Ansible delivers simple IT automation that ends repetitive tasks and frees up DevOps teams for more strategic work. This project is to enable this automation for NSX-T installation.
License: Other
I use nsxt_tier0 module to create tier0 gateway, first time it got created , when run the second time, it throws error. @ggverma
"msg": "Failed to update NSXTTier0Interface with id test-t0-t0ls-iface.Request body [{'subnets': [{'ip_addresses': ['35.1.1.1'], 'prefix_len': 24}], 'type': 'EXTERNAL', 'display_name': 'test-t0-t0ls-iface', 'edge_path': '/infra/sites/default/enforcement-points/default/edge-clusters/227bb7e0-b613-4445-84b2-431182b7c57a/edge-nodes/4b84c7eb-5d75-44ed-8673-e822a1e5932e', 'segment_path': '/infra/segments/test-uplink-vlan-ls', 'resource_type': 'Tier0Interface', 'id': 'test-t0-t0ls-iface', 'path': '/infra/tier-0s/test-tier0/locale-services/test-t0ls/interfaces/test-t0-t0ls-iface', 'relative_path': 'test-t0-t0ls-iface', 'parent_path': '/infra/tier-0s/test-tier0/locale-services/test-t0ls', 'marked_for_delete': False, '_create_user': 'admin', '_create_time': 1562209624425, '_last_modified_user': 'admin', '_last_modified_time': 1562209624425, '_system_owned': False, '_protection': 'NOT_PROTECTED', '_revision': 0}]. Error[(503101, {'httpStatus': 'BAD_REQUEST', 'error_code': 503101, 'module_name': 'Policy', 'error_message': 'Segment /infra/segments/test-uplink-vlan-ls is already attached to interface /infra/tier-0s/test-tier0/locale-services/test-t0ls/interfaces/test-t0-iface.'})]."
When an edge VM is being deployed, the playbook did not wait for it to complete and reported a failure. This would break the end-to-end flow of installation of manager/controller/edge and creation of other resources.
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"action": null,
"deployment_config": {
"form_factor": "SMALL",
"node_user_settings": {
"cli_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"root_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER"
},
"vm_deployment_config": {
"compute_id": "domain-c25",
"data_network_ids": [
"network-33",
"network-33",
"network-33"
],
"default_gateway_addresses": [
"10.40.1.253"
],
"hostname": "EdgeVM1",
"management_network_id": "network-33",
"management_port_subnets": [
{
"ip_addresses": [
"10.40.0.24"
],
"prefix_length": "23"
}
],
"placement_type": "VsphereDeploymentConfig",
"storage_id": "datastore-30",
"vc_id": "6f57e5bb-a3a8-4b94-8883-5bfa6115a722"
}
},
"display_name": "EdegeNode1",
"external_id": null,
"host_credential": null,
"hostname": "10.40.0.20",
"ip_addresses": [
"10.40.0.24"
],
"os_type": null,
"os_version": null,
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"resource_type": "EdgeNode",
"state": "present",
"unprepare_host": null,
"username": "admin",
"validate_certs": false
}
},
"msg": "Error in fabric node status: VM_DEPLOYMENT_QUEUED"
}
to retry, use: --limit @/root/nsxt-ansible-release-equinox/basic_topology.retry
PLAY RECAP *****************************************************************************************************************************
127.0.0.1 : ok=4 changed=0 unreachable=0 failed=1
We need a module to create logical switch port for T0 uplink ports. Current module has some mandatory parameters that does not allow us to create it like id, vif, etc
https://github.com/vmware/ansible-for-nsxt/blob/master/library/nsxt_logical_ports.py
We need to be able to use it as https://github.com/yasensim/nsxt-ansible/blob/master/deployNsx.yml#L286
and https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_logical_switch_port.py
IMO, we need to abstract further nsxt_logical_ports by making those parameters optional.
"msg": "Failed to add NSXTTier0LocaleService with id test-t0ls-lxiaopei.Request body [{'route_redistribution_types': ['TIER0_STATIC', 'TIER0_NAT'], 'display_name': 'test-t0ls-lxiaopei', 'edge_cluster_path': '/infra/sites/default/enforcement-point/default/edge-clusters/227bb7e0-b613-4445-84b2-431182b7c57a'}]. Error[(500012, {'httpStatus': 'BAD_REQUEST', 'error_code': 500012, 'module_name': 'Policy', 'error_message': 'The path=[/infra/sites/default/enforcement-point/default/edge-clusters/227bb7e0-b613-4445-84b2-431182b7c57a] is invalid'})].",
@ggverma FYI.
