unable to create secondary ip for a NIC using azure_rm_networkinterface module

[venkateshm2012]

SUMMARY

unable to create secondary ip for a NIC

ISSUE TYPE

• Bug Report

COMPONENT NAME

azure_rm_networkinterface module

ANSIBLE VERSION

        "ansible-core                       2.15.3rc1",
        "ansible-runner                     2.3.3",

COLLECTION VERSION

collection-vyos.vyos.git
    type: git
    version: 4.1.0

"azure-cli-core                     2.34.0",
        "azure-cli-telemetry                1.0.6",
        "azure-common                       1.1.11",
        "azure-containerregistry            1.1.0",
        "azure-core                         1.29.1",
        "azure-graphrbac                    0.61.1",
        "azure-identity                     1.7.0",
        "azure-keyvault                     1.1.0",
        "azure-mgmt-apimanagement           3.0.0",
        "azure-mgmt-authorization           2.0.0",
        "azure-mgmt-automation              1.0.0",
        "azure-mgmt-batch                   5.0.1",
        "azure-mgmt-cdn                     11.0.0",
        "azure-mgmt-compute                 26.1.0",
        "azure-mgmt-containerinstance       9.0.0",
        "azure-mgmt-containerregistry       9.1.0",
        "azure-mgmt-containerservice        20.0.0",
        "azure-mgmt-core                    1.3.0",
        "azure-mgmt-cosmosdb                6.4.0",
        "azure-mgmt-datafactory             2.0.0",
        "azure-mgmt-datalake-store          1.0.0",
        "azure-mgmt-devtestlabs             9.0.0",
        "azure-mgmt-dns                     8.0.0",
        "azure-mgmt-eventhub                10.1.0",
        "azure-mgmt-hdinsight               9.0.0",
        "azure-mgmt-iothub                  2.2.0",
        "azure-mgmt-keyvault                10.0.0",
        "azure-mgmt-loganalytics            12.0.0",
        "azure-mgmt-managedservices         6.0.0",
        "azure-mgmt-managementgroups        1.0.0",
        "azure-mgmt-marketplaceordering     1.1.0",
        "azure-mgmt-monitor                 3.0.0",
        "azure-mgmt-network                 19.1.0",
        "azure-mgmt-notificationhubs        7.0.0",
        "azure-mgmt-nspkg                   2.0.0",
        "azure-mgmt-privatedns              1.0.0",
        "azure-mgmt-rdbms                   10.0.0",
        "azure-mgmt-recoveryservices        2.0.0",
        "azure-mgmt-recoveryservicesbackup  3.0.0",
        "azure-mgmt-redis                   13.0.0",
        "azure-mgmt-resource                21.1.0",
        "azure-mgmt-search                  8.0.0",
        "azure-mgmt-servicebus              7.1.0",
        "azure-mgmt-sql                     3.0.1",
        "azure-mgmt-storage                 19.0.0",
        "azure-mgmt-trafficmanager          1.0.0b1",
        "azure-mgmt-web                     6.1.0",
        "azure-nspkg                        2.0.0",
        "azure-storage-blob                 12.11.0",

CONFIGURATION

OS / ENVIRONMENT

STEPS TO REPRODUCE

- name: Add new secondary IP configuration
ansible.builtin.azure_rm_networkinterface:
resource_group: "MY_RG"
name: "MY_NIC"
virtual_network: "MY_VNET"
subnet_name: "{{MY_SUBNET}}"
create_with_security_group: False
ip_configurations:
- name: MY_IP
   primary: false
   private_ip_address: '10.23.56.90'
   private_ip_allocation_method: Static

EXPECTED RESULTS

I want to attach a new IPconfiguration on the NIC(MY_NIC) , in other words i need to attach secondary IP for the NIC.

ACTUAL RESULTS

"msg": "Error creating or updating network interface MY_NIC - (IpConfigDeleteNotSupported) IP Configuration ipconfig1 cannot be deleted. Deletion and renaming of primary IP Configuration is not supported\\nCode: IpConfigDeleteNotSupported\\nMessage: IP Configuration ipconfig1 cannot be deleted. Deletion and renaming of primary IP Configuration is not supported"

[Fred-sun]

@venkateshm2012 Thanks for your questions! To use a module from Azure collection, you should reference the full namespace or collection name, you can try like the follow.
Another, Can you provide your full use case and use the azure-collecitons version? Will help solve the current problem, thank you!

First way(use namespace):
---
- name: Using Azure collection
  hosts: localhost
  collections:
    - azure.azcollection
  tasks:
    - name: For network interface test
      azure_rm_networkinterface:
         ....................................

Second way( use collections name):
---
- name: Using Azure collection
  hosts: localhost
  tasks:
    - name: For network interface test
      azure.azcollection.azure_rm_networkinterface:
         ....................................

