Brocade Zoning Config Module - Removes existing zones during dry run ..

[sathhishh06]

Hi,

I'm trying to setup automation for zoning configuration using ansible and below mentioned is my playbook. I specified members_Add_only to true so that the new zones would be added to the existing zone database. I believe this is not functioning as advertised and defaults to REST options .

---

• hosts: localhost
  gather_facts: False
  collections:

  • brocade.fos
  • ansible.posix

  vars:
  credential:
  fos_ip_addr: xx.xx.xx.xx
  fos_user_name: admin
  fos_password: xxxxxxxxxxxx
  https: false

  zones:
  - name: z_sesosapa210_hba1_sesosapprdsvm01_033c
  members:
  - a_sesosapa210_hba1
  - a_sesosapprdsvm01_033c

  - name: z_sesosapa210_hba1_sesosapprdsvm01_043c
    members:
      - a_sesosapa210_hba1
      - a_sesosapprdsvm01_043c
  

  cfgs:
  - name: ZS_SESO_Fabric_A
  members:
  - z_sesosapa210_hba1_sesosapprdsvm01_033c
  - z_sesosapa210_hba1_sesosapprdsvm01_043c

  tasks:

  • name: Create Zones
    brocade_zoning_zone:
    credential: "{{credential}}"
    vfid: 128
    zones: "{{zones}}"
    members_add_only: 'True'

  • name: Add Zones to Config
    brocade_zoning_cfg:
    credential: "{{credential}}"
    vfid: 128
    members_add_only: 'True'
    cfgs: "{{cfgs}}"
    active_cfg: 'ZS_SESO_Fabric_A'

Dry Run Output --=

TASK [Create Zones]
"GET_url": "http:///rest/running/zoning/defined-configuration/zone?vf-id=128",
"POST_url": "http:///rest/logout",
"changed": true,
"common_list": [],
"invocation": {
"module_args": {
"credential": {
"fos_ip_addr": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"fos_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"fos_user_name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"https": false
},
"members_add_only": true,
"members_remove_only": null,
"throttle": null,
"timeout": null,
"vfid": 128,
"zones": [
{
"members": [
"a_sesosapa210_hba1",
"a_sesosapprdsvm01_033c"
],
"name": "z_sesosapa210_hba1_sesosapprdsvm01_033c"
},
{
"members": [
"a_sesosapa210_hba1",
"a_sesosapprdsvm01_043c"
],
"name": "z_sesosapa210_hba1_sesosapprdsvm01_043c"
}
],
"zones_to_delete": null
}
},
"post_list": [
{
"members": [
"a_sesosapa210_hba1",
"a_sesosapprdsvm01_033c"
],
"name": "z_sesosapa210_hba1_sesosapprdsvm01_033c"
},
{
"members": [
"a_sesosapa210_hba1",
"a_sesosapprdsvm01_043c"
],
"name": "z_sesosapa210_hba1_sesosapprdsvm01_043c"
}
],
"remove_list": [] - Null ( I believe everything is working as expected till here)

TASK [Add Zones to Config]

"GET_url": "http:///rest/running/zoning/defined-configuration/cfg?vf-id=128",
"POST_url": "http:///rest/logout",
"changed": true,
"common_list": [],
"invocation": {
"module_args": {
"active_cfg": "ZS_SESO_Fabric_A",
"cfgs": [
{
"members": [
"z_sesosapa210_hba1_sesosapprdsvm01_033c",
"z_sesosapa210_hba1_sesosapprdsvm01_043c"
],
"name": "ZS_SESO_Fabric_A"
}
],
"cfgs_to_delete": null,
"credential": {
"fos_ip_addr": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"fos_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"fos_user_name": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"https": false
},
"members_add_only": true,
"members_remove_only": null,
"throttle": null,
"timeout": null,
"vfid": 128
}
},
"post_list": [
{
"members": [
"z_sesosapa210_hba1_sesosapprdsvm01_033c",
"z_sesosapa210_hba1_sesosapprdsvm01_043c"
],
"name": "ZS_SESO_Fabric_A"
}
],
"remove_list": [ --> Issue - It is removing existing zones
{
"members": [
"powervc_sesosapa008_364360aa_000c05076088f5a04b0500507680c212686",
"powervc_sesosapa008_364360aa_000c05076088f5a04b0500507680c212688",

Any help would highly be appreciated

As a workaround i tried the fos command module to add zones to the config and activate . It did not help either

• name: Zone Creation
  brocade_zoning_zone:
  credential: "{{credential}}"
  vfid: 128
  zones: "{{zones}}"
  timeout: 300

