expect "Press enter to continue"

[stefano...@nap-anywhere.com]

HI

I created an ansble role which install on the target hosts IBM api connect gateways software and enable the service.

I would improve this role adding configuration steps.

After the installation the APIC gateways need to be configured accessing to a dedicated command line interface, the first access is made of the following steps:

$ telnet 0 2200      //command to launch to access the CLI

Trying 0.0.0.0...

Connected to 0.

Escape character is '^]'.

stefano2.prv

Unauthorized access prohibited.

login: user          //here i need to write the username

Password: *****  // as well as the password

****************************************************************

ATTENTION: Use care when making your selections for operational

modes. If you select an incorrect mode for your environment,

the only way to change an operational mode is to reinitialize

the appliance.

Press any key to continue.

****************************************************************

I'm stuck here, i tried to add these lines:

  - name: Launch the CLI first time

    expect:

      command: telnet 0 2200

      responses:

        Question:

          login: "user"

          Password: "password"

          Press any key to continue.: /bin/bash -c "echo"

Every time i try to run the role i gt this error at the end:

TASK [Launch the CLI first time] ************************************************************************************************************************************************************************

fatal: [stefano3]: FAILED! => {"changed": false, "failed": true, "msg": "The pexpect python module is required"}

fatal: [stefano2]: FAILED! => {"changed": false, "failed": true, "msg": "The pexpect python module is required"}

        to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry

Could you help me? 

How can i answer to the "Press any key to continue"? 

Or maybe there are further errors i did not get in the previous steps.

[Kai Stian Olstad]

On Wednesday, 15 November 2017 15.07.58 CET stefano...@nap-anywhere.com wrote:
> $ telnet 0 2200 *//command to launch to access the CLI*

> Trying 0.0.0.0...
> Connected to 0.
> Escape character is '^]'.
> stefano2.prv
> Unauthorized access prohibited.
>

> login: user *//here i need to write the username*
> Password: ***** *// as well as the password*

>
> ****************************************************************
> ATTENTION: Use care when making your selections for operational
> modes. If you select an incorrect mode for your environment,
> the only way to change an operational mode is to reinitialize
> the appliance.
>
> Press any key to continue.
> ****************************************************************
>
> I'm stuck here, i tried to add these lines:
>

> * - name: Launch the CLI first time*
> * expect:*
> * command: telnet 0 2200*
> * responses:*
> * Question:*
> * login: "user"*
> * Password: "password"*
> * Press any key to continue.: /bin/bash -c "echo"*

>
> Every time i try to run the role i gt this error at the end:
>

> *TASK [Launch the CLI first time]
> *************************************************************************************************************************************************************************
> *fatal: [stefano3]: FAILED! => {"changed": false, "failed": true, "msg":
> "The pexpect python module is required"}*
> *fatal: [stefano2]: FAILED! => {"changed": false, "failed": true, "msg":
> "The pexpect python module is required"}*
> * to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry*

This error message say you are missing python pexpect module, you need to install it on the control machine.

>
> Could you help me?
> How can i answer to the "Press any key to continue"?

To press enter you only need to specify a empty string.

Press any key to continue.: ""


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

i tried to install it on my centos control machine with: yum install -y pexpect

i still have the error. Is it the right package?

[Kai Stian Olstad]

On Wednesday, 15 November 2017 16.01.10 CET stefano...@nap-anywhere.com wrote:
> i tried to install it on my centos control machine with: yum install -y
> pexpect
>
> i still have the error. Is it the right package?

I guess that's the correct package name, but is the version >=3.3, that's what you need according to the documentation.[1]

You can check that with yum or this
python -c 'import pexpect; print pexpect.__version__'

If the package is to old, an alternative is to install pexpect with pip.



[1] https://docs.ansible.com/ansible/latest/expect_module.html#requirements-on-host-that-executes-module


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

Probablyi need to describe my problem better.

