Try SpotterManage configuration on devices running Juniper JUNOS
| "added in version" 2.1 of ansible.builtin"
Authors: Peter Sprygada (@privateip)
preview | supported by network
pipInstall with pip install ansible==2.9.21
This module provides an implementation for working with the active configuration running on Juniper JUNOS devices. It provides a set of arguments for loading configuration, performing rollback operations and zeroing the active configuration on the device.
- name: load configure file into device
junos_config:
src: srx.cfg
comment: update config
- name: load configure lines into device
junos_config:
lines:
- set interfaces ge-0/0/1 unit 0 description "Test interface"
- set vlans vlan01 description "Test vlan"
comment: update config
- name: Set routed VLAN interface (RVI) IPv4 address
junos_config:
lines:
- set vlans vlan01 vlan-id 1
- set interfaces irb unit 10 family inet address 10.0.0.1/24
- set vlans vlan01 l3-interface irb.10
- name: Check correctness of commit configuration
junos_config:
check_commit: yes
- name: rollback the configuration to id 10
junos_config:
rollback: 10
- name: zero out the current configuration
junos_config:
zeroize: yes
- name: Set VLAN access and trunking
junos_config:
lines:
- set vlans vlan02 vlan-id 6
- set interfaces ge-0/0/6.0 family ethernet-switching interface-mode access vlan members vlan02
- set interfaces ge-0/0/6.0 family ethernet-switching interface-mode trunk vlan members vlan02
- name: confirm a previous commit
junos_config:
confirm_commit: yes
- name: for idempotency, use full-form commands
junos_config:
lines:
# - set int ge-0/0/1 unit 0 desc "Test interface"
- set interfaces ge-0/0/1 unit 0 description "Test interface"
- name: configurable backup path
junos_config:
src: srx.cfg
backup: yes
backup_options:
filename: backup.cfg
dir_path: /home/user
src:
description:
- The I(src) argument provides a path to the configuration file to load into the remote
system. The path can either be a full system path to the configuration file if the
value starts with / or relative to the root of the implemented role or playbook.
This argument is mutually exclusive with the I(lines) argument.
version_added: '2.2'
version_added_collection: ansible.builtin
lines:
description:
- This argument takes a list of C(set) or C(delete) configuration lines to push into
the remote device. Each line must start with either C(set) or C(delete). This
argument is mutually exclusive with the I(src) argument.
backup:
default: 'no'
description:
- This argument will cause the module to create a full backup of the current C(running-config)
from the remote device before any changes are made. If the C(backup_options) value
is not given, the backup file is written to the C(backup) folder in the playbook
root directory or role root directory, if playbook is part of an ansible role. If
the directory does not exist, it is created.
type: bool
version_added: '2.2'
version_added_collection: ansible.builtin
update:
choices:
- merge
- override
- replace
- update
default: merge
description:
- This argument will decide how to load the configuration data particularly when the
candidate configuration and loaded configuration contain conflicting statements.
Following are accepted values. C(merge) combines the data in the loaded configuration
with the candidate configuration. If statements in the loaded configuration conflict
with statements in the candidate configuration, the loaded statements replace the
candidate ones. C(override) discards the entire candidate configuration and replaces
it with the loaded configuration. C(replace) substitutes each hierarchy level in
the loaded configuration for the corresponding level. C(update) is similar to the
override option. The new configuration completely replaces the existing configuration.
The difference comes when the configuration is later committed. This option performs
a 'diff' between the new candidate configuration and the existing committed configuration.
It then only notifies system processes responsible for the changed portions of the
configuration, and only marks the actual configuration changes as 'changed'.
version_added: '2.3'
version_added_collection: ansible.builtin
comment:
default: configured by junos_config
description:
- The C(comment) argument specifies a text string to be used when committing the configuration. If
the C(confirm) argument is set to False, this argument is silently ignored.
confirm:
default: 0
description:
- The C(confirm) argument will configure a time out value in minutes for the commit
to be confirmed before it is automatically rolled back. If the C(confirm) argument
is set to False, this argument is silently ignored. If the value for this argument
is set to 0, the commit is confirmed immediately.
replace:
default: 'no'
description:
- The C(replace) argument will instruct the remote device to replace the current configuration
hierarchy with the one specified in the corresponding hierarchy of the source configuration
loaded from this module.
