restconf_get on nxos shows no output, however, shows all green but works fine for iosxe

muhammad-rafi commented 3 years ago

SUMMARY

I have been running restconf_get module against nxos 9.3(1) and 7.0(3)I7(8)) but I see no ouput when the playbook running, however, it seems like playbook runs OK. Just F.Y.I it works fine on IOSXE and I do see output for any restconf call on iosxe but dont see it on nxos unfortunately

ISSUE TYPE

Bug Report Results are not as expected

COMPONENT NAME

ansible.netcommon.restconf_get

ANSIBLE VERSION

2.9.16

COLLECTION VERSION

[ansible@vCentOS vsansible]$ ansible-galaxy collection list netcommon.restconf_get
usage: ansible-galaxy collection [-h] COLLECTION_ACTION ...
ansible-galaxy collection: error: argument COLLECTION_ACTION: invalid choice: 'list' (choose from 'init', 'build', 'publish', 'install')

CONFIGURATION

ANSIBLE_COW_SELECTION(/opt/ansible/vsansible/ansible.cfg) = random
ANSIBLE_NOCOWS(/opt/ansible/vsansible/ansible.cfg) = False
ANSIBLE_PIPELINING(/opt/ansible/vsansible/ansible.cfg) = True
ANSIBLE_SSH_RETRIES(/opt/ansible/vsansible/ansible.cfg) = 5
DEFAULT_CALLBACK_WHITELIST(/opt/ansible/vsansible/ansible.cfg) = ['profile_tasks']
DEFAULT_FORKS(/opt/ansible/vsansible/ansible.cfg) = 10
DEFAULT_HOST_LIST(/opt/ansible/vsansible/ansible.cfg) = ['/opt/ansible/vsansible/inventory']
DEFAULT_ROLES_PATH(/opt/ansible/vsansible/ansible.cfg) = ['/opt/ansible/vsansible/roles']
DEFAULT_TIMEOUT(/opt/ansible/vsansible/ansible.cfg) = 60
DEPRECATION_WARNINGS(/opt/ansible/vsansible/ansible.cfg) = False
HOST_KEY_CHECKING(/opt/ansible/vsansible/ansible.cfg) = False
PERSISTENT_COMMAND_TIMEOUT(/opt/ansible/vsansible/ansible.cfg) = 600
RETRY_FILES_ENABLED(/opt/ansible/vsansible/ansible.cfg) = False

OS / ENVIRONMENT

NXOS 7.0(3)I7(8) and 9.3(3)

STEPS TO REPRODUCE

Use my playbook below to reproduce this, this is against publicly available Cisco nxos sandbox

---
- name: Restconf playbook for nxos 
  hosts: sbx-nxos-mgmt.cisco.com
  gather_facts: false  
  connection: httpapi

  vars: 
    ansible_connection: httpapi
    ansible_httpapi_port: 443
    ansible_httpapi_use_ssl: yes
    ansible_httpapi_validate_certs: false
    ansible_network_os: restconf
    ansible_user: admin
    ansible_httpapi_password: Admin_1234!

  tasks:
  - name: Get NXOS device hostname
    ansible.netcommon.restconf_get:
      content: all
      path: /data/Cisco-NX-OS-device:System/name
    register: restconf_output

  - debug: var=restconf_output

EXPECTED RESULTS

It should be the get request output, in my case name of the device

ACTUAL RESULTS

[ansible@vCentOS vsansible]$ ansible-playbook -i hosts playbooks/restconf_nxos.yml -vvv
ansible-playbook 2.9.16
  config file = /opt/ansible/vsansible/ansible.cfg
  configured module search path = ['/opt/ansible/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/ansible/.local/lib/python3.6/site-packages/ansible
  executable location = /opt/ansible/.local/bin/ansible-playbook
  python version = 3.6.8 (default, Aug 10 2019, 06:54:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
Using /opt/ansible/vsansible/ansible.cfg as config file
host_list declined parsing /opt/ansible/vsansible/hosts as it did not pass its verify_file() method
script declined parsing /opt/ansible/vsansible/hosts as it did not pass its verify_file() method
auto declined parsing /opt/ansible/vsansible/hosts as it did not pass its verify_file() method
Parsed /opt/ansible/vsansible/hosts inventory source with ini plugin
Skipping callback 'actionable', as we already have a stdout callback.
Skipping callback 'counter_enabled', as we already have a stdout callback.
Skipping callback 'debug', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'dense', as we already have a stdout callback.
Skipping callback 'full_skip', as we already have a stdout callback.
Skipping callback 'json', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'null', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
Skipping callback 'selective', as we already have a stdout callback.
Skipping callback 'skippy', as we already have a stdout callback.
Skipping callback 'stderr', as we already have a stdout callback.
Skipping callback 'unixy', as we already have a stdout callback.
Skipping callback 'yaml', as we already have a stdout callback.

