Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

push to prisma using panos_commit_push #590

Open
HarshaLakkoju opened this issue Nov 5, 2024 · 1 comment
Open

push to prisma using panos_commit_push #590

HarshaLakkoju opened this issue Nov 5, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@HarshaLakkoju
Copy link

Describe the bug

I'm trying to onborad remote network to prisma using panos_commit_push by pushing to Remote_Network_Device_Group but getting error "panos.errors.PanDeviceXapiError: commit-all -> shared-policy -> admin unexpected here\n commit-all -> shared-policy is unexpected \n commit-all is unexpected"

Expected behavior

The Panorama committed config should be pushed to Remote_Network_Device_Group

Current behavior

I'm trying to onborad remote network to prisma using panos_commit_push ansible module by pushing to Remote_Network_Device_Group but I am getting error:
"Traceback (most recent call last):\n File "/usr/local/lib/python3.9/site-packages/panos/base.py", line 3878, in method\n super_method(self, *args, **kwargs)\n File "/usr/local/lib/python3.9/site-packages/pan/xapi.py", line 902, in commit\n raise PanXapiError(self.status_detail)\npan.xapi.PanXapiError: commit-all -> shared-policy -> admin unexpected here\n commit-all -> shared-policy is unexpected \n commit-all is unexpected \n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File "/runner/.ansible/tmp/ansible-tmp-1729268402.2885242-101-245495620368486/AnsiballZ_panos_commit_push.py", line 107, in \n _ansiballz_main()\n File "/runner/.ansible/tmp/ansible-tmp-1729268402.2885242-101-245495620368486/AnsiballZ_panos_commit_push.py", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/runner/.ansible/tmp/ansible-tmp-1729268402.2885242-101-245495620368486/AnsiballZ_panos_commit_push.py", line 47, in invoke_module\n runpy.run_module(mod_name='ansible_collections.paloaltonetworks.panos.plugins.modules.panos_commit_push', init_globals=dict(_module_fqn='ansible_collections.paloaltonetworks.panos.plugins.modules.panos_commit_push', _modlib_path=modlib_path),\n File "/usr/lib64/python3.9/runpy.py", line 225, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File "/usr/lib64/python3.9/runpy.py", line 97, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File "/usr/lib64/python3.9/runpy.py", line 87, in _run_code\n exec(code, run_globals)\n File "/tmp/ansible_paloaltonetworks.panos.panos_commit_push_payload_dsaz7vbs/ansible_paloaltonetworks.panos.panos_commit_push_payload.zip/ansible_collections/paloaltonetworks/panos/plugins/modules/panos_commit_push.py", line 237, in \n File "/tmp/ansible_paloaltonetworks.panos.panos_commit_push_payload_dsaz7vbs/ansible_paloaltonetworks.panos.panos_commit_push_payload.zip/ansible_collections/paloaltonetworks/panos/plugins/modules/panos_commit_push.py", line 203, in main\n File "/usr/local/lib/python3.9/site-packages/panos/base.py", line 4769, in commit\n return self._commit(\n File "/usr/local/lib/python3.9/site-packages/panos/base.py", line 4845, in _commit\n commit_response = self.xapi.commit(\n File "/usr/local/lib/python3.9/site-packages/panos/base.py", line 3899, in method\n raise the_exception\npanos.errors.PanDeviceXapiError: commit-all -> shared-policy -> admin unexpected here\n commit-all -> shared-policy is unexpected \n commit-all is unexpected \n"

Possible solution

Steps to reproduce

When i tried to run this playbook, the task named "Push" is giving me the error:

  • name: Set provider details
    tags: configure_panorama
    set_fact:
    admin: "{{ panos_username }}"
    provider_details:
    ip_address: "{{ panos_endpoint }}"
    port: 443
    api_key: "{{ panos_api_key }}"
    username: "{{ panos_username }}"
    no_log: true
    run_once: true

  • name: "panorama: commit and push"
    block:

    • name: Commit candidate config to running config of Panorama
      paloaltonetworks.panos.panos_commit_panorama:
      provider: "{{ provider_details }}"
      admins:

      • "{{ admin }}"
        templates:
      • "Remote_Network_Template"
        run_once: true

    • name: Push
      paloaltonetworks.panos.panos_commit_push:
      provider: "{{ provider_details }}"
      admins:

      • "{{ admin }}"
        include_template: true
        style: 'device group'
        name: "Remote_Network_Device_Group"
        run_once: true

Screenshots

Context

My main goal is to onboard remote networks to prisma, I have tried to push to "Service_Conn_Device_Group" hoping i can acheive my goal but it is also giving me the same error. I have gone through other docs and issues but nothing able to solve.

Your Environment

  • Ansible Collection: paloaltonetworks.panos.panos_commit_push
@HarshaLakkoju HarshaLakkoju added the bug Something isn't working label Nov 5, 2024
@HarshaLakkoju
Copy link
Author

HarshaLakkoju commented Nov 5, 2024
edited
Loading

In the "Steps to reproduce" the playbook format got changed so consider the below playbook:
playbook.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HarshaLakkoju