- Note this argument should be considered deprecated. To achieve the equivalent,
set the I(update) argument to C(replace). This argument will be removed in a future
release. The C(replace) and C(update) argument is mutually exclusive.
type: bool
zeroize:
description:
- The C(zeroize) argument is used to completely sanitize the remote device configuration
back to initial defaults. This argument will effectively remove all current configuration
statements on the remote device.
type: bool
provider:
description:
- B(Deprecated)
- 'Starting with Ansible 2.5 we recommend using C(connection: network_cli) or C(connection:
netconf).'
- For more information please see the L(Junos OS Platform Options guide, ../network/user_guide/platform_junos.html).
- HORIZONTALLINE
- A dict object containing connection details.
suboptions:
host:
description:
- Specifies the DNS host name or address for connecting to the remote device over
the specified transport. The value of host is used as the destination address
for the transport.
type: str
password:
description:
- Specifies the password to use to authenticate the connection to the remote device. This
value is used to authenticate the SSH session. If the value is not specified
in the task, the value of environment variable C(ANSIBLE_NET_PASSWORD) will
be used instead.
type: str
port:
description:
- Specifies the port to use when building the connection to the remote device. The
port value will default to the well known SSH port of 22 (for C(transport=cli))
or port 830 (for C(transport=netconf)) device.
type: int
ssh_keyfile:
description:
- Specifies the SSH key to use to authenticate the connection to the remote device. This
value is the path to the key used to authenticate the SSH session. If the value
is not specified in the task, the value of environment variable C(ANSIBLE_NET_SSH_KEYFILE)
will be used instead.
type: path
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- cli
- netconf
default: netconf
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
username:
description:
- Configures the username to use to authenticate the connection to the remote
device. This value is used to authenticate the SSH session. If the value is
not specified in the task, the value of environment variable C(ANSIBLE_NET_USERNAME)
will be used instead.
type: str
type: dict
rollback:
description:
- The C(rollback) argument instructs the module to rollback the current configuration
to the identifier specified in the argument. If the specified rollback identifier
does not exist on the remote device, the module will fail. To rollback to the most
recent commit, set the C(rollback) argument to 0.
src_format:
choices:
- xml
- set
- text
- json
description:
- The I(src_format) argument specifies the format of the configuration found int I(src). If
the I(src_format) argument is not provided, the module will attempt to determine
the format of the configuration file specified in I(src).
version_added: '2.2'
version_added_collection: ansible.builtin
check_commit:
default: 'no'
description:
- This argument will check correctness of syntax; do not apply changes.
- Note that this argument can be used to confirm verified configuration done via commit
confirmed operation
type: bool
version_added: '2.8'
version_added_collection: ansible.builtin
backup_options:
description:
- This is a dict object containing configurable options related to backup file path.
The value of this option is read only when C(backup) is set to I(yes), if C(backup)
is set to I(no) this option will be silently ignored.
suboptions:
dir_path:
description:
- This option provides the path ending with directory name in which the backup
configuration file will be stored. If the directory does not exist it will be
first created and the filename is either the value of C(filename) or default
filename as described in C(filename) options description. If the path value
is not given in that case a I(backup) directory will be created in the current
working directory and backup configuration will be copied in C(filename) within
I(backup) directory.
type: path
filename:
description:
- The filename to be used to store the backup configuration. If the the filename
is not given it will be generated based on the hostname, current time and date
in format defined by <hostname>_config.<current-date>@<current-time>
type: dict
version_added: '2.8'
version_added_collection: ansible.builtin
confirm_commit:
default: 'no'
description:
- This argument will execute commit operation on remote device. It can be used to
confirm a previous commit.
type: bool
version_added: '2.4'
version_added_collection: ansible.builtin
backup_path: description: The full path to the backup file returned: when backup is yes sample: /playbooks/ansible/backup/config.2016-07-16@22:28:34 type: str date: description: The date extracted from the backup file name returned: when backup is yes sample: '2016-07-16' type: str filename: description: The name of the backup file returned: when backup is yes and filename is not specified in backup options sample: junos01_config.2016-07-16@22:28:34 type: str shortname: description: The full path to the backup file excluding the timestamp returned: when backup is yes and filename is not specified in backup options sample: /playbooks/ansible/backup/junos01_config type: str time: description: The time extracted from the backup file name returned: when backup is yes sample: '22:28:34' type: str