only show run give error

258 views
Skip to first unread message

nbctcp

unread,
Aug 15, 2018, 10:40:03 PM8/15/18
to Ansible Project
Hi,
I have working playbook to cisco on eve-ng.
It will give error only when I want to run "show run".
Other commands like "show version" "show clock" all ok

Please help
tq

# cat showrun.yml
---
- name: Run multiple commands
  connection: network_cli
  hosts: cisco1
  gather_facts: true
  tasks:
    - name: run multiple commands
      ios_command:
        commands:
        - show run
        #- show version | i Version
        #- show clock
        #- show interfaces
      register: output
      #- name: copy output to file
      #copy: content="{{ output.stdout[0] }}" dest=./output/{{ inventory_hostname }}.txt
    - debug: var=output.stdout_lines


$ ansible-playbook playbooks/showrun.yml -vvv
ansible-playbook 2.6.2
  config file = /home/ansible/ansible.cfg
  configured module search path = ['/home/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/ansible/venv/lib/python3.6/site-packages/ansible
  executable location = /home/ansible/venv/bin/ansible-playbook
  python version = 3.6.5 (default, Apr  1 2018, 05:46:30) [GCC 7.3.0]
Using /home/ansible/ansible.cfg as config file
Parsed /home/ansible/hosts inventory source with ini plugin

PLAYBOOK: showrun.yml **************************************************************************************************************************************************
1 plays in playbooks/showrun.yml

PLAY [Run multiple commands] *******************************************************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************************************************************
task path: /home/ansible/playbooks/showrun.yml:2
<10.0.10.121> ESTABLISH LOCAL CONNECTION FOR USER: ansible
<10.0.10.121> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411 `" && echo ansible-tmp-1534386912.3813972-196083843233411="` echo /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411 `" ) && sleep 0'
Using module file /home/ansible/venv/lib/python3.6/site-packages/ansible/modules/system/setup.py
<10.0.10.121> PUT /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/tmp3kzw2f95 TO /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411/setup.py
<10.0.10.121> EXEC /bin/sh -c 'chmod u+x /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411/ /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411/setup.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c '/usr/bin/python /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411/setup.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c 'rm -f -r /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386912.3813972-196083843233411/ > /dev/null 2>&1 && sleep 0'
ok: [cisco1]
META: ran handlers

TASK [run multiple commands] *******************************************************************************************************************************************
task path: /home/ansible/playbooks/showrun.yml:7
<10.0.10.121> ESTABLISH LOCAL CONNECTION FOR USER: ansible
<10.0.10.121> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421 `" && echo ansible-tmp-1534386914.3947628-278108563303421="` echo /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421 `" ) && sleep 0'
Using module file /home/ansible/venv/lib/python3.6/site-packages/ansible/modules/network/ios/ios_command.py
<10.0.10.121> PUT /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/tmpz5e4ld0b TO /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421/ios_command.py
<10.0.10.121> EXEC /bin/sh -c 'chmod u+x /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421/ /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421/ios_command.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c '/usr/bin/python /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421/ios_command.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c 'rm -f -r /home/ansible/.ansible/tmp/ansible-local-83237mckmzfi/ansible-tmp-1534386914.3947628-278108563303421/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_6dBGln/ansible_module_ios_command.py", line 247, in <module>
    main()
  File "/tmp/ansible_6dBGln/ansible_module_ios_command.py", line 217, in main
    responses = run_commands(module, commands)
  File "/tmp/ansible_6dBGln/ansible_modlib.zip/ansible/module_utils/network/ios/ios.py", line 148, in run_commands
  File "/tmp/ansible_6dBGln/ansible_modlib.zip/ansible/module_utils/connection.py", line 149, in __rpc__
ansible.module_utils.connection.ConnectionError: show run
             ^
% Invalid input detected at '^' marker.

