eemoon
asked on
Ansible playbook cannot work and other tests are normal
Ansible is installed at Ubuntu. I want to see output of cisco command "show ip interface brief" but it cannot work with some error message as below. All hosts and playbook info are listed in below picture.
There is no any issue to ping or ssh the router. Anyone can help to take a look at it? Thank you very much
ASKER
Hi Craig, Thank you very much for your reply.
"Is the Cisco device asking for public key authentication when ansible tries to connect?" No, it didnt
Please see the below debug message:
kueve@ubuntu:~/playbook$ ansible-playbook show-version.yaml -vvv
ansible-playbook [core 2.12.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/kueve/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/kueve/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
jinja version = 2.10.1
libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
host_list declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
Parsed /home/kueve/inventory/hosts inventory source with yaml plugin
host_list declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
yaml declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
toml declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save with ini plugin: Invalid host pattern 'all:' supplied,
ending in ':' is not allowed, this character is reserved to provide a port.
File "/usr/lib/python3/dist-packages/ansible/inventory/manager.py", line 290, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "/usr/lib/python3/dist-packages/ansible/plugins/inventory/ini.py", line 136, in parse
raise AnsibleParserError(e)
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save as an inventory source
redirecting (type: modules) ansible.builtin.ios_command to cisco.ios.ios_command
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: show-version.yaml ***********************************************************************************************
1 plays in show-version.yaml
PLAY [Cisco show version example] *****************************************************************************************
META: ran handlers
TASK [run show version on the routers] ************************************************************************************
task path: /home/kueve/playbook/show-version.yaml:8
redirecting (type: action) ansible.builtin.ios to cisco.ios.ios
redirecting (type: action) ansible.builtin.ios to cisco.ios.ios
<192.168.1.24> ESTABLISH LOCAL CONNECTION FOR USER: kueve
<192.168.1.24> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en `"&& mkdir "` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544 `" && echo ansible-tmp-1650825551.0115597-84700-188661813625544="` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544 `" ) && sleep 0'
redirecting (type: modules) ansible.builtin.ios_command to cisco.ios.ios_command
Using module file /usr/lib/python3/dist-packages/ansible_collections/cisco/ios/plugins/modules/ios_command.py
<192.168.1.24> PUT /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/tmpyt_2dl5_ TO /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py
<192.168.1.24> EXEC /bin/sh -c 'chmod u+x /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/ /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py && sleep 0'
<192.168.1.24> EXEC /bin/sh -c '/usr/bin/python3 /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py && sleep 0'
<192.168.1.24> EXEC /bin/sh -c 'rm -f -r /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
File "/tmp/ansible_ios_command_payload_6k1ltxmp/ansible_ios_command_payload.zip/ansible_collections/cisco/ios/plugins/module_utils/network/ios/ios.py", line 94, in get_capabilities
capabilities = Connection(module._socket_path).get_capabilities()
File "/tmp/ansible_ios_command_payload_6k1ltxmp/ansible_ios_command_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [192.168.1.24]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"commands": [
"show version | incl Version"
],
"interval": 1,
"match": "all",
"provider": null,
"retries": 10,
"wait_for": null
}
},
"msg": "not a valid RSA private key file"
}
PLAY RECAP ****************************************************************************************************************
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
kueve@ubuntu:~/playbook$
kueve@ubuntu:~/playbook$
"Is the Cisco device asking for public key authentication when ansible tries to connect?" No, it didnt
Please see the below debug message:
kueve@ubuntu:~/playbook$ ansible-playbook show-version.yaml -vvv
ansible-playbook [core 2.12.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/kueve/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/kueve/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
jinja version = 2.10.1
libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
host_list declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
Parsed /home/kueve/inventory/hosts inventory source with yaml plugin
host_list declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
yaml declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
toml declined parsing /home/kueve/inventory/hosts.save as it did not pass its verify_file() method
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save with ini plugin: Invalid host pattern 'all:' supplied,
ending in ':' is not allowed, this character is reserved to provide a port.
