Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

restruct functions from NAE repo

• parse_path(self, dn)
• get_aci_class(self, prefix)
• is_json(self, myjson)

Affected Module Name(s):

• nd_XXXXX

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

This issue is to track adding support to export NDI Contract Stats into a CSV File.

Ideally we will have a task as following:

  tasks:
    - name: get contract stats
      cisco.nd.nd_contracts_stats: 
        insights_group: SYD
        site_name: FAB1
        hitcount_by: EpgContractFilter
        file: stats.csv

and will dump all the statistics in csv format.

The use case is around contract optimisation and clean up where we can easily filter this data externally to understandf which contract are getting hit and which ones aren't so that they can be removed.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The HTTPAPI Connection plugin is not able to retrieve the token from the login method when using local login domain.

Affected Module Name(s):

• httpapi/nd.py

ND version and ND Platform

• V 2.1.2d and all.

APIC version and APIC Platform for Site related issues

• V 3.7.1g and all.

Collection versions

• cisco.nd 0.1.2
• cisco.mso 2.1.0
• ansible.netcommon 4.1.0

Output/ Error message

fatal: [ndo-lab1]: FAILED! => {"changed": false, "current": {}, "msg": "ND HTTPAPI send_request() Exception: command timeout triggered, timeout value is 30 secs.
See the timeout setting options in the Network Debug and Troubleshooting Guide. - Traceback (most recent call last):
  File "/root/.ansible/collections/ansible_collections/ansible/netcommon/plugins/connection/httpapi.py", line 286, in send
    response = open_url(url, data=data, **url_kwargs)
  File "/root/ansible_dev/.venv/lib/python3.10/site-packages/ansible/module_utils/urls.py", line 1665, in open_url
    return Request().open(method, url, data=data, headers=headers, use_proxy=use_proxy,
  File "/root/ansible_dev/.venv/lib/python3.10/site-packages/ansible/module_utils/urls.py", line 1557, in open
    r = urllib_request.urlopen(request, None, timeout)
  File "/usr/lib/python3.10/urllib/request.py", line 216, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.10/urllib/request.py", line 525, in open
    response = meth(req, response)
  File "/usr/lib/python3.10/urllib/request.py", line 634, in http_response
    response = self.parent.error(
  File "/usr/lib/python3.10/urllib/request.py", line 563, in error
    return self._call_chain(*args)
  File "/usr/lib/python3.10/urllib/request.py", line 496, in _call_chain
    result = func(*args)
  File "/usr/lib/python3.10/urllib/request.py", line 643, in http_error_default
    raise HTTPError(req.full_url, code, msg, hdrs, fp)
    urllib.error.HTTPError: HTTP Error 401: Unauthorized

During handling of the above exception, another exception occurred:

Traceback (most recent call last):


# repeat traceback, same as above

Expected Behavior

ok: [ndo-lab1]

Actual Behavior

Error as listed above

Playbook tasks to Reproduce

Inventory:

all:
  hosts:
    ndo-lab1:
      ansible_host: "{{ lookup('env', 'NDO_HOSTNAME') }}"
      ansible_user: "{{ lookup('env', 'NDO_USERNAME') }}"
      ansible_ssh_pass: "{{ lookup('env', 'NDO_PASSWORD') }}"
      ansible_httpapi_validate_certs: false
      ansible_httpapi_use_ssl: true
      ansible_connection: ansible.netcommon.httpapi
      ansible_network_os: cisco.nd.nd

Playbook:

- name: "Test NDO Queries"
  connection: local
  hosts: ndo-lab1
  gather_facts: false
  tasks:

    - cisco.nd.nd_version:
        login_domain: Local
        state: query

    - cisco.mso.mso_schema:
        login_domain: Local
        state: query

Important Factoids

The first query for the nd_version works, but it turns out this is a false positive because the /version.json endpoint does not require any authentication (at least for my install). The second query fails with the error above.

I enabled persistent logging with the following environment variables:

export ANSIBLE_LOG_PATH='ansible.log'
export ANSIBLE_PERSISTENT_LOG_MESSAGES=True

With this enabled, I was able to see that the connection plugin is sending the username and password to the NDO /login endpoint for both queries, but it is not receiving the token back in either case.

