Re: [ansible-project] Ansible passwordless login not working
Hi! I have found out that some IOS devices have problems with gather_facts and ansible does that by default. So I disabled it with gather_facts=no and now ansible continues to the next step now without gathering facts and skips the ios_facts error. Also I have changed some paramiko config on the ansible.cfg like this: [paramiko_connection] # uncomment this line to cause the paramiko connection plugin to not record new host # keys encountered. Increases performance on new host additions. Setting works independently of the # host key checking setting above. #record_host_keys=False # by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this # line to disable this behaviour. #pty=False # paramiko will default to looking for SSH keys initially when trying to # authenticate to remote devices. This is a problem for some network devices # that close the connection after a key failure. Uncomment this line to # disable the Paramiko look for keys function look_for_keys = False # When using persistent connections with Paramiko, the connection runs in a # background process. If the host doesn't already have a valid SSH key, by # default Ansible will prompt to add the host key. This will cause connections # running in background processes to fail. Uncomment this line to have # Paramiko automatically add host keys. host_key_auto_add = True Note that these changes didn't made any difference.. So if its commented or not i get the same error - No Existing Session This is my code now: --- - name: --- 1. Applying Layer 2 Configuration --- hosts: Snif_TEST gather_facts: no vars: ansible_become: yes ansible_become_method: enable ansible_user: ansible ansible_password: ansible ansible_network_os: ios ansible_connection: network_cli tasks: - include_vars: dir: /etc/ansible/roles/new_vlan/vars/ - include_role: name: new_vlan tasks_from: show_vlan.yml I have found out that it doesn't matter if I put the vars under all:vars or just vars on the playbook it produces the same results. So after bypassing the gathering_facts error my current error is: 2020-01-21 10:26:27,529 p=ansible u=26571 | ansible-playbook 2.9.1 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] 2020-01-21 10:26:27,530 p=ansible u=26571 | Using /etc/ansible/ansible.cfg as config file 2020-01-21 10:26:27,531 p=ansible u=26571 | setting up inventory plugins 2020-01-21 10:26:27,543 p=ansible u=26571 | host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method 2020-01-21 10:26:27,543 p=ansible u=26571 | script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method 2020-01-21 10:26:27,548 p=ansible u=26571 | Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin 2020-01-21 10:26:27,548 p=ansible u=26571 | setting up inventory plugins 2020-01-21 10:26:28,353 p=ansible u=26571 | Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc 2020-01-21 10:26:28,452 p=ansible u=26571 | PLAYBOOK: new_vlan_playbook.yml *** 2020-01-21 10:26:28,453 p=ansible u=26571 | 1 plays in new_vlan_playbook.yml 2020-01-21 10:26:28,468 p=ansible u=26571 | PLAY [--- 1 . Applying Layer 2 Configuration ---] ** 2020-01-21 10:26:28,476 p=ansible u=26571 | META: ran handlers 2020-01-21 10:26:28,484 p=ansible u=26571 | TASK [include_vars] *** 2020-01-21 10:26:28,518 p=ansible u=26580 | attempting to start connection 2020-01-21 10:26:28,518 p=ansible u=26580 | using connection plugin network_cli 2020-01-21 10:26:29,116 p=ansible u=26580 | local domain socket does not exist, starting it 2020-01-21 10:26:29,116 p=ansible u=26580 | control socket path is /home/ansible/.ansible/pc/b2fb8201f6 2020-01-21 10:26:29,117 p=ansible u=26580 | local domain socket listeners started successfully 2020-01-21 10:26:29,117 p=ansible u=26580 | loaded cliconf plugin ios from path /usr/lib/python2.7 /site-packages/ansible/plugins/cliconf/ios.py for network_os ios 2020-01-21 10:26:29,117 p=ansible u=26580 | network_os is set to ios 2020-01-21 10:26:29,117 p=ansible u=26580 | 2020-01-21 10:26:29,118 p=ansible u=26580 |
Re: [ansible-project] Ansible passwordless login not working
