Ansible 2.3.0 Connecting to Cisco IOS router
931 views
Skip to first unread message
Patrick Matheny
Jun 21, 2017, 12:29:56 PM6/21/17
to Ansible Project
I'm very new to Ansible. I have a small lab running and I'm trying to evaluate the use of Ansible for making network changes. I have a workstations running CentOS Linux release 7.3.1611 and Ansible 2.3.0 as a fresh install. I'm using a cisco 819 router running Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M.3. I can SSH from the workstation to the router from the work station and via putty on a windows 10 machine but when I try a connection test I get the following:
[pat@new-host-8 ~]$ansible all -m ping
192.168.1.142 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
I've run multiple debugs. Can anyone make a suggestion on what the issue might be? I've done some research and have run a number of raw commands as well as a small playbook it appears to not be an SSH error but an issue within an Ansible module with sleep 0 command..
Regards
Pat
Testing SSH terminal session from Ansible host system to the router
[pat@new-host-8 ~]$ ssh 192.168.1.142 -l pat
819#
####################
Info from Ansible ping test to router
Ansible Debug info for session - I see some errors around a mask and trying to make a directory Am i lacking permission to
[pat@new-host-8 ~]$ ansible 192.168.1.142 -m ping -u pat -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'echo ~ && sleep 0\'"', '')
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" && echo ansible-tmp-1497270543.59-269982208566076="` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" ) && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c \'"\'"\'echo ~ && sleep 0\'"\'"\'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" && echo ansible-tmp-1497270543.59-269982208566076="` echo Line has invalid autocomma"', '')
<192.168.1.142> PUT /tmp/tmp5htyf9 TO "` echo Line has invalid autocomma"/ping.py
<192.168.1.142> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 '[192.168.1.142]'
<192.168.1.142> (255, '', 'Connection closed\r\n')
192.168.1.142 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
[pat@new-host-8 ~]$
################
Router Debug info from Ansible ping test
819#
*Jun 12 12:10:12.685: SSH1: starting SSH control process
*Jun 12 12:10:12.685: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:12.685: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:12.685: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:12.685: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:12.685: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:12.685: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:12.685: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:12.809: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:12.813: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:12.997: SSH2: kex_derive_keys complete
*Jun 12 12:10:12.997: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:12.997: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:12.997: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:13.197: SSH2 1: Using method = none
*Jun 12 12:10:13.197: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:13.201: SSH2 1: Using method = publickey
*Jun 12 12:10:13.201: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:13.201: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:13.205: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:13.205: SSH2 1: authentication successful for pat
*Jun 12 12:10:13.209: SSH2 1: channel open request
*Jun 12 12:10:13.213: SSH2 1: env request
*Jun 12 12:10:13.213: SSH2 1: env request
*Jun 12 12:10:13.213: SSH2 1: exec request
*Jun 12 12:10:13.213: SSH2 1: exec message received
*Jun 12 12:10:13.213: SSH2 1: starting shell for vty
*Jun 12 12:10:13.317: SSH1: Session terminated normally
*Jun 12 12:10:13.333: SSH1: starting SSH control process
*Jun 12 12:10:13.333: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:13.333: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:13.333: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:13.333: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:13.333: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.333: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.337: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:13.457: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:13.461: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:13.645: SSH2: kex_derive_keys complete
*Jun 12 12:10:13.645: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:13.645: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:13.649: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:13.849: SSH2 1: Using method = none
*Jun 12 12:10:13.849: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:13.853: SSH2 1: Using method = publickey
*Jun 12 12:10:13.853: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:13.853: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:13.857: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:13.857: SSH2 1: authentication successful for pat
*Jun 12 12:10:13.861: SSH2 1: channel open request
*Jun 12 12:10:13.865: SSH2 1: env request
*Jun 12 12:10:13.865: SSH2 1: env request
*Jun 12 12:10:13.865: SSH2 1: exec request
*Jun 12 12:10:13.865: SSH2 1: exec message received
*Jun 12 12:10:13.865: SSH2 1: starting shell for vty
*Jun 12 12:10:13.973: SSH1: Session terminated normally
*Jun 12 12:10:13.993: SSH1: starting SSH control process
