0000000..db24dd6 --- /dev/null +++ b/docs/vyos.vyos.vyos_command_module.rst @@ -0,0 +1,383 @@ +:orphan: + +.. _vyos.vyos.vyos_command_module: + + +********************** +vyos.vyos.vyos_command +********************** + +**Run one or more commands on VyOS devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- The command module allows running one or more commands on remote devices running VyOS. This module can also be introspected to validate key parameters before returning successfully. If the conditional statements are not met in the wait period, the task fails. +- Certain ``show`` commands in VyOS produce many lines of output and use a custom pager that can cause this module to hang. If the value of the environment variable ``ANSIBLE_VYOS_TERMINAL_LENGTH`` is not set, the default number of 10000 is used. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>The ordered set of commands to execute on the remote device running VyOS. The output from the command execution is returned to the playbook. If the <em>wait_for</em> argument is provided, the module is not returned until the condition is satisfied or the number of retries has been exceeded.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">1</div> + </td> + <td> + <div>Configures the interval in seconds to wait between <em>retries</em> of the command. If the command does not pass the specified conditions, the interval indicates how long to wait before trying the command again.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>match</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>any</li> + <li><div style="color: blue"><b>all</b> ←</div></li> + </ul> + </td> + <td> + <div>The <em>match</em> argument is used in conjunction with the <em>wait_for</em> argument to specify the match policy. Valid values are <code>all</code> or <code>any</code>. If the value is set to <code>all</code> then all conditionals in the wait_for must be satisfied. If the value is set to <code>any</code> then only one of the values must be satisfied.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>retries</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the number of retries a command should be tried before it is considered failed. The command is run on the target device every retry and evaluated against the <em>wait_for</em> conditionals.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>wait_for</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies what to evaluate from the output of the command and what conditionals to apply. This argument will cause the task to wait for a particular conditional to be true before moving forward. If the conditional is not true by the configured <em>retries</em>, the task fails. See examples.</div> + <div style="font-size: small; color: darkgreen"><br/>aliases: waitfor</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - Running ``show system boot-messages all`` will cause the module to hang since VyOS is using a custom pager setting to display the output of that command. + - If a command sent to the device requires answering a prompt, it is possible to pass a dict containing *command*, *answer* and *prompt*. See examples. + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: show configuration on ethernet devices eth0 and eth1 + vyos.vyos.vyos_command: + commands: + - show interfaces ethernet {{ item }} + with_items: + - eth0 + - eth1 + + - name: run multiple commands and check if version output contains specific version + string + vyos.vyos.vyos_command: + commands: + - show version + - show hardware cpu + wait_for: + - result[0] contains 'VyOS 1.1.7' + + - name: run command that requires answering a prompt + vyos.vyos.vyos_command: + commands: + - command: rollback 1 + prompt: Proceed with reboot? [confirm][y] + answer: y + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>failed_conditions</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>failed</td> + <td> + <div>The list of conditionals that have failed</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['...', '...']</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>stdout</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always apart from low level errors (such as action plugin)</td> + <td> + <div>The set of responses from the commands</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['...', '...']</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>stdout_lines</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The value of stdout split into a list</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">[['...', '...'], ['...'], ['...']]</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>warnings</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of warnings (if any) generated by module based on arguments</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['...', '...']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nathaniel Case (@Qalthos) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_config_module.rst b/docs/vyos.vyos.vyos_config_module.rst new file mode 100644 index 0000000..50e4203 --- /dev/null +++ b/docs/vyos.vyos.vyos_config_module.rst @@ -0,0 +1,520 @@ +:orphan: + +.. _vyos.vyos.vyos_config_module: + + +********************* +vyos.vyos.vyos_config +********************* + +**Manage VyOS configuration on remote device** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module provides configuration file management of VyOS devices. It provides arguments for managing both the configuration file and state of the active configuration. All configuration statements are based on `set` and `delete` commands in the device configuration. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>backup</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>no</b> ←</div></li> + <li>yes</li> + </ul> + </td> + <td> + <div>The <code>backup</code> argument will backup the current devices active configuration to the Ansible control host prior to making any changes. If the <code>backup_options</code> value is not given, the backup file will be located in the backup folder in the playbook root directory or role root directory, if playbook is part of an ansible role. If the directory does not exist, it is created.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>backup_options</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>This is a dict object containing configurable options related to backup file path. The value of this option is read only when <code>backup</code> is set to <em>yes</em>, if <code>backup</code> is set to <em>no</em> this option will be silently ignored.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>dir_path</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>This option provides the path ending with directory name in which the backup configuration file will be stored. If the directory does not exist it will be first created and the filename is either the value of <code>filename</code> or default filename as described in <code>filename</code> options description. If the path value is not given in that case a <em>backup</em> directory will be created in the current working directory and backup configuration will be copied in <code>filename</code> within <em>backup</em> directory.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>filename</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The filename to be used to store the backup configuration. If the filename is not given it will be generated based on the hostname, current time and date in format defined by <hostname>_config.<current-date>@<current-time></div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>comment</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">"configured by vyos_config"</div> + </td> + <td> + <div>Allows a commit description to be specified to be included when the configuration is committed. If the configuration is not changed or committed, this argument is ignored.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The <code>config</code> argument specifies the base configuration to use to compare against the desired configuration. If this value is not specified, the module will automatically retrieve the current active configuration from the remote device.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>lines</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The ordered set of configuration lines to be managed and compared with the existing configuration on the remote device.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>match</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>line</b> ←</div></li> + <li>none</li> + </ul> + </td> + <td> + <div>The <code>match</code> argument controls the method used to match against the current active configuration. By default, the desired config is matched against the active config and the deltas are loaded. If the <code>match</code> argument is set to <code>none</code> the active configuration is ignored and the configuration is always loaded.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>save</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>no</b> ←</div></li> + <li>yes</li> + </ul> + </td> + <td> + <div>The <code>save</code> argument controls whether or not changes made to the active configuration are saved to disk. This is independent of committing the config. When set to True, the active configuration is saved.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>src</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The <code>src</code> argument specifies the path to the source config file to load. The source config file can either be in bracket format or set format. The source file can include Jinja2 template variables.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure the remote device + vyos.vyos.vyos_config: + lines: + - set system host-name {{ inventory_hostname }} + - set service lldp + - delete service dhcp-server + + - name: backup and load from file + vyos.vyos.vyos_config: + src: vyos.cfg + backup: yes + + - name: render a Jinja2 template onto the VyOS router + vyos.vyos.vyos_config: + src: vyos_template.j2 + + - name: for idempotency, use full-form commands + vyos.vyos.vyos_config: + lines: + # - set int eth eth2 description 'OUTSIDE' + - set interface ethernet eth2 description 'OUTSIDE' + + - name: configurable backup path + vyos.vyos.vyos_config: + backup: yes + backup_options: + filename: backup.cfg + dir_path: /home/user + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>backup_path</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when backup is yes</td> + <td> + <div>The full path to the backup file</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/playbooks/ansible/backup/vyos_config.2016-07-16@22:28:34</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration commands sent to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['...', '...']</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>date</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when backup is yes</td> + <td> + <div>The date extracted from the backup file name</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">2016-07-16</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>filename</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when backup is yes and filename is not specified in backup options</td> + <td> + <div>The name of the backup file</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">vyos_config.2016-07-16@22:28:34</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>filtered</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration commands removed to avoid a load failure</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['...', '...']</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>shortname</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when backup is yes and filename is not specified in backup options</td> + <td> + <div>The full path to the backup file excluding the timestamp</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">/playbooks/ansible/backup/vyos_config</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>time</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when backup is yes</td> + <td> + <div>The time extracted from the backup file name</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">22:28:34</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nathaniel Case (@Qalthos) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_facts_module.rst b/docs/vyos.vyos.vyos_facts_module.rst new file mode 100644 index 0000000..c7acfe6 --- /dev/null +++ b/docs/vyos.vyos.vyos_facts_module.rst @@ -0,0 +1,435 @@ +:orphan: + +.. _vyos.vyos.vyos_facts_module: + + +******************** +vyos.vyos.vyos_facts +******************** + +**Get facts about vyos devices.** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Collects facts from network devices running the vyos operating system. This module places the facts gathered in the fact tree keyed by the respective resource name. The facts module will always collect a base set of facts from the device and can enable or disable collection of additional facts. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>gather_network_resources</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all and the resources like interfaces. Can specify a list of values to include a larger subset. Values can also be used with an initial <code><span class='module'>!</span></code> to specify that a specific subset should not be collected. Valid subsets are 'all', 'interfaces', 'l3_interfaces', 'lag_interfaces', 'lldp_global', 'lldp_interfaces', 'static_routes', 'firewall_rules', 'firewall_global', 'firewall_interfaces', 'ospfv3', 'ospfv2'.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>gather_subset</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">"!config"</div> + </td> + <td> + <div>When supplied, this argument will restrict the facts collected to a given subset. Possible values for this argument include all, default, config, and neighbors. Can specify a list of values to include a larger subset. Values can also be used with an initial <code><span class='module'>!</span></code> to specify that a specific subset should not be collected.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Gather all facts + - vyos.vyos.vyos_facts: + gather_subset: all + gather_network_resources: all + + # collect only the config and default facts + - vyos.vyos.vyos_facts: + gather_subset: config + + # collect everything exception the config + - vyos.vyos.vyos_facts: + gather_subset: '!config' + + # Collect only the interfaces facts + - vyos.vyos.vyos_facts: + gather_subset: + - '!all' + - '!min' + gather_network_resources: + - interfaces + + # Do not collect interfaces facts + - vyos.vyos.vyos_facts: + gather_network_resources: + - '!interfaces' + + # Collect interfaces and minimal default facts + - vyos.vyos.vyos_facts: + gather_subset: min + gather_network_resources: interfaces + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_api</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The name of the transport</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_commits</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when present</td> + <td> + <div>The set of available configuration revisions</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_config</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>when config is configured</td> + <td> + <div>The running-config from the device</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_gather_network_resources</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of fact resource subsets collected from the device</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_gather_subset</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of subsets gathered by the module</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_hostname</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The configured system hostname</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_model</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The device model string</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_neighbors</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when interface is configured</td> + <td> + <div>The set of LLDP neighbors</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_python_version</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The Python version Ansible controller is using</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_serialnum</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The serial number of the device</div> + <br/> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>ansible_net_version</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>The version of the software running</div> + <br/> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nathaniel Case (@qalthos) +- Nilashish Chakraborty (@Nilashishc) +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_firewall_global_module.rst b/docs/vyos.vyos.vyos_firewall_global_module.rst new file mode 100644 index 0000000..c07602a --- /dev/null +++ b/docs/vyos.vyos.vyos_firewall_global_module.rst @@ -0,0 +1,1745 @@ +:orphan: + +.. _vyos.vyos.vyos_firewall_global_module: + + +****************************** +vyos.vyos.vyos_firewall_global +****************************** + +**FIREWALL global resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manage global policies or configurations for firewall on VyOS devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="5">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>A dictionary of Firewall global configuration options.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config_trap</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>SNMP trap generation on firewall configuration changes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Defines a group of objects for referencing in firewall rules.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Defines a group of IP addresses for referencing in firewall rules.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Allows you to specify a brief description for the address group.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>members</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Address-group members.</div> + <div>IPv4 address to match.</div> + <div>IPv4 range to match.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IP address.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the firewall address group.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>network_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Defines a group of networks for referencing in firewall rules.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Allows you to specify a brief description for the network group.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>members</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Adds an IPv4 network to the specified network group.</div> + <div>The format is ip-address/prefix.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IP address.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the firewall network group.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Defines a group of ports for referencing in firewall rules.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Allows you to specify a brief description for the port group.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>members</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Port-group member.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Defines the number.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the firewall port group.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>log_martians</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Specifies whether or not to record packets with invalid addresses in the log.</div> + <div>(True) Logs packets with invalid addresses.</div> + <div>(False) Does not log packets with invalid addresses.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ping</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Policy for handling of all IPv4 ICMP echo requests.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>all</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enables or disables response to all IPv4 ICMP Echo Request (ping) messages.</div> + <div>The system responds to IPv4 ICMP Echo Request messages.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>broadcast</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enables or disables response to broadcast IPv4 ICMP Echo Request and Timestamp Request messages.</div> + <div>IPv4 ICMP Echo and Timestamp Request messages are not processed.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_redirects</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>-A dictionary of Firewall icmp redirect and source route global configuration options.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>afi</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>ipv4</li> + <li>ipv6</li> + </ul> + </td> + <td> + <div>Specifies IP address type</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>icmp_redirects</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies whether to allow sending/receiving of IPv4/v6 ICMP redirect messages.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>receive</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Permits or denies receiving packets ICMP redirect messages.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>send</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Permits or denies transmitting packets ICMP redirect messages.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ip_src_route</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Specifies whether or not to process source route IP options.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state_policy</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies global firewall state-policy.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>action</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>accept</li> + <li>drop</li> + <li>reject</li> + </ul> + </td> + <td> + <div>Action for packets part of an established connection.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>connection_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>established</li> + <li>invalid</li> + <li>related</li> + </ul> + </td> + <td> + <div>Specifies connection type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>log</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enable logging of packets part of an established connection.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>syn_cookies</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Specifies policy for using TCP SYN cookies with IPv4.</div> + <div>(True) Enables TCP SYN cookies with IPv4.</div> + <div>(False) Disables TCP SYN cookies with IPv4.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>twa_hazards_protection</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>RFC1337 TCP TIME-WAIT assasination hazards protection.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>validation</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>stricu</li> + <li>loose</li> + <li>disable</li> + </ul> + </td> + <td> + <div>Specifies a policy for source validation by reversed path, as defined in RFC 3704.</div> + <div>(disable) No source validation is performed.</div> + <div>(loose) Enable Loose Reverse Path Forwarding as defined in RFC3704.</div> + <div>(strict) Enable Strict Reverse Path Forwarding as defined in RFC3704.</div> + </td> + </tr> + + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The <em>running_config</em> argument allows the implementer to pass in the configuration to use as the base config for comparison. This value of this option should be the output received from device by executing command <code>show configuration commands | grep 'firewall'</code></div> + </td> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>deleted</li> + <li>gathered</li> + <li>rendered</li> + <li>parsed</li> + </ul> + </td> + <td> + <div>The state the configuration should be left in.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos# run show configuration commands | grep firewall + # + # + - name: Merge the provided configuration with the exisiting running configuration + vyos.vyos.vyos_firewall_global: + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: MGMT-HOSTS + description: This group has the Management hosts address list + members: + - address: 192.0.1.1 + - address: 192.0.1.3 + - address: 192.0.1.5 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 192.0.1.0/24 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": [] + # + # "commands": [ + # "set firewall group address-group MGMT-HOSTS address 192.0.1.1", + # "set firewall group address-group MGMT-HOSTS address 192.0.1.3", + # "set firewall group address-group MGMT-HOSTS address 192.0.1.5", + # "set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address list'", + # "set firewall group address-group MGMT-HOSTS", + # "set firewall group network-group MGMT network 192.0.1.0/24", + # "set firewall group network-group MGMT description 'This group has the Management network addresses'", + # "set firewall group network-group MGMT", + # "set firewall ip-src-route 'enable'", + # "set firewall receive-redirects 'disable'", + # "set firewall send-redirects 'enable'", + # "set firewall config-trap 'enable'", + # "set firewall state-policy established action 'accept'", + # "set firewall state-policy established log 'enable'", + # "set firewall state-policy invalid action 'reject'", + # "set firewall broadcast-ping 'enable'", + # "set firewall all-ping 'enable'", + # "set firewall log-martians 'enable'", + # "set firewall twa-hazards-protection 'enable'", + # "set firewall syn-cookies 'enable'", + # "set firewall source-validation 'strict'" + # ] + # + # "after": { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "This group has the Management hosts address list", + # "members": [ + # { + # "address": "192.0.1.1" + # }, + # { + # "address": "192.0.1.3" + # }, + # { + # "address": "192.0.1.5" + # } + # ], + # "name": "MGMT-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group MGMT-HOSTS address '192.0.1.1' + # set firewall group address-group MGMT-HOSTS address '192.0.1.3' + # set firewall group address-group MGMT-HOSTS address '192.0.1.5' + # set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + # + # + # Using parsed + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_firewall_global: + running_config: + "set firewall all-ping 'enable' + set firewall broadcast-ping 'enable' + set firewall config-trap 'enable' + set firewall group address-group ENG-HOSTS address '192.0.3.1' + set firewall group address-group ENG-HOSTS address '192.0.3.2' + set firewall group address-group ENG-HOSTS description 'Sales office hosts address list' + set firewall group address-group SALES-HOSTS address '192.0.2.1' + set firewall group address-group SALES-HOSTS address '192.0.2.2' + set firewall group address-group SALES-HOSTS address '192.0.2.3' + set firewall group address-group SALES-HOSTS description 'Sales office hosts address list' + set firewall group network-group MGMT description 'This group has the Management network addresses' + set firewall group network-group MGMT network '192.0.1.0/24' + set firewall ip-src-route 'enable' + set firewall log-martians 'enable' + set firewall receive-redirects 'disable' + set firewall send-redirects 'enable' + set firewall source-validation 'strict' + set firewall state-policy established action 'accept' + set firewall state-policy established log 'enable' + set firewall state-policy invalid action 'reject' + set firewall syn-cookies 'enable' + set firewall twa-hazards-protection 'enable'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.3.1" + # }, + # { + # "address": "192.0.3.2" + # } + # ], + # "name": "ENG-HOSTS" + # }, + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.2.1" + # }, + # { + # "address": "192.0.2.2" + # }, + # { + # "address": "192.0.2.3" + # } + # ], + # "name": "SALES-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # } + # + # + # Using deleted + # + # Before state + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group MGMT-HOSTS address '192.0.1.1' + # set firewall group address-group MGMT-HOSTS address '192.0.1.3' + # set firewall group address-group MGMT-HOSTS address '192.0.1.5' + # set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + - name: Delete attributes of firewall. + vyos.vyos.vyos_firewall_global: + config: + state_policy: + config_trap: + log_martians: + syn_cookies: + twa_hazards_protection: + route_redirects: + ping: + group: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "This group has the Management hosts address list", + # "members": [ + # { + # "address": "192.0.1.1" + # }, + # { + # "address": "192.0.1.3" + # }, + # { + # "address": "192.0.1.5" + # } + # ], + # "name": "MGMT-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # "commands": [ + # "delete firewall source-validation", + # "delete firewall group", + # "delete firewall log-martians", + # "delete firewall ip-src-route", + # "delete firewall receive-redirects", + # "delete firewall send-redirects", + # "delete firewall config-trap", + # "delete firewall state-policy", + # "delete firewall syn-cookies", + # "delete firewall broadcast-ping", + # "delete firewall all-ping", + # "delete firewall twa-hazards-protection" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@192# run show configuration commands | grep firewall + # set 'firewall' + # + # + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group MGMT-HOSTS address '192.0.1.1' + # set firewall group address-group MGMT-HOSTS address '192.0.1.3' + # set firewall group address-group MGMT-HOSTS address '192.0.1.5' + # set firewall group address-group MGMT-HOSTS description 'This group has the Management hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + # + - name: Replace firewall global attributes configuration. + vyos.vyos.vyos_firewall_global: + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: SALES-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.2.1 + - address: 192.0.2.2 + - address: 192.0.2.3 + - name: ENG-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.3.1 + - address: 192.0.3.2 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 192.0.1.0/24 + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "This group has the Management hosts address list", + # "members": [ + # { + # "address": "192.0.1.1" + # }, + # { + # "address": "192.0.1.3" + # }, + # { + # "address": "192.0.1.5" + # } + # ], + # "name": "MGMT-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # + # "commands": [ + # "delete firewall group address-group MGMT-HOSTS", + # "set firewall group address-group SALES-HOSTS address 192.0.2.1", + # "set firewall group address-group SALES-HOSTS address 192.0.2.2", + # "set firewall group address-group SALES-HOSTS address 192.0.2.3", + # "set firewall group address-group SALES-HOSTS description 'Sales office hosts address list'", + # "set firewall group address-group SALES-HOSTS", + # "set firewall group address-group ENG-HOSTS address 192.0.3.1", + # "set firewall group address-group ENG-HOSTS address 192.0.3.2", + # "set firewall group address-group ENG-HOSTS description 'Sales office hosts address list'", + # "set firewall group address-group ENG-HOSTS" + # ] + # + # "after": { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.3.1" + # }, + # { + # "address": "192.0.3.2" + # } + # ], + # "name": "ENG-HOSTS" + # }, + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.2.1" + # }, + # { + # "address": "192.0.2.2" + # }, + # { + # "address": "192.0.2.3" + # } + # ], + # "name": "SALES-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group ENG-HOSTS address '192.0.3.1' + # set firewall group address-group ENG-HOSTS address '192.0.3.2' + # set firewall group address-group ENG-HOSTS description 'Sales office hosts address list' + # set firewall group address-group SALES-HOSTS address '192.0.2.1' + # set firewall group address-group SALES-HOSTS address '192.0.2.2' + # set firewall group address-group SALES-HOSTS address '192.0.2.3' + # set firewall group address-group SALES-HOSTS description 'Sales office hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + # + # + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group ENG-HOSTS address '192.0.3.1' + # set firewall group address-group ENG-HOSTS address '192.0.3.2' + # set firewall group address-group ENG-HOSTS description 'Sales office hosts address list' + # set firewall group address-group SALES-HOSTS address '192.0.2.1' + # set firewall group address-group SALES-HOSTS address '192.0.2.2' + # set firewall group address-group SALES-HOSTS address '192.0.2.3' + # set firewall group address-group SALES-HOSTS description 'Sales office hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + # + - name: Gather firewall global config with provided configurations + vyos.vyos.vyos_firewall_global: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.3.1" + # }, + # { + # "address": "192.0.3.2" + # } + # ], + # "name": "ENG-HOSTS" + # }, + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.2.1" + # }, + # { + # "address": "192.0.2.2" + # }, + # { + # "address": "192.0.2.3" + # } + # ], + # "name": "SALES-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall all-ping 'enable' + # set firewall broadcast-ping 'enable' + # set firewall config-trap 'enable' + # set firewall group address-group ENG-HOSTS address '192.0.3.1' + # set firewall group address-group ENG-HOSTS address '192.0.3.2' + # set firewall group address-group ENG-HOSTS description 'Sales office hosts address list' + # set firewall group address-group SALES-HOSTS address '192.0.2.1' + # set firewall group address-group SALES-HOSTS address '192.0.2.2' + # set firewall group address-group SALES-HOSTS address '192.0.2.3' + # set firewall group address-group SALES-HOSTS description 'Sales office hosts address list' + # set firewall group network-group MGMT description 'This group has the Management network addresses' + # set firewall group network-group MGMT network '192.0.1.0/24' + # set firewall ip-src-route 'enable' + # set firewall log-martians 'enable' + # set firewall receive-redirects 'disable' + # set firewall send-redirects 'enable' + # set firewall source-validation 'strict' + # set firewall state-policy established action 'accept' + # set firewall state-policy established log 'enable' + # set firewall state-policy invalid action 'reject' + # set firewall syn-cookies 'enable' + # set firewall twa-hazards-protection 'enable' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_firewall_global: + config: + validation: strict + config_trap: true + log_martians: true + syn_cookies: true + twa_hazards_protection: true + ping: + all: true + broadcast: true + state_policy: + - connection_type: established + action: accept + log: true + - connection_type: invalid + action: reject + route_redirects: + - afi: ipv4 + ip_src_route: true + icmp_redirects: + send: true + receive: false + group: + address_group: + - name: SALES-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.2.1 + - address: 192.0.2.2 + - address: 192.0.2.3 + - name: ENG-HOSTS + description: Sales office hosts address list + members: + - address: 192.0.3.1 + - address: 192.0.3.2 + network_group: + - name: MGMT + description: This group has the Management network addresses + members: + - address: 192.0.1.0/24 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set firewall group address-group SALES-HOSTS address 192.0.2.1", + # "set firewall group address-group SALES-HOSTS address 192.0.2.2", + # "set firewall group address-group SALES-HOSTS address 192.0.2.3", + # "set firewall group address-group SALES-HOSTS description 'Sales office hosts address list'", + # "set firewall group address-group SALES-HOSTS", + # "set firewall group address-group ENG-HOSTS address 192.0.3.1", + # "set firewall group address-group ENG-HOSTS address 192.0.3.2", + # "set firewall group address-group ENG-HOSTS description 'Sales office hosts address list'", + # "set firewall group address-group ENG-HOSTS", + # "set firewall group network-group MGMT network 192.0.1.0/24", + # "set firewall group network-group MGMT description 'This group has the Management network addresses'", + # "set firewall group network-group MGMT", + # "set firewall ip-src-route 'enable'", + # "set firewall receive-redirects 'disable'", + # "set firewall send-redirects 'enable'", + # "set firewall config-trap 'enable'", + # "set firewall state-policy established action 'accept'", + # "set firewall state-policy established log 'enable'", + # "set firewall state-policy invalid action 'reject'", + # "set firewall broadcast-ping 'enable'", + # "set firewall all-ping 'enable'", + # "set firewall log-martians 'enable'", + # "set firewall twa-hazards-protection 'enable'", + # "set firewall syn-cookies 'enable'", + # "set firewall source-validation 'strict'" + # ] + # + # + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set firewall group address-group ENG-HOSTS', 'set firewall group address-group ENG-HOSTS address 192.0.3.1']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_firewall_interfaces_module.rst b/docs/vyos.vyos.vyos_firewall_interfaces_module.rst new file mode 100644 index 0000000..768b369 --- /dev/null +++ b/docs/vyos.vyos.vyos_firewall_interfaces_module.rst @@ -0,0 +1,1417 @@ +:orphan: + +.. _vyos.vyos.vyos_firewall_interfaces_module: + + +********************************** +vyos.vyos.vyos_firewall_interfaces +********************************** + +**FIREWALL interfaces resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Manage firewall rules of interfaces on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="4">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A list of firewall rules options for interfaces.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>access_rules</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies firewall rules attached to the interfaces.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>afi</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>ipv4</li> + <li>ipv6</li> + </ul> + </td> + <td> + <div>Specifies the AFI for the Firewall rules to be configured on this interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>rules</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the firewall rules for the provided AFI.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>direction</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>in</li> + <li>local</li> + <li>out</li> + </ul> + </td> + <td> + <div>Specifies the direction of packets that the firewall rule will be applied on.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the name of the IPv4/IPv6 Firewall rule for the interface.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name/Identifier for the interface.</div> + </td> + </tr> + + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>The module, by default, will connect to the remote device and retrieve the current running-config to use as a base for comparing against the contents of source. There are times when it is not desirable to have the task get the current running-config for every task in a playbook. The <em>running_config</em> argument allows the implementer to pass in the configuration to use as the base config for comparison. This value of this option should be the output received from device by executing command C(show configuration commands | grep 'firewall'</div> + </td> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>parsed</li> + <li>rendered</li> + <li>gathered</li> + </ul> + </td> + <td> + <div>The state the configuration should be left in.</div> + </td> + </tr> + </table> + <br/> + + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # + - name: Merge the provided configuration with the existing running configuration + vyos.vyos.vyos_firewall_interfaces: + config: + - access_rules: + - afi: ipv4 + rules: + - name: INBOUND + direction: in + - name: OUTBOUND + direction: out + - name: LOCAL + direction: local + - afi: ipv6 + rules: + - name: V6-LOCAL + direction: local + name: eth1 + - access_rules: + - afi: ipv4 + rules: + - name: INBOUND + direction: in + - name: OUTBOUND + direction: out + - name: LOCAL + direction: local + - afi: ipv6 + rules: + - name: V6-LOCAL + direction: local + name: eth3 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": [ + # { + # "name": "eth0" + # }, + # { + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "name": "eth3" + # } + # ] + # + # "commands": [ + # "set interfaces ethernet eth1 firewall in name 'INBOUND'", + # "set interfaces ethernet eth1 firewall out name 'OUTBOUND'", + # "set interfaces ethernet eth1 firewall local name 'LOCAL'", + # "set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL'", + # "set interfaces ethernet eth3 firewall in name 'INBOUND'", + # "set interfaces ethernet eth3 firewall out name 'OUTBOUND'", + # "set interfaces ethernet eth3 firewall local name 'LOCAL'", + # "set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL'" + # ] + # + # "after": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + # + - name: Merge the provided configuration with the existing running configuration + vyos.vyos.vyos_firewall_interfaces: + config: + - access_rules: + - afi: ipv4 + rules: + - name: OUTBOUND + direction: in + - name: INBOUND + direction: out + name: eth1 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # "commands": [ + # "set interfaces ethernet eth1 firewall in name 'OUTBOUND'", + # "set interfaces ethernet eth1 firewall out name 'INBOUND'" + # ] + # + # "after": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "OUTBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "INBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'OUTBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'INBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + # + - name: Replace device configurations of listed firewall interfaces with provided + configurations + vyos.vyos.vyos_firewall_interfaces: + config: + - name: eth1 + access_rules: + - afi: ipv4 + rules: + - name: OUTBOUND + direction: out + - afi: ipv6 + rules: + - name: V6-LOCAL + direction: local + - name: eth3 + access_rules: + - afi: ipv4 + rules: + - name: INBOUND + direction: in + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # "commands": [ + # "delete interfaces ethernet eth1 firewall in name", + # "delete interfaces ethernet eth1 firewall local name", + # "delete interfaces ethernet eth3 firewall local name", + # "delete interfaces ethernet eth3 firewall out name", + # "delete interfaces ethernet eth3 firewall local ipv6-name" + # ] + # + # "after": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall 'in' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall 'local' + # set interfaces ethernet eth3 firewall 'out' + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall 'in' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall 'local' + # set interfaces ethernet eth3 firewall 'out' + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_firewall_interfaces: + config: + - name: eth3 + access_rules: + - afi: ipv4 + rules: + - name: INBOUND + direction: out + state: overridden + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before":[ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # "commands": [ + # "delete interfaces ethernet eth1 firewall", + # "delete interfaces ethernet eth3 firewall in name", + # "set interfaces ethernet eth3 firewall out name 'INBOUND'" + # + # + # "after": [ + # { + # "name": "eth0" + # }, + # { + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "out", + # "name": "INBOUND" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth3 firewall 'in' + # set interfaces ethernet eth3 firewall 'local' + # set interfaces ethernet eth3 firewall out name 'INBOUND' + + + # Using deleted per interface name + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + # + - name: Delete firewall interfaces based on interface name. + vyos.vyos.vyos_firewall_interfaces: + config: + - name: eth1 + - name: eth3 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # "commands": [ + # "delete interfaces ethernet eth1 firewall", + # "delete interfaces ethernet eth3 firewall" + # ] + # + # "after": [ + # { + # "name": "eth0" + # }, + # { + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "name": "eth3" + # } + # ] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + + + # Using deleted per afi + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + # + - name: Delete firewall interfaces config per afi. + vyos.vyos.vyos_firewall_interfaces: + config: + - name: eth1 + access_rules: + - afi: ipv4 + - afi: ipv6 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "commands": [ + # "delete interfaces ethernet eth1 firewall in name", + # "delete interfaces ethernet eth1 firewall out name", + # "delete interfaces ethernet eth1 firewall local name", + # "delete interfaces ethernet eth1 firewall local ipv6-name" + # ] + # + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + + + # Using deleted without config + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall in name 'INBOUND' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall local name 'LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth3 firewall local name 'LOCAL' + # set interfaces ethernet eth3 firewall out name 'OUTBOUND' + # + - name: Delete firewall interfaces config when empty config provided. + vyos.vyos.vyos_firewall_interfaces: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "commands": [ + # "delete interfaces ethernet eth1 firewall", + # "delete interfaces ethernet eth1 firewall" + # ] + # + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + + + # Using parsed + # + # + - name: Parse the provided configuration + vyos.vyos.vyos_firewall_interfaces: + running_config: + "set interfaces ethernet eth1 firewall in name 'INBOUND' + set interfaces ethernet eth1 firewall out name 'OUTBOUND' + set interfaces ethernet eth1 firewall local name 'LOCAL' + set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + set interfaces ethernet eth2 firewall in name 'INBOUND' + set interfaces ethernet eth2 firewall out name 'OUTBOUND' + set interfaces ethernet eth2 firewall local name 'LOCAL' + set interfaces ethernet eth2 firewall local ipv6-name 'V6-LOCAL'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # }, + # { + # "direction": "local", + # "name": "LOCAL" + # }, + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth2" + # }, + # { + # "name": "eth3" + # } + # ] + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall 'in' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall 'local' + # set interfaces ethernet eth3 firewall 'out' + # + - name: Gather listed firewall interfaces. + vyos.vyos.vyos_firewall_interfaces: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "name": "eth0" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "out", + # "name": "OUTBOUND" + # } + # ] + # }, + # { + # "afi": "ipv6", + # "rules": [ + # { + # "direction": "local", + # "name": "V6-LOCAL" + # } + # ] + # } + # ], + # "name": "eth1" + # }, + # { + # "name": "eth2" + # }, + # { + # "access_rules": [ + # { + # "afi": "ipv4", + # "rules": [ + # { + # "direction": "in", + # "name": "INBOUND" + # } + # ] + # } + # ], + # "name": "eth3" + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name 'V6-LOCAL' + # set firewall name 'INBOUND' + # set firewall name 'LOCAL' + # set firewall name 'OUTBOUND' + # set interfaces ethernet eth1 firewall 'in' + # set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL' + # set interfaces ethernet eth1 firewall out name 'OUTBOUND' + # set interfaces ethernet eth3 firewall in name 'INBOUND' + # set interfaces ethernet eth3 firewall 'local' + # set interfaces ethernet eth3 firewall 'out' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_firewall_interfaces: + config: + - name: eth2 + access_rules: + - afi: ipv4 + rules: + - direction: in + name: INGRESS + - direction: out + name: OUTGRESS + - direction: local + name: DROP + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set interfaces ethernet eth2 firewall in name 'INGRESS'", + # "set interfaces ethernet eth2 firewall out name 'OUTGRESS'", + # "set interfaces ethernet eth2 firewall local name 'DROP'", + # "set interfaces ethernet eth2 firewall local ipv6-name 'LOCAL'" + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set interfaces ethernet eth1 firewall local ipv6-name 'V6-LOCAL'", "set interfaces ethernet eth3 firewall in name 'INBOUND'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_firewall_rules_module.rst b/docs/vyos.vyos.vyos_firewall_rules_module.rst new file mode 100644 index 0000000..1b4f4b6 --- /dev/null +++ b/docs/vyos.vyos.vyos_firewall_rules_module.rst @@ -0,0 +1,2444 @@ +:orphan: + +.. _vyos.vyos.vyos_firewall_rules_module: + + +***************************** +vyos.vyos.vyos_firewall_rules +***************************** + +**FIREWALL rules resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages firewall rule-set attributes on VyOS devices + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="6">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A dictionary of Firewall rule-set options.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>afi</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>ipv4</li> + <li>ipv6</li> + </ul> + </td> + <td> + <div>Specifies the type of rule-set.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>rule_sets</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>The Firewall rule-set list.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>default_action</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>drop</li> + <li>reject</li> + <li>accept</li> + </ul> + </td> + <td> + <div>Default action for rule-set.</div> + <div>drop (Drop if no prior rules are hit (default))</div> + <div>reject (Drop and notify source if no prior rules are hit)</div> + <div>accept (Accept if no prior rules are hit)</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Rule set description.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enable_default_log</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Option to log packets hitting default-action.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Firewall rule set name.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>rules</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A ditionary that specifies the rule-set configurations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>action</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>drop</li> + <li>reject</li> + <li>accept</li> + <li>inspect</li> + </ul> + </td> + <td> + <div>Specifying the action.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Description of this rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>destination</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifying the destination parameters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Destination ip address subnet or range.</div> + <div>IPv4/6 address, subnet or range to match.</div> + <div>Match everything except the specified address, subnet or range.</div> + <div>Destination ip address subnet or range.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Destination group.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of addresses.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>network_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of networks.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of ports.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Multiple destination ports can be specified as a comma-separated list.</div> + <div>The whole list can also be "negated" using '!'.</div> + <div>For example:'!22,telnet,http,123,1001-1005'.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>disabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Option to disable firewall rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>fragment</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>match-frag</li> + <li>match-non-frag</li> + </ul> + </td> + <td> + <div>IP fragment match.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>icmp</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>ICMP type and code information.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>code</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>ICMP code.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>ICMP type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>type_name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>any</li> + <li>echo-reply</li> + <li>destination-unreachable</li> + <li>network-unreachable</li> + <li>host-unreachable</li> + <li>protocol-unreachable</li> + <li>port-unreachable</li> + <li>fragmentation-needed</li> + <li>source-route-failed</li> + <li>network-unknown</li> + <li>host-unknown</li> + <li>network-prohibited</li> + <li>host-prohibited</li> + <li>TOS-network-unreachable</li> + <li>TOS-host-unreachable</li> + <li>communication-prohibited</li> + <li>host-precedence-violation</li> + <li>precedence-cutoff</li> + <li>source-quench</li> + <li>redirect</li> + <li>network-redirect</li> + <li>host-redirect</li> + <li>TOS-network-redirect</li> + <li>TOS-host-redirect</li> + <li>echo-request</li> + <li>router-advertisement</li> + <li>router-solicitation</li> + <li>time-exceeded</li> + <li>ttl-zero-during-transit</li> + <li>ttl-zero-during-reassembly</li> + <li>parameter-problem</li> + <li>ip-header-bad</li> + <li>required-option-missing</li> + <li>timestamp-request</li> + <li>timestamp-reply</li> + <li>address-mask-request</li> + <li>address-mask-reply</li> + <li>ping</li> + <li>pong</li> + <li>ttl-exceeded</li> + </ul> + </td> + <td> + <div>ICMP type-name.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipsec</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>match-ipsec</li> + <li>match-none</li> + </ul> + </td> + <td> + <div>Inboud ip sec packets.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>limit</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Rate limit using a token bucket filter.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>burst</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Maximum number of packets to allow in excess of rate.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>rate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>format for rate (integer/time unit).</div> + <div>any one of second, minute, hour or day may be used to specify time unit.</div> + <div>eg. 1/second implies rule to be matched at an average of once per second.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>number</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>This is the integer value.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>unit</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This is the time unit.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>number</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Rule number.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>p2p</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>P2P application packets.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>application</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>all</li> + <li>applejuice</li> + <li>bittorrent</li> + <li>directconnect</li> + <li>edonkey</li> + <li>gnutella</li> + <li>kazaa</li> + </ul> + </td> + <td> + <div>Name of the application.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>protocol</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Protocol to match (protocol name in /etc/protocols or protocol number or all).</div> + <div><text> IP protocol name from /etc/protocols (e.g. "tcp" or "udp").</div> + <div><0-255> IP protocol number.</div> + <div>tcp_udp Both TCP and UDP.</div> + <div>all All IP protocols.</div> + <div>(!)All IP protocols except for the specified name or number.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>recent</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Parameters for matching recently seen sources.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>count</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Source addresses seen more than N times.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>time</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Source addresses seen in the last N seconds.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>source</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Source parameters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Source ip address subnet or range.</div> + <div>IPv4/6 address, subnet or range to match.</div> + <div>Match everything except the specified address, subnet or range.</div> + <div>Source ip address subnet or range.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Source group.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of addresses.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>network_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of networks.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port_group</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Group of ports.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mac_address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div><MAC address> MAC address to match.</div> + <div><!MAC address> Match everything except the specified MAC address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Multiple source ports can be specified as a comma-separated list.</div> + <div>The whole list can also be "negated" using '!'.</div> + <div>For example:'!22,telnet,http,123,1001-1005'.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Session state.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>established</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Established state.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>invalid</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Invalid state.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>new</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>New state.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>related</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Related state.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>tcp</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>TCP flags to match.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>flags</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>TCP flags to be matched.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>time</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Time to match rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>monthdays</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Monthdays to match rule on.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>startdate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Date to start matching rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>starttime</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Time of day to start matching rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>stopdate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Date to stop matching rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>stoptime</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Time of day to stop matching rule.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>utc</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Interpret times for startdate, stopdate, starttime and stoptime to be UTC.