dellemc.enterprise_sonic.sonic_mgmt_servers 模块 – 管理 SONiC 上的管理服务器配置

注意

此模块是 dellemc.enterprise_sonic 集合 (版本 2.5.1) 的一部分。

如果您正在使用 ansible 包,则可能已安装此集合。它不包含在 ansible-core 中。要检查它是否已安装,请运行 ansible-galaxy collection list

要安装它,请使用: ansible-galaxy collection install dellemc.enterprise_sonic

要在 playbook 中使用它,请指定: dellemc.enterprise_sonic.sonic_mgmt_servers

dellemc.enterprise_sonic 2.5.0 中的新增功能

概要

  • 此模块提供对运行 SONiC 的设备的管理服务器的配置管理。

参数

参数

注释

config

字典

管理服务器配置

rest

字典

REST 服务器配置

api_timeout

整数

REST 服务器等待 REST API 请求-响应周期完成的最大时间(秒)

范围 0-4294967295

默认值: 900

client_auth

字符串

客户端身份验证方法列表

指定为逗号分隔的列表。列表选项包括 password、jwt、cert 和 none。

默认值: "password,jwt"

log_level

整数

REST 服务器的日志级别,范围 0-255

默认值: 0

port

整数

REST 服务器监听的端口,范围 0-65535

默认值: 443

read_timeout

整数

REST 服务器等待 HTTP 请求-响应周期完成的最大时间(秒)

范围 0-4294967295

默认值: 15

req_limit

整数

客户端可以向 REST 服务器发出的并发请求的最大数量

范围 0-4294967295

security_profile

字符串

安全配置文件的名称

shutdown

布尔值

启用/禁用 REST 服务器在端口上监听

选项

  • false

  • true

vrf

字符串

VRF 的名称

选项

  • "mgmt"

telemetry

字典

遥测服务器配置

api_timeout

整数

遥测服务器等待 gNMI 请求-响应周期完成的最大时间(秒)

范围 0-4294967295

默认值: 0

client_auth

字符串

客户端身份验证方法列表

指定为逗号分隔的列表。列表选项包括 password、jwt、cert 和 none。

默认值: "password,jwt"

jwt_refresh

整数

JWT 过期并可以刷新的时间间隔(秒)

范围 0-4294967295

默认值: 900

jwt_valid

整数

JWT 在遥测服务器上有效的持续时间(秒)

范围 0-4294967295

默认值: 3600

log_level

整数

遥测服务器的日志级别,范围 0-255

默认值: 0

port

整数

遥测服务器监听的端口,范围 0-65535

默认值: 8080

security_profile

字符串

安全配置文件的名称

vrf

字符串

VRF 的名称

选项

  • "mgmt"

state

字符串

模块完成后的配置状态。

选项

  • "merged" ← (默认)

  • "deleted"

  • "overridden"

  • "replaced"

备注

注意

  • 针对戴尔科技公司的企业 SONiC 发行版进行了测试。

  • 支持 check_mode

示例

# Using Merged
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 900 seconds
# vrf is not-set
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set

- name: Merge mgmt servers configuration
  dellemc.enterprise_sonic.sonic_mgmt_servers:
    config:
      rest:
        api_timeout: 120
        client_auth: password
        log_level: 6
        port: 443
        read_timeout: 60
        req_limit: 100
        security_profile: profile1
        shutdown: True
        vrf: mgmt
      telemetry:
        api_timeout: 45
        client_auth: cert,jwt
        jwt_refresh: 80
        jwt_valid: 300
        log_level: 10
        port: 1234
        security_profile: profile2
        vrf: mgmt
    state: merged

# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt


# Using Replaced
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt

- name: Replace mgmt servers configuration
  dellemc.enterprise_sonic.sonic_mgmt_servers:
    config:
      rest:
        api_timeout: 180
        vrf: mgmt
      telemetry:
        log_level: 25
        security_profile: profile2
    state: replaced

# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 180 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 25
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is profile2
# API timeout is 0 seconds
# vrf is not-set


# Using Overridden
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt

- name: Override mgmt servers configuration
  dellemc.enterprise_sonic.sonic_mgmt_servers:
    config:
      rest:
        api_timeout: 120
        client_auth: password
        log_level: 6
        port: 443
        read_timeout: 60
        req_limit: 100
        security_profile: profile1
        shutdown: True
        vrf: mgmt
    state: overridden

# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set


# Using Deleted
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt

- name: Delete mgmt servers configuration
  dellemc.enterprise_sonic.sonic_mgmt_servers:
    config:
      rest:
        api_timeout: 120
        client_auth: password
        log_level: 6
        port: 443
        read_timeout: 60
        req_limit: 100
        security_profile: profile1
        shutdown: True
        vrf: mgmt
      telemetry:
        api_timeout: 45
        client_auth: cert,jwt
        jwt_refresh: 80
        jwt_valid: 300
        log_level: 10
        port: 1234
        security_profile: profile2
        vrf: mgmt
    state: deleted

# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 900 seconds
# vrf is not-set
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set

返回值

常见的返回值已在 此处 记录,以下是此模块特有的字段

描述

after

列表 / 元素=字符串

模块调用后的最终配置。

返回:发生更改时

示例: ["The configuration returned will always be in the same format as the parameters above.\n"]

after(generated)

列表 / 元素=字符串

模块调用生成的配置。

返回:check_mode

示例: ["The configuration returned will always be in the same format\n as the parameters above.\n"]

before

列表 / 元素=字符串

模块调用之前的配置。

返回:始终返回

示例: ["The configuration returned will always be in the same format as the parameters above.\n"]

commands

列表 / 元素=字符串

推送到远程设备的命令集。

返回:始终返回

示例: ["command 1", "command 2", "command 3"]

作者

  • Shade Talabi (@stalabi1)