network: Correct documentation (ansible#71246)

ini-style inventory does not support Ansible Vault password.
This fixes network_best_practices_2.5 doc.
Fixes: ansible#69039

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>

docs/docsite/rst/network/user_guide/network_best_practices_2.5.rst

@@ -29,7 +29,7 @@ An ``inventory`` file is a YAML or INI-like configuration file that defines the
 
 In our example, the inventory file defines the groups ``eos``, ``ios``, ``vyos`` and a "group of groups" called ``switches``. Further details about subgroups and inventory files can be found in the :ref:`Ansible inventory Group documentation <subgroups>`.
 
-Because Ansible is a flexible tool, there are a number of ways to specify connection information and credentials. We recommend using the ``[my_group:vars]`` capability in your inventory file. Here's what it would look like if you specified your SSH passwords (encrypted with Ansible Vault) among your variables:
+Because Ansible is a flexible tool, there are a number of ways to specify connection information and credentials. We recommend using the ``[my_group:vars]`` capability in your inventory file.
 
 .. code-block:: ini
 
@@ -54,13 +54,7 @@ Because Ansible is a flexible tool, there are a number of ways to specify connec
    ansible_become_method=enable
    ansible_network_os=eos
    ansible_user=my_eos_user
-   ansible_password= !vault |
-                     $ANSIBLE_VAULT;1.1;AES256
-                     37373735393636643261383066383235363664386633386432343236663533343730353361653735
-                     6131363539383931353931653533356337353539373165320a316465383138636532343463633236
-                     37623064393838353962386262643230303438323065356133373930646331623731656163623333
-                     3431353332343530650a373038366364316135383063356531633066343434623631303166626532
-                     9562
+   ansible_password=my_eos_password
 
    [ios]
    ios01 ansible_host=ios-01.example.net
@@ -72,13 +66,7 @@ Because Ansible is a flexible tool, there are a number of ways to specify connec
    ansible_become_method=enable
    ansible_network_os=ios
    ansible_user=my_ios_user
-   ansible_password= !vault |
-                     $ANSIBLE_VAULT;1.1;AES256
-                     34623431313336343132373235313066376238386138316466636437653938623965383732373130
-                     3466363834613161386538393463663861636437653866620a373136356366623765373530633735
-                     34323262363835346637346261653137626539343534643962376139366330626135393365353739
-                     3431373064656165320a333834613461613338626161633733343566666630366133623265303563
-                     8472
+   ansible_password=my_ios_password
 
    [vyos]
    vyos01 ansible_host=vyos-01.example.net
@@ -88,13 +76,7 @@ Because Ansible is a flexible tool, there are a number of ways to specify connec
    [vyos:vars]
    ansible_network_os=vyos
    ansible_user=my_vyos_user
-   ansible_password= !vault |
-                     $ANSIBLE_VAULT;1.1;AES256
-                     39336231636137663964343966653162353431333566633762393034646462353062633264303765
-                     6331643066663534383564343537343334633031656538370a333737656236393835383863306466
-                     62633364653238323333633337313163616566383836643030336631333431623631396364663533
-                     3665626431626532630a353564323566316162613432373738333064366130303637616239396438
-                     9853
+   ansible_password=my_vyos_password
 
 If you use ssh-agent, you do not need the ``ansible_password`` lines. If you use ssh keys, but not ssh-agent, and you have multiple keys, specify the key to use for each connection in the ``[group:vars]`` section with ``ansible_ssh_private_key_file=/path/to/correct/key``. For more information on ``ansible_ssh_`` options see :ref:`behavioral_parameters`.
 
@@ -107,6 +89,21 @@ Ansible vault for password encryption
 
 The "Vault" feature of Ansible allows you to keep sensitive data such as passwords or keys in encrypted files, rather than as plain text in your playbooks or roles. These vault files can then be distributed or placed in source control. See :ref:`playbooks_vault` for more information.
 
+Here's what it would look like if you specified your SSH passwords (encrypted with Ansible Vault) among your variables:
+
+.. code-block:: yaml
+
+   ansible_connection: ansible.netcommon.network_cli
+   ansible_network_os: vyos.vyos.vyos
+   ansible_user: my_vyos_user
+   ansible_ssh_pass: !vault |
+                     $ANSIBLE_VAULT;1.1;AES256
+                     39336231636137663964343966653162353431333566633762393034646462353062633264303765
+                     6331643066663534383564343537343334633031656538370a333737656236393835383863306466
+                     62633364653238323333633337313163616566383836643030336631333431623631396364663533
+                     3665626431626532630a353564323566316162613432373738333064366130303637616239396438
+                     9853
+
 Common inventory variables
 --------------------------
 
@@ -134,7 +131,7 @@ Certain network platforms, such as Arista EOS and Cisco IOS, have the concept of
 .. code-block:: ini
 