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>weekdays</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Weekdays to match rule on.</div> + </td> + </tr> + + + + + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep firewall</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>gathered</li> + <li>rendered</li> + <li>parsed</li> + </ul> + </td> + <td> + <div>The state the configuration should be left in</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using deleted to delete firewall rules based on rule-set name + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall name Downlink default-action 'accept' + # set firewall name Downlink description 'IPv4 INBOUND rule set' + # set firewall name Downlink rule 501 action 'accept' + # set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible' + # set firewall name Downlink rule 501 ipsec 'match-ipsec' + # set firewall name Downlink rule 502 action 'reject' + # set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible' + # set firewall name Downlink rule 502 ipsec 'match-ipsec' + # + - name: Delete attributes of given firewall rules. + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv4 + rule_sets: + - name: Downlink + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "Downlink", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 501 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 501 + # }, + # { + # "action": "reject", + # "description": "Rule 502 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 502 + # } + # ] + # } + # ] + # } + # ] + # "commands": [ + # "delete firewall name Downlink" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep firewall + # set firewall group address-group 'inbound' + + + # Using deleted to delete firewall rules based on afi + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + # set firewall group address-group 'inbound' + # set firewall name Downlink default-action 'accept' + # set firewall name Downlink description 'IPv4 INBOUND rule set' + # set firewall name Downlink rule 501 action 'accept' + # set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible' + # set firewall name Downlink rule 501 ipsec 'match-ipsec' + # set firewall name Downlink rule 502 action 'reject' + # set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible' + # set firewall name Downlink rule 502 ipsec 'match-ipsec' + + # + - name: Delete attributes of given firewall rules. + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv4 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK", + # "rules": [ + # { + # "action": "accept", + # "description": "Fwipv6-Rule 1 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 1 + # }, + # { + # "action": "accept", + # "description": "Fwipv6-Rule 2 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 2 + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "Downlink", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 501 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 501 + # }, + # { + # "action": "reject", + # "description": "Rule 502 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 502 + # } + # ] + # } + # ] + # } + # ] + # "commands": [ + # "delete firewall name" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + + + # Using deleted to delete all the the firewall rules when provided config is empty + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall name Downlink default-action 'accept' + # set firewall name Downlink description 'IPv4 INBOUND rule set' + # set firewall name Downlink rule 501 action 'accept' + # set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible' + # set firewall name Downlink rule 501 ipsec 'match-ipsec' + # set firewall name Downlink rule 502 action 'reject' + # set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible' + # set firewall name Downlink rule 502 ipsec 'match-ipsec' + # + - name: Delete attributes of given firewall rules. + vyos.vyos.vyos_firewall_rules: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "Downlink", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 501 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 501 + # }, + # { + # "action": "reject", + # "description": "Rule 502 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 502 + # } + # ] + # } + # ] + # } + # ] + # "commands": [ + # "delete firewall name" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep firewall + # set firewall group address-group 'inbound' + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos# run show configuration commands | grep firewall + # set firewall group address-group 'inbound' + # + - name: Merge the provided configuration with the exisiting running configuration + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv6 + rule_sets: + - name: UPLINK + description: This is ipv6 specific rule-set + default_action: accept + rules: + - number: 1 + action: accept + description: Fwipv6-Rule 1 is configured by Ansible + ipsec: match-ipsec + - number: 2 + action: accept + description: Fwipv6-Rule 2 is configured by Ansible + ipsec: match-ipsec + + - afi: ipv4 + rule_sets: + - name: INBOUND + description: IPv4 INBOUND rule set + default_action: accept + rules: + - number: 101 + action: accept + description: Rule 101 is configured by Ansible + ipsec: match-ipsec + - number: 102 + action: reject + description: Rule 102 is configured by Ansible + ipsec: match-ipsec + - number: 103 + action: accept + description: Rule 103 is configured by Ansible + destination: + group: + address_group: inbound + source: + address: 192.0.2.0 + state: + established: true + new: false + invalid: false + related: true + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": [] + # + # "commands": [ + # "set firewall ipv6-name UPLINK default-action 'accept'", + # "set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'", + # "set firewall ipv6-name UPLINK rule 1 action 'accept'", + # "set firewall ipv6-name UPLINK rule 1", + # "set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible'", + # "set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec'", + # "set firewall ipv6-name UPLINK rule 2 action 'accept'", + # "set firewall ipv6-name UPLINK rule 2", + # "set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible'", + # "set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec'", + # "set firewall name INBOUND default-action 'accept'", + # "set firewall name INBOUND description 'IPv4 INBOUND rule set'", + # "set firewall name INBOUND rule 101 action 'accept'", + # "set firewall name INBOUND rule 101", + # "set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'", + # "set firewall name INBOUND rule 101 ipsec 'match-ipsec'", + # "set firewall name INBOUND rule 102 action 'reject'", + # "set firewall name INBOUND rule 102", + # "set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'", + # "set firewall name INBOUND rule 102 ipsec 'match-ipsec'", + # "set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'", + # "set firewall name INBOUND rule 103 destination group address-group inbound", + # "set firewall name INBOUND rule 103", + # "set firewall name INBOUND rule 103 source address 192.0.2.0", + # "set firewall name INBOUND rule 103 state established enable", + # "set firewall name INBOUND rule 103 state related enable", + # "set firewall name INBOUND rule 103 state invalid disable", + # "set firewall name INBOUND rule 103 state new disable", + # "set firewall name INBOUND rule 103 action 'accept'" + # ] + # + # "after": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK", + # "rules": [ + # { + # "action": "accept", + # "description": "Fwipv6-Rule 1 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 1 + # }, + # { + # "action": "accept", + # "description": "Fwipv6-Rule 2 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 2 + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 102 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 102 + # }, + # { + # "action": "accept", + # "description": "Rule 103 is configured by Ansible", + # "destination": { + # "group": { + # "address_group": "inbound" + # } + # }, + # "number": 103, + # "source": { + # "address": "192.0.2.0" + # }, + # "state": { + # "established": true, + # "invalid": false, + # "new": false, + # "related": true + # } + # } + # ] + # } + # ] + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 102 action 'reject' + # set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible' + # set firewall name INBOUND rule 102 ipsec 'match-ipsec' + # set firewall name INBOUND rule 103 action 'accept' + # set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible' + # set firewall name INBOUND rule 103 destination group address-group 'inbound' + # set firewall name INBOUND rule 103 source address '192.0.2.0' + # set firewall name INBOUND rule 103 state established 'enable' + # set firewall name INBOUND rule 103 state invalid 'disable' + # set firewall name INBOUND rule 103 state new 'disable' + # set firewall name INBOUND rule 103 state related 'enable' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 102 action 'reject' + # set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible' + # set firewall name INBOUND rule 102 ipsec 'match-ipsec' + # set firewall name INBOUND rule 103 action 'accept' + # set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible' + # set firewall name INBOUND rule 103 destination group address-group 'inbound' + # set firewall name INBOUND rule 103 source address '192.0.2.0' + # set firewall name INBOUND rule 103 state established 'enable' + # set firewall name INBOUND rule 103 state invalid 'disable' + # set firewall name INBOUND rule 103 state new 'disable' + # set firewall name INBOUND rule 103 state related 'enable' + # + - name: Replace device configurations of listed firewall rules with provided configurations + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv6 + rule_sets: + - name: UPLINK + description: This is ipv6 specific rule-set + default_action: accept + - afi: ipv4 + rule_sets: + - name: INBOUND + description: IPv4 INBOUND rule set + default_action: accept + rules: + - number: 101 + action: accept + description: Rule 101 is configured by Ansible + ipsec: match-ipsec + - number: 104 + action: reject + description: Rule 104 is configured by Ansible + ipsec: match-none + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK", + # "rules": [ + # { + # "action": "accept", + # "description": "Fwipv6-Rule 1 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 1 + # }, + # { + # "action": "accept", + # "description": "Fwipv6-Rule 2 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 2 + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 102 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 102 + # }, + # { + # "action": "accept", + # "description": "Rule 103 is configured by Ansible", + # "destination": { + # "group": { + # "address_group": "inbound" + # } + # }, + # "number": 103, + # "source": { + # "address": "192.0.2.0" + # }, + # "state": { + # "established": true, + # "invalid": false, + # "new": false, + # "related": true + # } + # } + # ] + # } + # ] + # } + # ] + # + # "commands": [ + # "delete firewall ipv6-name UPLINK rule 1", + # "delete firewall ipv6-name UPLINK rule 2", + # "delete firewall name INBOUND rule 102", + # "delete firewall name INBOUND rule 103", + # "set firewall name INBOUND rule 104 action 'reject'", + # "set firewall name INBOUND rule 104 description 'Rule 104 is configured by Ansible'", + # "set firewall name INBOUND rule 104", + # "set firewall name INBOUND rule 104 ipsec 'match-none'" + # ] + # + # "after": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK" + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 104 is configured by Ansible", + # "ipsec": "match-none", + # "number": 104 + # } + # ] + # } + # ] + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 104 action 'reject' + # set firewall name INBOUND rule 104 description 'Rule 104 is configured by Ansible' + # set firewall name INBOUND rule 104 ipsec 'match-none' + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 104 action 'reject' + # set firewall name INBOUND rule 104 description 'Rule 104 is configured by Ansible' + # set firewall name INBOUND rule 104 ipsec 'match-none' + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv4 + rule_sets: + - name: Downlink + description: IPv4 INBOUND rule set + default_action: accept + rules: + - number: 501 + action: accept + description: Rule 501 is configured by Ansible + ipsec: match-ipsec + - number: 502 + action: reject + description: Rule 502 is configured by Ansible + ipsec: match-ipsec + state: overridden + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK" + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 104 is configured by Ansible", + # "ipsec": "match-none", + # "number": 104 + # } + # ] + # } + # ] + # } + # ] + # + # "commands": [ + # "delete firewall ipv6-name UPLINK", + # "delete firewall name INBOUND", + # "set firewall name Downlink default-action 'accept'", + # "set firewall name Downlink description 'IPv4 INBOUND rule set'", + # "set firewall name Downlink rule 501 action 'accept'", + # "set firewall name Downlink rule 501", + # "set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible'", + # "set firewall name Downlink rule 501 ipsec 'match-ipsec'", + # "set firewall name Downlink rule 502 action 'reject'", + # "set firewall name Downlink rule 502", + # "set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible'", + # "set firewall name Downlink rule 502 ipsec 'match-ipsec'" + # + # + # "after": [ + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "Downlink", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 501 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 501 + # }, + # { + # "action": "reject", + # "description": "Rule 502 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 502 + # } + # ] + # } + # ] + # } + # ] + # + # + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall name Downlink default-action 'accept' + # set firewall name Downlink description 'IPv4 INBOUND rule set' + # set firewall name Downlink rule 501 action 'accept' + # set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible' + # set firewall name Downlink rule 501 ipsec 'match-ipsec' + # set firewall name Downlink rule 502 action 'reject' + # set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible' + # set firewall name Downlink rule 502 ipsec 'match-ipsec' + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 102 action 'reject' + # set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible' + # set firewall name INBOUND rule 102 ipsec 'match-ipsec' + # set firewall name INBOUND rule 103 action 'accept' + # set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible' + # set firewall name INBOUND rule 103 destination group address-group 'inbound' + # set firewall name INBOUND rule 103 source address '192.0.2.0' + # set firewall name INBOUND rule 103 state established 'enable' + # set firewall name INBOUND rule 103 state invalid 'disable' + # set firewall name INBOUND rule 103 state new 'disable' + # set firewall name INBOUND rule 103 state related 'enable' + # + - name: Gather listed firewall rules with provided configurations + vyos.vyos.vyos_firewall_rules: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK", + # "rules": [ + # { + # "action": "accept", + # "description": "Fwipv6-Rule 1 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 1 + # }, + # { + # "action": "accept", + # "description": "Fwipv6-Rule 2 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 2 + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 102 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 102 + # }, + # { + # "action": "accept", + # "description": "Rule 103 is configured by Ansible", + # "destination": { + # "group": { + # "address_group": "inbound" + # } + # }, + # "number": 103, + # "source": { + # "address": "192.0.2.0" + # }, + # "state": { + # "established": true, + # "invalid": false, + # "new": false, + # "related": true + # } + # } + # ] + # } + # ] + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep firewall + # set firewall group address-group 'inbound' + # set firewall ipv6-name UPLINK default-action 'accept' + # set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set' + # set firewall ipv6-name UPLINK rule 1 action 'accept' + # set firewall ipv6-name UPLINK rule 1 description 'Fwipv6-Rule 1 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 1 ipsec 'match-ipsec' + # set firewall ipv6-name UPLINK rule 2 action 'accept' + # set firewall ipv6-name UPLINK rule 2 description 'Fwipv6-Rule 2 is configured by Ansible' + # set firewall ipv6-name UPLINK rule 2 ipsec 'match-ipsec' + # set firewall name INBOUND default-action 'accept' + # set firewall name INBOUND description 'IPv4 INBOUND rule set' + # set firewall name INBOUND rule 101 action 'accept' + # set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible' + # set firewall name INBOUND rule 101 ipsec 'match-ipsec' + # set firewall name INBOUND rule 102 action 'reject' + # set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible' + # set firewall name INBOUND rule 102 ipsec 'match-ipsec' + # set firewall name INBOUND rule 103 action 'accept' + # set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible' + # set firewall name INBOUND rule 103 destination group address-group 'inbound' + # set firewall name INBOUND rule 103 source address '192.0.2.0' + # set firewall name INBOUND rule 103 state established 'enable' + # set firewall name INBOUND rule 103 state invalid 'disable' + # set firewall name INBOUND rule 103 state new 'disable' + # set firewall name INBOUND rule 103 state related 'enable' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_firewall_rules: + config: + - afi: ipv6 + rule_sets: + - name: UPLINK + description: This is ipv6 specific rule-set + default_action: accept + - afi: ipv4 + rule_sets: + - name: INBOUND + description: IPv4 INBOUND rule set + default_action: accept + rules: + - number: 101 + action: accept + description: Rule 101 is configured by Ansible + ipsec: match-ipsec + - number: 102 + action: reject + description: Rule 102 is configured by Ansible + ipsec: match-ipsec + - number: 103 + action: accept + description: Rule 103 is configured by Ansible + destination: + group: + address_group: inbound + source: + address: 192.0.2.0 + state: + established: true + new: false + invalid: false + related: true + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set firewall ipv6-name UPLINK default-action 'accept'", + # "set firewall ipv6-name UPLINK description 'This is ipv6 specific rule-set'", + # "set firewall name INBOUND default-action 'accept'", + # "set firewall name INBOUND description 'IPv4 INBOUND rule set'", + # "set firewall name INBOUND rule 101 action 'accept'", + # "set firewall name INBOUND rule 101", + # "set firewall name INBOUND rule 101 description 'Rule 101 is configured by Ansible'", + # "set firewall name INBOUND rule 101 ipsec 'match-ipsec'", + # "set firewall name INBOUND rule 102 action 'reject'", + # "set firewall name INBOUND rule 102", + # "set firewall name INBOUND rule 102 description 'Rule 102 is configured by Ansible'", + # "set firewall name INBOUND rule 102 ipsec 'match-ipsec'", + # "set firewall name INBOUND rule 103 description 'Rule 103 is configured by Ansible'", + # "set firewall name INBOUND rule 103 destination group address-group inbound", + # "set firewall name INBOUND rule 103", + # "set firewall name INBOUND rule 103 source address 192.0.2.0", + # "set firewall name INBOUND rule 103 state established enable", + # "set firewall name INBOUND rule 103 state related enable", + # "set firewall name INBOUND rule 103 state invalid disable", + # "set firewall name INBOUND rule 103 state new disable", + # "set firewall name INBOUND rule 103 action 'accept'" + # ] + + + # Using parsed + # + # + - name: Parsed the provided input commands. + vyos.vyos.vyos_firewall_rules: + running_config: + "set firewall group address-group 'inbound' + set firewall name Downlink default-action 'accept' + set firewall name Downlink description 'IPv4 INBOUND rule set' + set firewall name Downlink rule 501 action 'accept' + set firewall name Downlink rule 501 description 'Rule 501 is configured by Ansible' + set firewall name Downlink rule 501 ipsec 'match-ipsec' + set firewall name Downlink rule 502 action 'reject' + set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible' + set firewall name Downlink rule 502 ipsec 'match-ipsec'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "Downlink", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 501 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 501 + # }, + # { + # "action": "reject", + # "description": "Rule 502 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 502 + # } + # ] + # } + # ] + # } + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set firewall name Downlink default-action 'accept'", "set firewall name Downlink description 'IPv4 INBOUND rule set'", "set firewall name Downlink rule 501 action 'accept'", "set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible'", "set firewall name Downlink rule 502 ipsec 'match-ipsec'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_interface_module.rst b/docs/vyos.vyos.vyos_interface_module.rst new file mode 100644 index 0000000..a6f65ba --- /dev/null +++ b/docs/vyos.vyos.vyos_interface_module.rst @@ -0,0 +1,494 @@ +:orphan: + +.. _vyos.vyos.vyos_interface_module: + + +************************ +vyos.vyos.vyos_interface +************************ + +**(deprecated, removed after 2022-06-01) Manage Interface on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_interfaces + + + +Synopsis +-------- +- This module provides declarative management of Interfaces on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>List of Interfaces definitions.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>delay</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Time in seconds to wait before checking for the operational state on remote device. This wait is applicable for operational state argument which are <em>state</em> with values <code>up</code>/<code>down</code> and <em>neighbors</em>.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Description of Interface.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>duplex</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>full</li> + <li>half</li> + <li><div style="color: blue"><b>auto</b> ←</div></li> + </ul> + </td> + <td> + <div>Interface link status.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Interface link status.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mtu</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Maximum size of transmit packet.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the Interface.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>neighbors</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Check the operational state of given interface <code>name</code> for LLDP neighbor.</div> + <div>The following suboptions are available.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>LLDP neighbor host for given interface <code>name</code>.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>LLDP neighbor port to which given interface <code>name</code> is connected.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>speed</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Interface link speed.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + <li>up</li> + <li>down</li> + </ul> + </td> + <td> + <div>State of the Interface configuration, <code>up</code> means present and operationally up and <code>down</code> means present and operationally <code>down</code></div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VYOS 1.1.7 + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure interface + vyos.vyos.vyos_interface: + name: eth0 + description: test-interface + + - name: remove interface + vyos.vyos.vyos_interface: + name: eth0 + state: absent + + - name: make interface down + vyos.vyos.vyos_interface: + name: eth0 + enabled: false + + - name: make interface up + vyos.vyos.vyos_interface: + name: eth0 + enabled: true + + - name: Configure interface speed, mtu, duplex + vyos.vyos.vyos_interface: + name: eth5 + state: present + speed: 100 + mtu: 256 + duplex: full + + - name: Set interface using aggregate + vyos.vyos.vyos_interface: + aggregate: + - {name: eth1, description: test-interface-1, speed: 100, duplex: half, mtu: 512} + - {name: eth2, description: test-interface-2, speed: 1000, duplex: full, mtu: 256} + + - name: Disable interface on aggregate + net_interface: + aggregate: + - name: eth1 + - name: eth2 + enabled: false + + - name: Delete interface using aggregate + net_interface: + aggregate: + - name: eth1 + - name: eth2 + state: absent + + - name: Check lldp neighbors intent arguments + vyos.vyos.vyos_interface: + name: eth0 + neighbors: + - port: eth0 + host: netdev + + - name: Config + intent + vyos.vyos.vyos_interface: + name: eth1 + enabled: false + state: down + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always, except for the platforms that use Netconf transport to manage the device.</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces ethernet eth0 description "test-interface"', 'set interfaces ethernet eth0 speed 100', 'set interfaces ethernet eth0 mtu 256', 'set interfaces ethernet eth0 duplex full']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Ganesh Nalawade (@ganeshrn) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_interfaces_module.rst b/docs/vyos.vyos.vyos_interfaces_module.rst new file mode 100644 index 0000000..1249d30 --- /dev/null +++ b/docs/vyos.vyos.vyos_interfaces_module.rst @@ -0,0 +1,1335 @@ +:orphan: + +.. _vyos.vyos.vyos_interfaces_module: + + +************************* +vyos.vyos.vyos_interfaces +************************* + +**Interfaces resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages the interface attributes on VyOS network devices. +- This module supports managing base attributes of Ethernet, Bonding, VXLAN, Loopback and Virtual Tunnel Interfaces. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="3">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>The provided interfaces configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Interface description.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>duplex</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>full</li> + <li>half</li> + <li>auto</li> + </ul> + </td> + <td> + <div>Interface duplex mode.</div> + <div>Applicable for Ethernet interfaces only.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li><div style="color: blue"><b>yes</b> ←</div></li> + </ul> + </td> + <td> + <div>Administrative state of the interface.</div> + <div>Set the value to <code>true</code> to administratively enable the interface or <code>false</code> to disable it.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mtu</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>MTU for a specific interface. Refer to vendor documentation for valid values.</div> + <div>Applicable for Ethernet, Bonding, VXLAN and Virtual Tunnel interfaces.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Full name of the interface, e.g. eth0, eth1, bond0, vti1, vxlan2.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>speed</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>auto</li> + <li>10</li> + <li>100</li> + <li>1000</li> + <li>2500</li> + <li>10000</li> + </ul> + </td> + <td> + <div>Interface link speed.</div> + <div>Applicable for Ethernet interfaces only.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>vifs</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>Virtual sub-interfaces related configuration.</div> + <div>802.1Q VLAN interfaces are represented as virtual sub-interfaces in VyOS.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>description</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Virtual sub-interface description.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li><div style="color: blue"><b>yes</b> ←</div></li> + </ul> + </td> + <td> + <div>Administrative state of the virtual sub-interface.</div> + <div>Set the value to <code>true</code> to administratively enable the interface or <code>false</code> to disable it.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mtu</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>MTU for the virtual sub-interface.</div> + <div>Refer to vendor documentation for valid values.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>vlan_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Identifier for the virtual sub-interface.