I need to create a role which performs the following steps:

1. Download prerequisites packages like telnet schroot and wget
2. create the appropriate folder if does not exists
3. download a couple of .rpm packages within this folder
4. install these .rpm packages using yum
5. start the service
6. Perform some configuration

Now, i have completed all the steps till step 5, only step 6 is missing.

Step 6 is regarding an IBM command line interface configuration.

When i perform the manual configuration after all it has been installed, and the service up, i need to access to the CLI using the following command: 

$ telnet 0 2200

then a login prompt is shown:

login: username

password: password

here i need to set the default username and password. After that i get the following message:

****************************************************************

ATTENTION: Use care when making your selections for operational

modes. If you select an incorrect mode for your environment,

the only way to change an operational mode is to reinitialize

the appliance.

Press any key to continue.

****************************************************************

here i should press enter. Then a new password will be required so i need to write the new password the first time and repeat it another time.

i tried with the previous code but i get always the same error. Probably i'm not doing the right things in my playbook, do you have any suggestion?

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On 16.11.2017 12:15, stefano...@nap-anywhere.com wrote:
> Step 6 is regarding an IBM command line interface configuration.
> When i perform the manual configuration after all it has been
> installed,
> and the service up, i need to access to the CLI using the following
> command:
>

> *$ telnet 0 2200*

>
> then a login prompt is shown:
>
> login: username
> password: password
>
> here i need to set the default username and password. After that i get
> the
> following message:
>
> ****************************************************************
> ATTENTION: Use care when making your selections for operational
> modes. If you select an incorrect mode for your environment,
> the only way to change an operational mode is to reinitialize
> the appliance.
>
> Press any key to continue.
> ****************************************************************
>
> here i should press enter. Then a new password will be required so i
> need
> to write the new password the first time and repeat it another time.
>
> i tried with the previous code but i get always the same error.
> Probably
> i'm not doing the right things in my playbook, do you have any
> suggestion?

This should be the correct syntax.

- name: Launch the CLI first time
expect:
command: telnet 0 2200
responses:

login: username
password: password
Press any key to continue\.: ""

--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

I have a question.

I installed pexpect with pip since i had 2.3 version. 

If i launch the suggested command:

python -c 'import pexpect; print pexpect.__version__'

I am able to see 4.3 version.

Then i tried to run the last code suggested by Kai and i get again the error:

fatal: [stefano2]: FAILED! => {"changed": false, "failed": true, "msg": "The pexpect python module is required"}

What's wrong?

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[stefano...@nap-anywhere.com]

 installed pexpect also on remote machine and nowit is working.

Now the code you suggested provides this output:

fatal: [stefano2]: FAILED! => {

    "changed": true,

    "cmd": "telnet 0.0.0.0 2200",

    "delta": "0:00:26.267272",

    "end": "2017-11-16 14:57:39.806298",

    "failed": true,

    "invocation": {

        "module_args": {

            "chdir": null,

            "command": "telnet 0.0.0.0 2200",

            "creates": null,

            "echo": false,

            "removes": null,

            "responses": {

                "Press any key to continue\\.": "",

                "login": "username",

                "password": "password"

            },

            "timeout": 30

        }

    },

    "msg": "non-zero return code",

    "rc": 1,

    "start": "2017-11-16 14:57:13.539026",

    "stdout": "Trying 0.0.0.0...\r\r\nConnected to 0.0.0.0.\r\r\nEscape character is '^]'.\r\r\nstefano2.prv\r\nUnauthorized access prohibited.\r\nlogin: username\r\nPassword: Connection closed by foreign host.",

    "stdout_lines": [

        "Trying 0.0.0.0...",

        "",

        "Connected to 0.0.0.0.",

        "",

        "Escape character is '^]'.",

        "",

        "stefano2.prv",

        "Unauthorized access prohibited.",

        "login: username",

        "Password: Connection closed by foreign host."

    ]

}

        to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry

I just changed the command telnet 0 2200 to telnet 0.0.0.0 2200

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

In you previous mail you wrote password:, but it's actually Password with a capital P.

