Hi,

 

*Short question:*

 

Can someone tell me the name of the variable that is used to pass the 
privilege escalation password from Ansible Tower to a playbook?

 

*Long question (same question with more context):*

 

I'm taking a look at Ansible Tower (2.4.5) and one thing I'm interested in 
is managing cisco switches.  For that reason I have installed Ansible 2.1 
on the server running Tower (I'm not sure of the advisability of that, but 
this is an evaluation project and things seem to be working well 
generally).  The problem I have relates to authentication and privilege 
escalation on the switches.

 

I have written an information gathering playbook to test authentication 
from Tower and it works using credentials defined in Tower.  My next step 
is to add to the playbook to modify the configuration of the switch, but 
that requires privilege escalation and I cannot see how to achieve that.

 

The script given below does not work because 'ansible_become_pass' is 
undefined.  If I hard code 'auth_pass' I know the playbook will run and I 
am sure that I will be able to add additional code to modify the 
configuration of the switch.  But I want that password to come from the 
credentials defined in Tower, so that's not a viable solution.


I have defined the Tower credentials to use 'su' for privilege escalation, 
which is not true of course, but that at least gives me a place to put the 
password.  I was expecting this password to be available as 
'ansible_become_pass', but as that seems not be the case.  Does anyone know 
how I can set 'auth_pass' to the value of the su password in the Tower 
credentials?

 

*Playbook (contains error when setting 'auth_pass'):*

 
---

- hosts: cisco_switches 
  gather_facts: no 
  connection: local 

  tasks: 
    - name: DEFINE PROVIDER 
      set_fact: 
        provider: 
          host: "{{ inventory_hostname }}" 
          username: "{{ ansible_ssh_user }}" 
          password: "{{ ansible_ssh_pass }}" 
          auth_pass: "{{ ansible_become_pass }}" 

    - name: RUN 'SHOW VERSION' 
      ios_command: 
        provider: "{{ provider }}" 
        commands: 
          - show version 
      register: version 

    - debug: var=version.stdout_lines


 

Thanks in advance for any assistance or advice.

 

Regards,

David

 

PS, I have an additional, but less important question:

 

How can I add code to this playbook that displays all the variables that 
are defined when it is run from Ansible Tower?  I have tried various 
approaches that I have googled, but they don't seem to work, possibly 
because the device is a switch.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8ef89793-ceb9-4749-80c0-39780884f3be%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to