Try SpotterNTP Global resource module.
| "added in version" 2.6.0 of cisco.nxos"
Authors: Nilashish Chakraborty (@NilashishC)
Install with ansible-galaxy collection install cisco.nxos:==7.0.0
collections:
- name: cisco.nxos
version: 7.0.0This module manages ntp configuration on devices running Cisco NX-OS.
# Using merged
# Before state:
# -------------
# nxos-9k-rdo# show running-config ntp
# nxos-9k-rdo#
- name: Merge the provided configuration with the existing running configuration
cisco.nxos.nxos_ntp_global: &id001
config:
access_group:
peer:
- access_list: PeerAcl1
serve:
- access_list: ServeAcl1
authenticate: true
authentication_keys:
- id: 1001
key: vagwwtKfkv
encryption: 7
- id: 1002
key: vagwwtKfkvgthz
encryption: 7
logging: true
master:
stratum: 2
peers:
- peer: 192.0.2.1
key_id: 1
maxpoll: 15
minpoll: 5
vrf: default
- peer: 192.0.2.2
key_id: 2
prefer: true
vrf: siteA
servers:
- server: 198.51.100.1
key_id: 2
vrf: default
- server: 203.0.113.1
key_id: 1
vrf: siteB
# Task output
# -------------
# before: {}
#
# commands:
# - "ntp authenticate"
# - "ntp logging"
# - "ntp master 2"
# - "ntp authentication-keys 1001 md5 vagwwtKfkv 7"
# - "ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7"
# - "ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15"
# - "ntp peer 192.0.2.2 prefer use-vrf siteA key 2"
# - "ntp server 198.51.100.1 use-vrf default key 2"
# - "ntp server 203.0.113.1 use-vrf siteB key 1"
# - "ntp access-group peer PeerAcl1"
# - "ntp access-group serve ServeAcl1"
#
# after:
# access_group:
# peer:
# - access_list: PeerAcl1
# serve:
# - access_list: ServeAcl1
# authenticate: true
# authentication_keys:
# - id: 1001
# key: vagwwtKfkv
# encryption: 7
# - id: 1002
# key: vagwwtKfkvgthz
# encryption: 7
# logging: true
# master:
# stratum: 2
# peers:
# - peer: 192.0.2.1
# key_id: 1
# maxpoll: 15
# minpoll: 5
# vrf: default
# - peer: 192.0.2.2
# key_id: 2
# prefer: true
# vrf: siteA
# servers:
# - server: 198.51.100.1
# key_id: 2
# vrf: default
# - server: 203.0.113.1
# key_id: 1
# vrf: siteB
# After state:
# ------------
# nxos-9k-rdo# show running-config ntp
# ntp authenticate
# ntp logging
# ntp master 2
# ntp authentication-keys 1001 md5 vagwwtKfkv 7
# ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7
# ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15
# ntp peer 192.0.2.2 prefer use-vrf siteA key 2
# ntp server 198.51.100.1 use-vrf default key 2
# ntp server 203.0.113.1 use-vrf siteB key 1
# ntp access-group peer PeerAcl1
# ntp access-group serve ServeAcl1
# Using replaced
# Before state:
# ------------
# nxos-9k-rdo# show running-config ntp
# ntp authenticate
# ntp logging
# ntp master 2
# ntp authentication-keys 1001 md5 vagwwtKfkv 7
# ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7
# ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15
# ntp peer 192.0.2.2 prefer use-vrf siteA key 2
# ntp server 198.51.100.1 use-vrf default key 2
# ntp server 203.0.113.1 use-vrf siteB key 1
# ntp access-group peer PeerAcl1
# ntp access-group serve ServeAcl1
- name: Replace logging global configurations of listed logging global with provided configurations
cisco.nxos.nxos_ntp_global:
config:
access_group:
peer:
- access_list: PeerAcl2
serve:
- access_list: ServeAcl2
logging: true
master:
stratum: 2
peers:
- peer: 192.0.2.1
key_id: 1
maxpoll: 15
minpoll: 5
vrf: default
- peer: 192.0.2.5
key_id: 2
prefer: true
