Ansible and set commands

Reply
Highlighted
L1 Bithead

Ansible and set commands

new to ansible - that being said I wanted to ask has anyone used example playbooks in ansible-galaxy to do config changes to 20 or 100 + plus devices?  In the past, I have used a custom python script that works well it allows me to manually add the command and the device list and let it run but it's not as pretty as using ansible.

 

I'm looking at using the fw_op_loop.yml or just fw_op.yml to apply commands set deviceconfig setting ssl-decrypt url-proxy yes & 

set system setting ctd hold-client-request yes, not sure if I am looking the correct playbook for this task requires a different playbook and if the pre-made panos modules in ansible support what I want to do.

.


Accepted Solutions
L1 Bithead

could something like this work?

 

- name: Demonstrate how to use OP module to execute various op commands on PANW device
hosts: my-firewall
connection: local
gather_facts: False

roles:
- role: PaloAltoNetworks.paloaltonetworks

tasks:
- include_vars: 'firewall-secrets.yml.bak'
no_log: 'yes'

- name: Enable http proxy.
panos_type_cmd:
provider: '{{provider}}'
xpath: |
/config/devices/entry[@name='localhost.localdomain']
/deviceconfig/setting/ssl-decrypt
element: |
<url-proxy>yes</url-proxy>
</entry>

View solution in original post


All Replies
L1 Bithead

could something like this work?

 

- name: Demonstrate how to use OP module to execute various op commands on PANW device
hosts: my-firewall
connection: local
gather_facts: False

roles:
- role: PaloAltoNetworks.paloaltonetworks

tasks:
- include_vars: 'firewall-secrets.yml.bak'
no_log: 'yes'

- name: Enable http proxy.
panos_type_cmd:
provider: '{{provider}}'
xpath: |
/config/devices/entry[@name='localhost.localdomain']
/deviceconfig/setting/ssl-decrypt
element: |
<url-proxy>yes</url-proxy>
</entry>

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!