Try SpotterManage NXAPI configuration on an NXOS device.
| "added in version" 2.1 of ansible.builtin"
Authors: Peter Sprygada (@privateip)
preview | supported by network
pipInstall with pip install ansible==2.9.13
Configures the NXAPI feature on devices running Cisco NXOS. The NXAPI feature is absent from the configuration by default. Since this module manages the NXAPI feature it only supports the use of the C(Cli) transport.
- name: Enable NXAPI access with default configuration
nxos_nxapi:
state: present
- name: Enable NXAPI with no HTTP, HTTPS at port 9443 and sandbox disabled
nxos_nxapi:
enable_http: false
https_port: 9443
https: yes
enable_sandbox: no
- name: remove NXAPI configuration
nxos_nxapi:
state: absent
http:
aliases:
- enable_http
default: true
description:
- Controls the operating state of the HTTP protocol as one of the underlying transports
for NXAPI. By default, NXAPI will enable the HTTP transport when the feature is
first configured. To disable the use of the HTTP transport, set the value of this
argument to False.
required: false
type: bool
https:
aliases:
- enable_https
default: false
description:
- Controls the operating state of the HTTPS protocol as one of the underlying transports
for NXAPI. By default, NXAPI will disable the HTTPS transport when the feature
is first configured. To enable the use of the HTTPS transport, set the value of
this argument to True.
required: false
type: bool
state:
choices:
- present
- absent
default: present
description:
- The C(state) argument controls whether or not the NXAPI feature is configured on
the remote device. When the value is C(present) the NXAPI feature configuration
is present in the device running-config. When the values is C(absent) the feature
configuration is removed from the running-config.
required: false
sandbox:
aliases:
- enable_sandbox
default: false
description:
- The NXAPI feature provides a web base UI for developers for entering commands. This
feature is initially disabled when the NXAPI feature is configured for the first
time. When the C(sandbox) argument is set to True, the developer sandbox URL will
accept requests and when the value is set to False, the sandbox URL is unavailable.
This is supported on NX-OS 7K series.
required: false
type: bool
tlsv1_0:
default: true
description:
- Controls the use of the Transport Layer Security version 1.0 is configured. By
default, this feature is enabled. To disable the use of TLSV1.0, set the value
of this argument to True.
required: false
type: bool
version_added: '2.7'
version_added_collection: ansible.builtin
tlsv1_1:
default: false
description:
- Controls the use of the Transport Layer Security version 1.1 is configured. By
default, this feature is disabled. To enable the use of TLSV1.1, set the value
of this argument to True.
required: false
type: bool
version_added: '2.7'
version_added_collection: ansible.builtin
tlsv1_2:
default: false
description:
- Controls the use of the Transport Layer Security version 1.2 is configured. By
default, this feature is disabled. To enable the use of TLSV1.2, set the value
of this argument to True.
required: false
type: bool
version_added: '2.7'
version_added_collection: ansible.builtin
provider:
description:
- B(Deprecated)
- 'Starting with Ansible 2.5 we recommend using C(connection: network_cli).'
- 'Starting with Ansible 2.6 we recommend using C(connection: httpapi) for NX-API.'
- This option will be removed in a release after 2022-06-01.
- For more information please see the L(NXOS Platform Options guide, ../network/user_guide/platform_nxos.html).
- HORIZONTALLINE
- A dict object containing connection details.
suboptions:
auth_pass:
description:
- Specifies the password to use if required to enter privileged mode on the remote
device. If I(authorize) is false, then this argument does nothing. If the value
is not specified in the task, the value of environment variable C(ANSIBLE_NET_AUTH_PASS)
will be used instead.
type: str
authorize:
default: false
description:
- Instructs the module to enter privileged mode on the remote device before sending
any commands. If not specified, the device will attempt to execute all commands
in non-privileged mode. If the value is not specified in the task, the value
of environment variable C(ANSIBLE_NET_AUTHORIZE) will be used instead.
type: bool
host:
description:
- Specifies the DNS host name or address for connecting to the remote device over
the specified transport. The value of host is used as the destination address
for the transport.
type: str
password:
description:
- Specifies the password to use to authenticate the connection to the remote device. This
is a common argument used for either I(cli) or I(nxapi) transports. If the value
is not specified in the task, the value of environment variable C(ANSIBLE_NET_PASSWORD)
will be used instead.
type: str
port:
description:
- Specifies the port to use when building the connection to the remote device. This
value applies to either I(cli) or I(nxapi). The port value will default to
the appropriate transport common port if none is provided in the task. (cli=22,
http=80, https=443).
type: int
ssh_keyfile:
description:
- Specifies the SSH key to use to authenticate the connection to the remote device. This
argument is only used for the I(cli) transport. If the value is not specified
in the task, the value of environment variable C(ANSIBLE_NET_SSH_KEYFILE) will
be used instead.
type: str
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error. NX-API can be slow to return
on long-running commands (sh mac, sh bgp, etc).
type: int
transport:
choices:
- cli
- nxapi
default: cli
description:
- Configures the transport connection to use when connecting to the remote device. The
transport argument supports connectivity to the device over cli (ssh) or nxapi.
type: str
use_proxy:
default: true
description:
- If C(no), the environment variables C(http_proxy) and C(https_proxy) will be
ignored.
type: bool
use_ssl:
default: false
description:
- Configures the I(transport) to use SSL if set to C(yes) only when the C(transport=nxapi),
otherwise this value is ignored.
type: bool
username:
description:
- Configures the username to use to authenticate the connection to the remote
device. This value is used to authenticate either the CLI login or the nxapi
authentication depending on which transport is used. If the value is not specified
in the task, the value of environment variable C(ANSIBLE_NET_USERNAME) will
be used instead.
type: str
validate_certs:
default: false
description:
- If C(no), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates. If the transport
argument is not nxapi, this value is ignored.
type: bool
type: dict
http_port:
default: 80
description:
- Configure the port with which the HTTP server will listen on for requests. By default,
NXAPI will bind the HTTP service to the standard HTTP port 80. This argument accepts
valid port values in the range of 1 to 65535.
required: false
https_port:
default: 443
description:
- Configure the port with which the HTTPS server will listen on for requests. By
default, NXAPI will bind the HTTPS service to the standard HTTPS port 443. This
argument accepts valid port values in the range of 1 to 65535.
required: false
ssl_strong_ciphers:
default: false
description:
- Controls the use of whether strong or weak ciphers are configured. By default, this
feature is disabled and weak ciphers are configured. To enable the use of strong
ciphers, set the value of this argument to True.
required: false
type: bool
version_added: '2.7'
version_added_collection: ansible.builtin
updates:
description:
- Returns the list of commands that need to be pushed into the remote device to
satisfy the arguments
returned: always
sample:
- no feature nxapi
type: list