Cisco1>

fatal: [cisco1]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_6dBGln/ansible_module_ios_command.py\", line 247, in <module>\n    main()\n  File \"/tmp/ansible_6dBGln/ansible_module_ios_command.py\", line 217, in main\n    responses = run_commands(module, commands)\n  File \"/tmp/ansible_6dBGln/ansible_modlib.zip/ansible/module_utils/network/ios/ios.py\", line 148, in run_commands\n  File \"/tmp/ansible_6dBGln/ansible_modlib.zip/ansible/module_utils/connection.py\", line 149, in __rpc__\nansible.module_utils.connection.ConnectionError: show run\r\n             ^\r\n% Invalid input detected at '^' marker.\r\n\r\nCisco1>\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE",
    "rc": 1
}

PLAY RECAP *************************************************************************************************************************************************************
cisco1                     : ok=1    changed=0    unreachable=0    failed=1

Kai Stian Olstad

unread,
Aug 16, 2018, 7:02:24 AM8/16/18
to ansible...@googlegroups.com
show run need enable if I remember correctly.
How to use enable with network_cli is documented here
https://docs.ansible.com/ansible/2.6/network/user_guide/platform_ios.html


--
Kai Stian Olstad


nbctcp

unread,
Aug 17, 2018, 8:42:02 PM8/17/18
to Ansible Project
It will work if I put username and password directly in hosts, but not if separate file.
I want separate file so that I can do vault on it

$ cat ansible.cfg
[defaults]
inventory       = hosts
host_key_checking = False
pipelining = True
retry_files_enabled = False
display_skipped_hosts = True
log_path = /tmp/ansible.log

[persistent_connection]
command_timeout=100
connect_timeout=100
connect_retry_timeout=100


$ cat hosts
[cisco]
cisco1 ansible_host=10.0.10.121

[cisco:vars]
ansible_network_os=ios
ansible_become=yes
ansible_become_method=enable
ansible_user=cisco
ansible_password=cisco
ansible_become_pass=cisco

# cat playbooks/showrun.yml
 ---
- name: Run multiple commands
  connection: network_cli
  hosts: cisco1
  gather_facts: true
  tasks:
    - name: run multiple commands
      ios_command:
        commands:
      register: output
    - name: copy output to file
      copy: content="{{ output.stdout[0] }}" dest=./output/{{ inventory_hostname }}.txt
    - debug: var=output.stdout_lines
...


BUT NOT
# cat hosts
[cisco]
cisco1 ansible_host=10.0.10.121

# cat playbooks/showrun.yml
---
- name: show run
  connection: network_cli
  hosts: cisco1
  gather_facts: no
  tasks:
    - name: GET CREDENTIALS
      include_vars: ../group_vars/secretsios.yml

    - name: DEFINE CONNECTION
      set_fact:
        connection:
          authorize: yes
          host: "{{ inventory_hostname }}"
          username: "{{ creds['username'] }}"
          password: "{{ creds['password'] }}"
          auth_pass: "{{ creds['auth_pass'] }}"

    - name: run multiple commands
      ios_command:
        commands:
        - show run
      register: output

    - name: copy output to file
      copy:
        content: "{{ output.stdout[0] }}"
        dest: "./output/{{ inventory_hostname }}.txt"
    - debug: var=output.stdout_lines
...

# cat group_vars/secretsios.yml
---
creds:
  username: cisco
  password: cisco
  auth_pass: cisco


ERROR
# ansible-playbook playbooks/showrun.yml -vvv
ansible-playbook 2.6.3
  config file = /home/admin2/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0]
Using /home/admin2/ansible.cfg as config file
Parsed /home/admin2/hosts inventory source with ini plugin

PLAYBOOK: showrun.yml **********************************************************
1 plays in playbooks/showrun.yml

PLAY [show run] ****************************************************************
META: ran handlers

TASK [GET CREDENTIALS] *********************************************************
task path: /home/admin2/playbooks/showrun.yml:7
ok: [cisco1] => {
    "ansible_facts": {
        "creds": {
            "auth_pass": "cisco",
            "password": "cisco",
            "username": "cisco"
        }
    },
    "ansible_included_var_files": [
        "/home/admin2/playbooks/../group_vars/secretsios.yml"
    ],
    "changed": false
}

TASK [DEFINE CONNECTION] *******************************************************
task path: /home/admin2/playbooks/showrun.yml:10
ok: [cisco1] => {
    "ansible_facts": {
        "connection": {
            "auth_pass": "cisco",
            "authorize": true,
            "host": "cisco1",
            "password": "cisco",
            "username": "cisco"
        }
    },
    "changed": false
}