Default the expect responses is case sensitive, so you need to change it to
Password: password
or make it case insensitive like so
(?i)password: password


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

Yes Kai! Now i can see the progress within the CLI.

What about this kind of question?

Enable Secure Backup mode? Yes/No [y/n]:

How can i write it?

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Thursday, 16 November 2017 15.54.50 CET stefano...@nap-anywhere.com wrote:
> Yes Kai! Now i can see the progress within the CLI.
>
> What about this kind of question?
>
> Enable Secure Backup mode? Yes/No [y/n]:
>
> How can i write it?

Responses are regex so regexp special character need to be escaped by a backslash.
I think I got them all:

Enable Secure Backup mode\? Yes/No \[y/n\]: n

This will answer no.

--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

If i use what you suggest i obtained this:

I was expecting that Enable Secure Backup.... was underlined in blue as the previous one, which works properly.

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Thursday, 16 November 2017 17.06.18 CET stefano...@nap-anywhere.com wrote:
> If i use what you suggest i obtained this:

> <https://lh3.googleusercontent.com/-_qxnSQ76iOk/Wg2zS_f19RI/AAAAAAAAAAQ/vdMxK0WTDnMUsMTyAIhVt-tjFmvzeDDnACLcBGAs/s1600/Capture.png>

>
> I was expecting that Enable Secure Backup.... was underlined in blue as the
> previous one, which works properly.

That is just your editor not understanding how to syntax hilight stuff and have nothing to do with how Ansible understand it.
If you need to have it blue in the editor you can enclose it in quotes.

If you have problem and need help you'll need to run ansible-playbook with -vvv and post the result.


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

HI again,

i'm going on with the cli configuration i'm stuck on this point, i don't know how to express this:

idg(config web-mgmt)#: "some conf"

Considering what you suggested for regex for special characters.

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Friday, 17 November 2017 15.14.18 CET stefano...@nap-anywhere.com wrote:
> HI again,
>
> i'm going on with the cli configuration i'm stuck on this point, i don't
> know how to express this:
>

> *idg(config web-mgmt)#: "some conf"*

>
> Considering what you suggested for regex for special characters.

The only thing that is regexp is the parentheses
idg\(config web-mgmt\)#: "some conf"


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

Thank you Kai

i write my code here just to explain what i'm doing:

  - name: Launch the CLI with new password

    expect:

      command: telnet 0 2200

      responses:

        login: "user"

        Password: "password"

        Press any key to continue\.: ""

        Enable Secure Backup mode.*: "n"

        Enable Common Criteria Compatibility mode.*: "n"

        idg#.*: "configure terminal"

        idg\(config\)#: "web-mgmt"

        idg\(config web-mgmt\)#: "admin-state enabled"

        idg\(config web-mgmt\)#: "local-address 127.0.0.1 9090"

        idg\(config web-mgmt\)#: "exit"

        idg\(config\)#: "write memory"

        idg#: "exit"

The problem here are 2:

1) I don't know why but when the task arrives to idg\(config web-mgmt\)# using -vvv it is stuck and do not go on.

2) As you can see there are responses repeated, and this means that ansible will take always the last occurance.

Could you help me solving this problem?

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Friday, 17 November 2017 16.10.08 CET stefano...@nap-anywhere.com wrote:
> Thank you Kai
>
> i write my code here just to explain what i'm doing:
>
>
> - name: Launch the CLI with new password
> expect:
> command: telnet 0 2200
> responses:
> login: "user"
> Password: "password"
> Press any key to continue\.: ""
> Enable Secure Backup mode.*: "n"
> Enable Common Criteria Compatibility mode.*: "n"
> idg#.*: "configure terminal"
> idg\(config\)#: "web-mgmt"
> idg\(config web-mgmt\)#: "admin-state enabled"
> idg\(config web-mgmt\)#: "local-address 127.0.0.1 9090"
> idg\(config web-mgmt\)#: "exit"
> idg\(config\)#: "write memory"
> idg#: "exit"
>
> The problem here are 2:
>

> 1) I don't know why but when the task arrives to* idg\(config web-mgmt\)# *using

> -vvv it is stuck and do not go on.

