09-29-2023 03:07 PM
Hello, I'm trying to convert our current switch configuration to IBNS configuration for 802.1x with ansible but ran into an issue that i'm trying to figure out. I can get ansible to write "authentication display new-style" and remove some of the default lines that it generates like the class-map type control ... but when I get ansible to remove the policy-map type control.... lines it prompts with a message basically asking if i'm sure and expects a yes. From what i've been reading, the ios_config modules waits for hostname(config)# to show back up before sending the next command and because of this ansible times out waiting for that prompt. I've tied to use the cli_config module as well but it says that it doesn't support a connection type of local. I'm not 100% sure what that means but is there a way to get the ios_config module to look for a different prompt so that i can continue? Or ignore prompts so that i can send a "yes"? Thanks.
Solved! Go to Solution.
10-01-2023 12:14 AM
Hi, try the cli_command module which is part of the ansible.netcommon collection. This module has prompt and answer parameters, which should do the trick. In order to use it in config mode there is an example provided (you need to adjust this to your case):
- name: run config mode command and handle prompt/answer
ansible.netcommon.cli_command:
command: '{{ item }}'
prompt:
- Exit with uncommitted changes
answer: y
loop:
- configure
- set system syslog file test any any
- exit
10-01-2023 12:14 AM
Hi, try the cli_command module which is part of the ansible.netcommon collection. This module has prompt and answer parameters, which should do the trick. In order to use it in config mode there is an example provided (you need to adjust this to your case):
- name: run config mode command and handle prompt/answer
ansible.netcommon.cli_command:
command: '{{ item }}'
prompt:
- Exit with uncommitted changes
answer: y
loop:
- configure
- set system syslog file test any any
- exit
10-01-2023 03:01 PM
Thanks for the response. I've actually tried cli_command and cli_config already and thought it would work but I get a "connection type local is not valid for this module". I tried to add ansible_connection: network_cli but it didn't make a difference. not sure what to try next to get cli_command or cli_config to work.
10-02-2023 07:08 AM
Can you try
ansible_connection: ansible.netcommon.network_cli
10-02-2023 07:50 AM
I've tried that also and I get the following, "conflicting action statements: ansible_connection, ansible.netcommon.cli_command"
Would setting ansible_connection elseware override whatever is defined in this block or would this take precedence?
10-02-2023 08:58 AM
I would just configure it in the inventory.
10-15-2024 12:10 PM
Hi there,
Did you find a solution ? I am facing the exact same issue while converting switch to IBNS2.
I have tried both ansible.netcommon.cli_command and cisco.ios.ios_config.
Thank you in advance.
10-15-2024 04:41 PM
We actually did. I'm not 100% sure if cli_command: is the same as net_common.cli_command. If so, I should accept the previous message as a solution. I apologize for that if I should have done it earlier but I had to get some help as there were vars that needed to be set in order for cli_command to work. But I would assume the vars in the local task would depend on your environment. What we used under cli_command looked like this.
cli_command:
command:
configure terminal
authentication convert-to new-style
prompt:
- "^Do you wish to continue? .*$"
answer: "yes"
10-16-2024 12:17 AM
Hi,
I still have something wrong, it's not working for me with this following lines :
tasks:
- name : IBNS2
cli_command:
command:
- configure terminal
- authentication convert-to new-style
prompt :
- "^Do you wish to continue? .*$"
answer: "yes"
Which vars did you need to set in order for cli_command to work ?
Here are mines :
[all:vars]
ansible_connection=ansible.netcommon.network_cli
ansible_network_cli_ssh_type=libssh
ansible_ssh_user=xxxx
ansible_ssh_pass=xxx
ansible_become=true
ansible_become_method=enable
ansible_become_pass=xxx
Thank you.
10-16-2024 12:21 AM - edited 10-16-2024 12:40 AM
Here are the errors I am getting, it seems to be related with difficult to access in configuration mode :
# ansible --version
ansible [core 2.15.12]
config file = /var/www/html/IOS/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.9.1 (default, Oct 9 2024, 11:45:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] (/usr/local/bin/python3.9)
jinja version = 3.1.4
libyaml = True
10-16-2024 03:27 PM
my vars are more or less the same. Looks like it's not related to vars but what is being sent to the switch. I'm not at a spot to test this task but try to remove the "-" next to configure terminal and authentication convert-to new-style in your section.
This is what mine looks like.
10-17-2024 04:03 AM
Thank you @EditWu , I was missing the "|" next to command: and removed the "-" to make it work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide