cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1862
Views
0
Helpful
11
Replies

Ansible IOS_config prompts

EditWu
Level 1
Level 1

Hello, I'm trying to convert our current switch configuration to IBNS configuration for 802.1x with ansible but ran into an issue that i'm trying to figure out.  I can get ansible to write "authentication display new-style" and remove some of the default lines that it generates like the class-map type control ... but when I get ansible to remove the policy-map type control.... lines it prompts with a message basically asking if i'm sure and expects a yes.  From what i've been reading, the ios_config modules waits for hostname(config)# to show back up before sending the next command and because of this ansible times out waiting for that prompt.  I've tied to use the cli_config module as well but it says that it doesn't support a connection type of local.  I'm not 100% sure what that means but is there a way to get the ios_config module to look for a different prompt so that i can continue?  Or ignore prompts so that i can send a "yes"?  Thanks.

1 Accepted Solution

Accepted Solutions

Marcel Zehnder
Spotlight
Spotlight

Hi, try the cli_command module which is part of the ansible.netcommon collection. This module has prompt and answer parameters, which should do the trick. In order to use it in config mode there is an example provided (you need to adjust this to your case):

- name: run config mode command and handle prompt/answer
  ansible.netcommon.cli_command:
    command: '{{ item }}'
    prompt:
      - Exit with uncommitted changes
    answer: y
  loop:
    - configure
    - set system syslog file test any any
    - exit

https://docs.ansible.com/ansible/latest/collections/ansible/netcommon/cli_command_module.html#ansible-collections-ansible-netcommon-cli-command-module

View solution in original post

11 Replies 11

Marcel Zehnder
Spotlight
Spotlight

Hi, try the cli_command module which is part of the ansible.netcommon collection. This module has prompt and answer parameters, which should do the trick. In order to use it in config mode there is an example provided (you need to adjust this to your case):

- name: run config mode command and handle prompt/answer
  ansible.netcommon.cli_command:
    command: '{{ item }}'
    prompt:
      - Exit with uncommitted changes
    answer: y
  loop:
    - configure
    - set system syslog file test any any
    - exit

https://docs.ansible.com/ansible/latest/collections/ansible/netcommon/cli_command_module.html#ansible-collections-ansible-netcommon-cli-command-module

Thanks for the response.  I've actually tried cli_command and cli_config already and thought it would work but I get a "connection type local is not valid for this module".  I tried to add ansible_connection: network_cli but it didn't make a difference.  not sure what to try next to get cli_command or cli_config to work.

Can you try

ansible_connection: ansible.netcommon.network_cli

I've tried that also and I get the following, "conflicting action statements: ansible_connection, ansible.netcommon.cli_command"

Would setting ansible_connection elseware override whatever is defined in this block or would this take precedence?  

I would just configure it in the inventory.

cnezakaren
Level 1
Level 1

Hi there,

Did you find a solution ? I am facing the exact same issue while converting switch to IBNS2.

I have tried both ansible.netcommon.cli_command and cisco.ios.ios_config. 

Thank you in advance.

We actually did.  I'm not 100% sure if cli_command: is the same as net_common.cli_command.  If so, I should accept the previous message as a solution.   I apologize for that if I should have done it earlier but I had to get some help as there were vars that needed to be set in order for cli_command to work.   But I would assume the vars in the local task would depend on your environment.  What we used under cli_command looked like this.

cli_command:

  command:

   configure terminal

   authentication convert-to new-style

  prompt:

    - "^Do you wish to continue?  .*$"

  answer: "yes"

 

Hi,

I still have something wrong, it's not working for me with this following lines :

tasks:
- name : IBNS2
cli_command:
command:
- configure terminal
- authentication convert-to new-style
prompt :
- "^Do you wish to continue? .*$"
answer: "yes"

Which vars did you need to set in order for cli_command to work ?

Here are mines : 

[all:vars]
ansible_connection=ansible.netcommon.network_cli
ansible_network_cli_ssh_type=libssh
ansible_ssh_user=xxxx
ansible_ssh_pass=xxx
ansible_become=true
ansible_become_method=enable
ansible_become_pass=xxx

Thank you.

cnezakaren
Level 1
Level 1

 

Here are the errors I am getting, it seems to be related with difficult to access in configuration mode :

image.png

# ansible --version
ansible [core 2.15.12]
config file = /var/www/html/IOS/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible
python version = 3.9.1 (default, Oct 9 2024, 11:45:58) [GCC 8.5.0 20210514 (Red Hat 8.5.0-22)] (/usr/local/bin/python3.9)
jinja version = 3.1.4
libyaml = True

EditWu
Level 1
Level 1

my vars are more or less the same.  Looks like it's not related to vars but what is being sent to the switch.  I'm not at a spot to test this task but try to remove the "-" next to configure terminal and authentication convert-to new-style in your section.  

This is what mine looks like.

EditWu_0-1729117647906.png

 

Thank you @EditWu , I was missing the "|" next to command: and removed the "-" to make it work.