search

ansible-collections / arista.eos

Ansible Network Collection for Arista EOS
GNU General Public License v3.0
82 stars 68 forks source link

ACL updates not treated as 'changes' #349

Closed mostdaysarebaddays closed 2 years ago

mostdaysarebaddays commented 2 years ago
SUMMARY

ACL updates not treated as 'changes'

ISSUE TYPE
COMPONENT NAME

eos_config

ANSIBLE VERSION
ansible 2.9.16
COLLECTION VERSION
arista.eos:5.0.0
CONFIGURATION
Empty
OS / ENVIRONMENT

Centos7

STEPS TO REPRODUCE

Any ACL config changes aren't treated as changes as below.


    - name: get content of local file - to add config
      set_fact:
        commandstoruntoadd: "{{ lookup('file','CFGS/' + ansible_host + '.txt') }}"
      tags:
       - add

    - name: "Apply config"
      eos_config:
        lines:
           - " {{commandstoruntoadd}} "
      register: configappliedtoadd
      tags:
        - add

Content of .txt file

interface Ethernet1
spanning-tree vlan 1-4094 cost 99999999
router bgp 666
neighbor 1.1.1.1 description test
ip access-list extended test
permit ip 6.6.6.64/31 any
permit ip 6.6.6.66/31 any
EXPECTED RESULTS

I expect exactly as below but the:

- Ip access-list extended test
- Permit ip 6.6.6.64/31 any
- Permit ip 6.6.6.66/31 any

Should be under diff with + next to them

ACTUAL RESULTS

All other config treated as 'changes', ACL updates are not.

TASK [Apply config output] *******************************************************************************************************************************************************************************************************************
ok: [test-box] =>
  msg:
    ansible_facts:
      discovered_interpreter_python: /usr/bin/python
    changed: true
    commands:
    - Interface Ethernet1
    - Spanning-tree vlan 1-4094 cost 99999999
    - Router bgp 666
    - Neighbor 1.1.1.1 description test
    - Ip access-list extended test
    - Permit ip 6.6.6.64/31 any
    - Permit ip 6.6.6.66/31 any
    diff:
      prepared: |-
        --- system:/running-config
        +++ session:/ansible_1651029109-session-config
        @@ -75,6 +75,7 @@
            switchport mode trunk
            ptp enable
        +   spanning-tree vlan 1-4094 cost 99999999
         !
         interface Ethernet2
            description ***
        @@ -305,6 +306,8 @@
            neighbor INTERNAL timers 3 9
            neighbor INTERNAL send-community
            neighbor INTERNAL maximum-routes 12000
        +   neighbor 1.1.1.1 description test
        +   neighbor 1.1.1.1 maximum-routes 12000
            neighbor 10.255.255.2 remote-as 666
            neighbor 10.255.255.2 route-map BGP_advertise out
            neighbor 10.255.255.2 maximum-routes 12000
    failed: false
    session: ansible_1651029109
    updates:
    - Interface Ethernet1
    - Spanning-tree vlan 1-4094 cost 99999999
    - Router bgp 666
    - Neighbor 1.1.1.1 description test
    - Ip access-list extended test
    - Permit ip 6.6.6.64/31 any
    - Permit ip 6.6.6.66/31 any
mostdaysarebaddays commented 2 years ago

To note, all commands are successfully applied - both those marked as 'changed' and the ACLs too.

GomathiselviS commented 2 years ago

@mostdaysarebaddays Thanks for submitting the issue. I see that 'show session-config diffs' is not displaying the changes applied to access-list. We take the output that the eos device gives us. This seems to be an issue/behavior of eos and not ansible. Let me know what you think.

mostdaysarebaddays commented 2 years ago

Yeah, I'll take it up with Arista.

As a work around, I'm doing wr mem when logging on then diffing against startup-config after I apply.