dncm_policy does not delete policies based on Policy ID

[jgomezve]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Ansible Version and collection version

• ansible [core 2.12.3]

DCNM version

• 12.1.2e

Affected module(s)

• dcnm_policy

Ansible Playbook

---
- name: Create a Policies in the Nexus Dashboard Fabric Controller
  hosts: ndfc
  gather_facts: no
  tasks:

  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "SIMPL-BROWNFIELD"
      state: deleted          # only choose form [merged, deleted, query]
      config:
        - name: POLICY-261210  # name is mandatory
          switch:
            - ip: 1.2.3.4

Debug Output

PLAY [Create a Policies in the Nexus Dashboard Fabric Controller] ******************************************************************************

TASK [Delete policies using policy-id] *****************************************************************************************************
ok: [NDFC-FRA]

PLAY RECAP *********************************************************************************************************************************
NDFC-FRA   

Expected Behavior

Policy is deleted

Actual Behavior

Policy is not deleted

Steps to Reproduce

Execute the playbook. The example is taken from the collection documentation

[mmudigon]

@jgomezve,

Thanks for raising the issue. Can you please give me the complete playbook that you used to create and delete the policy? We will check this and get back to you. If possible please collect ans share the output after executing the command with "-vvvvv" options.

[dsx1123]

@mmudigon above playbook is enough to recreate this issue, here is the playbook:

---
- name: Delete a Policy in the Nexus Dashboard Fabric Controller
  hosts: ndfc2
  gather_facts: no
  tasks:
  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "fabric_n9kv"
      state: deleted
      config:
        - name: "POLICY-592740"
          switch:
            - ip: 192.168.123.13

and vvvv output:
https://gist.github.com/dsx1123/f527ef06f743a478cef9e8953472bfe1

[mmudigon]

The format of the playbook is not correct. The "switch" element is a separate item under "config" and should not be under policies. The correct format is as below:

---
- name: Delete a Policy in the Nexus Dashboard Fabric Controller
  hosts: ndfc2
  gather_facts: no
  tasks:
  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "fabric_n9kv"
      state: deleted
      config:
        - name: "POLICY-592740"
        - switch:
            - ip: 192.168.123.13

Please try this and let me know

[mmudigon]

Hi Shangxin, The format of the playbook is not as expected. The ”switch” block must be a separate one under config since it is common to all policies. The correct format is as below:

…

--- - name: Delete a Policy in the Nexus Dashboard Fabric Controller hosts: ndfc2 gather_facts: no tasks: - name: Delete policies using policy-id cisco.dcnm.dcnm_policy: fabric: "fabric_n9kv" state: deleted # only choose form [merged, deleted, query] config: - name: "POLICY-592740" - switch: - ip: 192.168.123.13 Have responded to the issue in GIT with the same suggestion. Thanks Regards Mallik From: Shangxin Du ***@***.***> Date: Tuesday, 28 February 2023 at 00:14 To: CiscoDevNet/ansible-dcnm ***@***.***> Cc: MALLIK MUDIGONDA (mmudigon) ***@***.***>, Mention ***@***.***> Subject: Re: [CiscoDevNet/ansible-dcnm] `dncm_policy` does not delete policies based on Policy ID (Issue #201) @mmudigon<https://github.com/mmudigon> above playbook is enough to recreate this issue, here is the playbook:

--- - name: Delete a Policy in the Nexus Dashboard Fabric Controller hosts: ndfc2 gather_facts: no tasks: - name: Delete policies using policy-id cisco.dcnm.dcnm_policy: fabric: "fabric_n9kv" state: deleted # only choose form [merged, deleted, query] config: - name: "POLICY-592740" switch: - ip: 192.168.123.13 and vvvv output: https://gist.github.com/dsx1123/f527ef06f743a478cef9e8953472bfe1 — Reply to this email directly, view it on GitHub<#201 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AO62E6ICS47QTONRJRJEAP3WZTYWZANCNFSM6AAAAAAVHKDQTM>. You are receiving this because you were mentioned.Message ID: ***@***.***>

[jgomezve]

@mmudigon Thanks for you input.

I have tried the playbook below and it does not work. The playbook hangs forever

---
- name: Create a Policies in the Nexus Dashboard Fabric Controller
  hosts: ndfc
  gather_facts: no
  tasks:

  - name: Delete policies using policy-id
    cisco.dcnm.dcnm_policy:
      fabric: "SIMPL-BROWNFIELD"
      state: deleted          # only choose form [merged, deleted, query]
      config:
        - name: POLICY-262440  # name is mandatory
        - switch: 
          - ip: 1.2.3.4

Why is the key switch another item inside the list config? In my personal opinion this is misleading for users. The way I see it, the list config is the list of policies to be deleted, each of them with its attributes (name, ip)

Moreover, Why is the switch ip required to delete a policy based on policyId ? According to the REST API Documentation, A policy can be deleted based solely on the Policy ID because a policy maps to a single switch

[mmudigon]

Hi Jorge Gomez, I tried the same and it works for me. May be we should sync up and see what’s happening in your setup. Ping me when you are in office. I work in India (IST time zone) and we should have some overlapping times. Regarding the “switch” being under “config”, it was placed there so that we can create multiple policies for the same switch. Also we can have policies under “switch” and these policies will be applicable for that switch alone. Regarding “switch” in delete operation, delete was originally intended to be used with template names because policy IDs are dynamically allocated. We thought it would be tough for the users to know policy IDs to delete policies. So we added the “switch” to specifically delete policies from the intended switch. But your point is valid. We will consider this and update the code to take policy ID alone to delete a policy in future versions. Thanks a lot for your inputs Thanks Regards Mallik From: Jorge Gomez Velasquez ***@***.***> Date: Wednesday, 1 March 2023 at 04:51 To: CiscoDevNet/ansible-dcnm ***@***.***> Cc: MALLIK MUDIGONDA (mmudigon) ***@***.***>, Mention ***@***.***> Subject: Re: [CiscoDevNet/ansible-dcnm] `dncm_policy` does not delete policies based on Policy ID (Issue #201) @mmudigon<https://github.com/mmudigon> Thanks for you input. I have tried the playbook below and it does not work. The playbook hangs forever

…

--- - name: Create a Policies in the Nexus Dashboard Fabric Controller hosts: ndfc gather_facts: no tasks: - name: Delete policies using policy-id cisco.dcnm.dcnm_policy: fabric: "SIMPL-BROWNFIELD" state: deleted # only choose form [merged, deleted, query] config: - name: POLICY-262440 # name is mandatory - switch: - ip: 10.122.18.118 Why is the key switch another item inside the list config? In my personal opinion this is misleading for users. The way I see it the list config, is the list of policies to be deleted, each of them with its attributes (name, ip) Moreover, Why is the switch ip required to delete a policy based on policyId ? According to the REST API Documentation, A policy can be deleted based solely on the Policy ID because a policy maps to a single switch — Reply to this email directly, view it on GitHub<#201 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AO62E6ONXLQOMBACPRYSSPLWZ2CANANCNFSM6AAAAAAVHKDQTM>. You are receiving this because you were mentioned.Message ID: ***@***.***>