</div> + </td> + </tr> + + + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep interfaces</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>rendered</li> + <li>gathered</li> + <li>parsed</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # ------------- + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces loopback lo + + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_interfaces: + config: + - name: eth2 + description: Configured by Ansible + enabled: true + vifs: + - vlan_id: 200 + description: VIF 200 - ETH2 + + - name: eth3 + description: Configured by Ansible + mtu: 1500 + + - name: bond1 + description: Bond - 1 + mtu: 1200 + + - name: vti2 + description: VTI - 2 + enabled: false + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "enabled": true, + # "name": "eth3" + # }, + # { + # "enabled": true, + # "name": "eth2" + # }, + # { + # "enabled": true, + # "name": "eth1" + # }, + # { + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # "commands": [ + # "set interfaces ethernet eth2 description 'Configured by Ansible'", + # "set interfaces ethernet eth2 vif 200", + # "set interfaces ethernet eth2 vif 200 description 'VIF 200 - ETH2'", + # "set interfaces ethernet eth3 description 'Configured by Ansible'", + # "set interfaces ethernet eth3 mtu '1500'", + # "set interfaces bonding bond1", + # "set interfaces bonding bond1 description 'Bond - 1'", + # "set interfaces bonding bond1 mtu '1200'", + # "set interfaces vti vti2", + # "set interfaces vti vti2 description 'VTI - 2'", + # "set interfaces vti vti2 disable" + # ] + # + # "after": [ + # { + # "description": "Bond - 1", + # "enabled": true, + # "mtu": 1200, + # "name": "bond1" + # }, + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "description": "VTI - 2", + # "enabled": false, + # "name": "vti2" + # }, + # { + # "description": "Configured by Ansible", + # "enabled": true, + # "mtu": 1500, + # "name": "eth3" + # }, + # { + # "description": "Configured by Ansible", + # "enabled": true, + # "name": "eth2", + # "vifs": [ + # { + # "description": "VIF 200 - ETH2", + # "enabled": true, + # "vlan_id": "200" + # } + # ] + # }, + # { + # "enabled": true, + # "name": "eth1" + # }, + # { + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # + # ------------- + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces bonding bond1 description 'Bond - 1' + # set interfaces bonding bond1 mtu '1200' + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth2 description 'Configured by Ansible' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth2 vif 200 description 'VIF 200 - ETH2' + # set interfaces ethernet eth3 description 'Configured by Ansible' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 mtu '1500' + # set interfaces loopback lo + # set interfaces vti vti2 description 'VTI - 2' + # set interfaces vti vti2 disable + # + + + # Using replaced + # + # ------------- + # Before state: + # ------------- + # + # vyos:~$ show configuration commands | grep eth + # set interfaces bonding bond1 description 'Bond - 1' + # set interfaces bonding bond1 mtu '1400' + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 description 'Management Interface for the Appliance' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:f3:6c:b5' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Configured by Ansible Eng Team' + # set interfaces ethernet eth1 duplex 'full' + # set interfaces ethernet eth1 hw-id '08:00:27:ad:ef:65' + # set interfaces ethernet eth1 smp_affinity 'auto' + # set interfaces ethernet eth1 speed '100' + # set interfaces ethernet eth2 description 'Configured by Ansible' + # set interfaces ethernet eth2 duplex 'full' + # set interfaces ethernet eth2 hw-id '08:00:27:ab:4e:79' + # set interfaces ethernet eth2 mtu '500' + # set interfaces ethernet eth2 smp_affinity 'auto' + # set interfaces ethernet eth2 speed '100' + # set interfaces ethernet eth2 vif 200 description 'Configured by Ansible' + # set interfaces ethernet eth3 description 'Configured by Ansible' + # set interfaces ethernet eth3 duplex 'full' + # set interfaces ethernet eth3 hw-id '08:00:27:17:3c:85' + # set interfaces ethernet eth3 mtu '1500' + # set interfaces ethernet eth3 smp_affinity 'auto' + # set interfaces ethernet eth3 speed '100' + # set interfaces loopback lo + # + # + - name: Replace device configurations of listed interfaces with provided configurations + vyos.vyos.vyos_interfaces: + config: + - name: eth2 + description: Replaced by Ansible + + - name: eth3 + description: Replaced by Ansible + + - name: eth1 + description: Replaced by Ansible + state: replaced + # + # + # ----------------------- + # Module Execution Result + # ----------------------- + # + # "before": [ + # { + # "description": "Bond - 1", + # "enabled": true, + # "mtu": 1400, + # "name": "bond1" + # }, + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "description": "Configured by Ansible", + # "duplex": "full", + # "enabled": true, + # "mtu": 1500, + # "name": "eth3", + # "speed": "100" + # }, + # { + # "description": "Configured by Ansible", + # "duplex": "full", + # "enabled": true, + # "mtu": 500, + # "name": "eth2", + # "speed": "100", + # "vifs": [ + # { + # "description": "VIF 200 - ETH2", + # "enabled": true, + # "vlan_id": "200" + # } + # ] + # }, + # { + # "description": "Configured by Ansible Eng Team", + # "duplex": "full", + # "enabled": true, + # "name": "eth1", + # "speed": "100" + # }, + # { + # "description": "Management Interface for the Appliance", + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # "commands": [ + # "delete interfaces ethernet eth2 speed", + # "delete interfaces ethernet eth2 duplex", + # "delete interfaces ethernet eth2 mtu", + # "delete interfaces ethernet eth2 vif 200 description", + # "set interfaces ethernet eth2 description 'Replaced by Ansible'", + # "delete interfaces ethernet eth3 speed", + # "delete interfaces ethernet eth3 duplex", + # "delete interfaces ethernet eth3 mtu", + # "set interfaces ethernet eth3 description 'Replaced by Ansible'", + # "delete interfaces ethernet eth1 speed", + # "delete interfaces ethernet eth1 duplex", + # "set interfaces ethernet eth1 description 'Replaced by Ansible'" + # ] + # + # "after": [ + # { + # "description": "Bond - 1", + # "enabled": true, + # "mtu": 1400, + # "name": "bond1" + # }, + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "description": "Replaced by Ansible", + # "enabled": true, + # "name": "eth3" + # }, + # { + # "description": "Replaced by Ansible", + # "enabled": true, + # "name": "eth2", + # "vifs": [ + # { + # "enabled": true, + # "vlan_id": "200" + # } + # ] + # }, + # { + # "description": "Replaced by Ansible", + # "enabled": true, + # "name": "eth1" + # }, + # { + # "description": "Management Interface for the Appliance", + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # + # ------------- + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces bonding bond1 description 'Bond - 1' + # set interfaces bonding bond1 mtu '1400' + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 description 'Management Interface for the Appliance' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Replaced by Ansible' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth2 description 'Replaced by Ansible' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth2 vif 200 + # set interfaces ethernet eth3 description 'Replaced by Ansible' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces loopback lo + # + # + # Using overridden + # + # + # -------------- + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 description 'Ethernet Interface - 0' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 mtu '1200' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Configured by Ansible Eng Team' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 mtu '100' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth1 vif 100 description 'VIF 100 - ETH1' + # set interfaces ethernet eth1 vif 100 disable + # set interfaces ethernet eth2 description 'Configured by Ansible Team (Admin Down)' + # set interfaces ethernet eth2 disable + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 mtu '600' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth3 description 'Configured by Ansible Network' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces loopback lo + # set interfaces vti vti1 description 'Virtual Tunnel Interface - 1' + # set interfaces vti vti1 mtu '68' + # + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_interfaces: + config: + - name: eth0 + description: Outbound Interface For The Appliance + speed: auto + duplex: auto + + - name: eth2 + speed: auto + duplex: auto + + - name: eth3 + mtu: 1200 + state: overridden + # + # + # ------------------------ + # Module Execution Result + # ------------------------ + # + # "before": [ + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "description": "Virtual Tunnel Interface - 1", + # "enabled": true, + # "mtu": 68, + # "name": "vti1" + # }, + # { + # "description": "Configured by Ansible Network", + # "enabled": true, + # "name": "eth3" + # }, + # { + # "description": "Configured by Ansible Team (Admin Down)", + # "enabled": false, + # "mtu": 600, + # "name": "eth2" + # }, + # { + # "description": "Configured by Ansible Eng Team", + # "enabled": true, + # "mtu": 100, + # "name": "eth1", + # "vifs": [ + # { + # "description": "VIF 100 - ETH1", + # "enabled": false, + # "vlan_id": "100" + # } + # ] + # }, + # { + # "description": "Ethernet Interface - 0", + # "duplex": "auto", + # "enabled": true, + # "mtu": 1200, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # "commands": [ + # "delete interfaces vti vti1 description", + # "delete interfaces vti vti1 mtu", + # "delete interfaces ethernet eth1 description", + # "delete interfaces ethernet eth1 mtu", + # "delete interfaces ethernet eth1 vif 100 description", + # "delete interfaces ethernet eth1 vif 100 disable", + # "delete interfaces ethernet eth0 mtu", + # "set interfaces ethernet eth0 description 'Outbound Interface For The Appliance'", + # "delete interfaces ethernet eth2 description", + # "delete interfaces ethernet eth2 mtu", + # "set interfaces ethernet eth2 duplex 'auto'", + # "delete interfaces ethernet eth2 disable", + # "set interfaces ethernet eth2 speed 'auto'", + # "delete interfaces ethernet eth3 description", + # "set interfaces ethernet eth3 mtu '1200'" + # ], + # + # "after": [ + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "enabled": true, + # "name": "vti1" + # }, + # { + # "enabled": true, + # "mtu": 1200, + # "name": "eth3" + # }, + # { + # "duplex": "auto", + # "enabled": true, + # "name": "eth2", + # "speed": "auto" + # }, + # { + # "enabled": true, + # "name": "eth1", + # "vifs": [ + # { + # "enabled": true, + # "vlan_id": "100" + # } + # ] + # }, + # { + # "description": "Outbound Interface For The Appliance", + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # + # ------------ + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 description 'Outbound Interface For The Appliance' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth1 vif 100 + # set interfaces ethernet eth2 duplex 'auto' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth2 speed 'auto' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 mtu '1200' + # set interfaces loopback lo + # set interfaces vti vti1 + # + # + # Using deleted + # + # + # ------------- + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces bonding bond0 mtu '1300' + # set interfaces bonding bond1 description 'LAG - 1' + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 description 'Outbound Interface for this appliance' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Configured by Ansible Network' + # set interfaces ethernet eth1 duplex 'full' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth1 speed '100' + # set interfaces ethernet eth2 description 'Configured by Ansible' + # set interfaces ethernet eth2 disable + # set interfaces ethernet eth2 duplex 'full' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 mtu '600' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth2 speed '100' + # set interfaces ethernet eth3 description 'Configured by Ansible Network' + # set interfaces ethernet eth3 duplex 'full' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 speed '100' + # set interfaces loopback lo + # + # + - name: Delete attributes of given interfaces (Note - This won't delete the interfaces + themselves) + vyos.vyos.vyos_interfaces: + config: + - name: bond1 + + - name: eth1 + + - name: eth2 + + - name: eth3 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "enabled": true, + # "mtu": 1300, + # "name": "bond0" + # }, + # { + # "description": "LAG - 1", + # "enabled": true, + # "name": "bond1" + # }, + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "description": "Configured by Ansible Network", + # "duplex": "full", + # "enabled": true, + # "name": "eth3", + # "speed": "100" + # }, + # { + # "description": "Configured by Ansible", + # "duplex": "full", + # "enabled": false, + # "mtu": 600, + # "name": "eth2", + # "speed": "100" + # }, + # { + # "description": "Configured by Ansible Network", + # "duplex": "full", + # "enabled": true, + # "name": "eth1", + # "speed": "100" + # }, + # { + # "description": "Outbound Interface for this appliance", + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # "commands": [ + # "delete interfaces bonding bond1 description", + # "delete interfaces ethernet eth1 speed", + # "delete interfaces ethernet eth1 duplex", + # "delete interfaces ethernet eth1 description", + # "delete interfaces ethernet eth2 speed", + # "delete interfaces ethernet eth2 disable", + # "delete interfaces ethernet eth2 duplex", + # "delete interfaces ethernet eth2 disable", + # "delete interfaces ethernet eth2 description", + # "delete interfaces ethernet eth2 disable", + # "delete interfaces ethernet eth2 mtu", + # "delete interfaces ethernet eth2 disable", + # "delete interfaces ethernet eth3 speed", + # "delete interfaces ethernet eth3 duplex", + # "delete interfaces ethernet eth3 description" + # ] + # + # "after": [ + # { + # "enabled": true, + # "mtu": 1300, + # "name": "bond0" + # }, + # { + # "enabled": true, + # "name": "bond1" + # }, + # { + # "enabled": true, + # "name": "lo" + # }, + # { + # "enabled": true, + # "name": "eth3" + # }, + # { + # "enabled": true, + # "name": "eth2" + # }, + # { + # "enabled": true, + # "name": "eth1" + # }, + # { + # "description": "Outbound Interface for this appliance", + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # + # ------------ + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands | grep interfaces + # set interfaces bonding bond0 mtu '1300' + # set interfaces bonding bond1 + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 description 'Outbound Interface for this appliance' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:ea:0f:b9' + # set interfaces ethernet eth1 smp-affinity 'auto' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth2 smp-affinity 'auto' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces loopback lo + # + # + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep interfaces + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:50:5e:19' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Configured by Ansible' + # set interfaces ethernet eth1 duplex 'auto' + # set interfaces ethernet eth1 mtu '1500' + # set interfaces ethernet eth1 speed 'auto' + # set interfaces ethernet eth1 vif 200 description 'VIF - 200' + # set interfaces ethernet eth2 description 'Configured by Ansible' + # set interfaces ethernet eth2 duplex 'auto' + # set interfaces ethernet eth2 mtu '1500' + # set interfaces ethernet eth2 speed 'auto' + # set interfaces ethernet eth2 vif 200 description 'VIF - 200' + # + - name: Gather listed interfaces with provided configurations + vyos.vyos.vyos_interfaces: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "description": "Configured by Ansible", + # "duplex": "auto", + # "enabled": true, + # "mtu": 1500, + # "name": "eth2", + # "speed": "auto", + # "vifs": [ + # { + # "description": "VIF - 200", + # "enabled": true, + # "vlan_id": 200 + # } + # ] + # }, + # { + # "description": "Configured by Ansible", + # "duplex": "auto", + # "enabled": true, + # "mtu": 1500, + # "name": "eth1", + # "speed": "auto", + # "vifs": [ + # { + # "description": "VIF - 200", + # "enabled": true, + # "vlan_id": 200 + # } + # ] + # }, + # { + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep interfaces + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:50:5e:19' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 description 'Configured by Ansible' + # set interfaces ethernet eth1 duplex 'auto' + # set interfaces ethernet eth1 mtu '1500' + # set interfaces ethernet eth1 speed 'auto' + # set interfaces ethernet eth1 vif 200 description 'VIF - 200' + # set interfaces ethernet eth2 description 'Configured by Ansible' + # set interfaces ethernet eth2 duplex 'auto' + # set interfaces ethernet eth2 mtu '1500' + # set interfaces ethernet eth2 speed 'auto' + # set interfaces ethernet eth2 vif 200 description 'VIF - 200' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_interfaces: + config: + - name: eth0 + enabled: true + duplex: auto + speed: auto + - name: eth1 + description: Configured by Ansible - Interface 1 + mtu: 1500 + speed: auto + duplex: auto + enabled: true + vifs: + - vlan_id: 100 + description: Eth1 - VIF 100 + mtu: 400 + enabled: true + - vlan_id: 101 + description: Eth1 - VIF 101 + enabled: true + - name: eth2 + description: Configured by Ansible - Interface 2 (ADMIN DOWN) + mtu: 600 + enabled: false + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set interfaces ethernet eth0 duplex 'auto'", + # "set interfaces ethernet eth0 speed 'auto'", + # "delete interfaces ethernet eth0 disable", + # "set interfaces ethernet eth1 duplex 'auto'", + # "delete interfaces ethernet eth1 disable", + # "set interfaces ethernet eth1 speed 'auto'", + # "set interfaces ethernet eth1 description 'Configured by Ansible - Interface 1'", + # "set interfaces ethernet eth1 mtu '1500'", + # "set interfaces ethernet eth1 vif 100 description 'Eth1 - VIF 100'", + # "set interfaces ethernet eth1 vif 100 mtu '400'", + # "set interfaces ethernet eth1 vif 101 description 'Eth1 - VIF 101'", + # "set interfaces ethernet eth2 disable", + # "set interfaces ethernet eth2 description 'Configured by Ansible - Interface 2 (ADMIN DOWN)'", + # "set interfaces ethernet eth2 mtu '600'" + # ] + + + # Using parsed + # + # + - name: Parse the configuration. + vyos.vyos.vyos_interfaces: + running_config: + "set interfaces ethernet eth0 address 'dhcp' + set interfaces ethernet eth0 duplex 'auto' + set interfaces ethernet eth0 hw-id '08:00:27:50:5e:19' + set interfaces ethernet eth0 smp_affinity 'auto' + set interfaces ethernet eth0 speed 'auto' + set interfaces ethernet eth1 description 'Configured by Ansible' + set interfaces ethernet eth1 duplex 'auto' + set interfaces ethernet eth1 mtu '1500' + set interfaces ethernet eth1 speed 'auto' + set interfaces ethernet eth1 vif 200 description 'VIF - 200' + set interfaces ethernet eth2 description 'Configured by Ansible' + set interfaces ethernet eth2 duplex 'auto' + set interfaces ethernet eth2 mtu '1500' + set interfaces ethernet eth2 speed 'auto' + set interfaces ethernet eth2 vif 200 description 'VIF - 200'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "description": "Configured by Ansible", + # "duplex": "auto", + # "enabled": true, + # "mtu": 1500, + # "name": "eth2", + # "speed": "auto", + # "vifs": [ + # { + # "description": "VIF - 200", + # "enabled": true, + # "vlan_id": 200 + # } + # ] + # }, + # { + # "description": "Configured by Ansible", + # "duplex": "auto", + # "enabled": true, + # "mtu": 1500, + # "name": "eth1", + # "speed": "auto", + # "vifs": [ + # { + # "description": "VIF - 200", + # "enabled": true, + # "vlan_id": 200 + # } + # ] + # }, + # { + # "duplex": "auto", + # "enabled": true, + # "name": "eth0", + # "speed": "auto" + # } + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The configuration as structured data after module completion.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration as structured data prior to module invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces ethernet eth1 mtu 1200', 'set interfaces ethernet eth2 vif 100 description VIF 100']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nilashish Chakraborty (@nilashishc) +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_l3_interface_module.rst b/docs/vyos.vyos.vyos_l3_interface_module.rst new file mode 100644 index 0000000..850790c --- /dev/null +++ b/docs/vyos.vyos.vyos_l3_interface_module.rst @@ -0,0 +1,335 @@ +:orphan: + +.. _vyos.vyos.vyos_l3_interface_module: + + +*************************** +vyos.vyos.vyos_l3_interface +*************************** + +**(deprecated, removed after 2022-06-01) Manage L3 interfaces on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_l3_interfaces + + + +Synopsis +-------- +- This module provides declarative management of L3 interfaces on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>List of L3 interfaces definitions</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv4</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv4 of the L3 interface.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv6</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv6 of the L3 interface.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the L3 interface.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>State of the L3 interface configuration.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VYOS 1.1.7 + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Set eth0 IPv4 address + vyos.vyos.vyos_l3_interface: + name: eth0 + ipv4: 192.168.0.1/24 + + - name: Remove eth0 IPv4 address + vyos.vyos.vyos_l3_interface: + name: eth0 + state: absent + + - name: Set IP addresses on aggregate + vyos.vyos.vyos_l3_interface: + aggregate: + - {name: eth1, ipv4: 192.168.2.10/24} + - {name: eth2, ipv4: 192.168.3.10/24, ipv6: fd5d:12c9:2201:1::1/64} + + - name: Remove IP addresses on aggregate + vyos.vyos.vyos_l3_interface: + aggregate: + - {name: eth1, ipv4: 192.168.2.10/24} + - {name: eth2, ipv4: 192.168.3.10/24, ipv6: fd5d:12c9:2201:1::1/64} + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always, except for the platforms that use Netconf transport to manage the device.</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set interfaces ethernet eth0 address '192.168.0.1/24'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Ricardo Carrillo Cruz (@rcarrillocruz) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_l3_interfaces_module.rst b/docs/vyos.vyos.vyos_l3_interfaces_module.rst new file mode 100644 index 0000000..f1c463d --- /dev/null +++ b/docs/vyos.vyos.vyos_l3_interfaces_module.rst @@ -0,0 +1,774 @@ +:orphan: + +.. _vyos.vyos.vyos_l3_interfaces_module: + + +**************************** +vyos.vyos.vyos_l3_interfaces +**************************** + +**L3 interfaces resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages the L3 interface attributes on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="4">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>The provided L3 interfaces configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv4</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>List of IPv4 addresses of the interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv4 address of the interface.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv6</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>List of IPv6 addresses of the interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv6 address of the interface.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Full name of the interface, e.g. eth0, eth1.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>vifs</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Virtual sub-interfaces L3 configurations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv4</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>List of IPv4 addresses of the virtual interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv4 address of the virtual interface.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ipv6</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>List of IPv6 addresses of the virtual interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>IPv6 address of the virtual interface.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>vlan_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Identifier for the virtual sub-interface.</div> + </td> + </tr> + + + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep -e eth[2,3]</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>parsed</li> + <li>gathered</li> + <li>rendered</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos:~$ show configuration commands | grep -e eth[2,3] + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 + # set interfaces ethernet eth3 vif 102 + + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_l3_interfaces: + config: + - name: eth2 + ipv4: + - address: 192.0.2.10/28 + - address: 198.51.100.40/27 + ipv6: + - address: 2001:db8:100::2/32 + - address: 2001:db8:400::10/32 + + - name: eth3 + ipv4: + - address: 203.0.113.65/26 + vifs: + - vlan_id: 101 + ipv4: + - address: 192.0.2.71/28 + - address: 198.51.100.131/25 + - vlan_id: 102 + ipv6: + - address: 2001:db8:1000::5/38 + - address: 2001:db8:1400::3/38 + state: merged + + # After state: + # ------------- + # + # vyos:~$ show configuration commands | grep -e eth[2,3] + # set interfaces ethernet eth2 address '192.0.2.10/28' + # set interfaces ethernet eth2 address '198.51.100.40/27' + # set interfaces ethernet eth2 address '2001:db8:100::2/32' + # set interfaces ethernet eth2 address '2001:db8:400::10/32' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 address '203.0.113.65/26' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 address '192.0.2.71/28' + # set interfaces ethernet eth3 vif 101 address '198.51.100.131/25' + # set interfaces ethernet eth3 vif 102 address '2001:db8:1000::5/38' + # set interfaces ethernet eth3 vif 102 address '2001:db8:1400::3/38' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::2/34' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:EA:0F:B9' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 address '192.0.2.11/24' + # set interfaces ethernet eth2 address '2001:db8::10/32' + # set interfaces ethernet eth2 address '2001:db8::11/32' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 address '198.51.100.10/24' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 address '198.51.100.130/25' + # set interfaces ethernet eth3 vif 101 address '198.51.100.131/25' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::3/34' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::2/34' + # + - name: Replace device configurations of listed interfaces with provided configurations + vyos.vyos.vyos_l3_interfaces: + config: + - name: eth2 + ipv4: + - address: 192.0.2.10/24 + + - name: eth3 + ipv6: + - address: 2001:db8::11/32 + state: replaced + + # After state: + # ------------- + # + # vyos:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:EA:0F:B9' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 address '2001:db8::11/32' + # set interfaces ethernet eth3 vif 101 + # set interfaces ethernet eth3 vif 102 + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos-appliance:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:EA:0F:B9' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 address '192.0.2.11/24' + # set interfaces ethernet eth2 address '2001:db8::10/32' + # set interfaces ethernet eth2 address '2001:db8::11/32' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 address '198.51.100.10/24' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 address '198.51.100.130/25' + # set interfaces ethernet eth3 vif 101 address '198.51.100.131/25' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::3/34' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::2/34' + + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_l3_interfaces: + config: + - name: eth0 + ipv4: + - address: dhcp + ipv6: + - address: dhcpv6 + state: overridden + + # After state + # ------------ + # + # vyos@vyos-appliance:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 address 'dhcpv6' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:EA:0F:B9' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 + # set interfaces ethernet eth3 vif 102 + + + # Using deleted + # + # Before state + # ------------- + # vyos@vyos-appliance:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:30:f0:22' + # set interfaces ethernet eth0 smp-affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:EA:0F:B9' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 address '192.0.2.11/24' + # set interfaces ethernet eth2 address '2001:db8::10/32' + # set interfaces ethernet eth2 address '2001:db8::11/32' + # set interfaces ethernet eth2 hw-id '08:00:27:c2:98:23' + # set interfaces ethernet eth3 address '198.51.100.10/24' + # set interfaces ethernet eth3 hw-id '08:00:27:43:70:8c' + # set interfaces ethernet eth3 vif 101 address '198.51.100.130/25' + # set interfaces ethernet eth3 vif 101 address '198.51.100.131/25' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::3/34' + # set interfaces ethernet eth3 vif 102 address '2001:db8:4000::2/34' + + - name: Delete L3 attributes of given interfaces (Note - This won't delete the interface + itself) + vyos.vyos.vyos_l3_interfaces: + config: + - name: eth1 + - name: eth2 + - name: eth3 + state: deleted + + # After state + # ------------ + # vyos@vyos-appliance:~$ show configuration commands | grep eth + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:f3:6c:b5' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 hw-id '08:00:27:ad:ef:65' + # set interfaces ethernet eth1 smp_affinity 'auto' + # set interfaces ethernet eth2 hw-id '08:00:27:ab:4e:79' + # set interfaces ethernet eth2 smp_affinity 'auto' + # set interfaces ethernet eth3 hw-id '08:00:27:17:3c:85' + # set interfaces ethernet eth3 smp_affinity 'auto' + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos:~$ show configuration commands | grep -e eth[2,3,0] + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:50:5e:19' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.11/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 address '2001:db8::10/32' + # set interfaces ethernet eth2 address '2001:db8::12/32' + # + - name: Gather listed l3 interfaces with provided configurations + vyos.vyos.vyos_l3_interfaces: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "ipv4": [ + # { + # "address": "192.0.2.11/24" + # }, + # { + # "address": "192.0.2.10/24" + # } + # ], + # "ipv6": [ + # { + # "address": "2001:db8::10/32" + # }, + # { + # "address": "2001:db8::12/32" + # } + # ], + # "name": "eth2" + # }, + # { + # "ipv4": [ + # { + # "address": "192.0.2.14/24" + # } + # ], + # "name": "eth1" + # }, + # { + # "ipv4": [ + # { + # "address": "dhcp" + # } + # ], + # "name": "eth0" + # } + # ] + # + # + # After state: + # ------------- + # + # vyos:~$ show configuration commands | grep -e eth[2,3] + # set interfaces ethernet eth0 address 'dhcp' + # set interfaces ethernet eth0 duplex 'auto' + # set interfaces ethernet eth0 hw-id '08:00:27:50:5e:19' + # set interfaces ethernet eth0 smp_affinity 'auto' + # set interfaces ethernet eth0 speed 'auto' + # set interfaces ethernet eth1 address '192.0.2.14/24' + # set interfaces ethernet eth2 address '192.0.2.11/24' + # set interfaces ethernet eth2 address '192.0.2.10/24' + # set interfaces ethernet eth2 address '2001:db8::10/32' + # set interfaces ethernet eth2 address '2001:db8::12/32' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_l3_interfaces: + config: + - name: eth1 + ipv4: + - address: 192.0.2.14/24 + - name: eth2 + ipv4: + - address: 192.0.2.10/24 + - address: 192.0.2.11/24 + ipv6: + - address: 2001:db8::10/32 + - address: 2001:db8::12/32 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set interfaces ethernet eth1 address '192.0.2.14/24'", + # "set interfaces ethernet eth2 address '192.0.2.11/24'", + # "set interfaces ethernet eth2 address '192.0.2.10/24'", + # "set interfaces ethernet eth2 address '2001:db8::10/32'", + # "set interfaces ethernet eth2 address '2001:db8::12/32'" + # ] + + + # Using parsed + # + # + - name: parse the provided running configuration + vyos.vyos.vyos_l3_interfaces: + running_config: + "set interfaces ethernet eth0 address 'dhcp' + set interfaces ethernet eth1 address '192.0.2.14/24' + set interfaces ethernet eth2 address '192.0.2.10/24' + set interfaces ethernet eth2 address '192.0.2.11/24' + set interfaces ethernet eth2 address '2001:db8::10/32' + set interfaces ethernet eth2 address '2001:db8::12/32'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "ipv4": [ + # { + # "address": "192.0.2.10/24" + # }, + # { + # "address": "192.0.2.11/24" + # } + # ], + # "ipv6": [ + # { + # "address": "2001:db8::10/32" + # }, + # { + # "address": "2001:db8::12/32" + # } + # ], + # "name": "eth2" + # }, + # { + # "ipv4": [ + # { + # "address": "192.0.2.14/24" + # } + # ], + # "name": "eth1" + # }, + # { + # "ipv4": [ + # { + # "address": "dhcp" + # } + # ], + # "name": "eth0" + # } + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The configuration as structured data after module completion.