Note
This plugin is part of the community.network collection (version 3.0.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.network
.
To use it in a playbook, specify: community.network.ftd_install
.
httpapi
and local
connection types. The httpapi
is preferred, the local
connection should be used only when the device cannot be accessed via REST API.The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
console_ip string / required | IP address of a terminal server. Used to set up an SSH connection with device's console port through the terminal server. | |
console_password string / required | Password to login on a terminal server. | |
console_port string / required | Device's port on a terminal server. | |
console_username string / required | Username to login on a terminal server. | |
device_gateway string | Device gateway of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. | |
device_hostname string / required | Hostname of the device as appears in the prompt (e.g., 'firepower-5516'). | |
device_ip string | Device IP address of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. | |
device_model string |
| Platform model of the device (e.g., 'Cisco ASA5506-X Threat Defense'). If not specified and connection is 'httpapi`, the module tries to fetch the device model via REST API. For 'local' connection type, this parameter is mandatory. |
device_netmask string | Device netmask of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. | |
device_new_password string | New device password to set after image installation. If not specified, current password from `device_password` property is reused. Not applicable for ASA5500-X series devices. | |
device_password string / required | Password to login on the device. | |
device_sudo_password string | Root password for the device. If not specified, `device_password` is used. | |
device_username string | Default: "admin" | Username to login on the device. Defaulted to 'admin' if not specified. |
dns_server string | DNS IP address of management interface. If not specified and connection is 'httpapi`, the module tries to fetch the existing value via REST API. For 'local' connection type, this parameter is mandatory. | |
force_install boolean |
| Forces the FTD image to be installed even when the same version is already installed on the firewall. By default, the module stops execution when the target version is installed in the device. |
image_file_location string / required | Path to the FTD pkg image on the server to be downloaded. FTP, SCP, SFTP, TFTP, or HTTP protocols are usually supported, but may depend on the device model. | |
image_version string / required | Version of FTD image to be installed. Helps to compare target and current FTD versions to prevent unnecessary reinstalls. | |
rommon_file_location string / required | Path to the boot (ROMMON) image on TFTP server. Only TFTP is supported. | |
search_domains string | Default: "cisco.com" | Search domains delimited by comma. Defaulted to 'cisco.com' if not specified. |
Note
firepower-kickstart
library that should be installed separately and requires Python >= 3.5.ansible_python_interpreter
variable.- name: Install image v6.3.0 on FTD 5516 community.network.ftd_install: device_hostname: firepower device_password: pass device_ip: 192.168.0.1 device_netmask: 255.255.255.0 device_gateway: 192.168.0.254 dns_server: 8.8.8.8 console_ip: 10.89.0.0 console_port: 2004 console_username: console_user console_password: console_pass rommon_file_location: 'tftp://10.89.0.11/installers/ftd-boot-9.10.1.3.lfbff' image_file_location: 'https://10.89.0.11/installers/ftd-6.3.0-83.pkg' image_version: 6.3.0-83
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
msg string | always | The message saying whether the image was installed or explaining why the installation failed. |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/network/ftd_install_module.html