KB-perByte
commented
2 years ago Hey @JeromeH27 which IOS version are you using?
Open JeromeH27 opened 2 years ago
KB-perByte
commented
2 years ago Hey @JeromeH27 which IOS version are you using?
JeromeH27
commented
2 years ago Hello,
I do test on a switch(model: WS-C2960X-48TD-L) with IOS 15.2(7)E2. return: { "changed": true, "warnings": [ "To ensure idempotency and correct diff the input configuration lines should be similar to how they appear if present in the running configuration on device" ], "commands": [ "aaa session-id common" ], "updates": [ "aaa session-id common" ], "banners": {}, "invocation": { "module_args": { "lines": [ "aaa session-id common" ], "match": "line", "replace": "line", "multiline_delimiter": "@", "defaults": false, "backup": false, "save_when": "never", "src": null, "parents": null, "before": null, "after": null, "running_config": null, "intended_config": null, "backup_options": null, "diff_against": null, "diff_ignore_lines": null, "provider": null } }, "_ansible_no_log": false }
I have tried also on a switch C9200-480 in version 17.06.03. I don't get the issue on this switch. return: { "changed": false, "invocation": { "module_args": { "lines": [ "aaa session-id common" ], "match": "line", "replace": "line", "multiline_delimiter": "@", "defaults": false, "backup": false, "save_when": "never", "src": null, "parents": null, "before": null, "after": null, "running_config": null, "intended_config": null, "backup_options": null, "diff_against": null, "diff_ignore_lines": null, "provider": null } }, "_ansible_no_log": false }
felixblang
commented
1 year ago I'm having the same issue, using a WS-C3650-24PS running version 16.12.05b
aj-cruz
commented
1 year ago Not sure if I should add it here or put it in it's own issue, but I'm also seeing an idempotency issue with ios_config.
I have a simple task in my playbook that saves configs at the end of the play using save_when: modified
- name: Copy IOS Running Configs to Startup
cisco.ios.ios_config:
save_when: modified
when: ansible_network_os == 'ios'Even when the startup & running configs are sync'd the task always saves the config. I'm running it against Catalyst C9300-L-48P-4X switches running 17.9.3(ED)
rwobig93
commented
2 months ago I ran into the same thing (save_when == "modified" resulting in changed == True even when there is no config changes) and had a few minutes to look into why so I figured I'd share since I imagine it's going to be the same for most others
Dumping the raw and parsed text from the NetworkConfig class the ios_config module uses revealed that there isn't any handling for certificate representation in running vs startup config
For example in startup config a certificate has the storage location vs the certificate context:
certificate ca 01 nvram:CertificateName#0.cer
Where running config has the full certificate content:
certificate ca 01
01234567 89012345 ...So an easy fix without updating the module code to handle this parsing difference (I'd think that should be done anyway) is adding a few regex lines to the diff_ignore_lines module parameter:
- name: IOS - Save Unsaved Configuration
connection: network_cli
cisco.ios.ios_config:
save_when: "modified"
# The ios_config module isn't ignoring certificate differences between running and startup
diff_ignore_lines:
- "certificate (ca|self-signed).*"
- "([0-9A-F]{2,}(?:\\s[0-9A-F]{2,})*)"
- "quit"
when: (ansible_network_os == "cisco.ios.ios")
Hello,
I have an issue with idempotency with the module ios_config.
SUMMARY
When I'm trying to configure "aaa session-id common" by using a task in ansible, each time I got the return status to changed.
This line is already in the configuration of the switch.
I have tried to change match and replace parameters but I got the same result
what I got in the logs:
for some other tasks, the idempotency works perfectly
ISSUE TYPE
COMPONENT NAME
ANSIBLE VERSION
Ansible 2.10.14
COLLECTION VERSION