Relatively new to Ansible but I'm just wondering what the syntax looks like if I want to run a command on an ASA like show run | i opmanager and then print the output. I have put a pause in because after the output is printed I want it to wait before continuing.
I have an ASA I want to configure with the playbook to see if i can deploy new SNMPv3 credentials to whilst also removing an old set.
This task removes any existing ManageEngine config for SNMP
tasks:
- name: Show remainging opmanager config
asa_command:
commands: show run | i opmanager
register: ManageEngine
pause:
prompt: "Do you want to proceed? (yes/no)"
register: confirm
Regarding your question
I'm just wondering what the syntax looks like
you may have a look into the Ansible Collections documentation Run arbitrary commands on Cisco ASA devices, the documentation of debug_module to Print statements during execution and the pause_module to Pause playbook execution.
# This task removes any existing ManageEngine config for SNMP
tasks:
- name: Show remaining opmanager config
asa_command:
commands: show run | i opmanager
register: ManageEngine
- name: Show result
debug:
msg: "{{ ManageEngine }}"
- name: Pause until confirmation
pause:
prompt: "Do you want to proceed? (yes/no)"
Related
This question already has answers here:
Ansible - Save registered variable to file
(5 answers)
Closed 2 months ago.
I am trying to gain knowledge in Ansible and solve a few problems:
I want to, not sure if it is even possible. Can the output be saved local to the server the playbook is being run on?
in the example, I am just printing to terminal I am running the playbook. I it not much use when there is a large amount of data. I would like it to be saved in a file on the server I am running the playbook instead.
---
- name: list os version
hosts: test
become: true
tasks:
- name: hostname
command: hostname
register: command_output
- name: cat /etc/redhat-release
command: cat redhat-release chdir=/etc
- name: Print output to console
debug:
msg: "{{command_output.stdout}}"
I really want the output to go to a file. I cant find anything about if this is possible.
as you can read on the ansible documentation, you can create a local configuration file ansible.cfg inside the directory vers you have your playbook and then set the proper config log file to output all the playbook output inside: Ansible output documentation
By default Ansible sends output about plays, tasks, and module arguments to your screen (STDOUT) on the control node. If you want to capture Ansible output in a log, you have three options:
To save Ansible output in a single log on the control node, set the log_path configuration file setting. You may also want to set display_args_to_stdout, which helps to differentiate similar tasks by including variable values in the Ansible output.
To save Ansible output in separate logs, one on each managed node, set the no_target_syslog and syslog_facility configuration file settings.
To save Ansible output to a secure database, use AWX or Red Hat Ansible Automation Platform. You can then review history based on hosts, projects, and particular inventories over time, using graphs and/or a REST API.
If you just want to output the result of the task on file, use the copy module on the localhost delegation
---
- name: list os version
hosts: test
become: true
tasks:
- name: hostname
command: hostname
register: command_output
- name: cat /etc/redhat-release
command: cat redhat-release chdir=/etc
- name: Create your local file on master node
ansible.builtin.file:
path: /your/local/file
owner: foo
group: foo
mode: '0644'
delegate_to: localhost
- name: Print output to file
ansible.builtin.copy:
content: "{{command_output.stdout}}"
dest: /your/local/file
delegate_to: localhost
Is there a way to run Cisco NX-OS Bash shell commands in Ansible without a task going in to the config mode?
I just want to get the below command output but keep failing.
bash-4.3# smartctl -a /dev/sda | egrep 'Model|Firmware|Hours'
Device Model: Micron_M600_MTFDDAT064MBF
Firmware Version: MC04
9 Power_On_Hours 0x0032 100 100 000 Old_age Always - 17014
What I've used is below playbook.
- name: running the bash commands
ios_command:
commands:
- conf t
- feature bash
- run bash sudo su
- smartctl -a /dev/sda | egrep 'Model|Firmware|Hours'
register: uptime
- name: output the result
debug:
msg: uptime
- name: run the last command
ios_command:
commands: smartctl -a /dev/sda | egrep 'Model|Firmware|Hours'
register: uptime
- name: write to the file
ansible.builtin.template:
src: ./templates/9k_uptime.j2
dest: ./9k_uptime/9k_uptime.txt
newline_sequence: '\r\n'
(** I'm not proficient in Ansible. Just barely know how to get outputs for bulk devices)
Any help is much appreciated. Thank you!