The nsxt_ip_pools module always updates the resource, even when nothing has been changed. The message "ip pool with pool id a7b7d048-87f5-4848-a585-c2ffe618f9df updated." is displayed on every execution.
changed: [sg1-nsx002] => {
"body": "{u'subnets': [{u'cidr': u'10.1.111.0/24', u'dns_nameservers': [], u'allocation_ranges': [{u'start': u'10.1.111.10', u'end': u'10.1.111.20'}]}], u'_system_owned': False, u'display_name': u'SiteA-CMP-VxLAN', u'_create_user': u'admin', u'_revision': 2, u'_protection': u'NOT_PROTECTED', u'_create_time': 1553353847871, u'_last_modified_time': 1553354083398, u'_last_modified_user': u'admin', u'id': u'a7b7d048-87f5-4848-a585-c2ffe618f9df', u'resource_type': u'IpPool'}",
"changed": true,
"id": "a7b7d048-87f5-4848-a585-c2ffe618f9df",
"invocation": {
"module_args": {
"display_name": "SiteA-CMP-VxLAN",
"hostname": "sg1-nsx002.sgroot.local",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"state": "present",
"subnets": [
{
"allocation_ranges": [
{
"end": "10.1.111.20",
"start": "10.1.111.10"
}
],
"cidr": "10.1.111.0/24"
}
],
"tags": null,
"username": "admin",
"validate_certs": false
}
},
"message": "ip pool with pool id a7b7d048-87f5-4848-a585-c2ffe618f9df updated."
}
Since the UI does not require this, we should not either.
I Use the nsxt_deploy_ova funtion to deploy my NSX manager. The deploymnet of the VM (ova) works,
I can log in wtih the admin user to the console and run the command get interface eth0
nsxt-manager-10> get interface eth0
Interface: eth0
Address: unknown
MAC Address: 00:50:56:b9df:21
It sems to me that the ip address is not set?
I user the following components
My Play book looks look like thist
---
- hosts: 127.0.0.1
connection: local
become: yes
# vars_files:
# - answerfile.yml
tasks:
- name: deploy NSX Manager OVA
nsxt_deploy_ova:
ovftool_path: "/var/lib/awx/bin/vmware-ovftool"
# folder: 'NSX_Applienc'
datacenter: "DC_Int"
datastore: "DS-HX1-02"
portgroup: "vm-network-511"
cluster: "HXCluster01"
vmname: "nsxt-manager"
hostname: "nsxt-manager-10"
dns_server: "10.115.0.84"
dns_domain: "my.domain.se"
ntp_server: "10.115.0.84"
gateway: "10.117.7.1"
ip_address: "10.117.7.23"
netmask: "255.255.225.0"
admin_password: "******"
cli_password: "******"
path_to_ova: "/var/lib/awx/bin"
ova_file: "nsx-unified-appliance-2.2.0.0.0.8680778.ova"
vcenter: "venter.my.domain.se"
vcenter_user: "{{ lookup('env', 'VMWARE_USER') }}"
vcenter_passwd: "{{ lookup('env', 'VMWARE_PASSWORD') }}"
deployment_size: "small"
role: "nsx-manager"
#- debug: var=deploy_nsx_ova
Currently when deploying an Edge the module requires the vCenter object names to be added, not the nice names. Such as 'domain-c7' for the vSphere cluster. This means that you can't rely on a static answers file if re-using, as the object identifiers can change. Please add the capability for the module to convert nice name to the vCenter object reference.
Version/Branch: master
File: library/nsxt_transport_nodes.py
Description:
In example of using the module, resource_type of transport node ("TransportNode") and transport node description is valid options of this module, as also supported by NSX 2.4.0 API.
EXAMPLES = '''
- name: Create transport node
nsxt_transport_nodes:
hostname: "10.192.167.137"
username: "admin"
password: "Admin!23Admin"
validate_certs: False
resource_type: "TransportNode"
display_name: "NSX Configured TN"
description: "NSX configured Test Transport Node"
host_switch_spec:
....
However, in actually usage Ansible fails to pick up these options:
TASK [Create transport node] ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
failed: [localhost] (item=edge-1) => {"changed": false, "item": "edge-1", "msg": "Unsupported parameters for (nsxt_transport_nodes) module: description, resource_type
Supported parameters include: display_name, host_switch_spec, hostname, maintenance_mode, node_deployment_info, node_id, password, port, state, transport_zone_endpoints, username, validate_certs"}
to retry, use: --limit @/tmp/build/a861107e/nsxt-ansible/basic_resources.retry
In closer look this is probably due to these two options are not specified in the options doc (line 113 to line 393). There are fields of resource type and description for sub components such as host_switch_spec, but not transport node itself.
@r-raghu This should be a minimal fix and we would appreciate a quick fix since our nsx-t pipeline for 2.4.0 depends on this module.
Example:
nsxt_controllers.py should be nsxt_controller.py
Per ansible standards, all modules should have a 1 to 1 relationship, so playbooks can handle the multiple nodes or endpoints per module.
