Ansible-2.1.0 - "connection=local" does not work

[Cuong Nguyen]

Hi all,

I am using Ansible 2.1.0 on Ubuntu. I'm trying to use "ios_command" to execute command on Cisco router.

In playbook, I set connection to local (connection=local). However, when run ansible-playbook, ansible still tries to copy temporary file onto router; which resulted in Ansible's inability to execute the command:

ansible_user@sp-mgmt:~/example$ ansible_user@sp-mgmt:~/example$ ansible-playbook -vvv -i production  showconfig.yml

Using /etc/ansible/ansible.cfg as config file

PLAYBOOK: showconfig.yml *******************************************************

1 plays in showconfig.yml

PLAY [pe2] *********************************************************************

TASK [OBTAIN LOGIN CREDENTIALS] ************************************************

task path: /home/ansible_user/example/showconfig.yml:7

ok: [pe2] => {"ansible_facts": {"creds": {"auth_pass": "cisco", "password": "cisco", "username": "cisco"}}, "changed": false, "invocation": {"module_args": {"_raw_params": "secrets.yml"}, "module_name": "include_vars"}}

TASK [DEFINE PROVIDER] *********************************************************

task path: /home/ansible_user/example/showconfig.yml:10

ok: [pe2] => {"ansible_facts": {"provider": {"auth_pass": "cisco", "host": "pe2", "password": "cisco", "username": "cisco"}}, "changed": false, "invocation": {"module_args": {"provider": {"auth_pass": "cisco", "host": "pe2", "password": "cisco", "username": "cisco"}}, "module_name": "set_fact"}}

TASK [RUN 'SHOW CLOCK'] ********************************************************

task path: /home/ansible_user/example/showconfig.yml:18

<pe2> ESTABLISH SSH CONNECTION FOR USER: cisco

<pe2> SSH: EXEC sshpass -d12 ssh -C -q -o ControlMaster=auto -o ControlPersist=60s -o User=cisco -o ConnectTimeout=10 -o ControlPath=/home/ansible_user/.ansible/cp/ansible-ssh-%h-%p-%r pe2 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1465559648.05-58745276585938 `" && echo ansible-tmp-1465559648.05-58745276585938="` echo $HOME/.ansible/tmp/ansible-tmp-1465559648.05-58745276585938 `" ) && sleep 0'"'"''

<pe2> PUT /tmp/tmpfKgbw1 TO "` echo $HOME/.ansible/tmp/ansible-tmp-1465559648.05-58745276585938 `" ) && sleep 0'"/ios_command

<pe2> SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -C -o ControlMaster=auto -o ControlPersist=60s -o User=cisco -o ConnectTimeout=10 -o ControlPath=/home/ansible_user/.ansible/cp/ansible-ssh-%h-%p-%r '[pe2]'

fatal: [pe2]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh", "unreachable": true}

        to retry, use: --limit @showconfig.retry

PLAY RECAP *********************************************************************

pe2                        : ok=2    changed=0    unreachable=1    failed=0

When executed with option "-e ansible_connection=local", Ansible was able to complete the task:

ansible_user@sp-mgmt:~/example$ ansible-playbook -vvv -i production -e ansible_connection=local showconfig.yml 

Using /etc/ansible/ansible.cfg as config file

PLAYBOOK: showconfig.yml *******************************************************

1 plays in showconfig.yml

PLAY [pe2] *********************************************************************

TASK [OBTAIN LOGIN CREDENTIALS] ************************************************

task path: /home/ansible_user/example/showconfig.yml:7

ok: [pe2] => {"ansible_facts": {"creds": {"auth_pass": "cisco", "password": "cisco", "username": "cisco"}}, "changed": false, "invocation": {"module_args": {"_raw_params": "secrets.yml"}, "module_name": "include_vars"}}

TASK [DEFINE PROVIDER] *********************************************************

task path: /home/ansible_user/example/showconfig.yml:10

ok: [pe2] => {"ansible_facts": {"provider": {"auth_pass": "cisco", "host": "pe2", "password": "cisco", "username": "cisco"}}, "changed": false, "invocation": {"module_args": {"provider": {"auth_pass": "cisco", "host": "pe2", "password": "cisco", "username": "cisco"}}, "module_name": "set_fact"}}

TASK [RUN 'SHOW CLOCK'] ********************************************************

task path: /home/ansible_user/example/showconfig.yml:18

<pe2> ESTABLISH LOCAL CONNECTION FOR USER: ansible_user

<pe2> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1465559709.41-163188613042417 `" && echo ansible-tmp-1465559709.41-163188613042417="` echo $HOME/.ansible/tmp/ansible-tmp-1465559709.41-163188613042417 `" ) && sleep 0'

<pe2> PUT /tmp/tmpmiqoJ6 TO /home/ansible_user/.ansible/tmp/ansible-tmp-1465559709.41-163188613042417/ios_command

<pe2> EXEC /bin/sh -c 'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 /usr/bin/python /home/ansible_user/.ansible/tmp/ansible-tmp-1465559709.41-163188613042417/ios_command; rm -rf "/home/ansible_user/.ansible/tmp/ansible-tmp-1465559709.41-163188613042417/" > /dev/null 2>&1 && sleep 0'

ok: [pe2] => {"changed": false, "invocation": {"module_args": {"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "authorize": false, "commands": ["show clock"], "host": "pe2", "interval": 1, "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "port": 22, "provider": "{'username': '********', 'password': '********', 'host': 'pe2', 'auth_pass': '********'}", "retries": 10, "ssh_keyfile": null, "timeout": 10, "username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "waitfor": null}, "module_name": "ios_command"}, "stdout": ["*19:52:39.860 SGT Fri Jun 10 2016"], "stdout_lines": [["*19:52:39.860 SGT Fri Jun 10 2016"]]}

TASK [debug] *******************************************************************

task path: /home/ansible_user/example/showconfig.yml:25

ok: [pe2] => {

    "version.stdout_lines": [

        [

            "*19:52:39.860 SGT Fri Jun 10 2016"

        ]

    ]

}

PLAY RECAP *********************************************************************

pe2                        : ok=4    changed=0    unreachable=0    failed=0

Is it some sorts of a bug? Or is it because of my playbook settings? Below are the configurations

ansible_user@sp-mgmt:~/example$ cat production 

[pe]

pe[1:6]

[p]

p1[1:2]

p2[1:4]

[ce]

ce[1:6]

[all:vars]

ansible_connection=ssh

ansible_user=cisco

ansible_ssh_pass=cisco

ansible_user@sp-mgmt:~/example$ cat secrets.yml---

creds:

  username: cisco

  password: cisco

  auth_pass: cisco

ansible_user@sp-mgmt:~/example$ cat showconfig.yml

---

- hosts: pe2

  gather_facts: no

  connection: local

  tasks:

  - name: OBTAIN LOGIN CREDENTIALS

    include_vars: secrets.yml

  - name: DEFINE PROVIDER

    set_fact:

      provider:

        host: "{{ inventory_hostname }}"

        username: "{{ creds['username'] }}"

        password: "{{ creds['password'] }}"

        auth_pass: "{{ creds['auth_pass'] }}"

  - name: RUN 'SHOW CLOCK'

    ios_command:

      provider: "{{ provider }}"

      commands:

        - show clock

    register: version

  - debug: var=version.stdout_lines

Thanks,

Cuong.

[Brian Coca]

No bug, the ansible_connection variable just has higher precedence than the connection directive, since you have `ansible_connection=ssh` in inventory, it ignores the `connection: local` you have in the task.

----------

Brian Coca