As I will have a similar use case and probably some more in the future, I've setup a short test on a RHEL 7.9 environment.
As far as I understand for Cisco Nexus Series NX-OS and Bash are other modules recommended and which come from the Community Collections. An installation of them is necessary before
ansible-galaxy collection install cisco.nxos # --ignore-certs
Process install dependency map
Starting collection install process
Installing ... to '/home/${USER}/.ansible/collections/ansible_collections/community/cisco ...'
as well adding the collection path to the library path.
vi ansible.cfg
...
[defaults]
library = /usr/share/ansible/plugins/modules:~/.ansible/plugins/modules:~/.ansible/collections/ansible_collections/
...
Now it is possible to run commands on the remote device
# Usage of command module
# Doc: https://docs.ansible.com/ansible/latest/collections/cisco/nxos/nxos_command_module.html
- name: Run command on remote device
cisco.nxos.nxos_command:
commands: show version
register: results
- name: Show results
debug:
msg: "{{ results.stdout_lines }}"
or gathering device information, in example the configuration.
# Gather device information
# Doc: https://docs.ansible.com/ansible/latest/collections/cisco/nxos/nxos_facts_module.html
- name: Gather only the config and default facts
cisco.nxos.nxos_facts:
gather_subset:
- config
- name: Show facts
debug:
msg: "{{ ansible_facts }}"
If only interested in Kernel uptime the following
commands: show version | i uptime
would be enough.
Thanks in advance for any advice / help on this.
I have tried the "expect" and many iterations of the shell / command modules but neither offers what I (and I imagine others) want to do in this case. Reaching out to the wider group in hopes there is a solution I haven't found yet.
Our software has a shell command that prints out a list of files that it will modify and prompts the user to continue with a standard [y/n] prompt. Similar to what YUM would do if you were upgrading software, it spits out a bunch of output and waits for user input.
The following changes need to be made:
Create /home/XYZ-file
Enable and start the ABC service
Enable and start the DEF service
Allow? [y/N] n
SOMETIMES, depending on the files that it lists, we DON'T want to continue... Sometimes, we DO. so I want to be able to prompt my ansible user and give them the choice based on the list. I know it's annoying human intervention and not in the spirit of automation, but for this one step we're willing to forego things and have a human actually look at these files and make the decision.
Currently "expect" only matches preset output with preset user responses. I don't want to do this since I don't know what files will be presented to the user, so I can't use anything preset.
What I would like is to display all the output of the shell command and prompt the ansible user to decide, based on the output.
simple task to issue the command and register the output:
- name: Issue XYZ command
shell: xyz
register: xyz_output
- debug: var=xyz_output.stdout
The problem is that the shell command hangs in this case because ansible isn't able to:
display the output
&
prompt the ansible user to continue or not
any help greatly appreciated!
a sample yaml that you can take for reference, and improve as per your requirement.
---
- hosts: all
gather_facts: False
tasks:
- name: print
shell: cat inventory
register: fileout
- debug: var=fileout.stdout
- name: pause
pause: prompt='Confirm action by giving - yes/no:'
register: pause
- name: Ansible create file.
file:
path: "/home/ansible/vops.txt"
state: touch
mode: 0777
when: pause.user_input == 'yes'
- name: Ansible start service
service:
name: httpd
state: started
when: pause.user_input == 'yes'
i have used 'pause' module to pause the play and prompt for input, and used 'when' condition to compare the input result and procceed for action.
I trying to create a simple paybook with a common role. Unfortunately I get stymied by ansible. I have looked up and down the internet for solution for this error.
The setup:
I am running ansible 2.7.4 on Ubuntu 18.04
directory structure:
~/Ansible_Do
playbook.yml
inventory (hosts file)
/roles
/common
/defaults
main.yml (other variables)
/tasks
main.yml
richard_e.yml
/vars
vars_and_stuff.yml (vault)
I have a simple playbook.yml
---
# My playbook 1
- hosts: test
- name: Go to common role to run tasks.
roles:
- common
tasks:
- name: echo something
shell: echo $(ip addr | grep inet)
...