*Jun 12 12:10:13.993: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:13.993: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:13.993: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:13.993: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:13.993: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.993: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.993: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:14.117: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:14.117: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:14.301: SSH2: kex_derive_keys complete
*Jun 12 12:10:14.305: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:14.305: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:14.305: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:14.505: SSH2 1: Using method = none
*Jun 12 12:10:14.505: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:14.509: SSH2 1: Using method = publickey
*Jun 12 12:10:14.509: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:14.509: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:14.513: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:14.513: SSH2 1: authentication successful for pat
*Jun 12 12:10:14.517: SSH2 1: channel open request
*Jun 12 12:10:14.521: SSH2 1: env request
*Jun 12 12:10:14.521: SSH2 1: env request
*Jun 12 12:10:14.521: SSH2 1: subsystem request
*Jun 12 12:10:14.521: SSH2 1: subsystem message received
*Jun 12 12:10:14.521: SSH2 1: searching for subsystem sftp for vty
*Jun 12 12:10:14.621: SSH1: Session terminated normally
######################################################################
This is a small playbook used for testing
and the output produced
[pat@new-host-12 playbooks]$ ansible-playbook book3.yml -vvv
PLAY [lab] *********************************************************************
TASK [Gathering Facts] *********************************************************
fatal: [192.168.1.142]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Connection closed\r\n", "unreachable": true}
to retry, use: --limit @/home/pat/playbooks/book3.retry
PLAY RECAP *********************************************************************
192.168.1.142 : ok=0 changed=0 unreachable=1 failed=0
[pat@new-host-12 playbooks]$ ansible-playbook book3.yml -vvv
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: book3.yml ************************************************************
1 plays in book3.yml
PLAY [lab] *********************************************************************
TASK [Gathering Facts] *********************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'echo ~ && sleep 0\'"', '')
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" && echo ansible-tmp-1497889235.89-214582953785460="` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" ) && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c \'"\'"\'echo ~ && sleep 0\'"\'"\'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" && echo ansible-tmp-1497889235.89-214582953785460="` echo Line has invalid autocomma"', '')
<192.168.1.142> PUT /tmp/tmpssSP_X TO "` echo Line has invalid autocomma"/setup.py
<192.168.1.142> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 '[192.168.1.142]'
<192.168.1.142> (255, '', 'Connection closed\r\n')
fatal: [192.168.1.142]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
to retry, use: --limit @/home/pat/playbooks/book3.retry
PLAY RECAP *********************************************************************
192.168.1.142 : ok=0 changed=0 unreachable=1 failed=0
[pat@new-host-12 playbooks]$
#######################################
this is output from a small successful run of a raw command.
[pat@new-host-12 playbooks]$ ansible 192.168.1.142 -m raw -a "sho ip route"
192.168.1.142 | SUCCESS | rc=0 >>
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0
L 192.168.1.142/32 is directly connected, GigabitEthernet0
192.168.2.0/32 is subnetted, 1 subnets
C 192.168.2.1 is directly connected, Loopback0Shared connection to 192.168.1.142 closed.
[pat@new-host-12 playbooks]$
[pat@new-host-8 ~]$ansible all -m ping
192.168.1.142 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
I've run multiple debugs. Can anyone make a suggestion on what the issue might be? I've done some research and have run a number of raw commands as well as a small playbook it appears to not be an SSH error but an issue within an Ansible module with sleep 0 command..
Regards
Pat
Testing SSH terminal session from Ansible host system to the router
[pat@new-host-8 ~]$ ssh 192.168.1.142 -l pat
819#
####################
Info from Ansible ping test to router
Ansible Debug info for session - I see some errors around a mask and trying to make a directory Am i lacking permission to
[pat@new-host-8 ~]$ ansible 192.168.1.142 -m ping -u pat -vvv
Using /etc/ansible/ansible.cfg as config file
META: ran handlers
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/ping.py
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'echo ~ && sleep 0\'"', '')
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" && echo ansible-tmp-1497270543.59-269982208566076="` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" ) && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c \'"\'"\'echo ~ && sleep 0\'"\'"\'"/.ansible/tmp/ansible-tmp-1497270543.59-269982208566076 `" && echo ansible-tmp-1497270543.59-269982208566076="` echo Line has invalid autocomma"', '')
<192.168.1.142> PUT /tmp/tmp5htyf9 TO "` echo Line has invalid autocomma"/ping.py
<192.168.1.142> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 '[192.168.1.142]'
