hello team,
we have created a service profile from template using cisco ucsm modules and then trying to update or configure ISCSI boot, like initiator and target information. i'm seeing the below error and just wanna s there any modules we can update through this

{"changed": true, "msg": "setup error: [ErrorCode]: 170[ErrorDescription]: Create-only and naming props cannot be modified after creation, class=lsServer, prop=type\n "}

Create a certificate request for keyring -

tasks:
    - name: certificate request create
      cisco_ucs_certificate_request:
        name: keyring_policy2
        ip: '1.1.1.1'
        ip_a: '1.1.1.2'
        ip_b: '1.1.1.3'
        ipv6: "2000:400:5000:2000::300:100"
        ipv6_a: "2000:400:5000:2000::300:101"
        ipv6_b: "2000:400:5000:2000::300:102"
        dns: 171.70.168.182
        locality: bangalore
        state: karnataka
        country: IN
        org_name: cisco
        org_unit_name: cspg
        subj_name: test1
        email: [email protected]
        pwd: qwerty
        state: present
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

Now delete the certificate request -

tasks:
    - name: certificate request delete
      cisco_ucs_certificate_request:
        name: keyring_policy2
        ip: '1.1.1.1'
        ip_a: '1.1.1.2'
        ip_b: '1.1.1.3'
        ipv6: "2000:400:5000:2000::300:100"
        ipv6_a: "2000:400:5000:2000::300:101"
        ipv6_b: "2000:400:5000:2000::300:102"
        dns: 171.70.168.182
        locality: bangalore
        state: karnataka
        country: IN
        org_name: cisco
        org_unit_name: cspg
        subj_name: test1
        email: [email protected]
        pwd: qwerty
        state: absent
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

Observation -
The certificate from the keyring does not get deleted.

Create a boot policy with some parameter values (which are not default values) -

- name: boot policy create
      cisco_ucs_boot_policy:
        name: boot_policy2
        reboot_on_update: yes
        enforce_vnic_name: no
        boot_mode: uefi
        state: present
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

Now delete the boot policy by passing just the mandatory param ie name -

- name: boot policy delete
      cisco_ucs_boot_policy:
        name: boot_policy2
        state: absent
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

In this case, the policy is not deleted.
This happens because the ansible module checks for the object existence with the default values and since the object was created with different values, the object exists returns false and hence the object is not deleted.

Hi, I am trying to use managed object module to create boot policy and SAN objects in the boot policy it fails with the below ansible error.

-----------snip---------------
The full traceback is:
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 102, in
_ansiballz_main()
File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.cisco.ucs.plugins.modules.ucs_managed_objects', init_globals=None, run_name='main', alter_sys=True)
File "/usr/lib/python3.8/runpy.py", line 207, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.8/runpy.py", line 97, in _run_module_code
_run_code(code, mod_globals, init_globals,
File "/usr/lib/python3.8/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 256, in
File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 242, in main
File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 213, in traverse_objects
File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 183, in traverse_objects
File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/mometa/lsboot/LsbootSan.py", line 65, in init
ManagedObject.init(self, "LsbootSan", parent_mo_or_dn, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 82, in init
self._set_mo_prop_value(kwargs)
File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 106, in _set_mo_prop_value
self.__set_prop(prop_name, prop_value)
File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 220, in __set_prop
raise ValueError("%s is not a read-write property." % name)
ValueError: access is not a read-write property.
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 102, in \n _ansiballz_main()\n File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/root/.ansible/tmp/ansible-tmp-1627154514.4361196-113843015789001/AnsiballZ_ucs_managed_objects.py", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.cisco.ucs.plugins.modules.ucs_managed_objects', init_globals=None, run_name='main', alter_sys=True)\n File "/usr/lib/python3.8/runpy.py", line 207, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File "/usr/lib/python3.8/runpy.py", line 97, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File "/usr/lib/python3.8/runpy.py", line 87, in _run_code\n exec(code, run_globals)\n File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 256, in \n File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 242, in main\n File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 213, in traverse_objects\n File "/tmp/ansible_cisco.ucs.ucs_managed_objects_payload_2v6r84ow/ansible_cisco.ucs.ucs_managed_objects_payload.zip/ansible_collections/cisco/ucs/plugins/modules/ucs_managed_objects.py", line 183, in traverse_objects\n File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/mometa/lsboot/LsbootSan.py", line 65, in init\n ManagedObject.init(self, "LsbootSan", parent_mo_or_dn, **kwargs)\n File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 82, in init\n self._set_mo_prop_value(kwargs)\n File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 106, in _set_mo_prop_value\n self.__set_prop(prop_name, prop_value)\n File "/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py", line 220, in __set_prop\n raise ValueError("%s is not a read-write property." % name)\nValueError: access is not a read-write property.\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}

PLAY RECAP ***************************************************************************************************************************************************************************
localhost : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
--------------------snip------------------------------

The error is misleading as it will come for any access method, read-only, read-write, read-only-local. The bug is in code

/usr/local/lib/python3.8/dist-packages/ucsmsdk/ucsmo.py

-------snip--------------

ef __set_prop(self, name, value, mark_dirty=True, forced=False):
"""
Internal method to set the properties after validation

    Args:
        name (str): property name
        value (str): property value
        mark_dirty (bool): if True, property will be part of xml request
        forced (bool): if True, set the value without validation

    Returns:
        None
    """

    if not forced:
        prop_meta = self.prop_meta[name]
        if prop_meta.access != ucscoremeta.MoPropertyMeta.READ_WRITE:
            if getattr(self, name) is not None or \
                    prop_meta.access != \
                    ucscoremeta.MoPropertyMeta.CREATE_ONLY:
                raise ValueError("%s is not a read-write property." % name)
        if value and not prop_meta.validate_property_value(value):
            raise ValueError("Invalid Value Exception - "
                             "[%s]: Prop <%s>, Value<%s>. "
                             % (self.__class__.__name__,
                                name,
                                value))
            # return False
        if prop_meta.mask and mark_dirty:
            self._dirty_mask |= prop_meta.mask
    object.__setattr__(self, name, value)

--------------snip-------------------------------

Can you guys fix this?

