I want to automate a RouterOS device with ansible. ansible_cli and ansible_api work fine. Now I want to set up a complete automation with ansible.
How can I deploy a complete config to a RouterOS device.
Starting from a blank device, I would have to us “… add …” commands to create objects like bridge or IP addresses. If I want to change something in the config, I would have to use the “… set …” command. Or in the api interface, the “update” command. But this only work, if the object is already exists.
So there would have to be at least two different templates, one for the first config, a secondary for all further configs. But this also would not work: If later in the process, a new object would have to be created, there also would be a problem again.
So is there any good solution for this problem? Is there i.e. a way to replace the complete config? I found the /system reset-configuration run-after-reset=config.rsc But this reboots the router AND changes the ssh host key.
update in ansible is the same as a RouterOS set, so it does need the add before a set will work.
I don't know of any good ones, since the underlying problem is the "config" is not idempotent, so there is no combined add or set. Without that, kinda stuck using cmd to run a small script with some RouterOS :if/etc things.
I think that's best you can do. In general, if you netinstall/flashfig device when acquired with some reasonable baseline config , you can then avoid needing to add new config items & have known state to start ansible modifications. But, you have to accept if the reset-configuration is needed that cause a reboot, but can return the router to your baseline config for ansible. Also, RouterOS update also cause reboots, if your deployment is sensitive to reboots generally then using multiple routers+VRRP in config is one solution to mitigates the effect that reset-configuration reboots .
But I'm also curious as to how other "solve" this problem.