There is an open parenthesis in the code causing edge cluster creation to fail:
https://github.com/vmware/ansible-for-nsxt/blob/master/library/nsxt_edge_clusters.py#L103
transport_node['transport_node_id'] = get_id_from_display_name(module, manager_url, mgr_username, mgr_password,
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 138, in run
res = self._execute()
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 558, in _execute
result = self._handler.run(task_vars=variables)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/normal.py", line 46, in run
result = merge_hash(result, self._execute_module(task_vars=task_vars, wrap_async=wrap_async))
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 694, in _execute_module
(module_style, shebang, module_data, module_path) = self._configure_module(module_name=module_name, module_args=module_args, task_vars=task_vars)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 165, in _configure_module
environment=final_environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 910, in modify_module
environment=environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 702, in _find_module_utils
recursive_finder(module_name, b_module_data, py_module_names, py_module_cache, zf)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 467, in recursive_finder
tree = ast.parse(data)
File "/usr/lib/python2.7/ast.py", line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File "", line 105
return edge_cluster_params
^
SyntaxError: invalid syntax
Version: 2.4.0
File: /library/nsxt_deploy_ova.py
Issue:
Option 'deployment_size' is only appended to ovf_command if 'portgroup_ext' and 'portgroup_transport' are set (line 280). However those properties are unrelated and 'deployment_size' should be moved to ovf_base_options
Once controller is deployed if you re-run the playbook without adding node_id it will fail
WH need to apply different switch profiles on the Logical Switches from the following types:
SwitchSecuritySwitchingProfile
SpoofGuardSwitchingProfile
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
PortMirroringSwitchingProfile
QosSwitchingProfile
This will allow us to enable auto-configure transport node on ESX hosts for certain clusters identical to what's supported here: https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_cm_cluster.py
It's desirable to have a nsxt_cm_cluster which performs both auto-install NSX and auto-configure transport node.
We need a module that automatically installs the vibs on all nodes in a cluster and prepares a transport nodes. Similar to https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_cm_cluster.py
Yasen's https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_cm_cluster.py supports the ability to identify the cluster (a compute collection) by name. However nsxt_compute_collection_fabric_templates.py can only take ID which user does not know and cannot obtain from other Ansible modules. We need this capability, or have a module for looking up compute collection by name.
The file nsxt_logical_routers.py contains inconsistent indentations which caused router creation to fail: https://github.com/vmware/ansible-for-nsxt/blob/master/library/nsxt_logical_routers.py#L110
TASK [NSX-T T0 Logical Router] ******************************************************************************************************************
task path: /tmp/build/a861107e/nsxt-ansible/basic_resources.yml:69
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 138, in run
res = self._execute()
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 558, in _execute
result = self._handler.run(task_vars=variables)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/normal.py", line 46, in run
result = merge_hash(result, self._execute_module(task_vars=task_vars, wrap_async=wrap_async))
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 694, in _execute_module
(module_style, shebang, module_data, module_path) = self._configure_module(module_name=module_name, module_args=module_args, task_vars=task_vars)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 165, in _configure_module
environment=final_environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 910, in modify_module
environment=environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 702, in _find_module_utils
recursive_finder(module_name, b_module_data, py_module_names, py_module_cache, zf)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 467, in recursive_finder
tree = ast.parse(data)
File "/usr/lib/python2.7/ast.py", line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File "", line 107
return False
^
IndentationError: expected an indented block
fatal: [localhost]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
We need the functionality similar to https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_cm_cluster.py, which will allow NSX to be automatically installed on ESX hosts added to a cluster. This is per request: kais66/nsx-t-gen#2
Hello,
The module util filename (vmware) conflicts with the existing module util integrated with Ansible, also called vmware. For this to be a viable solution, the file name needs to change.
it appears that the most recent changes broke the pipeline https://github.com/vmware/nsx-t-datacenter-ci-pipelines. I'm now getting errors like these below in the pipeline.
The error appears to have been in '/tmp/build/6fab756d/nsxt-ansible/basic_topology.yml': line 143, column 7, but may be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Deploy controller
^ here
when nsxt_fabric_nodes performs idempotency check, it needs to check the current node status and wait till a terminal state is reached before returning.
