cisco.ios.ios_service_module.rst

cisco.ios.ios_service

Resource module to configure service.

Version added: 4.6.0

• Synopsis
• Parameters
• Notes
• Examples
• Return Values
• Status

Synopsis

• This module configures and manages service attributes on IOS platforms

Parameters

Parameter				Choices/Defaults	Comments
config dictionary					A dictionary of service configuration
	call_home boolean			Choices: no yes	Cisco call-home service
	compress_config boolean			Choices: no yes	Compress the nvram configuration file
	config boolean			Choices: no yes	TFTP load config files
	counters integer			Default: 0	Control aging of interface counters by setting the maximum counter aging threshold
	dhcp boolean			Choices: no yes ←	Enable DHCP server and relay agent
	disable_ip_fast_frag boolean			Choices: no yes	Disable IP particle-based fast fragmentation
	exec_callback boolean			Choices: no yes	Enable exec callback
	exec_wait boolean			Choices: no yes	Delay EXEC startup on noisy lines
	hide_telnet_addresses boolean			Choices: no yes	Hide destination addresses in telnet command
	internal boolean			Choices: no yes	Enable/Disable Internal commands
	linenumber boolean			Choices: no yes	enable line number banner for each exec
	log boolean			Choices: no yes	log backtrace
	log_hidden boolean			Choices: no yes	Enable syslog msgs for hidden/internal commands
	nagle boolean			Choices: no yes	Enable Nagle's congestion control algorithm
	old_slip_prompts boolean			Choices: no yes	Allow old scripts to operate with slip/ppp
	pad boolean			Choices: no yes	Enable PAD commands
	pad_cmns boolean			Choices: no yes	Enable PAD over CMNS connections
	pad_from_xot boolean			Choices: no yes	Accept XOT to PAD connections
	pad_to_xot boolean			Choices: no yes	Allow outgoing PAD over XOT connections
	password_encryption boolean			Choices: no yes	Encrypt system passwords
	password_recovery boolean			Choices: no yes ←	Password recovery
	private_config_encryption boolean			Choices: no yes	Enable private config file encryption
	prompt boolean			Choices: no yes ←	Enable mode specific prompt
	pt_vty_logging boolean			Choices: no yes	Log significant VTY-Async events
	scripting boolean			Choices: no yes	scripting
	sequence_numbers boolean			Choices: no yes	Stamp logger messages with a sequence number
	slave_coredump boolean			Choices: no yes	slave-coredump
	slave_log boolean			Choices: no yes ←	Enable log capability of slave IPs
	tcp_keepalives_in boolean			Choices: no yes	Generate keepalives on idle incoming network connections
	tcp_keepalives_out boolean			Choices: no yes	Generate keepalives on idle outgoing network connections
	tcp_small_servers dictionary				TCP small servers are servers (daemons, in Unix parlance) that run in the router which are useful for diagnostics.
		enable boolean		Choices: no yes	Enable small TCP servers (e.g., ECHO)
		max_servers integer			Set number of allowable TCP small servers 1 to 2147483647
		no_limit boolean		Choices: no yes	No limit on number of allowable TCP small servers
	telnet_zeroidle boolean			Choices: no yes	Set TCP window 0 when connection is idle
	timestamps list / elements=dictionary				Timestamp debug/log messages
		datetime_options dictionary			Options for date and time timestamp
			localtime boolean	Choices: no yes	Use local time zone for timestamps
			msec boolean	Choices: no yes	Include milliseconds in timestamp
			show_timezone boolean	Choices: no yes	Add time zone information to timestamp
			year boolean	Choices: no yes	Include year in timestam
		enable boolean		Choices: no yes	Enable timestamp for the choosen message
		msg string		Choices: debug log	Timestamp log or debug messages
		timestamp string		Choices: datetime uptime	Timestamp with date and time or with system uptime
	udp_small_servers dictionary				UDP small servers are servers (daemons, in Unix parlance) that run in the router which are useful for diagnostics.
		enable boolean		Choices: no yes	Enable small UDP servers (e.g., ECHO)
		max_servers integer			Set number of allowable UDP small servers 1 to 2147483647
		no_limit boolean		Choices: no yes	No limit on number of allowable UDP small servers
	unsupported_transceiver boolean			Choices: no yes	enable support for third-party transceivers
running_config string					This option is used only with state parsed. The value of this option should be the output received from the IOS device by executing the command show running-config | section ^service|^no service. The state parsed reads the configuration from running_config option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the parsed key within the result.
state string				Choices: merged ← replaced overridden deleted gathered rendered parsed	The state the configuration should be left in. The module have declaratively similar behavior for replaced and overridden state. Refer to examples for more details.