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration as structured data prior to module invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces ethernet eth1 192.0.2.14/2', 'set interfaces ethernet eth3 vif 101 address 198.51.100.130/25']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nilashish Chakraborty (@NilashishC) +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_lag_interfaces_module.rst b/docs/vyos.vyos.vyos_lag_interfaces_module.rst new file mode 100644 index 0000000..e0c209b --- /dev/null +++ b/docs/vyos.vyos.vyos_lag_interfaces_module.rst @@ -0,0 +1,953 @@ +:orphan: + +.. _vyos.vyos.vyos_lag_interfaces_module: + + +***************************** +vyos.vyos.vyos_lag_interfaces +***************************** + +**LAG interfaces resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages attributes of link aggregation groups on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="3">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>A list of link aggregation group configurations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>arp_monitor</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>ARP Link monitoring parameters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>ARP link monitoring frequency in milliseconds.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>target</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>IP address to use for ARP monitoring.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>hash_policy</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>layer2</li> + <li>layer2+3</li> + <li>layer3+4</li> + </ul> + </td> + <td> + <div>LAG or bonding transmit hash policy.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>members</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>List of member interfaces for the LAG (bond).</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>member</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the member interface.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mode</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>802.3ad</li> + <li>active-backup</li> + <li>broadcast</li> + <li>round-robin</li> + <li>transmit-load-balance</li> + <li>adaptive-load-balance</li> + <li>xor-hash</li> + </ul> + </td> + <td> + <div>LAG or bond mode.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the link aggregation group (LAG) or bond.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>primary</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Primary device interfaces for the LAG (bond).</div> + </td> + </tr> + + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep bond</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>parsed</li> + <li>gathered</li> + <li>rendered</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 + # set interfaces bonding bond3 + # + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_lag_interfaces: + config: + - name: bond2 + mode: active-backup + members: + - member: eth2 + - member: eth1 + hash_policy: layer2 + primary: eth2 + + - name: bond3 + mode: active-backup + hash_policy: layer2+3 + members: + - member: eth3 + primary: eth3 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "name": "bond2" + # }, + # { + # "name": "bond3" + # } + # ], + # + # "commands": [ + # "set interfaces bonding bond2 hash-policy 'layer2'", + # "set interfaces bonding bond2 mode 'active-backup'", + # "set interfaces ethernet eth2 bond-group bond2", + # "set interfaces ethernet eth1 bond-group bond2", + # "set interfaces bonding bond2 primary 'eth2'", + # "set interfaces bonding bond3 hash-policy 'layer2+3'", + # "set interfaces bonding bond3 mode 'active-backup'", + # "set interfaces ethernet eth3 bond-group bond3", + # "set interfaces bonding bond3 primary 'eth3'" + # ] + # + # "after": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond2", + # "primary": "eth2" + # }, + # { + # "hash_policy": "layer2+3", + # "members": [ + # { + # "member": "eth3" + # } + # ], + # "mode": "active-backup", + # "name": "bond3", + # "primary": "eth3" + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 hash-policy 'layer2' + # set interfaces bonding bond2 mode 'active-backup' + # set interfaces bonding bond2 primary 'eth2' + # set interfaces bonding bond3 hash-policy 'layer2+3' + # set interfaces bonding bond3 mode 'active-backup' + # set interfaces bonding bond3 primary 'eth3' + # set interfaces ethernet eth1 bond-group 'bond2' + # set interfaces ethernet eth2 bond-group 'bond2' + # set interfaces ethernet eth3 bond-group 'bond3' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 hash-policy 'layer2' + # set interfaces bonding bond2 mode 'active-backup' + # set interfaces bonding bond2 primary 'eth2' + # set interfaces bonding bond3 hash-policy 'layer2+3' + # set interfaces bonding bond3 mode 'active-backup' + # set interfaces bonding bond3 primary 'eth3' + # set interfaces ethernet eth1 bond-group 'bond2' + # set interfaces ethernet eth2 bond-group 'bond2' + # set interfaces ethernet eth3 bond-group 'bond3' + # + - name: Replace device configurations of listed LAGs with provided configurations + vyos.vyos.vyos_lag_interfaces: + config: + - name: bond3 + mode: 802.3ad + hash_policy: layer2 + members: + - member: eth3 + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond2", + # "primary": "eth2" + # }, + # { + # "hash_policy": "layer2+3", + # "members": [ + # { + # "member": "eth3" + # } + # ], + # "mode": "active-backup", + # "name": "bond3", + # "primary": "eth3" + # } + # ], + # + # "commands": [ + # "delete interfaces bonding bond3 primary", + # "set interfaces bonding bond3 hash-policy 'layer2'", + # "set interfaces bonding bond3 mode '802.3ad'" + # ], + # + # "after": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond2", + # "primary": "eth2" + # }, + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth3" + # } + # ], + # "mode": "802.3ad", + # "name": "bond3" + # } + # ], + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 hash-policy 'layer2' + # set interfaces bonding bond2 mode 'active-backup' + # set interfaces bonding bond2 primary 'eth2' + # set interfaces bonding bond3 hash-policy 'layer2' + # set interfaces bonding bond3 mode '802.3ad' + # set interfaces ethernet eth1 bond-group 'bond2' + # set interfaces ethernet eth2 bond-group 'bond2' + # set interfaces ethernet eth3 bond-group 'bond3' + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 hash-policy 'layer2' + # set interfaces bonding bond2 mode 'active-backup' + # set interfaces bonding bond2 primary 'eth2' + # set interfaces bonding bond3 hash-policy 'layer2' + # set interfaces bonding bond3 mode '802.3ad' + # set interfaces ethernet eth1 bond-group 'bond2' + # set interfaces ethernet eth2 bond-group 'bond2' + # set interfaces ethernet eth3 bond-group 'bond3' + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_lag_interfaces: + config: + - name: bond3 + mode: active-backup + members: + - member: eth1 + - member: eth2 + - member: eth3 + primary: eth3 + hash_policy: layer2 + state: overridden + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond2", + # "primary": "eth2" + # }, + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth3" + # } + # ], + # "mode": "802.3ad", + # "name": "bond3" + # } + # ], + # + # "commands": [ + # "delete interfaces bonding bond2 hash-policy", + # "delete interfaces ethernet eth1 bond-group bond2", + # "delete interfaces ethernet eth2 bond-group bond2", + # "delete interfaces bonding bond2 mode", + # "delete interfaces bonding bond2 primary", + # "set interfaces bonding bond3 mode 'active-backup'", + # "set interfaces ethernet eth1 bond-group bond3", + # "set interfaces ethernet eth2 bond-group bond3", + # "set interfaces bonding bond3 primary 'eth3'" + # ], + # + # "after": [ + # { + # "name": "bond2" + # }, + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # }, + # { + # "member": "eth3" + # } + # ], + # "mode": "active-backup", + # "name": "bond3", + # "primary": "eth3" + # } + # ], + # + # + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 + # set interfaces bonding bond3 hash-policy 'layer2' + # set interfaces bonding bond3 mode 'active-backup' + # set interfaces bonding bond3 primary 'eth3' + # set interfaces ethernet eth1 bond-group 'bond3' + # set interfaces ethernet eth2 bond-group 'bond3' + # set interfaces ethernet eth3 bond-group 'bond3' + + + # Using deleted + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 hash-policy 'layer2' + # set interfaces bonding bond2 mode 'active-backup' + # set interfaces bonding bond2 primary 'eth2' + # set interfaces bonding bond3 hash-policy 'layer2+3' + # set interfaces bonding bond3 mode 'active-backup' + # set interfaces bonding bond3 primary 'eth3' + # set interfaces ethernet eth1 bond-group 'bond2' + # set interfaces ethernet eth2 bond-group 'bond2' + # set interfaces ethernet eth3 bond-group 'bond3' + # + - name: Delete LAG attributes of given interfaces (Note This won't delete the interface + itself) + vyos.vyos.vyos_lag_interfaces: + config: + - name: bond2 + - name: bond3 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # }, + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond2", + # "primary": "eth2" + # }, + # { + # "hash_policy": "layer2+3", + # "members": [ + # { + # "member": "eth3" + # } + # ], + # "mode": "active-backup", + # "name": "bond3", + # "primary": "eth3" + # } + # ], + # "commands": [ + # "delete interfaces bonding bond2 hash-policy", + # "delete interfaces ethernet eth1 bond-group bond2", + # "delete interfaces ethernet eth2 bond-group bond2", + # "delete interfaces bonding bond2 mode", + # "delete interfaces bonding bond2 primary", + # "delete interfaces bonding bond3 hash-policy", + # "delete interfaces ethernet eth3 bond-group bond3", + # "delete interfaces bonding bond3 mode", + # "delete interfaces bonding bond3 primary" + # ], + # + # "after": [ + # { + # "name": "bond2" + # }, + # { + # "name": "bond3" + # } + # ], + # + # After state + # ------------ + # vyos@vyos:~$ show configuration commands | grep bond + # set interfaces bonding bond2 + # set interfaces bonding bond3 + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep bond + # set interfaces bonding bond0 hash-policy 'layer2' + # set interfaces bonding bond0 mode 'active-backup' + # set interfaces bonding bond0 primary 'eth1' + # set interfaces bonding bond1 hash-policy 'layer2+3' + # set interfaces bonding bond1 mode 'active-backup' + # set interfaces bonding bond1 primary 'eth2' + # set interfaces ethernet eth1 bond-group 'bond0' + # set interfaces ethernet eth2 bond-group 'bond1' + # + - name: Gather listed lag interfaces with provided configurations + vyos.vyos.vyos_lag_interfaces: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "afi": "ipv6", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "This is ipv6 specific rule-set", + # "name": "UPLINK", + # "rules": [ + # { + # "action": "accept", + # "description": "Fwipv6-Rule 1 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 1 + # }, + # { + # "action": "accept", + # "description": "Fwipv6-Rule 2 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 2 + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv4", + # "rule_sets": [ + # { + # "default_action": "accept", + # "description": "IPv4 INBOUND rule set", + # "name": "INBOUND", + # "rules": [ + # { + # "action": "accept", + # "description": "Rule 101 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 101 + # }, + # { + # "action": "reject", + # "description": "Rule 102 is configured by Ansible", + # "ipsec": "match-ipsec", + # "number": 102 + # }, + # { + # "action": "accept", + # "description": "Rule 103 is configured by Ansible", + # "destination": { + # "group": { + # "address_group": "inbound" + # } + # }, + # "number": 103, + # "source": { + # "address": "192.0.2.0" + # }, + # "state": { + # "established": true, + # "invalid": false, + # "new": false, + # "related": true + # } + # } + # ] + # } + # ] + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep bond + # set interfaces bonding bond0 hash-policy 'layer2' + # set interfaces bonding bond0 mode 'active-backup' + # set interfaces bonding bond0 primary 'eth1' + # set interfaces bonding bond1 hash-policy 'layer2+3' + # set interfaces bonding bond1 mode 'active-backup' + # set interfaces bonding bond1 primary 'eth2' + # set interfaces ethernet eth1 bond-group 'bond0' + # set interfaces ethernet eth2 bond-group 'bond1' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_lag_interfaces: + config: + - name: bond0 + hash_policy: layer2 + members: + - member: eth1 + mode: active-backup + primary: eth1 + - name: bond1 + hash_policy: layer2+3 + members: + - member: eth2 + mode: active-backup + primary: eth2 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set interfaces bonding bond0 hash-policy 'layer2'", + # "set interfaces ethernet eth1 bond-group 'bond0'", + # "set interfaces bonding bond0 mode 'active-backup'", + # "set interfaces bonding bond0 primary 'eth1'", + # "set interfaces bonding bond1 hash-policy 'layer2+3'", + # "set interfaces ethernet eth2 bond-group 'bond1'", + # "set interfaces bonding bond1 mode 'active-backup'", + # "set interfaces bonding bond1 primary 'eth2'" + # ] + + + # Using parsed + # + # + - name: Parsed the commands for provided configuration + vyos.vyos.vyos_l3_interfaces: + running_config: + "set interfaces bonding bond0 hash-policy 'layer2' + set interfaces bonding bond0 mode 'active-backup' + set interfaces bonding bond0 primary 'eth1' + set interfaces bonding bond1 hash-policy 'layer2+3' + set interfaces bonding bond1 mode 'active-backup' + set interfaces bonding bond1 primary 'eth2' + set interfaces ethernet eth1 bond-group 'bond0' + set interfaces ethernet eth2 bond-group 'bond1'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "hash_policy": "layer2", + # "members": [ + # { + # "member": "eth1" + # } + # ], + # "mode": "active-backup", + # "name": "bond0", + # "primary": "eth1" + # }, + # { + # "hash_policy": "layer2+3", + # "members": [ + # { + # "member": "eth2" + # } + # ], + # "mode": "active-backup", + # "name": "bond1", + # "primary": "eth2" + # } + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The configuration as structured data after module completion.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration as structured data prior to module invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces bonding bond2', 'set interfaces bonding bond2 hash-policy layer2']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_linkagg_module.rst b/docs/vyos.vyos.vyos_linkagg_module.rst new file mode 100644 index 0000000..6bde711 --- /dev/null +++ b/docs/vyos.vyos.vyos_linkagg_module.rst @@ -0,0 +1,349 @@ +:orphan: + +.. _vyos.vyos.vyos_linkagg_module: + + +********************** +vyos.vyos.vyos_linkagg +********************** + +**(deprecated, removed after 2022-06-01) Manage link aggregation groups on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_lag_interfaces + + + +Synopsis +-------- +- This module provides declarative management of link aggregation groups on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>List of link aggregation definitions.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>members</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>List of members of the link aggregation group.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mode</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>802.3ad</li> + <li>active-backup</li> + <li>broadcast</li> + <li>round-robin</li> + <li>transmit-load-balance</li> + <li>adaptive-load-balance</li> + <li>xor-hash</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Mode of the link aggregation group.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the link aggregation group.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + <li>up</li> + <li>down</li> + </ul> + </td> + <td> + <div>State of the link aggregation group.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VYOS 1.1.7 + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure link aggregation group + vyos.vyos.vyos_linkagg: + name: bond0 + members: + - eth0 + - eth1 + + - name: remove configuration + vyos.vyos.vyos_linkagg: + name: bond0 + state: absent + + - name: Create aggregate of linkagg definitions + vyos.vyos.vyos_linkagg: + aggregate: + - {name: bond0, members: [eth1]} + - {name: bond1, members: [eth2]} + + - name: Remove aggregate of linkagg definitions + vyos.vyos.vyos_linkagg: + aggregate: + - name: bond0 + - name: bond1 + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always, except for the platforms that use Netconf transport to manage the device.</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces bonding bond0', "set interfaces ethernet eth0 bond-group 'bond0'", "set interfaces ethernet eth1 bond-group 'bond0'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Ricardo Carrillo Cruz (@rcarrillocruz) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_lldp_global_module.rst b/docs/vyos.vyos.vyos_lldp_global_module.rst new file mode 100644 index 0000000..a427fec --- /dev/null +++ b/docs/vyos.vyos.vyos_lldp_global_module.rst @@ -0,0 +1,618 @@ +:orphan: + +.. _vyos.vyos.vyos_lldp_global_module: + + +************************** +vyos.vyos.vyos_lldp_global +************************** + +**LLDP global resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages link layer discovery protocol (LLDP) attributes on VyOS devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>The provided link layer discovery protocol (LLDP) configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This argument defines management-address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enable</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>This argument is a boolean value to enable or disable LLDP.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>legacy_protocols</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>cdp</li> + <li>edp</li> + <li>fdp</li> + <li>sonmp</li> + </ul> + </td> + <td> + <div>List of the supported legacy protocols.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>snmp</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This argument enable the SNMP queries to LLDP database.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep lldp</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>deleted</li> + <li>gathered</li> + <li>rendered</li> + <li>parsed</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands|grep lldp + # + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_lldp_global: + config: + legacy_protocols: + - fdp + - cdp + snmp: enable + address: 192.0.2.11 + state: merged + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [] + # + # "commands": [ + # "set service lldp legacy-protocols fdp", + # "set service lldp legacy-protocols cdp", + # "set service lldp snmp enable", + # "set service lldp management-address '192.0.2.11'" + # ] + # + # "after": [ + # { + # "snmp": "enable" + # }, + # { + # "address": "192.0.2.11" + # }, + # { + # "legacy_protocols": [ + # "cdp", + # "fdp" + # ] + # } + # { + # "enable": true + # } + # ] + # + # After state: + # ------------- + # + # set service lldp legacy-protocols cdp + # set service lldp legacy-protocols fdp + # set service lldp management-address '192.0.2.11' + # set service lldp snmp enable + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp legacy-protocols cdp + # set service lldp legacy-protocols fdp + # set service lldp management-address '192.0.2.11' + # set service lldp snmp enable + # + - name: Replace device configurations with provided configurations + vyos.vyos.vyos_lldp_global: + config: + legacy_protocols: + - edp + - sonmp + - cdp + address: 192.0.2.14 + state: replaced + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # + # "before": [ + # { + # "snmp": "enable" + # }, + # { + # "address": "192.0.2.11" + # }, + # { + # "legacy_protocols": [ + # "cdp", + # "fdp" + # ] + # } + # { + # "enable": true + # } + # ] + # "commands": [ + # "delete service lldp snmp", + # "delete service lldp legacy-protocols fdp", + # "set service lldp management-address '192.0.2.14'", + # "set service lldp legacy-protocols edp", + # "set service lldp legacy-protocols sonmp" + # ] + # + # "after": [ + # { + # "address": "192.0.2.14" + # }, + # { + # "legacy_protocols": [ + # "cdp", + # "edp", + # "sonmp" + # ] + # } + # { + # "enable": true + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands|grep lldp + # set service lldp legacy-protocols cdp + # set service lldp legacy-protocols edp + # set service lldp legacy-protocols sonmp + # set service lldp management-address '192.0.2.14' + + + # Using deleted + # + # Before state + # ------------- + # vyos@vyos:~$ show configuration commands|grep lldp + # set service lldp legacy-protocols cdp + # set service lldp legacy-protocols edp + # set service lldp legacy-protocols sonmp + # set service lldp management-address '192.0.2.14' + # + - name: Delete attributes of given lldp service (This won't delete the LLDP service + itself) + vyos.vyos.vyos_lldp_global: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "address": "192.0.2.14" + # }, + # { + # "legacy_protocols": [ + # "cdp", + # "edp", + # "sonmp" + # ] + # } + # { + # "enable": true + # } + # ] + # + # "commands": [ + # "delete service lldp management-address", + # "delete service lldp legacy-protocols" + # ] + # + # "after": [ + # { + # "enable": true + # } + # ] + # + # After state + # ------------ + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep lldp + # set service lldp legacy-protocols 'cdp' + # set service lldp management-address '192.0.2.17' + # + - name: Gather lldp global config with provided configurations + vyos.vyos.vyos_lldp_global: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "config_trap": true, + # "group": { + # "address_group": [ + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.3.1" + # }, + # { + # "address": "192.0.3.2" + # } + # ], + # "name": "ENG-HOSTS" + # }, + # { + # "description": "Sales office hosts address list", + # "members": [ + # { + # "address": "192.0.2.1" + # }, + # { + # "address": "192.0.2.2" + # }, + # { + # "address": "192.0.2.3" + # } + # ], + # "name": "SALES-HOSTS" + # } + # ], + # "network_group": [ + # { + # "description": "This group has the Management network addresses", + # "members": [ + # { + # "address": "192.0.1.0/24" + # } + # ], + # "name": "MGMT" + # } + # ] + # }, + # "log_martians": true, + # "ping": { + # "all": true, + # "broadcast": true + # }, + # "route_redirects": [ + # { + # "afi": "ipv4", + # "icmp_redirects": { + # "receive": false, + # "send": true + # }, + # "ip_src_route": true + # } + # ], + # "state_policy": [ + # { + # "action": "accept", + # "connection_type": "established", + # "log": true + # }, + # { + # "action": "reject", + # "connection_type": "invalid" + # } + # ], + # "syn_cookies": true, + # "twa_hazards_protection": true, + # "validation": "strict" + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep lldp + # set service lldp legacy-protocols 'cdp' + # set service lldp management-address '192.0.2.17' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_lldp_global: + config: + address: 192.0.2.17 + enable: true + legacy_protocols: + - cdp + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set service lldp legacy-protocols 'cdp'", + # "set service lldp", + # "set service lldp management-address '192.0.2.17'" + # ] + # + + + # Using parsed + # + # + - name: Parse the provided commands to provide structured configuration + vyos.vyos.vyos_lldp_global: + running_config: + "set service lldp legacy-protocols 'cdp' + set service lldp legacy-protocols 'fdp' + set service lldp management-address '192.0.2.11'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": { + # "address": "192.0.2.11", + # "enable": true, + # "legacy_protocols": [ + # "cdp", + # "fdp" + # ] + # } + # + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The configuration as structured data after module completion.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration as structured data prior to module invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set service lldp legacy-protocols sonmp', "set service lldp management-address '192.0.2.14'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_lldp_interface_module.rst b/docs/vyos.vyos.vyos_lldp_interface_module.rst new file mode 100644 index 0000000..12df780 --- /dev/null +++ b/docs/vyos.vyos.vyos_lldp_interface_module.rst @@ -0,0 +1,313 @@ +:orphan: + +.. _vyos.vyos.vyos_lldp_interface_module: + + +***************************** +vyos.vyos.vyos_lldp_interface +***************************** + +**(deprecated, removed after 2022-06-01) Manage LLDP interfaces configuration on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_lldp_interfaces + + + +Synopsis +-------- +- This module provides declarative management of LLDP interfaces configuration on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>List of interfaces LLDP should be configured on.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the interface LLDP should be configured on.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + <li>enabled</li> + <li>disabled</li> + </ul> + </td> + <td> + <div>State of the LLDP configuration.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VYOS 1.1.7 + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Enable LLDP on eth1 + net_lldp_interface: + state: present + + - name: Enable LLDP on specific interfaces + net_lldp_interface: + interfaces: + - eth1 + - eth2 + state: present + + - name: Disable LLDP globally + net_lldp_interface: + state: disabled + + - name: Create aggregate of LLDP interface configurations + vyos.vyos.vyos_lldp_interface: + aggregate: + - name: eth1 + - name: eth2 + state: present + + - name: Delete aggregate of LLDP interface configurations + vyos.vyos.vyos_lldp_interface: + aggregate: + - name: eth1 + - name: eth2 + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always, except for the platforms that use Netconf transport to manage the device.</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set service lldp eth1', 'set service lldp eth2 disable']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Ricardo Carrillo Cruz (@rcarrillocruz) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_lldp_interfaces_module.rst b/docs/vyos.vyos.vyos_lldp_interfaces_module.rst new file mode 100644 index 0000000..5c81d41 --- /dev/null +++ b/docs/vyos.vyos.vyos_lldp_interfaces_module.rst @@ -0,0 +1,932 @@ +:orphan: + +.. _vyos.vyos.vyos_lldp_interfaces_module: + + +****************************** +vyos.vyos.vyos_lldp_interfaces +****************************** + +**LLDP interfaces resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages attributes of lldp interfaces on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="5">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>A list of lldp interfaces configurations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enable</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li><div style="color: blue"><b>yes</b> ←</div></li> + </ul> + </td> + <td> + <div>to disable lldp on the interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>location</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>LLDP-MED location data.