vrf: siteA
servers:
- server: 198.51.100.1
key_id: 2
vrf: default
state: replaced
# Task output
# -------------
# before:
# access_group:
# peer:
# - access_list: PeerAcl1
# serve:
# - access_list: ServeAcl1
# authenticate: true
# authentication_keys:
# - id: 1001
# key: vagwwtKfkv
# encryption: 7
# - id: 1002
# key: vagwwtKfkvgthz
# encryption: 7
# logging: true
# master:
# stratum: 2
# peers:
# - peer: 192.0.2.1
# key_id: 1
# maxpoll: 15
# minpoll: 5
# vrf: default
# - peer: 192.0.2.2
# key_id: 2
# prefer: true
# vrf: siteA
# servers:
# - server: 198.51.100.1
# key_id: 2
# vrf: default
# - server: 203.0.113.1
# key_id: 1
# vrf: siteB
#
# commands:
# - "no ntp authenticate"
# - "no ntp authentication-keys 1001 md5 vagwwtKfkv 7"
# - "no ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7"
# - "ntp peer 192.0.2.5 prefer use-vrf siteA key 2"
# - "no ntp peer 192.0.2.2 prefer use-vrf siteA key 2"
# - "no ntp server 203.0.113.1 use-vrf siteB key 1"
# - "ntp access-group peer PeerAcl2"
# - "no ntp access-group peer PeerAcl1"
# - "ntp access-group serve ServeAcl2"
# - "no ntp access-group serve ServeAcl1"
#
# after:
# access_group:
# peer:
# - access_list: PeerAcl2
# serve:
# - access_list: ServeAcl2
# logging: true
# master:
# stratum: 2
# peers:
# - peer: 192.0.2.1
# key_id: 1
# maxpoll: 15
# minpoll: 5
# vrf: default
# - peer: 192.0.2.5
# key_id: 2
# prefer: true
# vrf: siteA
# servers:
# - server: 198.51.100.1
# key_id: 2
# vrf: default
# After state:
# ------------
# nxos-9k-rdo# show running-config ntp
# ntp logging
# ntp master 2
# ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15
# ntp peer 192.0.2.5 prefer use-vrf siteA key 2
# ntp server 198.51.100.1 use-vrf default key 2
# ntp access-group peer PeerAcl2
# ntp access-group serve ServeAcl2
# Using deleted to delete all logging configurations
# Before state:
# ------------
# nxos-9k-rdo# show running-config ntp
- name: Delete all logging configuration
cisco.nxos.nxos_ntp_global:
state: deleted
# Task output
# -------------
# before:
# access_group:
# peer:
# - access_list: PeerAcl1
# serve:
# - access_list: ServeAcl1
# authenticate: true
# authentication_keys:
# - id: 1001
# key: vagwwtKfkv
# encryption: 7
# - id: 1002
# key: vagwwtKfkvgthz
# encryption: 7
# logging: true
# master:
# stratum: 2
# peers:
# - peer: 192.0.2.1
# key_id: 1
# maxpoll: 15
# minpoll: 5
# vrf: default
# - peer: 192.0.2.2
# key_id: 2
# prefer: true
# vrf: siteA
# servers:
# - server: 198.51.100.1
# key_id: 2
# vrf: default
# - server: 203.0.113.1
# key_id: 1
# vrf: siteB
#
# commands:
# - "no ntp authenticate"
# - "no ntp logging"
# - "no ntp master 2"
# - "no ntp authentication-keys 1001 md5 vagwwtKfkv 7"
# - "no ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7"
# - "no ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15"
# - "no ntp peer 192.0.2.2 prefer use-vrf siteA key 2"
# - "no ntp server 198.51.100.1 use-vrf default key 2"
# - "no ntp server 203.0.113.1 use-vrf siteB key 1"
# - "no ntp access-group peer PeerAcl1"
# - "no ntp access-group serve ServeAcl1"
#
# after: {}
# After state:
# ------------
# nxos-9k-rdo# show running-config ntp
# nxos-9k-rdo#
# Using rendered
- name: Render platform specific configuration lines with state rendered (without connecting to the device)
cisco.nxos.nxos_ntp_global:
config:
access_group:
peer:
- access_list: PeerAcl1
serve:
- access_list: ServeAcl1