PLAYBOOK: restconf_nxos.yml ****************************************************************************************
1 plays in playbooks/restconf_nxos.yml

PLAY [Restconf playbook for nxos] **********************************************************************************
META: ran handlers

TASK [Get NXOS device hostname] ************************************************************************************
task path: /opt/ansible/vsansible/playbooks/restconf_nxos.yml:28
Sunday 18 July 2021  04:47:18 +0100 (0:00:00.088)       0:00:00.088 ***********
<sbx-nxos-mgmt.cisco.com> Attempting python interpreter discovery
<sbx-nxos-mgmt.cisco.com> ESTABLISH LOCAL CONNECTION FOR USER: ansible
<sbx-nxos-mgmt.cisco.com> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<sbx-nxos-mgmt.cisco.com> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
Using module file /opt/ansible/.ansible/collections/ansible_collections/ansible/netcommon/plugins/modules/restconf_get.py
Pipelining is enabled.
<sbx-nxos-mgmt.cisco.com> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
ok: [sbx-nxos-mgmt.cisco.com] => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "invocation": {
        "module_args": {
            "content": "all",
            "output": "json",
            "path": "/data/Cisco-NX-OS-device:System/name"
        }
    },
    "response": ""
}

TASK [debug] *******************************************************************************************************
task path: /opt/ansible/vsansible/playbooks/restconf_nxos.yml:34
Sunday 18 July 2021  04:47:20 +0100 (0:00:02.190)       0:00:02.278 ***********
<sbx-nxos-mgmt.cisco.com> ESTABLISH HTTP(S) CONNECTFOR USER: admin TO https://sbx-nxos-mgmt.cisco.com:443
ok: [sbx-nxos-mgmt.cisco.com] => {
    "restconf_output": {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python"
        },
        "changed": false,
        "failed": false,
        "response": ""
    }
}
META: ran handlers
META: ran handlers

PLAY RECAP *********************************************************************************************************
sbx-nxos-mgmt.cisco.com    : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  

Sunday 18 July 2021  04:47:22 +0100 (0:00:01.069)       0:00:03.348 ***********
===============================================================================
Get NXOS device hostname ------------------------------------------------------------------------------------ 2.19s
/opt/ansible/vsansible/playbooks/restconf_nxos.yml:28 -------------------------------------------------------------
debug ------------------------------------------------------------------------------------------------------- 1.07s
/opt/ansible/vsansible/playbooks/restconf_nxos.yml:34 -------------------------------------------------------------

muhammad-rafi commented 3 years ago

One thing I like to mention here, I check the headers in restconf.py and it seems like you are using "application/yang-data+xml", however for nxos we need to use dot notation not hypen e.g "application/yang.data+xml", please check my post on LinkedIn. https://www.linkedin.com/posts/muhammad-rafi-0a37a248_cisconetworking-devnet-classof2020-activity-6824186783543111681-d7zD

sfuhrm commented 2 years ago

@muhammad-rafi you are right, Cisco uses "application/yang.data+xml" in NXOS 9.3.10 and says they are implementing RESTCONF Protocol draft-ietf-netconf-restconf-10.

See Cisco Nexus 9000 NX-OS Programmability Guide

This breaks much of ansible.netcommons code because many places are hardwired to use the RFC 8040 MIME type.

RFC 8040 standard "application/yang-data+xml" is used in netcommon, but
Draft-RestConf "application/yang.data+xml" is used by Cisco NX-OS

There is no easy workaround but to use the default XML output by NX-OS at the moment. See also PR #464 I filed for fixing the XML deserialization.

ansible-collections / ansible.netcommon