The full traceback is:
File "/tmp/ansible_uLVO49/ansible_module_nsxt_transport_nodes.py", line 239, in main
url_username=mgr_username, url_password=mgr_password, validate_certs=validate_certs, ignore_errors=True)
File "/tmp/ansible_uLVO49/ansible_modlib.zip/ansible/module_utils/vmware.py", line 53, in request
raise Exception (data['error_code'], data)
failed: [localhost] (item=edge-1) => {
"changed": false,
"invocation": {
"module_args": {
"description": "Edge Transport Node for 192.168.110.37",
"display_name": "edge-transp-node-1",
"fabric_node_name": "nsx-t-edge-1.corp.local.io",
"host_switch_spec": {
"host_switches": [
{
"host_switch_name": "hostswitch-overlay",
"host_switch_profile_ids": [
{
"key": "UplinkHostSwitchProfile",
"value": "bdb9bf34-24ca-4319-bb26-1ddf7dab7b59"
}
],
"ip_assignment_spec": {
"ip_pool_id": "b36f3155-3682-49b4-bfef-23ee84a7b79b",
"resource_type": "StaticIpPoolSpec"
},
"pnics": [
{
"device_name": "fp-eth1",
"uplink_name": "uplink-1"
}
]
},
{
"host_switch_name": "hostswitch-vlan",
"host_switch_profile_ids": [
{
"key": "UplinkHostSwitchProfile",
"value": "bdb9bf34-24ca-4319-bb26-1ddf7dab7b59"
}
],
"pnics": [
{
"device_name": "fp-eth0",
"uplink_name": "uplink-1"
}
]
}
],
"resource_type": "StandardHostSwitchSpec"
},
"host_switches": null,
"hostname": "192.168.110.33",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"resource_type": "TransportNode",
"state": "present",
"transport_zone_endpoints": [
{
"transport_zone_id": "5f4b71f5-a30d-4859-a8ce-13122a11d05f"
},
{
"transport_zone_id": "24dc462a-44e9-4bcb-a3a0-b55809fdb1a9"
}
],
"username": "admin",
"validate_certs": false
}
},
"item": "edge-1",
"msg": "Failed to add transport node. Request body [{\"host_switch_spec\": {\"host_switches\": [{\"pnics\": [{\"uplink_name\": \"uplink-1\", \"device_name\": \"fp-eth1\"}], \"host_switch_name\": \"hostswitch-overlay\", \"ip_assignment_spec\": {\"ip_pool_id\": \"b36f3155-3682-49b4-bfef-23ee84a7b79b\", \"resource_type\": \"StaticIpPoolSpec\"}, \"host_switch_profile_ids\": [{\"key\": \"UplinkHostSwitchProfile\", \"value\": \"bdb9bf34-24ca-4319-bb26-1ddf7dab7b59\"}]}, {\"pnics\": [{\"uplink_name\": \"uplink-1\", \"device_name\": \"fp-eth0\"}], \"host_switch_name\": \"hostswitch-vlan\", \"host_switch_profile_ids\": [{\"key\": \"UplinkHostSwitchProfile\", \"value\": \"bdb9bf34-24ca-4319-bb26-1ddf7dab7b59\"}]}], \"resource_type\": \"StandardHostSwitchSpec\"}, \"display_name\": \"edge-transp-node-1\", \"description\": \"Edge Transport Node for 192.168.110.37\", \"transport_zone_endpoints\": [{\"transport_zone_id\": \"5f4b71f5-a30d-4859-a8ce-13122a11d05f\"}, {\"transport_zone_id\": \"24dc462a-44e9-4bcb-a3a0-b55809fdb1a9\"}], \"node_id\": \"5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96\", \"resource_type\": \"TransportNode\"}]. Error[(15000, {u'error_code': 15000, u'related_errors': [{u'error_code': 16026, u'error_message': u'[Fabric] Edge fabric node 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not ready yet, current deployment state is NODE_NOT_READY. Please try again later. To check if it is ready, please use fabric node status API.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}, {u'error_code': 16008, u'error_message': u'[Fabric] Edge 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not ready for Pnics are not prepared', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}, {u'error_code': 16007, u'error_message': u'[Fabric] Unable to create Transport Node as Edge node 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not initialized yet. Please try again later.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}, {u'error_code': 16026, u'error_message': u'[Fabric] Edge fabric node 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not ready yet, current deployment state is NODE_NOT_READY. Please try again later. To check if it is ready, please use fabric node status API.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}, {u'error_code': 16008, u'error_message': u'[Fabric] Edge 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not ready for Pnics are not prepared', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}, {u'error_code': 16007, u'error_message': u'[Fabric] Unable to create Transport Node as Edge node 5ab2dcf7-6e19-49b2-a9d4-f245cb36eb96 is not initialized yet. Please try again later.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'}], u'error_message': u'Found errors in the request. Please refer to the relatedErrors for details.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'FABRIC'})]."
}
cc @NiranEC77
Hi
I have a problem using ansible and need help.
I want to configure NSX to host node that was made by vcenter.
as I know, I can configure Host node in NSXT using test_transport_nodes.yml.
but I can not configure host node that have already made by vcenter using test_transport_nodes.yml.
please let me know how to configure NSX to host node made by vcenter.