[morley461]

Same issue for me. I don't want to delete or change the existing primary or secondary interfaces. I just want to add an additional secondary Name with a dynamic IP. However it seems like it wants to update the primary? So not sure what I am missing, or is it the case that you have to respecify all ip_configurations for all interfaces.

error message reported. "Deletion and renaming of primary IP Configuration is not supported"

ansible play

- name: Create IP for Network Interfaces
  azure.azcollection.azure_rm_networkinterface:
    resource_group: "{{ ResGroup }}"
    virtual_network: "{{ VNet }}"
    subnet_name: "{{ SubnetName }}"
    name: "{{ item.name }}"
    ip_configurations:
      - name: "{{ item.ip_config_name }}"
        primary: false
    state: present
    profile: e3
  loop:
    - { name: "{{ NetworkInterfaceName1 }}", ip_config_name: "{{ IpConfigName1 }}" }
  register: nic_result

error message during run of task.

failed: [localhost] (item={'name': 'obfuscated', 'ip_config_name': 'obfuscated'}) => {"ansible_loop_var": "item", "changed": false, "item": {"ip_config_name": "obfuscated", "name": "obfuscated"}, "msg": "Error creating or updating network interface obfuscated - (IpConfigDeleteNotSupported) IP Configuration obfuscated cannot be deleted. Deletion and renaming of primary IP Configuration is not supported\nCode: IpConfigDeleteNotSupported\nMessage: IP Configuration obfuscated cannot be deleted. Deletion and renaming of primary IP Configuration is not supported"}

ansible collection.
azure.azcollection 1.18.1

[morley461]

So, after some exploration, I've discovered an important caveat: the approach of directly adding IP configurations using a loop can lead to unintended behavior. It seems that this method overwrites existing configurations rather than adding new ones.

In my scenario, I needed to set up multiple secondary IP addresses on a network interface, but this method condensed them into a single entry, which was definitely not the desired outcome.

To illustrate a more effective strategy, consider the following setup using a predefined ipConfig variable:

- set_fact:
    ipConfig:
      - name: "ip-ext0-TestAnsible"
        primary: true
        private_ip_allocation_method: "Dynamic"
      - name: "ip-ext0-TestAnsible1"
        primary: false
        private_ip_allocation_method: "Dynamic"
      - name: "ip-ext0-TestAnsible2"
        primary: false
        private_ip_allocation_method: "Dynamic"

Once ipConfig is established, you can proceed to assign the IP addresses as demonstrated below:

- name: Create IP for Network Interfaces
  azure.azcollection.azure_rm_networkinterface:
    resource_group: "{{ ResGroup }}"
    virtual_network: "{{ VNet }}"
    subnet_name: "{{ SubnetName }}"
    name: "{{ NetworkInterfaceName1 }}"
    ip_configurations: "{{ ipConfig }}"
    state: present

Avoid the temptation to employ a loop in the manner shown below, as it will lead to unintended overwriting of entries:

- name: Create IP for Network Interfaces
  azure.azcollection.azure_rm_networkinterface:
    resource_group: "{{ ResGroup }}"
    virtual_network: "{{ VNet }}"
    subnet_name: "{{ SubnetName }}"
    name: "{{ item.name }}"
    ip_configurations:
      - name: "{{ item.ip_config_name }}"
        primary: "{{ item.Primary_Flag }}"
    state: present
    profile: e3f5drtest
  loop:
    - { name: "{{ NetworkInterfaceName1 }}", ip_config_name: "{{ IpConfigName1 }}", Primary_Flag: true }
    - { name: "{{ NetworkInterfaceName1 }}", ip_config_name: "{{ IpConfigName2 }}", Primary_Flag: false }
    - { name: "{{ NetworkInterfaceName1 }}", ip_config_name: "{{ IpConfigName3 }}", Primary_Flag: false }

This method feels quite cumbersome, especially compared to other options like PowerShell, where a single call can effortlessly add an IP address. I'm left wondering if I've overlooked a more efficient approach here. I'm curious if this behavior is intentional and if there's a rationale behind it. If anyone has insights or suggestions, I'd be eager to hear them.

[Fred-sun]

@morley461 I see! I will recheck it! Thank you very much!

[Fred-sun]

@venkateshm2012 @morley461 Sorry, we can't do the same as #1488 for the time being. Currently, the SDK of the network adapter does not support updating the ip_configuration information of the network adapter, and only supports re-creation. Therefore, if you want to configure multiple ip_configuration information for the NIC, perform the following operations. Thank you!

- name: Create IP for Network Interfaces
  azure.azcollection.azure_rm_networkinterface:
    resource_group: "{{ ResGroup }}"
    virtual_network: "{{ VNet }}"
    subnet_name: "{{ SubnetName }}"
    name: "{{ item.name }}"
    ip_configurations:
      - name: "name1"
        primary: "value1"
      - name: "name2"
        primary: "value2"
      ......
    state: present
    profile: e3f5drtest

[Fred-sun]

@venkateshm2012 @morley461 If the SDK supports updates, we will import them as soon as possible. Thank you!