How to configure Junos device from console using root account (need exec cli command from shell)
767 views
Skip to first unread message
Andrey Kostin
Sep 24, 2021, 5:16:44 PM9/24/21
to Junos Python EZ
Hi,
I'm trying to do initial configuration on Junos router connecting to console port via Opengear console server. I use SSH to connect directly to console port and try to load the configuration using juniper.device collection. From console server's web terminal I can see that it successfully connects and authenticates as root, but then it tries to run rpc commands when logged into shell. It would work with a regular user account which logs directly into Junos cli, but root login goes first to shell and needs to execute "cli" command before any rpc.
Is there any recipe for this problem?
My plays for the reference:
tasks:
- name: Define the file to save diff
set_fact:
save_diff_to: "{{ diff_file }}"
when: save_diff == 'yes'
- name: Apply config and collect the diff, commit and save the diff if requested
config:
host: "{{ console_host }}"
cs_user: "{{ console_user }}"
cs_passwd: "{{ console_passwd }}"
user: "{{ junos_user }}"
passwd: "{{ junos_passwd }}"
port: "{{ console_port }}"
diff: yes
check: yes
commit: "{{ do_commit }}"
ignore_warning: "statement not found"
load: 'set'
src: "../configs/{{ config_file }}"
return_output: yes
diffs_file: "{{ save_diff_to }}"
timeout: 60
register: response
- name: Print diff lines
debug:
var: response.diff_lines
- name: Print response message
debug:
var: response.msg
- name: Define the file to save diff
set_fact:
save_diff_to: "{{ diff_file }}"
when: save_diff == 'yes'
- name: Apply config and collect the diff, commit and save the diff if requested
config:
host: "{{ console_host }}"
cs_user: "{{ console_user }}"
cs_passwd: "{{ console_passwd }}"
user: "{{ junos_user }}"
passwd: "{{ junos_passwd }}"
port: "{{ console_port }}"
diff: yes
check: yes
commit: "{{ do_commit }}"
ignore_warning: "statement not found"
load: 'set'
src: "../configs/{{ config_file }}"
return_output: yes
diffs_file: "{{ save_diff_to }}"
timeout: 60
register: response
- name: Print diff lines
debug:
var: response.diff_lines
- name: Print response message
debug:
var: response.msg
Kind regards,
Andrey
Andrey Kostin
Oct 7, 2021, 11:53:05 AM10/7/21
to Junos Python EZ
In addition to my previous post, I pre-configured the router (ACX2200) with user account that logs directly into cli but console hanged again and restored only with router reboot.
Here is the output from the playbook:
TASK [Apply config and collect the diff, commit and save the diff if requested] ******************************************************************************
fatal: [acx07.tek]: FAILED! => {"changed": false, "module_stderr": "Exception occurred: login:'lxml.etree._Element' object has no attribute 'decode'\n\nTraceback (most recent call last):\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.juniper.device.plugins.modules.config', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/local/lib/python3.8/runpy.py\", line 206, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/local/lib/python3.8/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/local/lib/python3.8/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/modules/config.py\", line 1164, in <module>\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/modules/config.py\", line 777, in main\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py\", line 609, in __init__\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py\", line 1069, in open\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 216, in open\n raise ex\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 207, in open\n self._tty_login()\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 316, in _tty_login\n self._tty.login()\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/transport/tty.py\", line 117, in login\n self.nc.open(at_shell=self.at_shell)\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/transport/tty_netconf.py\", line 72, in open\n self._session_id, _ = HelloHandler.parse(self.hello.decode(\"utf-8\"))\nAttributeError: 'lxml.etree._Element' object has no attribute 'decode'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
fatal: [acx07.tek]: FAILED! => {"changed": false, "module_stderr": "Exception occurred: login:'lxml.etree._Element' object has no attribute 'decode'\n\nTraceback (most recent call last):\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/akostin/.ansible/tmp/ansible-tmp-1633448131.588941-67155032428306/AnsiballZ_config.