We need T0 static route support similar to https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_static_route.py
I used the below to create Tier0 gateway, it worked before, but now failed with "msg": "missing required arguments: t0ls_bgp_local_as_num, t0ls_bgp_state"
Then I added the 2 arguments: t0ls_bgp_state: "present"
t0ls_bgp_local_as_num: 1211
it now failed with
"msg": "Failed to update NSXTTier0LocaleServiceBGP with id bgp.Request body [{'marked_for_delete': False, 'enabled': True, '_revision': 0, 'path': '/infra/tier-0s/test-t01/locale-services/policy-t0ls-test1/bgp', 'multipath_relax': True, 'parent_path': '/infra/tier-0s/test-t01', '_last_modified_time': 1564628981322, '_create_user': 'admin', '_create_time': 1564628981322, 'inter_sr_ibgp': True, 'id': 'bgp', 'graceful_restart_config': {'mode': 'HELPER_ONLY'}, 'ecmp': True, 'display_name': 'bgp', 'relative_path': 'bgp', '_system_owned': False, 'resource_type': 'BgpRoutingConfig', '_last_modified_user': 'admin', 'local_as_num': '1211', '_protection': 'NOT_PROTECTED'}]. Error[(503127, {'error_message': 'BGP graceful restart timers cannot be updated when BGP config is enabled.', 'module_name': 'Policy', 'httpStatus': 'BAD_REQUEST', 'error_code': 503127})].",
I want to know how I can create Tier0 without BGP support?
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NameError: global name 'id_exist_in_list_dict_obj' is not defined
fatal: [127.0.0.1]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File "/root/.ansible/tmp/ansible-tmp-1541435335.65-214207034103410/AnsiballZ_nsxt_compute_collection_transport_templates.py", line 113, in \n _ansiballz_main()\n File "/root/.ansible/tmp/ansible-tmp-1541435335.65-214207034103410/AnsiballZ_nsxt_compute_collection_transport_templates.py", line 105, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/root/.ansible/tmp/ansible-tmp-1541435335.65-214207034103410/AnsiballZ_nsxt_compute_collection_transport_templates.py", line 48, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File "/tmp/ansible_nsxt_compute_collection_transport_templates_payload_zpzeI2/main.py", line 252, in \n File "/tmp/ansible_nsxt_compute_collection_transport_templates_payload_zpzeI2/main.py", line 204, in main\n File "/tmp/ansible_nsxt_compute_collection_transport_templates_payload_zpzeI2/main.py", line 165, in check_for_update\nNameError: global name 'id_exist_in_list_dict_obj' is not defined\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
Commenting lines 164,165 seemed to work for me as a workaround
We need support for T0 HA VIP similar to https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_t0_ha_vip.py
Referring to Issue#4, we are still missing module to configure BPG on T0 routers, specifically following endpoints:
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp
PUT /api/v1/logical-routers/<logical-router-id>/routing/bgp
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists
POST /api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists
DELETE /api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
PUT /api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
PUT /api/v1/logical-routers/<logical-router-id>/routing/bgp/communty-lists/<community-list-id>
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors
POST /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors
DELETE /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>?action=show-sensitive-data
GET /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
POST /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
PUT /api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
TASK [Create logical port] ****************************************************************************************
task path: /tmp/build/a861107e/nsxt-ansible/test_logical_port.yml:5
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 138, in run
res = self._execute()
File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py", line 558, in _execute
result = self._handler.run(task_vars=variables)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/normal.py", line 46, in run
result = merge_hash(result, self._execute_module(task_vars=task_vars, wrap_async=wrap_async))
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 694, in _execute_module
(module_style, shebang, module_data, module_path) = self._configure_module(module_name=module_name, module_args=module_args, task_vars=task_vars)
File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/init.py", line 165, in _configure_module
environment=final_environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 910, in modify_module
environment=environment)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 702, in _find_module_utils
recursive_finder(module_name, b_module_data, py_module_names, py_module_cache, zf)
File "/usr/lib/python2.7/dist-packages/ansible/executor/module_common.py", line 467, in recursive_finder
tree = ast.parse(data)
File "/usr/lib/python2.7/ast.py", line 37, in parse
return compile(source, filename, mode, PyCF_ONLY_AST)
File "", line 147
state=dict(reauired=True, choices=['present', 'absent']))
^
IndentationError: unexpected indent
fatal: [localhost]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
to retry, use: --limit @/tmp/build/a861107e/nsxt-ansible/test_logical_port.retry
PLAY RECAP ********************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1
In the GUI of nsx-t 2.4, the NIOC and LLDP profiles are required when adding a n-vds to a transport node profile.
The ansible module only allow to pass host_switch_profile by name and the profile types NiocProfile/LldpHostSwitchProfile cannot be found by their name.
