Hey Peter, was this what you mean by the asa_facts module? https://github.com/ansible/ansible/pull/37298
It looks like it's not included yet On Saturday, May 19, 2018 at 12:59:02 AM UTC-5, Matt Hickok wrote: > > Yea, I figured out point 1 eventually. > > As for ansible_network_os, I couldn't find that documentation anywhere as > to the different options. I eventually guessed asa and it worked, but is it > documented? > > And where is the information on asa_facts? I could only find ios_facts. > There were 3 different asa modules listed but none of them are _facts > > Thank you! > > On Friday, May 18, 2018 at 9:25:51 PM UTC-5, Peter Sprygada wrote: >> >> Few things that need to be corrected here.... >> >> 1) use connection=network_cli >> >> 2) set the ansible_network_os=asa >> >> 3) use the asa_facts module, not ios_facts >> >> http://docs.ansible.com/ansible/latest/network/index.html >> >> >> >> On Fri, May 18, 2018 at 4:18 PM, Matt Hickok <[email protected]> >> wrote: >> >>> Also, I just turned on debug and this is what I see: >>> >>> 1492 1526674321.92274: stderr chunk (state=3): >>> >>>debug3: receive packet: type 91 >>> debug2: callback start >>> debug2: client_session2_setup: id 2 >>> debug1: Sending environment. >>> debug1: Sending env LANG = en_US.UTF-8 >>> debug2: channel 2: request env confirm 0 >>> debug3: send packet: type 98 >>> debug1: Sending command: /bin/sh -c 'echo ~ && sleep 0' >>> debug2: channel 2: request exec confirm 1 >>> debug3: send packet: type 98 >>> debug3: mux_session_confirm: sending success reply >>> debug2: callback done >>> debug2: channel 2: open confirm rwindow 1024 rmax 4096 >>> debug1: mux_client_request_session: master session id: 2 >>> <<< >>> >>> 1492 1526674321.95154: stderr chunk (state=3): >>> >>>debug3: receive packet: type 99 >>> debug2: channel_input_status_confirm: type 99 id 2 >>> debug2: exec request accepted on channel 2 >>> <<< >>> >>> 1492 1526674321.95220: stdout chunk (state=3): >>> >>>Type help or '?' for a list of available commands. >>> ciscoasa> /b<<< >>> >>> 1492 1526674321.95442: stdout chunk (state=3): >>> >>>in/sh -c 'echo ~ &&<<< >>> >>> 1492 1526674321.97577: stdout chunk (state=3): >>> >>> sleep 0'<<< >>> >>> 1492 1526674366.99164: stderr chunk (state=3): >>> >>>debug3: send packet: type 1 >>> <<< >>> >>> 1492 1526674366.99776: stderr chunk (state=3): >>> >>>debug1: channel 0: free: /root/.ansible/cp/a0709b0bd0, nchannels 3 >>> debug3: channel 0: status: The following connections are open: >>> #1 mux-control (t16 r2 i0/0 o0/0 fd 5/5 cc -1) >>> #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1) >>> >>> debug1: channel 1: free: mux-control, nchannels 2 >>> debug3: channel 1: status: The following connections are open: >>> #1 mux-control (t16 r2 i0/0 o0/0 fd 5/5 cc -1) >>> #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1) >>> >>> debug1: channel 2: free: client-session, nchannels 1 >>> debug3: channel 2: status: The following connections are open: >>> #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1) >>> >>> debug3: fd 0 is not O_NONBLOCK >>> debug3: fd 1 is not O_NONBLOCK >>> debug1: fd 2 clearing O_NONBLOCK >>> Connection to 10.0.2.5 closed by remote host. >>> Transferred: sent 2072, received 1984 bytes, in 45.1 seconds >>> Bytes per second: sent 45.9, received 44.0 >>> debug1: Exit status -1 >>> debug3: mux_client_read_packet: read header failed: Broken pipe >>> debug2: Control master terminated unexpectedly >>> <<< >>> >>> 1492 1526674367.01129: stderr chunk (state=3): >>> >>><<< >>> >>> 1492 1526674367.01299: stdout chunk (state=3): >>> >>><<< >>> >>> >>> >>> On Friday, May 18, 2018 at 3:11:07 PM UTC-5, Matt Hickok wrote: >>>> >>>> Hey folks, I'm trying to gather some facts from a Cisco ASA. The ASA is >>>> configured as simply as possible and here are the relevant settings for >>>> the >>>> ASA >>>> >>>> ASA Software Version: 9.2(2) >>>> Hardware: ASA5515 >>>> Management IP: 10.0.2.5 >>>> SSH DH Key Exchange: Group 1 (diffie-hellman-group1-sha1) >>>> >>>> I made sure that I can SSH into the device directly from the Ansible VM >>>> before anything, and this was sucessful. >>>> >>>> Ansible version is 2.5.2 (being run using the official ansible awx >>>> docker images) >>>> >>>> Here is my inventory: >>>> >>>> [cisco] >>>> 10.0.2.5 >>>> >>>> [cisco:vars] >>>> ansible_user=myuseraccount >>>> ansible_ssh_pass=mypass >>>> ansible_ssh_common_args: '-o KexAlgorithms=diffie-hellman-group1-sha1' >>>> >>>> Here is my playbook: >>>> --- >>>> - hosts: cisco >>>> tasks: >>>> - name: "ssh facts" >>>> ios_facts: >>>> >>>> So it is incredibly basic. Now the error I am getting is that the >>>> device is unreachable, but it looks like some sot of ssh multiplexing >>>> error. I don't really know how to read these logs. >>>> >>>> fatal: [10.0.2.5]: UNREACHABLE! => { >>>> "changed": false, >>>> "msg": "Failed to connect to the host via ssh: OpenSSH_7.4p1, >>>> OpenSSL 1.0.2k-fips 26 Jan 2017\r\ndebug1: Reading configuration data >>>> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 58: Applying >>>> options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: >>>> Control socket \"/root/.ansible/cp/a0709b0bd0\" does not exist\r\ndebug2: >>>> resolving \"10.0.2.5\" port 22\r\ndebug2: ssh_connect_direct: needpriv >>>> 0\r\ndebug1: Connecting to 10.0.2.5 [10.0.2.5] port 22.\r\ndebug2: fd 3 >>>> setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: >>>> Connection established.\r\ndebug3: timeout: 9970 ms remain after >>>> connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No >>>> such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa type >>>> -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: >>>> identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: key_load_public: >>>> No >>>> such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type >>>> -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: >>>> identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: key_load_public: >>>> No >>>> such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa type >>>> -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: >>>> identity file /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: key_load_public: >>>> No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519 >>>> type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: >>>> identity file /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Enabling >>>> compatibility mode for protocol 2.0\r\ndebug1: Local version string >>>> SSH-2.0-OpenSSH_7.4\r\ndebug1: Remote protocol version 1.99, remote >>>> software version Cisco-1.25\r\ndebug1: match: Cisco-1.25 pat Cisco-1.