• name: Config Addtion and Enable
  brocade_fos_command:
  switch_login: "{{username}}"
  switch_password: "{{password}}"
  switch_address: xx.xx.xx.xx
  global_timeout: 300
  command_set:
  #
  - command: cfgadd "ZS_SESO_Fabric_A", "z_sesosapa210_hba1_sesosapdevsvm01_034a;z_sesosapa210_hba1_sesosapdevsvm01_044a"

  - command: cfgsave
    prompts:
      - question: Do you want to save to
        response: "yes"
  

Error Received during dry run

The full traceback is:
File "/tmp/ansible_brocade_fos_command_payload_7kvn02d1/ansible_brocade_fos_command_payload.zip/ansible_collections/brocade/fos/plugins/modules/brocade_fos_command.py", line 332, in receive_until_match
File "/usr/lib/python3/dist-packages/paramiko/channel.py", line 701, in recv
raise socket.timeout()
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"command_set": [
{
"command": "cfgadd "ZS_SESO_Fabric_A", "z_sesosapa210_hba1_sesosapdevsvm01_034a;z_sesosapa210_hba1_sesosapdevsvm01_044a"",
"exit_tests": [],
"prompts": [],
"result_tests": [],
"start_state": [
{
"flag": "changed",
"value": false
},
{
"flag": "failed",
"value": false
}
],
"timeout": -1
},
{
"command": "cfgsave",
"exit_tests": [],
"prompts": [
{
"question": "Do you want to save to",
"response": "yes"
}
],
"result_tests": [],
"start_state": [
{
"flag": "changed",
"value": false
},
{
"flag": "failed",
"value": false
}
],
"timeout": -1
}
],
"global_timeout": 300,
"hostkeymust": false,
"login_delay": 5,
"switch_address": "xx.xx.xx.xx",
"switch_login": "admin",
"switch_password": "xxxxxxxxxxx"
}
},
"messages": [
"",
"SSH into xx.xx.xx.xx",
"Receive error. Buffer: cfgsave\r\nWARNING!!!\r\nThe changes you are attempting to save will render the\r\nEffective configuration and the Defined configuration\r\ninconsistent. The inconsistency will result in different\r\nEffective Zoning configurations for switches in the fabric if\r\na zone merge or HA failover happens. To avoid inconsistency\r\nit is recommended to commit the configurations using the\r\n'cfgenable' command.\r\n\r\nDo you want to proceed with saving the Defined\r\nzoning configuration only? (yes, y, no, n): [no] Exception: ",
[
"cfgsave",
"WARNING!!!",
"The changes you are attempting to save will render the",
"Effective configuration and the Defined configuration",
"inconsistent. The inconsistency will result in different",
"Effective Zoning configurations for switches in the fabric if",
"a zone merge or HA failover happens. To avoid inconsistency",
"it is recommended to commit the configurations using the",
"'cfgenable' command.",
"",
"Do you want to proceed with saving the Defined",
"zoning configuration only? (yes, y, no, n): [no] "
]
],
"msg": "Receive timeout."

[prasad-valmeti-broadcom]

Please try this sample config in this playbook zoning_zone_members_add_only.yml. This adds members and doesn't delete any of the existing members.
Please let us know if you still face the issues with the FOS ansible version with the switch version that is used for testing.

[sathhishh06]

Hi sure, Will check and revert..Thank you Regards Sathish

…

On Sun, Jul 21, 2024, 1:21 PM prasad-valmeti-broadcom < ***@***.***> wrote: Please try this sample config in this playbook *zoning_zone_members_add_only.yml*. This adds members and doesn't delete any of the existing members. Please let us know if you still face the issues with the FOS ansible version with the switch version that is used for testing. — Reply to this email directly, view it on GitHub <#144 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AI4ETJQVOPSNSKGIP2L6JADZNNR63AVCNFSM6AAAAABCQ2AUEOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENBRGUYTKMBWG4> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[sathhishh06]

hi Prasad
Issue seems to persist
Testing - Oracle Virtual box installed in my PC
sat@awxtest:/Play$ uname -a
Linux awxtest 6.5.0-14-generic #14-Ubuntu SMP PREEMPT_DYNAMIC Tue Nov 14 14:59:49 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
sat@awxtest:/Play$ cat /etc/os-release
PRETTY_NAME="Ubuntu 23.10"
NAME="Ubuntu"
VERSION_ID="23.10"
VERSION="23.10 (Mantic Minotaur)"
VERSION_CODENAME=mantic
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=mantic
LOGO=ubuntu-logo

sat@awxtest:~/Play$ ansible-playbook -C zoning.yml -v
Using /etc/ansible/ansible.cfg as config file
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [localhost] ********************************************************************************************************************************************

