dellemc.enterprise_sonic.sonic_radius_server module – Manage RADIUS server configuration on SONiC
Note
This module is part of the dellemc.enterprise_sonic collection (version 4.1.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install dellemc.enterprise_sonic.
To use it in a playbook, specify: dellemc.enterprise_sonic.sonic_radius_server.
New in dellemc.enterprise_sonic 1.0.0
Synopsis
This module provides configuration management of radius server for devices running Enterprise SONiC.
Parameters
Parameter |
Comments |
|---|---|
Specifies the radius server related configuration. |
|
Specifies the authentication type of the radius server. The default is Choices:
|
|
Specifies the key of the radius server. |
|
Specifies the network access server of the radius server. |
|
Specifies the re-transmit value of the radius server. The range is 0 to 10. |
|
Specifies the servers list of the radius server. |
|
Specifies the host details of the radius servers list. |
|
Specifies the authentication type of the radius server host. Choices:
|
|
Specifies the key of the radius server host. |
|
Specifies the IP address or name of the radius server host. |
|
Specifies the port of the radius server host. The range is 1 to 65535. The default is 1812. |
|
Specifies the priority of the radius server host. The range is 1 to 64. |
|
Specifies the protocol of the radius server host. The functional default is Choices:
|
|
Specifies the retransmit of the radius server host. The range is 0 to 10. |
|
Specifies the security profile for the radius server host. |
|
Specifies the source interface of the radius server host. |
|
Specifies the timeout of the radius server host. The range is 3 to 60. |
|
Specifies the vrf of the radius server host. |
|
Specifies the statistics flag of the radius server. Choices:
|
|
Specifies the timeout of the radius server. The range is 3 to 60. The default is 5. |
|
Specifies the operation to be performed on the radius server configured on the device. In case of merged, the input mode configuration will be merged with the existing radius server configuration on the device. In case of deleted the existing radius server mode configuration will be removed from the device. In case of replaced, the existing radius server configuration will be replaced with provided configuration. In case of overridden, the existing radius server configuration will be overridden with the provided configuration. Choices:
|
Notes
Note
Tested against Enterprise SONiC Distribution by Dell Technologies.
Supports
check_mode.
Examples
# Using "deleted" state
#
# Before state:
# -------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-port 55 timeout 12 retransmit 7 auth-type chap priority 3 vrf VrfAnsibleTest source-interface Ethernet100
- name: Delete specified radius server configuration
dellemc.enterprise_sonic.sonic_radius_server:
config:
auth_type: chap
nas_ip: 10.11.12.13
timeout: 12
servers:
host:
- name: 10.10.10.10
state: deleted
# After state:
# ------------
#
# sonic# show running-configuration | grep radius-server
# radius-server statistics enable
# radius-server retransmit 5
# radius-server host my-host1.dell auth-port 55 timeout 12 retransmit 7 auth-type chap priority 3 vrf VrfAnsibleTest source-interface Ethernet100
# Using "deleted" state
#
# Before state:
# -------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-port 55 timeout 12 retransmit 7 auth-type chap priority 3 vrf VrfAnsibleTest source-interface Ethernet100
- name: Delete all radius server configuration
dellemc.enterprise_sonic.sonic_radius_server:
config:
state: deleted
# After state:
# ------------
#
# sonic# show running-configuration | grep radius-server
# (No radius-server configuration present)
# Using "merged" state
#
# Before state:
# -------------
#
# sonic# show running-configuration | grep radius-server
# (No radius-server configuration present)
- name: Merge radius server configuration
dellemc.enterprise_sonic.sonic_radius_server:
config:
auth_type: chap
timeout: 12
nas_ip: 10.11.12.13
retransmit: 5
statistics: true
servers:
host:
- name: my-host1.dell
auth_type: chap
priority: 3
vrf: VrfAnsibleTest
timeout: 12
port: 55
source_interface: Ethernet100
retransmit: 7
- name: "10.10.10.10"
protocol: "TLS"
security_profile: "rad-sec-prof"
state: merged
# After state:
# ------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-port 55 timeout 12 retransmit 7 auth-type chap priority 3 vrf VrfAnsibleTest source-interface Ethernet100
# Using "replaced" state
#
# Before state:
# -------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-port 55 timeout 12 retransmit 7 auth-type chap priority 3 vrf VrfAnsibleTest source-interface Ethernet100
- name: Replace specified radius server host configuration
sonic_radius_server:
config:
servers:
- host:
name: my-host1.dell
auth_type: mschapv2
source_interface: Ethernet12
state: replaced
# After state:
# ------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-type mschapv2 source-interface Ethernet12
# Using "overridden" state
#
# Before state:
# -------------
#
# sonic# show running-configuration | grep radius-server
# radius-server nas-ip 10.11.12.13
# radius-server statistics enable
# radius-server timeout 12
# radius-server retransmit 5
# radius-server auth-type chap
# radius-server host 10.10.10.10 protocol TLS security-profile rad-sec-prof
# radius-server host my-host1.dell auth-type mschapv2 source-interface Ethernet12
- name: Override radius server configuration
sonic_radius_server:
config:
servers:
- host:
name: 20.20.20.20
protocol: TLS
security_profile: rad-sec-prof
state: overridden
# After state:
# ------------
#
# sonic# show running-configuration | grep radius-server
# radius-server host 20.20.20.20 protocol TLS security-profile rad-sec-prof
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The resulting configuration module invocation. Returned: when changed |
|
The generated configuration from module invocation. Returned: when |
|
The configuration prior to the module invocation. Returned: always |
|
The set of commands pushed to the remote device. Returned: always Sample: |