Issue with junos_config module and delete statements
Cody John
---- name: Test junos_config module gather_facts: no connection: local
vars: cli: host: "{{ inventory_hostname }}"
tasks: - name: junos_config ACL test junos_config: provider: "{{ cli }}" backup: yes lines: - set firewall family inet filter ANSIBLE-TEST term ANSIBLE then accept - delete firewall family inet filter ANSIBLE-TEST - set firewall family inet filter ANSIBLE-TEST term TEST-TERM-1 from protocol udp - set firewall family inet filter ANSIBLE-TEST term TEST-TERM-1 then log - set firewall family inet filter ANSIBLE-TEST term TEST-TERM-1 then discard
The first line is there to instantiate the ACL in case it doesn't already exist, in order to prevent any errors when executing the second line which blows away the existing ACL in order to replace it. This worked using junos_template, but when I use junos_config it seems that the second 'delete' statement is not executing and I get this output:
[cns04.sea3:/glide/cns/ansible/playbook/deploy]$ ansible-playbook junos_config_test.yml --check --diff -i inventory --limit test
PLAY [Test junos_config module] ************************************************
TASK [junos_config ACL test] ***************************************************
[edit firewall family inet]
filter ISP-INBOUND { ... }
+ filter ANSIBLE-TEST {
+ term ANSIBLE {
+ then accept;
+ }
+ term TEST-TERM-1 {
+ from {
+ protocol udp;
+ }
+ then {
+ log;
+ discard;
+ }
+ }
+ }
changed: [router_name]
PLAY RECAP *********************************************************************
router_name : ok=1 changed=1 unreachable=0 failed=0
[cns04.sea3:/glide/cns/ansible/playbook/deploy]$
I shouldn't see that ANSIBLE term in the diff if those lines execute in the proper order. I should only see TEST-TERM-1. Any ideas?