authenticate: true
authentication_keys:
- id: 1001
key: vagwwtKfkv
encryption: 7
- id: 1002
key: vagwwtKfkvgthz
encryption: 7
logging: true
master:
stratum: 2
peers:
- peer: 192.0.2.1
key_id: 1
maxpoll: 15
minpoll: 5
vrf: default
- peer: 192.0.2.2
key_id: 2
prefer: true
vrf: siteA
servers:
- server: 198.51.100.1
key_id: 2
vrf: default
- server: 203.0.113.1
key_id: 1
vrf: siteB
state: rendered
# Task Output (redacted)
# -----------------------
# rendered:
# - "ntp authenticate"
# - "ntp logging"
# - "ntp master 2"
# - "ntp authentication-keys 1001 md5 vagwwtKfkv 7"
# - "ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7"
# - "ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15"
# - "ntp peer 192.0.2.2 prefer use-vrf siteA key 2"
# - "ntp server 198.51.100.1 use-vrf default key 2"
# - "ntp server 203.0.113.1 use-vrf siteB key 1"
# - "ntp access-group peer PeerAcl1"
# - "ntp access-group serve ServeAcl1"
# Using parsed
# parsed.cfg
# ------------
# ntp authenticate
# ntp logging
# ntp master 2
# ntp authentication-keys 1001 md5 vagwwtKfkv 7
# ntp authentication-keys 1002 md5 vagwwtKfkvgthz 7
# ntp peer 192.0.2.1 use-vrf default key 1 minpoll 5 maxpoll 15
# ntp peer 192.0.2.2 prefer use-vrf siteA key 2
# ntp server 198.51.100.1 use-vrf default key 2
# ntp server 203.0.113.1 use-vrf siteB key 1
# ntp access-group peer PeerAcl1
# ntp access-group serve ServeAcl1
- name: Parse externally provided ntp configuration
cisco.nxos.nxos_ntp_global:
running_config: "{{ lookup('file', './fixtures/parsed.cfg') }}"
state: parsed
state:
choices:
- merged
- replaced
- overridden
- deleted
- parsed
- gathered
- rendered
default: merged
description:
- The state the configuration should be left in.
- The states I(replaced) and I(overridden) have identical behaviour for this module.
- Please refer to examples for more details.
type: str
config:
description: A dict of ntp configuration.
suboptions:
access_group:
description:
- NTP access-group.
- This option is unsupported on MDS switches.
suboptions:
match_all:
description: Scan ACLs present in all ntp access groups.
type: bool
peer:
description: Access-group peer.
elements: dict
suboptions:
access_list:
description: Name of access list.
type: str
type: list
query_only:
description: Access-group query-only.
elements: dict
suboptions:
access_list:
description: Name of access list.
type: str
type: list
serve:
description: Access-group serve.
elements: dict
suboptions:
access_list:
description: Name of access list.
type: str
type: list
serve_only:
description: Access-group serve-only.
elements: dict
suboptions:
access_list:
description: Name of access list.
type: str
type: list
type: dict
allow:
description: Enable/Disable the packets.
suboptions:
control:
description: Control mode packets.
suboptions:
rate_limit:
description: Rate-limit delay.
type: int
type: dict
private:
description: Enable/Disable Private mode packets.
type: bool
type: dict
authenticate:
description: Enable/Disable authentication.
type: bool
authentication_keys:
description: NTP authentication key.
elements: dict
suboptions:
encryption:
description:
- 0 for Clear text
- 7 for Encrypted
type: int
id:
description: Authentication key number (range 1-65535).
type: int
key:
description: Authentication key.
type: str
type: list
logging:
description: Enable/Disable logging of NTPD Events.
type: bool
master:
description:
- Act as NTP master clock.