When rerunning the playbook following error from nsxt_transport_nodes is seen:
TASK [Create transport node] ***************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
failed: [localhost] (item=edge-1) => {"changed": false, "item": "edge-1", "msg": "Failed to add transport node. Request body [{"host_switch_spec": {"host_switches": [{"pnics": [{"uplink_name": "uplink-1", "device_name": "fp-eth1"}], "host_switch_name": "hostswitch-overlay", "ip_assignment_spec": {"ip_pool_id": "40ab7915-c9e5-49df-8e5d-b861c569c223", "resource_type": "StaticIpPoolSpec"}, "host_switch_profile_ids": [{"key": "UplinkHostSwitchProfile", "value": "313cb327-6e7a-47ae-bb67-fa5f247d069e"}]}, {"pnics": [{"uplink_name": "uplink-1", "device_name": "fp-eth0"}], "host_switch_name": "hostswitch-vlan", "host_switch_profile_ids": [{"key": "UplinkHostSwitchProfile", "value": "313cb327-6e7a-47ae-bb67-fa5f247d069e"}]}], "resource_type": "StandardHostSwitchSpec"}, "display_name": "edge-transp-node-1", "description": "Edge Transport Node for 10.40.0.24", "transport_zone_endpoints": [{"transport_zone_id": "15c1210a-ebe7-41b6-a75a-9c099f21cdd6"}, {"transport_zone_id": "85110539-3424-458e-8f7a-1b1cb8d507e9"}], "node_id": "2514b615-b2ac-49e9-a2f2-97fe71087cff", "resource_type": "TransportNode"}]. Error[(8219, {u'error_code': 8219, u'error_message': u'There already exists a TransportNode [TransportNode/2514b615-b2ac-49e9-a2f2-97fe71087cff] on the host [2514b615-b2ac-49e9-a2f2-97fe71087cff].', u'httpStatus': u'BAD_REQUEST', u'module_name': u'NsxSwitching service'})]."}
When using the nsxt_fabric_compute_managers module, the password is displayed in the verbose/log output.
fatal: [sg1-nsx002]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"credential": {
"credential_type": "UsernamePasswordLoginCredential",
"password": "VMwar3!!",
"thumbprint": "64:ad:d4:8a:7d:48:ac:8b:f9:ef:8e:51:94:c1:19:c9:36:17:67:ea:c2:80:c3:68:71:2c:91:9c:5e:52:cb:7f",
"username": "svc_nsx"
},
"display_name": "vCenter",
"hostname": "sg1-nsx002.sgroot.local",
"origin_type": "vCenter",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"server": "sg1-vsa002.sgroot.local",
"state": "present",
"username": "admin",
"validate_certs": false
}
},
"msg": "Error connecting to compute manager. Connection status : DOWN"
}
I used the below to create Tier1 gateway with tier1 locale service to associate the T1 with edge cluster.
It failed with the below msg:
fatal: [127.0.0.1]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File "/home/lxiaopei/.ansible/tmp/ansible-tmp-1564657986.86-73910252065859/AnsiballZ_nsxt_tier1.py", line 114, in \n _ansiballz_main()\n File "/home/lxiaopei/.ansible/tmp/ansible-tmp-1564657986.86-73910252065859/AnsiballZ_nsxt_tier1.py", line 106, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/home/lxiaopei/.ansible/tmp/ansible-tmp-1564657986.86-73910252065859/AnsiballZ_nsxt_tier1.py", line 49, in invoke_module\n imp.load_module('main', mod, module, MOD_DESC)\n File "/usr/lib/python3.5/imp.py", line 234, in load_module\n return load_source(name, filename, file)\n File "/usr/lib/python3.5/imp.py", line 170, in load_source\n module = _exec(spec, sys.modules[name])\n File "", line 626, in _exec\n File "", line 665, in exec_module\n File "", line 222, in _call_with_frames_removed\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/main.py", line 674, in \n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 111, in realize\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 710, in _achieve_state\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 197, in achieve_subresource_state\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 111, in realize\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 703, in _achieve_state\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/ansible_nsxt_tier1_payload.zip/ansible/module_utils/nsxt_base_resource.py", line 550, in _achieve_present_state\n File "/tmp/ansible_nsxt_tier1_payload_nt10i2ig/main.py", line 579, in update_resource_params\nAttributeError: 'NSXTTier1LocaleService' object has no attribute 'get_id_using_attr_name'\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
Since there is already an existing module util there, any references to this will ultimately break the repository.
def vmware_argument_spec() will conflict with existing function inside of vmware module util already integrated with Ansible.
nsxt_configure_cluster mispelling of "configure" intentional?
Also, is it possible to review and merge these changes to master from some of the branches, especially the ones like coe branch that make the answerfile not cause eyebleed to read.
'''
confugure_floating_ip(manager_url, mgr_username, mgr_password, validate_certs, headers, floating_ip, module)
else:
# No floating IP is used by the cluster
module.exit_json(changed=False, msg="The cluster does not use floating IP")
elif state == "absent":
confugure_floating_ip(manager_url, mgr_username, mgr_password, validate_certs, headers, floating_ip, module, remove_ip=True)
'''
According to the API guide all get requests will return in paginated form with the default page_size of 1000, which is also the maximum page size. This will break a number of modules for large/enterprise deployments with large configurations, especially ones relying on logical port information.
Ideally for get requests this would be abstracted away from the modules with a request_get method in vmware_nsxt.py which returns a concatenated list of all responses across all pages.