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>civic_based</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Civic-based location data.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ca_info</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>LLDP-MED address info</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ca_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>LLDP-MED Civic Address type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ca_value</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>LLDP-MED Civic Address value.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>country_code</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Country Code</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>coordinate_based</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Coordinate-based location.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>altitude</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Altitude in meters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>datum</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>WGS84</li> + <li>NAD83</li> + <li>MLLW</li> + </ul> + </td> + <td> + <div>Coordinate datum type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>latitude</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Latitude.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>longitude</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Longitude.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>elin</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Emergency Call Service ELIN number (between 10-25 numbers).</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Name of the lldp interface.</div> + </td> + </tr> + + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep lldp</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>rendered</li> + <li>parsed</li> + <li>gathered</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # + - name: Merge provided configuration with device configuration + vyos.vyos.vyos_lldp_interfaces: + config: + - name: eth1 + location: + civic_based: + country_code: US + ca_info: + - ca_type: 0 + ca_value: ENGLISH + + - name: eth2 + location: + coordinate_based: + altitude: 2200 + datum: WGS84 + longitude: 222.267255W + latitude: 33.524449N + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": [] + # + # "commands": [ + # "set service lldp interface eth1 location civic-based country-code 'US'", + # "set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH'", + # "set service lldp interface eth1", + # "set service lldp interface eth2 location coordinate-based latitude '33.524449N'", + # "set service lldp interface eth2 location coordinate-based altitude '2200'", + # "set service lldp interface eth2 location coordinate-based datum 'WGS84'", + # "set service lldp interface eth2 location coordinate-based longitude '222.267255W'", + # "set service lldp interface eth2 location coordinate-based latitude '33.524449N'", + # "set service lldp interface eth2 location coordinate-based altitude '2200'", + # "set service lldp interface eth2 location coordinate-based datum 'WGS84'", + # "set service lldp interface eth2 location coordinate-based longitude '222.267255W'", + # "set service lldp interface eth2" + # + # "after": [ + # { + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth2" + # }, + # { + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth1" + # } + # ], + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth1 location civic-based country-code 'US' + # set service lldp interface eth2 location coordinate-based altitude '2200' + # set service lldp interface eth2 location coordinate-based datum 'WGS84' + # set service lldp interface eth2 location coordinate-based latitude '33.524449N' + # set service lldp interface eth2 location coordinate-based longitude '222.267255W' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth1 location civic-based country-code 'US' + # set service lldp interface eth2 location coordinate-based altitude '2200' + # set service lldp interface eth2 location coordinate-based datum 'WGS84' + # set service lldp interface eth2 location coordinate-based latitude '33.524449N' + # set service lldp interface eth2 location coordinate-based longitude '222.267255W' + # + - name: Replace device configurations of listed LLDP interfaces with provided configurations + vyos.vyos.vyos_lldp_interfaces: + config: + - name: eth2 + location: + civic_based: + country_code: US + ca_info: + - ca_type: 0 + ca_value: ENGLISH + + - name: eth1 + location: + coordinate_based: + altitude: 2200 + datum: WGS84 + longitude: 222.267255W + latitude: 33.524449N + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth2" + # }, + # { + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth1" + # } + # ] + # + # "commands": [ + # "delete service lldp interface eth2 location", + # "set service lldp interface eth2 'disable'", + # "set service lldp interface eth2 location civic-based country-code 'US'", + # "set service lldp interface eth2 location civic-based ca-type 0 ca-value 'ENGLISH'", + # "delete service lldp interface eth1 location", + # "set service lldp interface eth1 'disable'", + # "set service lldp interface eth1 location coordinate-based latitude '33.524449N'", + # "set service lldp interface eth1 location coordinate-based altitude '2200'", + # "set service lldp interface eth1 location coordinate-based datum 'WGS84'", + # "set service lldp interface eth1 location coordinate-based longitude '222.267255W'" + # ] + # + # "after": [ + # { + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth2" + # }, + # { + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth1" + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp interface eth1 'disable' + # set service lldp interface eth1 location coordinate-based altitude '2200' + # set service lldp interface eth1 location coordinate-based datum 'WGS84' + # set service lldp interface eth1 location coordinate-based latitude '33.524449N' + # set service lldp interface eth1 location coordinate-based longitude '222.267255W' + # set service lldp interface eth2 'disable' + # set service lldp interface eth2 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth2 location civic-based country-code 'US' + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands | grep lldp + # set service lldp interface eth1 'disable' + # set service lldp interface eth1 location coordinate-based altitude '2200' + # set service lldp interface eth1 location coordinate-based datum 'WGS84' + # set service lldp interface eth1 location coordinate-based latitude '33.524449N' + # set service lldp interface eth1 location coordinate-based longitude '222.267255W' + # set service lldp interface eth2 'disable' + # set service lldp interface eth2 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth2 location civic-based country-code 'US' + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_lldp_interfaces: + config: + - name: eth2 + location: + elin: 0000000911 + + state: overridden + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "enable": false, + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth2" + # }, + # { + # "enable": false, + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth1" + # } + # ] + # + # "commands": [ + # "delete service lldp interface eth2 location", + # "delete service lldp interface eth2 disable", + # "set service lldp interface eth2 location elin 0000000911" + # + # + # "after": [ + # { + # "location": { + # "elin": 0000000911 + # }, + # "name": "eth2" + # } + # ] + # + # + # After state + # ------------ + # + # vyos@vyos# run show configuration commands | grep lldp + # set service lldp interface eth2 location elin '0000000911' + + + # Using deleted + # + # Before state + # ------------- + # + # vyos@vyos# run show configuration commands | grep lldp + # set service lldp interface eth2 location elin '0000000911' + # + - name: Delete lldp interface attributes of given interfaces. + vyos.vyos.vyos_lldp_interfaces: + config: + - name: eth2 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + before: [{location: {elin: 0000000911}, name: eth2}] + # "commands": [ + # "commands": [ + # "delete service lldp interface eth2" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep lldp + # set service 'lldp' + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep lldp + # set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth1 location civic-based country-code 'US' + # set service lldp interface eth2 location coordinate-based altitude '2200' + # set service lldp interface eth2 location coordinate-based datum 'WGS84' + # set service lldp interface eth2 location coordinate-based latitude '33.524449N' + # set service lldp interface eth2 location coordinate-based longitude '222.267255W' + # + - name: Gather listed lldp interfaces from running configuration + vyos.vyos.vyos_lldp_interfaces: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth2" + # }, + # { + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth1" + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep lldp + # set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH' + # set service lldp interface eth1 location civic-based country-code 'US' + # set service lldp interface eth2 location coordinate-based altitude '2200' + # set service lldp interface eth2 location coordinate-based datum 'WGS84' + # set service lldp interface eth2 location coordinate-based latitude '33.524449N' + # set service lldp interface eth2 location coordinate-based longitude '222.267255W' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_lldp_interfaces: + config: + - name: eth1 + location: + civic_based: + country_code: US + ca_info: + - ca_type: 0 + ca_value: ENGLISH + - name: eth2 + location: + coordinate_based: + altitude: 2200 + datum: WGS84 + longitude: 222.267255W + latitude: 33.524449N + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set service lldp interface eth1 location civic-based country-code 'US'", + # "set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH'", + # "set service lldp interface eth1", + # "set service lldp interface eth2 location coordinate-based latitude '33.524449N'", + # "set service lldp interface eth2 location coordinate-based altitude '2200'", + # "set service lldp interface eth2 location coordinate-based datum 'WGS84'", + # "set service lldp interface eth2 location coordinate-based longitude '222.267255W'", + # "set service lldp interface eth2" + # ] + + + # Using parsed + # + # + - name: Parsed the commands to provide structured configuration. + vyos.vyos.vyos_lldp_interfaces: + running_config: + "set service lldp interface eth1 location civic-based ca-type 0 ca-value 'ENGLISH' + set service lldp interface eth1 location civic-based country-code 'US' + set service lldp interface eth2 location coordinate-based altitude '2200' + set service lldp interface eth2 location coordinate-based datum 'WGS84' + set service lldp interface eth2 location coordinate-based latitude '33.524449N' + set service lldp interface eth2 location coordinate-based longitude '222.267255W'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "location": { + # "coordinate_based": { + # "altitude": 2200, + # "datum": "WGS84", + # "latitude": "33.524449N", + # "longitude": "222.267255W" + # } + # }, + # "name": "eth2" + # }, + # { + # "location": { + # "civic_based": { + # "ca_info": [ + # { + # "ca_type": 0, + # "ca_value": "ENGLISH" + # } + # ], + # "country_code": "US" + # } + # }, + # "name": "eth1" + # } + # ] + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The configuration as structured data after module completion.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration as structured data prior to module invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set service lldp interface eth2 'disable'", 'delete service lldp interface eth1 location']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_lldp_module.rst b/docs/vyos.vyos.vyos_lldp_module.rst new file mode 100644 index 0000000..2af0c1e --- /dev/null +++ b/docs/vyos.vyos.vyos_lldp_module.rst @@ -0,0 +1,277 @@ +:orphan: + +.. _vyos.vyos.vyos_lldp_module: + + +******************* +vyos.vyos.vyos_lldp +******************* + +**(deprecated, removed after 2022-06-01) Manage LLDP configuration on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_lldp_global + + + +Synopsis +-------- +- This module provides declarative management of LLDP service on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interfaces</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the interfaces.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + <li>enabled</li> + <li>disabled</li> + </ul> + </td> + <td> + <div>State of the link aggregation group.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VYOS 1.1.7 + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Enable LLDP service + vyos.vyos.vyos_lldp: + state: present + + - name: Disable LLDP service + vyos.vyos.vyos_lldp: + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always, except for the platforms that use Netconf transport to manage the device.</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set service lldp']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Ricardo Carrillo Cruz (@rcarrillocruz) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_logging_module.rst b/docs/vyos.vyos.vyos_logging_module.rst new file mode 100644 index 0000000..e2cff81 --- /dev/null +++ b/docs/vyos.vyos.vyos_logging_module.rst @@ -0,0 +1,357 @@ +:orphan: + +.. _vyos.vyos.vyos_logging_module: + + +********************** +vyos.vyos.vyos_logging +********************** + +**Manage logging on network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module provides declarative management of logging on Vyatta Vyos devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>List of logging definitions.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>dest</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>console</li> + <li>file</li> + <li>global</li> + <li>host</li> + <li>user</li> + </ul> + </td> + <td> + <div>Destination of the logs.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>facility</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Set logging facility.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>level</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Set logging severity levels.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>If value of <code>dest</code> is <em>file</em> it indicates file-name, for <em>user</em> it indicates username and for <em>host</em> indicates the host name to be notified.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>State of the logging configuration.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure console logging + vyos.vyos.vyos_logging: + dest: console + facility: all + level: crit + + - name: remove console logging configuration + vyos.vyos.vyos_logging: + dest: console + state: absent + + - name: configure file logging + vyos.vyos.vyos_logging: + dest: file + name: test + facility: local3 + level: err + + - name: Add logging aggregate + vyos.vyos.vyos_logging: + aggregate: + - {dest: file, name: test1, facility: all, level: info} + - {dest: file, name: test2, facility: news, level: debug} + state: present + + - name: Remove logging aggregate + vyos.vyos.vyos_logging: + aggregate: + - {dest: console, facility: all, level: info} + - {dest: console, facility: daemon, level: warning} + - {dest: file, name: test2, facility: news, level: debug} + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set system syslog global facility all level notice']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Trishna Guha (@trishnaguha) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_ospfv2_module.rst b/docs/vyos.vyos.vyos_ospfv2_module.rst new file mode 100644 index 0000000..2838f87 --- /dev/null +++ b/docs/vyos.vyos.vyos_ospfv2_module.rst @@ -0,0 +1,3124 @@ +:orphan: + +.. _vyos.vyos.vyos_ospfv2_module: + + +********************* +vyos.vyos.vyos_ospfv2 +********************* + +**OSPFv2 resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This resource module configures and manages attributes of OSPFv2 routes on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="6">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>A provided OSPFv2 route configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>areas</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>area_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 area identity.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>area_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Area type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>normal</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Normal OSPFv2 area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>nssa</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>NSSA OSPFv2 area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>default_cost</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Summary-default cost of NSSA area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>no_summary</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Do not inject inter-area routes into stub.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>set</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enabling NSSA.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>translate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>always</li> + <li>candidate</li> + <li>never</li> + </ul> + </td> + <td> + <div>NSSA-ABR.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>stub</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Stub OSPFv2 area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>default_cost</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Summary-default cost of stub area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>no_summary</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Do not inject inter-area routes into stub.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>set</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enabling stub.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>authentication</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>plaintext-password</li> + <li>md5</li> + </ul> + </td> + <td> + <div>OSPFv2 area authentication type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>network</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 network.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 IPv4 network address.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>range</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Summarize routes matching prefix (border routers only).</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>border router IPv4 address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>cost</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Metric for this range.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>not_advertise</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Don't advertise this range.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>substitute</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Announce area range (IPv4 address) as another prefix.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>shortcut</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>default</li> + <li>disable</li> + <li>enable</li> + </ul> + </td> + <td> + <div>Area's shortcut mode.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>virtual_link</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Virtual link address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>virtual link address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>authentication</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 area authentication type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>md5</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>MD5 key id based authentication.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>key_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>MD5 key id.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>md5_key</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>MD5 key.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>plaintext_password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Plain text password.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>dead_interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Interval after which a neighbor is declared dead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>hello_interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Interval between hello packets.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>retransmit_interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Interval between retransmitting lost link state advertisements.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>transmit_delay</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Link state transmit delay.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>auto_cost</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Calculate OSPFv2 interface cost according to bandwidth.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>reference_bandwidth</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Reference bandwidth cost in Mbits/sec.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>default_information</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Control distribution of default information.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>originate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Distribute a default route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>always</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Always advertise default route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>metric</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 default metric.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>metric_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 Metric types for default routes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_map</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Route map references.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>default_metric</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Metric of redistributed routes</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>distance</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Administrative distance.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>global</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Global OSPFv2 administrative distance.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ospf</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 administrative distance.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>external</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Distance for external routes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>inter_area</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Distance for inter-area routes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>intra_area</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Distance for intra-area routes.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>log_adjacency_changes</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>detail</li> + </ul> + </td> + <td> + <div>Log changes in adjacency state.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>max_metric</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 maximum/infinite-distance metric.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>router_lsa</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Advertise own Router-LSA with infinite distance (stub router).</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>administrative</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Administratively apply, for an indefinite period.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>on_shutdown</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Time to advertise self as stub-router.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>on_startup</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Time to advertise self as stub-router</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mpls_te</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>MultiProtocol Label Switching-Traffic Engineering (MPLS-TE) parameters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enable MPLS-TE functionality.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>router_address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Stable IP address of the advertising router.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>neighbor</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Neighbor IP address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>neighbor_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Identity (number/IP address) of neighbor.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>poll_interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Seconds between dead neighbor polling interval.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>priority</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Neighbor priority.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>parameters</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>abr_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>cisco</li> + <li>ibm</li> + <li>shortcut</li> + <li>standard</li> + </ul> + </td> + <td> + <div>OSPFv2 ABR Type.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>opaque_lsa</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enable the Opaque-LSA capability (rfc2370).</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>rfc1583_compatibility</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Enable rfc1583 criteria for handling AS external routes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>router_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Override the default router identifier.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>passive_interface</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>Suppress routing updates on an interface.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>passive_interface_exclude</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>Interface to exclude when using passive-interface default.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>redistribute</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Redistribute information from another routing protocol.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>metric</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Metric for redistribution routes.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>metric_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 Metric types.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_map</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Route map references.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>bgp</li> + <li>connected</li> + <li>kernel</li> + <li>rip</li> + <li>static</li> + </ul> + </td> + <td> + <div>Route type to redistribute.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_map</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>Filter routes installed in local route map.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timers</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Adjust routing timers.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>refresh</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Adjust refresh parameters.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timers</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>refresh timer.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>throttle</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Throttling adaptive timers.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>spf</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv2 SPF timers.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>delay</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Delay (msec) from first change received till SPF calculation.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>initial_holdtime</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Initial hold time(msec) between consecutive SPF calculations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>max_holdtime</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>maximum hold time (sec).</div> + </td> + </tr> + + + + + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep ospf</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="6"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>deleted</li> + <li>parsed</li> + <li>gathered</li> + <li>rendered</li> + </ul> + </td> + <td> + <div>The state the configuration should be left in.