Thanks
Sunil

Hi,

When setting state: absent on a VLAN in vlans_list, and that VLAN is already removed from a vNIC template, I get:

WARNING: The below traceback may *not* be related to the actual failure.
  File "/tmp/ansible_ucs_vnic_template_payload_kPQCcA/__main__.py", line 354, in main
    ucs.login_handle.remove_mo(mo_1)
  File "/var/lib/awx/venv/ansible/lib/python2.7/site-packages/ucsmsdk/ucshandle.py", line 696, in remove_mo
    mo.status = "deleted"

I think the expectation of idempotency is right here, instead of a crash ;)

The issue mainly is that the return from ucs.login_handle.query_dn(child_dn) isn't checked at all.

https://github.com/CiscoUcs/ucsm-ansible/blob/master/library/ucs_vnic_template.py#L353

The play error:

"msg": "setup error: 'NoneType' object has no attribute 'status' "

Settings for forged transmits are not compatible with UCS Mini due to limitations on the platform.

Should another file be used such as ucs_mini_network_control or is there a way to verify the platform as a UCS mini to control the flow?

I see there is a module to create VLANs, but is there an easy way to add the VLAN to a group?

Hello All,

Thanks to all your help I am currently trying to automate my environment using ansible modules and ansible playbook.

I am currently using ucs_vnic_template to modify and existing vnic template but somehow whenever i use this module the existing vnic template configuration is getting overwritten, Is this expected behaviour or can you provide me the playbook where i can modify existing vnic template.

Also in all articles given in internet ucs_vnic_template doesnt have option to add existing vlan group to the vnic template,can you kindly help on a suitable module structure for the same.

Thanks in help for your advance!

Regards
Vivekanand

Some features do not work on all UCSM versions and FI models, so fact reporting is needed to allow conditionals in playbooks or modules code.

When populating the vhba_list using a loop, the first item in the loop appears to work just fine but the subsequent items in the loop fail with the following error message (first successful and second failed items in the included output):

TASK [Create SAN Connectivity Policies with Loops] *****************************
changed: [ucspe-local] => (item={'order': '1', 'name': 'bootA', 'template': 'vhba-boot-A', 'policy': 'VMWare'})
failed: [ucspe-local] (item={'order': '2', 'name': 'bootB', 'template': 'vhba-boot-B', 'policy': 'VMWare'}) => {"ansible_loop_var": "item", "changed": false, "item": {"name": "bootB", "order": "2", "policy": "VMWare", "template": "vhba-boot-B"}, "msg": "setup error: 'NoneType' object has no attribute 'check_prop_match' "}

Re-running the playbook does not affect the behavior (other than the first item reporting "ok" rather than changed:

TASK [Create SAN Connectivity Policies with Loops] *****************************
ok: [ucspe-local] => (item={'order': '1', 'name': 'bootA', 'template': 'vhba-boot-A', 'policy': 'VMWare'})
failed: [ucspe-local] (item={'order': '2', 'name': 'bootB', 'template': 'vhba-boot-B', 'policy': 'VMWare'}) => {"ansible_loop_var": "item", "changed": false, "item": {"name": "bootB", "order": "2", "policy": "VMWare", "template": "vhba-boot-B"}, "msg": "setup error: 'NoneType' object has no attribute 'check_prop_match' "}

This behavior does not occur if I manually specify all vhbas (4 in my example code) in the ucs_san_connectivity task and do not use a loop.

Strangely enough, if I run the loop-based playbook first (which fails on item 2 as described above) and then the non-loop based playbook second (which when run on a clean environment works just fine), the non-loop playbook also fails with a similar message:

TASK [Create SAN Connectivity Policies] ****************************************
fatal: [ucspe-local]: FAILED! => {"changed": false, "msg": "setup error: 'NoneType' object has no attribute 'check_prop_match' "}

Running the non-loop playbook in a clean environment multiple times (first time creates the changes, subsequent runs produce 'ok's as expected) does not show that behavior.

As a reference point, I do this exact some setup with the LAN analog of this module - ucs_lan_connectivity - and do not have any issues at all with the loop.

The UCS platform emulator does not support configuring a "Redundancy Type". Screenshot linked below. The ucs_vnic_template module fails as a result. I've removed all references to redundancy type in the code for testing although is it possible to remove this option as mandatory, therefore the code wouldn't need to be modified in order for the module to work in a lab environment.

https://imgur.com/hDGcd1F

I created a vNIC template with a single access VLAN defined in the vlan_list.

Realized I had used a different VLAN name when creating the vlan so I corrected it in the vlan_list.

When I re-ran ansible-playbook, the old name was not removed from the list of VLANs on the vNIC. Only the new VLAN name was added to the vNIC template.

Shouldn't it remove VLANs not defined in the ucs_vnic_template task and add the missing VLANs?

Hello All,

We are currently automating the Cisco UCS infrastructure environment in our company and we are exploring options to record the critical alerts,major faults in cisco ucs environment before proceeding with automation activities

In the Cisco UCS CLI we have an option to check the critical alerts/major faults under scope monitoring/show new faults that will show new faults.

Can you kindly help with similar ansible modules or ansible adhoc commands to show critical alerts/major faults which can be used as reference that the automation activity has been successfully completed.

Thanks for your help in advance!

Regards
Vivekanand

Hello All,

I am currently planning to automate my UCS infrastructure using ansible but I am stuck at the process of creating UCS_Vlan_Group and adding the already created vlan to the vlan group.

