Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1231
Views
5
Helpful
4
Replies

Ansible --diff flag

iaslanidis
Level 1
Level 1

‎01-20-2022 04:46 AM

Has anyone used Ansible's flag --diff with any ACI module? I have not observed any difference in the printouts when either using or not using the specific flag.

 

thanks a lot

Labels:
0 Helpful
4 Replies 4

Francesco Molino
VIP Alumni
VIP Alumni

‎01-20-2022 07:39 PM

Hi

 

Yes and it works.

 

Running a playbook to create a tenant not existing yet on ACI:

TASK [Create ACI Tenant] *****************************************************************************************************************************************************************************************
changed: [APIC1] => {"changed": true, "current": [{"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "descr": "", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT", "nameAlias": "", "ownerKey": "", "ownerTag": "", "userdom": ":all:common:"}}}], "mo": {"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT"}}}}

 

Run same command after the tenant exists:

TASK [Create ACI Tenant] *****************************************************************************************************************************************************************************************
ok: [APIC1] => {"changed": false, "current": [{"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "descr": "", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT", "nameAlias": "", "ownerKey": "", "ownerTag": "", "userdom": ":all:common:"}}}], "mo": {"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT"}}}}

 

command ran: 

ansible-playbook -i hosts tmp2.yml --diff -v

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

iaslanidis
Level 1
Level 1
In response to Francesco Molino

‎01-21-2022 01:16 AM

Hi Francesco,

 

thanks a lot for your reply. I think that what you mention is "Idempotence", which is not implemented in ansible by definition, but from the modules themselves. So the configuration is not reapplied in case it already exists however this is true with or without the --diff flag.

 

The --diff flag, at least to my understanding from documentation, would only highlight the additions/deletions on the configuration. I believe that the output you have shared is produced by the -v flag.

 

thanks

iordanis

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to iaslanidis

‎01-25-2022 08:46 AM

The diff won't give you the specific parameter value that will be changed.

However, if you do a check diff you can see what was before and what is being applied.

 

Example:

 

image.png

 

I have a tenant TEST_TENANT with description TEST_TENANT. I changed the description to TEST_TENANT_2 in my playbook and run the command ansible-playbook -i hosts tmp2.yml --check --diff -v

 

The output is: You can see the current and what will be pushed.

TASK [Create ACI Tenant] **********************************************************************************************************************************************************************************************************
changed: [APIC1] => {"changed": true, "current": [{"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "descr": "TEST_TENANT", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT", "nameAlias": "", "ownerKey": "", "ownerTag": "", "userdom": ":all:common:"}}}], "mo": {"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "descr": "TEST_TENANT_2", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT"}}}}

PLAY RECAP ************************************************************************************************************************************************************************************************************************
APIC1                      : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

If I run the same command but I remove the tenant TEST_TENANT, my output shows my current value empty.

TASK [Create ACI Tenant] **********************************************************************************************************************************************************************************************************
changed: [APIC1] => {"changed": true, "current": [], "mo": {"fvTenant": {"attributes": {"annotation": "orchestrator:ansible", "descr": "TEST_TENANT_2", "dn": "uni/tn-TEST_TENANT", "name": "TEST_TENANT"}}}}

It is related to idempotence but You can get the info about what could you playbook change.

 

You won't get get the exact field value change like you got when playing with other librairies.

 

 

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

iaslanidis
Level 1
Level 1
In response to Francesco Molino

‎02-08-2022 02:09 AM

Thanks a lot Francesco for your reply and apologies for my late reply.

What I am trying to state here is that in essence the --diff flag has no meaning for the ACI libraries. I repeated your example and I still believe that the different output has to do with -v as below

without -v

(Venv) xxx@xxx-lap:/mnt/c/Users/xxx/PycharmProjects/AnsibleACI$ ansible-playbook ./output/playbook.yml -i inventory --check --diff

PLAY [ENSURE APPLICATION CONFIGURATION EXISTS] **********************************************************************************************************************************************************************************************

TASK [TASK 1 - ENSURE APPLICATIONS TENANT EXISTS] *******************************************************************************************************************************************************************************************
changed: [x.x.x.x]

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
x.x.x.x : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

with -v

(Venv) xxx@xxx-lap:/mnt/c/Users/xxx/PycharmProjects/AnsibleACI$ ansible-playbook ./output/playbook.yml -i inventory --check --diff -v
Using /etc/ansible/ansible.cfg as config file

PLAY [ENSURE APPLICATION CONFIGURATION EXISTS] **********************************************************************************************************************************************************************************************

TASK [TASK 1 - ENSURE APPLICATIONS TENANT EXISTS] *******************************************************************************************************************************************************************************************
changed: [x.x.x.x] => {"changed": true, "current": [{"fvTenant": {"attributes": {"annotation": "", "descr": "TEST_TN", "dn": "uni/tn-Ansible_TEST_TN", "name": "Ansible_TEST_TN", "nameAlias": "", "ownerKey": "", "ownerTag": ""}}}], "mo": {"fvTenant": {"attributes": {"descr": "TEST_TN2", "dn": "uni/tn-Ansible_TEST_TN", "name": "Ansible_TEST_TN"}}}}

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
x.x.x.x : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

without --diff

(Venv) xxx@xxx-lap:/mnt/c/Users/xxx/PycharmProjects/AnsibleACI$ ansible-playbook ./output/playbook.yml -i inventory --check -v
Using /etc/ansible/ansible.cfg as config file

PLAY [ENSURE APPLICATION CONFIGURATION EXISTS] **********************************************************************************************************************************************************************************************

TASK [TASK 1 - ENSURE APPLICATIONS TENANT EXISTS] *******************************************************************************************************************************************************************************************
changed: [x.x.x.x] => {"changed": true, "current": [{"fvTenant": {"attributes": {"annotation": "", "descr": "TEST_TN", "dn": "uni/tn-Ansible_TEST_TN", "name": "Ansible_TEST_TN", "nameAlias": "", "ownerKey": "", "ownerTag": ""}}}], "mo": {"fvTenant": {"attributes": {"descr": "TEST_TN2", "dn": "uni/tn-Ansible_TEST_TN", "name": "Ansible_TEST_TN"}}}}

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
x.x.x.x : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

as you can see the last two outputs are exactly the same, even though --diff is missing in the last one.

This test makes me think that the --diff parameter in not at all implemented on the ACI libraries.

Thanks

iordanis

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License