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.juniper.device.plugins.modules.config', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/local/lib/python3.8/runpy.py\", line 206, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/local/lib/python3.8/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/local/lib/python3.8/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/modules/config.py\", line 1164, in <module>\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/modules/config.py\", line 777, in main\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py\", line 609, in __init__\n File \"/tmp/ansible_config_payload_1nevtqlw/ansible_config_payload.zip/ansible_collections/juniper/device/plugins/module_utils/juniper_junos_common.py\", line 1069, in open\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 216, in open\n raise ex\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 207, in open\n self._tty_login()\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/console.py\", line 316, in _tty_login\n self._tty.login()\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/transport/tty.py\", line 117, in login\n self.nc.open(at_shell=self.at_shell)\n File \"/home/akostin/python3.8-venv/lib/python3.8/site-packages/jnpr/junos/transport/tty_netconf.py\", line 72, in open\n self._session_id, _ = HelloHandler.parse(self.hello.decode(\"utf-8\"))\nAttributeError: 'lxml.etree._Element' object has no attribute 'decode'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
Here is what was seen on console:
login:
Amnesiac (ttyu0)
login: akostin
Password:
--- JUNOS 17.4R2-S11 built 2020-06-11 17:00:14 UTC
akostin> junoscript netconf need-trailer
<!-- No zombies were killed during the creation of this user interface -->
<!-- user akostin, class j-super-user -->
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?protocol=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>http://xml.juniper.net/netconf/junos/1.0</capability>
<capability>http://xml.juniper.net/dmi/system/1.0</capability>
</capabilities>
<session-id>4428</session-id>
</hello>
]]>]]>
Amnesiac (ttyu0)
login: akostin
Password:
--- JUNOS 17.4R2-S11 built 2020-06-11 17:00:14 UTC
akostin> junoscript netconf need-trailer
<!-- No zombies were killed during the creation of this user interface -->
<!-- user akostin, class j-super-user -->
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:url:1.0?scheme=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:netconf:base:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:candidate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:confirmed-commit:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:xml:ns:netconf:capability:url:1.0?protocol=http,ftp,file</capability>
<capability>urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring</capability>
<capability>http://xml.juniper.net/netconf/junos/1.0</capability>
<capability>http://xml.juniper.net/dmi/system/1.0</capability>
</capabilities>
<session-id>4428</session-id>
</hello>
]]>]]>
And console became unresponsive after that
Any thoughts, ideas why could it happen?
Kind regards,
Andrey
Nitin Kumar
Oct 8, 2021, 1:28:11 AM10/8/21
to Andrey Kostin, Junos Python EZ
Which version of pyez you have?
Thanks
Nitin Kr
Nitin Kr
From: junos-p...@googlegroups.com <junos-p...@googlegroups.com> on behalf of Andrey Kostin <anko...@gmail.com>
Sent: Thursday, October 7, 2021 9:23:05 PM
To: Junos Python EZ <junos-p...@googlegroups.com>
Subject: Re: How to configure Junos device from console using root account (need exec cli command from shell)
Sent: Thursday, October 7, 2021 9:23:05 PM
To: Junos Python EZ <junos-p...@googlegroups.com>
Subject: Re: How to configure Junos device from console using root account (need exec cli command from shell)
[External Email. Be cautious of content]
--
You received this message because you are subscribed to the Google Groups "Junos Python EZ" group.
To unsubscribe from this group and stop receiving emails from it, send an email to junos-python-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/junos-python-ez/473236ae-3e40-42ad-9504-7bb4e0cdee16n%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "Junos Python EZ" group.
To unsubscribe from this group and stop receiving emails from it, send an email to junos-python-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/junos-python-ez/473236ae-3e40-42ad-9504-7bb4e0cdee16n%40googlegroups.com.
Juniper Public
Andrey Kostin
Oct 8, 2021, 1:25:10 PM10/8/21
to Nitin Kumar, Junos Python EZ
I have:
$ pip list | grep junos
junos-eznc 2.6.0+3.g2358a3b
junos-eznc 2.6.0+3.g2358a3b
Is it correct package/version?
$ python --version
Python 3.8.2
Python 3.8.2
$ ansible --version
ansible 2.9.6
config file = /home/akostin/tsi-lab/ansible.cfg
configured module search path = ['/home/akostin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/akostin/python3.8-venv/lib/python3.8/site-packages/ansible
executable location = /home/akostin/python3.8-venv/bin/ansible
python version = 3.8.2 (default, May 1 2020, 14:37:09) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
ansible 2.9.6
config file = /home/akostin/tsi-lab/ansible.cfg
configured module search path = ['/home/akostin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/akostin/python3.8-venv/lib/python3.8/site-packages/ansible
executable location = /home/akostin/python3.8-venv/bin/ansible
python version = 3.8.2 (default, May 1 2020, 14:37:09) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
Kind regards,
Andrey
Reply all
Reply to author
Forward
0 new messages