* >>>> compat 0x60000000\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: >>>> Authenticating to 10.0.2.5:22 as 'username'\r\ndebug3: >>>> hostkeys_foreach: reading file \"/root/.ssh/known_hosts\"\r\ndebug3: >>>> record_hostkey: found key type RSA in file >>>> /root/.ssh/known_hosts:2\r\ndebug3: load_hostkeys: loaded 1 keys from >>>> 10.0.2.5\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: >>>> [email protected],rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug3: >>>> send packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT sent\r\ndebug3: receive >>>> packet: type 20\r\ndebug1: SSH2_MSG_KEXINIT received\r\ndebug2: local >>>> client KEXINIT proposal\r\ndebug2: KEX algorithms: curve25519-sha256, >>>> [email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c\r\ndebug2: >>>> >>>> host key algorithms: [email protected] >>>> ,rsa-sha2-512,rsa-sha2-256,ssh-rsa, >>>> [email protected], >>>> [email protected], >>>> [email protected], >>>> [email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss\r\ndebug2: >>>> >>>> ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr, >>>> [email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc\r\ndebug2: >>>> >>>> ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr, >>>> [email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc\r\ndebug2: >>>> >>>> MACs ctos: [email protected],[email protected], >>>> [email protected],[email protected], >>>> [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: >>>> >>>> MACs stoc: [email protected],[email protected], >>>> [email protected],[email protected], >>>> [email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: >>>> >>>> compression ctos: [email protected],zlib,none\r\ndebug2: compression >>>> stoc: [email protected],zlib,none\r\ndebug2: languages ctos: >>>> \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: >>>> reserved 0 \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX >>>> algorithms: diffie-hellman-group1-sha1\r\ndebug2: host key algorithms: >>>> ssh-rsa\r\ndebug2: ciphers ctos: >>>> 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr\r\ndebug2: >>>> >>>> ciphers stoc: >>>> 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr\r\ndebug2: >>>> >>>> MACs ctos: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96\r\ndebug2: MACs >>>> stoc: hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96\r\ndebug2: compression >>>> ctos: none\r\ndebug2: compression stoc: none\r\ndebug2: languages ctos: >>>> \r\ndebug2: languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: >>>> reserved 0 \r\ndebug1: kex: algorithm: >>>> diffie-hellman-group1-sha1\r\ndebug1: kex: host key algorithm: >>>> ssh-rsa\r\ndebug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 >>>> compression: none\r\ndebug1: kex: client->server cipher: aes128-ctr MAC: >>>> hmac-sha1 compression: none\r\ndebug1: kex: diffie-hellman-group1-sha1 >>>> need=20 dh_need=20\r\ndebug1: kex: diffie-hellman-group1-sha1 need=20 >>>> dh_need=20\r\ndebug1: sending SSH2_MSG_KEXDH_INIT\r\ndebug2: bits set: >>>> 519/1024\r\ndebug3: send packet: type 30\r\ndebug1: expecting >>>> SSH2_MSG_KEXDH_REPLY\r\ndebug3: receive packet: type 31\r\ndebug1: Server >>>> host key: ssh-rsa >>>> SHA256:WtXW5XP28po8AiO/FtGdKkUB1eNblXwfxN99jmMmxys\r\ndebug3: >>>> hostkeys_foreach: reading file \"/root/.ssh/known_hosts\"\r\ndebug3: >>>> record_hostkey: found key type RSA in file >>>> /root/.ssh/known_hosts:2\r\ndebug3: load_hostkeys: loaded 1 keys from >>>> 10.0.2.5\r\ndebug1: Host '10.0.2.5' is known and matches the RSA host >>>> key.