Example from /library/nsxt_controllers.py
vc_id: "67dbce0d-973e-4b7d-813d-7ae5a91754c2"
management_network_id: "network-44"
hostname: "controller-1"
compute_id: "domain-c49"
storage_id: "datastore-43"
These items need to be adjusted to use human-readable names, which means the module has to be adjusted to accomodate this. This has to be identical to the UI.
Hi,
I am trying to deploy the nsx-t with the help of this (ansible-for-nsxt). Unfortunately, I am facing the issue at the Deploying Compute Manager step. In that Code, they used "from ansible.module_utils.vmware import vmware_argument_spec, request". We checked that the right now, vmware.py file doesn't have the request function. Can Anyone of you please help me to resolve this issue....
I am attaching the error message here:
Thank you
WH need to be able to create different switch profiles from the following types:
SwitchSecuritySwitchingProfile
SpoofGuardSwitchingProfile
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
PortMirroringSwitchingProfile
QosSwitchingProfile
I have a playbook which creates a logical switch port and then uses if for either a T0 uplink or a T1 downlink. The problem is that the module is not idempotent, in that it aborts with an error on re-run because the logical port is associated with a logical router port. As there is no single workflow I can see to create the logical port from the Logical Router API, this will always fail on re-run. Ideally the module would handle the exception and allow the playbook to continue.
"msg": "Failed to update logical port with id c6824cb6-47ca-4993-a567-3670cd3da2f7. Request body [{\"display_name\": \"T0-Uplink\", \"_revision\": 3, \"logical_switch_id\": \"c5592e4c-9c4f-40c2-80d7-e0546d9ec894\", \"admin_state\": \"UP\", \"switching_profile_ids\": []}]. Error[(8409, {u'error_code': 8409, u'error_message': u'Managing the LogicalRouter attachment on LogicalPort c6824cb6-47ca-4993-a567-3670cd3da2f7 is not supported. Please use LogicalRouter APIs to do these operations.', u'httpStatus': u'BAD_REQUEST', u'module_name': u'NsxSwitching service'})]."
We need a modules that migrates VMKs to NSX-T Logical Switches. Similar to: https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_migrate_vmks.py
Request from WH for ability to create NSGroups.
Configuring HA VIP failed:
## Full traceback
File "/tmp/ansible_0U8DHJ/ansible_module_nsxt_logical_routers.py", line 180, in main
url_username=mgr_username, url_password=mgr_password, validate_certs=validate_certs, ignore_errors=True)
File "/tmp/ansible_0U8DHJ/ansible_modlib.zip/ansible/module_utils/vmware.py", line 53, in request
raise Exception (data['error_code'], data)
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"advanced_config": {
"ha_vip_configs": [
{
"enabled": true,
- 0
"ha_vip_subnets": [
{
"active_vip_addresses": [
"10.13.12.103"
],
"prefix_length": 27
}
],
"redundant_uplink_port_ids": [
"59facaf2-d4cc-400a-897b-d1ffd46a4cd6"
]
}
]
},
"description": "NSX-T T0 Logical Router",
"display_name": "DefaultT0Router",
"edge_cluster_name": "edge-cluster-1",
"failover_mode": null,
"high_availability_mode": "ACTIVE_STANDBY",
"hostname": "10.40.0.20",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"preferred_edge_cluster_member_index": null,
"resource_type": "LogicalRouter",
"router_type": "TIER0",
"state": "present",
"username": "admin",
"validate_certs": false
}
},
"msg": "Failed to update logical router with id 5d6263c6-bb8f-41aa-93d8-82343a3ce3e2. Request body [{\"display_name\": \"DefaultT0Router\", \"description\": \"NSX-T T0 Logical Router\", \"advanced_config\": {\"ha_vip_configs\": [{\"ha_vip_subnets\": [{\"prefix_length\": 27, \"active_vip_addresses\": [\"10.13.12.103\"]}], \"redundant_uplink_port_ids\": [\"59facaf2-d4cc-400a-897b-d1ffd46a4cd6\"], \"enabled\": true}]}, \"_revision\": 0, \"edge_cluster_id\": \"a56b9864-6c94-4e1d-a082-c3e001bd9780\", \"resource_type\": \"LogicalRouter\", \"router_type\": \"TIER0\", \"high_availability_mode\": \"ACTIVE_STANDBY\"}]. Error[(u'100', {u'module_name': u'common-services', u'error_message': u'General error has occurred.', u'error_code': u'100', u'details': u'1'})]."