    [eos:vars]
-   ansible_connection=network_cli
+   ansible_connection=ansible.netcommon.network_cli
    ansible_network_os=eos
    ansible_become=yes
    ansible_become_method=enable
@@ -198,15 +195,15 @@ Next, create a playbook file called ``facts-demo.yml`` containing the following:
        # Collect data
        #
        - name: Gather facts (eos)
-         eos_facts:
+         arista.eos.eos_facts:
          when: ansible_network_os == 'eos'
 
        - name: Gather facts (ios)
-         ios_facts:
+         cisco.ios.ios_facts:
          when: ansible_network_os == 'ios'
 
        - name: Gather facts (vyos)
-         vyos_facts:
+         vyos.vyos.vyos_facts:
          when: ansible_network_os == 'vyos'
 
        ###
@@ -255,13 +252,13 @@ Next, create a playbook file called ``facts-demo.yml`` containing the following:
        #
 
        - name: Backup switch (eos)
-         eos_config:
+         arista.eos.eos_config:
            backup: yes
          register: backup_eos_location
          when: ansible_network_os == 'eos'
 
        - name: backup switch (vyos)
-         vyos_config:
+         vyos.vyos.vyos_config:
            backup: yes
          register: backup_vyos_location
          when: ansible_network_os == 'vyos'
@@ -343,17 +340,17 @@ This example assumes three platforms, Arista EOS, Cisco NXOS, and Juniper JunOS.
 
   ---
   - name: Run Arista command
-    eos_command:
+    arista.eos.eos_command:
       commands: show ip int br
     when: ansible_network_os == 'eos'
 
   - name: Run Cisco NXOS command
-    nxos_command:
+    cisco.nxos.nxos_command:
       commands: show ip int br
     when: ansible_network_os == 'nxos'
 
   - name: Run Vyos command
-    vyos_command:
+    vyos.vyos.vyos_command:
       commands: show interface
     when: ansible_network_os == 'vyos'
 
@@ -373,7 +370,7 @@ You can replace these platform-specific modules with the network agnostic ``cli_
       - name: Run cli_command on Arista and display results
         block:
         - name: Run cli_command on Arista
-          cli_command:
+          ansible.netcommon.cli_command:
             command: show ip int br
           register: result
 
@@ -385,7 +382,7 @@ You can replace these platform-specific modules with the network agnostic ``cli_
       - name: Run cli_command on Cisco IOS and display results
         block:
         - name: Run cli_command on Cisco IOS
-          cli_command:
+          ansible.netcommon.cli_command:
             command: show ip int br
           register: result
 
@@ -397,7 +394,7 @@ You can replace these platform-specific modules with the network agnostic ``cli_
       - name: Run cli_command on Vyos and display results
         block:
         - name: Run cli_command on Vyos
-          cli_command:
+          ansible.netcommon.cli_command:
             command: show interfaces
           register: result
 
@@ -418,7 +415,7 @@ If you use groups and group_vars by platform type, this playbook can be further
 
     tasks:
       - name: Run show command
-        cli_command:
+        ansible.netcommon.cli_command:
           command: "{{show_interfaces}}"
         register: command_output
 
@@ -434,7 +431,7 @@ The ``cli_command`` also supports multiple prompts.
 
   ---
   - name: Change password to default
-    cli_command:
+    ansible.netcommon.cli_command:
       command: "{{ item }}"
       prompt:
         - "New password"
@@ -449,7 +446,7 @@ The ``cli_command`` also supports multiple prompts.
       - "set system root-authentication plain-text-password"
       - "commit"
 
-See the :ref:`cli_command <cli_command_module>` for full documentation on this command.
+See the :ref:`ansible.netcommon.cli_command <cli_command_module>` for full documentation on this command.
 
 
 Implementation Notes
@@ -468,7 +465,7 @@ For more information, see :ref:`magic_variables_and_hostvars`.
 Get running configuration
 -------------------------
 
-The :ref:`eos_config <eos_config_module>` and :ref:`vyos_config <vyos_config_module>` modules have a ``backup:`` option that when set will cause the module to create a full backup of the current ``running-config`` from the remote device before any changes are made. The backup file is written to the ``backup`` folder in the playbook root directory. If the directory does not exist, it is created.
+The :ref:`arista.eos.eos_config <eos_config_module>` and :ref:`vyos.vyos.vyos_config <vyos_config_module>` modules have a ``backup:`` option that when set will cause the module to create a full backup of the current ``running-config`` from the remote device before any changes are made. The backup file is written to the ``backup`` folder in the playbook root directory. If the directory does not exist, it is created.
 
 To demonstrate how we can move the backup file to a different location, we register the result and move the file to the path stored in ``backup_path``.