Relevant (redacted) logs for the nd_version query:

2023-01-24 12:25:47,054 p=2116836 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/login' with data '{"userName": "admin", "userPasswd": "<NDO_PASSWORD>", "domain": "Local"}' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json'}, 'method': 'POST', 'force_basic_auth': True, 'url_username': 'admin', 'url_password': '<NDO_PASSWORD>'}'
2023-01-24 12:25:47,055 p=2116836 u=root n=ansible | received response: 'b'''
2023-01-24 12:25:47,055 p=2116836 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/version.json' with data 'null' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json', 'Authorization': 'Bearer None'}, 'method': 'GET'}'
2023-01-24 12:25:47,055 p=2116836 u=root n=ansible | received response: 'b'{\n    "commit_id": "8ebcd0bdc",\n    "build_time": "now",\n    "build_host": "kube15",\n    "user": "root",\n    "product_id": "nd",\n    "product_name": "Nexus Dashboard",\n    "release": false,\n    "major": 2,\n    "minor": 1,\n    "maintenance": 2,\n    "patch": "d"\n}''

You can clearly see the received response: 'b''' and in the header in the query call is 'Authorization': 'Bearer None'. The same thing happens for the mso_schema query, but since that endpoint requires authentication it loops back to login again and eventually fails due to timeout.

Relevant (redacted) logs for the mso_schema query:

2023-01-24 12:26:18,646 p=2116903 u=root n=ansible | send_request method called
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send_request reseting connection as host has changed from <NDO_HOSTNAME> to None
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send_request() - connection.send(/mso/api/v1/schemas, null, GET, {'Content-Type': 'application/json'})
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | ESTABLISH HTTP(S) CONNECTFOR USER: admin TO https://<NDO_HOSTNAME>:443
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | Starting Login to <NDO_HOSTNAME>
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | login() - connection.send(/login, {"userName": "admin", "userPasswd": "<NDO_PASSWORD>", "domain": "Local"}, POST, {'Content-Type': 'application/json'})
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/login' with data '{"userName": "admin", "userPasswd": "<NDO_PASSWORD>", "domain": "Local"}' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json', 'Authorization': 'Bearer None'}, 'method': 'POST'}'
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | received response: 'b'''
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/mso/api/v1/schemas' with data 'null' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json', 'Authorization': 'Bearer None'}, 'method': 'GET'}'
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | Starting Login to <NDO_HOSTNAME>
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | login() - connection.send(/login, {"userName": "admin", "userPasswd": "<NDO_PASSWORD>", "domain": "Local"}, POST, {'Content-Type': 'application/json'})
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/login' with data '{"userName": "admin", "userPasswd": "<NDO_PASSWORD>", "domain": "Local"}' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json'}, 'method': 'POST', 'force_basic_auth': True, 'url_username': 'admin', 'url_password': '<NDO_PASSWORD>'}'
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | received response: 'b'''
2023-01-24 12:26:18,647 p=2116903 u=root n=ansible | send url 'https://<NDO_HOSTNAME>:443/mso/api/v1/schemas' with data 'null' and kwargs '{'timeout': 30, 'validate_certs': False, 'use_proxy': True, 'headers': {'Content-Type': 'application/json', 'Authorization': 'Bearer None'}, 'method': 'GET'}'
# logs repeated until timeout

Once again you can see the same behavior of an empty response and Bearer None for the header, which causes the urllib.error.HTTPError: HTTP Error 401: Unauthorized in the error message.

Lastly, I reserved a NDO sandbox from Cisco and tried it there and got the same results.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Please create documentation and examples that demonstrate how to use this collection.

It would be immensely helpful to have proper documentation for all

• modules
• roles
• plugins

As it is right now, potential users of this collection will have to dig into the codebase in order to find out how make use of it. This is not optimal.

Many users are still taking their baby steps with ansible and may not have the capacity or skills needed in order to approach it in this way.

New or Affected Module(s):

• N/A

ND version and ND Platform

• N/A

APIC version and APIC Platform for Site related features

• N/A

Collection versions

• cisco.nd 0.2.0

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• New module allowing to configure multiple flow rules for different associated objects (e.g. tenant) at once.
• Use-case: scale testing, events etc.

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

tasks:

• name: Get MSO version from MSO
  cisco.mso.mso_version:
  state: query

The above task does not work and gives error.
ERROR:
fatal: [test]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "current": {}, "msg": "Unable to parse error output as JSON. Raw error message: 'NoneType' object is not subscriptable"}

But using these below parameters in above task works.
host: "{{mso_hostname}}"
username: "{{mso_user}}"
password: "{{mso_ssh_pass}}"
validate_certs: false

Example:

• name: Get MSO version from MSO
  cisco.mso.mso_version:
  host: "{{ansible_host}}"
  username: "{{ansible_user}}"
  password: "{{ansible_ssh_pass}}"
  validate_certs: false
  state: query

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions:

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible --version
ansible 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible
executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible
python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]