*Hi Phil,* *Thank you for your help.* *Playbook:* - name: --- 1. Applying Layer 2 Configuration --- hosts: Snif_TEST connection: network_cli tasks: - include_vars: dir: /etc/ansible/roles/new_vlan/vars/ - include_role: name: new_vlan tasks_from: show_vlan.yml *It's seems that after I set these variables under the inventory file like this:* all: children: POC_ENV: hosts: TEST-NXOS2: TEST-NXOS3: Snif_TEST: hosts: R-TEST-SNIF: vars: ansible_network_os: ios ansible_password: ansible ansible_become: yes ansible_become_method: enable ansible_user: ansible *All other variables are equal to null except ansible_connection/ansible_network_os for some reason. Here is the output:* [ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml - 2020-01-21 09:25:53,934 p=ansible u=23836 | ansible-playbook 2.9.1 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] 2020-01-21 09:25:53,935 p=ansible u=23836 | Using /etc/ansible/ansible.cfg as config file 2020-01-21 09:25:53,936 p=ansible u=23836 | setting up inventory plugins 2020-01-21 09:25:53,947 p=ansible u=23836 | host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method 2020-01-21 09:25:53,947 p=ansible u=23836 | script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method 2020-01-21 09:25:53,953 p=ansible u=23836 | Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin 2020-01-21 09:25:53,954 p=ansible u=23836 | setting up inventory plugins 2020-01-21 09:25:55,045 p=ansible u=23836 | Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc 2020-01-21 09:25:55,138 p=ansible u=23836 | PLAYBOOK: new_vlan_playbook.yml *** 2020-01-21 09:25:55,139 p=ansible u=23836 | 1 plays in new_vlan_playbook.yml 2020-01-21 09:25:55,145 p=ansible u=23836 | PLAY [--- 1 . Applying Layer 2 Configuration ---] ** 2020-01-21 09:25:55,159 p=ansible u=23836 | TASK [Gathering Facts] 2020-01-21 09:25:55,202 p=ansible u=23847 | attempting to start connection 2020-01-21 09:25:55,203 p=ansible u=23847 | using connection plugin network_cli 2020-01-21 09:25:55,843 p=ansible u=23847 | local domain socket does not exist, starting it 2020-01-21 09:25:55,843 p=ansible u=23847 | control socket path is /home/ansible/.ansible/pc/e8627bbe23 2020-01-21 09:25:55,844 p=ansible u=23847 | local domain socket listeners started successfully 2020-01-21 09:25:55,844 p=ansible u=23847 | loaded cliconf plugin ios from path /usr/lib/python2.7 /site-packages/ansible/plugins/cliconf/ios.py for network_os ios 2020-01-21 09:25:55,844 p=ansible u=23847 | network_os is set to ios 2020-01-21 09:25:55,845 p=ansible u=23847 | 2020-01-21 09:25:55,845 p=ansible u=23847 | local domain socket path is /home/ansible/.ansible/pc/ e8627bbe23 2020-01-21 09:25:55,853 p=ansible u=23847 | [WARNING]: Ignoring timeout(10 ) for ios_facts 2020-01-21 09:25:55,854 p=ansible u=23847 | ESTABLISH LOCAL CONNECTION FOR USER: ansible 2020-01-21 09:25:55,855 p=ansible u=23847 | EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ansible/.ansible/tmp/ansible-local-23836IRvmI3/ansible-tmp-1579591555.85-45205629859053 `" && echo ansible-tmp-1579591555.85-45205629859053="` echo /home/ansible/.ansible/tmp/ansible-local-23836IRvmI3/ansible-tmp-1579591555.85-45205629859053 `" ) && sleep 0' 2020-01-21 09:25:56,725 p=ansible u=23847 | Attempting python interpreter discovery 2020-01-21 09:25:56,726 p=ansible u=23847 | EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0' 2020-01-21 09:25:56,748 p=ansible u=23847 | EXEC /bin/sh -c '/usr/bin/python && sleep 0' 2020-01-21 09:25:56,822 p=ansible u=23847 | Using module file /usr/lib/python2.7 /site-packages/ansible/modules/network/ios/ios_facts.py 2020-01-21
Re: [ansible-project] Ansible passwordless login not working
What happens when you setup your inventory to something like this: [all:vars]# these defaults can be overridden for any group in the [group:vars] sectionansible_connection=network_cliansible_user=ansible [ios]... [ios:vars]ansible_become=yesansible_become_method=enableansible_network_os=iosansible_user=ansibleansible_password= ansible Try setting those values in the inventory file and see what happens Phil. On Monday, 20 January 2020 06:59:35 UTC, Yehuda Pinhas wrote: > > Hi again. > Anyone have any idea? > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/26f9e384-e29c-452d-a71d-aa0a615fd6e1%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