Notes

Note

• Tested against Cisco IOSXE Version 17.9.1a on CML.
• This module works with connection network_cli. See https://docs.ansible.com/ansible/latest/network/user_guide/platform_ios.html

Examples

# Using merged

# Before state:
# -------------

# router-ios#show running-config all | section ^service
# service slave-log
# service timestamps debug datetime msec
# service timestamps log datetime msec
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service call-home
# service password-recovery

- name: Merge provided configuration with device configuration
  cisco.ios.ios_service:
    config:
      tcp_keepalives_in: true
      tcp_keepalives_out: true
      timestamps:
        - msg: debug
          enable: true
          timestamp: datetime
        - msg: log
          enable: true
          timestamp: datetime
      pad: false
      password_encryption: true
    state: merged

# Task Output
# -----------
#
# before:
#   call_home: true
#   counters: 0
#   dhcp: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   timestamps:
#   - datetime_options:
#       msec: true
#     msg: debug
#     timestamp: datetime
#   - datetime_options:
#       msec: true
#     msg: log
#     timestamp: datetime
# commands:
# - service password-encryption
# - service tcp-keepalives-in
# - service tcp-keepalives-out
# after:
#   call_home: true
#   counters: 0
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   tcp_keepalives_in: true
#   tcp_keepalives_out: true
#   timestamps:
#   - datetime_options:
#       msec: true
#     msg: debug
#     timestamp: datetime
#   - datetime_options:
#       msec: true
#     msg: log
#     timestamp: datetime

# After state:
# ------------

# router-ios#show running-config all | section ^service
# service slave-log
# service tcp-keepalives-in
# service tcp-keepalives-out
# service timestamps debug datetime msec
# service timestamps log datetime msec
# service password-encryption
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service call-home
# service password-recovery

# Using replaced

# Before state:
# -------------

# router-ios#show running-config all | section ^service
# service slave-log
# service tcp-keepalives-in
# service tcp-keepalives-out
# service timestamps debug datetime msec
# service timestamps log datetime msec
# service password-encryption
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service call-home
# service password-recovery

- name: Replaces device configuration of services with provided configuration
  cisco.ios.ios_service:
    config:
      timestamps:
        - msg: log
          enable: true
          timestamp: datetime
          datetime_options:
            localtime: true
            msec: true
            show_timezone: true
            year: true
        - msg: debug
          enable: true
          timestamp: datetime
      pad: false
      password_encryption: true
    state: "replaced"

# Task Output
# -----------
#
# before:
#   call_home: true
#   counters: 0
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   tcp_keepalives_in: true
#   tcp_keepalives_out: true
#   timestamps:
#   - datetime_options:
#       msec: true
#     msg: debug
#     timestamp: datetime
#   - datetime_options:
#       msec: true
#     msg: log
#     timestamp: datetime
# commands:
# - no service call-home
# - no service tcp-keepalives-in
# - no service tcp-keepalives-out
# - no service timestamps log
# - service timestamps log datetime msec localtime show-timezone year
# - no service timestamps debug
# - service timestamps debug datetime
# after:
#   counters: 0
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   timestamps:
#   - msg: debug
#     timestamp: datetime
#   - datetime_options:
#       localtime: true
#       msec: true
#       show_timezone: true
#       year: true
#     msg: log
#     timestamp: datetime

# After state:
# ------------

# router-ios#show running-config all | section ^service
# service slave-log
# service timestamps debug datetime
# service timestamps log datetime msec localtime show-timezone year
# service password-encryption
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service password-recovery

# Using Deleted

# Before state:
# -------------

# router-ios#show running-config all | section ^service
# service slave-log
# service timestamps debug datetime
# service timestamps log datetime msec localtime show-timezone year
# service password-encryption
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service password-recovery

