aci_config_snapshot - Manage Config Snapshots (config:Snapshot, config:ExportP)
New in version 2.4.
Synopsis
- Manage Config Snapshots on Cisco ACI fabrics.
- Creating new Snapshots is done using the configExportP class.
- Removing Snapshots is done using the configSnapshot class.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
certificate_name | Default: C(private_key) basename | The X.509 certificate name attached to the APIC AAA user used for signature-based authentication. It defaults to the private_key basename, without extension.aliases: cert_name |
description | The description for the Config Export Policy. aliases: descr | |
export_policy | The name of the Export Policy to use for Config Snapshots. aliases: name | |
format |
| Sets the config backup to be formatted in JSON or XML. The APIC defaults new Export Policies to json
|
host required | IP Address or hostname of APIC resolvable by Ansible control host. aliases: hostname | |
include_secure |
| Determines if secure information should be included in the backup. The APIC defaults new Export Policies to yes . |
max_count |
3 | Determines how many snapshots can exist for the Export Policy before the APIC starts to rollover. The APIC defaults new Export Policies to 3 . |
output_level |
| Influence the output of this ACI module. normal means the standard output, incl. current dictinfo means informational output, incl. previous , proposed and sent dictsdebug means debugging output, incl. filter_string , method , response , status and url information |
password required | The password to use for authentication. | |
port | Default: 443 (for https) and 80 (for http) | Port number to be used for REST connection. |
private_key | PEM formatted file that contains your private key to be used for signature-based authentication. The name of the key (without extension) is used as the certificate name in ACI, unless certificate_name is specified.aliases: cert_key | |
snapshot | The name of the snapshot to delete. | |
state |
| Use present or absent for adding or removing.Use query for listing an object or multiple objects. |
timeout | Default: 30 | The socket level timeout in seconds. |
use_proxy |
| If no , it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
use_ssl |
| If no , an HTTP connection will be used instead of the default HTTPS connection. |
username required | Default: admin | The username to use for authentication. aliases: user |
validate_certs |
| If no , SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates. |
Notes
Note
- The APIC does not provide a mechanism for naming the snapshots.
- Snapshot files use the following naming structure: ce_<config export policy name>-<yyyy>-<mm>-<dd>T<hh>:<mm>:<ss>.<mss>+<hh>:<mm>.
- Snapshot objects use the following naming structure: run-<yyyy>-<mm>-<dd>T<hh>-<mm>-<ss>.
- More information about the internal APIC classes config:Snapshot and config:ExportP from the APIC Management Information Model reference.
- By default, if an environment variable
<protocol>_proxy
is set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using theuse_proxy
option. - HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.
Examples
- name: Create a Snapshot aci_config_snapshot: host: apic username: admin password: SomeSecretPassword state: present export_policy: config_backup max_count: 10 description: Backups taken before new configs are applied. - name: Query all Snapshots aci_config_snapshot: host: apic username: admin password: SomeSecretPassword state: query - name: Query Snapshots associated with a particular Export Policy aci_config_snapshot: host: apic username: admin password: SomeSecretPassword state: query export_policy: config_backup - name: Delete a Snapshot aci_config_snapshot: host: apic username: admin password: SomeSecretPassword state: absent export_policy: config_backup snapshot: run-2017-08-24T17-20-05
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
current list | success | The existing configuration from the APIC after the module has finished Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}] |
error dict | failure | The error information as returned from the APIC Sample: {'text': 'unknown managed object class foo', 'code': '122'} |
filter_string string | failure or debug | The filter string used for the request Sample: ?rsp-prop-include=config-only |
method string | failure or debug | The HTTP method used for the request to the APIC Sample: POST |
previous list | info | The original configuration from the APIC before the module has started Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}] |
proposed dict | info | The assembled configuration from the user-provided parameters Sample: {'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}} |
raw string | parse error | The raw output returned by the APIC REST API (xml or json) Sample: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata> |
response string | failure or debug | The HTTP response from the APIC Sample: OK (30 bytes) |
sent list | info | The actual/minimal configuration pushed to the APIC Sample: {'fvTenant': {'attributes': {'descr': 'Production environment'}}} |
status int | failure or debug | The HTTP status from the APIC Sample: 200 |
url string | failure or debug | The HTTP url used for the request to the APIC Sample: https://10.11.12.13/api/mo/uni/tn-production.json |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Author
- Jacob McGill (@jmcgill298)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/aci_config_snapshot_module.html