Very hard to say without the -vvv output.
I see you are using .*, with expect this does nothing.
The reason is that expect is non-greedy, the * means is 0 or more, and since it's non-greedy that means no character at all.

> 2) As you can see there are responses repeated, and this means that ansible
> will take always the last occurance.

You can only have one question, but many answers, but the answers must be in a list.
It will the use the fist item the fist time it sees the question and the second one the next time is sees the same question.

responses:
login: "user"
Password: "password"
Press any key to continue\.: ""

Enable Secure Backup mode: "n"
Enable Common Criteria Compatibility mode: "n"
idg#:
- configure terminal
- exit
idg\(config\)#:
- web-mgmt
- write memory
idg\(config web-mgmt\)#:
- "admin-state enabled"
- "local-address 127.0.0.1 9090"
- "exit"


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

Thank you again Kai,

I tried your code and i get this output:

The full traceback is:

  File "/tmp/ansible_its4CY/ansible_module_expect.py", line 109, in wrapped

    return next(resp_gen)

fatal: [stefano2]: FAILED! => {

    "changed": false,

    "failed": true,

    "invocation": {

        "module_args": {

            "chdir": null,

            "command": "telnet 0 2200",

            "creates": null,

            "echo": false,

            "removes": null,

            "responses": {

                "Enable Common Criteria Compatibility mode.*": "n",

                "Enable Secure Backup mode.*": "n",

                "Password": "password",

                "Press any key to continue\\.": "",

                "idg#": [

                    "configure terminal"

                ],

                "idg\\(config web-mgmt\\)#": [

                    "admin-state enabled",

                    "local-address 127.0.0.1 9090",

                    "exit"

                ],

                "idg\\(config\\)#": [

                    "web-mgmt",

                    "write memory"

                ],

                "login": "admin"

            },

            "timeout": 30

        }

    },

    "msg": "No remaining responses for 'idg\\(config\\)#', output was ' write memory\r\n\r\n% Saving configuration failed - disabled.\r\n\r\nidg(config)#'"

}

        to retry, use: --limit @/etc/ansible/api_gateways/apigw_conf.retry

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Friday, 17 November 2017 17.23.19 CET stefano...@nap-anywhere.com wrote:
> Thank you again Kai,
>
> I tried your code and i get this output:
>

> *The full traceback is:*
> * File "/tmp/ansible_its4CY/ansible_module_expect.py", line 109, in
> wrapped*
> * return next(resp_gen)*
>
> *fatal: [stefano2]: FAILED! => {*
> * "changed": false,*
> * "failed": true,*
> * "invocation": {*
> * "module_args": {*
> * "chdir": null,*
> * "command": "telnet 0 2200",*
> * "creates": null,*
> * "echo": false,*
> * "removes": null,*
> * "responses": {*
> * "Enable Common Criteria Compatibility mode.*": "n",*
> * "Enable Secure Backup mode.*": "n",*
> * "Password": "password",*
> * "Press any key to continue\\.": "",*
> * "idg#": [*
> * "configure terminal"*
> * ],*
> * "idg\\(config web-mgmt\\)#": [*
> * "admin-state enabled",*
> * "local-address 127.0.0.1 9090",*
> * "exit"*
> * ],*
> * "idg\\(config\\)#": [*
> * "web-mgmt",*
> * "write memory"*
> * ],*
> * "login": "admin"*
> * },*
> * "timeout": 30*
> * }*
> * },*
> * "msg": "No remaining responses for 'idg\\(config\\)#', output was '

> write memory\r\n\r\n% Saving configuration failed -

> disabled.\r\n\r\nidg(config)#'"*

The messages say "No remaining responses for 'idg\\(config\\)#" so it when empty for answers for this question, maybe you are missing an exit for this question/prompt?