TASK [run multiple commands] ***************************************************
task path: /home/admin2/playbooks/showrun.yml:19
<10.0.10.121> ESTABLISH LOCAL CONNECTION FOR USER: root
<10.0.10.121> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641 `" && echo ansible-tmp-1534552899.65-149684144124641="` echo /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641 `" ) && sleep 0'
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_command.py
<10.0.10.121> PUT /root/.ansible/tmp/ansible-local-10400nREdne/tmpOszBMB TO /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641/ios_command.py
<10.0.10.121> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641/ /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641/ios_command.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641/ios_command.py && sleep 0'
<10.0.10.121> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-local-10400nREdne/ansible-tmp-1534552899.65-149684144124641/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_Tln4FQ/ansible_module_ios_command.py", line 247, in <module>
    main()
  File "/tmp/ansible_Tln4FQ/ansible_module_ios_command.py", line 217, in main
    responses = run_commands(module, commands)
  File "/tmp/ansible_Tln4FQ/ansible_modlib.zip/ansible/module_utils/network/ios/ios.py", line 148, in run_commands
  File "/tmp/ansible_Tln4FQ/ansible_modlib.zip/ansible/module_utils/connection.py", line 174, in __rpc__
ansible.module_utils.connection.ConnectionError: show run
             ^
% Invalid input detected at '^' marker.

Cisco1>

fatal: [cisco1]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_Tln4FQ/ansible_module_ios_command.py\", line 247, in <module>\n    main()\n  File \"/tmp/ansible_Tln4FQ/ansible_module_ios_command.py\", line 217, in main\n    responses = run_commands(module, commands)\n  File \"/tmp/ansible_Tln4FQ/ansible_modlib.zip/ansible/module_utils/network/ios/ios.py\", line 148, in run_commands\n  File \"/tmp/ansible_Tln4FQ/ansible_modlib.zip/ansible/module_utils/connection.py\", line 174, in __rpc__\nansible.module_utils.connection.ConnectionError: show run\r\n             ^\r\n% Invalid input detected at '^' marker.\r\n\r\nCisco1>\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE",
    "rc": 1
}

PLAY RECAP *********************************************************************
cisco1                     : ok=2    changed=0    unreachable=0    failed=1

Kai Stian Olstad

unread,
Aug 18, 2018, 7:15:45 AM8/18/18
to ansible...@googlegroups.com
You shouldn't do this, group_vars is special in Ansible and automatically load variables from this directory.
So if you have a group called "mygroup" it will load the file group_vars/mygroup.yml for all host in that group.
In your case this is for the group called "secretsios".

If this is only manually loaded variables you should choose another name since group_vars has special meaning.


> - name: DEFINE CONNECTION
> set_fact:
> connection:
> authorize: yes
> host: "{{ inventory_hostname }}"
> username: "{{ creds['username'] }}"
> password: "{{ creds['password'] }}"
> auth_pass: "{{ creds['auth_pass'] }}"

You aren't using the variable anywhere in your playbook so this have no effect, and you shouldn't use variable name that is the same as Ansible directive.

Instead, you should create a file group_vars/cisco.yml since your host is in the cisco group.
The content should be the same as your vars in the inventory of your first example.

group_vars/cisco.yml
---
ansible_network_os=ios
ansible_become=yes
ansible_become_method=enable
ansible_user=cisco
ansible_password=cisco
ansible_become_pass=cisco



--
Kai Stian Olstad


nbctcp

unread,
Aug 19, 2018, 5:19:22 AM8/19/18
to Ansible Project
This settings works
I miss to put "become: yes" in the playbook

tq for your support

# cat hosts
[cisco]
cisco1 ansible_host=10.0.10.121

# cat playbooks/showrun.yml
---
- name: show run
  connection: network_cli
  hosts: cisco1
  gather_facts: no
  become: yes
  tasks:
    - name: run multiple commands
      ios_command:
        commands:
        - show run
        #- show version | i Version
        #- show clock
        #- show interfaces
      register: output

    - name: copy output to file
      copy:
        content: "{{ output.stdout[0] }}"
        dest: "./output/{{ inventory_hostname }}.txt"
    - debug: var=output.stdout_lines
...

# cat group_vars/cisco.yml
---
ansible_connection: network_cli
ansible_network_os: ios
ansible_user: cisco
ansible_ssh_pass: cisco
ansbile_become: yes
ansible_become_method: enable
ansible_become_pass: cisco
Reply all
Reply to author
Forward
0 new messages