I think it has something to do with the publickey and that ansible tries to authenticate using the public key as primary method of authentication. For some reason it doesn't takes the username and password and just attempt SSH with it. I think that because of the log file. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/db3d5b87-468a-450c-bf37-1a7dc26ec309%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
Hi again. Anyone have any idea? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e669ab37-a0b7-4508-a129-e771ca18926c%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Thu, 16 Jan 2020 01:36:28 -0800 (PST) Yehuda Pinhas wrote: > How is it SSH problem if I can add a public key or just regulary SSH and > its working? SSH tried (publickey,keyboard-interactive,password) and failed > fatal: [R-TEST-SNIF]: UNREACHABLE! => {"changed": false, "msg": "Failed to > connect to the host via ssh: Warning: Permanently added > 'r-test-snif,10.70.54.102' (RSA) to the list of known hosts.\r\nPermission > denied (publickey,keyboard-interactive,password).", "unreachable": true} I can only repeat: Find out why 'password' permission was denied. See "Network Debug and Troubleshooting Guide" https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#network-debug-and-troubleshooting-guide and "Enabling Networking device interaction logging" in particular https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#enabling-networking-device-interaction-logging Quoting: "Ansible 2.8 features added logging of device interaction in log file to help diagnose and troubleshoot issues regarding Ansible Networking modules." If you want to proceed in a systemic way get the log. -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200116121050.0ee1d74e%40gmail.com. pgpaKGSZ4tp5y.pgp Description: OpenPGP digital signature
Re: [ansible-project] Ansible passwordless login not working
Hi Douglas, This is the result of --ask-pass: [image: Capture.PNG] I have no idea what that means haha. What do you think? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1b6b38ae-78ab-498f-b087-38df4eef2a17%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
When adding a public key are you adding it to an amiable user or to another user and does your ping work if you pass —ask-pass? Sent from my iPhone > On Jan 16, 2020, at 04:36, Yehuda Pinhas wrote: > > > I'm not sure that "connection: network_cli" because not matter what i do I > get the same error... Its just not working. > > > How is it SSH problem if I can add a public key or just regulary SSH and its > working? that proves that its not an SSH problem on my remote machine and > leaves the fault in the ansible code side.. > > Any other ideas? > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/b9eb97d9-87d6-48fe-8077-4f0b3c78f3dd%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2CCAF59F-3E77-4BEE-A54F-F9F6EE7C4E9A%40gmail.com.
Re: [ansible-project] Ansible passwordless login not working
*I have no idea what to do next.. also ping check fails..* [image: Capture.PNG] *Again, if im adding the publickey for passwordless authentication Ansible works.. but without it its not..* *This is the configuration on the router side:* R-TEST-SNIF#sh run Building configuration... Current configuration : 1474 bytes ! ! Last configuration change at 07:42:41 EST Wed Jan 15 2020 ! version 15.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R-TEST-SNIF ! boot-start-marker boot-end-marker ! aqm-register-fnf ! ! no aaa new-model clock timezone EST -5 0 mmi polling-interval 60 no mmi auto-configure no mmi pvc mmi snmp-timeout 180 ! ! ! ! ! ! ! ! ! ! ip domain name EVE ip cef no ipv6 cef ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! username ansible privilege 15 password 0 ansible ! redundancy ! ! ip ssh version 2 ! ! ! ! ! ! ! ! ! ! ! ! ip forward-protocol nd ! ! no ip http server no ip http secure-server ! ! ! ! control-plane ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 exec-timeout 0 0 logging synchronous login local transport input telnet ssh transport output telnet ssh ! ! end *crypto key rsa generate proof:* R-TEST-SNIF# show crypto key mypubkey rsa % Key pair was generated at: 05:35:04 EST Jan 15 2020 Key name: R-TEST-SNIF.EVE Key type: RSA KEYS Storage Device: private-config Usage: General Purpose Key Key is not exportable. Key Data: 307C300D 06092A86 4886F70D 01010105 00036B00 30680261 00A5F2FB C8D19FA7 E19B9A1E 92976C47 174482FA 788CEA72 