Ansible against Cisco switch: Can not elevate to privileged modeAnsible Fails to Authenticate Sudo Even When...

Can you 'upgrade' leather armor to studded leather armor without purchasing the new armor directly?

Sometimes a banana is just a banana

Multiplication via squaring and addition

The change directory (cd) command is not working with a USB drive

How to speed up a process

What is the difference between throw e and throw new Exception(e)?

How can I be pwned if I'm not registered on that site?

Compare four integers, return word based on maximum

Creature spells vs. ability to convert a permanent into a creature

What is the wife of a henpecked husband called?

Why zero tolerance on nudity in space?

Does music exist in Panem? And if so, what kinds of music?

I can't die. Who am I?

Where was Karl Mordo in Infinity War?

Is there any relevance to Thor getting his hair cut other than comedic value?

How to count occurrences of Friday 13th

Six real numbers so that product of any five is the sixth one

What is the difference between ashamed and shamed?

I am on the US no-fly list. What can I do in order to be allowed on flights which go through US airspace?

How to avoid being sexist when trying to employ someone to function in a very sexist environment?

Exponential growth/decay formula: what happened to the other constant of integration?

Why does Starman/Roadster have radial acceleration?

Can chords be played on the flute?

How do ISS astronauts "get their stripes"?



Ansible against Cisco switch: Can not elevate to privileged mode


Ansible Fails to Authenticate Sudo Even When Sudo Pass is GivenWhy is ansible notify not working?What is reasonable performance for a simple Ansible playbook against ~100 hosts?Ansible can't git clone from enterprise git serverAnsible: leave password unchanged when not setAnsible not restarting service correctlyVARIABLE IS NOT DEFINED ! response from API Call in AnsibleAnsible throwing errors while installing packages via apt and yumAnsible Playbook running locally but unable to ssh to host via AWXHow can I abstract away Ansible roles?













0















I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.



This is my playbook:



---
- hosts: Switches
gather_facts: no
connection: network_cli

tasks:

- name: save backup
ios_config:
username: "ansible"
authorize: yes
auth_pass: "ansiblepass"
backup: yes
register: config


This is my hosts file:



[Switches]
Switch01 ansible_host=192.168.100.66

[Switches:vars]
ansible_become=yes
ansible_become_method=enable
ansible_network_os=ios
ansible_user=ansible
ansible_ssh_pass=ansiblepass
ansible_authorize=yes
ansible_auth_pass=ansiblepass


And this is the error I'm getting:



ansible-playbook 2.7.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Set default localhost to localhost
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
1 plays in switches_backup.yaml.old

PLAY [Switches] ********************************************************************************************************************************************************************************************
META: ran handlers

TASK [save backup] ********************************************************************************************************************************************************************************************
task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
<192.168.100.66> attempting to start connection
<192.168.100.66> using connection plugin network_cli
<192.168.100.66> local domain socket does not exist, starting it
<192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
<192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
<192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
<192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
<192.168.100.66> <192.168.100.66> firing event: on_open_shell()
<192.168.100.66> <192.168.100.66> firing event: on_become
<192.168.100.66> <192.168.100.66> ssh connection has completed successfully
<192.168.100.66> connection to remote device started successfully
<192.168.100.66> local domain socket listeners started successfully
<192.168.100.66>
<192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
<192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
<192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
<192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
<192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
<192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
out = connection.get_config(flags=flags)
File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)

[DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
fatal: [Switch01]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"after": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"backup": true,
"before": null,
"defaults": false,
"diff_against": null,
"diff_ignore_lines": null,
"force": false,
"host": null,
"intended_config": null,
"lines": null,
"match": "line",
"multiline_delimiter": "@",
"parents": null,
"password": null,
"port": null,
"provider": null,
"replace": "line",
"running_config": null,
"save": false,
"save_when": "never",
"src": null,
"ssh_keyfile": null,
"timeout": null,
"username": "ansible"
}
},
"msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
}
to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry

PLAY RECAP ****************************************************************************************************************************************************************************************************
SW01-01 : ok=0 changed=0 unreachable=0 failed=1


As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).



I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.



Some help would be so appreciated. Thanks.










share|improve this question









New contributor




Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0















    I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.