The specific module for vlan group seems to be not available and even when i check "ansible-doc ucs_vlan_group" its throwing an error module not found as below

[root@ansible-test ~]# ansible-doc ucs_vlan_group
[WARNING]: module ucs_vlan_group not found in: /root/.ansible/plugins/modules:/
usr/share/ansible/plugins/modules:/usr/lib/python2.7/site-
packages/ansible/modules.

I have also git cloned an Cisco UCS repository which said it had ucs_vlan_group module under it but still no luck, This is become a show stopper as this is a crucial step in automating my infrastructure.

Any help would be highly appreciated.

Ansible version and other details below

[root@ansible-test ~]# ansible --version
ansible 2.9.5
config file = /root/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Jun 11 2019, 14:33:56) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]

Thanks and Regards
Vivekanand

Attempting to add vlans to a VNIC template.
Results in "setup error: 'NoneType' object has no attribute 'status'" error.

`

• name: Add VLANs to the vNIC Template vm-network-a
  ucs_vnic_template:
  hostname: "{{ inventory_hostname }}"
  username: "{{ ucs_username }}"
  password: "{{ ucs_password }}"
  org_dn: "{{ ucs_org_dn }}"
  name: vm-network-a
  vlans_list: "{{ my_vlans}}"
  `

Here's a snippet from the execution of the play:

`
Using module file /usr/lib/python2.7/site-packages/ansible/modules/remote_management/ucs/ucs_vnic_template.py

The full traceback is:
WARNING: The below traceback may not be related to the actual failure.
File "/tmp/ansible_ucs_vnic_template_payload_CV5HWj/main.py", line 354, in main
ucs.login_handle.remove_mo(mo_1)
File "/usr/lib/python2.7/site-packages/ucsmsdk/ucshandle.py", line 696, in remove_mo
mo.status = "deleted"

fatal: [ucsm.hostname.com]: FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"invocation": {
"module_args": {
"cdn_name": "",
"cdn_source": "vnic-name",
"description": "",
"fabric": "A",
"hostname": "ucsm.hostname.com",
"mac_pool": "",
"mtu": "1500",
"name": "vm-network-a",
"network_control_policy": "",
"org_dn": "org-root/org-MyCluster",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"peer_redundancy_template": "",
"pin_group": "",
"port": null,
"proxy": null,
"qos_policy": "",
"redundancy_type": "none",
"state": "present",
"stats_policy": "default",
"target": "adaptor",
"template_type": "initial-template",
"use_proxy": true,
"use_ssl": true,
"username": "admin",
"vlans_list": [
{
"id": "99",
"name": "VLAN0099-My-VLAN",
"native": "no",
"state": "present"
}
]
}
},
"msg": "setup error: 'NoneType' object has no attribute 'status' "
}
`

if one takes the example in cisco_ucs_user.py as is, it fails with the following error:

fatal: [ucs1]: FAILED! => {"changed": false, "failed": true, "msg": "setup error: [ErrorCode]: 540[ErrorDescription]: Please enter a valid password. "}

if the pwd parameter is comment out, then, the enc_pwd parameter is taken as password.

If the enc_pwd is missing then it complains with the same error.

I assume that the bug is in the APIs.

currently when while creating VLAN's by default the org permissions are turned off, This hinders the process off attaching VLANs to the vNIC templates

if the org permissions on the VLAN's are not turned on , vNIC template module basically throws an exception

"msg": "setup error: Invalid Value Exception - [VnicEtherIf]: Prop <default_net>, Value<True>. "

We need to manually login to the fabric interconnect and enable the org permissions on the VLANs

Currently the DNS module only allows one DNS server, but we would like to allow a list of DNS servers so more than one could be added in a single task, similar to how we do with mac pools.

Run a playbook containing task to create ldap provider -

tasks:
    - name: ldap provider create
      cisco_ucs_ldap_provider:
          name: 10.65.183.73
          order: 2
          rootdn: CN=Administrator,CN=Users,DC=qatcslab,DC=cisco,DC=com
          basedn: DC=qatcslab,DC=cisco,DC=com
          port: 400
          enable_ssl: yes
          filter: CN=$userid
          attribute: CiscoAVPair
          key: abcd
          timeout: 40
          vendor: MS-AD
          retries: 2
          state: present
          ucs_ip: "{{ ucs_ip }}"
          ucs_username: "{{ ucs_username }}"
          ucs_password: "{{ ucs_password }}"

Now delete the same ldap provider -

tasks:
    - name: ldap provider delete
       cisco_ucs_ldap_provider:
          name: 10.65.183.73
          order: 2
          rootdn: CN=Administrator,CN=Users,DC=qatcslab,DC=cisco,DC=com
          basedn: DC=qatcslab,DC=cisco,DC=com
          port: 400
          enable_ssl: yes
          filter: CN=$userid
          attribute: CiscoAVPair
          key: abcd
          timeout: 40
          vendor: MS-AD
          retries: 2
          state: absent
          ucs_ip: "{{ ucs_ip }}"
          ucs_username: "{{ ucs_username }}"
          ucs_password: "{{ ucs_password }}"

Observation:
The ldap provider does not get deleted

SUMMARY

It is expected that a task returns 'ok' when there is nothing to do.
With state 'present', 'ucs_service_profile_association' module unexpectedly returns 'changed: true' + 'failed: false', displayed as 'ok' instead of 'changed' by ansible-playbook in several initial condition cases, including the 2 main ones:

1. Check mode + existing server, not associated, and to be associated to an inexisting target service profile: 'ok' instead of 'changed'.
2. Check mode + existing server, associated to a service profile different of the inexisting target service profile: 'ok' instead of 'changed'.
3. Run mode + existing server, associated to a service profile different of the inexisting target service profile: 'ok' instead of 'failed'.