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos# run show configuration commands | grep ospf + # + # + - name: Merge the provided configuration with the existing running configuration + vyos.vyos.vyos_ospfv2: + config: + log_adjacency_changes: detail + max_metric: + router_lsa: + administrative: true + on_shutdown: 10 + on_startup: 10 + default_information: + originate: + always: true + metric: 10 + metric_type: 2 + route_map: ingress + mpls_te: + enabled: true + router_address: 192.0.11.11 + auto_cost: + reference_bandwidth: 2 + neighbor: + - neighbor_id: 192.0.11.12 + poll_interval: 10 + priority: 2 + redistribute: + - route_type: bgp + metric: 10 + metric_type: 2 + passive_interface: + - eth1 + - eth2 + parameters: + router_id: 192.0.1.1 + opaque_lsa: true + rfc1583_compatibility: true + abr_type: cisco + areas: + - area_id: '2' + area_type: + normal: true + authentication: plaintext-password + shortcut: enable + - area_id: '3' + area_type: + nssa: + set: true + - area_id: '4' + area_type: + stub: + default_cost: 20 + network: + - address: 192.0.2.0/24 + range: + - address: 192.0.3.0/24 + cost: 10 + - address: 192.0.4.0/24 + cost: 12 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": {} + # + # "commands": [ + # "set protocols ospf mpls-te enable", + # "set protocols ospf mpls-te router-address '192.0.11.11'", + # "set protocols ospf redistribute bgp", + # "set protocols ospf redistribute bgp metric-type 2", + # "set protocols ospf redistribute bgp metric 10", + # "set protocols ospf default-information originate metric-type 2", + # "set protocols ospf default-information originate always", + # "set protocols ospf default-information originate metric 10", + # "set protocols ospf default-information originate route-map ingress", + # "set protocols ospf auto-cost reference-bandwidth '2'", + # "set protocols ospf parameters router-id '192.0.1.1'", + # "set protocols ospf parameters opaque-lsa", + # "set protocols ospf parameters abr-type 'cisco'", + # "set protocols ospf parameters rfc1583-compatibility", + # "set protocols ospf passive-interface eth1", + # "set protocols ospf passive-interface eth2", + # "set protocols ospf max-metric router-lsa on-shutdown 10", + # "set protocols ospf max-metric router-lsa administrative", + # "set protocols ospf max-metric router-lsa on-startup 10", + # "set protocols ospf log-adjacency-changes 'detail'", + # "set protocols ospf neighbor 192.0.11.12 priority 2", + # "set protocols ospf neighbor 192.0.11.12 poll-interval 10", + # "set protocols ospf neighbor 192.0.11.12", + # "set protocols ospf area '2'", + # "set protocols ospf area 2 authentication plaintext-password", + # "set protocols ospf area 2 shortcut enable", + # "set protocols ospf area 2 area-type normal", + # "set protocols ospf area '3'", + # "set protocols ospf area 3 area-type nssa", + # "set protocols ospf area 4 range 192.0.3.0/24 cost 10", + # "set protocols ospf area 4 range 192.0.3.0/24", + # "set protocols ospf area 4 range 192.0.4.0/24 cost 12", + # "set protocols ospf area 4 range 192.0.4.0/24", + # "set protocols ospf area 4 area-type stub default-cost 20", + # "set protocols ospf area '4'", + # "set protocols ospf area 4 network 192.0.2.0/24" + # ] + # + # "after": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos# run show configuration commands | grep ospf + # + # + - name: Merge the provided configuration to update existing running configuration + vyos.vyos.vyos_ospfv2: + config: + areas: + - area_id: '2' + area_type: + normal: true + authentication: plaintext-password + shortcut: enable + - area_id: '3' + area_type: + nssa: + set: false + - area_id: '4' + area_type: + stub: + default_cost: 20 + network: + - address: 192.0.2.0/24 + - address: 192.0.22.0/24 + - address: 192.0.32.0/24 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # "commands": [ + # "delete protocols ospf area 4 area-type stub", + # "set protocols ospf area 4 network 192.0.22.0/24" + # "set protocols ospf area 4 network 192.0.32.0/24" + # ] + # + # "after": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # }, + # { + # "address": "192.0.22.0/24" + # }, + # { + # "address": "192.0.32.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 network '192.0.22.0/24' + # set protocols ospf area 4 network '192.0.32.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + # + - name: Replace ospfv2 routes attributes configuration. + vyos.vyos.vyos_ospfv2: + config: + log_adjacency_changes: detail + max_metric: + router_lsa: + administrative: true + on_shutdown: 10 + on_startup: 10 + default_information: + originate: + always: true + metric: 10 + metric_type: 2 + route_map: ingress + mpls_te: + enabled: true + router_address: 192.0.22.22 + auto_cost: + reference_bandwidth: 2 + neighbor: + - neighbor_id: 192.0.11.12 + poll_interval: 10 + priority: 2 + redistribute: + - route_type: bgp + metric: 10 + metric_type: 2 + passive_interface: + - eth1 + parameters: + router_id: 192.0.1.1 + opaque_lsa: true + rfc1583_compatibility: true + abr_type: cisco + areas: + - area_id: '2' + area_type: + normal: true + authentication: plaintext-password + shortcut: enable + - area_id: '4' + area_type: + stub: + default_cost: 20 + network: + - address: 192.0.2.0/24 + - address: 192.0.12.0/24 + - address: 192.0.22.0/24 + - address: 192.0.32.0/24 + range: + - address: 192.0.42.0/24 + cost: 10 + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # "commands": [ + # "delete protocols ospf passive-interface eth2", + # "delete protocols ospf area 3", + # "delete protocols ospf area 4 range 192.0.3.0/24 cost", + # "delete protocols ospf area 4 range 192.0.3.0/24", + # "delete protocols ospf area 4 range 192.0.4.0/24 cost", + # "delete protocols ospf area 4 range 192.0.4.0/24", + # "set protocols ospf mpls-te router-address '192.0.22.22'", + # "set protocols ospf area 4 range 192.0.42.0/24 cost 10", + # "set protocols ospf area 4 range 192.0.42.0/24", + # "set protocols ospf area 4 network 192.0.12.0/24", + # "set protocols ospf area 4 network 192.0.22.0/24", + # "set protocols ospf area 4 network 192.0.32.0/24" + # ] + # + # "after": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.12.0/24" + # }, + # { + # "address": "192.0.2.0/24" + # }, + # { + # "address": "192.0.22.0/24" + # }, + # { + # "address": "192.0.32.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.42.0/24", + # "cost": 10 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.22.22" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 network '192.0.12.0/24' + # set protocols ospf area 4 network '192.0.22.0/24' + # set protocols ospf area 4 network '192.0.32.0/24' + # set protocols ospf area 4 range 192.0.42.0/24 cost '10' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.22.22' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_ospfv2: + config: + log_adjacency_changes: detail + max_metric: + router_lsa: + administrative: true + on_shutdown: 10 + on_startup: 10 + default_information: + originate: + always: true + metric: 10 + metric_type: 2 + route_map: ingress + mpls_te: + enabled: true + router_address: 192.0.11.11 + auto_cost: + reference_bandwidth: 2 + neighbor: + - neighbor_id: 192.0.11.12 + poll_interval: 10 + priority: 2 + redistribute: + - route_type: bgp + metric: 10 + metric_type: 2 + passive_interface: + - eth1 + - eth2 + parameters: + router_id: 192.0.1.1 + opaque_lsa: true + rfc1583_compatibility: true + abr_type: cisco + areas: + - area_id: '2' + area_type: + normal: true + authentication: plaintext-password + shortcut: enable + - area_id: '3' + area_type: + nssa: + set: true + - area_id: '4' + area_type: + stub: + default_cost: 20 + network: + - address: 192.0.2.0/24 + range: + - address: 192.0.3.0/24 + cost: 10 + - address: 192.0.4.0/24 + cost: 12 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # [ + # "set protocols ospf mpls-te enable", + # "set protocols ospf mpls-te router-address '192.0.11.11'", + # "set protocols ospf redistribute bgp", + # "set protocols ospf redistribute bgp metric-type 2", + # "set protocols ospf redistribute bgp metric 10", + # "set protocols ospf default-information originate metric-type 2", + # "set protocols ospf default-information originate always", + # "set protocols ospf default-information originate metric 10", + # "set protocols ospf default-information originate route-map ingress", + # "set protocols ospf auto-cost reference-bandwidth '2'", + # "set protocols ospf parameters router-id '192.0.1.1'", + # "set protocols ospf parameters opaque-lsa", + # "set protocols ospf parameters abr-type 'cisco'", + # "set protocols ospf parameters rfc1583-compatibility", + # "set protocols ospf passive-interface eth1", + # "set protocols ospf passive-interface eth2", + # "set protocols ospf max-metric router-lsa on-shutdown 10", + # "set protocols ospf max-metric router-lsa administrative", + # "set protocols ospf max-metric router-lsa on-startup 10", + # "set protocols ospf log-adjacency-changes 'detail'", + # "set protocols ospf neighbor 192.0.11.12 priority 2", + # "set protocols ospf neighbor 192.0.11.12 poll-interval 10", + # "set protocols ospf neighbor 192.0.11.12", + # "set protocols ospf area '2'", + # "set protocols ospf area 2 authentication plaintext-password", + # "set protocols ospf area 2 shortcut enable", + # "set protocols ospf area 2 area-type normal", + # "set protocols ospf area '3'", + # "set protocols ospf area 3 area-type nssa", + # "set protocols ospf area 4 range 192.0.3.0/24 cost 10", + # "set protocols ospf area 4 range 192.0.3.0/24", + # "set protocols ospf area 4 range 192.0.4.0/24 cost 12", + # "set protocols ospf area 4 range 192.0.4.0/24", + # "set protocols ospf area 4 area-type stub default-cost 20", + # "set protocols ospf area '4'", + # "set protocols ospf area 4 network 192.0.2.0/24" + # ] + + + # Using parsed + # + # + - name: Parse the commands for provided structured configuration + vyos.vyos.vyos_ospfv2: + running_config: + "set protocols ospf area 2 area-type 'normal' + set protocols ospf area 2 authentication 'plaintext-password' + set protocols ospf area 2 shortcut 'enable' + set protocols ospf area 3 area-type 'nssa' + set protocols ospf area 4 area-type stub default-cost '20' + set protocols ospf area 4 network '192.0.2.0/24' + set protocols ospf area 4 range 192.0.3.0/24 cost '10' + set protocols ospf area 4 range 192.0.4.0/24 cost '12' + set protocols ospf auto-cost reference-bandwidth '2' + set protocols ospf default-information originate 'always' + set protocols ospf default-information originate metric '10' + set protocols ospf default-information originate metric-type '2' + set protocols ospf default-information originate route-map 'ingress' + set protocols ospf log-adjacency-changes 'detail' + set protocols ospf max-metric router-lsa 'administrative' + set protocols ospf max-metric router-lsa on-shutdown '10' + set protocols ospf max-metric router-lsa on-startup '10' + set protocols ospf mpls-te 'enable' + set protocols ospf mpls-te router-address '192.0.11.11' + set protocols ospf neighbor 192.0.11.12 poll-interval '10' + set protocols ospf neighbor 192.0.11.12 priority '2' + set protocols ospf parameters abr-type 'cisco' + set protocols ospf parameters 'opaque-lsa' + set protocols ospf parameters 'rfc1583-compatibility' + set protocols ospf parameters router-id '192.0.1.1' + set protocols ospf passive-interface 'eth1' + set protocols ospf passive-interface 'eth2' + set protocols ospf redistribute bgp metric '10' + set protocols ospf redistribute bgp metric-type '2'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # } + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + # + - name: Gather ospfv2 routes config with provided configurations + vyos.vyos.vyos_ospfv2: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + + + # Using deleted + # + # Before state + # ------------- + # + # vyos@192# run show configuration commands | grep ospf + # set protocols ospf area 2 area-type 'normal' + # set protocols ospf area 2 authentication 'plaintext-password' + # set protocols ospf area 2 shortcut 'enable' + # set protocols ospf area 3 area-type 'nssa' + # set protocols ospf area 4 area-type stub default-cost '20' + # set protocols ospf area 4 network '192.0.2.0/24' + # set protocols ospf area 4 range 192.0.3.0/24 cost '10' + # set protocols ospf area 4 range 192.0.4.0/24 cost '12' + # set protocols ospf auto-cost reference-bandwidth '2' + # set protocols ospf default-information originate 'always' + # set protocols ospf default-information originate metric '10' + # set protocols ospf default-information originate metric-type '2' + # set protocols ospf default-information originate route-map 'ingress' + # set protocols ospf log-adjacency-changes 'detail' + # set protocols ospf max-metric router-lsa 'administrative' + # set protocols ospf max-metric router-lsa on-shutdown '10' + # set protocols ospf max-metric router-lsa on-startup '10' + # set protocols ospf mpls-te 'enable' + # set protocols ospf mpls-te router-address '192.0.11.11' + # set protocols ospf neighbor 192.0.11.12 poll-interval '10' + # set protocols ospf neighbor 192.0.11.12 priority '2' + # set protocols ospf parameters abr-type 'cisco' + # set protocols ospf parameters 'opaque-lsa' + # set protocols ospf parameters 'rfc1583-compatibility' + # set protocols ospf parameters router-id '192.0.1.1' + # set protocols ospf passive-interface 'eth1' + # set protocols ospf passive-interface 'eth2' + # set protocols ospf redistribute bgp metric '10' + # set protocols ospf redistribute bgp metric-type '2' + # + - name: Delete attributes of ospfv2 routes. + vyos.vyos.vyos_ospfv2: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": { + # "areas": [ + # { + # "area_id": "2", + # "area_type": { + # "normal": true + # }, + # "authentication": "plaintext-password", + # "shortcut": "enable" + # }, + # { + # "area_id": "3", + # "area_type": { + # "nssa": { + # "set": true + # } + # } + # }, + # { + # "area_id": "4", + # "area_type": { + # "stub": { + # "default_cost": 20, + # "set": true + # } + # }, + # "network": [ + # { + # "address": "192.0.2.0/24" + # } + # ], + # "range": [ + # { + # "address": "192.0.3.0/24", + # "cost": 10 + # }, + # { + # "address": "192.0.4.0/24", + # "cost": 12 + # } + # ] + # } + # ], + # "auto_cost": { + # "reference_bandwidth": 2 + # }, + # "default_information": { + # "originate": { + # "always": true, + # "metric": 10, + # "metric_type": 2, + # "route_map": "ingress" + # } + # }, + # "log_adjacency_changes": "detail", + # "max_metric": { + # "router_lsa": { + # "administrative": true, + # "on_shutdown": 10, + # "on_startup": 10 + # } + # }, + # "mpls_te": { + # "enabled": true, + # "router_address": "192.0.11.11" + # }, + # "neighbor": [ + # { + # "neighbor_id": "192.0.11.12", + # "poll_interval": 10, + # "priority": 2 + # } + # ], + # "parameters": { + # "abr_type": "cisco", + # "opaque_lsa": true, + # "rfc1583_compatibility": true, + # "router_id": "192.0.1.1" + # }, + # "passive_interface": [ + # "eth2", + # "eth1" + # ], + # "redistribute": [ + # { + # "metric": 10, + # "metric_type": 2, + # "route_type": "bgp" + # } + # ] + # } + # "commands": [ + # "delete protocols ospf" + # ] + # + # "after": {} + # After state + # ------------ + # vyos@192# run show configuration commands | grep ospf + # + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set protocols ospf parameters router-id 192.0.1.1', "set protocols ospf passive-interface 'eth1'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_ospfv3_module.rst b/docs/vyos.vyos.vyos_ospfv3_module.rst new file mode 100644 index 0000000..bd7e088 --- /dev/null +++ b/docs/vyos.vyos.vyos_ospfv3_module.rst @@ -0,0 +1,922 @@ +:orphan: + +.. _vyos.vyos.vyos_ospfv3_module: + + +********************* +vyos.vyos.vyos_ospfv3 +********************* + +**OSPFV3 resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This resource module configures and manages attributes of OSPFv3 routes on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="4">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>A provided OSPFv3 route configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>areas</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>OSPFv3 area.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>area_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>OSPFv3 Area name/identity.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>export_list</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of export-list.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>import_list</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of import-list.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>range</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Summarize routes matching prefix (border routers only).</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>border router IPv4 address.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>advertise</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Advertise this range.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>not_advertise</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Don't advertise this range.</div> + </td> + </tr> + + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>parameters</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>router_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Override the default router identifier.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>redistribute</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Redistribute information from another routing protocol.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_map</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Route map references.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>route_type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>bgp</li> + <li>connected</li> + <li>kernel</li> + <li>ripng</li> + <li>static</li> + </ul> + </td> + <td> + <div>Route type to redistribute.</div> + </td> + </tr> + + + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep ospfv3</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>deleted</li> + <li>parsed</li> + <li>gathered</li> + <li>rendered</li> + </ul> + </td> + <td> + <div>The state the configuration should be left in.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos# run show configuration commands | grep ospfv3 + # + # + - name: Merge the provided configuration with the exisiting running configuration + vyos.vyos.vyos_ospfv3: + config: + redistribute: + - route_type: bgp + parameters: + router_id: 192.0.2.10 + areas: + - area_id: '2' + export_list: export1 + import_list: import1 + range: + - address: 2001:db10::/32 + - address: 2001:db20::/32 + - address: 2001:db30::/32 + - area_id: '3' + range: + - address: 2001:db40::/32 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": {} + # + # "commands": [ + # "set protocols ospfv3 redistribute bgp", + # "set protocols ospfv3 parameters router-id '192.0.2.10'", + # "set protocols ospfv3 area 2 range 2001:db10::/32", + # "set protocols ospfv3 area 2 range 2001:db20::/32", + # "set protocols ospfv3 area 2 range 2001:db30::/32", + # "set protocols ospfv3 area '2'", + # "set protocols ospfv3 area 2 export-list export1", + # "set protocols ospfv3 area 2 import-list import1", + # "set protocols ospfv3 area '3'", + # "set protocols ospfv3 area 3 range 2001:db40::/32" + # ] + # + # "after": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db20::/32" + # }, + # { + # "address": "2001:db30::/32" + # } + # ] + # }, + # { + # "area_id": "3", + # "range": [ + # { + # "address": "2001:db40::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db20::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 3 range '2001:db40::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db20::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 3 range '2001:db40::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + # + - name: Replace ospfv3 routes attributes configuration. + vyos.vyos.vyos_ospfv3: + config: + redistribute: + - route_type: bgp + parameters: + router_id: 192.0.2.10 + areas: + - area_id: '2' + export_list: export1 + import_list: import1 + range: + - address: 2001:db10::/32 + - address: 2001:db30::/32 + - address: 2001:db50::/32 + - area_id: '4' + range: + - address: 2001:db60::/32 + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db20::/32" + # }, + # { + # "address": "2001:db30::/32" + # } + # ] + # }, + # { + # "area_id": "3", + # "range": [ + # { + # "address": "2001:db40::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + # + # "commands": [ + # "delete protocols ospfv3 area 2 range 2001:db20::/32", + # "delete protocols ospfv3 area 3", + # "set protocols ospfv3 area 2 range 2001:db50::/32", + # "set protocols ospfv3 area '4'", + # "set protocols ospfv3 area 4 range 2001:db60::/32" + # ] + # + # "after": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db30::/32" + # }, + # { + # "address": "2001:db50::/32" + # } + # ] + # }, + # { + # "area_id": "4", + # "range": [ + # { + # "address": "2001:db60::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 2 range '2001:db50::/32' + # set protocols ospfv3 area 4 range '2001:db60::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_ospfv3: + config: + redistribute: + - route_type: bgp + parameters: + router_id: 192.0.2.10 + areas: + - area_id: '2' + export_list: export1 + import_list: import1 + range: + - address: 2001:db10::/32 + - address: 2001:db20::/32 + - address: 2001:db30::/32 + - area_id: '3' + range: + - address: 2001:db40::/32 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # [ + # "set protocols ospfv3 redistribute bgp", + # "set protocols ospfv3 parameters router-id '192.0.2.10'", + # "set protocols ospfv3 area 2 range 2001:db10::/32", + # "set protocols ospfv3 area 2 range 2001:db20::/32", + # "set protocols ospfv3 area 2 range 2001:db30::/32", + # "set protocols ospfv3 area '2'", + # "set protocols ospfv3 area 2 export-list export1", + # "set protocols ospfv3 area 2 import-list import1", + # "set protocols ospfv3 area '3'", + # "set protocols ospfv3 area 3 range 2001:db40::/32" + # ] + + + # Using parsed + # + # + - name: Parse the commands to provide structured configuration. + vyos.vyos.vyos_ospfv3: + running_config: + "set protocols ospfv3 area 2 export-list 'export1' + set protocols ospfv3 area 2 import-list 'import1' + set protocols ospfv3 area 2 range '2001:db10::/32' + set protocols ospfv3 area 2 range '2001:db20::/32' + set protocols ospfv3 area 2 range '2001:db30::/32' + set protocols ospfv3 area 3 range '2001:db40::/32' + set protocols ospfv3 parameters router-id '192.0.2.10' + set protocols ospfv3 redistribute 'bgp'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db20::/32" + # }, + # { + # "address": "2001:db30::/32" + # } + # ] + # }, + # { + # "area_id": "3", + # "range": [ + # { + # "address": "2001:db40::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db20::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 3 range '2001:db40::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + # + - name: Gather ospfv3 routes config with provided configurations + vyos.vyos.vyos_ospfv3: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db20::/32" + # }, + # { + # "address": "2001:db30::/32" + # } + # ] + # }, + # { + # "area_id": "3", + # "range": [ + # { + # "address": "2001:db40::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + # + # After state: + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db20::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 3 range '2001:db40::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + + + # Using deleted + # + # Before state + # ------------- + # + # vyos@192# run show configuration commands | grep ospfv3 + # set protocols ospfv3 area 2 export-list 'export1' + # set protocols ospfv3 area 2 import-list 'import1' + # set protocols ospfv3 area 2 range '2001:db10::/32' + # set protocols ospfv3 area 2 range '2001:db20::/32' + # set protocols ospfv3 area 2 range '2001:db30::/32' + # set protocols ospfv3 area 3 range '2001:db40::/32' + # set protocols ospfv3 parameters router-id '192.0.2.10' + # set protocols ospfv3 redistribute 'bgp' + # + - name: Delete attributes of ospfv3 routes. + vyos.vyos.vyos_ospfv3: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": { + # "areas": [ + # { + # "area_id": "2", + # "export_list": "export1", + # "import_list": "import1", + # "range": [ + # { + # "address": "2001:db10::/32" + # }, + # { + # "address": "2001:db20::/32" + # }, + # { + # "address": "2001:db30::/32" + # } + # ] + # }, + # { + # "area_id": "3", + # "range": [ + # { + # "address": "2001:db40::/32" + # } + # ] + # } + # ], + # "parameters": { + # "router_id": "192.0.2.10" + # }, + # "redistribute": [ + # { + # "route_type": "bgp" + # } + # ] + # } + # "commands": [ + # "delete protocols ospfv3" + # ] + # + # "after": {} + # After state + # ------------ + # vyos@192# run show configuration commands | grep ospfv3 + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set protocols ospf parameters router-id 192.0.1.1', "set protocols ospfv3 area 2 range '2001:db10::/32'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_ping_module.rst b/docs/vyos.vyos.vyos_ping_module.rst new file mode 100644 index 0000000..a75eb90 --- /dev/null +++ b/docs/vyos.vyos.vyos_ping_module.rst @@ -0,0 +1,431 @@ +:orphan: + +.. _vyos.vyos.vyos_ping_module: + + +******************* +vyos.vyos.vyos_ping +******************* + +**Tests reachability using ping from VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Tests reachability using ping from a VyOS device to a remote destination. +- Tested against VyOS 1.1.8 (helium) +- For a general purpose network module, see the :ref:`net_ping <net_ping_module>` module. +- For Windows targets, use the :ref:`win_ping <win_ping_module>` module instead. +- For targets running Python, use the :ref:`ping <ping_module>` module instead. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>count</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">5</div> + </td> + <td> + <div>Number of packets to send to check reachability.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>dest</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>The IP Address or hostname (resolvable by the device) of the remote node.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interval</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Determines the interval (in seconds) between consecutive pings.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>size</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Determines the size (in bytes) of the ping packet(s).</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>source</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The source interface or IP Address to use while sending the ping packet(s).</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>absent</li> + <li><div style="color: blue"><b>present</b> ←</div></li> + </ul> + </td> + <td> + <div>Determines if the expected result is success or fail.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ttl</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>The time-to-live value for the ICMP packet(s).</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - For a general purpose network module, see the :ref:`net_ping <net_ping_module>` module. + - For Windows targets, use the :ref:`win_ping <win_ping_module>` module instead. + - For targets running Python, use the :ref:`ping <ping_module>` module instead. + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Test reachability to 10.10.10.10 + vyos.vyos.vyos_ping: + dest: 10.10.10.10 + + - name: Test reachability to 10.20.20.20 using source and ttl set + vyos.vyos.vyos_ping: + dest: 10.20.20.20 + source: eth0 + ttl: 128 + + - name: Test unreachability to 10.30.30.30 using interval + vyos.vyos.vyos_ping: + dest: 10.30.30.30 + interval: 3 + state: absent + + - name: Test reachability to 10.40.40.40 setting count and source + vyos.vyos.vyos_ping: + dest: 10.40.40.40 + source: eth1 + count: 20 + size: 512 + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>List of commands sent.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['ping 10.8.38.44 count 10 interface eth0 ttl 128']</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>packet_loss</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td>always</td> + <td> + <div>Percentage of packets lost.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">0%</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>packets_rx</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td>always</td> + <td> + <div>Packets successfully received.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">20</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>packets_tx</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td>always</td> + <td> + <div>Packets successfully transmitted.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">20</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>rtt</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td>when ping succeeds</td> + <td> + <div>The round trip time (RTT) stats.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">{'avg': 2, 'max': 8, 'min': 1, 'mdev': 24}</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nilashish Chakraborty (@NilashishC) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_static_route_module.rst b/docs/vyos.vyos.vyos_static_route_module.rst new file mode 100644 index 0000000..7a8013e --- /dev/null +++ b/docs/vyos.vyos.vyos_static_route_module.rst @@ -0,0 +1,360 @@ +:orphan: + +.. _vyos.vyos.vyos_static_route_module: + + +*************************** +vyos.vyos.vyos_static_route +*************************** + +**(deprecated, removed after 2022-06-01) Manage static IP routes on Vyatta VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + +DEPRECATED +---------- +:Removed in collection release after 2022-06-01 +:Why: Updated modules released with more functionality. +:Alternative: vyos_static_routes + + + +Synopsis +-------- +- This module provides declarative management of static IP routes on Vyatta VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>admin_distance</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Admin distance of the static route.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td> + </td> + <td> + <div>List of static route definitions</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>mask</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Network prefix mask of the static route.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>next_hop</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Next hop IP of the static route.