\r\ndebug1: Found key in /root/.ssh/known_hosts:2\r\ndebug2: bits set: >>>> 525/1024\r\ndebug3: send packet: type 21\r\ndebug2: set_newkeys: mode >>>> 1\r\ndebug1: rekey after 4294967296 blocks\r\ndebug1: SSH2_MSG_NEWKEYS >>>> sent\r\ndebug1: expecting SSH2_MSG_NEWKEYS\r\ndebug3: receive packet: type >>>> 21\r\ndebug1: SSH2_MSG_NEWKEYS received\r\ndebug2: set_newkeys: mode >>>> 0\r\ndebug1: rekey after 4294967296 blocks\r\ndebug2: key: >>>> /root/.ssh/id_rsa ((nil))\r\ndebug2: key: /root/.ssh/id_dsa >>>> ((nil))\r\ndebug2: key: /root/.ssh/id_ecdsa ((nil))\r\ndebug2: key: >>>> /root/.ssh/id_ed25519 ((nil))\r\ndebug3: send packet: type 5\r\ndebug3: >>>> receive packet: type 6\r\ndebug2: service_accept: ssh-userauth\r\ndebug1: >>>> SSH2_MSG_SERVICE_ACCEPT received\r\ndebug3: send packet: type >>>> 50\r\ndebug3: >>>> receive packet: type 51\r\ndebug1: Authentications that can continue: >>>> publickey,password\r\ndebug3: start over, passed a different list >>>> publickey,password\r\ndebug3: preferred >>>> gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password\r\ndebug3: >>>> >>>> authmethod_lookup publickey\r\ndebug3: remaining preferred: >>>> keyboard-interactive,password\r\ndebug3: authmethod_is_enabled >>>> publickey\r\ndebug1: Next authentication method: publickey\r\ndebug1: >>>> Trying private key: /root/.ssh/id_rsa\r\ndebug3: no such identity: >>>> /root/.ssh/id_rsa: No such file or directory\r\ndebug1: Trying private >>>> key: >>>> /root/.ssh/id_dsa\r\ndebug3: no such identity: /root/.ssh/id_dsa: No such >>>> file or directory\r\ndebug1: Trying private key: >>>> /root/.ssh/id_ecdsa\r\ndebug3: no such identity: /root/.ssh/id_ecdsa: No >>>> such file or directory\r\ndebug1: Trying private key: >>>> /root/.ssh/id_ed25519\r\ndebug3: no such identity: /root/.ssh/id_ed25519: >>>> No such file or directory\r\ndebug2: we did not send a packet, disable >>>> method\r\ndebug3: authmethod_lookup password\r\ndebug3: remaining >>>> preferred: ,password\r\ndebug3: authmethod_is_enabled password\r\ndebug1: >>>> Next authentication method: password\r\ndebug3: send packet: type >>>> 50\r\ndebug2: we sent a password packet, wait for reply\r\ndebug3: receive >>>> packet: type 52\r\ndebug1: Authentication succeeded >>>> (password).\r\nAuthenticated to 10.0.2.5 ([10.0.2.5]:22).\r\ndebug1: >>>> setting up multiplex master socket\r\ndebug3: muxserver_listen: temporary >>>> control path /root/.ansible/cp/a0709b0bd0.cAe9DrGmRT8viyNa\r\ndebug2: fd 4 >>>> setting O_NONBLOCK\r\ndebug3: fd 4 is O_NONBLOCK\r\ndebug3: fd 4 is >>>> O_NONBLOCK\r\ndebug1: channel 0: new >>>> [/root/.ansible/cp/a0709b0bd0]\r\ndebug3: muxserver_listen: mux listener >>>> channel 0 fd 4\r\ndebug2: fd 3 setting TCP_NODELAY\r\ndebug3: >>>> ssh_packet_set_tos: set IP_TOS 0x08\r\ndebug1: control_persist_detach: >>>> backgrounding master process\r\ndebug2: control_persist_detach: background >>>> process is 1418\r\ndebug2: fd 4 setting O_NONBLOCK\r\ndebug1: forking to >>>> background\r\ndebug1: Entering interactive session.\r\ndebug1: pledge: >>>> id\r\ndebug2: set_control_persist_exit_time: schedule exit in 60 >>>> seconds\r\ndebug1: multiplexing control connection\r\ndebug2: fd 5 setting >>>> O_NONBLOCK\r\ndebug3: fd 5 is O_NONBLOCK\r\ndebug1: channel 1: new >>>> [mux-control]\r\ndebug3: channel_post_mux_listener: new mux channel 1 fd >>>> 5\r\ndebug3: mux_master_read_cb: channel 1: hello sent\r\ndebug2: >>>> set_control_persist_exit_time: cancel scheduled exit\r\ndebug3: >>>> mux_master_read_cb: channel 1 packet type 0x00000001 len 4\r\ndebug2: >>>> process_mux_master_hello: channel 1 slave version 4\r\ndebug2: >>>> mux_client_hello_exchange: master version 4\r\ndebug3: >>>> mux_client_forwards: >>>> request forwardings: 0 local, 0 remote\r\ndebug3: >>>> mux_client_request_session: entering\r\ndebug3: mux_client_request_alive: >>>> entering\r\ndebug3: mux_master_read_cb: channel 1 packet type 0x10000004 >>>> len 4\r\ndebug2: process_mux_alive_check: channel 1: alive >>>> check\r\ndebug3: >>>> mux_client_request_alive: done pid = 1420\r\ndebug3: >>>> mux_client_request_session: session request sent\r\ndebug3: >>>> mux_master_read_cb: channel 1 packet type 0x10000002 len 91\r\ndebug2: >>>> process_mux_new_session: channel 1: request tty 0, X 0, agent 0, subsys 0, >>>> term \"xterm\", cmd \"/bin/sh -c 'echo ~ && sleep 0'\", env 1\r\ndebug3: >>>> process_mux_new_session: got fds stdin 6, stdout 7, stderr 8\r\ndebug2: fd >>>> 7 setting O_NONBLOCK\r\ndebug2: fd 8 setting O_NONBLOCK\r\ndebug1: channel >>>> 2: new [client-session]\r\ndebug2: process_mux_new_session: channel_new: 2 >>>> linked to control channel 1\r\ndebug2: channel 2: send open\r\ndebug3: >>>> send >>>> packet: type 90\r\ndebug3: receive packet: type 91\r\ndebug2: callback >>>> start\r\ndebug2: client_session2_setup: id 2\r\ndebug1: Sending >>>> environment.\r\ndebug1: Sending env LANG = en_US.UTF-8\r\ndebug2: channel >>>> 2: request env confirm 0\r\ndebug3: send packet: type 98\r\ndebug1: >>>> Sending >>>> command: /bin/sh -c 'echo ~ && sleep 0'\r\ndebug2: channel 2: request exec >>>> confirm 1\r\ndebug3: send packet: type 98\r\ndebug3: mux_session_confirm: >>>> sending success reply\r\ndebug2: callback done\r\ndebug2: channel 2: open >>>> confirm rwindow 1024 rmax 4096\r\ndebug1: mux_client_request_session: >>>> master session id: 2\r\ndebug3: receive packet: type 99\r\ndebug2: >>>> channel_input_status_confirm: type 99 id 2\r\ndebug2: exec request >>>> accepted >>>> on channel 2\r\ndebug3: send packet: type 1\r\ndebug1: channel 0: free: >>>> /root/.ansible/cp/a0709b0bd0, nchannels 3\r\ndebug3: channel 0: status: >>>> The >>>> following connections are open:\r\n #1 mux-control (t16 r2 i0/0 o0/0 fd >>>> 5/5 cc -1)\r\n #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc >>>> 1)\r\n\r\ndebug1: channel 1: free: mux-control, nchannels 2\r\ndebug3: >>>> channel 1: status: The following connections are open:\r\n #1 mux-control >>>> (t16 r2 i0/0 o0/0 fd 5/5 cc -1)\r\n #2 client-session (t4 r3 i0/0 o0/0 fd >>>> 6/7 cc 1)\r\n\r\ndebug1: channel 2: free: client-session, nchannels >>>> 1\r\ndebug3: channel 2: status: The following connections are open:\r\n >>>> #2 >>>> client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1)\r\n\r\ndebug3: fd 0 is not >>>> O_NONBLOCK\r\ndebug3: fd 1 is not O_NONBLOCK\r\ndebug1: fd 2 clearing >>>> O_NONBLOCK\r\nConnection to 10.0.2.5 closed by remote >>>> host.\r\nTransferred: >>>> sent 2072, received 2032 bytes, in 37.9 seconds\r\nBytes per second: sent >>>> 54.6, received 53.6\r\ndebug1: Exit status -1\r\ndebug3: >>>> mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Control >>>> master terminated unexpectedly\r\n", >>>> "unreachable": true >>>> } >>>> to retry, use: --limit >>>> @/var/lib/awx/projects/username/Cisco/cisco_facts.retry >>>> >>>> PLAY RECAP >>>> ****************************************************************************************************************************************************************************************************************************************************************************************************************** >>>> 10.0.2.5 : ok=0 changed=0 unreachable=1 failed=0 >>>> >>>> >>>> >>>> >>>> >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/24d98b77-1184-43f2-a435-933475903083%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/ansible-project/24d98b77-1184-43f2-a435-933475903083%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e34dae65-b1f7-4b11-8580-f7f543ddb14f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
