Make an SSH connection and run a command from within the playbook
329 views
Skip to first unread message
drago...@gmail.com
Jan 27, 2022, 1:23:55 PM1/27/22
to Ansible Development
I'm working on an automation to create/delete users on storage devices.
I have been only provided with the commands that the storage admin use and users that can ssh to the storage devices.
My first attempt was to create a normal playbook that connects to the storage device and run the commands.
The problem with this option is that the storage devices aren't unix/linux, so its not possible to run the playbook normally. Basically is not able to create the temporary directory and it doesn't have python to run the command.
So, my second attempt was to use existing modules/API.
My problem this time is that some of the storage devices don't have API available or the user doesn't have API access :S
My last will be to try to use shell and use multiple commands.
- name: iterate user groups
shell: |
sshpass "password" ssh user@storage_device
do_some_stuff_here
and_some_other_stuff
Is there any better option to do this kind of connection?
Thanks,
Daniel
Brian Coca
Jan 27, 2022, 2:56:06 PM1/27/22
to drago...@gmail.com, Ansible Development
The cliconf/network_cli plugins do this, they handle the connection
internally in the module and use ssh/paramiko/libssh to interact with
the target
--
----------
Brian Coca
internally in the module and use ssh/paramiko/libssh to interact with
the target
--
----------
Brian Coca
drago...@gmail.com
Jan 27, 2022, 3:23:25 PM1/27/22
to Ansible Development
Brian, thanks for the info.
As you mention, I found the netcommon collection (https://docs.ansible.com/ansible/latest/collections/ansible/netcommon/index.html)
I understand the idea, but I don't understand how to use the connection plugin. (https://docs.ansible.com/ansible/latest/collections/ansible/netcommon/libssh_connection.html#ansible-collections-ansible-netcommon-libssh-connection)
Do you have any example?
Thanks
Brian Coca
Jan 28, 2022, 7:09:14 PM1/28/22
to drago...@gmail.com, Ansible Development
Other than the modules themselves, not really, they use
https://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/connection.py
to establish a connection via the 'ansible-conneciton' tool (which is
what actually uses the connection plugin), which exposes a socket to
the module, the module then uses jsonrpc to send/read commands sent
over that socket, which ansible-connection relays to the remote target
(while not copying any code to it).
General docs to develop these types of plugins:
https://docs.ansible.com/ansible/latest/network/dev_guide/developing_plugins_network.html
main dev guide
https://docs.ansible.com/ansible/latest/dev_guide/index.html
more communication channels (see network working group, they are most
likely to have better answers about this type of development )
https://docs.ansible.com/ansible/latest/community/communication.html
----------
Brian Coca
https://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/connection.py
to establish a connection via the 'ansible-conneciton' tool (which is
what actually uses the connection plugin), which exposes a socket to
the module, the module then uses jsonrpc to send/read commands sent
over that socket, which ansible-connection relays to the remote target
(while not copying any code to it).
General docs to develop these types of plugins:
https://docs.ansible.com/ansible/latest/network/dev_guide/developing_plugins_network.html
main dev guide
https://docs.ansible.com/ansible/latest/dev_guide/index.html
more communication channels (see network working group, they are most
likely to have better answers about this type of development )
https://docs.ansible.com/ansible/latest/community/communication.html
----------
Brian Coca
Reply all
Reply to author
Forward
0 new messages