ND Version:
tried both vND 2.1.1e and vND 2.1.1d

Description

Ansible ND Playbook not working with Remote User

Details:

inventory file
(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat hosts

[nd]
nd1 ansible_host=10.0.0.94

[nd:vars]
ansible_connection=ansible.netcommon.httpapi
ansible_network_os=cisco.nd.nd
#ansible_network_os=cisco.mso.mso
ansible_httpapi_validate_certs=False
ansible_httpapi_use_ssl=True
ansible_httpapi_use_proxy=True
ansible_python_interpreter=/usr/bin/python3

playbook
(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat nd-simpleQuery_remoteUser.yaml

- hosts: nd
  gather_facts: no
  connection: httpapi

  tasks:
  - name: Get ND version
    cisco.nd.nd_version:
        host: "nd"
        username: "soumukhe"
        password: "soumu101"
        login_domain: "raddb"
        validate_certs: false
        state: query

#usage: ansible-playbook nd-simpleQuery_remoteUser.yaml -i hosts -vvv

Results of running playbook with Remote User: (please note that soumukhe/soumu101 is a legitimate nd remote user using radius domain)

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible-playbook nd-simpleQuery_remoteUser.yaml -i hosts -vvv
ansible-playbook 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible
  executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible-playbook
  python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
script declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
auto declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
Parsed /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts inventory source with ini plugin

PLAYBOOK: nd-simpleQuery_remoteUser.yaml ******************************************************************************************************************************************************************************************************
1 plays in nd-simpleQuery_remoteUser.yaml

PLAY [nd] *************************************************************************************************************************************************************************************************************************************
META: ran handlers

TASK [Get ND version] *************************************************************************************************************************************************************************************************************************
task path: /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/nd-simpleQuery_remoteUser.yaml:6
<10.0.0.94> ESTABLISH LOCAL CONNECTION FOR USER: aciadmin
<10.0.0.94> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355 `" && echo ansible-tmp-1638138656.8873029-258455380168355="` echo /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355 `" ) && sleep 0'
Using module file /home/aciadmin/.ansible/collections/ansible_collections/cisco/nd/plugins/modules/nd_version.py
<10.0.0.94> PUT /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/tmp1jumdyb9 TO /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py
<10.0.0.94> EXEC /bin/sh -c 'chmod u+x /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/ /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c '/usr/bin/python3 /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c 'rm -f -r /home/aciadmin/.ansible/tmp/ansible-local-16556zv8zc5r6/ansible-tmp-1638138656.8873029-258455380168355/ > /dev/null 2>&1 && sleep 0'
**The full traceback is:
  File "/tmp/ansible_cisco.nd.nd_version_payload_u0jv470e/ansible_cisco.nd.nd_version_payload.zip/ansible_collections/cisco/nd/plugins/module_utils/nd.py", line 201, in request
    info = conn.send_request(method, uri, json.dumps(data))
  File "/tmp/ansible_cisco.nd.nd_version_payload_u0jv470e/ansible_cisco.nd.nd_version_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
    raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [nd1]: FAILED! => {**
    "changed": false,
    "current": {},
    "data": null,
    "invocation": {
        "module_args": {
            "host": "nd",
            "login_domain": "raddb",
            "output_level": "normal",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "state": "query",
            "timeout": 30,
            "use_proxy": null,
            "use_ssl": null,
            "username": "soumukhe",
            "validate_certs": null
        }
    },
    "msg": {
        "error": "Invalid Username/Password",
        "statusCode": 401
    }
}

PLAY RECAP ************************************************************************************************************************************************************************************************************************************
nd1                        : ok=0    changed=0    unreachable=0    **failed=1**    skipped=0    rescued=0    ignored=0   

As a side note, this works fine with local user

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ cat nd-simpleQuery_localUser.yaml

- hosts: nd
  gather_facts: no
  connection: httpapi

  tasks:
  - name: Get ND version
    cisco.nd.nd_version:
        host: "nd"
        username: "ansible"
        password: "Ansible101!"
        validate_certs: false
        #login_domain: "raddb"
        state: query


#usage:  ansible-playbook nd-simpleQuery_localUser.yaml -i hosts -vvv 

Results when playbook run with local user:

