ios_template, nxos_template breaking order of src config

[David Vávra]

Hi, I would like to clarify how network template modules are handling given src configuration because so far I've found out several cases where its breaking the order of configuration commands. 

This is my used playbook.

For example: 

tmplconfig.j2 : 

vlan 901 

name 0901-vlan

vlan 902 

name 0902-vlan

vlan 903 

name 0903-vlan

vlan 411 

name 0411-vlan

vlan 427 

name 0427-vlan

vlan 419 

name 0419-vlan

vlan 870 

name 0870-vlan

vlan 550

name 0550-vlan

vlan 554 

name 0554-vlan

for ios_template and nxos_template returns something like this: 

TASK [debug] *******************************************************************

ok: [switch-test] => {

    "template": {

        "changed": true, 

        "updates": [

            "vlan 411", 

            "vlan 413", 

            "vlan 415", 

            "name 0415-vlan", 

            "name 0552-vlan", 

            "name 0413-vlan", 

            "vlan 551", 

            "name 0551-vlan", 

            "vlan 552", 

            "vlan 870 ", 

            "name 0870-vlan", 

            "name 0411-vlan"

        ]

    }

}

Single space intendation corrects this for IOS, doublespace for NXOS. 

So, I have to use something like this:

vlan 901 

 name 0901-vlan

which is not optimal, because it looks like that it then does not match any existing configuration for the vlans (because of the two leading spaces before name vlan configuration subcommand). 

====

When I try to configure SNMP community and ACL, I get the followint results: 

tmplconfig.j2:

ip access-list standard SNMP

 permit 10.4.6.14

 permit 10.3.5.14

snmp-server community public RO SNMP

IOS is basically fine, but SNMP community configuration and ACL are applied in the different order.

TASK [debug] *******************************************************************

ok: [switch-ios] => {

    "template": {

        "changed": true,

        "updates": [

            "snmp-server community public RO SNMP",

            "ip access-list standard SNMP",

            " permit 10.4.6.14",

            " permit 10.3.5.14"

        ]

    }

}

NXOS is broken: 

ok: [switch-nxos] => {

    "template": {

        "changed": true,

        "updates": [

            "snmp-server community public RO SNMP",

            " permit 10.4.6.14",

            " permit 10.4.6.14",

            "ip access-list standard SNMP",

            " permit 10.3.5.14",

            " permit 10.3.5.14"

        ]

    }

}

[Peter Sprygada]

ios_template and nxos_template work by reading in the input file,
parsing it and comparing it against a parsed copy of the running config
of the network device. In order for the template module to work
effectively, the input file must match the same block syntax as the
target device. Since ios and nxos use different configuration file
syntax, you must supply two different input files (one for each OS).

In your example, you would need an input file for ios using single space
block indents and a second input file for nxos using two space block
indents.

Also, can you confirm what version of Ansible you are running. There as
an issue with global ordering statements that was fixed before the final
2.1 was released.

On 6/8/16 4:11 AM, David Vávra wrote:
> Hi, I would like to clarify how network template modules are handling given
> src configuration because so far I've found out several cases where its
> breaking the order of configuration commands.
> This is my used playbook

> <https://gist.github.com/anonymous/1fbdf966aea5bf6ff9f85d3a59b0eab0>.

[David Vávra]

Hi Peter, thank you for your quick answer. 

I'm running ansible 2.2.0 with python 2.6.6 . 

Dne čtvrtek 9. června 2016 5:19:19 UTC+2 Peter Sprygada napsal(a):