Closed meandus closed 6 years ago
Will have to add the functionality to add to a group but you can use network_element.yml to delete an element:
- name: Delete network elements. Use a list of elements by name
network_element:
smc_logging:
level: 10
path: /Users/davidlepage/Downloads/ansible-smc.log
state: absent
elements:
- group:
- mygroup
- newgroupa
- host:
- hosta
- hostb
- network:
- networka
- address_range:
- myrange
- interface_zone:
- myzone
- domain_name:
- mydomain.com
- router:
- myrouter
- ip_list:
- myiplist
https://github.com/gabstopper/ansible-stonesoft/blob/master/playbooks/network_element.yml
my question is regarding to remove a element from a group, not to delete the group
-name:Delete network elements. Use a list of elements by name network_element: smc_logging: level:10 path:/Users/davidlepage/Downloads/ansible-smc.log state:absent elements: -group: -mynetwork-object
Le 04/04/2018 à 15:30, David LePage a écrit :
Will have to add the functionality to add to a group but you can use network_element.yml to delete an element:
-name:Delete network elements. Use a list of elements by name network_element: smc_logging: level:10 path:/Users/davidlepage/Downloads/ansible-smc.log state:absent elements: -group: -mygroup -newgroupa -host: -hosta -hostb -network: -networka -address_range: -myrange -interface_zone: -myzone -domain_name: -mydomain.com -router: -myrouter -ip_list: -myiplist
https://github.com/gabstopper/ansible-stonesoft/blob/master/playbooks/network_element.yml
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/gabstopper/ansible-stonesoft/issues/13#issuecomment-378600232, or mute the thread https://github.com/notifications/unsubscribe-auth/AEEKjBHPVmgxdsJpFqDSDs21FdXRnrQaks5tlMrlgaJpZM4TFBnD.
Ok, understood. Group handling will be fixed in network_element to accomodate that. Do you see the need to also delete any element type? I was going to extend network_element to allow more generic removals of any element type based on the 'entry point'.
May be in the future ... good to remove dynamic routing elements (prefix, route map, as, etc)
To delete only an interface, a vlan on an interface, delete a static route, add a static route on cluster, delete a antispoofing network or add a static antispoofing network. ;)
Rémy.
Le 4 avril 2018 15:53:29 GMT+02:00, David LePage notifications@github.com a écrit :
Ok, understood. Group handling will be fixed in network_element to accomodate that. Do you see the need to also delete any element type? I was going to extend network_element to allow more generic removals of any element type based on the 'entry point'.
-- You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub: https://github.com/gabstopper/ansible-stonesoft/issues/13#issuecomment-378607615
-- Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
Hi Remy,
You can delete an interface and individual VLAN with the current logic now.
The process would be to fetch the entire engine as yaml using engine_facts, then adding the parameter: delete_undefined_interfaces: true
and remove the interfaces/vlans you want to remove.
In addition to this, the antispoofing network and announced networks will be removed if the bgp parameter is defined and the elements are different. The yaml configuration is considered to be the current state of the configuration. I will be adding some more in depth supplementary documentation besides the base level ansible docs once the changes become more static (getting close).
Hi Remy, I have updated the engine library to support a much more broad set of operations and merged the logic between single fw and fw_cluster. The only real difference is when creating the engine you must specify the engine type. In addition, the engine yaml differs between the two but there is an example playbook for both l3fw_cluster and l3fw.
Current version supports removing or appending to an existing group using:
remove_members
. Overwriting a current group can be accomplished by adding append_lists=False
.
Hi, How is it possible to remove an element from a group ? How is it possible to delete an element from SMC ?
Regards :)