ansible.builtin.aci_config_rollback (v2.9.0) — module

Install Ansible via pip

Install with pip install ansible==2.9.0

Description

Provides rollback and rollback preview functionality for Cisco ACI fabrics.

Config Rollbacks are done using snapshots C(aci_snapshot) with the configImportP class.

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

---
- name: Create a Snapshot
  aci_config_snapshot:
    host: apic
    username: admin
    password: SomeSecretPassword
    export_policy: config_backup
    state: present
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Query Existing Snapshots
  aci_config_snapshot:
    host: apic
    username: admin
    password: SomeSecretPassword
    export_policy: config_backup
    state: query
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Compare Snapshot Files
  aci_config_rollback:
    host: apic
    username: admin
    password: SomeSecretPassword
    export_policy: config_backup
    snapshot: run-2017-08-28T06-24-01
    compare_export_policy: config_backup
    compare_snapshot: run-2017-08-27T23-43-56
    state: preview
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Rollback Configuration
  aci_config_rollback:
    host: apic
    username: admin
    password: SomeSecretPassword
    import_policy: rollback_config
    export_policy: config_backup
    snapshot: run-2017-08-28T06-24-01
    state: rollback
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Rollback Configuration
  aci_config_rollback:
    host: apic
    username: admin
    password: SomeSecretPassword
    import_policy: rollback_config
    export_policy: config_backup
    snapshot: run-2017-08-28T06-24-01
    description: Rollback 8-27 changes
    import_mode: atomic
    import_type: replace
    fail_on_decrypt: yes
    state: rollback
  delegate_to: localhost

Inputs

    
host:
    aliases:
    - hostname
    description:
    - IP Address or hostname of APIC resolvable by Ansible control host.
    required: true
    type: str

port:
    description:
    - Port number to be used for REST connection.
    - The default value depends on parameter C(use_ssl).
    type: int

state:
    choices:
    - preview
    - rollback
    default: rollback
    description:
    - Use C(preview) for previewing the diff between two snapshots.
    - Use C(rollback) for reverting the configuration to a previous snapshot.
    type: str

timeout:
    default: 30
    description:
    - The socket level timeout in seconds.
    type: int

use_ssl:
    default: true
    description:
    - If C(no), an HTTP connection will be used instead of the default HTTPS connection.
    type: bool

password:
    description:
    - The password to use for authentication.
    - This option is mutual exclusive with C(private_key). If C(private_key) is provided
      too, it will be used instead.
    required: true
    type: str

snapshot:
    description:
    - The name of the snapshot to rollback to, or the base snapshot to use for comparison.
    - The C(aci_snapshot) module can be used to query the list of available snapshots.
    required: true
    type: str

username:
    aliases:
    - user
    default: admin
    description:
    - The username to use for authentication.
    type: str

use_proxy:
    default: true
    description:
    - If C(no), it will not use a proxy, even if one is defined in an environment variable
      on the target hosts.
    type: bool

description:
    aliases:
    - descr
    description:
    - The description for the Import Policy.
    type: str

import_mode:
    choices:
    - atomic
    - best-effort
    description:
    - Determines how the import should be handled by the APIC.
    - The APIC defaults to C(atomic) when unset.
    type: str

import_type:
    choices:
    - merge
    - replace
    description:
    - Determines how the current and snapshot configuration should be compared for replacement.
    - The APIC defaults to C(replace) when unset.
    type: str

private_key:
    aliases:
    - cert_key
    description:
    - Either a PEM-formatted private key file or the private key content used for signature-based
      authentication.
    - This value also influences the default C(certificate_name) that is used.
    - This option is mutual exclusive with C(password). If C(password) is provided too,
      it will be ignored.
    required: true
    type: str

output_level:
    choices:
    - debug
    - info
    - normal
    default: normal
    description:
    - Influence the output of this ACI module.
    - C(normal) means the standard output, incl. C(current) dict
    - C(info) adds informational output, incl. C(previous), C(proposed) and C(sent) dicts
    - C(debug) adds debugging output, incl. C(filter_string), C(method), C(response),
      C(status) and C(url) information
    type: str

export_policy:
    description:
    - The export policy that the C(snapshot) is associated to.
    required: true
    type: str

import_policy:
    description:
    - The name of the Import Policy to use for config rollback.
    type: str

validate_certs:
    default: true
    description:
    - If C(no), SSL certificates will not be validated.
    - This should only set to C(no) when used on personally controlled sites using self-signed
      certificates.
    type: bool

fail_on_decrypt:
    description:
    - Determines if the APIC should fail the rollback if unable to decrypt secured data.
    - The APIC defaults to C(yes) when unset.
    type: bool

certificate_name:
    aliases:
    - cert_name
    description:
    - The X.509 certificate name attached to the APIC AAA user used for signature-based
      authentication.
    - If a C(private_key) filename was provided, this defaults to the C(private_key) basename,
      without extension.
    - If PEM-formatted content was provided for C(private_key), this defaults to the C(username)
      value.
    type: str

compare_snapshot:
    description:
    - The name of the snapshot to compare with C(snapshot).
    type: str

compare_export_policy:
    description:
    - The export policy that the C(compare_snapshot) is associated to.
    type: str

Outputs

error:
  description: The error information as returned from the APIC
  returned: failure
  sample:
    code: '122'
    text: unknown managed object class foo
  type: dict
filter_string:
  description: The filter string used for the request
  returned: failure or debug
  sample: ?rsp-prop-include=config-only
  type: str
method:
  description: The HTTP method used for the request to the APIC
  returned: failure or debug
  sample: POST
  type: str
preview:
  description: A preview between two snapshots
  returned: when state is preview
  type: str
raw:
  description: The raw output returned by the APIC REST API (xml or json)
  returned: parse error
  sample: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122"
    text="unknown managed object class foo"/></imdata>
  type: str
response:
  description: The HTTP response from the APIC
  returned: failure or debug
  sample: OK (30 bytes)
  type: str
status:
  description: The HTTP status from the APIC
  returned: failure or debug
  sample: 200
  type: int
url:
  description: The HTTP url used for the request to the APIC
  returned: failure or debug
  sample: https://10.11.12.13/api/mo/uni/tn-production.json
  type: str

See also

• aci_config_snapshot
• APIC Management Information Model reference: More information about the internal APIC class B(config:ImportP). link
• Ansible docs: Detailed information on how to manage your ACI infrastructure using Ansible. link
• Ansible docs: Detailed guide on how to write your own Cisco ACI modules to contribute. link