How to use after parameter of ios_config module in ansible?
The after parameter specifies which commands to execute after the commands in the lines (or commands) list.
Commands that are specified in the after parameter:
- executed only if changes need to be made.
- however, they will be executed regardless of whether they are in the configuration or not.
The after option is very useful in situations where you need to execute a command that is not stored in the configuration.
For example, the no shutdown command is not stored in the router configuration, and if you add it to the lines list, the changes will be made every time the playbook is executed. If you write the no shutdown command in the after list, it will be applied only if changes need to be made (according to the lines list).
An example of using the after parameter in playbook ios_config_after.yml:
$ ansible-playbook ios_config_after.yml -v---
- name: Run cfg commands on router
hosts: 192.168.0.22
tasks:
- name: Config interface
ios_config:
parents:
- interface Ethernet0/3
lines:
- ip address 192.168.2.4 255.255.255.0
after:
- no shutdown
and file group_vars/all.yml with connection variables:
ansible_connection: network_cli
ansible_network_os: ios
ansible_user: cisco
ansible_password: cisco
ansible_become: yes
ansible_become_method: enable
ansible_become_pass: cisco1Result:
The second launch of the PlayBook (no changes, so the No Shutdown command is not executed):
$ ansible-playbook ios_config_after.yml -v
Let’s look at another example of using after. With after, you can save the device configuration (playbook ios_config_after_save.yml):
---
- name: Run cfg commands on routers
hosts: cisco-routers
tasks:
- name: Config line vty
ios_config:
parents:
- line vty 0 4
lines:
- login local
- transport input ssh telnet
after:
- exit
- exit
- write
The result of the playbook execution (changes only on the router 192.168.0.22):
$ ansible-playbook ios_config_after_save.yml -v
How to use before parameter of ios_config module in ansible?
The before parameter specifies what to do before the commands in the lines list.
The before parameter is useful in situations where some action needs to be performed before executing the commands in the lines list.
At the same time, like after, the before parameter does not affect which commands are compared with the configuration. That is, only the commands in the lines list are still compared.
Playbook ios_config_before.yml:
---
- name: Run cfg commands on router
hosts: 192.168.0.22
tasks:
- name: Config ACL
ios_config:
before:
- no ip access-list extended IN_to_OUT
parents:
- ip access-list extended IN_to_OUT
lines:
- permit tcp 192.168.0.0 0.0.0.255 any eq www
- permit tcp 192.168.0.0 0.0.0.255 any eq 22
- permit icmp any any
In the playbook ios_config_before.yml, the IN_to_OUT ACL is first removed with the before parameter and then re-created.
Thus, the ACL always contains only those lines that are specified in the lines list.
Run playbook with changes:
$ ansible-playbook ios_config_before.yml -v
Running the playbook without changes (the command in the before list is not executed):
$ ansible-playbook ios_config_before.yml -v