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>prefix</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Network prefix of the static route. <code>mask</code> param should be ignored if <code>prefix</code> is provided with <code>mask</code> value <code>prefix/mask</code>.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>State of the static route configuration.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure static route + vyos.vyos.vyos_static_route: + prefix: 192.168.2.0 + mask: 24 + next_hop: 10.0.0.1 + + - name: configure static route prefix/mask + vyos.vyos.vyos_static_route: + prefix: 192.168.2.0/16 + next_hop: 10.0.0.1 + + - name: remove configuration + vyos.vyos.vyos_static_route: + prefix: 192.168.2.0 + mask: 16 + next_hop: 10.0.0.1 + state: absent + + - name: configure aggregates of static routes + vyos.vyos.vyos_static_route: + aggregate: + - {prefix: 192.168.2.0, mask: 24, next_hop: 10.0.0.1} + - {prefix: 192.168.3.0, mask: 16, next_hop: 10.0.2.1} + - {prefix: 192.168.3.0/16, next_hop: 10.0.2.1} + + - name: Remove static route collections + vyos.vyos.vyos_static_route: + aggregate: + - {prefix: 172.24.1.0/24, next_hop: 192.168.42.64} + - {prefix: 172.24.3.0/24, next_hop: 192.168.42.64} + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set protocols static route 192.168.2.0/16 next-hop 10.0.0.1']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +- This module will be removed in version . *[deprecated]* +- For more information see `DEPRECATED`_. + + +Authors +~~~~~~~ + +- Trishna Guha (@trishnaguha) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_static_routes_module.rst b/docs/vyos.vyos.vyos_static_routes_module.rst new file mode 100644 index 0000000..f73693c --- /dev/null +++ b/docs/vyos.vyos.vyos_static_routes_module.rst @@ -0,0 +1,1168 @@ +:orphan: + +.. _vyos.vyos.vyos_static_routes_module: + + +**************************** +vyos.vyos.vyos_static_routes +**************************** + +**Static routes resource module** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module manages attributes of static routes on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="5">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A provided static route configuration.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="4"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address_families</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A dictionary specifying the address family to which the static route(s) belong.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>afi</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>ipv4</li> + <li>ipv6</li> + </ul> + </td> + <td> + <div>Specifies the type of route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="3"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>routes</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>A ditionary that specify the static route configurations.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>blackhole_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div>Configured to silently discard packets.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>distance</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Distance for the route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>type</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This is to configure only blackhole.</div> + </td> + </tr> + + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>dest</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>An IPv4/v6 address in CIDR notation that specifies the destination network for the static route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>next_hops</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + / <span style="color: purple">elements=dictionary</span> </div> + </td> + <td> + </td> + <td> + <div>Next hops to the specified destination.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>admin_distance</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + </td> + <td> + <div>Distance value for the route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>enabled</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>no</li> + <li>yes</li> + </ul> + </td> + <td> + <div>Disable IPv4/v6 next-hop static route.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>forward_router_address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>The IP address of the next hop that can be used to reach the destination network.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interface</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the outgoing interface.</div> + </td> + </tr> + + + + + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>running_config</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>This option is used only with state <em>parsed</em>.</div> + <div>The value of this option should be the output received from the VyOS device by executing the command <b>show configuration commands | grep static route</b>.</div> + <div>The state <em>parsed</em> reads the configuration from <code>running_config</code> option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the <em>parsed</em> key within the result.</div> + </td> + </tr> + <tr> + <td colspan="5"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>merged</b> ←</div></li> + <li>replaced</li> + <li>overridden</li> + <li>deleted</li> + <li>gathered</li> + <li>rendered</li> + <li>parsed</li> + </ul> + </td> + <td> + <div>The state of the configuration after module completion.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + # Using merged + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands | grep static + # + - name: Merge the provided configuration with the exisiting running configuration + vyos.vyos.vyos_static_routes: + config: + - address_families: + - afi: ipv4 + routes: + - dest: 192.0.2.32/28 + blackhole_config: + type: blackhole + next_hops: + - forward_router_address: 192.0.2.6 + - forward_router_address: 192.0.2.7 + - address_families: + - afi: ipv6 + routes: + - dest: 2001:db8:1000::/36 + blackhole_config: + distance: 2 + next_hops: + - forward_router_address: 2001:db8:2000:2::1 + - forward_router_address: 2001:db8:2000:2::2 + state: merged + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # before": [] + # + # "commands": [ + # "set protocols static route 192.0.2.32/28", + # "set protocols static route 192.0.2.32/28 blackhole", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.6'", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.7'", + # "set protocols static route6 2001:db8:1000::/36", + # "set protocols static route6 2001:db8:1000::/36 blackhole distance '2'", + # "set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1'", + # "set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'" + # ] + # + # "after": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.6" + # }, + # { + # "forward_router_address": "192.0.2.7" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + + + # Using replaced + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route 192.0.2.33/28 'blackhole' + # set protocols static route 192.0.2.33/28 next-hop '192.0.2.3' + # set protocols static route 192.0.2.33/28 next-hop '192.0.2.4' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + # + - name: Replace device configurations of listed static routes with provided configurations + vyos.vyos.vyos_static_routes: + config: + - address_families: + - afi: ipv4 + routes: + - dest: 192.0.2.32/28 + blackhole_config: + distance: 2 + next_hops: + - forward_router_address: 192.0.2.7 + enabled: false + - forward_router_address: 192.0.2.9 + state: replaced + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.6" + # }, + # { + # "forward_router_address": "192.0.2.7" + # } + # ] + # }, + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.33/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.3" + # }, + # { + # "forward_router_address": "192.0.2.4" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # "commands": [ + # "delete protocols static route 192.0.2.32/28 next-hop '192.0.2.6'", + # "delete protocols static route 192.0.2.32/28 next-hop '192.0.2.7'", + # "set protocols static route 192.0.2.32/28 next-hop 192.0.2.7 'disable'", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.7'", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.9'", + # "set protocols static route 192.0.2.32/28 blackhole distance '2'" + # ] + # + # "after": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "enabled": false, + # "forward_router_address": "192.0.2.7" + # }, + # { + # "forward_router_address": "192.0.2.9" + # } + # ] + # }, + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.33/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.3" + # }, + # { + # "forward_router_address": "192.0.2.4" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 blackhole distance '2' + # set protocols static route 192.0.2.32/28 next-hop 192.0.2.7 'disable' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.9' + # set protocols static route 192.0.2.33/28 'blackhole' + # set protocols static route 192.0.2.33/28 next-hop '192.0.2.3' + # set protocols static route 192.0.2.33/28 next-hop '192.0.2.4' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + + + # Using overridden + # + # Before state + # -------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 blackhole distance '2' + # set protocols static route 192.0.2.32/28 next-hop 192.0.2.7 'disable' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.9' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + # + - name: Overrides all device configuration with provided configuration + vyos.vyos.vyos_static_routes: + config: + - address_families: + - afi: ipv4 + routes: + - dest: 198.0.2.48/28 + next_hops: + - forward_router_address: 192.0.2.18 + state: overridden + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "before": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "enabled": false, + # "forward_router_address": "192.0.2.7" + # }, + # { + # "forward_router_address": "192.0.2.9" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # "commands": [ + # "delete protocols static route 192.0.2.32/28", + # "delete protocols static route6 2001:db8:1000::/36", + # "set protocols static route 198.0.2.48/28", + # "set protocols static route 198.0.2.48/28 next-hop '192.0.2.18'" + # + # + # "after": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "dest": "198.0.2.48/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.18" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # + # After state + # ------------ + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 198.0.2.48/28 next-hop '192.0.2.18' + + + # Using deleted to delete static route based on afi + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + # + - name: Delete static route based on afi. + vyos.vyos.vyos_static_routes: + config: + - address_families: + - afi: ipv4 + - afi: ipv6 + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.6" + # }, + # { + # "forward_router_address": "192.0.2.7" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # "commands": [ + # "delete protocols static route", + # "delete protocols static route6" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep static + # set protocols 'static' + + + # Using deleted to delete all the static routes when passes config is empty + # + # Before state + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + # + - name: Delete all the static routes. + vyos.vyos.vyos_static_routes: + config: + state: deleted + # + # + # ------------------------ + # Module Execution Results + # ------------------------ + # + # "before": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.6" + # }, + # { + # "forward_router_address": "192.0.2.7" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # "commands": [ + # "delete protocols static route", + # "delete protocols static route6" + # ] + # + # "after": [] + # After state + # ------------ + # vyos@vyos# run show configuration commands | grep static + # set protocols 'static' + + + # Using rendered + # + # + - name: Render the commands for provided configuration + vyos.vyos.vyos_static_routes: + config: + - address_families: + - afi: ipv4 + routes: + - dest: 192.0.2.32/28 + blackhole_config: + type: blackhole + next_hops: + - forward_router_address: 192.0.2.6 + - forward_router_address: 192.0.2.7 + - address_families: + - afi: ipv6 + routes: + - dest: 2001:db8:1000::/36 + blackhole_config: + distance: 2 + next_hops: + - forward_router_address: 2001:db8:2000:2::1 + - forward_router_address: 2001:db8:2000:2::2 + state: rendered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "rendered": [ + # "set protocols static route 192.0.2.32/28", + # "set protocols static route 192.0.2.32/28 blackhole", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.6'", + # "set protocols static route 192.0.2.32/28 next-hop '192.0.2.7'", + # "set protocols static route6 2001:db8:1000::/36", + # "set protocols static route6 2001:db8:1000::/36 blackhole distance '2'", + # "set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1'", + # "set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'" + # ] + + + # Using parsed + # + # + - name: Parse the provided running configuration + vyos.vyos.vyos_static_routes: + running_config: + "set protocols static route 192.0.2.32/28 'blackhole' + set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'" + state: parsed + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # + # "parsed": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + + + # Using gathered + # + # Before state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + # + - name: Gather listed static routes with provided configurations + vyos.vyos.vyos_static_routes: + config: + state: gathered + # + # + # ------------------------- + # Module Execution Result + # ------------------------- + # + # "gathered": [ + # { + # "address_families": [ + # { + # "afi": "ipv4", + # "routes": [ + # { + # "blackhole_config": { + # "type": "blackhole" + # }, + # "dest": "192.0.2.32/28", + # "next_hops": [ + # { + # "forward_router_address": "192.0.2.6" + # }, + # { + # "forward_router_address": "192.0.2.7" + # } + # ] + # } + # ] + # }, + # { + # "afi": "ipv6", + # "routes": [ + # { + # "blackhole_config": { + # "distance": 2 + # }, + # "dest": "2001:db8:1000::/36", + # "next_hops": [ + # { + # "forward_router_address": "2001:db8:2000:2::1" + # }, + # { + # "forward_router_address": "2001:db8:2000:2::2" + # } + # ] + # } + # ] + # } + # ] + # } + # ] + # + # + # After state: + # ------------- + # + # vyos@vyos:~$ show configuration commands| grep static + # set protocols static route 192.0.2.32/28 'blackhole' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.6' + # set protocols static route 192.0.2.32/28 next-hop '192.0.2.7' + # set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + # set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + + + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>after</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when changed</td> + <td> + <div>The resulting configuration model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>before</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The configuration prior to the model invocation.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format + of the parameters above.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The set of commands pushed to the remote device.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set protocols static route 192.0.2.32/28 next-hop '192.0.2.6'", "set protocols static route 192.0.2.32/28 'blackhole'"]</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Rohit Thakur (@rohitthakur2590) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_system_module.rst b/docs/vyos.vyos.vyos_system_module.rst new file mode 100644 index 0000000..c74f3f7 --- /dev/null +++ b/docs/vyos.vyos.vyos_system_module.rst @@ -0,0 +1,320 @@ +:orphan: + +.. _vyos.vyos.vyos_system_module: + + +********************* +vyos.vyos.vyos_system +********************* + +**Run `set system` commands on VyOS devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- Runs one or more commands on remote devices running VyOS. This module can also be introspected to validate key parameters before returning successfully. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>domain_name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The new domain name to apply to the device.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>domain_search</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>A list of domain names to search. Mutually exclusive with <em>name_server</em></div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host_name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Configure the device hostname parameter. This option takes an ASCII string value.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name_servers</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>A list of name servers to use with the device. Mutually exclusive with <em>domain_search</em></div> + <div style="font-size: small; color: darkgreen"><br/>aliases: name_server</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>Whether to apply (<code>present</code>) or remove (<code>absent</code>) the settings.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: configure hostname and domain-name + vyos.vyos.vyos_system: + host_name: vyos01 + domain_name: test.example.com + + - name: remove all configuration + vyos.vyos.vyos_system: + state: absent + + - name: configure name servers + vyos.vyos.vyos_system: name_servers - 8.8.8.8 - 8.8.4.4 + - name: configure domain search suffixes + vyos.vyos.vyos_system: + domain_search: + - sub1.example.com + - sub2.example.com + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set system hostname vyos01', 'set system domain-name foo.example.com']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Nathaniel Case (@Qalthos) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_user_module.rst b/docs/vyos.vyos.vyos_user_module.rst new file mode 100644 index 0000000..9bf6720 --- /dev/null +++ b/docs/vyos.vyos.vyos_user_module.rst @@ -0,0 +1,379 @@ +:orphan: + +.. _vyos.vyos.vyos_user_module: + + +******************* +vyos.vyos.vyos_user +******************* + +**Manage the collection of local users on VyOS device** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module provides declarative management of the local usernames configured on network devices. It allows playbooks to manage either individual usernames or the collection of usernames in the current running config. It also supports purging usernames from the configuration that are not explicitly defined. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The set of username objects to be configured on the remote VyOS device. The list entries can either be the username or a hash of username and properties. This argument is mutually exclusive with the <code>name</code> argument.</div> + <div style="font-size: small; color: darkgreen"><br/>aliases: users, collection</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>configured_password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The password to be configured on the VyOS device. The password needs to be provided in clear and it will be encrypted on the device. Please note that this option is not same as <code>provider password</code>.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>full_name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The <code>full_name</code> argument provides the full name of the user account to be created on the remote device. This argument accepts any text string value.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>level</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The <code>level</code> argument configures the level of the user when logged into the system. This argument accepts string values admin or operator.</div> + <div style="font-size: small; color: darkgreen"><br/>aliases: role</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>The username to be configured on the VyOS device. This argument accepts a string value and is mutually exclusive with the <code>aggregate</code> argument. Please note that this option is not same as <code>provider username</code>.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>purge</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>no</b> ←</div></li> + <li>yes</li> + </ul> + </td> + <td> + <div>Instructs the module to consider the resource definition absolute. It will remove any previously configured usernames on the device with the exception of the `admin` user (the current defined set of users).</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>Configures the state of the username definition as it relates to the device operational configuration. When set to <em>present</em>, the username(s) should be configured in the device active configuration and when set to <em>absent</em> the username(s) should not be in the device active configuration</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>update_password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li>on_create</li> + <li><div style="color: blue"><b>always</b> ←</div></li> + </ul> + </td> + <td> + <div>Since passwords are encrypted in the device running config, this argument will instruct the module when to change the password. When set to <code>always</code>, the password will always be updated in the device and when set to <code>on_create</code> the password will be updated only if the username is created.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: create a new user + vyos.vyos.vyos_user: + name: ansible + configured_password: password + state: present + - name: remove all users except admin + vyos.vyos.vyos_user: + purge: yes + - name: set multiple users to level operator + vyos.vyos.vyos_user: + aggregate: + - name: netop + - name: netend + level: operator + state: present + - name: Change Password for User netop + vyos.vyos.vyos_user: + name: netop + configured_password: '{{ new_password }}' + update_password: always + state: present + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set system login user test level operator', 'set system login user authentication plaintext-password password']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Trishna Guha (@trishnaguha) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. diff --git a/docs/vyos.vyos.vyos_vlan_module.rst b/docs/vyos.vyos.vyos_vlan_module.rst new file mode 100644 index 0000000..28f0c8c --- /dev/null +++ b/docs/vyos.vyos.vyos_vlan_module.rst @@ -0,0 +1,407 @@ +:orphan: + +.. _vyos.vyos.vyos_vlan_module: + + +******************* +vyos.vyos.vyos_vlan +******************* + +**Manage VLANs on VyOS network devices** + + +Version added: 1.0.0 + +.. contents:: + :local: + :depth: 1 + + +Synopsis +-------- +- This module provides declarative management of VLANs on VyOS network devices. + + + + +Parameters +---------- + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="2">Parameter</th> + <th>Choices/<font color="blue">Defaults</font></th> + <th width="100%">Comments</th> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>address</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Configure Virtual interface address.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>aggregate</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>List of VLANs definitions.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>associated_interfaces</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>This is a intent option and checks the operational state of the for given vlan <code>name</code> for associated interfaces. If the value in the <code>associated_interfaces</code> does not match with the operational state of vlan on device it will result in failure.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>delay</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Delay the play should wait to check for declarative intent params values.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>interfaces</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>List of interfaces that should be associated to the VLAN.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>name</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + </td> + <td> + <div>Name of the VLAN.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>provider</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">dictionary</span> + </div> + </td> + <td> + </td> + <td> + <div><b>Deprecated</b></div> + <div>Starting with Ansible 2.5 we recommend using <code>connection: network_cli</code>.</div> + <div>For more information please see the <a href='../network/getting_started/network_differences.html#multiple-communication-protocols'>Network Guide</a>.</div> + <div><hr/></div> + <div>A dict object containing connection details.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>host</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>Specifies the DNS host name or address for connecting to the remote device over the specified transport. The value of host is used as the destination address for the transport.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>password</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the password to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_PASSWORD</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>port</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">22</div> + </td> + <td> + <div>Specifies the port to use when building the connection to the remote device.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>ssh_keyfile</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">path</span> + </div> + </td> + <td> + </td> + <td> + <div>Specifies the SSH key to use to authenticate the connection to the remote device. This value is the path to the key used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_SSH_KEYFILE</code> will be used instead.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>timeout</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">integer</span> + </div> + </td> + <td> + <b>Default:</b><br/><div style="color: blue">10</div> + </td> + <td> + <div>Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.</div> + </td> + </tr> + <tr> + <td class="elbow-placeholder"></td> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>username</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">string</span> + </div> + </td> + <td> + </td> + <td> + <div>Configures the username to use to authenticate the connection to the remote device. This value is used to authenticate the SSH session. If the value is not specified in the task, the value of environment variable <code>ANSIBLE_NET_USERNAME</code> will be used instead.</div> + </td> + </tr> + + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>purge</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">boolean</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>no</b> ←</div></li> + <li>yes</li> + </ul> + </td> + <td> + <div>Purge VLANs not defined in the <em>aggregate</em> parameter.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>state</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + </div> + </td> + <td> + <ul style="margin: 0; padding: 0"><b>Choices:</b> + <li><div style="color: blue"><b>present</b> ←</div></li> + <li>absent</li> + </ul> + </td> + <td> + <div>State of the VLAN configuration.</div> + </td> + </tr> + <tr> + <td colspan="2"> + <div class="ansibleOptionAnchor" id="parameter-"></div> + <b>vlan_id</b> + <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> + <div style="font-size: small"> + <span style="color: purple">-</span> + / <span style="color: red">required</span> </div> + </td> + <td> + </td> + <td> + <div>ID of the VLAN. Range 0-4094.</div> + </td> + </tr> + </table> + <br/> + + +Notes +----- + +.. note:: + - Tested against VyOS 1.1.8 (helium). + - This module works with connection ``network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. + - For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + - name: Create vlan + vyos.vyos.vyos_vlan: + vlan_id: 100 + name: vlan-100 + interfaces: eth1 + state: present + + - name: Add interfaces to VLAN + vyos.vyos.vyos_vlan: + vlan_id: 100 + interfaces: + - eth1 + - eth2 + + - name: Configure virtual interface address + vyos.vyos.vyos_vlan: + vlan_id: 100 + interfaces: eth1 + address: 172.26.100.37/24 + + - name: vlan interface config + intent + vyos.vyos.vyos_vlan: + vlan_id: 100 + interfaces: eth0 + associated_interfaces: + - eth0 + + - name: vlan intent check + vyos.vyos.vyos_vlan: + vlan_id: 100 + associated_interfaces: + - eth3 + - eth4 + + - name: Delete vlan + vyos.vyos.vyos_vlan: + vlan_id: 100 + interfaces: eth1 + state: absent + + + + +Return Values +------------- +Common return values are documented `here <https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values>`_, the following are the fields unique to this module: + +.. raw:: html + + <table border=0 cellpadding=0 class="documentation-table"> + <tr> + <th colspan="1">Key</th> + <th>Returned</th> + <th width="100%">Description</th> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>commands</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>always</td> + <td> + <div>The list of configuration mode commands to send to the device</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">['set interfaces ethernet eth1 vif 100 description VLAN 100', 'set interfaces ethernet eth1 vif 100 address 172.26.100.37/24', 'delete interfaces ethernet eth1 vif 100']</div> + </td> + </tr> + </table> + <br/><br/> + + +Status +------ + + +Authors +~~~~~~~ + +- Trishna Guha (@trishnaguha) + + +.. hint:: + Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up. |