fortinet-ansible-dev / ansible-galaxy-fortiswitch-collection Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v3.0
ansible-galaxy-fortiswitch-collection's People
Contributors
Stargazers
Watchers
ansible-galaxy-fortiswitch-collection's Issues
VLAN Changes
Hello
We are trying to do a basic change of native_vlans and allowed_vlans; however the job keeps failing. Looking at the fortiswitch dbug logs, it is trying to "rename "port3" to "interface'" and then edit "interface" instead of "port3" Below are the ansible play and the debug log
Ansible Pay:
Fortiswitch log:
Problem with import CA certificate
Hello! I have fortigate e100 firmware 7.0.5.
For import I am trying to use fortiswitch_system_certificate_ca module
- name: Import CA Certificate
fortinet.fortiswitch.fortiswitch_system_certificate_ca:
state: present
system_certificate_ca:
name: CA_Cert_2
ca: |
-----BEGIN CERTIFICATE-----
MIIDozCCAougAwIBAgIJAN4piazpN5caMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
But the API does not eat this certificate, it is a pem certificate
is there anyway i can download all config
is there anyway i can download all config
switch trunk config does not work with mode change
[Problem Description]
when I implement the playbook below, switch does not change the mode to lacp-active, it keeps in static and lacp speed does not change to fast, ansible tasks show change finished. and I put the result below as well
`---
-
hosts: fortiswitch01
collections:- fortinet.fortiswitch
connection: httpapi
gather_facts: 'no'
vars:
ansible_httpapi_use_ssl: 'yes'
ansible_httpapi_validate_certs: 'no'
ansible_httpapi_port: 443
tasks: - name: Port 15
fortiswitch_switch_trunk:
state: "present"
switch_trunk:
name: "PC15"
mode: 'lacp_active'
description: "test"
lacp_speed: "fast"
members:
- member_name: "port15"
edit "PC15"
set description "test"
set members "port15"
next - fortinet.fortiswitch
Setting ssh keys for admin user.
I am having an issue where I can't add ssh-keys to user via fortiswitch_system_admin
FAILED! => {"changed": false, "meta": {"build": 453, "cmdb-checksum": "5045064375657548524", "cmdb-index": "750", "error_reason": "Invalid SSH public key.\n", "http_method": "POST", "http_status": 400, "name": "admin", "path": "system", "serial": "REDACTED", "status": "error", "timestamp": "2023-12-22T14:09:57Z", "vdom": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "version": "v7.2.5"}, "msg": "Error in repo"}
The code is the following:
- name: Register 'read-only-admin' user if not present in vdom 'root'.
fortinet.fortiswitch.fortiswitch_system_admin:
state: present
system_admin:
name: 'read-only-admin'
accprofile: 'read-only-profile'
comments: "Read Only privileged admin user to save backup configuration."
password: '{{ switch_ro_password }}'
ssh_public_key1: "{{ lookup('file', '{{ playbook_dir }}/files/ssh_pubkeys/oxidized_id_rsa.pub' ) }}"
vdom: 'root'
force_password_change: disable
The output of the lookup is OK aswell. "ssh-rsa AA....== comment"
fortinet.fortiswitch.fortiswitch_switch_interface not working
I am unable to configure interfaces with the module 'fortinet.fortiswitch.fortiswitch_switch_interface'
Ansible version:
ansible [core 2.13.5]
config file = /home/ansible/git/github/ansible-home/ansible.cfg
configured module search path = ['/home/ansible/venv-ansible/lib/python3.9/site-packages/napalm_ansible/modules']
ansible python module location = /home/ansible/venv-ansible/lib/python3.9/site-packages/ansible
ansible collection location = /home/ansible/venv-ansible/.ansible
executable location = /home/ansible/venv-ansible/bin/ansible
python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
jinja version = 3.1.2
libyaml = True
Collection version:
ansible-galaxy collection list | grep fortiswitch
fortinet.fortiswitch 1.1.2
Task in playbook:
- name: Configure interface
fortinet.fortiswitch.fortiswitch_switch_interface:
state: present
switch_interface:
name: '{{ item.name }}'
description: '{{ item.description }}'
loop: '{{ devices[0]["interfaces"] }}'
Error message from playbook:
failed: [sw01.borgermeister.lan] (item={'name': 'port1', 'description': 'SHUTDOWN', 'enabled': True, 'mode': None, 'ip_addresses': [], 'tagged_vlans': [], 'untagged_vlan': None}) => changed=false
ansible_loop_var: item
item:
description: SHUTDOWN
enabled: true
ip_addresses: []
mode: null
name: port1
tagged_vlans: []
untagged_vlan: null
meta:
build: 419
cmdb-checksum: '8630734143195324327'
cmdb-index: '516'
http_method: PUT
http_status: 400
mkey: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
name: interface
path: switch
serial: S108EF5918005861
status: error
timestamp: '2022-10-24T11:57:18Z'
vdom: root
version: v7.2.2
msg: Error in repo
Diagnose debug CLI on FortiSwitch:
Error in cmf_shm_api.c,cmf_shm_update,765, pid=821,vd=root,query=switch.interface,level=1,pos=0.