TASK [create aliases] ***************************************************************************************************************************************
changed: [localhost] => {"GET_url": "http:///rest/running/zoning/defined-configuration/alias?vf-id=128", "POST_url": "http:///rest/logout", "changed": true, "common_list": [], "post_list": [{"members": ["c0:50:76:0c:1f:08:00:3c", "c0:50:76:0c:1f:08:00:3d"], "name": "a_sesonima003_hba1"}, {"members": ["c0:50:76:0c:1f:08:00:38", "c0:50:76:0c:1f:08:00:39"], "name": "a_sesonima003_hba3"}], "remove_list": []}

TASK [create zones] *****************************************************************************************************************************************
changed: [localhost] => {"GET_url": "http:///rest/running/zoning/defined-configuration/zone?vf-id=128", "POST_url": "http:///rest/logout", "changed": true, "common_list": [], "post_list": [{"members": ["a_sesonima003_hba1", "a_sesosapsvm01_01_1c"], "name": "z_sesonima003_hba1_sesosapsvm01_01_1c"}, {"members": ["a_sesonima003_hba1", "a_sesosapsvm01_02_1c"], "name": "z_sesonima003_hba1_sesosapsvm01_02_1c"}, {"members": ["a_sesonima003_hba3", "a_sesosapsvm01_01_1c"], "name": "z_sesonima003_hba3_sesosapsvm01_01_1c"}, {"members": ["a_sesonima003_hba3", "a_sesosapsvm01_02_1c"], "name": "z_sesonima003_hba3_sesosapsvm01_02_1c"}], "remove_list": []}

TASK [Add zones to config] **********************************************************************************************************************************
changed: [localhost] => {"GET_url": "http:///rest/running/zoning/defined-configuration/cfg?vf-id=128", "POST_url": "http:///rest/logout", "changed": true, "common_list": [], "post_list": [{"members": ["z_sesonima003_hba1_sesosapsvm01_01_1c", "z_sesonima003_hba1_sesosapsvm01_02_1c", "z_sesonima003_hba3_sesosapsvm01_01_1c", "z_sesonima003_hba3_sesosapsvm01_02_1c"], "name": "ZS_SESO_Fabric_A"}], "remove_list": [{"members": ["a_sesosapa722_hba3_sesomnsc001_IO0_C2_P2sesomnsc001_N1_C2_P2", "a_sesosapa722_hba3_sesomnsc001_N1_C2_P2",

remove_list is my concern while adding zones to config

SAN Switch Configurations
G630 - Running v9.1.1d
6520 - Running 8.2.3d

these two switches are part of a single fabric

[sathhishh06]

sat@awxtest:~/Play$ ansible --version
ansible [core 2.16.8]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/sat/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/sat/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.6 (main, Apr 10 2024, 17:26:07) [GCC 13.2.0] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True

[sathhishh06]

playbook yaml file

---

• hosts: localhost
  connection: local
  collections:

  • brocade.fos
    gather_facts: False

  vars:
  credential:
  fos_ip_addr:
  fos_user_name:
  fos_password:
  https: false

  tasks:

  • name: create aliases
    brocade_zoning_alias:
    credential: "{{credential}}"
    vfid: 128
    aliases:
    - name: a_ser1
    members:
    - c0:50:76:0c:1f:08:00:3c
    - c0:50:76:0c:1f:08:00:3d

    - name: a_ser2
      members:
        - c0:50:76:0c:1f:08:00:38
        - c0:50:76:0c:1f:08:00:39
    

  • name: create zones
    brocade_zoning_zone:
    credential: "{{credential}}"
    vfid: 128
    zones:
    - name: z_test1
    members:
    - a_x
    - a_x

    - name: z_test2
      members:
        - a_x
        - a_x
    
    - name: z_test3
      members:
        - a_x
        - a_x
    
    - name: z_test3
      members:
        - a_x
        - a_x
    

  • name: Add zones to config
    brocade_zoning_cfg:
    credential: "{{credential}}"
    vfid: 128
    members_add_only: True
    cfgs:

    • name: ZS_SESO_Fabric_A
      members:
      • z_xxxxx
        active_cfg: ZS_SESx_Fabric_A

Sorry had to change for security reasons

[prasad-valmeti-broadcom]

If you give members_add_only: True as mentioned in the zoning_zone_members_add_only.yml should help. For me to reproduce locally, it would be helpful if you could provide the FOS Ansible version you are using.