CiscoDevNet / ansible-meraki

Cisco Meraki Ansible Collection
GNU General Public License v3.0
60 stars 44 forks source link

meraki_device module no longer query's Public IP's #389

Open mzendan99 opened 1 year ago

mzendan99 commented 1 year ago

Hi, haven't posted on here before, so not sure if I am doing this wrong.

I have been converting my playbooks on RHEL 7.9 & Ansible Version 2.9.27 to RHEL 9 , Ansible Version 2.14.0

Any help/insight would be appreciated.

y0rune commented 1 year ago

Hello! Firstly, can you provide the example code when that incompatibility appeared. Secondly, from the GUI have you got a the same active public IPs?

Thank you!

-- Marcin (y0rune)

mzendan99 commented 1 year ago

Hi Marcin,

It was a really simple query using ansible meraki_device module. When I query a specific network using the serial and store the result in a var, I can see two different results. When debugging, I was able to use Python requests on my RHEL9 machine with Python 3.9 for the actual query and I was able to pull all the public ips for our organization. It is only the ansible module that does not spit out public ips anymore on upgraded versions of ansible/Python. I can scrub the playbook tomorrow at work and show you example outputs of both machines and simple queries.

Thanks for your response! Michael


From: Marcin Woźniak @.> Sent: Sunday, December 4, 2022 7:53 AM To: CiscoDevNet/ansible-meraki @.> Cc: mzendan99 @.>; Author @.> Subject: Re: [CiscoDevNet/ansible-meraki] meraki_device module no longer query's Public IP's (Issue #389)

Hello! Firstly, can you provide the example code when that incompatibility appeared. Secondly, from the GUI have you got a the same active public IPs?

Thank you!

-- Marcin

— Reply to this email directly, view it on GitHubhttps://github.com/CiscoDevNet/ansible-meraki/issues/389#issuecomment-1336404863, or unsubscribehttps://github.com/notifications/unsubscribe-auth/A4K2APDK276OLHMK36CRHKTWLSH4TANCNFSM6AAAAAASSH3M74. You are receiving this because you authored the thread.Message ID: @.***>

kbreit commented 1 year ago

What endpoint are you querying in Python to get the public IP address? The documentation isn't showing the one I use which is basically /networks/{net_id}/devices/{serial} but when I do a query it doesn't show any public IP info. Documentation (https://developer.cisco.com/meraki/api-v1/#!get-organization-devices-statuses) does show public IP is available on another endpoint though.

I'm curious why the Ansible version change is affecting things, if indeed it is. I'd like to work with you on this one more to resolve the issue.

Thank you.

mzendan99 commented 1 year ago

Endpoint = /organizations/{org_id}/devices/statuses

kbreit commented 1 year ago

That's what is happening. I'm not querying the statuses endpoint. Are you looking to query all devices in the organization or just a single one? I'm using /organizations/{org_id}/devices and swapping it with the statuses would likely be a breaking change. I could potentially add an option to get the statuses for this corner case until I do a major release and clean it up. I'll need to compare the output from mine to the statuses endpoint to see if it indeed would break backwards compatibility.

mzendan99 commented 1 year ago

I use it to query all the devices in our org and then the rest of my playbook filters and extracts the public IP's to automate conditional access in azure for our meraki sites. I spent a significant amount of time trying to get it working with ansible modules, thinking I was doing something wrong, but this simple python request does the job for now.

Do you need anything from me to help test this?

kbreit commented 1 year ago

At this moment, no. I'll need to do a stare and compare to see what's different between the old and new one. I may come back to you for something though, but nothing now. Thank you for asking.

kbreit commented 1 year ago

Well that was quick. I won't be able to swap out the old endpoint with the new endpoint as the new one lacks geographical information. I'm going to think about how to implement it. My current thought is something like:

state: query
query_type: statuses
mzendan99 commented 1 year ago

@kbreit Hi, It's been a little while, but I was curious if you implemented any changes for the endpoint?

kbreit commented 1 year ago

I haven't had an opportunity to delve into this yet. There's the possibility this is going to be significant effort so I will try to look soon and give an estimate.

mzendan99 commented 1 year ago

No worries at all. My work around runs fine so there is no rush. Thanks for the follow up though.

kbreit commented 1 year ago

The way the endpoint works is very different. It needs the organization ID and uses parameters as filters whereas the current one uses the serial number. There are two approaches I could take:

1) Add a new state value to the current module that adds a requirement for the organization information. In a way this is less than ideal because the endpoint does allow returning multiple devices, which the module doesn't support and the name meraki_device is singular so it's not intuitive.

2) Create a new module focused on interfacing with this endpoint.

I'm leaning toward the second one but curious if you have a preference.

mzendan99 commented 1 year ago

Hey @kbreit, its been a while since I have had time to get back into this. I appreciate you looking into it! I definitely want to clean up my playbook for this function and don't want to keep it hacked together with python. I am still dropping alot of devices across our meraki sites for some reason and can't find a correlation as to why some appliances aren't being picked up, when others are. As per your last reply, creating a new module for this endpoint would be awesome, but I am not sure how much effort that will take on your part. I will keep an eye on this thread and hope to hear back from your soon! Let me know if you need some screenshots from me, Thanks again.

kbreit commented 1 year ago

I am still open to creating a new module for this. I cannot commit to when it would be completed but the endpoint doesn't seem too challenging, especially since I have pagination built into the normal request function.

kbreit commented 1 year ago

@mzendan99 Please try the new meraki_device_statuses module in https://github.com/CiscoDevNet/ansible-meraki/tree/modules/device_statuses. It's not fully tested but it's a good start.