dellemc.enterprise_sonic.sonic_mgmt_servers module – Manage management servers configuration on SONiC
Note
This module is part of the dellemc.enterprise_sonic collection (version 3.0.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install dellemc.enterprise_sonic
.
To use it in a playbook, specify: dellemc.enterprise_sonic.sonic_mgmt_servers
.
New in dellemc.enterprise_sonic 2.5.0
Synopsis
This module provides configuration management of management servers for devices running SONiC
Parameters
Parameter |
Comments |
---|---|
Management servers configuration |
|
REST server configuration |
|
Maximum time in seconds the REST server will wait for a REST API request-response cycle to complete Range 0-4294967295 Default: |
|
Cipher suites used for TLS connection with the clients Specify as a comma separated list. Options are ecdhe-ecdsa-with-aes-256-gcm-SHA384, ecdhe-ecdsa-with-chacha20-poly1305-SHA256 and ecdhe-ecdsa-with-aes-128-gcm-SHA256. Default: |
|
Client authentication methods list Specify as a comma separated list. Options for list are password, jwt, cert, and none. Default: |
|
Log level of REST server, range 0-255 Default: |
|
Port that the REST server listens on, range 0-65535 Default: |
|
Maximum time in seconds the REST server will wait for an HTTP request-response cycle to complete Range 0-4294967295 Default: |
|
Maximum number of concurrent requests that the client can make to the REST server Range 0-4294967295 |
|
Name of security profile |
|
Enables/disables REST server from listening on the port Choices:
|
|
Name of VRF Choices:
|
|
Telemetry server configuration |
|
Maximum time in seconds the telemetry server will wait for a gNMI request-response cycle to complete Range 0-4294967295 Default: |
|
Client authentication methods list Specify as a comma separated list. Options for list are password, jwt, cert, and none. Default: |
|
Duration of time in seconds before JWT expires and can be refreshed Range 0-4294967295 Default: |
|
Duration of time in seconds for which JWT is valid on the telemetry server Range 0-4294967295 Default: |
|
Log level of telemetry server, range 0-255 Default: |
|
Port that the telemetry server listens on, range 0-65535 Default: |
|
Name of security profile |
|
Name of VRF Choices:
|
|
The state of the configuration after module completion. Choices:
|
Notes
Note
Tested against Enterprise SONiC Distribution by Dell Technologies.
Supports
check_mode
.
Examples
# Using Merged
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 900 seconds
# vrf is not-set
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-chacha20-poly1305-SHA256,ecdhe-ecdsa-with-aes-128-gcm-SHA256
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set
- name: Merge mgmt servers configuration
dellemc.enterprise_sonic.sonic_mgmt_servers:
config:
rest:
api_timeout: 120
client_auth: password
log_level: 6
port: 443
read_timeout: 60
req_limit: 100
security_profile: profile1
shutdown: True
vrf: mgmt
cipher_suite: ecdhe-ecdsa-with-aes-256-gcm-SHA384
telemetry:
api_timeout: 45
client_auth: cert,jwt
jwt_refresh: 80
jwt_valid: 300
log_level: 10
port: 1234
security_profile: profile2
vrf: mgmt
state: merged
# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt
# Using Replaced
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt
- name: Replace mgmt servers configuration
dellemc.enterprise_sonic.sonic_mgmt_servers:
config:
rest:
api_timeout: 180
vrf: mgmt
cipher_suite: ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-chacha20-poly1305-SHA256
telemetry:
log_level: 25
security_profile: profile2
state: replaced
# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 180 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-chacha20-poly1305-SHA256
#
# sonic# show ip telemetry
#
# Log level is 25
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is profile2
# API timeout is 0 seconds
# vrf is not-set
# Using Overridden
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-chacha20-poly1305-SHA256
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt
- name: Override mgmt servers configuration
dellemc.enterprise_sonic.sonic_mgmt_servers:
config:
rest:
api_timeout: 120
client_auth: password
log_level: 6
port: 443
read_timeout: 60
req_limit: 100
security_profile: profile1
shutdown: True
vrf: mgmt
cipher_suite: ecdhe-ecdsa-with-aes-128-gcm-SHA256,ecdhe-ecdsa-with-aes-256-gcm-SHA384
state: overridden
# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-128-gcm-SHA256,ecdhe-ecdsa-with-aes-256-gcm-SHA384
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set
# Using Deleted
#
# Before state:
# -------------
#
# sonic# show ip rest
#
# Log level is 6
# Port is 443, disabled
# Request limit is 100
# Read timeout is 60 seconds
# Client authentication mode is password
# Security profile is profile1
# API timeout is 120 seconds
# vrf is mgmt
# Cipher suite is ecdhe-ecdsa-with-aes-128-gcm-SHA256,ecdhe-ecdsa-with-aes-256-gcm-SHA384
#
# sonic# show ip telemetry
#
# Log level is 10
# JWT valid is 300 seconds
# JWT refresh is 80 seconds
# Port is 1234
# Client authentication mode is cert,jwt
# Security profile is profile2
# API timeout is 45 seconds
# vrf is mgmt
- name: Delete mgmt servers configuration
dellemc.enterprise_sonic.sonic_mgmt_servers:
config:
rest:
api_timeout: 120
client_auth: password
log_level: 6
port: 443
read_timeout: 60
req_limit: 100
security_profile: profile1
shutdown: True
vrf: mgmt
cipher_suite: ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-aes-128-gcm-SHA256
telemetry:
api_timeout: 45
client_auth: cert,jwt
jwt_refresh: 80
jwt_valid: 300
log_level: 10
port: 1234
security_profile: profile2
vrf: mgmt
state: deleted
# After state:
# ------------
#
# sonic# show ip rest
#
# Log level is 0
# Port is 443
# Request limit is not-set
# Read timeout is 15 seconds
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 900 seconds
# vrf is not-set
# Cipher suite is ecdhe-ecdsa-with-aes-256-gcm-SHA384,ecdhe-ecdsa-with-chacha20-poly1305-SHA256,ecdhe-ecdsa-with-aes-128-gcm-SHA256
#
# sonic# show ip telemetry
#
# Log level is 0
# JWT valid is 3600 seconds
# JWT refresh is 900 seconds
# Port is 8080
# Client authentication mode is password,jwt
# Security profile is not-set
# API timeout is 0 seconds
# vrf is not-set
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The resulting configuration module invocation. Returned: when changed Sample: |
|
The generated configuration from module invocation. Returned: when Sample: |
|
The configuration prior to the module invocation. Returned: always Sample: |
|
The set of commands pushed to the remote device. Returned: always Sample: |