--
Kai Stian Olstad

[stefano...@nap-anywhere.com]

Yes kai it was the problem!

Now i am sure the number of exit is correct and the configuration go fine, at the end now i get this message, even if the configuration is done i get such an error how can i avoid it? I mean now this error it is not an error, after i finished the configuration i exited the CLI and that's all.

fatal: [stefano2]: FAILED! => {

    "changed": true,

    "cmd": "telnet 0 2200",

    "delta": "0:00:01.291377",

    "end": "2017-11-17 17:42:29.319194",

    "failed": true,

    "invocation": {

        "module_args": {

            "chdir": null,

            "command": "telnet 0 2200",

            "creates": null,

            "echo": false,

            "removes": null,

            "responses": {

                "Enable Common Criteria Compatibility mode.*": "n",

                "Enable Secure Backup mode.*": "n",

                "Password": "password",

                "Press any key to continue\\.": "",

                "idg#": [

                    "configure terminal",

                    "exit"

                ],

                "idg\\(config web-mgmt\\)#": [

                    "admin-state enabled",

                    "local-address 127.0.0.1 9090",

                    "exit"

                ],

                "idg\\(config\\)#": [

                    "web-mgmt",

                    "write memory",

                    "exit"

                ],

                "login": "admin"

            },

            "timeout": 30

        }

    },

    "msg": "non-zero return code",

    "rc": 1,

    "start": "2017-11-17 17:42:28.027817",

    "stdout": "Trying 0.0.0.0...\r\r\nConnected to 0.\r\r\nEscape character is '^]'.\r\r\nstefano2.prv\r\nUnauthorized access prohibited.\r\nlogin: admin\r\nPassword: *********\r\n**************************************************************** \r\nATTENTION: Use care when making your selections for operational \r\nmodes. If you select an incorrect mode for your environment, \r\nthe only way to change an operational mode is to reinitialize \r\nthe appliance. \r\n\r\nPress any key to continue.\r\n**************************************************************** \r\n\nSecure backup mode allows you to create a secure backup to recover the \r\nconfiguration of an appliance. A secure backup contains private data from \r\nthe appliance, including certificates, keys, and user data. \r\nYou cannot see the data in the backup, for only a DataPower appliance can decrypt the backup. \r\n\r\nYou should enable this mode to create secure backups for use after an \r\nappliance failure or during end-of-life migration. \r\n\r\nEnable Secure Backup mode? Yes/No [y/n]:n\r\n\nCommon Criteria places the appliance in a mode that \r\nenforces a set of policies that is required to pass Common Criteria \r\nsecurity testing (EAL4).\r\n\r\nIf you are unsure about whether to enable this mode, you should probably \r\nanswer no.\r\n\r\nEnable Common Criteria Compatibility mode? Yes/No [y/n]: n\r\n\r\nWelcome to IBM DataPower Gateway console configuration. \r\nCopyright IBM Corporation 1999-2016 \r\n\r\nVersion: IDG.7.5.0.0 build 274960 on Mar 11, 2016 3:09:45 PM\r\nSerial number: 0000001\r\n\r\n\r\n% The platform or the OS distribution is not supported\r\n\r\n\r\n% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.\r\n\r\nYou must read and agree to the terms of the license agreement using the WebGUI.\r\nIf you did not configure the Web Management Interface, you must do it now with \r\nthe following command:\r\n configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit\r\n\r\nidg# configure terminal\r\nGlobal configuration mode\r\nidg(config)# web-mgmt\r\nModify Web Management Service configuration\r\n\r\nidg(config web-mgmt)# admin-state enabled\r\nidg(config web-mgmt)# local-address 127.0.0.1 9090\r\nidg(config web-mgmt)# exit\r\n\r\n% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.\r\n\r\nidg(config)# write memory\r\n\r\n% Saving configuration failed - disabled.\r\n\r\nidg(config)# exit\r\n\r\n% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.\r\n\r\nidg# exit\r\nGoodbye.\r\nConnection closed by foreign host.",