File "/usr/lib/python3/dist-packages/ansible/inventory/manager.py", line 290, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "/usr/lib/python3/dist-packages/ansible/plugins/inventory/ini.py", line 136, in parse
raise AnsibleParserError(e)
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save as an inventory source
redirecting (type: modules) ansible.builtin.ios_command to cisco.ios.ios_command
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: show-version.yaml ***********************************************************************************************
1 plays in show-version.yaml
PLAY [Cisco show version example] *****************************************************************************************
META: ran handlers
TASK [run show version on the routers] ************************************************************************************
task path: /home/kueve/playbook/show-version.yaml:8
redirecting (type: action) ansible.builtin.ios to cisco.ios.ios
redirecting (type: action) ansible.builtin.ios to cisco.ios.ios
<192.168.1.24> ESTABLISH LOCAL CONNECTION FOR USER: kueve
<192.168.1.24> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en `"&& mkdir "` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544 `" && echo ansible-tmp-1650825551.0115597-84700-188661813625544="` echo /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544 `" ) && sleep 0'
redirecting (type: modules) ansible.builtin.ios_command to cisco.ios.ios_command
Using module file /usr/lib/python3/dist-packages/ansible_collections/cisco/ios/plugins/modules/ios_command.py
<192.168.1.24> PUT /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/tmpyt_2dl5_ TO /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py
<192.168.1.24> EXEC /bin/sh -c 'chmod u+x /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/ /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py && sleep 0'
<192.168.1.24> EXEC /bin/sh -c '/usr/bin/python3 /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/AnsiballZ_ios_command.py && sleep 0'
<192.168.1.24> EXEC /bin/sh -c 'rm -f -r /home/kueve/.ansible/tmp/ansible-local-84695s00rv4en/ansible-tmp-1650825551.0115597-84700-188661813625544/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
File "/tmp/ansible_ios_command_payload_6k1ltxmp/ansible_ios_command_payload.zip/ansible_collections/cisco/ios/plugins/module_utils/network/ios/ios.py", line 94, in get_capabilities
capabilities = Connection(module._socket_path).get_capabilities()
File "/tmp/ansible_ios_command_payload_6k1ltxmp/ansible_ios_command_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
fatal: [192.168.1.24]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"commands": [
"show version | incl Version"
],
"interval": 1,
"match": "all",
"provider": null,
"retries": 10,
"wait_for": null
}
},
"msg": "not a valid RSA private key file"
}
PLAY RECAP ****************************************************************************************************************
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
kueve@ubuntu:~/playbook$
kueve@ubuntu:~/playbook$
Thanks.
Can you successfully SSH to the device from the Ubuntu box?
Can you successfully SSH to the device from the Ubuntu box?
ASKER
Yes, please see the below
kueve@ubuntu:~/playbook$ ssh cisco@192.168.1.24
Password:
SW24#exit
Connection to 192.168.1.24 closed.
kueve@ubuntu:~/playbook$
kueve@ubuntu:~/playbook$ ssh cisco@192.168.1.24
Password:
SW24#exit
Connection to 192.168.1.24 closed.
