Ansible ios_command: copy tftp: flash: keeps sending IOS file data until timeout

19 views
Skip to first unread message

Frankie Soto

unread,
Jun 16, 2019, 11:02:24 AM6/16/19
to Ansible Project
Hi!

I am trying to automate the process of upgrading IOS on Cisco devices.

Everything seems to be working fine until the process of copying the file begins.

The issue I am encountering is that ansible keeps sending data (I assume it keeps sending the same file a couple of times in a stream) to the IOS device.

I noticed this issue when I logged in to one of the switches to which I am trying to upgrade and saw how the file keeps growing and growing, to up to four times its size (i.e. filesize is ~ 21k but it was growing already on th 80k+).

Process ends when the "timeout" time is reached.  Subsequently, the file gets deleted from the switch, as the switches interprets that the file transfer was interrupted.


Here is y core.  Any help will be much appreciated:

---
- hosts: [HOSTS]
  gather_facts: yes
  connection: local

  vars:
    compliant_ios_version: 15.2(4)E8
    new_ios_bin: c3560cx-universalk9-mz.152-4.E8.bin
    new_ios_md5: bf2f1960b1fe0a05bdc69e17d82fcfed
    should_reboot: YES

  vars_prompt:
  - name: username
    prompt: "Enter username: "
    private: no

  - name: password
    prompt: "Enter password: "
    private: yes

  - name: auth_pass
    prompt: "Enter enable secret: "
    private: yes

  tasks:

  - name: gathering HOSTS facts
    ios_facts:
      username: "{{ username }}"
      password: "{{ password }}"
      authorize: yes
      auth_pass: "{{ auth_pass }}"
      timeout: 30
    register: all_facts

  - name:  Verifying if file exists in flash
    ios_command:
      commands:
        - command: dir | include "{{ new_ios_bin }}"
      username: "{{ username }}"
      password: "{{ password }}"
      authorize: yes
      auth_pass: "{{ auth_pass }}"
      timeout: 30
    register: new_ios_on_flash

  - name:  Debugging new_ios_on_flash
    debug:
      msg: new ios is flash is "{{ new_ios_on_flash }}"

  - name: Starting IOS upgrade process
    block:

    - name: Upgrade IOS images if not compliant
      block:
      - name:  Download new IOS image if it is not already on flash
        ios_command:
          commands:
            - command: 'copy tftp://55.44.246.96/c3560cx-universalk9-mz.152-4.E8.bin flash:'
              prompt: 'c3560cx-universalk9-mz.152-4.E8.bin'
              answer: "\r"
          username: "{{ username }}"
          password: "{{ password }}"
          authorize: yes
          auth_pass: "{{ auth_pass }}"
          timeout: 600
      when: new_ios_on_flash.stdout[0] == ""

    - name: Checking MD5 hash
      ios_command:
        commands:
        - command: "verify /md5 flash:/{{ new_ios_bin }}"
        username: "{{ username }}"
        password: "{{ password }}"
        authorize: yes
        auth_pass: "{{ auth_pass }}"
        timeout: 3000
      register: md5_result

    - name:  Set boot var if MD5 matches
      block:
      - name:  Changing boot var
        ios_config:
          lines:
            - default boot system
            - boot system flash:/"{{ new_ios_bin }}"
          username: "{{ username }}"
          password: "{{ password }}"
          authorize: yes
          auth_pass: "{{ auth_pass }}"
          save_when: always
          timeout: 150
        register: new_ios_on_flash

      - name:  Setting boot var
        ios_command:
          commands:
          - command: "reload at 23:00\ny"
          username: "{{ username }}"
          password: "{{ password }}"
          authorize: yes
          auth_pass: "{{ auth_pass }}"
          timeout: 30

      when: md5_result.stdout[0][-32:] == new_ios_md5

    when: ansible_net_version != compliant_ios_version

Mysimpia

unread,
Jan 14, 2020, 8:49:44 AM1/14/20
to Ansible Project

Ansible version : 2.9
Python version : 3.7.5

I also tried many times with sftp or scp with ios_command module but no luck. Instead, as shown below, net_put successfully copied the file over to the Cisco switch. The ansible_ssh_user and ansible_ssh_pass needs to be set in inventory file.

One issue I'm facing with the net_put module is that next task using ios_command after the copying fails to be executed. It gave error message "ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)".
 
- name: Upgrade NM switch Firmware
  hosts: nm_switch
  connection: network_cli
  remote_user: cisco

- name: Copy over ios image
  net_put:
    src: "{{ nm_sw_image_file }}" # Need ansible_ssh_user and ansible_ssh_pass set up.
  vars:
    ansible_command_timeout: 3600 # default time out is 30 sec. Image copy takes about 30 min

Gerry Maddock

unread,
Jan 14, 2020, 11:14:59 AM1/14/20
to Ansible Project
I had the same issue, I ended up using scp:
- name: COPY OVER IOS IMAGE
        command: "firmwarename.bin {{inventory_hostname}}:flash:/firmwarename.bin"

I ran a separate playbook 1st to enable scp on the switches.


On Sunday, June 16, 2019 at 11:02:24 AM UTC-4, Frankie Soto wrote:

Gerry Maddock

unread,
Jan 14, 2020, 11:18:19 AM1/14/20
to Ansible Project
Below is the playbook to enable scp on switches/routers:

 tasks:
    - name: IOS CONFIG 1a
      ios_config:
        lines:
          - ip scp server enable
Reply all
Reply to author
Forward
0 new messages