    "stdout_lines": [

        "Trying 0.0.0.0...",

        "",

        "Connected to 0.",

        "",

        "Escape character is '^]'.",

        "",

        "stefano2.prv",

        "Unauthorized access prohibited.",

        "login: admin",

        "Password: *********",

        "**************************************************************** ",

        "ATTENTION: Use care when making your selections for operational ",

        "modes. If you select an incorrect mode for your environment, ",

        "the only way to change an operational mode is to reinitialize ",

        "the appliance. ",

        "",

        "Press any key to continue.",

        "**************************************************************** ",

        "",

        "Secure backup mode allows you to create a secure backup to recover the ",

        "configuration of an appliance. A secure backup contains private data from ",

        "the appliance, including certificates, keys, and user data. ",

        "You cannot see the data in the backup, for only a DataPower appliance can decrypt the backup. ",

        "",

        "You should enable this mode to create secure backups for use after an ",

        "appliance failure or during end-of-life migration. ",

        "",

        "Enable Secure Backup mode? Yes/No [y/n]:n",

        "",

        "Common Criteria places the appliance in a mode that ",

        "enforces a set of policies that is required to pass Common Criteria ",

        "security testing (EAL4).",

        "",

        "If you are unsure about whether to enable this mode, you should probably ",

        "answer no.",

        "",

        "Enable Common Criteria Compatibility mode? Yes/No [y/n]: n",

        "",

        "Welcome to IBM DataPower Gateway console configuration. ",

        "Copyright IBM Corporation 1999-2016 ",

        "",

        "Version: IDG.7.5.0.0 build 274960 on Mar 11, 2016 3:09:45 PM",

        "Serial number: 0000001",

        "",

        "",

        "% The platform or the OS distribution is not supported",

        "",

        "",

        "% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.",

        "",

        "You must read and agree to the terms of the license agreement using the WebGUI.",

        "If you did not configure the Web Management Interface, you must do it now with ",

        "the following command:",

        " configure terminal;web-mgmt;admin-state enabled;local-address 0 9090;exit",

        "",

        "idg# configure terminal",

        "Global configuration mode",

        "idg(config)# web-mgmt",

        "Modify Web Management Service configuration",

        "",

        "idg(config web-mgmt)# admin-state enabled",

        "idg(config web-mgmt)# local-address 127.0.0.1 9090",

        "idg(config web-mgmt)# exit",

        "",

        "% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.",

        "",

        "idg(config)# write memory",

        "",

        "% Saving configuration failed - disabled.",

        "",

        "idg(config)# exit",

        "",

        "% The appliance is in failsafe console mode. Only the default domain and a serial console interface are active. In this failsafe mode the appliance cannot accept client requests. Contact IBM Support.",

        "",

        "idg# exit",

        "Goodbye.",

        "Connection closed by foreign host."

    ]

}

  

On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:

[Kai Stian Olstad]

On Friday, 17 November 2017 17.46.20 CET stefano...@nap-anywhere.com wrote:
> Yes kai it was the problem!
>
> Now i am sure the number of exit is correct and the configuration go fine,
> at the end now i get this message, even if the configuration is done i get
> such an error how can i avoid it? I mean now this error it is not an error,
> after i finished the configuration i exited the CLI and that's all.
>

<snip />

> * "msg": "non-zero return code",*
> * "rc": 1,*

The telnet command is returning return code 1, and Ansible takes that as a failure.