- name: "Delete service configuration and restore default configuration for some important service (those with a default value in module)"
  cisco.ios.ios_service:
    state: deleted

# Task Output
# -----------
#
# before:
#   counters: 0
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   timestamps:
#   - msg: debug
#     timestamp: datetime
#   - datetime_options:
#       localtime: true
#       msec: true
#       show_timezone: true
#       year: true
#     msg: log
#     timestamp: datetime
# commands:
# - no service password-encryption
# - no service timestamps debug
# - no service timestamps log
# after:
#   counters: 0
#   dhcp: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true

# After state:
# ------------
#
# router-ios#show running-config all | section ^service
# service slave-log
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service password-recovery

# Using gathered

# Before state:
# -------------
#
# router-ios#show running-config all | section ^service
# service slave-log
# service timestamps debug datetime
# service timestamps log datetime msec localtime show-timezone year
# service password-encryption
# service private-config-encryption
# service prompt config
# service counters max age 0
# service dhcp
# service password-recovery

- name: Gather facts of interfaces
  cisco.ios.ios_service:
    config:
    state: gathered

# Task Output
# -----------
#
# gathered:
#   counters: 0
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   private_config_encryption: true
#   prompt: true
#   slave_log: true
#   timestamps:
#   - msg: debug
#     timestamp: datetime
#   - datetime_options:
#       localtime: true
#       msec: true
#       show_timezone: true
#       year: true
#     msg: log
#     timestamp: datetime

# Using rendered

- name: Render the commands for provided configuration
  cisco.ios.ios_service:
    config:
      timestamps:
        - msg: log
          enable: true
          timestamp: datetime
          datetime_options:
            localtime: true
            msec: true
            show_timezone: true
            year: true
        - msg: debug
          enable: true
          timestamp: datetime
      pad: false
      password_encryption: true
    state: rendered

# ·Task·Output
# -----------
#
# rendered:
# - service dhcp
# - service password-encryption
# - service password-recovery
# - service prompt config
# - service slave-log
# - service timestamps log datetime msec localtime show-timezone year
# - service timestamps debug datetime

# Using parsed

# File: parsed.cfg
# ----------------
#
# no service pad
# service password-encryption
# service tcp-keepalives-in
# service tcp-keepalives-out
# service timestamps debug datetime msec localtime show-timezone year
# service timestamps log datetime msec localtime show-timezone year
# service counters max age 5

- name: Parse the provided configuration
  cisco.ios.ios_service:
    running_config: "{{ lookup('file', 'parsed.cfg') }}"
    state: parsed

# Task Output
# -----------
#
# parsed:
#   counters: 5
#   dhcp: true
#   password_encryption: true
#   password_recovery: true
#   prompt: true
#   slave_log: true
#   tcp_keepalives_in: true
#   tcp_keepalives_out: true
#   timestamps:
#   - datetime_options:
#       localtime: true
#       msec: true
#       show_timezone: true
#       year: true
#     msg: debug
#     timestamp: datetime
#   - datetime_options:
#       localtime: true
#       msec: true
#       show_timezone: true
#       year: true
#     msg: log
#     timestamp: datetime

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
after dictionary	when changed	The resulting configuration after module execution. Sample: This output will always be in the same format as the module argspec.
before dictionary	when state is merged, replaced, overridden, deleted or purged	The configuration prior to the module execution. Sample: This output will always be in the same format as the module argspec.
commands list	when state is merged, replaced, overridden, deleted or purged	The set of commands pushed to the remote device. Sample: ['no service config', 'service tcp-keepalives-in', 'service tcp-keepalives-out']
gathered list	when state is gathered	Facts about the network resource gathered from the remote device as structured data. Sample: This output will always be in the same format as the module argspec.
parsed list	when state is parsed	The device native config provided in running_config option parsed into structured data as per module argspec. Sample: This output will always be in the same format as the module argspec.
rendered list	when state is rendered	The provided configuration in the task rendered in device-native format (offline). Sample: ['service dhcp', 'service password-encryption', 'service password-recovery', 'service prompt config', 'service slave-log']

Status

Authors

• Ambroise Rosset (@earendilfr)
• Sagar Paul (@KB-perByte)