* nxos_vpc: pkl_vrf fixes for #57069Fixes#57069
- Symptom: When playbooks specify `pkl_vrf: default`, the result is that the cli does not set the `vrf` state.
- Analysis:
- First issue: 'default' is a reserved word when used with the `peer-keepalive` `vrf` keyword. It refers to the default rib.
- This is confusing in several ways because `peer-keepalive`'s *default* vrf is the `management` vrf.
- Second issue: When changing only one optional value (`pkl_vrf`) while other optional values are idempotent (`pkl_src`), the result is that the idempotent values are ignored; unfortunately the device cli *replaces* the entire command, in which case the idempotent values are removed.
- e.g. playbook specifies this:
```
{ pkl_dest: 10.1.1.1, pkl_src: 10.2.2.2, pkl_vrf: my_vrf }
```
```
peer-keepalive dest 10.1.1.1 src 10.2.2.2 # original
peer-keepalive dest 10.1.1.1 src 10.2.2.2 vrf my_vrf # intended result
peer-keepalive dest 10.1.1.1 vrf my_vrf # actual result
```
- Third issue: the `pkl` getter was relying on positional data. This broke when the `udp` keyword nvgen'd where `vrf` used to appear (shifting all keywords to the right).
- Tested on regression platforms: `N3K,N6k,N7K,N9K,N3K-F,N9K-F`
* PEP fixes
* PEP fix 2
* pkl should merge by default, not override
* rmv debugs
* add mike's tests
* fix comments
* nxos_bgp_neighbor: Add bfd support
- Add support for bfd state in nxos_bgp_neighbor
- Feature Pull Request
- nxos_bgp_neighbor
- Tested on platforms: `N3K,N6K,N7K,N9K`
* bfd T/F now bfd enable/disable
* pep fix ws
* nxos_interface_ospf: Add bfd support
Add support for `bfd` state in `nxos_interface_ospf`
- Feature Pull Request
`nxos_interface_ospf`
* Fix pep issues
* sanity loop: syntax
* bfd states changed from T/F to enable/disable/default
* doc hdr fixes
* nxos_bfd_global: initial commit
This is an initial POC with just a few commands included. The code has been written somewhat generically so that it can act as a best practices template for re-use in future modules. The implementation follows the yaml cmd_ref style to define each command's getter/setter/type/default. It supports platform-specific defaults.
The basic logic is to collect all relevant data in a `cmd_ref` dict and pass that around to various methods.
In the BFD case the devices don't provide JSON output so we have to screen-scrape with show runs.
BFD does not support present/absent states so there is no state param.
BFD has three different property types to handle. We can add add'l types as needed:
- int
- int_list (list of ints)
- str (needs support for 'no' keyword)
* Use get_capabilities to find platform type
* PR comment fixes, round 1
* Minor cleanups
* nxos_bfd_global: create NxosCmdRef in module_utils
This commit just takes the latest bfd global code and moves the bulk
of the code into new `class NxosCmdRef` in `module_utils/nxos/nxos.py`.
The only remaining code in `nxos_bfd_global.py` are the calls from `main()`.
* Add remaining command properties and documentation
* update argument_spec
* Add check for _exclude; add sanity test
* Add targets files for bfd
* Context and state absent updates
* Add dict support to cmd_ref
* Changed remaining list commands to dict usage
* Add idempotence check for dict
* Fix existing overwrite bug
* Move pattern matching logic into its own method
* add support for 'command: absent'
* Add `get_platform_shortname`; update BFD platform-specific settings
* /absent/deleted/
* /sh/show/ in prepare_nxos_tests
* add dict check to get_platform_shortname
* Add normalize_defaults()
* UTs for bfd_global
* support yaml for both py2/py3
* update cmd_ref doc header
* Fix python2.6 incompatibility with dict comprehensions
* Fix bfd_global doc header (yaml syntax fail)
* more shippable fixes
* yet more shippable fixes
* shippable: remove r' ' wrappers
* docfix - remove ':'
* escape regex ctl chars in yaml table
* remove extra blank lines
* Fix str(None) issue
* Command context updates
* import PY2,PY3 instead of import sys
* fix ordereddict import & parent_context
* try/except for yaml import
* fix import issue for ordereddict
* remove epdb
* nxosCmdRef_import_check() workaround for shippable
* fix PEP ws errors
* nxos_vlan: fix broken purge behavior (issue #57101)
Symptoms/Analysis:
- `nxos_vlan` `purge: true` would fail when `purge` was trying to delete all unspecified vlans, including vlan 1.
- `nxos` devices do not allow removing vlan 1 and raise a cli exception error
- Previous fix#55144 caused a side effect when `purge` was used: vlan changes specified by `aggregate` were ignored; e.g.