ISSUE TYPE

• Bug Report

COMPONENT NAME

ucs_service_profile_association

ANSIBLE VERSION

$ ansible --version
ansible 2.7.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, May  3 2017, 07:55:04) [GCC 4.8.5 20150623 (Red Hat 4.8.5-14)]

CONFIGURATION

ucs_service_profile_association.py: extracted from GitHub on 2018-12-18.

$ ansible-config dump --only-changed | cat
DEFAULT_ASK_VAULT_PASS(/home/ansible/.tmp/hw/ansible.cfg) = True
DEFAULT_HOST_LIST(/home/ansible/.tmp/hw/ansible.cfg) = [u'/home/ansible/.tmp/hw/inventory']
DEFAULT_LOG_PATH(/home/ansible/.tmp/hw/ansible.cfg) = /home/ansible/log/ansible.log
DEFAULT_ROLES_PATH(/home/ansible/.tmp/hw/ansible.cfg) = [u'/home/ansible/.tmp/hw/roles', u'/home/ansible/.tmp/hw/roles/community']
DEFAULT_STDOUT_CALLBACK(/home/ansible/.tmp/hw/ansible.cfg) = yaml
PERSISTENT_COMMAND_TIMEOUT(/home/ansible/.tmp/hw/ansible.cfg) = 60

OS / ENVIRONMENT

$ uname -a; cat /etc/redhat-release
Linux cnode01 3.10.0-693.21.1.el7.x86_64 #1 SMP Fri Feb 23 18:54:16 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Red Hat Enterprise Linux Server release 7.4 (Maipo)

STEPS TO REPRODUCE

Execute a playbook with a task invoking 'ucs_service_profile_association' module with 'present' state, with one of the following initial condition:

1. Check mode + existing server, not associated, and to be associated to an inexisting service profile;
2. Check mode + existing server, associated to a service profile different of the target service profile specified in the playbook;
3. Run mode + existing server, associated to a service profile different of the inexisting target service profile.

- name: UCS / Tasks using XML API
  hosts: ucs
  gather_facts: no
  vars:
    ansible_connection: local
    login: &login
      hostname: "{{ ansible_host }}"
      username: "{{ ucsUsername }}"
      password: "{{ ucsPassword }}"
    ucsOrg: "ORG99"
    ucsOrgDn: "org-root/org-{{ ucsOrg }}"
    ucsSptName: "SPT99"
    ucsSptDn: "{{ ucsOrgDn }}/ls-{{ ucsSptName }}"
    ucsSpName: "SP99"
    ucsAssociatedServer: "sys/rack-unit-01"

    - name: "Organization / SP association '{{ ucsOrgDn }}/ls-{{ ucsSpName }}' <=> '{{ ucsAssociatedServer }}'"
      ucs_service_profile_association:
        org_dn: "{{ ucsOrgDn }}"
        service_profile_name: "{{ ucsSpName }}"
        server_dn: "{{ ucsAssociatedServer }}"
        server_assignment: server
        state: present
        <<: *login

EXPECTED RESULTS

1. 'changed' is displayed.
2. 'changed' is displayed.
3. 'failed' is displayed.

ACTUAL RESULTS

1. 'ok' is displayed.
2. 'ok' is displayed.
3. 'ok' is displayed.

I am working on automating some internal vlan deployments with part of the process being the UCS.

Id like to know if I have a task such as this below. Will it key off a pending reboot before deploying:

Specifically I would like to know if in a brownfield environment with pre-existing configuration would adding vlans cause a reboot requirement.

• name: "UCS SERVER: Add VLAN to vNIC templates TRUNK_LAB"
  ucs_vnic_template:
  hostname: "{{ ucs_manager }}"
  username: "{{ ucs_username }}"
  password: "{{ ucs_password }}"
  name: TRUNK_B
  mac_pool: FABRIC_A
  qos_policy: JUMBO
  network_control_policy: default
  stats_policy: default
  fabric: B
  mtu: 9000
  template_type: updating-template
  redundancy_type: none
  vlans_list:
  • name: "{{ item.app_vlan_name }}"
    state: present
    delegate_to: localhost

When leveraging ucs_managed_objects to create a bios policy, the reboot_on_update property for the BiosVProfile class has 4 valid values: yes, no, true, false (according to https://github.com/CiscoUcs/ucsmsdk/blob/master/ucsmsdk/mometa/bios/BiosVProfile.py).

However, using true or false will result in Ansible always indicating a "changed" state despite setting the value properly in UCS.

I suspect the UCS is always storing it as yes/no so that, when queried, Ansible does not see true/false as a match and proceeds to set the value. UCS seems to understand true/false because it sets it appropriately in the policy.

The workaround is easy - use yes/no.

Doubt there is an easy fix but thought I'd post the issue in case there is.

When try to add efi device to boot policy which is in legacy mode, the module does not throw the error and changed is shown as 1 instead of 0.

Create policy with boot mode as legacy -

tasks:
    - name: boot policy create
      cisco_ucs_boot_policy:
        name: 'boot_policy1'
        state: present
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

Set the boot order and add efi as boot device -

- name: add boot device efi for legacy mode
      cisco_ucs_boot_order:
        name: boot_policy1
        devices:
          - {device_name: efi, device_order: 10}
        ucs_ip: "{{ ucs_ip }}"
        ucs_username: "{{ ucs_username }}"
        ucs_password: "{{ ucs_password }}"

Observed output -

PLAY [ucs] ************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************
ok: [ucs_emulator]

TASK [add boot device efi for legacy mode] ****************************************************************************
changed: [ucs_emulator]

PLAY RECAP ************************************************************************************************************
ucs_emulator               : ok=2    changed=1    unreachable=0    failed=0

fatal: [ucs1]: FAILED! => {"failed": true, "msg": "Could not find imported module support code for ucs_vnic_template. Looked for either UCSModule.py or ucs.py"}

The same happens for ucs_vlans

Currently only 1 IP block can be added to a pool, the module does not allow multiple block or individual block modification.

