So, the scenario is:
I have a mini computer (running Ubuntu server 18.04) that is accessible using SSH from my local machine.
Attached to the mini computer is a sensor device that is connected via USB, but accessed from the mini computer using SSH with root#x.x.x.x (no password) and is running a stripped back form of Linux.
I need to copy a config file onto the device, (and am able to do this from the mini computer using SCP successfully), but want to be able to do this from my local machine using Ansible as there will be hundreds of these to setup, each with different configurations.
The Ansible role looks like this:
- name: "Copy config file to mini PC"
template:
src: config.json.j2
dest: "{{ pc_config_path}}"
- name: "Copy config file from mini PC to sensor
command: "scp {{ pc_config_path}} root#{{ device_ip_addr }}:{{ device_config_path }}"
become: yes
The first task executes successfully, but the second one just hangs.
I've tried shell and raw, and even creating a bash script and running that without success.
Not sure if this is a security limitation, but would like to find a solution. So any ideas would help.
Thanks.
Figured out the scp command was waiting for a response to add the device to the list of known_hosts
Updated the task to
- name: "Copy gnd.json from PC to v2x unit"
command: "scp -oStrictHostKeyChecking=no {{ pc_config_path }} root#{{ device_ip_addr }}:{{ device_config_path }}"
And everything worked
Related
I have below task to copy running config to remote server.
- name: Copying confg to remote server
cisco.nxos.nxos_command:
commands:
- command: copy run scp://{{ username }}#{{ remote_server }}{{ remote_location }}/{{ hostname }}_config.txt vrf management
prompt:
- "password:"
answer:
- "{{ password }}"
I did debug using -vvv. This approach just goes on and on never ends.
> <192.168.1.1> ANSIBLE_NETWORK_IMPORT_MODULES: found cisco.nxos.nxos_command at /usr/local/Cellar/ansible/6.5.0/libexec/lib/python3.10/site-packages/ansible_collections/cisco/nxos/plugins/modules/nxos_command.py
> <192.168.1.1> ANSIBLE_NETWORK_IMPORT_MODULES: running cisco.nxos.nxos_command
how to fix it? I was looking at cisco.nxos.nxos_file_copy module but it is to copy file from remote server to nexus device. I need to copy file from nexus device to remote server so I can't use it.
The scp command syntax looks a little wrong to me. Seems to be missing : after {{ remote_server }}
Example: scp username#server:filepath /local/directory/
Let's assume I have a textfile in some network path
EX: \cr-ampd-a01.abcd.loc\BulkFolder\textfile.txt
How to copy that file to my controller machine in ansible
Note: I can access it by (WIN+R and that path) then it pops up for credentials to access.
This is the sample code with win_copy
- name: copy from network to controller
win_copy:
src: \\cr-ampd-a01.abcd.loc\BulkFolder\textfile.txt
dest: C:\Temp\OTW\Mastapps
remote_src: yes
become: yes
vars:
ansible_become_user: XXX\Uxxxxxx
ansible_become_pass: PasswordHere
Error with this code is: Cannot copy src file as it does not exit
Another with net_get
- name: copy from network to controller
net_get:
src: \\cr-ampd-a01.abcd.loc\BulkFolder\textfile.txt
dest: C:\Temp\OTW\Mastapps
ansible_network_os: "eos"
remote_src: True
become: True
vars:
ansible_become_user: XXX\Uxxxxxx
ansible_become_pass: PasswordHere
Error here: ansible_network_os must be specified on this host
How can I achieve this?
You try to copy a file from a CIFS resource. I'm relative sure that this isn't working with copy or win_copy because they are used to copy file on that (physical) machine. Because CIFS is a protocol like HTTP and FTP you need a client to get the file from the remote machine. As you also wrote, you need to identify yourself with some credentials, the win_copy task doesnt have that option.
One option could be - mount the network device to -for example- N:/ or something like that and use then win_copy with N:/source.txt - in that case the N:-drive is like C:/ or D:/ a known path on the machine. Have a look at win_share - https://docs.ansible.com/ansible/latest/modules/win_share_module.html
Another option is to call a local CIFS client via command like command: copy //server/path/file c:/file or robocopy, but that isn't easy to be idempotent. See Copy files to network computers on windows command line
net_get is useful to copy files from "network devices" - please have a look at https://docs.ansible.com/ansible/latest/network/user_guide/platform_index.html#platform-options for a list of supported platforms. As of the list - I would say coping from a CIFS-share is not supported by net_get.
I am trying to get an Ansible task to print the version used while running on Windows 10.
