From 0994e58f404fe20c81061180db364845b4d8f97f Mon Sep 17 00:00:00 2001 From: Ganesh B Nalawade Date: Thu, 4 Oct 2018 17:25:45 +0530 Subject: [PATCH] Add rescue function * Rescue function add ability to mark a known running configuration as a rescue configuration and support rollback of current configuration to rescue configuration when required. * Add rescue function testcase and doc update --- README.md | 1 + defaults/main.yaml | 5 ++ docs/config_manager/rescue.md | 77 +++++++++++++++++++ meta/config_manager/rescue_spec.yaml | 27 +++++++ tasks/config_manager/rescue.yaml | 39 ++++++++++ .../config_manager/tasks/main.yml | 3 + .../config_manager/tasks/rescue.yml | 58 ++++++++++++++ 7 files changed, 210 insertions(+) create mode 100644 docs/config_manager/rescue.md create mode 100644 meta/config_manager/rescue_spec.yaml create mode 100644 tasks/config_manager/rescue.yaml create mode 100644 tests/config_manager/config_manager/tasks/rescue.yml diff --git a/README.md b/README.md index 0d24bc0..3f91d61 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ Please see the documentation link for each function for details on how to use the function in an Ansible playbook. * load [[source]](https://github.com/ansible-network/juniper_junos/blob/devel/tasks/config_manager/load.yaml) [[docs]](https://github.com/ansible-network/juniper_junos/blob/devel/docs/config_manager/load.md) +* rescue [[source]](https://github.com/ansible-network/juniper_junos/blob/devel/tasks/config_manager/rescue.yaml) [[docs]](https://github.com/ansible-network/juniper_junos/blob/devel/docs/config_manager/rescue.md) * save [[source]](https://github.com/ansible-network/juniper_junos/blob/devel/tasks/config_manager/save.yaml) [[docs]](https://github.com/ansible-network/juniper_junos/blob/devel/docs/config_manager/save.md) * get_facts [[source]](https://github.com/ansible-network/juniper_junos/blob/devel/tasks/get_facts.yaml) [[docs]](https://github.com/ansible-network/juniper_junos/blob/devel/docs/get_facts.md) * configure_netconf [[source]](https://github.com/ansible-network/juniper_junos/blob/devel/tasks/configure_netconf.yaml) [[docs]](https://github.com/ansible-network/juniper_junos/blob/devel/docs/configure_netconf.md) diff --git a/defaults/main.yaml b/defaults/main.yaml index 41eece3..cd7fa3b 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -16,6 +16,11 @@ junos_config_remove_temp_files: "{{ remove_temp_files | default(True) }}" junos_get_configuration_command: show configuration junos_get_configuration_format: text +# config manager rescue vars +junos_config_set_rescue: "{{ config_manager_set_rescue | default(False) }}" +junos_config_load_rescue_config: "{{ config_manager_load_rescue_config | default(False) }}" +junos_config_delete_rescue: "{{ config_manager_delete_rescue | default(False) }}" + # get_facts vars junos_get_facts_command_map: "{{ role_path }}/vars/get_facts_command_map.yaml" junos_get_facts_subset: "{{ subset | default(['default']) }}" diff --git a/docs/config_manager/rescue.md b/docs/config_manager/rescue.md new file mode 100644 index 0000000..7bfd405 --- /dev/null +++ b/docs/config_manager/rescue.md @@ -0,0 +1,77 @@ +# Save and Load rescue configuration into device + +The `config_manager/rescue` function provides a means to save a know good running configuration +as a rescue configuration and rollback the current device configuration to rescue configuration +when required. + +## How to save a rescue configuration checkpoint + +Below is an example of how to call the `config_manager/rescue` function to mark the +current running configuration as rescue config. + +``` +- hosts: junos + + roles: + - name: ansible-network.juniper_junos + function: config_manager/resuce + config_manager_set_rescue: True +``` + +### How to load the rescue configuration + +The `config_manager/rescue` function also provides support to rollback the current running +configuration to a rescue configuration when required + +In order to load the resuce configuration, the function as before but adds the +value `config_manager_load_rescue_config: yes` to the playbook to indicate that the configuration should +be rollbacked to te the resuce configuration. + +Note: Take caution when doing rescue configuration load that you do not +inadvertently replace your access to the device. + +``` +- hosts: junos + + roles: + - name: ansible-network.juniper_junos + function: config_manager/resuce + config_manager_load_rescue_config: True +``` + +## How to delete a rescue configuration checkpoint + +Below is an example of how to call the `config_manager/rescue` function to delete the +previously set rescue configuration. + +``` +- hosts: junos + + roles: + - name: ansible-network.juniper_junos + function: config_manager/resuce + config_manager_delete_rescue: True +``` + +## Arguments + +### config_manager_set_rescue + +This setting indicates whether or not the to set the current running +configuration as the rescue configuration. + +The default value is `False` + +### config_manager_load_rescue_config + +This setting indicates whether or not to replace the current configuration +with the rescue configuration. + +The default value is `False` + +### config_manager_delete_rescue + +This setting indicates whether or not the to delete the rescue configuration +checkpoint that is already set. + +The default value is `False` diff --git a/meta/config_manager/rescue_spec.yaml b/meta/config_manager/rescue_spec.yaml new file mode 100644 index 0000000..323c3fa --- /dev/null +++ b/meta/config_manager/rescue_spec.yaml @@ -0,0 +1,27 @@ +--- +argument_spec: + ansible_network_os: + description: + - Set the name of the Ansible network OS platform. This value should be + set to `junos` for this provider. + required: true + + junos_config_set_rescue: + descriptiion: + - This setting indicates whether or not the to set the current running + configuration as the rescue configuration. + type: bool + default: False + + junos_config_load_rescue: + descriptiion: + - This setting indicates whether or not to replace the current configuration + with the rescue configuration. + type: bool + default: False + + junos_config_delete_rescue: + descriptiion: + - This setting indicates whether or not the to delete the rescue configuration checkpoint that is already set. + type: bool + default: False diff --git a/tasks/config_manager/rescue.yaml b/tasks/config_manager/rescue.yaml new file mode 100644 index 0000000..d7c72ba --- /dev/null +++ b/tasks/config_manager/rescue.yaml @@ -0,0 +1,39 @@ +--- +- name: initialize function + include_tasks: includes/init.yaml + +- name: validate role spec + validate_role_spec: + spec: config_manager/rescue_spec.yaml + +- name: set current running configuration as rescue configuration + cli: + command: request system configuration rescue save + when: junos_config_set_rescue + +- name: delete previously set rescue configuration + cli: + command: request system configuration rescue delete + when: junos_config_delete_rescue + +- name: load rescue configuration + block: + - name: enter exclusive configuration mode + cli: + command: configure exclusive + when: junos_configure_exclusive + + - name: enter configuration mode + cli: + command: configure + when: not junos_configure_exclusive + + - name: load rescue configuration + cli: + command: "{{ line }}" + loop: + - rollback rescue + - commit and-quit + loop_control: + loop_var: line + when: junos_config_load_rescue_config diff --git a/tests/config_manager/config_manager/tasks/main.yml b/tests/config_manager/config_manager/tasks/main.yml index b22eeba..92995ac 100644 --- a/tests/config_manager/config_manager/tasks/main.yml +++ b/tests/config_manager/config_manager/tasks/main.yml @@ -8,3 +8,6 @@ - name: test replace function import_tasks: replace.yml + +- name: test replace function + import_tasks: rescue.yml diff --git a/tests/config_manager/config_manager/tasks/rescue.yml b/tests/config_manager/config_manager/tasks/rescue.yml new file mode 100644 index 0000000..9483889 --- /dev/null +++ b/tests/config_manager/config_manager/tasks/rescue.yml @@ -0,0 +1,58 @@ +--- +- debug: msg="START config_manager/rescue.yaml function on connection={{ ansible_connection }}" + +- name: ensure netconf is enabled + junos_netconf: + netconf_port: 22 + +- name: setup - remove syslog + junos_config: &rm + lines: + - delete system syslog file test3 any any + - delete system syslog file test4 any any + connection: netconf + +- name: set rescue configuration + include_role: + name: "{{ juniper_junos_role_path }}" + tasks_from: config_manager/rescue + vars: + config_manager_set_rescue: True + +- name: configure syslog + junos_config: + lines: + - set system syslog file test3 any any + - set system syslog file test4 any any + connection: netconf + +- name: rollback to rescue configuration + include_role: + name: "{{ juniper_junos_role_path }}" + tasks_from: config_manager/rescue + vars: + config_manager_load_rescue_config: True + + +- name: fetch syslog configuration + junos_command: + commands: show configuration | display set + register: show_config_result + +- assert: + that: + - "'set system syslog file test3 any any' not in show_config_result.stdout_lines[0]" + - "'set system syslog file test4 any any' not in show_config_result.stdout_lines[0]" + +- name: teardown - remove rescue config + include_role: + name: "{{ juniper_junos_role_path }}" + tasks_from: config_manager/rescue + vars: + config_manager_delete_rescue: True + +- name: teardown - remove syslog config + junos_config: *rm + connection: netconf + +- debug: msg="END config_manager/rescue.yaml replace function on connection={{ ansible_connection }}"