Suggested update

  ucs_ip_pool:
    name: 'test'
    order: default
    ip_blocks:
    - first_addr: 192.168.10.1
      last_addr: 192.168.10.20
      subnet_mask: 255.255.255.128
      default_gw: 192.168.10.2
    - first_addr: 192.168.11.1
      last_addr: 192.168.11.20
      subnet_mask: 255.255.255.128
      state: absent

Hi everyone,

I am experiencing some issues with binding a LAN connectivity policy to a Service Profile Template when the latter is manually created (GUI). If the ST Profile is created and later updated by the ansible module, then it's all fine.

The full traceback is:
  File "/var/folders/5l/wgnnz5dx703_hnhh30bcpjqh0000gn/T/ansible_OPOGXi/ansible_module_ucs_service_profile_template.py", line 426, in main
    ucs.login_handle.commit()
  File "/usr/local/lib/python2.7/site-packages/ucsmsdk/ucshandle.py", line 942, in commit
    raise UcsException(response.error_code, response.error_descr)

failed: [evr-no-ccd1] (item={u'state': u'present', u'lan_conn_policy': u'test_template', u'name': u'test-template', u'org_dn': u'org-root/org-VMware'}) => {
    "changed": false,
    "invocation": {
        "module_args": {
            "bios_policy": "",
            "boot_policy": "default",
            "description": "",
            "graphics_card_policy": "",
            "host_firmware_package": "",
            "hostname": "10.123.13.4",
            "ipmi_access_profile": "",
            "kvm_mgmt_policy": "",
            "lan_connectivity_policy": "test_template",
            "local_disk_policy": "",
            "maintenance_policy": "",
            "mgmt_inband_pool_name": "",
            "mgmt_interface_mode": "",
            "mgmt_ip_pool": "ext-mgmt",
            "mgmt_vnet_name": "",
            "name": "test-template",
            "org_dn": "org-root/org-VMware",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "power_control_policy": "default",
            "power_state": "up",
            "power_sync_policy": "",
            "proxy": null,
            "san_connectivity_policy": "",
            "scrub_policy": "",
            "server_pool": "",
            "server_pool_qualification": "",
            "sol_policy": "",
            "state": "present",
            "storage_profile": "",
            "template_type": "initial-template",
            "threshold_policy": "default",
            "use_proxy": true,
            "use_ssl": true,
            "user_label": "",
            "username": "ucs-local\\ansibleuser",
            "uuid_pool": "default",
            "vmedia_policy": ""
        }
    },
    "item": {
        "lan_conn_policy": "test_template",
        "name": "test-template",
        "org_dn": "org-root/org-VMware",
        "state": "present"
    },
    "msg": "setup error: [ErrorCode]: 170[ErrorDescription]: Create-only and naming props cannot be modified after creation, class=lsServer, prop=type\n "
}

Any explanation or suggestion is most appreciated. Thank you.

I've tried escaping and not escaping the backslashes in the username.

Ansible:

- hosts: ucs
  gather_facts: no
  connection: local
  tasks:
    - name: Create test vlan
      ucs_vlans:
        hostname: 'ucscentral'
        username: 'ucs-ourdomain\user'
        password: '{{ pw }}'
        name: testing
        id: '1986'

The following works on Manager, not Central:

task path: /home/ourdomain/user/git/repo/cisco-ucs.yml:6
<10.69.200.204> ESTABLISH LOCAL CONNECTION FOR USER: user
<10.69.200.204> EXEC /bin/sh -c 'echo ~user && sleep 0'
<10.69.200.204> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001 `" && echo ansible-tmp-1565728263.2-38865299534001="` echo /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001 `" ) && sleep 0'
<10.69.200.204> Attempting python interpreter discovery
<10.69.200.204> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; c
ommand -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<10.69.200.204> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
Using module file /usr/lib/python2.7/site-packages/ansible/modules/remote_management/ucs/ucs_vlans.py
<10.69.200.204> PUT /home/ourdomain/user/.ansible/tmp/ansible-local-47823cOfuwU/tmp0D6LGv TO /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001/AnsiballZ_ucs_vlans.py
<10.69.200.204> EXEC /bin/sh -c 'chmod u+x /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001/ /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001/AnsiballZ_ucs_vlans.py && sleep 0'
<10.69.200.204> EXEC /bin/sh -c '/usr/bin/python /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001/AnsiballZ_ucs_vlans.py && sleep 0'
<10.69.200.204> EXEC /bin/sh -c 'rm -f -r /home/ourdomain/user/.ansible/tmp/ansible-tmp-1565728263.2-38865299534001/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
  File "/tmp/ansible_ucs_vlans_payload_KiruPL/ansible_ucs_vlans_payload.zip/ansible/module_utils/remote_management/ucs.py", line 87, in login
    handle.login()
  File "/usr/lib/python2.7/site-packages/ucsmsdk/ucshandle.py", line 135, in login
    return self._login(auto_refresh, force, timeout=timeout)
  File "/usr/lib/python2.7/site-packages/ucsmsdk/ucssession.py", line 599, in _login
    response = self.post_elem(elem, timeout=timeout)
  File "/usr/lib/python2.7/site-packages/ucsmsdk/ucssession.py", line 318, in post_elem
    response = xc.from_xml_str(response_str, self)
  File "/usr/lib/python2.7/site-packages/ucsmsdk/ucsxmlcodec.py", line 89, in from_xml_str
    root_elem = ET.fromstring(recovered_xml)
  File "<string>", line 124, in XML

fatal: [10.69.200.204]: FAILED! => changed=false
  ansible_facts:
    discovered_interpreter_python: /usr/bin/python
  invocation:
    module_args:
      fabric: common
      hostname: 10.69.200.204
      id: '1986'
      multicast_policy: ''
      name: testing
      native: 'no'
      password: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
      port: null
      proxy: null
      sharing: none
      state: present
      use_proxy: true
      use_ssl: true
      username: ucs-ourdomain\user
  msg: 'syntax error: line 1, column 0'

Currently only 3 values are supported for Severity param. Those are 'emergencies', 'alerts' and 'critical'

Other values that should be supported are - 'debugging', 'errors', 'information', 'notifications', 'warnings'

After installing ucsm-ansible if you run "ansible-doc -l" you will be facing this error:

[ERROR]: unable to parse /usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_boot_order.py

ERROR! module cisco_ucs_boot_order has a documentation error formatting or is missing documentation

This is breaking the ansible-doc list functionality all together.

I managed to track down the problem to these files:
/usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_certificate_request.py
/usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_ldap_provider_group_provider.py
/usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_password_profile.py
/usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_radius_provider_group_provider.py
/usr/lib/python2.7/site-packages/ansible/modules/extras/server/cisco/cisco_ucs_tacacsplus_provider_group_provider.py

I had to remove them to restore the ansible-doc -l functionality.

Hi,

Disclaimer - I'm a complete UCS n00b!

Trying to perform the seemingly two simple steps using Ansible:

1. Add VLAN X
2. Associate that VLAN X with Service Profile Y

The VLAN part is handled by the ucs_vlans module, but then ucs_service_profile_template doesn't seem to have an option for VLANs specifically.

Is there some obvious intermediate step I'm missing here? Do I have to go via something like ucs_lan_connectivity first?

Any pointers would be highly appreciated!

Have a nice day.

Fredrik

Currently the service_profile_template.py does not allow OOB to disabled.

Blank value sets it to ext-mgmt.
""/null sets it to initializing.

Currently, ucs_vnic_template only supports the following policies ,

1. qos_policy
2. network_control_policy
3. stats_policy

It does not support Connection Policies

Requesting to add support to connection policies
eg: vnicVmqConPolicyRef

I believe the module ucsmsdk.mometa.vnic.VnicLanConnTempl.VnicLanConnTempl does not support the same not sure if this feature request needs to be raised here or with ucsmsdk

• Error in line 115 of file library/cisco_ucs_power.py. In the newest commit of repo https://github.com/CiscoUcs/ucsm_apis. There is no function named server_power_exists in the file https://raw.githubusercontent.com/CiscoUcs/ucsm_apis/master/ucsm_apis/server/power.py. But in the open PR list of ucsm_apis, PR #51 has include the function. Maybe it's forgotten to be merged.

Using the ucs_vlans module I'm able to create a VLAN using a number as the name, for example 100. Although when adding the same VLAN name 100 to ucs_vnic_template vlans_list I get the following error

The full traceback is:
File "/tmp/ansible_unspyv/ansible_module_ucs_vnic_template.py", line 271, in main
child_dn = dn + '/if-' + vlan['name']

setup error: cannot concatenate ''str'' and ''int'' objects '

Maintenance and creation of modules would be simpler if the logic used for detecting if a change has occurred was more consistent.
The goal of introducing a standard approach to this is reduce time spent troubleshooting logic issues, reduce false change detection and ease moving between modules maintained by others.

The current approach is to assume that there is a change by using props_match = False and proving otherwise.

With simple managed objects without child items, this works fine, but come quite complex which child items are included.

When a playbook is run, it takes the input provided and compares to the live system to determine if a change is made. This is the opposite to the above mentioned approach. This is assuming nothing has changed and the checks prove otherwise; or in code props_match = True.

This approach makes no real different to managed objects without child items, but makes a large difference with child times, especially multiple child items.

In addition to the change to assuming true and proving false is that a check system only needs to find a single difference, all individual differences are not required to found.

def check_changed():
    props_match = True
    if parent_mo:
        if module.params['state'] == 'absent':
            props_match = False
        else:
            props_match = parent_mo.check_prop_match(**kwargs)
        if props_match:
            for i in child_mo_settings:
                mo_1 = get_child_mo(i)
                props_match = mo_1.check_prop_match(**kwargs)
                if not props_match:
                    break
        if props_match:
            for i in child2_mo_settings:
                mo_2 = get_child_mo(i)
                props_match = mo_2.check_prop_match(**kwargs)
                if not props_match:
                    break
    else:
        props_match = False

    return props_match

The approach above has a compromise between if statement nesting and minimising the number of return statements.

Thoughts, opinions?

Similar to ucs_lan_connectivity, vhba_list items (individual vhbas) need a present/absent state attribute so that individual vhbas can be removed from the ucs_san_connectivity policy rather than deleting the entire policy and recreating it.

In order for joint customers to fully benefit from these modules, having them built-into the Ansible distribution is ideal. Unfortunately, this requires modules being of type license GPLv3. This would be a good idea since most all Cisco networking modules are GPLv3 and are already included in the base Ansible release by default, or are in progress.

Some more info on submitting modules to Ansible:
https://docs.ansible.com/ansible/dev_guide/developing_modules_in_groups.html

Hello,

very nice and useful initiative.
I wonder how can we use them to read only the values of the various fields?

Thanks!