I run this command to start the playbook:
~/Ansible_Do$ ansible-playbook -vv --vault-id #prompt -i ~/Ansible_Do/inventory playbook.yml
I enter the vault password continuing the playbook.
The playbook starts pulls facts from the test group of servers. Then reads the role and works to /roles/common. That calls the /common/tasks/main.yml file. This is where the error happens.
The error appears to have been in '/home/~/Ansible_Do/roles/common/tasks/main.yml': line 8, column 3
# Common/tasks file
---
- name: Bring variable from vault
include_vars:
file: vars_and_stuff.yml
name: My_password
- name: Super Richard <====== Error
become: yes
vars:
ansible_become_pass: "{{ My_password }}"
- import_tasks: ./roles/common/tasks/ricahrd_e.yml
...
The ./roles/common/tasks/ricahrd_e.yml is a simple testing task.
---
- name: say hi
debug:
msg: "Active server."
...
The error on "- name". I have checked online and in the Ansible docs to see if there is a key I'm missing. I found an example for include_vars in a /role/tasks (https://gist.github.com/halberom/ef3ea6d6764e929923b0888740e05211) showing proper syntax (I presume) in a simple role. The code works as parts, but not together.
I have reached what I can understand. I feel that is error is utterly simple and I am missing something (forest for the trees).
The error means exactly what it says, except the "module name" is not misspelled in your case, but missing altogether.
This...
- name: Super Richard <====== Error
become: yes
vars:
ansible_become_pass: "{{ My_password }}"
... is not a valid task definition, it does not declare an action.
An action in Ansible is a call to a module, hence "misspelled module name".
The error comes after name, because that's where Ansible expects the name of the "module" that you want to call, e.g. shell in your first example.
You are probably assuming that become is a "module", but it is not.
It is a "playbook keyword", in this case applied on the task level, which has the effect that you become another user for this task only.
But as the task has no action, you get this error.
See docs:
Playbook keywords
Understanding privilege escalation
After a bit of work I got the playbook to work. Knowing that 'become' is not a task was the start. I also found out how to pull the proper vars from the vault.
# My first playbook 1
- hosts: test
become: yes
vars_files:
- ./roles/common/vars/vars_and_stuff.yml
vars:
ansible_become_pass: "{{ My_password }}"
roles:
- common
tasks:
- name: echo something
shell: echo $(ip addr | grep inet)
The vars file access the vault and then vars: pulls the password used by become. With become in force I ran the other tasks in the common role with a last standalone task. Lastly, don't try to - name: at the top level of the playbook as it trigger a hosts undefined error.
I am stuck at this,I could easily set source for GT.M but after this, when I fire gtm command it get stuck,don't get out of it also,somebody please help me out.
my code is as follow:
---
- name: Copying files on local machine and printing Hello msg.
hosts: webservers
user: onkar
remote_user: vistaehr
gather_facts: False
#sudo: False
tasks:
- name: copying local file
copy: src=/home/onkar/onkar/Ansible/HELLO.m dest=/home/vistaehr/VistA/testr
#shell: rm pwd.txt
- name: Print Success
debug: msg="success"
- name: changing ownership of file
#copy: src=/home/onkar/onkar/Ansible/HELLO.m dest=/home/vistaehr/VistA/testr
shell: chown vistaehr:vistaehr /home/vistaehr/VistA/testr/HELLO.m
- name: Setting Source
shell: . /home/vistaehr/VistA/env && gtm
- name: Print Success
debug: msg="success"
- name: zlinking given file
shell: zlink "/home/vistaehr/VistA/testr/HELLO.m"
gtm starts a console, it is an interactive process. Ansible is waiting until the called command is exiting. Since the program never exits, your ansible task will never complete.
What are you trying to archive with calling gtm from Ansible? If you want to start a service you should look into the service module or check out systemd or init.d depending on your system.
Running a command in gtm you can do with piping:
echo 'zlink "/home/vistaehr/VistA/testr/HELLO.m"' | gtm
Or as an ansible task:
- name: Setting Source and zlinking given file
shell: . /home/vistaehr/VistA/env && echo 'zlink "/home/vistaehr/VistA/testr/HELLO.m"' | gtm