search

F5Networks / f5-ansible

Imperative Ansible modules for F5 BIG-IP products
GNU General Public License v3.0
376 stars 229 forks source link

bigip_vcmp_guest does not set DSC device name #1931

Open ktreese opened 3 years ago

ktreese commented 3 years ago
ISSUE TYPE
COMPONENT NAME

bigip_vcmp_guest

ANSIBLE VERSION
ansible 2.9.15
  config file = None
  configured module search path = ['/Users/reesek/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /Users/reesek/opt/miniconda3/envs/ansible2.9/lib/python3.9/site-packages/ansible
  executable location = /Users/reesek/opt/miniconda3/envs/ansible2.9/bin/ansible
  python version = 3.9.0 (default, Nov 15 2020, 06:25:35) [Clang 10.0.0 ]
PYTHON VERSION
Python 3.9.0
BIGIP VERSION
Sys::Version
Main Package
  Product     BIG-IP
  Version     15.1.1
  Build       0.0.6
  Edition     Point Release 0
  Date        Thu Oct  8 02:52:59 PDT 2020
CONFIGURATION
OS / ENVIRONMENT
SUMMARY

bigip_vcmp_guest does not set the DSC device name.

The name attribute of this module also sets the hostname of the device, thus it's not necessary to use the bigip_hostname module in conjunction should the desired hostname already be supplied to the bigip_vcmp_guest name attribute. This is problematic, because the DSC device name remains set to bigip1. However, bigip_hostname DOES change the DSC device name, which in turn, regenerates an Identity Certificate with a CN that matches that of the device name. This makes things much clearer when setting up device trust as the device names are no longer set to the default of bigip1.

STEPS TO REPRODUCE

Refer: https://github.com/F5Networks/f5-ansible/issues/1929

EXPECTED RESULTS

bigip_vcmp_guest should update the DSC device name just like bigip_hostname does.

ACTUAL RESULTS

The device name stays defaulted to bigip1

focrensh commented 3 years ago

Just to confirm, if you run hostname afterwards, you get the config to a desired state? We have to look at the APIs and look at what is automatically done where. Ansible is good for breaking out tasks into their own modules, sometimes the TMUI does a few tasks in one, such as setting DSC with hostname etc. The best solution to avoid confusion may be to add a tag in case someone needs this to not be set.

Are you able to confirm that setting the hostname when creating VCMP guest in TMUI auto sets the DSC name for you?

ktreese commented 3 years ago

It depends. If the name attribute given to bigip_vcmp_guest is the same as the hostname attribute of bigip_hostname, then desired state is not reached. This is because bigip_vcmp_guest's name attribute sets the hostname before bigip_hostname is invoked and thus bigip_hostname is idempotent.

If, on the other hand, the name attribute given to bigip_vcmp_guest is different than that of he hostname attribute of bigip_hostname, then bigip_hostname will update the hostname of the device, and is thus invoked which then kicks in the tmsh mv operation implemented in the bigip_hostname module. Refer: https://github.com/F5Networks/f5-ansible/blob/cd5f7412e26ae67369b79f446954226f9e6f8a2b/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_hostname.py#L246

And yes -- when creating a vcmp guest in TMUI, the DSC name is set for me.

ktreese commented 1 year ago

I came across this devcentral article that may also explain what's going on here: https://community.f5.com/t5/technical-forum/device-name-under-device-management/td-p/202247