cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

968
Views
0
Helpful
1
Replies
TCPuniverse
Beginner

issue in connecting between Ansible and Nexus 9k

Hello;

I have an Ansible playbook, where I used "nxos_facts" module and set "become: no" to disable privilege scalation. But I got the following error on my Ansible control host:

    "msg": "failed to elevate privilege to enable mode, at prompt [b'\\rswitch2# '] with error: unable to check privilege level [User name: admin\nCurrent privilege level: 15\nFeature privilege: Disabled]"

 

And this is the output from my Nexus 93128 device:

switch2# sh privilege
User name: admin
Current privilege level: 15
Feature privilege: Disabled

For reference, this is my playbook:

[root@tcentos ansible-dir]# cat tp-collecting-info-nxos.yml
---
- name: print nxos facts
  hosts: nxos
  become: no
  gather_facts: no
  tasks:
    - name: gathering facts
      nxos_facts:
        gather_subset: all
      register: nxos_facts
    - name: printing facts
      debug:
        var: nxos_facts

And my group vars for nxos devices:

[root@tcentos ansible-dir]# cat group_vars/nxos/vars.yml
---
ansible_connection: ansible.netcommon.network_cli
ansible_network_os: cisco.nxos.nxos
ansible_become: no

 

Any idea?

1 REPLY 1
TCPuniverse
Beginner

Hi friends. none of the things I did worked for me. I even upgraded NXOS to version 9.3(8) which is Cisco's recommended version, but got the same error again, again and again!

ansible.module_utils.connection.ConnectionError: failed to elevate privilege to enable mode, at prompt [b'\\rswitch2# '] with error: unable to check privilege level [User name: admin
Current privilege level: 15
Feature privilege: Enabled

this is my ansible vars:

[root@tcentos ansible-dir]# cat group_vars/nxos/vars.yml
---
ansible_connection: ansible.netcommon.httpapi
ansible_network_os: cisco.nxos.nxos

and my playbook:

[root@tcentos ansible-dir]# cat tp-cbackup-nxos.yml
---
- name: print nxos facts
  hosts: nxos
  gather_facts: no
  tasks:
    - name: backup config
      cisco.nxos.nxos_config:
        backup: yes
      register: nxos_backup
    - name: printing facts
      debug:
        var: nxos_backup

Nexus config:

feature privilege
feature telnet
feature nxapi
feature vpc
!
username admin password 5 $1$XMiZ  role network-admin
username admin role priv-15
enable secret 5 $1$4ef0dfcc9
nxapi http port 80

And finally here are some outputs showing AAA config:

switch2(config)# sh aaa authentication
         default: local
         console: local
---
switch2(config)# sh aaa authorization
         pki-ssh-cert: local
         pki-ssh-pubkey: local
---
switch2(config)# sh privilege
User name: admin
Current privilege level: 15
Feature privilege: Enabled

I think there should be logical answer to this error. haven't you ever faced with such error? I think I'm missing very important point here, because with all of things I did, I should see any progress and difference, but I'm at the first step after all. Any idea? anything?