Ansible against Cisco switch: Can not elevate to privileged modeAnsible Fails to Authenticate Sudo Even When...
Can you 'upgrade' leather armor to studded leather armor without purchasing the new armor directly?
Sometimes a banana is just a banana
Multiplication via squaring and addition
The change directory (cd) command is not working with a USB drive
How to speed up a process
What is the difference between throw e and throw new Exception(e)?
How can I be pwned if I'm not registered on that site?
Compare four integers, return word based on maximum
Creature spells vs. ability to convert a permanent into a creature
What is the wife of a henpecked husband called?
Why zero tolerance on nudity in space?
Does music exist in Panem? And if so, what kinds of music?
I can't die. Who am I?
Where was Karl Mordo in Infinity War?
Is there any relevance to Thor getting his hair cut other than comedic value?
How to count occurrences of Friday 13th
Six real numbers so that product of any five is the sixth one
What is the difference between ashamed and shamed?
I am on the US no-fly list. What can I do in order to be allowed on flights which go through US airspace?
How to avoid being sexist when trying to employ someone to function in a very sexist environment?
Exponential growth/decay formula: what happened to the other constant of integration?
Why does Starman/Roadster have radial acceleration?
Can chords be played on the flute?
How do ISS astronauts "get their stripes"?
Ansible against Cisco switch: Can not elevate to privileged mode
Ansible Fails to Authenticate Sudo Even When Sudo Pass is GivenWhy is ansible notify not working?What is reasonable performance for a simple Ansible playbook against ~100 hosts?Ansible can't git clone from enterprise git serverAnsible: leave password unchanged when not setAnsible not restarting service correctlyVARIABLE IS NOT DEFINED ! response from API Call in AnsibleAnsible throwing errors while installing packages via apt and yumAnsible Playbook running locally but unable to ssh to host via AWXHow can I abstract away Ansible roles?
I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.
This is my playbook:
---
- hosts: Switches
gather_facts: no
connection: network_cli
tasks:
- name: save backup
ios_config:
username: "ansible"
authorize: yes
auth_pass: "ansiblepass"
backup: yes
register: config
This is my hosts file:
[Switches]
Switch01 ansible_host=192.168.100.66
[Switches:vars]
ansible_become=yes
ansible_become_method=enable
ansible_network_os=ios
ansible_user=ansible
ansible_ssh_pass=ansiblepass
ansible_authorize=yes
ansible_auth_pass=ansiblepass
And this is the error I'm getting:
ansible-playbook 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc
PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
1 plays in switches_backup.yaml.old
PLAY [Switches] ********************************************************************************************************************************************************************************************
META: ran handlers
TASK [save backup] ********************************************************************************************************************************************************************************************
task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
<192.168.100.66> attempting to start connection
<192.168.100.66> using connection plugin network_cli
<192.168.100.66> local domain socket does not exist, starting it
<192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
<192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
<192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
<192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
<192.168.100.66> <192.168.100.66> firing event: on_open_shell()
<192.168.100.66> <192.168.100.66> firing event: on_become
<192.168.100.66> <192.168.100.66> ssh connection has completed successfully
<192.168.100.66> connection to remote device started successfully
<192.168.100.66> local domain socket listeners started successfully
<192.168.100.66>
<192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
<192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
<192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
<192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
out = connection.get_config(flags=flags)
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
[DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
fatal: [Switch01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"after": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"backup": true,
"before": null,
"defaults": false,
"diff_against": null,
"diff_ignore_lines": null,
"force": false,
"host": null,
"intended_config": null,
"lines": null,
"match": "line",
"multiline_delimiter": "@",
"parents": null,
"password": null,
"port": null,
"provider": null,
"replace": "line",
"running_config": null,
"save": false,
"save_when": "never",
"src": null,
"ssh_keyfile": null,
"timeout": null,
"username": "ansible"
}
},
"msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
}
to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry
PLAY RECAP ****************************************************************************************************************************************************************************************************
SW01-01 : ok=0 changed=0 unreachable=0 failed=1
As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).
I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.
Some help would be so appreciated. Thanks.
cisco ansible ansible-playbook
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.
This is my playbook:
---
- hosts: Switches
gather_facts: no
connection: network_cli
tasks:
- name: save backup
ios_config:
username: "ansible"
authorize: yes
auth_pass: "ansiblepass"
backup: yes
register: config
This is my hosts file:
[Switches]
Switch01 ansible_host=192.168.100.66
[Switches:vars]
ansible_become=yes
ansible_become_method=enable
ansible_network_os=ios
ansible_user=ansible
ansible_ssh_pass=ansiblepass
ansible_authorize=yes
ansible_auth_pass=ansiblepass
And this is the error I'm getting:
ansible-playbook 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc
PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
1 plays in switches_backup.yaml.old
PLAY [Switches] ********************************************************************************************************************************************************************************************
META: ran handlers
TASK [save backup] ********************************************************************************************************************************************************************************************
task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
<192.168.100.66> attempting to start connection
<192.168.100.66> using connection plugin network_cli
<192.168.100.66> local domain socket does not exist, starting it
<192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
<192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
<192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
<192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
<192.168.100.66> <192.168.100.66> firing event: on_open_shell()
<192.168.100.66> <192.168.100.66> firing event: on_become
<192.168.100.66> <192.168.100.66> ssh connection has completed successfully
<192.168.100.66> connection to remote device started successfully
<192.168.100.66> local domain socket listeners started successfully
<192.168.100.66>
<192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
<192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
<192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
<192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
out = connection.get_config(flags=flags)
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
[DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
fatal: [Switch01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"after": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"backup": true,
"before": null,
"defaults": false,
"diff_against": null,
"diff_ignore_lines": null,
"force": false,
"host": null,
"intended_config": null,
"lines": null,
"match": "line",
"multiline_delimiter": "@",
"parents": null,
"password": null,
"port": null,
"provider": null,
"replace": "line",
"running_config": null,
"save": false,
"save_when": "never",
"src": null,
"ssh_keyfile": null,
"timeout": null,
"username": "ansible"
}
},
"msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
}
to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry
PLAY RECAP ****************************************************************************************************************************************************************************************************
SW01-01 : ok=0 changed=0 unreachable=0 failed=1
As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).
I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.
Some help would be so appreciated. Thanks.
cisco ansible ansible-playbook
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.
This is my playbook:
---
- hosts: Switches
gather_facts: no
connection: network_cli
tasks:
- name: save backup
ios_config:
username: "ansible"
authorize: yes
auth_pass: "ansiblepass"
backup: yes
register: config
This is my hosts file:
[Switches]
Switch01 ansible_host=192.168.100.66
[Switches:vars]
ansible_become=yes
ansible_become_method=enable
ansible_network_os=ios
ansible_user=ansible
ansible_ssh_pass=ansiblepass
ansible_authorize=yes
ansible_auth_pass=ansiblepass
And this is the error I'm getting:
ansible-playbook 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc
PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
1 plays in switches_backup.yaml.old
PLAY [Switches] ********************************************************************************************************************************************************************************************
META: ran handlers
TASK [save backup] ********************************************************************************************************************************************************************************************
task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
<192.168.100.66> attempting to start connection
<192.168.100.66> using connection plugin network_cli
<192.168.100.66> local domain socket does not exist, starting it
<192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
<192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
<192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
<192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
<192.168.100.66> <192.168.100.66> firing event: on_open_shell()
<192.168.100.66> <192.168.100.66> firing event: on_become
<192.168.100.66> <192.168.100.66> ssh connection has completed successfully
<192.168.100.66> connection to remote device started successfully
<192.168.100.66> local domain socket listeners started successfully
<192.168.100.66>
<192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
<192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
<192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
<192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
out = connection.get_config(flags=flags)
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
[DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
fatal: [Switch01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"after": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"backup": true,
"before": null,
"defaults": false,
"diff_against": null,
"diff_ignore_lines": null,
"force": false,
"host": null,
"intended_config": null,
"lines": null,
"match": "line",
"multiline_delimiter": "@",
"parents": null,
"password": null,
"port": null,
"provider": null,
"replace": "line",
"running_config": null,
"save": false,
"save_when": "never",
"src": null,
"ssh_keyfile": null,
"timeout": null,
"username": "ansible"
}
},
"msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
}
to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry
PLAY RECAP ****************************************************************************************************************************************************************************************************
SW01-01 : ok=0 changed=0 unreachable=0 failed=1
As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).
I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.
Some help would be so appreciated. Thanks.
cisco ansible ansible-playbook
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.
This is my playbook:
---
- hosts: Switches
gather_facts: no
connection: network_cli
tasks:
- name: save backup
ios_config:
username: "ansible"
authorize: yes
auth_pass: "ansiblepass"
backup: yes
register: config
This is my hosts file:
[Switches]
Switch01 ansible_host=192.168.100.66
[Switches:vars]
ansible_become=yes
ansible_become_method=enable
ansible_network_os=ios
ansible_user=ansible
ansible_ssh_pass=ansiblepass
ansible_authorize=yes
ansible_auth_pass=ansiblepass
And this is the error I'm getting:
ansible-playbook 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc
PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
1 plays in switches_backup.yaml.old
PLAY [Switches] ********************************************************************************************************************************************************************************************
META: ran handlers
TASK [save backup] ********************************************************************************************************************************************************************************************
task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
<192.168.100.66> attempting to start connection
<192.168.100.66> using connection plugin network_cli
<192.168.100.66> local domain socket does not exist, starting it
<192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
<192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
<192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
<192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
<192.168.100.66> <192.168.100.66> firing event: on_open_shell()
<192.168.100.66> <192.168.100.66> firing event: on_become
<192.168.100.66> <192.168.100.66> ssh connection has completed successfully
<192.168.100.66> connection to remote device started successfully
<192.168.100.66> local domain socket listeners started successfully
<192.168.100.66>
<192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
<192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
<192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
<192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
out = connection.get_config(flags=flags)
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
[DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
fatal: [Switch01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"after": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"backup": true,
"before": null,
"defaults": false,
"diff_against": null,
"diff_ignore_lines": null,
"force": false,
"host": null,
"intended_config": null,
"lines": null,
"match": "line",
"multiline_delimiter": "@",
"parents": null,
"password": null,
"port": null,
"provider": null,
"replace": "line",
"running_config": null,
"save": false,
"save_when": "never",
"src": null,
"ssh_keyfile": null,
"timeout": null,
"username": "ansible"
}
},
"msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
}
to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry
PLAY RECAP ****************************************************************************************************************************************************************************************************
SW01-01 : ok=0 changed=0 unreachable=0 failed=1
As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).
I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.
Some help would be so appreciated. Thanks.
cisco ansible ansible-playbook
cisco ansible ansible-playbook
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 5 hours ago
Kalero
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 6 hours ago
KaleroKalero
11
11
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Kalero is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956679%2fansible-against-cisco-switch-can-not-elevate-to-privileged-mode%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Kalero is a new contributor. Be nice, and check out our Code of Conduct.
Kalero is a new contributor. Be nice, and check out our Code of Conduct.
Kalero is a new contributor. Be nice, and check out our Code of Conduct.
Kalero is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956679%2fansible-against-cisco-switch-can-not-elevate-to-privileged-mode%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown