paloaltonetworks.panos.panos_active_in_ha module – Checks if node is an active node in HA pair.

Note

This module is part of the paloaltonetworks.panos collection (version 2.21.3).

To install it, use: ansible-galaxy collection install paloaltonetworks.panos. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: paloaltonetworks.panos.panos_active_in_ha.

New in paloaltonetworks.panos 2.18.0

Synopsis 

A wrapper around the PAN-OS Upgrade Assurance package.
A simple boolean check, verifies if a node is an active (true) or passive (false) node in an HA pair.
If node does not belong to an HA pair or the pair is no configured correctly the module will fail.

Requirements 

The below requirements are needed on the host that executes this module.

pan-python can be obtained from PyPI https://pypi.python.org/pypi/pan-python
pandevice can be obtained from PyPI https://pypi.python.org/pypi/pandevice
panos-upgrade-assurance can be obtained from PyPI https://pypi.org/project/panos-upgrade-assurance

Parameters 

Parameter	Comments
api_key string	Deprecated Use provider to specify PAN-OS connectivity instead. The API key to use instead of generating it using username / password.
force_fail boolean	When set to true will make the module fail also when node is passive. This option is useful when we want to skip using ansible.builtin.assert. Choices: :ansible-option-choices-entry-default:`false` ← (default) :ansible-option-choices-entry:`true`
ignore_non_functional boolean	Use with caution, when set to `True` will ignore if device state is `non-functional` on one of the nodes. Helpful when verifying a state of a partially upgraded HA pair with vmseries plugin version mismatch. Choices: :ansible-option-choices-entry-default:`false` ← (default) :ansible-option-choices-entry:`true`
ip_address string	Deprecated Use provider to specify PAN-OS connectivity instead. The IP address or hostname of the PAN-OS device being configured.
password string	Deprecated Use provider to specify PAN-OS connectivity instead. The password to use for authentication. This is ignored if api_key is specified.
port integer	Deprecated Use provider to specify PAN-OS connectivity instead. The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
provider dictionary added in paloaltonetworks.panos 1.0.0	A dict object containing connection details.
api_key string	The API key to use instead of generating it using username / password.
ip_address string	The IP address or hostname of the PAN-OS device being configured.
password string	The password to use for authentication. This is ignored if api_key is specified.
port integer	The port number to connect to the PAN-OS device on. Default: :ansible-option-default:`443`
serial_number string	The serial number of a firewall to use for targeted commands. If ip_address is not a Panorama PAN-OS device, then this param is ignored.
username string	The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
skip_config_sync boolean	When set to true will skip configuration synchronization state between nodes before trying to retrieve node’s current state in an HA pair. Can be useful when working with partially upgraded nodes. Use with caution. Choices: :ansible-option-choices-entry-default:`false` ← (default) :ansible-option-choices-entry:`true`
username string	Deprecated Use provider to specify PAN-OS connectivity instead. The username to use for authentication. This is ignored if api_key is specified. Default: :ansible-option-default:`"admin"`
vsys string	The vsys this object belongs to. Default: :ansible-option-default:`"vsys1"`

Notes 

Note

Panorama is not supported.
Check mode is not supported.
PAN-OS connectivity should be specified using provider or the classic PAN-OS connectivity params (ip_address, username, password, api_key, and port). If both are present, then the classic params are ignored.

Examples 

- name: Check if a node is active in HA pair
  panos_active_in_ha:
    provider: '{{ provider }}'
  register: active_ha
- name: Run tasks dedicated to active node
  ansible.builtin.include_tasks: active_dedicated.yml
  when: active_ha.response.active

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
response dictionary	Information on test results. This dict is available also when module is failed. Returned: always Sample: :ansible-rv-sample-value:`{"active": true, "reason": "[SUCCESS]"}`
active boolean	Information if the device is active or not. Returned: always
reason string	Meaningful if the device is not active. Returned: always

Authors

Łukasz Pawlęga (@fosix)

Collection links

Issue Tracker Homepage Repository (Sources)

paloaltonetworks.panos.panos_active_in_ha module – Checks if node is an active node in HA pair.

Synopsis

Requirements

Parameters

Notes

Examples

Return Values