kueve@ubuntu:~/playbook$
Long shot but can you try changing your host file Cisco Vars section:
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=cisco
ansible_password=cisco123
ansible_become=yes
ansible_become_method=enable
ansible_become_password=ciscoASKER
Thanks Craig. Please see the below. Not work yet
kueve@ubuntu:~/inventory$ cat hosts
all:
children:
local:
hosts:
127.0.0.1
vars:
ansible_connection: local
ansible_user: devnet
ansible_pass: devnet
ansible_sudo_pass: devnet
cisco:
hosts:
192.168.1.24
vars:
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=cisco
ansible_password=cisco123
ansible_become=yes
ansible_become_method=enable
ansible_become_password=cisco
kueve@ubuntu:~$ ansible show-interface.yaml
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save with ini plugin: Invalid host pattern 'all:'
supplied, ending in ':' is not allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save as an inventory source
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save.1 with ini plugin: Invalid host pattern 'all:'
supplied, ending in ':' is not allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save.1 as an inventory source
[WARNING]: Could not match supplied host pattern, ignoring: show-interface.yaml
[WARNING]: No hosts matched, nothing to do
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD] [--become-user BECOME_USER]
[-K | --become-password-file BECOME_PASSWORD_FILE] [-i INVENTORY] [--list-hosts] [-l SUBSET]
[-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
[-c CONNECTION] [-T TIMEOUT] [--ssh-common-args SSH_COMMON_ARGS]
[--sftp-extra-args SFTP_EXTRA_ARGS] [--scp-extra-args SCP_EXTRA_ARGS]
[--ssh-extra-args SSH_EXTRA_ARGS] [-k | --connection-password-file CONNECTION_PASSWORD_FILE] [-C]
[--syntax-check] [-D] [-e EXTRA_VARS] [--vault-id VAULT_IDS]
[--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES] [-f FORKS] [-M MODULE_PATH]
[--playbook-dir BASEDIR] [--task-timeout TASK_TIMEOUT] [-a MODULE_ARGS] [-m MODULE_NAME]
pattern
Define and run a single task 'playbook' against a set of hosts
positional arguments:
pattern host pattern
optional arguments:
--ask-vault-password, --ask-vault-pass
ask for vault password
--become-password-file BECOME_PASSWORD_FILE, --become-pass-file BECOME_PASSWORD_FILE
Become password file
--connection-password-file CONNECTION_PASSWORD_FILE, --conn-pass-file CONNECTION_PASSWORD_FILE
Connection password file
--list-hosts outputs a list of matching hosts; does not execute anything else
--playbook-dir BASEDIR
Since this tool does not use playbooks, use this as a substitute playbook directory.This
sets the relative path for many features including roles/ group_vars/ etc.
--syntax-check perform a syntax check on the playbook, but do not execute it
--task-timeout TASK_TIMEOUT
set task timeout limit in seconds, must be positive integer.
--vault-id VAULT_IDS the vault identity to use
--vault-password-file VAULT_PASSWORD_FILES, --vault-pass-file VAULT_PASSWORD_FILES
vault password file
--version show program's version number, config file location, configured module search path, module
location, executable location and exit
-B SECONDS, --background SECONDS
run asynchronously, failing after X seconds (default=N/A)
-C, --check don't make any changes; instead, try to predict some of the changes that may occur
-D, --diff when changing (small) files and templates, show the differences in those files; works
great with --check
-K, --ask-become-pass
ask for privilege escalation password
-M MODULE_PATH, --module-path MODULE_PATH
prepend colon-separated path(s) to module library
(default=~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules)
-P POLL_INTERVAL, --poll POLL_INTERVAL
set the poll interval if using -B (default=15)
-a MODULE_ARGS, --args MODULE_ARGS
The action's options in space separated k=v format: -a 'opt1=val1 opt2=val2'
-e EXTRA_VARS, --extra-vars EXTRA_VARS
set additional variables as key=value or YAML/JSON, if filename prepend with @
-f FORKS, --forks FORKS
specify number of parallel processes to use (default=5)
-h, --help show this help message and exit
-i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY
specify inventory host path or comma separated host list. --inventory-file is deprecated
-k, --ask-pass ask for connection password
-l SUBSET, --limit SUBSET
further limit selected hosts to an additional pattern
-m MODULE_NAME, --module-name MODULE_NAME
Name of the action to execute (default=command)
-o, --one-line condense output
-t TREE, --tree TREE log output to this directory
-v, --verbose verbose mode (-vvv for more, -vvvv to enable connection debugging)
Privilege Escalation Options:
control how and which user you become as on target hosts
--become-method BECOME_METHOD
privilege escalation method to use (default=sudo), use `ansible-doc -t become -l` to list
valid choices.