<192.168.1.142> (255, '', 'Connection closed\r\n')
192.168.1.142 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
[pat@new-host-8 ~]$
################
Router Debug info from Ansible ping test
819#
*Jun 12 12:10:12.685: SSH1: starting SSH control process
*Jun 12 12:10:12.685: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:12.685: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:12.685: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:12.685: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:12.685: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:12.685: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:12.685: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:12.809: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:12.813: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:12.997: SSH2: kex_derive_keys complete
*Jun 12 12:10:12.997: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:12.997: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:12.997: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:13.197: SSH2 1: Using method = none
*Jun 12 12:10:13.197: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:13.201: SSH2 1: Using method = publickey
*Jun 12 12:10:13.201: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:13.201: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:13.205: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:13.205: SSH2 1: authentication successful for pat
*Jun 12 12:10:13.209: SSH2 1: channel open request
*Jun 12 12:10:13.213: SSH2 1: env request
*Jun 12 12:10:13.213: SSH2 1: env request
*Jun 12 12:10:13.213: SSH2 1: exec request
*Jun 12 12:10:13.213: SSH2 1: exec message received
*Jun 12 12:10:13.213: SSH2 1: starting shell for vty
*Jun 12 12:10:13.317: SSH1: Session terminated normally
*Jun 12 12:10:13.333: SSH1: starting SSH control process
*Jun 12 12:10:13.333: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:13.333: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:13.333: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:13.333: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:13.333: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.333: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.337: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:13.457: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:13.461: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:13.645: SSH2: kex_derive_keys complete
*Jun 12 12:10:13.645: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:13.645: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:13.649: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:13.849: SSH2 1: Using method = none
*Jun 12 12:10:13.849: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:13.853: SSH2 1: Using method = publickey
*Jun 12 12:10:13.853: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:13.853: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:13.857: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:13.857: SSH2 1: authentication successful for pat
*Jun 12 12:10:13.861: SSH2 1: channel open request
*Jun 12 12:10:13.865: SSH2 1: env request
*Jun 12 12:10:13.865: SSH2 1: env request
*Jun 12 12:10:13.865: SSH2 1: exec request
*Jun 12 12:10:13.865: SSH2 1: exec message received
*Jun 12 12:10:13.865: SSH2 1: starting shell for vty
*Jun 12 12:10:13.973: SSH1: Session terminated normally
*Jun 12 12:10:13.993: SSH1: starting SSH control process
*Jun 12 12:10:13.993: SSH1: sent protocol version id SSH-1.99-Cisco-1.25
*Jun 12 12:10:13.993: SSH1: protocol version id is - SSH-2.0-OpenSSH_6.6.1
*Jun 12 12:10:13.993: SSH2 1: SSH2_MSG_KEXINIT sent
*Jun 12 12:10:13.993: SSH2 1: SSH2_MSG_KEXINIT received
*Jun 12 12:10:13.993: SSH2 1: kex: client->server enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.993: SSH2 1: kex: server->client enc:aes128-cbc mac:hmac-sha1
*Jun 12 12:10:13.993: SSH2 1: Using kex_algo = diffie-hellman-group14-sha1
*Jun 12 12:10:14.117: SSH2 1: expecting SSH2_MSG_KEXDH_INIT
*Jun 12 12:10:14.117: SSH2 1: SSH2_MSG_KEXDH_INIT received
*Jun 12 12:10:14.301: SSH2: kex_derive_keys complete
*Jun 12 12:10:14.305: SSH2 1: SSH2_MSG_NEWKEYS sent
*Jun 12 12:10:14.305: SSH2 1: waiting for SSH2_MSG_NEWKEYS
*Jun 12 12:10:14.305: SSH2 1: SSH2_MSG_NEWKEYS received
*Jun 12 12:10:14.505: SSH2 1: Using method = none
*Jun 12 12:10:14.505: SSH2 1: Authentications that can continue = publickey,keyboard-interactive,password
*Jun 12 12:10:14.509: SSH2 1: Using method = publickey
*Jun 12 12:10:14.509: SSH2 1: Verifying pubkey blob is acceptable for 'pat' in SSH2_MSG_USERAUTH_REQUEST
*Jun 12 12:10:14.509: SSH2 1: Authenticating 'pat' with method: publickey
*Jun 12 12:10:14.513: SSH2 1: Client Signature verification PASSED
*Jun 12 12:10:14.513: SSH2 1: authentication successful for pat
*Jun 12 12:10:14.517: SSH2 1: channel open request
*Jun 12 12:10:14.521: SSH2 1: env request
*Jun 12 12:10:14.521: SSH2 1: env request
*Jun 12 12:10:14.521: SSH2 1: subsystem request
*Jun 12 12:10:14.521: SSH2 1: subsystem message received
*Jun 12 12:10:14.521: SSH2 1: searching for subsystem sftp for vty
*Jun 12 12:10:14.621: SSH1: Session terminated normally
######################################################################
This is a small playbook used for testing
---#####################################################################
- hosts: lab
remote_user: pat
tasks:
- name: run show version on remote devices
ios_command:
commands: show version
...
