The eos_template module works by allowing configurations to be pushed
to Arista EOS devices that can be templated by the Ansible Jinja2
template engine
The nxos_template module worksw by allowing configurations to be pushed
to Cisco NXOS devices over CLI or NXAPI and templated using the Ansible
Jinja2 template engine
This adds a new module nxos_command that can be used to send arbitrary
commands to NXOS devices. The module includes an argument that allows
the responses to be evaluated and causes the module not to return
control to the playbook until a set of conditions has been met.
Using the difflist feature added in ansible/ansible@c337293 we can add
two diffs to the `diff` dict returned as JSON: A `before` and `after` pair of
changed file contents and the diff of the file attributes.
n.b.: the difflist handling from the above commit is logically broken.
PR will follow.
Example output:
TASK [change line and mode] ************************************************************
changed: [localhost]
--- before: /tmp/sshd_config (content)
+++ after: /tmp/sshd_config (content)
@@ -65,21 +65,21 @@
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
+AcceptEnv LANG LC_* GF_ENV_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
--- before: /tmp/sshd_config (file attributes)
+++ after: /tmp/sshd_config (file attributes)
@@ -1,3 +1,3 @@
{
- "mode": "0700"
+ "mode": "0644"
}
This adds a new module eos_command to network/eos. The eos_command module
is used for sending arbitrary commands to Arista EOS devices. It includes
arguments that allow the module to wait for specific values before the
module returns control to the playbook or fails
This adds a new module for pushing configuraitons to eos devices in a
reliable and repeatable fashion. It includes support for templating
configurations and backing up the current config prior to pushing out
changes. This module works over either CLI or EAPI.
This PR has a dependency on ansible/ansible PR #14009 being merged
OCD is making me fix the inconsistency with how None is typed. First Letter Capitalized All Over Now.
cleaning up the default object that was created for the cache_security_groups and removing checks dealing with it.
clean up space
Changing default cache_security_groups from [default] to None.
This adds a new module for managing configuraiton files for Cisco NXOS
devices. It provides configuration file management including templating
and backing up the current configuration.
This PR has a dependency on ansible/ansible PR # 14012
On systems with restrictive umasks, the pip module won't allow you to
install pip packages that are usable by everyone on the system. This
commit adds a umask option to optionally override the umask on a
per-package basis.
Since there is no shell escape of the password parameter, a password with
a single quote (or even worst, a single quote and a pipe) could have
unattended consequences. Also, the less we use use_unsafe_shell=True, the
better.
As of Ansible 2.x, invocation of Django's ```manage.py``` requires a valid "shebang". Additionally, ```manage.py``` must be executable.
The old invocation was hardcoded as ```python manage.py ...``` while the new invocation is ```./manage.py ...```. See [this PR](https://github.com/ansible/ansible-modules-core/pull/1165).
This change allows more flexibility for which Python interpreter is invoked, but breaks existing deployment when ```manage.py``` is not properly configured. This documentation update adds a note explaining the new requirements for ```manage.py```.
Add the ability to completely delete a floating IP from the pool
when disassociating it from a server. When state is absent and
purge is true, the IP will be completely deleted. The default
keeps the current behavior, which is to only disassociate the IP
from the server.
The exception message, when shade fails, will contain much more
specific information about the failure if the exception is treated
as a string. The 'message' attribute alone is usually not helpful.
Support specifying an absolute path (typically /etc/crontab) rather than
a path relative to /etc/cron.d, to allow modifying the main system crontab.
Particularly useful for target systems that have /etc/crontab but no
/etc/cron.d.
Since use_unsafe_shell is suspicious from a security point
of view (or it wouldn't be unsafe), the less we have, the less
code we have to toroughly inspect for a security audit.
In this case, the '&&' can be replaced by doing 2 calls to run_command.