I am currently trying something like this:
---
# Source: https://serverfault.com/a/695798
- name: Get version
win_shell: ansible --version
register: ansibleVersion
# How I chose to expose the version collected
- name: Display version
win_msg:
msg: "Ansible Version: {{ ansibleVersion.stdout }}"
display_seconds: 30
However, I am getting this output:
"stderr": "ansible : The term 'ansible' is not recognized as the name of a cmdlet, function, script file, or operable program. \r\nCheck the spelling of the name, or if a path was included, verify that the path is correct and try again.\r\n
Full disclosure, I am new to Ansible. I have tried win_command, win_shell, and am not really sure what all to try next.
The Windows machines can be provisioned using ansible but not installed on Windows.
You can configure the Windows machine from a Linux machine as the controller host.
And you can run the ansible-playbook from this controller host which will run on the windows machine.
---
- hosts: all
tasks:
- name: Get Windows version
win_shell: "systeminfo /fo csv | ConvertFrom-Csv | select OS*, System*, Hotfix* | Format-List"
register: windows_version
- name: Print Windows host information
debug:
msg: "{{ windows_version }}"
Save this as main.yml
Add the Windows host IP in hosts file
[win]
172.16.*.*
[win:vars]
ansible_user=user
ansible_password=password
ansible_connection=winrm
ansible_winrm_server_cert_validation=ignore
Run the playbook using the following command
ansible-playbook -i hosts main.yml
If you want ansible on Windows, then there are other installation methods to run it on Windows.
Also mentioned in the comments.
I have attached some links to setup ansible on Windows 10 subsytem for Linux,
Ansible - Windows Frequently asked questions
Using Ansible through Windows 10's Subsystem for Linux
Hope it solves your issue.
Thank you to all those who answered and commented. The articles were very informative, and I learned a much more about Ansible. The answers put me on the scent of the actual task I made.
To restate my comment on the original question, I had a misunderstanding. Because on my Windows machine I had to add a user ansible, I thought it was being run locally somehow. However, it turns out, Ansible deploys are being run from a Linux VM.
Once I had this misunderstanding cleared up, I realized I needed to use delegate_to: 127.0.0.1 in my Ansible task. Here is my Check Ansible version task:
---
# SEE: https://serverfault.com/a/695798/514234
- name: Check Ansible version
command: ansible --version
register: ansibleVersion
delegate_to: 127.0.0.1
- name: Print version
debug:
msg: "Ansible Version: {{ ansibleVersion.stdout }}"
I want to copy a file from a remote windows host to the local ansible server.
I have searched stackoverflow but I only found answers for Linux host : like this one Unfortunately the fetch seems not to work with windows hosts.
So how can I copy from a remote windows host to a local ansible server?
I could figure it out, and I have to revert my initial statement. The error messages where miss leading. The fetch module does work also for Windows. I my case I had a bad winrm connection. But instead of an error message the module tried to connect via ssh and finally ended "ok" (green!) the only indication that it did not worked that the file was not copied -- and this never could have happened since the was no ssh connection. I reinstalled the winrm and all worked fine!! Here is the working code:
- name: Fetch war file from buildserver
fetch:
validate_checksum: yes
src: "{{ war_file_path }}{{ war_file_name }}"
dest: "{{ warfile_tmp_folder }}"
flat: yes
delegate_to: "{{ buildserver }}"
With ansible, I'm trying to copy an application artifact from a remote server "artifacts_host" to a target machine, i.e. a host in my inventory. The play I'm trying to run is something like:
- name: rsync WAR artifact from artifacts host
synchronize: >
src={{ artifacts_path }}/{{ artifact_filename }}.war
dest={{ artifact_installation_dir }}
delegate_to: "{{ artifacts_host }}"
I came very close to getting this to work by using ansible-vault to encrypt a "secrets.yml" variable file with the artifact_host's public key and then installed it on the target machine's auth file like:
- name: install artifacts_host's public key to auth file
authorized_key: >
user={{ ansible_ssh_user }}
key='{{ artifacts_host_public_key }}'
sudo: yes
but the problem is that my artifacts_host cannot resolve an IP address from the FQDN that Ansible passes to it. If I was able to "inform" the artifacts_host of the IP to use (what the fqdn should resolve to) then I would be fine. I would also be fine having the task fire off on the target machine to pull from the artifacts_host, but I can't find an idempotent way of accomplishing this, nor can I figure out how to feed the target machine a login/password OR ssh key to use.
Am I just gonna have to template out a script to push to my targets???
For anyone who comes across this and has the same question, I did not really figure it out, I just decided to install the private key in the target machines' /etc/ssh directory and chmod it to 0600. I figure it's basically as secure as it could get without a transient (in-memory only) key/password and with idempotence.