Hi guys,

I have a playbook where I'm adding 2 VLANs with ucs_vlans module.
After that, I want to add the same VLANs to different vNIC templates using ucs_vnic_template.

ansible --version

2.6.1

Playbook

- name: Configure UCS Manager
  hosts: ucs_lab
  gather_facts: false
  connection: local

  vars:
    my_vlan:
      - { id: "998", name: "bob1", state: present }
  tasks:
  - name: Configure VLAN
    ucs_vlans:
      hostname: "{{ ansible_ssh_host }}"
      username: "{{ ansible_ssh_user }}"
      password: "{{ ansible_ssh_password }}"
      name: "{{ item.name }}"
      id: "{{ item.id }}"
      state: present
    with_items: "{{ my_vlan }}"

  - name: Add VLAN to vNIC templates
    ucs_vnic_template:
      hostname: "{{ ansible_ssh_host }}"
      username: "{{ ansible_ssh_user }}"
      password: "{{ ansible_ssh_password }}"
      name: vNIC-FAB-A
      template_type: updating-template
      redundancy_type: none
      vlans_list:
      - name: "{{ item.name }}"
        state: "{{ item.state }}"
    with_items: "{{ my_vlan }}"

output: ansible-playbook New_LabUser_Playbook2.yml -i hosts -vvvv

ansible-playbook 2.6.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.12 (default, Dec  4 2017, 14:50:18) [GCC 5.4.0 20160609]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Parsed /home/administrator/lab-orchestration/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

PLAYBOOK: New_LabUser_Playbook2.yml *****************************************************************************************************************************************************************
1 plays in New_LabUser_Playbook2.yml

PLAY [Configure UCS Manager] ************************************************************************************************************************************************************************
META: ran handlers

TASK [Configure VLAN] *******************************************************************************************************************************************************************************
task path: /home/administrator/lab-orchestration/New_LabUser_Playbook2.yml:11
<172.16.0.11> ESTABLISH LOCAL CONNECTION FOR USER: root
<172.16.0.11> EXEC /bin/sh -c 'echo ~root && sleep 0'
<172.16.0.11> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437 `" && echo ansible-tmp-1532613495.02-120643129729437="` echo /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/remote_management/ucs/ucs_vlans.py
<172.16.0.11> PUT /root/.ansible/tmp/ansible-local-29653_08VZr/tmpj2WDE5 TO /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437/ucs_vlans.py
<172.16.0.11> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437/ /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437/ucs_vlans.py && sleep 0'
<172.16.0.11> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437/ucs_vlans.py && sleep 0'
<172.16.0.11> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1532613495.02-120643129729437/ > /dev/null 2>&1 && sleep 0'
ok: [ucs_lab] => (item={u'state': u'present', u'id': u'998', u'name': u'bob1'}) => {
    "changed": false,
    "invocation": {
        "module_args": {
            "fabric": "common",
            "hostname": "172.16.0.11",
            "id": "998",
            "multicast_policy": "",
            "name": "bob1",
            "native": "no",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": null,
            "proxy": null,
            "sharing": "none",
            "state": "present",
            "use_proxy": true,
            "use_ssl": true,
            "username": "admin"
        }
    },
    "item": {
        "id": "998",
        "name": "bob1",
        "state": "present"
    }
}

TASK [Add VLAN to vNIC templates] *******************************************************************************************************************************************************************
task path: /home/administrator/lab-orchestration/New_LabUser_Playbook2.yml:21
<172.16.0.11> ESTABLISH LOCAL CONNECTION FOR USER: root
<172.16.0.11> EXEC /bin/sh -c 'echo ~root && sleep 0'
<172.16.0.11> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545 `" && echo ansible-tmp-1532613498.14-169786340825545="` echo /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/remote_management/ucs/ucs_vnic_template.py
<172.16.0.11> PUT /root/.ansible/tmp/ansible-local-29653_08VZr/tmpwXswmP TO /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545/ucs_vnic_template.py
<172.16.0.11> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545/ /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545/ucs_vnic_template.py && sleep 0'
<172.16.0.11> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545/ucs_vnic_template.py && sleep 0'
<172.16.0.11> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1532613498.14-169786340825545/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
  File "/tmp/ansible_dASD6T/ansible_module_ucs_vnic_template.py", line 309, in main
    peer_redundancy_templ_name=module.params['peer_redundancy_templ'],

failed: [ucs_lab] (item={u'state': u'present', u'id': u'998', u'name': u'bob1'}) => {
    "changed": false,
    "invocation": {
        "module_args": {
            "cdn_name": "",
            "cdn_source": "vnic-name",
            "description": "",
            "fabric": "A",
            "hostname": "172.16.0.11",
            "mac_pool": "",
            "mtu": "1500",
            "name": "vNIC-FAB-A",
            "network_control_policy": "",
            "org_dn": "org-root",
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "peer_redundancy_template": "",
            "pin_group": "",
            "port": null,
            "proxy": null,
            "qos_policy": "",
            "redundancy_type": "none",
            "state": "present",
            "stats_policy": "default",
            "target": "adaptor",
            "template_type": "updating-template",
            "use_proxy": true,
            "use_ssl": true,
            "username": "admin",
            "vlans_list": [
                {
                    "name": "bob1",
                    "native": "no",
                    "state": "present"
                }
            ]
        }
    },
    "item": {
        "id": "998",
        "name": "bob1",
        "state": "present"
    },
    "msg": "setup error: 'peer_redundancy_templ' "
}

We can see the error of "msg": "setup error: 'peer_redundancy_templ' " but I cannot debug anything across that message. I have been trying it with vlan names with integers, strings (to debug this issue) but nothing changes.

Daniel

Hello All,

I am currently trying to automate my ucs environment using ucs modules and playbooks.

