Hi,
*Short question:*
Can someone tell me the name of the variable that is used to pass the
privilege escalation password from Ansible Tower to a playbook?
*Long question (same question with more context):*
I'm taking a look at Ansible Tower (2.4.5) and one thing I'm interested in
is managing cisco switches. For that reason I have installed Ansible 2.1
on the server running Tower (I'm not sure of the advisability of that, but
this is an evaluation project and things seem to be working well
generally). The problem I have relates to authentication and privilege
escalation on the switches.
I have written an information gathering playbook to test authentication
from Tower and it works using credentials defined in Tower. My next step
is to add to the playbook to modify the configuration of the switch, but
that requires privilege escalation and I cannot see how to achieve that.
The script given below does not work because 'ansible_become_pass' is
undefined. If I hard code 'auth_pass' I know the playbook will run and I
am sure that I will be able to add additional code to modify the
configuration of the switch. But I want that password to come from the
credentials defined in Tower, so that's not a viable solution.
I have defined the Tower credentials to use 'su' for privilege escalation,
which is not true of course, but that at least gives me a place to put the
password. I was expecting this password to be available as
'ansible_become_pass', but as that seems not be the case. Does anyone know
how I can set 'auth_pass' to the value of the su password in the Tower
credentials?
*Playbook (contains error when setting 'auth_pass'):*
---
- hosts: cisco_switches
gather_facts: no
connection: local
tasks:
- name: DEFINE PROVIDER
set_fact:
provider:
host: "{{ inventory_hostname }}"
username: "{{ ansible_ssh_user }}"
password: "{{ ansible_ssh_pass }}"
auth_pass: "{{ ansible_become_pass }}"
- name: RUN 'SHOW VERSION'
ios_command:
provider: "{{ provider }}"
commands:
- show version
register: version
- debug: var=version.stdout_lines
Thanks in advance for any assistance or advice.
Regards,
David
PS, I have an additional, but less important question:
How can I add code to this playbook that displays all the variables that
are defined when it is run from Ansible Tower? I have tried various
approaches that I have googled, but they don't seem to work, possibly
because the device is a switch.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/8ef89793-ceb9-4749-80c0-39780884f3be%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