85AEF6E9 F0336651 CFE2DA99 316C94A2 45A9C27F A2E37D40 C2EE2A39 81B2C4C9 E3BB751C 20CD8C2A 1A632617 AE46F329 05CC6D09 483607CB 20DBC972 C2A92124 63FD1EFB E9A66E8C 07020301 0001 % Key pair was generated at: 05:35:04 EST Jan 15 2020 Key name: R-TEST-SNIF.EVE.server Key type: RSA KEYS Temporary key Usage: Encryption Key Key is not exportable. Key Data: 306C300D 06092A86 4886F70D 01010105 00035B00 30580251 00AC4D25 1A615FB6 1FFEFF70 1A0C72A8 C9C26E3A C4F9AA7D 8C47CE5B 0FCC59A7 CADA0BC8 C173D620 26E5445E 65BBAAF2 915B844C 71B0D855 ADB5BBBC 68314F14 3F891C0D 8162B869 C227A0B0 C4592A93 5F020301 0001 *Its probably some command missing on the router side.. * *anyone have any idea what is missing?* -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8a9ba6ec-a380-4c6f-94e3-0d40f93c8aa6%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
I'm not sure that "connection: network_cli" because not matter what i do I get the same error... Its just not working. How is it SSH problem if I can add a public key or just regulary SSH and its working? that proves that its not an SSH problem on my remote machine and leaves the fault in the ansible code side.. Any other ideas? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b9eb97d9-87d6-48fe-8077-4f0b3c78f3dd%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 05:36:23 -0800 (PST) Yehuda Pinhas wrote: > fatal: [R-TEST-SNIF]: UNREACHABLE! => {"changed": false, "msg": "Failed to > connect to the host via ssh: Warning: Permanently added > 'r-test-snif,10.70.54.102' (RSA) to the list of known hosts.\r\nPermission > denied (publickey,keyboard-interactive,password).", "unreachable": true} It's SSH problem now. Find out why 'password' permission was denied. See "Network Debug and Troubleshooting Guide" https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#network-debug-and-troubleshooting-guide and "Enabling Networking device interaction logging" in particular https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#enabling-networking-device-interaction-logging HTH, -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115172311.59d7feb8%40gmail.com. pgprAhq9AWVVL.pgp Description: OpenPGP digital signature
Re: [ansible-project] Ansible passwordless login not working
*Hi Vladimir,* *with this code on the playbook:* --- - name: --- 1. Applying Layer 2 Configuration --- hosts: Snif_TEST connection: network_cli tasks: - include_vars: dir: /etc/ansible/roles/new_vlan/vars/ - include_role: name: new_vlan tasks_from: show_vlan.yml *And on the vars file:* ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_user: ansible ansible_password: ansible *This is the result:* [ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml PLAY [--- 1. Applying Layer 2 Configuration ---] ** TASK [Gathering Facts] fatal: [R-TEST-SNIF]: FAILED! => {"msg": "Unable to automatically determine host network os. Please manually configure ansible_network_os value for this host"} *With this code on the playbook:* --- - name: --- 1. Applying Layer 2 Configuration --- hosts: Snif_TEST tasks: - include_vars: dir: /etc/ansible/roles/new_vlan/vars/ - include_role: name: new_vlan tasks_from: show_vlan.yml *And on the vars file:* ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_connection: network_cli ansible_network_os: ios ansible_user: ansible ansible_password: ansible *This is the result:* [ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml PLAY [--- 1. Applying Layer 2 Configuration ---] ** TASK [Gathering Facts] fatal: [R-TEST-SNIF]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'r-test-snif,10.70.54.102' (RSA) to the list of known hosts.\r\nPermission denied (publickey,keyboard-interactive,password).", "unreachable": true} PLAY RECAP R-TEST-SNIF: ok=0changed=0unreachable=1 failed=0skipped=0rescued=0ignored=0 *Keep in mind that in anytime I have no problem with sshing to the machine. example:* [image: Capture.PNG] *Also remember that I always can add the pubkey configuration to the router and run ansible successfuly.* *Have any idea what to do next?* -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/bb69793a-cf26-4db4-8e0d-20f58d00f087%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 03:56:14 -0800 (PST) Yehuda Pinhas wrote: > *Cisco IOS Software Version 15.4(1)T (I86BI_LINUX-ADVENTERPRISEK9-M)* Cisco IOS is supported platform https://access.redhat.com/articles/3168091 > - name: > hosts: Snif_TEST > connection: local The connection should be 'network_cli'. See "Ansible Network Examples" https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html#ansible-network-examples and "Privilege escalation" in particular https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html#privilege-escalation - name: hosts: Snif_TEST connection: network_cli HTH, -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115140653.4f45aed5%40gmail.com. pgpjWpHsdePP6.pgp Description: OpenPGP digital signature