}
to retry, use: --limit @/tmp/build/a861107e/nsxt-ansible/test.retry
PLAY RECAP *****************************************************************************************************************************************************
localhost : ok=6 changed=5 unreachable=0 failed=1
- name: NSX-T T0 Logical Router
nsxt_logical_routers:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
resource_type: LogicalRouter
description: "NSX-T T0 Logical Router"
display_name: "{{hostvars['localhost'].tier0_router_name}}"
edge_cluster_name: "{{ edge_cluster_name }}"
router_type: TIER0
high_availability_mode: ACTIVE_STANDBY
state: present
register: t0
- name: Create VLAN logical switch
nsxt_logical_switches:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
display_name: "{{vlan_logical_switch}}"
replication_mode: SOURCE
admin_state: UP
transport_zone_name: "{{vlan_transport_zone}}"
vlan: "{{vlan_logical_switch_vlan}}"
state: present
when: t0.changed == true
- name: Logical Switch Port for uplink1
nsxt_logical_ports:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
display_name: lsp_for_uplink_1
logical_switch_name: "{{vlan_logical_switch}}"
admin_state: UP
state: present
register: vlan_lsp
when: t0.changed == true
- name: Create logical router port
nsxt_logical_router_ports:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
display_name: t0_uplink_1
resource_type: LogicalRouterUpLinkPort
logical_router_id: "{{t0.id}}"
linked_logical_switch_port_id:
target_type: LogicalPort
target_id: "{{vlan_lsp.id}}"
subnets:
- ip_addresses:
- "{{hostvars['localhost'].tier0_uplink_port_ip}}"
prefix_length: "{{hostvars['localhost'].tier0_uplink_port_subnet}}"
edge_cluster_member_index:
- 0
state: present
register: t0_uplink_port
when: t0.changed == true
- name: Add static routes
nsxt_logical_router_static_routes:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
logical_router_id: "{{t0.id}}"
next_hops:
- administrative_distance: '1'
ip_address: "{{hostvars['localhost'].tier0_uplink_next_hop_ip}}"
network: 0.0.0.0/0
state: present
when: t0.changed == true
- name: Add a VIP
nsxt_logical_routers:
hostname: "{{hostvars['localhost'].nsx_manager_ip}}"
username: "{{hostvars['localhost'].nsx_manager_username}}"
password: "{{hostvars['localhost'].nsx_manager_password}}"
validate_certs: False
resource_type: LogicalRouter
description: "NSX-T T0 Logical Router"
display_name: "{{hostvars['localhost'].tier0_router_name}}"
edge_cluster_name: "{{ edge_cluster_name }}"
router_type: TIER0
high_availability_mode: ACTIVE_STANDBY
advanced_config:
ha_vip_configs:
- enabled: True
ha_vip_subnets:
- active_vip_addresses:
- 10.13.12.103
prefix_length: 27
redundant_uplink_port_ids:
- "{{t0_uplink_port.id}}"
state: present
when: t0.changed == true
There is a customer demand for configuring BGP on T0 router. We also need to be able to configure AS-PATH prepend, weight, community, and prefix lists.
nsxt_logical_switches_facts.py contains the wrong api url: logical-ports instead of: logical-switches
Hi,
For community adoption, if connections to vSphere are required, the module_utils for vmware need to be utilized. Otherwise, the community will not accept this as a viable solution.
We need support for T0 HA VIP similar to https://github.com/yasensim/nsxt-ansible/blob/master/library/nsxt_t0_ha_vip.py.
Previously an identical issue was opened. In the comment it was suggested that "Use existing Logical Router module to set the ha_vip_configs". However, unfortunately the suggested solution does now work. This is because when setting ha_vip_configs, the uplink port IDs are required. Specifically, consider these two situations:
I used test_transport_nodes.yml to update NSX Configuration of host node.
It worked for indepedent host node but not for host node made by vcenter.
is there any yml file to update nsx configuration of host node made by vcenter ??
In addition, I know I can update NSX configuration per cluster made by vcenter using test_transport_node_collections.yml. but I just want to make NSX configuraion per host not cluster.
The order of the imports in the file library/nsxt_ip_blocks_facts.py make it impossible to use:
Traceback (most recent call last):
File "AnsiballZ_nsxt_ip_blocks_facts.py", line 261, in <module>
_ansiballz_main()
File "AnsiballZ_nsxt_ip_blocks_facts.py", line 251, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "AnsiballZ_nsxt_ip_blocks_facts.py", line 119, in invoke_module
imp.load_module('__main__', mod, module, MOD_DESC)
File "/usr/lib64/python3.6/imp.py", line 235, in load_module
return load_source(name, filename, file)
File "/usr/lib64/python3.6/imp.py", line 170, in load_source
module = _exec(spec, sys.modules[name])
File "<frozen importlib._bootstrap>", line 618, in _exec
File "<frozen importlib._bootstrap_external>", line 674, in exec_module
File "<frozen importlib._bootstrap_external>", line 781, in get_code
File "<frozen importlib._bootstrap_external>", line 741, in source_to_code
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/tmp/ansible_nsxt_ip_blocks_facts_payload_hyxyw_s_/__main__.py", line 21
from __future__ import absolute_import, division, print_function
^
SyntaxError: from __future__ imports must occur at the beginning of the file
line 21 should be placed before line 13.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.