and the output produced
[pat@new-host-12 playbooks]$ ansible-playbook book3.yml -vvv
PLAY [lab] *********************************************************************
TASK [Gathering Facts] *********************************************************
fatal: [192.168.1.142]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Connection closed\r\n", "unreachable": true}
to retry, use: --limit @/home/pat/playbooks/book3.retry
PLAY RECAP *********************************************************************
192.168.1.142 : ok=0 changed=0 unreachable=1 failed=0
[pat@new-host-12 playbooks]$ ansible-playbook book3.yml -vvv
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: book3.yml ************************************************************
1 plays in book3.yml
PLAY [lab] *********************************************************************
TASK [Gathering Facts] *********************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'echo ~ && sleep 0\'"', '')
<192.168.1.142> ESTABLISH SSH CONNECTION FOR USER: pat
<192.168.1.142> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 192.168.1.142 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" && echo ansible-tmp-1497889235.89-214582953785460="` echo Line has invalid autocommand "/bin/sh -c '"'"'"'"'"'"'"'"'echo ~ && sleep 0'"'"'"'"'"'"'"'"'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" ) && sleep 0'"'"''
<192.168.1.142> (0, '\r\nLine has invalid autocommand "/bin/sh -c \'( umask 77 && mkdir -p "` echo Line has invalid autocommand "/bin/sh -c \'"\'"\'echo ~ && sleep 0\'"\'"\'"/.ansible/tmp/ansible-tmp-1497889235.89-214582953785460 `" && echo ansible-tmp-1497889235.89-214582953785460="` echo Line has invalid autocomma"', '')
<192.168.1.142> PUT /tmp/tmpssSP_X TO "` echo Line has invalid autocomma"/setup.py
<192.168.1.142> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=pat -o ConnectTimeout=10 -o ControlPath=/home/pat/.ansible/cp/aebc33cbf9 '[192.168.1.142]'
<192.168.1.142> (255, '', 'Connection closed\r\n')
fatal: [192.168.1.142]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Connection closed\r\n",
"unreachable": true
}
to retry, use: --limit @/home/pat/playbooks/book3.retry
PLAY RECAP *********************************************************************
192.168.1.142 : ok=0 changed=0 unreachable=1 failed=0
[pat@new-host-12 playbooks]$
#######################################
this is output from a small successful run of a raw command.
[pat@new-host-12 playbooks]$ ansible 192.168.1.142 -m raw -a "sho ip route"
192.168.1.142 | SUCCESS | rc=0 >>
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
a - application route
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0
L 192.168.1.142/32 is directly connected, GigabitEthernet0
192.168.2.0/32 is subnetted, 1 subnets
C 192.168.2.1 is directly connected, Loopback0Shared connection to 192.168.1.142 closed.
[pat@new-host-12 playbooks]$
Kai Stian Olstad
Jun 22, 2017, 2:56:16 AM6/22/17
to ansible...@googlegroups.com
On 20.06.2017 01:26, Patrick Matheny wrote:
> I'm very new to Ansible. I have a small lab running and I'm trying to
> evaluate the use of Ansible for making network changes. I have a
> workstations running CentOS Linux release 7.3.1611 and Ansible 2.3.0 as
> a
> fresh install. I'm using a cisco 819 router running Cisco IOS
> Software,
> C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M.3. I can SSH from
> the
> workstation to the router from the work station and via putty on a
> windows
> 10 machine but when I try a connection test I get the following:
>
> [pat@new-host-8 ~]$ansible all -m ping
> 192.168.1.142 | UNREACHABLE! => {
> "changed": false,
> "msg": "Failed to connect to the host via ssh: Connection
> closed\r\n",
> "unreachable": true
> }
To run ansible on remote host the host need to support Python.
> I'm very new to Ansible. I have a small lab running and I'm trying to
> evaluate the use of Ansible for making network changes. I have a
> workstations running CentOS Linux release 7.3.1611 and Ansible 2.3.0 as
> a
> fresh install. I'm using a cisco 819 router running Cisco IOS
> Software,
> C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M.3. I can SSH from
> the
> workstation to the router from the work station and via putty on a
> windows
> 10 machine but when I try a connection test I get the following:
>
> [pat@new-host-8 ~]$ansible all -m ping
> 192.168.1.142 | UNREACHABLE! => {
> "changed": false,
> "msg": "Failed to connect to the host via ssh: Connection
> closed\r\n",
> "unreachable": true
> }
When using the ping module Ansible creates a little Python script that
is copied to the remote and then runs the python script on the remote
host.
But network equipment typically doesn't support Python.
Ansible has support for Cisco, the iso_* modules.
These modules are running on the Ansible control machine and do a ssh to
the Cisco and runs the appropriate commands on the cli.
--
Kai Stian Olstad
Ganesh Nalawade
Jun 22, 2017, 4:31:18 AM6/22/17
to ansible...@googlegroups.com
You need to mention connection type local for network devices.
---
- hosts: lab
connection: local
The credentials to connect to remote network device can be mentioned either in playbook within a provider or in host inventory file.
Regards,
Ganesh
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1d2e654d608818eae65d0ae0d3ae8f76%40olstad.com.
Reply all
Reply to author
Forward
0 new messages