--become-user BECOME_USER
run operations as this user (default=root)
-b, --become run operations with become (does not imply password prompting)
Connection Options:
control as whom and how to connect to hosts
--private-key PRIVATE_KEY_FILE, --key-file PRIVATE_KEY_FILE
use this file to authenticate the connection
--scp-extra-args SCP_EXTRA_ARGS
specify extra arguments to pass to scp only (e.g. -l)
--sftp-extra-args SFTP_EXTRA_ARGS
specify extra arguments to pass to sftp only (e.g. -f, -l)
--ssh-common-args SSH_COMMON_ARGS
specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand)
--ssh-extra-args SSH_EXTRA_ARGS
specify extra arguments to pass to ssh only (e.g. -R)
-T TIMEOUT, --timeout TIMEOUT
override the connection timeout in seconds (default=10)
-c CONNECTION, --connection CONNECTION
connection type to use (default=smart)
-u REMOTE_USER, --user REMOTE_USER
connect as this user (default=None)
Some actions do not make sense in Ad-Hoc (include, meta, etc)
ERROR! No argument passed to command module
kueve@ubuntu:~$
kueve@ubuntu:~/inventory$ cat hosts
all:
children:
local:
hosts:
127.0.0.1
vars:
ansible_connection: local
ansible_user: devnet
ansible_pass: devnet
ansible_sudo_pass: devnet
cisco:
hosts:
192.168.1.24
vars:
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=cisco
ansible_password=cisco123
ansible_become=yes
ansible_become_method=enable
ansible_become_password=cisco
kueve@ubuntu:~$ ansible show-interface.yaml
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save with ini plugin: Invalid host pattern 'all:'
supplied, ending in ':' is not allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save as an inventory source
[WARNING]: * Failed to parse /home/kueve/inventory/hosts.save.1 with ini plugin: Invalid host pattern 'all:'
supplied, ending in ':' is not allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /home/kueve/inventory/hosts.save.1 as an inventory source
[WARNING]: Could not match supplied host pattern, ignoring: show-interface.yaml
[WARNING]: No hosts matched, nothing to do
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD] [--become-user BECOME_USER]
[-K | --become-password-file BECOME_PASSWORD_FILE] [-i INVENTORY] [--list-hosts] [-l SUBSET]
[-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
[-c CONNECTION] [-T TIMEOUT] [--ssh-common-args SSH_COMMON_ARGS]
[--sftp-extra-args SFTP_EXTRA_ARGS] [--scp-extra-args SCP_EXTRA_ARGS]
[--ssh-extra-args SSH_EXTRA_ARGS] [-k | --connection-password-file CONNECTION_PASSWORD_FILE] [-C]
[--syntax-check] [-D] [-e EXTRA_VARS] [--vault-id VAULT_IDS]
[--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES] [-f FORKS] [-M MODULE_PATH]
[--playbook-dir BASEDIR] [--task-timeout TASK_TIMEOUT] [-a MODULE_ARGS] [-m MODULE_NAME]
pattern
Define and run a single task 'playbook' against a set of hosts
positional arguments:
pattern host pattern
optional arguments:
--ask-vault-password, --ask-vault-pass
ask for vault password
--become-password-file BECOME_PASSWORD_FILE, --become-pass-file BECOME_PASSWORD_FILE
Become password file
--connection-password-file CONNECTION_PASSWORD_FILE, --conn-pass-file CONNECTION_PASSWORD_FILE
Connection password file
--list-hosts outputs a list of matching hosts; does not execute anything else
--playbook-dir BASEDIR
Since this tool does not use playbooks, use this as a substitute playbook directory.This
sets the relative path for many features including roles/ group_vars/ etc.
--syntax-check perform a syntax check on the playbook, but do not execute it
--task-timeout TASK_TIMEOUT
set task timeout limit in seconds, must be positive integer.
