Hi,

I was going thru this post (https://blog.networktocode.com/post/generating-diff-with-ansible/) where its mentioned that we can use check and diff mode together. I am trying to use that for gold config audit (audit pre decided config against what is present on device) for Cisco and Extreme devices. Below is my playbook –

`

task to audit & heal ntp configuration

• name: Set NTP template
  ios_config:
  src: “{{domain}}_{{ansible_network_os}}_ntp.cfg”
  match: line
  register: ntp_result
  `

Below is my template -

ntp server 10.19.70.1

Ansible highlighting that it is going to change the config. Below is what result I am getting. Surprisingly I am not getting any config diff.

"ntp_result": { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python" }, "changed": true, "commands": [ "configure ntp server add x.x.x.x" ], "failed": false, "updates": [ "configure ntp server add x.x.x.x" ], "warnings": [ "unable to perform diff against running-config due to check mode" ] }

Why I am not getting config diff? Any idea what is wrong?

Hello Shyam

It is how the output is displayed. In your output updates are showing the difference in running config and your cfg file.

“updates”: [
“configure ntp server add x.x.x.x”
],

I don’t see any issue with the output. Did you try changing the ntp setting on the device yourself and check out the difference in output ?

Thanks for reply. Yes below is my intended config -

ntp server 10.19.70.1

But on device we have different ntp server configured -

ntp server 10.19.60.9

Here in updates section, ansible guiding me that its going to push this NTP config. But what config already exits is not mentioned or pushing against what config is not shown. Do anyone has any working example of this?

Why there is a warning shown that it can’t diff when check mode is enabled? In documentation (https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html) its mentioned that we can use these together.

-Shyam

Thanks for reply. Yes below is my intended config -
>
ntp server 10.19.70.1
>

But on device we have different ntp server configured -
>
ntp server 10.19.60.9
>
*
Here in updates section, ansible guiding me that its going to push this NTP config. But what config already exits is not
mentioned or pushing against what config is not shown. Do anyone has any working example of this?

Why there is a warning shown that it can't diff when check mode is enabled? In documentation
(https://docs.ansible.com/ansible/latest/user_guide/playbooks_checkmode.html) its mentioned that we can use these together.*

It looks like a shortcoming of this module. Usually --check and --diff works together without hassle.

Regards
       Racke

I am sure if that is true. Because I could reproduce this for other network modules also like (exos_config, eos_config). In the first tutorial (https://blog.networktocode.com/post/generating-diff-with-ansible/) I posted, its mentioned that these module support diff & check mode. But no sample exits online. Somehow its not working for me. I thought someone could guide with this.

-Shyam