ansible cisco 使用单个剧本行修改多个对象组
ansible cisco modifying multiple object-groups with single playbook lines
我有以下剧本来修改 ASA 对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
这适用于单个组。
关于如何修改具有相同连接的多个组有什么建议吗?如果我在 parents: ['object-group network BAD_IPs'] 示例之后添加另一个对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
parents: ['object-group network Good_IPs']
这失败了
违规行似乎是:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
^ here
对我应该使用的语法有什么建议吗?
提前致谢!
你只是有一个基本的 YAML 语法错误。具有列表值的 YAML 字典键如下所示:
key: [item1, item2, item3]
或者像这样:
key:
- item1
- item2
- item3
你有一些奇怪的两者结合:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
我不知道你到底想要什么结构,但你那里的结构是无效的。
我有以下剧本来修改 ASA 对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
这适用于单个组。
关于如何修改具有相同连接的多个组有什么建议吗?如果我在 parents: ['object-group network BAD_IPs'] 示例之后添加另一个对象组:
---
- hosts: us_asa
connection: local
gather_facts: false
tasks:
- name: change config
asa_config:
auth_pass: "{{ ansible_ssh_password }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_password }}"
authorize: yes
timeout: 45
lines:
- network-object host 1.2.3.4
- network-object host 2.3.2.3
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
parents: ['object-group network Good_IPs']
这失败了 违规行似乎是:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
^ here
对我应该使用的语法有什么建议吗?
提前致谢!
你只是有一个基本的 YAML 语法错误。具有列表值的 YAML 字典键如下所示:
key: [item1, item2, item3]
或者像这样:
key:
- item1
- item2
- item3
你有一些奇怪的两者结合:
parents: ['object-group network BAD_IPs']
- network-object host 4.4.4.4
我不知道你到底想要什么结构,但你那里的结构是无效的。