--vault-id VAULT_IDS the vault identity to use
--vault-password-file VAULT_PASSWORD_FILES, --vault-pass-file VAULT_PASSWORD_FILES
vault password file
--version show program's version number, config file location, configured module search path, module
location, executable location and exit
-B SECONDS, --background SECONDS
run asynchronously, failing after X seconds (default=N/A)
-C, --check don't make any changes; instead, try to predict some of the changes that may occur
-D, --diff when changing (small) files and templates, show the differences in those files; works
great with --check
-K, --ask-become-pass
ask for privilege escalation password
-M MODULE_PATH, --module-path MODULE_PATH
prepend colon-separated path(s) to module library
(default=~/.ansible/plugins/modules:/usr/share/ansible/plugins/modules)
-P POLL_INTERVAL, --poll POLL_INTERVAL
set the poll interval if using -B (default=15)
-a MODULE_ARGS, --args MODULE_ARGS
The action's options in space separated k=v format: -a 'opt1=val1 opt2=val2'
-e EXTRA_VARS, --extra-vars EXTRA_VARS
set additional variables as key=value or YAML/JSON, if filename prepend with @
-f FORKS, --forks FORKS
specify number of parallel processes to use (default=5)
-h, --help show this help message and exit
-i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY
specify inventory host path or comma separated host list. --inventory-file is deprecated
-k, --ask-pass ask for connection password
-l SUBSET, --limit SUBSET
further limit selected hosts to an additional pattern
-m MODULE_NAME, --module-name MODULE_NAME
Name of the action to execute (default=command)
-o, --one-line condense output
-t TREE, --tree TREE log output to this directory
-v, --verbose verbose mode (-vvv for more, -vvvv to enable connection debugging)
Privilege Escalation Options:
control how and which user you become as on target hosts
--become-method BECOME_METHOD
privilege escalation method to use (default=sudo), use `ansible-doc -t become -l` to list
valid choices.
--become-user BECOME_USER
run operations as this user (default=root)
-b, --become run operations with become (does not imply password prompting)
Connection Options:
control as whom and how to connect to hosts
--private-key PRIVATE_KEY_FILE, --key-file PRIVATE_KEY_FILE
use this file to authenticate the connection
--scp-extra-args SCP_EXTRA_ARGS
specify extra arguments to pass to scp only (e.g. -l)
--sftp-extra-args SFTP_EXTRA_ARGS
specify extra arguments to pass to sftp only (e.g. -f, -l)
--ssh-common-args SSH_COMMON_ARGS
specify common arguments to pass to sftp/scp/ssh (e.g. ProxyCommand)
--ssh-extra-args SSH_EXTRA_ARGS
specify extra arguments to pass to ssh only (e.g. -R)
-T TIMEOUT, --timeout TIMEOUT
override the connection timeout in seconds (default=10)
-c CONNECTION, --connection CONNECTION
connection type to use (default=smart)
-u REMOTE_USER, --user REMOTE_USER
connect as this user (default=None)
Some actions do not make sense in Ad-Hoc (include, meta, etc)
ERROR! No argument passed to command module
kueve@ubuntu:~$
You didn't use the correct command last time. You did:
You need to do:
ansible show-interface.yamlYou need to do:
ansible-playbook show-interface.yamlASKER
Thanks. I did it wrong. now corrected it, but it still cannot work. As I changed a little, I re-run the command as below:
kueve@ubuntu:~/inventory$ cat hosts
all:
children:
local:
hosts:
127.0.0.1
vars:
ansible_connection: local
ansible_user: devnet
ansible_pass: devnet
ansible_sudo_pass: devnet
cisco:
hosts:
192.168.1.23:
192.168.1.24:
vars:
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=cisco
ansible_password=cisco123
ansible_become=yes
ansible_become_method=enable
ansible_become_password=cisco
kueve@ubuntu:~/inventory$
kueve@ubuntu:~/inventory$ cd
kueve@ubuntu:~$ cd playbook
kueve@ubuntu:~/playbook$ ansible-playbook show-interface.yaml
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
PLAY [Show interfaces] *********************************************************************************************
TASK [use ios commands] ********************************************************************************************
fatal: [192.168.1.23]: FAILED! => {"changed": false, "msg": "Connection type ssh is not valid for this module"}
fatal: [192.168.1.24]: FAILED! => {"changed": false, "msg": "Connection type ssh is not valid for this module"}
PLAY RECAP *********************************************************************************************************
192.168.1.23 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
kueve@ubuntu:~/playbook$
kueve@ubuntu:~/playbook$ ansible-playbook show-interface.yaml -vvv
ansible-playbook [core 2.12.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/kueve/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/kueve/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
jinja version = 2.10.1
libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
host_list declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
Parsed /home/kueve/inventory/hosts inventory source with yaml plugin
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: show-interface.yaml **************************************************************************************
1 plays in show-interface.yaml
PLAY [Show interfaces] *********************************************************************************************
META: ran handlers
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
TASK [use ios commands] ********************************************************************************************
task path: /home/kueve/playbook/show-interface.yaml:6
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
fatal: [192.168.1.23]: FAILED! => {
"changed": false,
"msg": "Connection type ssh is not valid for this module"
}
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
fatal: [192.168.1.24]: FAILED! => {
"changed": false,
"msg": "Connection type ssh is not valid for this module"
}
PLAY RECAP *********************************************************************************************************
192.168.1.23 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
kueve@ubuntu:~/inventory$ cat hosts
all:
children:
local:
hosts:
127.0.0.1
vars:
ansible_connection: local
ansible_user: devnet
ansible_pass: devnet
ansible_sudo_pass: devnet
cisco:
hosts:
192.168.1.23:
192.168.1.24:
vars:
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=cisco
ansible_password=cisco123
ansible_become=yes
ansible_become_method=enable
ansible_become_password=cisco
kueve@ubuntu:~/inventory$
kueve@ubuntu:~/inventory$ cd
kueve@ubuntu:~$ cd playbook
kueve@ubuntu:~/playbook$ ansible-playbook show-interface.yaml
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
PLAY [Show interfaces] *********************************************************************************************
TASK [use ios commands] ********************************************************************************************
fatal: [192.168.1.23]: FAILED! => {"changed": false, "msg": "Connection type ssh is not valid for this module"}
fatal: [192.168.1.24]: FAILED! => {"changed": false, "msg": "Connection type ssh is not valid for this module"}
PLAY RECAP *********************************************************************************************************
192.168.1.23 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
kueve@ubuntu:~/playbook$
kueve@ubuntu:~/playbook$ ansible-playbook show-interface.yaml -vvv
ansible-playbook [core 2.12.2]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/kueve/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3/dist-packages/ansible
ansible collection location = /home/kueve/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
jinja version = 2.10.1
libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
script declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
yaml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
ini declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
Skipping due to inventory source not existing or not being readable by the current user
toml declined parsing /home/kueve/inventory/ansible.cfg.save as it did not pass its verify_file() method
[WARNING]: Unable to parse /home/kueve/inventory/ansible.cfg.save as an inventory source
host_list declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
script declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
auto declined parsing /home/kueve/inventory/hosts as it did not pass its verify_file() method
Parsed /home/kueve/inventory/hosts inventory source with yaml plugin
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: show-interface.yaml **************************************************************************************
1 plays in show-interface.yaml
PLAY [Show interfaces] *********************************************************************************************
META: ran handlers
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
TASK [use ios commands] ********************************************************************************************
task path: /home/kueve/playbook/show-interface.yaml:6
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
fatal: [192.168.1.23]: FAILED! => {
"changed": false,
"msg": "Connection type ssh is not valid for this module"
}
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
redirecting (type: action) cisco.ios.ios_command to cisco.ios.ios
fatal: [192.168.1.24]: FAILED! => {
"changed": false,
"msg": "Connection type ssh is not valid for this module"
}
PLAY RECAP *********************************************************************************************************
192.168.1.23 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
192.168.1.24 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
What if you try:
ansible-playbook -i hosts show-interface.yaml -vvv
ansible-playbook -i hosts show-interface.yaml -vvv
ASKER
Please see the below:
Ansible couldn't find the inventory file. Try:
ansible-playbook -i ~/inventory/hosts show-interface.yaml -vvv
ansible-playbook -i ~/inventory/hosts show-interface.yaml -vvv
ASKER
it shows ssh issue. so that i ssh it, but not issue with ssh. Looks like the error could tell thr true.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great, It starts to work. You are a very good expert in many fields!
There are some error (pink highlighted). Can we remove it? Please see the below
There are some error (pink highlighted). Can we remove it? Please see the below
The warnings are just info. They tell you that various inventory files can't be parsed for various reasons, such as the INI plugin can't parse YAML files, so that's normal. If you run the command with the -i hosts switch it will only parse the hosts file as the inventory so less warnings will show, but I wouldn't really worry about it.
ASKER
Finally resolved. Thank you very much!
Is the Cisco device asking for public key authentication when ansible tries to connect?