- vlan 4 is not present; playbook specifies `aggregate: { vlan: 4 }, purge: true`
- results in proper purging but vlan 4 is not created
Solutions:
- ignore vlan 1 when purging
- remove the `not purge` check from state present logic
Added additional unit tests and integration tests.
Tested against all regression platforms.
* PEP fixes
* Add agg_show_vlan_brief.txt fixture
* Add warning for removing vlan 1
* change method name check
* Remove code but leave the metadata so that they can be listed as
removed in documentation.
* Remove removed modules from validate-modules ignore
* Remove unittests for the removed nodules
* Remove links to removed modules and add list of removed moduels to the
2.9 porting guide
* Add support for multiple IPv6 addresses in nxos_l3_interface module
Cisco support multiple IPv6 addresses on each interface but only the first
IPv6 is considered by this module. There is no impact on the configuration
but the module is not idempotent.
* Add internal support for IPv6 list
* Fix module idempotency
* Initialize tests for nxos_l3_interface
* Fix IPv4 removal idempotency
* Fix data extraction from nxos config
* Fix silently ignored interfaces in nxos_l3_interface
* Add warning when interface does not exist in nxos config
* nxos_interfaces_ospf: fix passive-interface states & check_mode
This fix addresses issues #41704 and #45343.
The crux of the problem is that `passive-interface` should have been treated as a tri-state value instead of a boolean.
The `no` form of the command disables the passive state on an interface (allows it to form adjacencies and send routing updates). It's essentially an override for `passive-interface default` which enables passive state on all OSPF interfaces.\*
This `no` config will be present in `running-config`.
\**See `router ospf` configuration.*
Since both enable and disable states are explicit configs, the proper way to remove either of these is with the `default` syntax.
Passive-interface config syntax:
```
ip ospf passive-interface # enable (nvgens)
no ip ospf passive-interface # disable (nvgens)
default ip ospf passive-interface # default (removes config, does not nvgen)
```
Code changes:
* `passive_interface` param changed from boolean to string, restricted to `true`,`false`,`default`.
* Several passive-interface specific checks were added because the existing module logic tends to test for true or false and doesn't handle the None case.
* Fixed `check_mode`.
Sanity verified on: N9K,N7K,N3K,N6K
* Fix doc header
* Unit tests for passive-interface
* doc fix#2
* Fix indent for SA
* Remove 'default' keyword, restore bool behavior
* remove changes to sanity
* Fix 'defaults' option in the nxos_config module
Nxos get_config is allways called with the 'all' option.
* Fix flag's calculation
* Add tests
* nxos_config: the 'backup' option take into account the value of 'defaults' option
If 'defaults' option is true, the running-config backup is done with the all
keyword.
* added timestamps to nxos_command module
nxos_command module now returns timestamps field, which shows command execution time
* fixed unit test failure for /lib/ansible/module_utils/basic
* cosmetic changes to align with PEP 8
* Move ansible.compat.tests to test/units/compat/.
* Fix unit test references to ansible.compat.tests.
* Move builtins compat to separate file.
* Fix classification of test/units/compat/ dir.
* NXAPI ssl ciphers & protocols default values
* TLSv1, TLSv1.1, TLSv1.2 and weak cipher support
* NXOS NXAPI weak/strong cipher & TLSv 1.2, 1.1 & 1.0 support
* Version checking for strong/weak ciphers & TLS 1.2, 1.1 & 1.0 support
* Cleaned up erroneously committed changes.
* Specific NXOS platform checking for nxapi ssl ciphers & protocols
* Fixed ansibot reported errors.
* Resolved ansibot reported error.
* Added network_os_version to mocked up N7K unit test device_info
* Calling get_capabilities() once in main and passing results into methods.
* Removed raising exceptions when platform capabilities return None
per reviewers request. Skipping nxapi ssl options when capabilities
are None and generating a warning when these options are skipped
* Cleaned up explicit checks for None/not None
* nxos cliconf plugin refactor
Fixes#39056
* Refactor nxos cliconf plugin as per new api definition
* Minor changes in ios, eos, vyos cliconf plugin
* Change nxos httpapi plugin edit_config method to be in sync with
nxos cliconf edit_config
* Fix CI failure
* Fix unit test failure and review comment
* Remove 1.1.1.1 from *_config tests
* remove from *_smoke and *_system
* Miscellaneous other tests
* Remove from module documentation as well
* Remove from unit tests as well
* Remove accidental duplication from rebase
* fix nxos_l3_interface tests as n35 doesn't support ipv6
* add terminal dont-ask to nxos_feature and nxos_lldp
* put interfaces in L2 mode for N35
* fix nxos_feature unit-tests
* mutually_exclusive add - ios_config parents works with lines by not src
* mutually_execlusive parents,src added to all other net modules
* tests for mutually_exclusive parents,src and whitespce removal
Chris Van Heuveln