search

ansible-collections / junipernetworks.junos

Ansible Network Collection for Juniper JunOS
GNU General Public License v3.0
84 stars 63 forks source link

junipernetworks.junos.junos_l2_interfaces state: replaced doesn't work #452

Open kollross opened 1 year ago

kollross commented 1 year ago
SUMMARY

When using the junos_l2_interface module to update vlan on interface, the "new" vlan is simply added to the vlan member list of an access port resulting in a failed commit.

Expected behavior: Replace existing vlan configured on the port with new vlan being configured.

ISSUE TYPE
COMPONENT NAME

junipernetworks.junos.junos_l2_interfaces

ANSIBLE VERSION
2.14.5
COLLECTION VERSION
junipernetworks.junos         5.3.0
CONFIGURATION
CONFIG_FILE() = /etc/ansible/ansible.cfg
DEFAULT_ACTION_PLUGIN_PATH(/etc/ansible/ansible.cfg) = ['/home/ansible/.local/lib/python3.10/site-packages/napalm_ansible/plugins/action']
DEFAULT_FORKS(/etc/ansible/ansible.cfg) = 10
DEFAULT_HOST_LIST(/etc/ansible/ansible.cfg) = ['/etc/ansible/netbox_inventory.yml']
DEFAULT_MODULE_PATH(/etc/ansible/ansible.cfg) = ['/home/ansible/.local/lib/python3.10/site-packages/napalm_ansible/modules']
DEFAULT_PRIVATE_KEY_FILE(/etc/ansible/ansible.cfg) = /home/ansible/.ssh/id_ed25519
HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False
INTERPRETER_PYTHON(/etc/ansible/ansible.cfg) = /usr/bin/python3
INVENTORY_CACHE_ENABLED(/etc/ansible/ansible.cfg) = True
INVENTORY_CACHE_PLUGIN(/etc/ansible/ansible.cfg) = jsonfile
INVENTORY_CACHE_PLUGIN_CONNECTION(/etc/ansible/ansible.cfg) = /var/tmp/ansible-inventory-cache
INVENTORY_CACHE_TIMEOUT(/etc/ansible/ansible.cfg) = 999
INVENTORY_ENABLED(/etc/ansible/ansible.cfg) = ['host_list', 'script', 'auto', 'yaml', 'ini', 'toml']
PERSISTENT_COMMAND_TIMEOUT(/etc/ansible/ansible.cfg) = 120
PERSISTENT_CONNECT_TIMEOUT(/etc/ansible/ansible.cfg) = 60
OS / ENVIRONMENT

12.3R12-S21

STEPS TO REPRODUCE
    - name: Merge provided Junos vlans config with running-config
      junipernetworks.junos.junos_l2_interfaces:
        config:
        - name: "{{ variable_interface }}"
          access:
            vlan: "{{ variable_vlan }}"
        state: replaced
      connection: netconf
      when: ansible_network_os=='junos'
EXPECTED RESULTS

Before change:

 show interfaces xe-0/0/29
description FREE;
enable;
unit 0 {
    family ethernet-switching {
        interface-mode access;
        vlan {
            members 2402;
        }
    }
}

After change:

 show interfaces xe-0/0/29
description FREE;
enable;
unit 0 {
    family ethernet-switching {
        interface-mode access;
        vlan {
            members 2403;
        }
    }
}
ACTUAL RESULTS

show configuration interfaces ge-1/0/29 description HBP04-13; enable; unit 0 { family ethernet-switching { interface-mode access; vlan { members [ 2402 2403 ]; } } }

fatal: [switch1]: FAILED! => {"changed": false, "module_stderr": "b'error: Access interface <ge-1/0/29.0> has more than one vlan member: <v2011> and <v2010>\\nerror: configuration check-out failed'", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"}
yaleman commented 3 months ago

Any update on this? I'm trying to set a trunk up and it's failing:

- name: Juniper_l2_interfaces
  junipernetworks.junos.junos_l2_interfaces:
    config:
      - name: ge-0/0/47
        trunk:
          allowed_vlans:
            - Cameras
            - Guest_Wifi
          native_vlan: 0
    state: replaced

error:

fatal: [ex3300]: FAILED! => {"changed": false, "module_stderr": "b'error: Access interface <ge-0/0/47.0> has more than one vlan member: <Guest_Wifi> and <Cameras>\\nerror: configuration check-out failed'", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"}

there's literally no access config on this port, why would it even be trying to set that up?

yaleman commented 3 months ago

I found that setting enhanced_layer: false made the above work... that was ... confusing.