I am trying to add an error handling section while adding vlans to vnic template section, I am using failed module and failed when module but somehow its not working as expected, can you guys kindly help

playbook as given below

• name: Conigure the vnic template
  ucs_vnic_template:
  hostname: "{{ ucs_hostname }}"
  username: "{{ ucs_username }}"
  password: "{{ ucs_password }}"
  state: "{{ ucs_state }}"
  name: test
  fabric: A-B

  mac_pool: mac-b

  pin_group: lan-fab-14

  template_type: updating-template
  vlans_list:
  - name: vlan_241_vivek
    native: 'no'
  - name: vlan_viv
    native: 'no'
  - name: Container-MGMT-VLAN
    native: 'no'
  

  register: find_output

failed_when: find_output.changed

failed_when: "'Configuration Failure' in find_output.stdout"

- debug:

var: "{{find_output.stdout}}"

• name: warning for any potential failure scenario
  fail:
  msg: 'Multiple Uplink ports carrying overlapping disjoint vlans which may cause traffic disruption.'
  ignore_errors: yes
  with_items: '{{ service_profiles }}'
  when: item is not in service_profiles
  vars:
  # use "<<: *login_info" to substite the information below in each task
  # # this is not required, however it makes the playbook shorter.
  # login_info: &login_info
  # hostname: "{{ ucs_hostname }}"
  # username: "{{ ucs_username }}"
  # password: "{{ ucs_password }}"
  allowed_SP:
  • Service Profile c4-blade1
    service_profiles:
  • Service Profile test-SP1
  • Service Profile test-SP2
  • Service Profile c4-blade1

I have also attached the warning message which i am trying to integrate to the playbook.

maybe i am doing something wrong, if somebody can kindly help me it would great.

Regards
Vivekanand

We are facing an issue whereby we are not able to create a vnic template under a org, e.g org-root/org-ucsmdndb.

Based on the error description, I am not sure why "lan-conn-templ" is appended to vNIC-A and it is not found.

"msg": "setup error: [ErrorCode]: 102[ErrorDescription]: configured object (org-root/org-ucsmdndb/lan-conn-templ-vNIC-A) not found "

The error we faced,
{
"exception": "WARNING: The below traceback may not be related to the actual failure.\n File "/tmp/ansible_ucs_vnic_template_payload_KBk9Rc/main.py", line 363, in main\n ucs.login_handle.commit()\n File "/var/lib/awx/venv/ansible/lib/python2.7/site-packages/ucsmsdk/ucshandle.py", line 942, in commit\n raise UcsException(response.error_code, response.error_descr)\n",
"_ansible_no_log": false,
"changed": false,
"invocation": {
"module_args": {
"username": "ucs-local\admin",
"redundancy_type": "none",
"cdn_name": "",
"stats_policy": "default",
"network_control_policy": "",
"proxy": null,
"cdn_source": "vnic-name",
"use_ssl": true,
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": null,
"peer_redundancy_template": "",
"use_proxy": true,
"vlans_list": null,
"fabric": "A",
"description": "",
"hostname": "10.173.253.72",
"org_dn": "org-root/org-ucsmdndb",
"name": "vNIC-A",
"template_type": "updating-template",
"state": "present",
"mac_pool": "",
"target": "adaptor",
"pin_group": "",
"mtu": "1500",
"qos_policy": ""
}
},
"msg": "setup error: [ErrorCode]: 102[ErrorDescription]: configured object (org-root/org-ucsmdndb/lan-conn-templ-vNIC-A) not found "
}

The version of the module and ansible,,

(ansible) [root@anstvwells02 admin]# pip show ucsmsdk
Name: ucsmsdk
Version: 0.9.9

(ansible) [root@ansnvlonls01 ~]# ansible --version
ansible 2.8.0

The vars_file which was used,

ucs_vnic_template:

• name: vNIC-A
  state: present
  fabric: A
  org_dn: 'org-root/org-ucsmdndb'
  template_type: 'updating-template'

The playbook itself,

• name: "Create update delete vnic template"
  ignore_errors: True
  ucs_vnic_template:
  hostname: "{{ansible_host}}"
  username: "{{username}}"
  password: "{{password}}"
  name: "{{ucs_vnic_item.name}}"
  fabric: "{{ucs_vnic_item.fabric}}"
  state: "{{ucs_vnic_item.state}}"
  template_type: "{{ucs_vnic_item.template_type}}"
  org_dn: "{{ucs_vnic_item.org_dn}}"

Hello Team,

I need a ansible playbook to add a vlan to a vnic template which is under a sub-organisation

I have a sub organisation under root called VONE-C and vnic template has been created under the VONE-C sub organisation, I now require to add the vlan to the vnic template under the VONE-C sub organisation.

I tried to assign the sub organisation under the org_dn = org-VONE-C but still the vlan didnt add to the correct vnic template.

Can someone assist with the correct playbook please.

Ansible version: 2.10.

Thanks and Regards
Vivekanand

We do not want to define the username and password within the playbook or a yml var file as we do not use role accounts in our environment, each admin uses their own credentials. CLI arguments -u username and -k password do not appear to be used by the module. We see the following errors based on how we define username and password in the playbook.

CLI: ansible-playbook ucs_add_vlans_vnic.yml -vvvv -u username -k password

1. ucs_add_vlans_vnic.yml
   username: "{{ ansible_ssh_user }}"
   password: "{{ ansible_ssh_password }}"

The task includes an option with an undefined variable. The error was: 'ansible_ssh_password' is undefined

2. ucs_add_vlans_vnic.yml
   username:
   password:

msg: '[ErrorCode]: 551[ErrorDescription]: Authentication failed'

3. ucs_add_vlans_vnic.yml
   Username and password not defined in playbook.

msg: 'missing required arguments: password'

Try to install ucsm-ansible via
pip install git+https://github.com/CiscoUcs/ucsm-ansible.git
fails

Please prepare repo

11:19 $ pip install git+https://github.com/CiscoUcs/ucsm-ansible.git
Collecting git+https://github.com/CiscoUcs/ucsm-ansible.git
  Cloning https://github.com/CiscoUcs/ucsm-ansible.git to /private/var/folders/7x/6ft2ttdn3b91hztrkvptgyt40000gn/T/pip-req-build-Pgyjby
    Complete output from command python setup.py egg_info:
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
    IOError: [Errno 2] No such file or directory: '/private/var/folders/7x/6ft2ttdn3b91hztrkvptgyt40000gn/T/pip-req-build-Pgyjby/setup.py'```