<snip />

> * "Global configuration mode",*
> * "idg(config)# web-mgmt",*
> * "Modify Web Management Service configuration",*
> * "",*
> * "idg(config web-mgmt)# admin-state enabled",*
> * "idg(config web-mgmt)# local-address 127.0.0.1 9090",*
> * "idg(config web-mgmt)# exit",*
> * "",*
> * "% The appliance is in failsafe console mode. Only the default

> domain and a serial console interface are active. In this failsafe mode the

> appliance cannot accept client requests. Contact IBM Support.",*
> * "",*
> * "idg(config)# write memory",*
> * "",*
> * "% Saving configuration failed - disabled.",*
> * "",*
> * "idg(config)# exit",*
> * "",*
> * "% The appliance is in failsafe console mode. Only the default

> domain and a serial console interface are active. In this failsafe mode the

> appliance cannot accept client requests. Contact IBM Support.",*
> * "",*
> * "idg# exit",*
> * "Goodbye.",*
> * "Connection closed by foreign host."*
> * ]*
> *}*

This looks good but sometime some HW return an error anyway.
Fortunately you have options to handle this[1].

One is to set

ignore_errors: true

on the task, personally I don't like this one, since the output still looks like something went wrong.
The other alternative is adding

fail_when: false

or

register: result
failed_when: result.rc > 1

to the task.


[1] https://docs.ansible.com/ansible/latest/playbooks_error_handling.html

--
Kai Stian Olstad

[ayyappan ramanan]

Hi Stefano,

I am an Ansible newb. I have a similar problem as yours. I was looking for solutions to send break sequence to the console (Ctrl+]).

I am unsure if this helps, but in some google groups, I remember seeing EXPECT module being used to interact with such CLIs. Just in case if you did not try this before. Secondly, just a thought, could '\n' solve your problem sending Carriage Return/Enter to CLI.

Glad if this helps,

AR

[stefano...@nap-anywhere.com]

Hi  ayyappan ramanan

I finally figured out my issue, now i am able to configure the CLI correctly using expect module as explained by Kai.

Once i fixed minor issues, i will post the whole code so that can be helpful to everyone need this kind of configuration.

[stefano...@nap-anywhere.com]

Here the code to make the CLI configuration:

  - name: Launch the CLI first time

    expect:

      command: telnet 0 2200

      responses:

        login: "user"

        Password: "passwd"

        Press any key to continue\.: ""

        Enable Secure Backup mode.*: "n"

        Enable Common Criteria Compatibility mode.*: "n"

        Please enter new password.*: "new_password!"

        Please re-enter new password to confirm.*: "new_password!"

        idg#:

          - configure terminal

          - exit

        idg\(config\)#:

          - web-mgmt

          - write memory

          - "exit"

        idg\(config web-mgmt\)#:

          - "admin-state enabled"

          - "local-address <host> <port>"

          - "exit"

    register: result

    failed_when: result.rc > 1

    tags:

       - cli

this code perform these actions:

1)Access the cli with telnet 0 2200

2)insert default username and password

3)Press enter

4)Answer No to a couple of questions

5)add new password and confirm it again

6) then start with configuration:

• configure terminal
• web-mgmt
• admin-state enabled

• local-address host port
• exit
• write memory
• exit

A tag "cli" is added in case to run only the last step, indeed this is the last step of a larger playbook

Hoping to help someone.

Regards

[stefano...@nap-anywhere.com]

[ayyappan ramanan]

Thanks for the update Stefano. Much appreciated. I have been wanting try your script and respond, but did not get a chance.

How do you run this playbook without specifying hosts?

[rites...@gmail.com]

Hi Stefano, 

Is it necessary to install Pexpect on remote machine as well?

Thanks & Regards,

Ritesh Gupta.

[Stefan Hornburg (Racke)]

On 7/8/20 12:19 PM, rites...@gmail.com wrote:
> Hi Stefano, 
>
> Is it necessary to install Pexpect on remote machine as well?
>
> Thanks & Regards,
> Ritesh Gupta.

