ansible check and diff mode not working
39 views
Skip to first unread message
Shyam Sunder
Jul 14, 2020, 1:46:13 PM7/14/20
to Ansible Project
Hi,
I was going thru this post (https://blog.networktocode.com/post/generating-diff-with-ansible/) where its mentioned that we can use check and diff mode together. I am trying to use that for gold config audit (audit pre decided config against what is present on device) for Cisco and Extreme devices. Below is my playbook –
# task to audit & heal ntp configuration
- name: Set NTP template
ios_config:
src: "{{domain}}_{{ansible_network_os}}_ntp.cfg"
match: line
register: ntp_resultBelow is my template -
ntp server 10.19.70.1Ansible highlighting that it is going to change the config. Below is what result I am getting. Surprisingly I am not
getting any config diff.
"ntp_result": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"commands": [
"configure ntp server add x.x.x.x"
],
"failed": false,
"updates": [
"configure ntp server add x.x.x.x"
],
"warnings": [
"unable to perform diff against running-config due to check mode"
]
}Why I am not getting config diff? Any idea what is wrong?
Srinivas Naram
Jul 15, 2020, 3:25:23 AM7/15/20
to ansible...@googlegroups.com
Hello Shyam
It is how the output is displayed. In your output updates are showing the difference in running config and your cfg file.
"updates": [
"configure ntp server add x.x.x.x"
],
"configure ntp server add x.x.x.x"
],
I don't see any issue with the output. Did you try changing the ntp setting on the device yourself and check out the difference in output ?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/cc54e580-7642-4c51-a093-4a691b85cd2fo%40googlegroups.com.
Shyam Sunder
Jul 15, 2020, 4:08:03 AM7/15/20
to Ansible Project
Thanks for reply. Yes below is my intended config -
But on device we have different ntp server configured -
Here in updates section, ansible guiding me that its going to push this NTP config. But what config already exits is not mentioned or pushing against what config is not shown. Do anyone has any working example of this?
Why there is a warning shown that it can't diff when check mode is enabled? In documentation (https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html) its mentioned that we can use these together.
ntp server 10.19.70.1But on device we have different ntp server configured -
ntp server 10.19.60.9Here in updates section, ansible guiding me that its going to push this NTP config. But what config already exits is not mentioned or pushing against what config is not shown. Do anyone has any working example of this?
Why there is a warning shown that it can't diff when check mode is enabled? In documentation (https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html) its mentioned that we can use these together.
-Shyam
To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com.
Stefan Hornburg (Racke)
Jul 15, 2020, 4:30:45 AM7/15/20
to ansible...@googlegroups.com
On 7/15/20 10:08 AM, Shyam Sunder wrote:
> Thanks for reply. Yes below is my intended config -
> |
> ntp server 10.19.70.1
> |
>
> But on device we have different ntp server configured -
> |
> ntp server 10.19.60.9
> |
> *
> Thanks for reply. Yes below is my intended config -
> |
> ntp server 10.19.70.1
> |
>
> But on device we have different ntp server configured -
> |
> ntp server 10.19.60.9
> |
> Here in updates section, ansible guiding me that its going to push this NTP config. But what config already exits is not
> mentioned or pushing against what config is not shown. Do anyone has any working example of this?
>
> Why there is a warning shown that it can't diff when check mode is enabled? In documentation
> (https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html) its mentioned that we can use these together.*
> mentioned or pushing against what config is not shown. Do anyone has any working example of this?
>
> Why there is a warning shown that it can't diff when check mode is enabled? In documentation
It looks like a shortcoming of this module. Usually --check and --diff works together without hassle.
Regards
Racke
>
> -Shyam
>
> On Wednesday, July 15, 2020 at 12:55:23 PM UTC+5:30, Srinivas Naram wrote:
>
> Hello Shyam
>
> It is how the output is displayed. In your output updates are showing the difference in running config and your cfg
> file.
>
> "updates": [
> "configure ntp server add x.x.x.x"
> ],
>
> I don't see any issue with the output. Did you try changing the ntp setting on the device yourself and check out the
> difference in output ?
>
>
> Hi,____
> <https://blog.networktocode.com/post/generating-diff-with-ansible/>) where its mentioned that we can use check
> and diff mode together. I am trying to use that for gold config audit (audit pre decided config against what is
> present on device) for Cisco and Extreme devices. Below is my playbook –____
>
>
> |
> # task to audit & heal ntp configuration
> -name:SetNTP template
>
> |
> # task to audit & heal ntp configuration
> ios_config:
> src:"{{domain}}_{{ansible_network_os}}_ntp.cfg"
> match:line
> register:ntp_result
> |
>
>
> ____
> src:"{{domain}}_{{ansible_network_os}}_ntp.cfg"
> match:line
> register:ntp_result
> |
>
>
>
> Below is my template -
>
> ____
> Below is my template -
>
>
> |
> ntp server 10.19.70.1
> |
>
> ____
>
> *Ansible highlighting that it is going to change the config. Below is what result I am getting. Surprisingly I
> am not getting any config diff.*
>
> ____
>
>
> |
> "ntp_result":{
> "ansible_facts":{
> "discovered_interpreter_python":"/usr/bin/python"
> },
> "changed":true,
> "commands":[
> "configure ntp server add x.x.x.x"
> ],
> "failed":false,
> "updates":[
> "configure ntp server add x.x.x.x"
> ],
> "warnings":[
> "unable to perform diff against running-config due to check mode"
> ]
> }
> |
>
>
> ____
>
> |
> "ntp_result":{
> "ansible_facts":{
> "discovered_interpreter_python":"/usr/bin/python"
> },
> "changed":true,
> "commands":[
> "configure ntp server add x.x.x.x"
> ],
> "failed":false,
> "updates":[
> "configure ntp server add x.x.x.x"
> ],
> "warnings":[
> "unable to perform diff against running-config due to check mode"
> ]
> }
> |
>
>
>
>
> *Why I am not getting config diff? Any idea what is wrong?*____
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com
> <javascript:>.
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/cc54e580-7642-4c51-a093-4a691b85cd2fo%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/cc54e580-7642-4c51-a093-4a691b85cd2fo%40googlegroups.com?utm_medium=email&utm_source=footer>.
> https://groups.google.com/d/msgid/ansible-project/cc54e580-7642-4c51-a093-4a691b85cd2fo%40googlegroups.com
>
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1be4d964-ae70-4e72-a351-d6bed135c383o%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/1be4d964-ae70-4e72-a351-d6bed135c383o%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
Shyam Sunder
Jul 15, 2020, 4:40:46 AM7/15/20
to Ansible Project
I am sure if that is true. Because I could reproduce this for other network modules also like (exos_config, eos_config). In the first tutorial (https://blog.networktocode.com/post/generating-diff-with-ansible/) I posted, its mentioned that these module support diff & check mode. But no sample exits online. Somehow its not working for me. I thought someone could guide with this.
-Shyam
Reply all
Reply to author
Forward
0 new messages