我正在尝试构建一个简单的 POC ansible 剧本,用于登录 Cisco 路由器并提取配置。关于我的环境:
- 我的 Ubuntu 是 Ubuntu 18.04.5 LTS
- 我的 Ansible 是版本 ansible 2.10.7(Python 版本 3.6.9)
- 我的 Ansible-Playbook 是版本 2.10.7(Python 版本 3.6.9)
- 路由器运行的是 Cisco IOS 版本 15.4(3)M3(不是 IOS XR)
根据我的研究(这里和这里),我非常确定我需要使用该cisco.ios.ios_facts模块。我也非常确定该模块已安装在我的 Ansible 服务器上:
me@ubuntu01:~$
me@ubuntu01:~$ ansible-galaxy collection list | grep cisco.ios
cisco.ios 1.3.0
cisco.iosxr 1.2.1
me@ubuntu01:~$
好的,这是我的库存文件:
[myrouters]
10.10.10.101
[myrouters:vars]
ansible_connection=ansible.netcommon.network_cli
ansible_network_os=cisco.ios.ios
ansible_ssh_user=user101
ansible_ssh_password=password101
ansible_become=no
很简单。我注意到,当我ansible-playbook以三重详细模式 (-vvv) 运行时,库存文件已成功解析。所以这是成功的一半。
这是我的剧本(“CiscoPlaybook.yml”),大部分内容都是复制的从这个例子:
---
- name: "test baby test"
hosts: myrouters
gather_facts: yes
- tasks:
- name: Gather only the config and default facts
cisco.ios.ios_facts:
gather_subset:
- config
我希望 Ansible 所做的就是通过 SSH 连接到路由器并获取设备的配置。当我ansible-playbook使用此命令运行时...
ansible-playbook CiscoPlaybook.yml -i /home/me/inventory.txt -vvv
...我得到了大量的输出。就像我说的,库存文件已成功解析。但是当剧本开始执行时,事情就偏离了轨道。我将在下面发布较长的错误消息,但输出中的这条消息引起了我的注意:
<10.10.10.101> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
好的,这是否意味着 Ansible 通过 SSH 连接到路由器并尝试发出“ /bin/sh -c '/usr/bin/python && sleep 0'”命令?它为什么要这样做?我正在指示它使用该cisco.ios.ios_facts模块。我认为这个模块告诉 Ansible 如何预期并与 Cisco 设备交互。
如果我没有使用该cisco.ios.ios_facts模块,有人能指出我哪里错了吗?
以下是运行剧本的完整小说长度输出,仅供参考。谢谢。
me@ubuntu01:~$
me@ubuntu01:~$
me@ubuntu01:~$ ansible-playbook CiscoPlaybook.yml -i /home/me/inventory.txt -vvv
ansible-playbook 2.10.7
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/me/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible-playbook
python version = 3.6.9 (default, Jan 26 2021, 15:33:00) [GCC 8.4.0]
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/me/inventory.txt as it did not pass its verify_file() method
script declined parsing /home/me/inventory.txt as it did not pass its verify_file() method
auto declined parsing /home/me/inventory.txt as it did not pass its verify_file() method
yaml declined parsing /home/me/inventory.txt as it did not pass its verify_file() method
Parsed /home/me/inventory.txt inventory source with ini plugin
redirecting (type: action) cisco.ios.ios_facts to cisco.ios.ios
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
redirecting (type: callback) ansible.builtin.timer to ansible.posix.timer
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: CiscoPlaybook.yml *************************************************************************************************
2 plays in CiscoPlaybook.yml
PLAY [test baby test] *********************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************
task path: /data/home/me/CiscoPlaybook.yml:2
Wednesday 12 April 2023 17:04:13 +0000 (0:00:00.076) 0:00:00.076 *******
[WARNING]: Ignoring timeout(10) for cisco.ios.ios_facts
<135.25.133.135> Attempting python interpreter discovery
<135.25.133.135> ESTABLISH LOCAL CONNECTION FOR USER: me
<135.25.133.135> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<135.25.133.135> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
Using module file /usr/local/lib/python3.6/dist-packages/ansible_collections/cisco/ios/plugins/modules/ios_facts.py
Pipelining is enabled.
<135.25.133.135> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
fatal: [135.25.133.135]: FAILED! => changed=false
ansible_facts: {}
failed_modules:
cisco.ios.ios_facts:
ansible_facts:
discovered_interpreter_python: /usr/bin/python
deprecations:
- msg: Distribution Ubuntu 18.04 on host 135.25.133.135 should use /usr/bin/python3, but is using /usr/bin/python for backward compatibility with prior Ansible releases. A future Ansible release will default to using the discovered platform python for this host. See https://docs.ansible.com/ansible/2.10/reference_appendices/interpreter_discovery.html for more information
version: '2.12'
exception: |-
WARNING: The below traceback may *not* be related to the actual failure.
File "/tmp/ansible_cisco.ios.ios_facts_payload_bEKSd8/ansible_cisco.ios.ios_facts_payload.zip/ansible_collections/ansible/netcommon/plugins/module_utils/network/common/network.py", line 251, in get_capabilities
capabilities = Connection(module._socket_path).get_capabilities()
File "/tmp/ansible_cisco.ios.ios_facts_payload_bEKSd8/ansible_cisco.ios.ios_facts_payload.zip/ansible/module_utils/connection.py", line 195, in __rpc__
raise ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)
failed: true
invocation:
module_args:
gather_network_resources: null
gather_subset:
- '!config'
provider: null
msg: No authentication methods available
msg: |-
The following modules failed to execute: cisco.ios.ios_facts
PLAY RECAP ********************************************************************************************************************
135.25.133.135 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Playbook run took 0 days, 0 hours, 0 minutes, 2 seconds
Wednesday 12 April 2023 17:04:16 +0000 (0:00:02.521) 0:00:02.597 *******
===============================================================================
Gathering Facts -------------------------------------------------------------------------------------------------------- 2.52s
/data/home/me/CiscoPlaybook.yml:2 ----------------------------------------------------------------------------
me@ubuntu01:~$
答案1
好的,这是否意味着 Ansible 通过 SSH 连接到路由器并尝试发出“
/bin/sh -c '/usr/bin/python && sleep 0'”命令?
对呀,是这样的。
为什么会这样呢?
两者之间是有区别的Ansible 事实和ios_facts模块 – 从远程设备收集事实的模块。
例如引用自Ansible 如何gather_facts设置变量:
默认情况下,当 Ansible 首次开始执行 play 时,它将隐式运行
setup在所有参与剧本的远程主机上安装模块。这称为“事实收集”步骤,由gather_facts剧本中的选项或gathering中的选项控制ansible.cfg。此步骤中收集的事实包括操作系统风格、版本、有关接口和磁盘的信息以及各种其他主机元数据。
因此即使
我正在指示它使用该
cisco.ios.ios_facts模块。我认为该模块告诉 Ansible 如何预期并与 Cisco 设备交互。
setup.py您将观察到 Ansible首先尝试执行一般事实收集,然后在设备专用事实收集之后执行的行为。
我是不是没有使用该
cisco.ios.ios_facts模块?
是的,但是这是剧本中稍后提到的。
如果我没有使用该
cisco.ios.ios_facts模块,有人能指出我哪里错了吗?
因此,您目前正在使用两者,在您的情况下,您需要设置gather_facts: false为仅执行设备专用模块。
进一步阅读
答案2
设置gather_facts为false剧本级别,除此之外,你的剧本看起来还不错。