    This is my playbook:



    ---
    - hosts: Switches
    gather_facts: no
    connection: network_cli

    tasks:

    - name: save backup
    ios_config:
    username: "ansible"
    authorize: yes
    auth_pass: "ansiblepass"
    backup: yes
    register: config


    This is my hosts file:



    [Switches]
    Switch01 ansible_host=192.168.100.66

    [Switches:vars]
    ansible_become=yes
    ansible_become_method=enable
    ansible_network_os=ios
    ansible_user=ansible
    ansible_ssh_pass=ansiblepass
    ansible_authorize=yes
    ansible_auth_pass=ansiblepass


    And this is the error I'm getting:



    ansible-playbook 2.7.0
    config file = /etc/ansible/ansible.cfg
    configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
    ansible python module location = /usr/lib/python2.7/dist-packages/ansible
    executable location = /usr/bin/ansible-playbook
    python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
    Using /etc/ansible/ansible.cfg as config file
    setting up inventory plugins
    Set default localhost to localhost
    Parsed /etc/ansible/hosts inventory source with ini plugin
    Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

    PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
    1 plays in switches_backup.yaml.old

    PLAY [Switches] ********************************************************************************************************************************************************************************************
    META: ran handlers

    TASK [save backup] ********************************************************************************************************************************************************************************************
    task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
    <192.168.100.66> attempting to start connection
    <192.168.100.66> using connection plugin network_cli
    <192.168.100.66> local domain socket does not exist, starting it
    <192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
    <192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
    <192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
    <192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
    <192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
    <192.168.100.66> <192.168.100.66> firing event: on_open_shell()
    <192.168.100.66> <192.168.100.66> firing event: on_become
    <192.168.100.66> <192.168.100.66> ssh connection has completed successfully
    <192.168.100.66> connection to remote device started successfully
    <192.168.100.66> local domain socket listeners started successfully
    <192.168.100.66>
    <192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
    <192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
    <192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
    Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
    <192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
    <192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
    <192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
    <192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
    The full traceback is:
    WARNING: The below traceback may *not* be related to the actual failure.
    File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
    out = connection.get_config(flags=flags)
    File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
    raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)

    [DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
    deprecation_warnings=False in ansible.cfg.
    [DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
    deprecation_warnings=False in ansible.cfg.
    fatal: [Switch01]: FAILED! => {
    "changed": false,
    "invocation": {
    "module_args": {
    "after": null,
    "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
    "authorize": true,
    "backup": true,
    "before": null,
    "defaults": false,
    "diff_against": null,
    "diff_ignore_lines": null,
    "force": false,
    "host": null,
    "intended_config": null,
    "lines": null,
    "match": "line",
    "multiline_delimiter": "@",
    "parents": null,
    "password": null,
    "port": null,
    "provider": null,
    "replace": "line",
    "running_config": null,
    "save": false,
    "save_when": "never",
    "src": null,
    "ssh_keyfile": null,
    "timeout": null,
    "username": "ansible"
    }
    },
    "msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
    }
    to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry

    PLAY RECAP ****************************************************************************************************************************************************************************************************
    SW01-01 : ok=0 changed=0 unreachable=0 failed=1


    As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).



    I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.



    Some help would be so appreciated. Thanks.










    share|improve this question









    New contributor




    Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.



      This is my playbook:



      ---
      - hosts: Switches
      gather_facts: no
      connection: network_cli

      tasks:

      - name: save backup
      ios_config:
      username: "ansible"
      authorize: yes
      auth_pass: "ansiblepass"
      backup: yes
      register: config


      This is my hosts file:



      [Switches]
      Switch01 ansible_host=192.168.100.66

      [Switches:vars]
      ansible_become=yes
      ansible_become_method=enable
      ansible_network_os=ios
      ansible_user=ansible
      ansible_ssh_pass=ansiblepass
      ansible_authorize=yes
      ansible_auth_pass=ansiblepass


      And this is the error I'm getting:



      ansible-playbook 2.7.0
      config file = /etc/ansible/ansible.cfg
      configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
      ansible python module location = /usr/lib/python2.7/dist-packages/ansible
      executable location = /usr/bin/ansible-playbook
      python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
      Using /etc/ansible/ansible.cfg as config file
      setting up inventory plugins
      Set default localhost to localhost
      Parsed /etc/ansible/hosts inventory source with ini plugin
      Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

      PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
      1 plays in switches_backup.yaml.old

      PLAY [Switches] ********************************************************************************************************************************************************************************************
      META: ran handlers

      TASK [save backup] ********************************************************************************************************************************************************************************************
      task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
      <192.168.100.66> attempting to start connection
      <192.168.100.66> using connection plugin network_cli
      <192.168.100.66> local domain socket does not exist, starting it
      <192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
      <192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
      <192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
      <192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
      <192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
      <192.168.100.66> <192.168.100.66> firing event: on_open_shell()
      <192.168.100.66> <192.168.100.66> firing event: on_become
      <192.168.100.66> <192.168.100.66> ssh connection has completed successfully
      <192.168.100.66> connection to remote device started successfully
      <192.168.100.66> local domain socket listeners started successfully
      <192.168.100.66>
      <192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
      <192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
      <192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
      Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
      <192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
      <192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
      <192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
      <192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
      The full traceback is:
      WARNING: The below traceback may *not* be related to the actual failure.
      File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
      out = connection.get_config(flags=flags)
      File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
      raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)

      [DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
      deprecation_warnings=False in ansible.cfg.
      [DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
      deprecation_warnings=False in ansible.cfg.
      fatal: [Switch01]: FAILED! => {
      "changed": false,
      "invocation": {
      "module_args": {
      "after": null,
      "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
      "authorize": true,
      "backup": true,
      "before": null,
      "defaults": false,
      "diff_against": null,
      "diff_ignore_lines": null,
      "force": false,
      "host": null,
      "intended_config": null,
      "lines": null,
      "match": "line",
      "multiline_delimiter": "@",
      "parents": null,
      "password": null,
      "port": null,
      "provider": null,
      "replace": "line",
      "running_config": null,
      "save": false,
      "save_when": "never",
      "src": null,
      "ssh_keyfile": null,
      "timeout": null,
      "username": "ansible"
      }
      },
      "msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
      }
      to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry

      PLAY RECAP ****************************************************************************************************************************************************************************************************
      SW01-01 : ok=0 changed=0 unreachable=0 failed=1


      As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).



      I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.



      Some help would be so appreciated. Thanks.










      share|improve this question









      New contributor




      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I'm trying to make a backup of a Cisco switch using Ansible and I notice it's not doing it in privileged mode.



      This is my playbook:



      ---
      - hosts: Switches
      gather_facts: no
      connection: network_cli

      tasks:

      - name: save backup
      ios_config:
      username: "ansible"
      authorize: yes
      auth_pass: "ansiblepass"
      backup: yes
      register: config


      This is my hosts file:



      [Switches]
      Switch01 ansible_host=192.168.100.66

      [Switches:vars]
      ansible_become=yes
      ansible_become_method=enable
      ansible_network_os=ios
      ansible_user=ansible
      ansible_ssh_pass=ansiblepass
      ansible_authorize=yes
      ansible_auth_pass=ansiblepass


      And this is the error I'm getting:



      ansible-playbook 2.7.0
      config file = /etc/ansible/ansible.cfg
      configured module search path = [u'/home/acalero/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
      ansible python module location = /usr/lib/python2.7/dist-packages/ansible
      executable location = /usr/bin/ansible-playbook
      python version = 2.7.9 (default, Sep 25 2018, 20:42:16) [GCC 4.9.2]
      Using /etc/ansible/ansible.cfg as config file
      setting up inventory plugins
      Set default localhost to localhost
      Parsed /etc/ansible/hosts inventory source with ini plugin
      Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc

      PLAYBOOK: switches_backup.yaml.old ****************************************************************************************************************************************************************************
      1 plays in switches_backup.yaml.old

      PLAY [Switches] ********************************************************************************************************************************************************************************************
      META: ran handlers

      TASK [save backup] ********************************************************************************************************************************************************************************************
      task path: /home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.old:8
      <192.168.100.66> attempting to start connection
      <192.168.100.66> using connection plugin network_cli
      <192.168.100.66> local domain socket does not exist, starting it
      <192.168.100.66> control socket path is /home/acalero/.ansible/pc/d8fb3c670b
      <192.168.100.66> <192.168.100.66> ESTABLISH CONNECTION FOR USER: ansible on PORT 22 TO 192.168.100.66
      <192.168.100.66> <192.168.100.66> ssh connection done, setting terminal
      <192.168.100.66> <192.168.100.66> loaded terminal plugin for network_os ios
      <192.168.100.66> <192.168.100.66> loaded cliconf plugin for network_os ios
      <192.168.100.66> <192.168.100.66> firing event: on_open_shell()
      <192.168.100.66> <192.168.100.66> firing event: on_become
      <192.168.100.66> <192.168.100.66> ssh connection has completed successfully
      <192.168.100.66> connection to remote device started successfully
      <192.168.100.66> local domain socket listeners started successfully
      <192.168.100.66>
      <192.168.100.66> local domain socket path is /home/acalero/.ansible/pc/d8fb3c670b
      <192.168.100.66> ESTABLISH LOCAL CONNECTION FOR USER: acalero
      <192.168.100.66> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" && echo ansible-tmp-1551716732.29-125541186030584="` echo /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584 `" ) && sleep 0'
      Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_config.py
      <192.168.100.66> PUT /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/tmpGBmqu8 TO /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py
      <192.168.100.66> EXEC /bin/sh -c 'chmod u+x /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
      <192.168.100.66> EXEC /bin/sh -c '/usr/bin/python /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/AnsiballZ_ios_config.py && sleep 0'
      <192.168.100.66> EXEC /bin/sh -c 'rm -f -r /home/acalero/.ansible/tmp/ansible-local-20795jNEN9Z/ansible-tmp-1551716732.29-125541186030584/ > /dev/null 2>&1 && sleep 0'
      The full traceback is:
      WARNING: The below traceback may *not* be related to the actual failure.
      File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/network/ios/ios.py", line 114, in get_config
      out = connection.get_config(flags=flags)
      File "/tmp/ansible_ios_config_payload_o28p8l/ansible_ios_config_payload.zip/ansible/module_utils/connection.py", line 173, in __rpc__
      raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)

      [DEPRECATION WARNING]: Param 'username' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
      deprecation_warnings=False in ansible.cfg.
      [DEPRECATION WARNING]: Param 'auth_pass' is deprecated. See the module docs for more information. This feature will be removed in version 2.9. Deprecation warnings can be disabled by setting
      deprecation_warnings=False in ansible.cfg.
      fatal: [Switch01]: FAILED! => {
      "changed": false,
      "invocation": {
      "module_args": {
      "after": null,
      "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
      "authorize": true,
      "backup": true,
      "before": null,
      "defaults": false,
      "diff_against": null,
      "diff_ignore_lines": null,
      "force": false,
      "host": null,
      "intended_config": null,
      "lines": null,
      "match": "line",
      "multiline_delimiter": "@",
      "parents": null,
      "password": null,
      "port": null,
      "provider": null,
      "replace": "line",
      "running_config": null,
      "save": false,
      "save_when": "never",
      "src": null,
      "ssh_keyfile": null,
      "timeout": null,
      "username": "ansible"
      }
      },
      "msg": "show running-configrn ^rn% Invalid input detected at '^' marker.rnrnSwitch01#"
      }
      to retry, use: --limit @/home/acalero/ansible-playbooks/switches_backup/switches_backup.yaml.retry

      PLAY RECAP ****************************************************************************************************************************************************************************************************
      SW01-01 : ok=0 changed=0 unreachable=0 failed=1


      As you can see, the error message is indicating "show running-config" command can not be executed (I tried that after logging in the Cisco switch with the same user, without privileges, and I got the same message; after giving privileges to that user, the command could be executed successfully).



      I tried to add some variables like ansible_authorize or ansible_auth_pass in my hosts file in order the user could have privileges while the playbook runs, as I read in some website, but it's not working.



      Some help would be so appreciated. Thanks.







      cisco ansible ansible-playbook






      share|improve this question









      New contributor




      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited 5 hours ago







      Kalero













      New contributor




      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 6 hours ago









      KaleroKalero

      11




      11




      New contributor




      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Kalero is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "2"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Kalero is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956679%2fansible-against-cisco-switch-can-not-elevate-to-privileged-mode%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          Kalero is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          Kalero is a new contributor. Be nice, and check out our Code of Conduct.













          Kalero is a new contributor. Be nice, and check out our Code of Conduct.












          Kalero is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Server Fault!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956679%2fansible-against-cisco-switch-can-not-elevate-to-privileged-mode%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          As a Security Precaution, the user account has been locked The Next CEO of Stack OverflowMS...

          117736 Шеррод Примітки | Див. також | Посилання | Навігаційне...

          Маріан Котлеба Зміст Життєпис | Політичні погляди |...