Hello
Ansible version: 2.3.0.0
Python version = 2.7.13 (default, May 11 2017, 16:44:39) [GCC 4.4.7
20120313 (Red Hat 4.4.7-18)]
Host : CentOS release 6.9 (Final)
Paramiko version : 2.1.2
I'm trying to use ansible and ansible ios_command to execute a basic 'show
version' command on a cisco catalyst 6500 switch.
in my environment, the host running Ansible has private keys, and can
connect to Cisco devices without password just by public key
authentication. I can ssh to the Router_65 from host with no password.
basically when I run the adhoc ansible command : * ansible router_65 -m raw
-a 'show ver' -vvv*
this works well and I can see the output. I realized that the above adhoc
ansible command uses the default openssh client in OS.
But I would like to get better output in order to parse it. I looked at
ntc-ansible and ios_command modules.
I couldn't get any of these 2 working as they both are based on paramiko
(Python SSH agent). Paramiko seems to be the problem for me to get this
working.
to start I created a simple playbook:
*root@host/ansible cat show_ver.yml---- hosts: ios_devices gather_facts:
no connection: local tasks: - name: IOS | Show ver ios_command:
commands: - show version register: clock - debug: msg="{{
clock.stdout }}"*
I use the below command to run the playbook to get more details :
*ansible-playbook --ssh-extra-args='-o ProxyCommand="ssh myuser@router_65
"' /root/ansible/show_ver.yml -e
"ansible_python_interpreter=/usr/local/bin/python2.7" -vvvvvafter running
this command it doesnt work and I get such details in ansible log file
whcih I have specified in /etc/ansible/ansible.cfg p=27867 u=root | META:
ran handlers p=27867 u=root | TASK [IOS | Show ver]
******************************************************************************************************************************************************************************
p=27867
u=root | task path: /root/ansible/show_ver.yml:28 p=27876 u=root |
creating new control socket for host Router_65:22 as user None p=27876
u=root | control socket path is /root/.ansible/pc/30936bbb76 p=27876
u=root | current working directory is /root/ansible p=27876 u=root |
using connection plugin network_cli paramiko.transport starting thread
(client mode): 0x78c7f250L paramiko.transport Local version/idstring:
SSH-2.0-paramiko_2.1.2 paramiko.transport Banner:
Router_65#SSH-2.0-paramiko_2.1.2 paramiko.transport Banner: Translating
"SSH-2.0-paramiko_2.1.2" paramiko.transport Banner: % Unknown command or
computer name, or unable to find computer address paramiko.transport
Banner: Router_65# paramiko.transport Exception: Error reading SSH protocol
banner paramiko.transport Traceback (most recent call
last): paramiko.transport File
"/usr/local/lib/python2.7/site-packages/paramiko/transport.py", line 1749,
in run paramiko.transport self._check_banner() paramiko.transport
File "/usr/local/lib/python2.7/site-packages/paramiko/transport.py", line
1897, in _check_banner paramiko.transport raise SSHException('Error
reading SSH protocol banner' + str(e)) paramiko.transport SSHException:
Error reading SSH protocol banner paramiko.transport p=27876 u=root |
connecting to host Router_65 returned an error p=27876 u=root | Error
reading SSH protocol banner p=27876 u=root | number of connection attempts
exceeded, unable to connect to control socket p=27876 u=root |
persistent_connect_interval=1, persistent_connect_retries=30 p=27867 u=root
| fatal: [Router_65]: FAILED! => { "changed": false, "failed":
true, "msg": "unable to open shell. Please see:
https://docs.ansible.com/ansible/network_debug_troubleshooting.html#unable-to-open-shell",
"rc": 255}2017-05-22 15:00:47,816 p=27867 u=root | to retry, use:
--limit @/root/ansible/show_ver.retryThe error which I'm getting is from
paramiko. I tried to play in transport.py and pakcte.py of paramiko, but
still I dotn understand the logoc of cheking the SSH Banner.the cisco
device had a banner motd , however I have disabled that to make it easier
to debug. any thoughts appriciated.ThanksReza Toghraee*
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/cafc6072-8ba7-4ea0-95b4-383706fb91e0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.