0: config switch interface
1: edit "interface"
Error in cmf_shm_api.c,cmf_shm_update,765, pid=821,vd=root,query=switch.interface,level=1,pos=0.
0: config switch interface
-61: rename "port1" to "interface"
(skipped) edit "interface"
(skipped) set description "SHUTDOWN"
Problem with switch interface name
Using the collection module fortiswitch_switch_interface, and it is erroring out on the interface name. My module:
- name: set switch interface
fortiswitch_switch_interface:
state: present
switch_interface:
name: "port1"
native_vlan: "2"
on CLI 8 debug shows
Error in cmf_shm_api.c,cmf_shm_update,765, pid=918,vd=root,query=switch.interface,level=1,pos=0.
Error in cmf_shm_api.c,cmf_shm_update,765, pid=918,vd=root,query=switch.interface,level=1,pos=0.
0: config switch interface
-61: rename "port1" to "interface"
(skipped) edit "interface"
(skipped) set native-vlan 2
and application httpsd -1 shows:
api_global.c [ 65] : ----------------------------------------------------------------------------------
api_global.c [ 66] : Received '/api/v2/cmdb/switch/interface/port1' request from '192.168.88.246'
api_global.c [ 67] : ----------------------------------------------------------------------------------
aps_util.c [ 1213] : cky-cid (11) loginname (admin) username (admin) prof-name (super_admin) in cookies
api_version.c [ 718] : Found out an entry ('switch.interface' -> 'switch.interface') for version (v2)
api_cmdb.c [ 2352] : finding a CMDB node (path='switch',name='interface')
api_cmdb.c [ 2390] : querying CMDB node with mkey 'port1'
api_version.c [ 30] : Changing Same Type Item : name ('igmps-flood-reports' -> 'igmp-snooping-flood-reports')
api_version.c [ 30] : Changing Same Type Item : name ('igmps-flood-traffic' -> 'mcast-snooping-flood-traffic')
api_cmdb.c [ 2128] : editing CMDB object : append (0) auto_key (0) mkey (port1) flags (0) ...
api_json.c [ 1975] : setting attribute 'name' : 'interface'
api_json.c [ 1975] : setting attribute 'native-vlan' : '2'
api_cmdb.c [ 971] : saving failed for main node: 'interface' (err=-61)
api_json.c [ 1688] : error saving request object to CLI (-61)
api_cmdb.c [ 1978] : return error code : cmdb (-61) to http code (400)
api_common.c [ 849] : API return HTTP code (400:error)
================== Response ==================
{
"http_method":"PUT",
"status":"error",
"http_status":400,
"vdom":"root",
"path":"switch",
"name":"interface",
"mkey":"port1",
"cmdb-index":"771",
"cmdb-checksum":"17626511090081187947",
"serial":"S448DXXXXXXXXXXX",
"version":"v7.0.0",
"build":22,
"timestamp":"1970-01-01T04:07:13Z",
"error_reason":"error saving request object to CLI (-61)"
}
Finally, ansible logs:
fatal: [192.168.88.2]: FAILED! => {"changed": false, "meta": {"build": 22, "cmdb-checksum": "17626511090081187947", "cmdb-index": "771", "error_reason": "error saving request object to CLI (-61)", "http_method": "PUT", "http_status": 400, "mkey": "port1", "name": "interface", "path": "switch", "serial": "S448DXXXXXXXXXXX", "status": "error", "timestamp": "1970-01-01T04:09:47Z", "vdom": "root", "version": "v7.0.0"}, "msg": "Error in repo"}
Funnily enough I can make any changes without issue when using the fortiswitch_physical_port module. It appears that somewhere the "name" is being remapped to "interface," but I'm not sure where. Tested with FSW 7.0.0-3, and releases 1.0.0, 1.0.1, and 1.1.0.
Thanks
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.