(vEnvAnsible2.9.6-P3.7.9) aciadmin@ubuntu-jump:~/Ansible/ansible-scripts/MSO_NI6.0Test/testing$ ansible-playbook nd-simpleQuery_localUser.yaml -i hosts -vvv
ansible-playbook 2.9.6
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/aciadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/lib/python3.7/site-packages/ansible
  executable location = /home/aciadmin/Ansible/envs/vEnvAnsible2.9.6-P3.7.9/bin/ansible-playbook
  python version = 3.7.9 (default, Aug 24 2020, 23:58:02) [GCC 7.5.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
script declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
auto declined parsing /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts as it did not pass its verify_file() method
Parsed /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/hosts inventory source with ini plugin

PLAYBOOK: nd-simpleQuery_localUser.yaml *******************************************************************************************************************************************************************************************************
1 plays in nd-simpleQuery_localUser.yaml

PLAY [nd] *************************************************************************************************************************************************************************************************************************************
META: ran handlers

TASK [Get ND version] *************************************************************************************************************************************************************************************************************************
task path: /home/aciadmin/Ansible/ansible-scripts/MSO_NI6.0Test/testing/nd-simpleQuery_localUser.yaml:6
<10.0.0.94> ESTABLISH LOCAL CONNECTION FOR USER: aciadmin
<10.0.0.94> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207 `" && echo ansible-tmp-1638139060.748573-221645577411207="` echo /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207 `" ) && sleep 0'
Using module file /home/aciadmin/.ansible/collections/ansible_collections/cisco/nd/plugins/modules/nd_version.py
<10.0.0.94> PUT /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/tmp4k_gxgs0 TO /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py
<10.0.0.94> EXEC /bin/sh -c 'chmod u+x /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/ /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c '/usr/bin/python3 /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/AnsiballZ_nd_version.py && sleep 0'
<10.0.0.94> EXEC /bin/sh -c 'rm -f -r /home/aciadmin/.ansible/tmp/ansible-local-16981iq3spbxr/ansible-tmp-1638139060.748573-221645577411207/ > /dev/null 2>&1 && sleep 0'
ok: [nd1] => {
    "changed": false,
    "current": {
        "build_host": "kube13",
        "build_time": "now",
        "commit_id": "fa370d783",
        "maintenance": 1,
        "major": 2,
        "minor": 1,
        "patch": "d",
        "product_id": "nd",
        "product_name": "Nexus Dashboard",
        "release": false,
        "user": "root"
    },
    "data": null,
    "invocation": {
        "module_args": {
            "host": "nd",
            "login_domain": "local",
            "output_level": "normal",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "state": "query",
            "timeout": 30,
            "use_proxy": null,
            "use_ssl": null,
            "username": "ansible",
            "validate_certs": null
        }
    },
    "socket": "/home/aciadmin/.ansible/pc/df36fcc82e"
}
META: ran handlers
META: ran handlers

PLAY RECAP ************************************************************************************************************************************************************************************************************************************
nd1                        : ok=1    changed=0    unreachable=0    **failed=0**    skipped=0    rescued=0    ignored=0   

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

This is a feature request for a new module to support multicluster connectivity setup.

New or Affected Module(s):

• nd_muticluster_setup
  ^ proposed module name

ND version and ND Platform

• V 3.1.1 Physical/OVA

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Based on the ansible-community/community-topics#120 to use true/false for boolean values in documentation and examples, we ask that you evaluate booleans in this collection and consider changing any that do not use true/false (lowercase).

See documentation block format for more info (specifically, option defaults).

If you have already implemented this or decide not to, feel free to close this issue.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

New module for cisco.nd.nd_site

New or Affected Module(s):

• nd_site

ND version and ND Platform

• V 2.2.1+

APIC version and APIC Platform for Site related features

• all

Update GitHub actions and resolve issues with Galaxy Importer.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Create a module to manage the ND service / app lifecycle (install, update, enable and remove)

New or Affected Module(s):

• nd_service

ND version and ND Platform

• Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS

We setup a nexus dashboard cluster version 2.0.2h.

We want to use Ansible to manage Nexus dashboard, and it fails

we followed the Cisco Documentation to install the collection 'ansible-nd' https://github.com/CiscoDevNet/ansible-nd?fbclid=IwAR0jkIPOzr7_AzoWUkY4ZYJb0Nkz0PkE-Ub2pOxztk8LqloboK5WwGUiAE4 and we changed the host parameters as follows :

    ansible_connection=ansible.netcommon.httpapi
    ansible_network_os=cisco.nd.nd

But it still fails. Here under the playbook

• name: Verify Nexus dashboard version
  hosts: mso
  gather_facts: no

  tasks:

