This document explains how to run your first FortiSwitch Ansible playbook.
With FortiSwitch Galaxy collection, you are always recommended to run
FortiSwitch module in httpapi
manner. The first step is to prepare your
host inventory with which you can use ansible-vault
to encrypt or
decrypt your secrets for the sake of confidentiality.
in our case we create a file named hosts
:
[fortiswitches] fortiswitch01 ansible_host=192.168.190.130 ansible_user="admin" ansible_password="password" fortiswitch02 ansible_host=192.168.190.131 ansible_user="admin" ansible_password="password" [fortiswitches:vars] ansible_network_os=fortinet.fortiswitch.fortiswitch
in the example: test.yml
we are going to modify the fortiSwitch configurations.
device’s hostname:
- hosts: fortiswitch01 collections: - fortinet.fortiswitch connection: httpapi gather_facts: 'no' vars: ansible_httpapi_use_ssl: 'yes' ansible_httpapi_validate_certs: 'no' ansible_httpapi_port: 443 tasks: - name: Only https allow access to the device. fortiswitch_system_interface: state: present system_interface: name: internal vdom: root allowaccess: https
there are several options which might need you special care:
- connection :
httpapi
is preferred. - collections : The namespace must be
fortinet.fortiswitch
- ansible_httpapi_use_ssl and ansible_httpapi_port: by default when your fortiSwitch device is licensed, the https is enabled.
ansible-playbook -i hosts test.yml
you can also observe the verbose output by adding option at the tail:
-vvv
.