ansible / ansible.builtin / v2.4.3.0-1 / module / aci_config_rollback Provides rollback and rollback preview functionality for Cisco ACI fabrics (config:ImportP) | "added in version" 2.4 of ansible.builtin" Authors: Swetha Chunduri (@schunduri), Dag Wieers (@dagwieers), Jacob McGill (@jmcgill298) preview | supported by communityansible.builtin.aci_config_rollback (v2.4.3.0-1) — module
pip
Install with pip install ansible==2.4.3.0.post1
Provides rollback and rollback preview functionality for Cisco ACI fabric.
Config Rollbacks are done using snapshots C(aci_snapshot) with the configImportP class.
More information from the internal APIC class I(config:ImportP) at U(https://developer.cisco.com/media/mim-ref/MO-configImportP.html).
--- - name: Create a Snapshot aci_config_snapshot: hostname: apic username: admin password: SomeSecretPassword state: present export_policy: config_backup
- name: Query Existing Snapshots aci_config_snapshot: hostname: apic username: admin password: SomeSecretPassword state: query export_policy: config_backup
- name: Compare Snapshot Files aci_config_rollback: hostname: apic username: admin password: SomeSecretPassword state: preview export_policy: config_backup snapshot: 'run-2017-08-28T06-24-01' compare_export_policy: config_backup compare_snapshot: 'run-2017-08-27T23-43-56'
- name: Rollback Configuration aci_config_rollback: hostname: apic username: admin password: SomeSecretPassword state: rollback import_policy: rollback_config export_policy: config_backup snapshot: 'run-2017-08-28T06-24-01'
- name: Rollback Configuration aci_config_rollback: hostname: apic username: admin password: SomeSecretPassword state: rollback import_policy: rollback_config export_policy: config_backup snapshot: 'run-2017-08-28T06-24-01' description: 'Rollback 8-27 changes' import_mode: atomic import_type: replace fail_on_decrypt: yes
host: aliases: - hostname description: - IP Address or hostname of APIC resolvable by Ansible control host. - If the value is not specified in the task, the value of environment variable C(ACI_HOST) will be used instead. required: true type: str port: description: - Port number to be used for REST connection. - The default value depends on parameter C(use_ssl). - If the value is not specified in the task, the value of environment variable C(ACI_PORT) will be used instead. type: int state: choices: - preview - rollback default: rollback description: - Use C(preview) for previewing the diff between two snapshots. - Use C(rollback) for reverting the configuration to a previous snapshot. timeout: default: 30 description: - The socket level timeout in seconds. - If the value is not specified in the task, the value of environment variable C(ACI_TIMEOUT) will be used instead. type: int use_ssl: default: true description: - If C(no), an HTTP connection will be used instead of the default HTTPS connection. - If the value is not specified in the task, the value of environment variable C(ACI_USE_SSL) will be used instead. type: bool password: description: - The password to use for authentication. - This option is mutual exclusive with C(private_key). If C(private_key) is provided too, it will be used instead. - If the value is not specified in the task, the value of environment variables C(ACI_PASSWORD) or C(ANSIBLE_NET_PASSWORD) will be used instead. type: str snapshot: description: - The name of the snapshot to rollback to, or the base snapshot to use for comparison. - The C(aci_snapshot) module can be used to query the list of available snapshots. required: true username: aliases: - user default: admin description: - The username to use for authentication. - If the value is not specified in the task, the value of environment variables C(ACI_USERNAME) or C(ANSIBLE_NET_USERNAME) will be used instead. type: str owner_key: description: - User-defined string for the ownerKey attribute of an ACI object. - This attribute represents a key for enabling clients to own their data for entity correlation. - If the value is not specified in the task, the value of environment variable C(ACI_OWNER_KEY) will be used instead. type: str owner_tag: description: - User-defined string for the ownerTag attribute of an ACI object. - This attribute represents a tag for enabling clients to add their own data. - For example, to indicate who created this object. - If the value is not specified in the task, the value of environment variable C(ACI_OWNER_TAG) will be used instead. type: str use_proxy: default: true description: - If C(no), it will not use a proxy, even if one is defined in an environment variable on the target hosts. - If the value is not specified in the task, the value of environment variable C(ACI_USE_PROXY) will be used instead. type: bool annotation: description: - User-defined string for annotating an object. - If the value is not specified in the task, the value of environment variable C(ACI_ANNOTATION) will be used instead. type: str description: aliases: - descr description: - The description for the Import Policy. import_mode: choices: - atomic - best-effort default: atomic description: - Determines how the import should be handled by the APIC. - The APIC defaults new Import Policies to C(atomic). import_type: choices: - merge - replace default: replace description: - Determines how the current and snapshot configuration should be compared for replacement. - The APIC defaults new Import Policies to C(replace). output_path: description: - Path to a file that will be used to dump the ACI JSON configuration objects generated by the module. - If the value is not specified in the task, the value of environment variable C(ACI_OUTPUT_PATH) will be used instead. type: str private_key: aliases: - cert_key description: - Either a PEM-formatted private key file or the private key content used for signature-based authentication. - This value also influences the default C(certificate_name) that is used. - This option is mutual exclusive with C(password). If C(password) is provided too, it will be ignored. - If the value is not specified in the task, the value of environment variable C(ACI_PRIVATE_KEY) will be used instead. type: str output_level: choices: - debug - info - normal default: normal description: - Influence the output of this ACI module. - C(normal) means the standard output, incl. C(current) dict - C(info) adds informational output, incl. C(previous), C(proposed) and C(sent) dicts - C(debug) adds debugging output, incl. C(filter_string), C(method), C(response), C(status) and C(url) information - If the value is not specified in the task, the value of environment variable C(ACI_OUTPUT_LEVEL) will be used instead. type: str export_policy: description: - The export policy that the C(snapshot) is associated to. required: true import_policy: description: - The name of the Import Policy to use for config rollback. validate_certs: default: true description: - If C(no), SSL certificates will not be validated. - This should only set to C(no) when used on personally controlled sites using self-signed certificates. - If the value is not specified in the task, the value of environment variable C(ACI_VALIDATE_CERTS) will be used instead. type: bool fail_on_decrypt: default: 'yes' description: - Determines if the APIC should fail the rollback if unable to decrypt secured data. - The APIC defaults new Import Policies to C(yes). type: bool certificate_name: aliases: - cert_name description: - The X.509 certificate name attached to the APIC AAA user used for signature-based authentication. - If a C(private_key) filename was provided, this defaults to the C(private_key) basename, without extension. - If PEM-formatted content was provided for C(private_key), this defaults to the C(username) value. - If the value is not specified in the task, the value of environment variable C(ACI_CERTIFICATE_NAME) will be used instead. type: str compare_snapshot: description: - The name of the snapshot to compare with C(snapshot). compare_export_policy: description: - The export policy that the C(compare_snapshot) is associated to.