  • name: Get ND version
    cisco.nd.nd_version:
    state: query
    host: "{{ mso_host }}"
    username: "{{ username }}"
    password: "{{ password }}"
    use_proxy: false
    use_ssl: true
    validate_certs: false
    login_domain: local

and here is the failure log

The full traceback is:
File "/tmp/ansible_cisco.nd.nd_version_payload_r1vx6i5n/ansible_cisco.nd.nd_version_payload.zip/ansible_collections/cisco/nd/plugins/module_utils/nd.py", line 201, in request
info = conn.send_request(method, uri, json.dumps(data))
File "/tmp/ansible_cisco.nd.nd_version_payload_r1vx6i5n/ansible_cisco.nd.nd_version_payload.zip/ansible/module_utils/connection.py", line 195, in rpc
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [mso]: FAILED! => {
"changed": false,
"current": {},
"data": null,
"invocation": {
"module_args": {
"host": "172.25.1.4",
"login_domain": "local",
"output_level": "debug",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": null,

{
"changed": false,
"data": null,
"current": {},
"msg": {
"error": "Could not authenticate successfully",
"statusCode": 500
},
"exception": " File "/tmp/ansible_cisco.nd.nd_version_payload_r1vx6i5n/ansible_cisco.nd.nd_version_payload.zip/ansible_collections/cisco/nd/plugins/module_utils/nd.py", line 201, in request\n info = conn.send_request(method, uri, json.dumps(data))\n File "/tmp/ansible_cisco.nd.nd_version_payload_r1vx6i5n/ansible_cisco.nd.nd_version_payload.zip/ansible/module_utils/connection.py", line 195, in rpc\n raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)\n",
"invocation": {
"module_args": {
"state": "query",
"host": "172.25.1.4",
"username": "admin",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"use_proxy": false,
"use_ssl": true,
"validate_certs": false,
"output_level": "debug",
"login_domain": "local",
"timeout": 30,
"port": null
}
},
"_ansible_no_log": false
}

the error message says "Could not authenticate successfully" but we verified username/password/login Domain, and they are ok, could you please help us ?

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• When login_domain is set to 'local', it is ignored. This presents an issue when the default authentication method in ND has been changed to something other than local.
• The nd.py explicitly sets login_domain to 'DefaultAuth', however when a cisco.nd module is called without a value for login_domain, it defaults to 'local'.

Affected Module Name(s):

• httpapi/nd.py

ND version and ND Platform

• V 2.1(2d) Physical

Collection versions

• cisco.nd 0.1.2

Output/ Error message

fatal: [ND]: FAILED! => {"changed": false, "current": {}, "data": null, "msg": {"error": "dial tcp x.x.x.x:49: connect: connection refused", "statusCode": 500}}

Expected Behavior

• Code should have passed through value for login_domain as local

Actual Behavior

• Code ignored a value of local as login_domain, and instead used DefaultAuth

Playbook tasks to Reproduce

ND:

• Change default authentication to something other than local (e.g. TACACS)

Inventory:

all:
  hosts:
    ND:
      ansible_host: "x.x.x.x"
      ansible_connection: "ansible.netcommon.httpapi"
      ansible_network_os: "cisco.nd.nd"
      ansible_httpapi_validate_certs: "False"
      ansible_httpapi_use_ssl: "True"
      ansible_httpapi_use_proxy: "False"
      ansible_user: "admin"
      ansible_password: "xxxxxx"

Playbook:

- name: Nexus Dashboard
  hosts: ND
  gather_facts: no
  tasks:
    - name: Get Nexus Dashboard version
      cisco.nd.nd_version:
        login_domain: "local"
        state: query
      register: query_result

    - name: Print output
      debug:
        var: query_result

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

When first deployed, the ND provides a setup screen on a Web UI to finish the setup.
This enhancement want to add a module to cover the API behind this Setup screen.

New or Affected Module(s):

• nd_setup

ND version and ND Platform

• Physical/OVA/Cloud-AWS/Cloud-Azure

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• xxxx

New or Affected Module(s):

• nd_XXXXX

ND version and ND Platform

• V x.x.x and Physical/OVA/Cloud-AWS/Cloud-Azure/SaaS/all.

APIC version and APIC Platform for Site related features

• V x.x.x and on-prem/cloud-aws/cloud-azure/all.

Collection versions

• cisco.nd x.x.x

References

• #0000

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

for cimc, mso, apic we are able to create backup using automation, but the only part of our ACI environment is Nexus Dashboard, which is pretty "old fashioned" to create a backup. Hope there is a possibility to get more modules.

New or Affected Module(s):

• nd_backup

ND version and ND Platform

• V 2.0.2h and Physical

APIC version and APIC Platform for Site related features

• V 4.2.7l and on-prem

Collection versions

• cisco.nd 0.1.0

References

• #0000