search

CiscoDevNet / ansible-dcnm

Apache License 2.0
45 stars 36 forks source link

`dncm_policy` does not delete policies based on Policy ID #201

Open jgomezve opened 1 year ago

jgomezve commented 1 year ago

Community Note

Ansible Version and collection version

DCNM version

Affected module(s)

Ansible Playbook

---
- name: Create a Policies in the Nexus Dashboard Fabric Controller
  hosts: ndfc
  gather_facts: no
  tasks:

  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "SIMPL-BROWNFIELD"
      state: deleted          # only choose form [merged, deleted, query]
      config:
        - name: POLICY-261210  # name is mandatory
          switch:
            - ip: 1.2.3.4

Debug Output

PLAY [Create a Policies in the Nexus Dashboard Fabric Controller] ******************************************************************************

TASK [Delete policies using policy-id] *****************************************************************************************************
ok: [NDFC-FRA]

PLAY RECAP *********************************************************************************************************************************
NDFC-FRA

Expected Behavior

Policy is deleted

Actual Behavior

Policy is not deleted

Steps to Reproduce

Execute the playbook. The example is taken from the collection documentation

mmudigon commented 1 year ago

@jgomezve,

Thanks for raising the issue. Can you please give me the complete playbook that you used to create and delete the policy? We will check this and get back to you. If possible please collect ans share the output after executing the command with "-vvvvv" options.

dsx1123 commented 1 year ago

@mmudigon above playbook is enough to recreate this issue, here is the playbook:

---
- name: Delete a Policy in the Nexus Dashboard Fabric Controller
  hosts: ndfc2
  gather_facts: no
  tasks:
  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "fabric_n9kv"
      state: deleted
      config:
        - name: "POLICY-592740"
          switch:
            - ip: 192.168.123.13

and vvvv output: https://gist.github.com/dsx1123/f527ef06f743a478cef9e8953472bfe1

mmudigon commented 1 year ago

The format of the playbook is not correct. The "switch" element is a separate item under "config" and should not be under policies. The correct format is as below:

---
- name: Delete a Policy in the Nexus Dashboard Fabric Controller
  hosts: ndfc2
  gather_facts: no
  tasks:
  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "fabric_n9kv"
      state: deleted
      config:
        - name: "POLICY-592740"
        - switch:
            - ip: 192.168.123.13

Please try this and let me know

mmudigon commented 1 year ago

Hi Shangxin,

The format of the playbook is not as expected. The ”switch” block must be a separate one under config since it is common to all policies. The correct format is as below:

Have responded to the issue in GIT with the same suggestion.

Thanks

Regards Mallik

From: Shangxin Du @.> Date: Tuesday, 28 February 2023 at 00:14 To: CiscoDevNet/ansible-dcnm @.> Cc: MALLIK MUDIGONDA (mmudigon) @.>, Mention @.> Subject: Re: [CiscoDevNet/ansible-dcnm] dncm_policy does not delete policies based on Policy ID (Issue #201)

@mmudigonhttps://github.com/mmudigon above playbook is enough to recreate this issue, here is the playbook:

and vvvv output: https://gist.github.com/dsx1123/f527ef06f743a478cef9e8953472bfe1

— Reply to this email directly, view it on GitHubhttps://github.com/CiscoDevNet/ansible-dcnm/issues/201#issuecomment-1446865759, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AO62E6ICS47QTONRJRJEAP3WZTYWZANCNFSM6AAAAAAVHKDQTM. You are receiving this because you were mentioned.Message ID: @.***>

jgomezve commented 1 year ago

@mmudigon Thanks for you input.

I have tried the playbook below and it does not work. The playbook hangs forever

---
- name: Create a Policies in the Nexus Dashboard Fabric Controller
  hosts: ndfc
  gather_facts: no
  tasks:

  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "SIMPL-BROWNFIELD"
      state: deleted          # only choose form [merged, deleted, query]
      config:
        - name: POLICY-262440  # name is mandatory
        - switch: 
          - ip: 1.2.3.4

Why is the key switch another item inside the list config? In my personal opinion this is misleading for users. The way I see it, the list config is the list of policies to be deleted, each of them with its attributes (name, ip)

Moreover, Why is the switch ip required to delete a policy based on policyId ? According to the REST API Documentation, A policy can be deleted based solely on the Policy ID because a policy maps to a single switch

mmudigon commented 1 year ago

Hi Jorge Gomez,

I tried the same and it works for me. May be we should sync up and see what’s happening in your setup. Ping me when you are in office. I work in India (IST time zone) and we should have some overlapping times.

Regarding the “switch” being under “config”, it was placed there so that we can create multiple policies for the same switch. Also we can have policies under “switch” and these policies will be applicable for that switch alone.

Regarding “switch” in delete operation, delete was originally intended to be used with template names because policy IDs are dynamically allocated. We thought it would be tough for the users to know policy IDs to delete policies. So we added the “switch” to specifically delete policies from the intended switch.

But your point is valid. We will consider this and update the code to take policy ID alone to delete a policy in future versions.

Thanks a lot for your inputs

Thanks

Regards Mallik

From: Jorge Gomez Velasquez @.> Date: Wednesday, 1 March 2023 at 04:51 To: CiscoDevNet/ansible-dcnm @.> Cc: MALLIK MUDIGONDA (mmudigon) @.>, Mention @.> Subject: Re: [CiscoDevNet/ansible-dcnm] dncm_policy does not delete policies based on Policy ID (Issue #201)

@mmudigonhttps://github.com/mmudigon Thanks for you input.

I have tried the playbook below and it does not work. The playbook hangs forever

Why is the key switch another item inside the list config? In my personal opinion this is misleading for users. The way I see it the list config, is the list of policies to be deleted, each of them with its attributes (name, ip)

Moreover, Why is the switch ip required to delete a policy based on policyId ? According to the REST API Documentation, A policy can be deleted based solely on the Policy ID because a policy maps to a single switch

— Reply to this email directly, view it on GitHubhttps://github.com/CiscoDevNet/ansible-dcnm/issues/201#issuecomment-1449077514, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AO62E6ONXLQOMBACPRYSSPLWZ2CANANCNFSM6AAAAAAVHKDQTM. You are receiving this because you were mentioned.Message ID: @.***>