Yes, see the module documentation: https://docs.ansible.com/ansible/latest/modules/expect_module.html

Regards
Racke

>
> On Thursday, 16 November 2017 19:30:29 UTC+5:30, stefano...@nap-anywhere.com wrote:
>
>  installed pexpect also on remote machine and nowit is working.
>
> Now the code you suggested provides this output:
>

> *fatal: [stefano2]: FAILED! => {*

> *    "changed": true,*
> *    "cmd": "telnet 0.0.0.0 2200",*
> *    "delta": "0:00:26.267272",*
> *    "end": "2017-11-16 14:57:39.806298",*

> *    "failed": true,*
> *    "invocation": {*
> *        "module_args": {*
> *            "chdir": null,*

> *            "command": "telnet 0.0.0.0 2200",*

> *            "creates": null,*
> *            "echo": false,*
> *            "removes": null,*
> *            "responses": {*

> *                "Press any key to continue\\.": "",*
> *                "login": "username",*
> *                "password": "password"*

> *            },*
> *            "timeout": 30*
> *        }*
> *    },*

> *    "msg": "non-zero return code",*
> *    "rc": 1,*

> *    "start": "2017-11-16 14:57:13.539026",*
> *    "stdout": "Trying 0.0.0.0...\r\r\nConnected to 0.0.0.0.\r\r\nEscape character is

> '^]'.\r\r\nstefano2.prv\r\nUnauthorized access prohibited.\r\nlogin: username\r\nPassword: Connection closed by

> foreign host.",*
> *    "stdout_lines": [*
> *        "Trying 0.0.0.0...",*
> *        "",*
> *        "Connected to 0.0.0.0.",*
> *        "",*
> *        "Escape character is '^]'.",*
> *        "",*
> *        "stefano2.prv",*
> *        "Unauthorized access prohibited.",*
> *        "login: username",*
> *        "Password: Connection closed by foreign host."*
> *    ]*
> *}*
> *        to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry*
> *
> *
> I just changed the command telnet 0 2200 to *telnet 0.0.0.0 2200*

>
> On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com wrote:
>
> HI
>
> I created an ansble role which install on the target hosts IBM api connect gateways software and enable the service.
> I would improve this role adding configuration steps.
>
> After the installation the APIC gateways need to be configured accessing to a dedicated command line interface,
> the first access is made of the following steps:
>

> $ telnet 0 2200      *//command to launch to access the CLI*

> Trying 0.0.0.0...
> Connected to 0.
> Escape character is '^]'.
> stefano2.prv
> Unauthorized access prohibited.
>

> login: user          *//here i need to write the username*
> Password: *****  *// as well as the password*

>
> ****************************************************************
> ATTENTION: Use care when making your selections for operational
> modes. If you select an incorrect mode for your environment,
> the only way to change an operational mode is to reinitialize
> the appliance.
>
> Press any key to continue.
> ****************************************************************
>
> I'm stuck here, i tried to add these lines:
>

>  *- name: Launch the CLI first time*
> *    expect:*
> *      command: telnet 0 2200*
> *      responses:*
> *        Question:*
> *          login: "user"*
> *          Password: "password"*
> *          Press any key to continue.: /bin/bash -c "echo"*
> *
> *

> Every time i try to run the role i gt this error at the end:
>

> *TASK [Launch the CLI first time]
> *************************************************************************************************************************************************************************
> *fatal: [stefano3]: FAILED! => {"changed": false, "failed": true, "msg": "The pexpect python module is required"}*
> *fatal: [stefano2]: FAILED! => {"changed": false, "failed": true, "msg": "The pexpect python module is required"}*
> *        to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry*

>
> Could you help me? 
> How can i answer to the "Press any key to continue"? 
>
> Or maybe there are further errors i did not get in the previous steps.
>
>

> --
> You received this message because you are subscribed to the Google Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
> ansible-proje...@googlegroups.com <mailto:ansible-proje...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2889a856-b49b-48e9-8881-d2a016735cd5o%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/2889a856-b49b-48e9-8881-d2a016735cd5o%40googlegroups.com?utm_medium=email&utm_source=footer>.


--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.