Interesting. I don't have any cisco.ios machines, but it looks like
"state: rendered" works totally on the controller anyway, so maybe I can
get away with something here.
I took what you posted and wedged it into a playbook, shown below. My
invocation is
$ ansible-playbook -vv ciscoios.yml -i dewdrop,
where "dewdrop" is my local raspberry pi — which shouldn't matter since
we're working totally on the controller.
Here's the playbook "ciscoios.yml". The var "acls" value is
copy-n-pasted from your first post.
---
- name: Ciscoios test
hosts: dewdrop # <-- One of my local boxes.
vars:
ansible_connection: ansible.netcommon.network_cli
ansible_network_os: cisco.ios.ios
acls:
- afi: ipv4
acls:
- name: ACL-EXAMPLE
acl_type: standard
aces:
- sequence: 10
remarks:
- "First Remark before Sequence 10"
grant: permit
source:
address: 10.26.44.80
- sequence: 20
grant: permit
source:
address: 10.26.55.90
- sequence: 30
remarks:
- "Second Remark before Sequence 30"
grant: permit
source:
address: 10.30.44.12
- sequence: 40
grant: permit
source:
address: 10.30.55.13
gather_facts: false
tasks:
- name: Render The specified config
cisco.ios.ios_acls:
state: rendered
config: "{{ acls }}"
And finally, here's my complete output (because why make people guess
what I left out?) from "ansible-playbook -vv ciscoios.yml -i dewdrop,":
ansible-playbook [core 2.16.5]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/utoddl/.ansible/plugins/modules',
'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.12/site-packages/ansible
ansible collection location =
/home/utoddl/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.12.2 (main, Feb 21 2024, 00:00:00) [GCC 13.2.1 20231205
(Red Hat 13.2.1-6)] (/usr/bin/python3)
jinja version = 3.1.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
redirecting (type: action) cisco.ios.ios_acls to cisco.ios.ios
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: ciscoios.yml *********************************************************
1 plays in ciscoios.yml
PLAY [Ciscoios test] ***********************************************************
redirecting (type: action) cisco.ios.ios_acls to cisco.ios.ios
TASK [Render The specified config] *********************************************
task path: /home/utoddl/ansible/ciscoios.yml:35
redirecting (type: action) cisco.ios.ios_acls to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_acls to cisco.ios.ios
[WARNING]: ansible-pylibssh not installed, falling back to paramiko
redirecting (type: action) cisco.ios.ios_acls to cisco.ios.ios
ok: [dewdrop] => changed=false
rendered:
- ip access-list standard ACL-EXAMPLE
- remark First Remark before Sequence 10
- 10 permit 10.26.44.80
- 20 permit 10.26.55.90
- remark Second Remark before Sequence 30
- 30 permit 10.30.44.12
- 40 permit 10.30.55.13
PLAY RECAP *********************************************************************
dewdrop : ok=1 changed=0 unreachable=0 failed=0
skipped=0 rescued=0 ignored=0
As you can see, it produced the output you expected in the right order.
I can only conclude that the version of the cisco.ios collection you are
using is (a) different from mine and (b) somewhat broken, at least in
this one case. My version seems to be (from
/usr/lib/python3.12/site-packages/ansible_collections/cisco/ios/MANIFEST.json):
"collection_info": {
"namespace": "cisco",
"name": "ios",
"version": "5.3.0",
Hope this helps. Good luck.
—
Todd
On 4/5/24 3:36 AM, L. Jankok wrote:
When using the cisco.ios.ios_acls module I get the remarks at the end
of the standard access-list instead of between the ACL entries.
When I render the following:
acls:
- afi: ipv4
acls:
- name: ACL-EXAMPLE
acl_type: standard
aces:
- sequence: 10
remarks:
- "First Remark before Sequence 10"
grant: permit
source:
address: 10.26.44.80
- sequence: 20
grant: permit
source:
address: 10.26.55.90
- sequence: 30
remarks:
- "Second Remark before Sequence 30"
grant: permit
source:
address: 10.30.44.12
- sequence: 40
grant: permit
source:
address: 10.30.55.13
I get:
TASK [acl-demo : Render the provided configuration]
***********************************************/usr/lib/python3.12/site-packages/ansible_collections/cisco/ios/MANIFEST.json*******************************************************************************************************************************
ok: [dummy] => {
"changed": false,
"rendered": [
"ip access-list standard ACL-EXAMPLE",
"10 permit 10.26.44.80",
"20 permit 10.26.55.90",
"30 permit 10.30.44.12",
"40 permit 10.30.55.13",
"remark First Remark before Sequence 10",
"remark Second Remark before Sequence 30"
]
}
I expect the first remark to be before sequence 10 and the second
remark to be before sequence 30.
How can I fix this?
--
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADFeZ2ucb3yWy6GAv3iqjiyJ_vb-E_UXsygQKUjnR_KC57BGdQ%40mail.gmail.com
<https://groups.google.com/d/msgid/ansible-project/CADFeZ2ucb3yWy6GAv3iqjiyJ_vb-E_UXsygQKUjnR_KC57BGdQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/49fd93de-9ae5-4d2d-86d9-2fcf305efee0%40gmail.com.