Re: [ansible-project] Ansible passwordless login not working
*Oh. of course.* *The router is virtual image - IOL.* *Cisco IOS Software Version 15.4(1)T (I86BI_LINUX-ADVENTERPRISEK9-M)* *Full code is:* */etc/ansible/roles/new_vlan/new_vlan_playbook.yml:* --- - name: --- 1. Applying Layer 2 Configuration --- hosts: Snif_TEST connection: local tasks: - include_vars: dir: /etc/ansible/roles/new_vlan/vars/ - include_role: name: new_vlan tasks_from: show_vlan.yml */etc/ansible/roles/new_vlan/tasks/show_vlan.yml* --- - name: --- 1. Show VLAN -- ios_command: commands: - show ip int br register: show_vlan - debug: msg="{{ show_vlan.stdout_lines }}" * /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml* ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_user: ansible ansible_password: ansible */etc/ansible/inventory/POC_ENV.yml* all: children: POC_ENV: hosts: TEST-NXOS2: TEST-NXOS3: Snif_TEST: hosts: R-TEST-SNIF: *Ill mention again that when i add this configuration on the router ansible works perfectly:* ip ssh pubkey-chain username ansible key-string ssh-rsa B3NzaC1yc2EDAQABAAABAQDuKpCznL9Gb7L/jVypzsHxFcceKBL2Xg0Enjr5XnGtaAsycD+ToiXYANzn2J21z3IqxyVG7NELLkW03CCclBVMCkdbzD8sRaVuIZCjYdzD4KX7O8goBXnz0+sPO4FhccSBhMfAO/IphliQ0oFBM26OG8UsxZISI5/04GdObk6AwM7jDk6Fga1Wcmqpo0P2XfarXckbL0LxAYEaGr5JR6X4p n+0x4C/DuOIIKQuvDyiaWTlD+ewRW6kMUUgo8AnVcHekZG+7GDzS4yVuAKZ73pl+Pe8EBa2eUP4FSE1ZXqnQvunKyGo7ifrZCcbikAnkB2is48Y67E3c21ZxhSkI36P ansible@Netauto-Dev *What do you think?* -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a7f6c8a5-e945-4fa0-a3e6-ce11934427ac%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Wed, 15 Jan 2020 01:26:07 -0800 (PST) Yehuda Pinhas wrote: > The device is a router Sure it is. Could you disclose the brand and type? > 1. If im sshing normaly with ansible:ansible credentials it works > 2. If im installing ssh keypair (publickey on the router) the ansible is > working. It's seems that the problem might be isolated. 'Gathering_Facts' and 'include_vars' was 'OK'. Then the play failed. Find out which variable, from the included variables, changed and made the play fail /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115120505.6919831f%40gmail.com. pgpkrMfrkLQzM.pgp Description: OpenPGP digital signature
Re: [ansible-project] Ansible passwordless login not working
Hi Vladimir, The device is a router, and I have made few more checks: 1. If im sshing normaly with ansible:ansible credentials it works 2. If im installing ssh keypair (publickey on the router) the ansible is working. Problem occurs once I take off the public key from the router and try to ssh with username + password instead of username + pubkey. I have even tryed to add the ansible_connection feature like this: ansible_connection: network_cli ansible_network_os: ios ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_user: ansible ansible_password: ansible And this is the error: [image: Capture.PNG] I have no idea what to do -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7c3b0d67-6a7b-4bb2-bc68-a7ecce4a4023%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
> > Hi Vladimir, The device is a router, and I have made few more checks: 1. If im sshing normaly with ansible:ansible credentials it works 2. If im installing ssh keypair (publickey on the router) the ansible is working. Problem occurs once I take off the public key from the router and try to ssh with username + password instead of username + pubkey. I have even tryed to add the ansible_connection feature and this is the error: [image: Capture.PNG] I have no idea what to do -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a2232f9d-f8de-4b63-a1d6-ad60507dcd4e%40googlegroups.com.
Re: [ansible-project] Ansible passwordless login not working
On Tue, 14 Jan 2020 23:30:43 -0800 (PST) Yehuda Pinhas wrote: > using connection plugin network_cli (was local) > [...] > fatal: [R-TEST-SNIF]: FAILED! => { > "changed": false, > "msg": "command timeout triggered, timeout value is 10 secs.\nSee the > timeout setting options in the Network Debug and Troubleshooting Guide." > } What is the device that's making troubles? Make sure the device is working with the connection plugin 'network_cli'. See "How Network Automation is Different" https://docs.ansible.com/ansible/latest/network/getting_started/network_differences.html#how-network-automation-is-different and in particular "Multiple Communication Protocols" https://docs.ansible.com/ansible/latest/network/getting_started/network_differences.html#multiple-communication-protocols -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200115101512.574c97fd%40gmail.com. pgpomBdoWXOPu.pgp Description: OpenPGP digital signature
Re: [ansible-project] Ansible passwordless login not working
*Hi,* *Thank you for your answer. but its still not working* *This is how my code looks like now:* ansible_ssh_common_args: -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts ansible_user: ansible ansible_password: ansible *And here is my error now:* [ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml -v ansible-playbook 2.9.1 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] Using /etc/ansible/ansible.cfg as config file setting up inventory plugins host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/SNIF_AGGREGATOR.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/avaya.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/avaya.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (avaya) Parsed /etc/ansible/inventory/avaya.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/branch_switch.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/branch_switch.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/branch_switch.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/nexus.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/nexus.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/nexus.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_10M) Parsed /etc/ansible/inventory/snif_router_SoM_10M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_20M) Parsed /etc/ansible/inventory/snif_router_SoM_20M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_40M) Parsed /etc/ansible/inventory/snif_router_SoM_40M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_all.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_all.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_all.yml inventory source with yaml plugin Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc PLAYBOOK: new_vlan_playbook.yml
Re: [ansible-project] Ansible passwordless login not working
*Hi,* *Thank you for your answer. but its still not working* *any idea why? * *here is my error now:* [ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml -v ansible-playbook 2.9.1 config file = /etc/ansible/ansible.cfg configured module search path = [u'/home/ansible/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible-playbook python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] Using /etc/ansible/ansible.cfg as config file setting up inventory plugins host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/SNIF_AGGREGATOR.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/avaya.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/avaya.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (avaya) Parsed /etc/ansible/inventory/avaya.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/branch_switch.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/branch_switch.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/branch_switch.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/nexus.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/nexus.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/nexus.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_10M) Parsed /etc/ansible/inventory/snif_router_SoM_10M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_20M) Parsed /etc/ansible/inventory/snif_router_SoM_20M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as it did not pass its verify_file() method Skipping empty key (hosts) in group (snif_router_SoM_40M) Parsed /etc/ansible/inventory/snif_router_SoM_40M.yml inventory source with yaml plugin setting up inventory plugins host_list declined parsing /etc/ansible/inventory/snif_router_all.yml as it did not pass its verify_file() method script declined parsing /etc/ansible/inventory/snif_router_all.yml as it did not pass its verify_file() method Parsed /etc/ansible/inventory/snif_router_all.yml inventory source with yaml plugin Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc PLAYBOOK: new_vlan_playbook.yml *** Positional arguments: new_vlan_playbook.yml become_method: sudo inventory:
Re: [ansible-project] Ansible passwordless login not working
On Tue, 14 Jan 2020 06:38:34 -0800 (PST) Yehuda Pinhas wrote: > *Here is my code on my /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml > file:* > ansible_ssh_common_args: > -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts > ansible_user: ansible > ansible_pass: ansible `ansible_password` is the correct name of the variable. See "Common inventory variables" https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html?highlight=password#common-inventory-variables HTH, -vlado -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20200114173346.784e61e1%40gmail.com. pgp4qMCL8wjid.pgp Description: OpenPGP digital signature