- This option is unsupported on MDS switches.
suboptions:
stratum:
description: Stratum number.
type: int
type: dict
passive:
description:
- NTP passive command.
- This option is unsupported on MDS switches.
type: bool
peers:
description: NTP Peers.
elements: dict
suboptions:
key_id:
description: Keyid to be used while communicating to this server.
type: int
maxpoll:
description:
- Maximum interval to poll a peer.
- Poll interval in secs to a power of 2.
type: int
minpoll:
description:
- Minimum interval to poll a peer.
- Poll interval in secs to a power of 2.
type: int
peer:
description: Hostname/IP address of the NTP Peer.
type: str
prefer:
description:
- Preferred Server.
type: bool
vrf:
aliases:
- use_vrf
description:
- Display per-VRF information.
- This option is unsupported on MDS switches.
type: str
type: list
servers:
description: NTP servers.
elements: dict
suboptions:
key_id:
description: Keyid to be used while communicating to this server.
type: int
maxpoll:
description:
- Maximum interval to poll a peer.
- Poll interval in secs to a power of 2.
type: int
minpoll:
description:
- Minimum interval to poll a peer.
- Poll interval in secs to a power of 2.
type: int
prefer:
description:
- Preferred Server.
type: bool
server:
description: Hostname/IP address of the NTP Peer.
type: str
vrf:
aliases:
- use_vrf
description:
- Display per-VRF information.
- This option is not applicable for MDS switches.
type: str
type: list
source:
description:
- Source of NTP packets.
- This option is unsupported on MDS switches.
type: str
source_interface:
description: Source interface sending NTP packets.
type: str
trusted_keys:
description: NTP trusted-key number.
elements: dict
suboptions:
key_id:
description: Trusted-Key number.
type: int
type: list
type: dict
running_config:
description:
- This option is used only with state I(parsed).
- The value of this option should be the output received from the NX-OS device by
executing the command B(show running-config ntp).
- The state I(parsed) reads the configuration from C(running_config) option and transforms
it into Ansible structured data as per the resource module's argspec and the value
is then returned in the I(parsed) key within the result.
type: str
after:
description: The resulting configuration after module execution.
returned: when changed
sample: 'This output will always be in the same format as the module argspec.
'
type: dict
before:
description: The configuration prior to the module execution.
returned: when I(state) is C(merged), C(replaced), C(overridden), C(deleted) or
C(purged)
sample: 'This output will always be in the same format as the module argspec.
'
type: dict
commands:
description: The set of commands pushed to the remote device.
returned: when I(state) is C(merged), C(replaced), C(overridden), C(deleted) or
C(purged)
sample:
- ntp master stratum 2
- ntp peer 198.51.100.1 use-vrf test maxpoll 7
- ntp authentication-key 10 md5 wawyhanx2 7
- ntp access-group peer PeerAcl1
- ntp access-group peer PeerAcl2
- ntp access-group query-only QueryAcl1
type: list
gathered:
description: Facts about the network resource gathered from the remote device as
structured data.
returned: when I(state) is C(gathered)
sample: 'This output will always be in the same format as the module argspec.
'
type: list
parsed:
description: The device native config provided in I(running_config) option parsed
into structured data as per module argspec.
returned: when I(state) is C(parsed)
sample: 'This output will always be in the same format as the module argspec.
'
type: list
rendered:
description: The provided configuration in the task rendered in device-native format
(offline).
returned: when I(state) is C(rendered)
sample:
- ntp master stratum 2
- ntp peer 198.51.100.1 use-vrf test maxpoll 7
- ntp authentication-key 10 md5 wawyhanx2 7
- ntp access-group peer PeerAcl1
- ntp access-group peer PeerAcl2
- ntp access-group query-only QueryAcl1
type: list