Open Akasurde opened 4 years ago
So first of all, cli_command
is designed to send single exec mode commands to a device and return the result. To configure a device as you are, you should be using cli_config
with something like this:
---
- name: shutdown same ports on all switches
debug:
msg: "Shutdown test case"
- name: Send configuration to switch
cli_config:
config: |
"interface Tengigabitethernet 0/{{ item }}"
shutdown
loop: "{{ shutdown_ports }}"
Or even better, a template to send the whole thing as a single request.
Your real problem, though, is that you are using delegate_to
unnecessarily. You have already specified the host you wish to send the commands to in your inventory by specifying them in the hosts
key of your playbook. delegate_to
is normally used to pass control off to a proxy host, but this is unsupported for network modules.
Thanks for your response @Qalthos . However , I run into below exception when I use cli_config
TASK [switch_test : Send configuration to switch] ******************************************************************************************************************************************************************************
task path: /var/lib/jenkins/workspace/Ansible_QA/Automation/roles/switch_test/tasks/switch_shutdown.yml:6
The full traceback is:
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py", line 102, in <module>
_ansiballz_main()
File "/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible.modules.network.cli.cli_config', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/modules/network/cli/cli_config.py", line 400, in <module>
File "/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/modules/network/cli/cli_config.py", line 366, in main
File "/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
ansible.module_utils.connection.ConnectionError: q must be exactly 160, 224, or 256 bits long
failed: [TOR_A] (item=34) => {
"ansible_loop_var": "item",
"changed": false,
"item": 34,
"module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py\", line 102, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-local-27251gfwqahn4/ansible-tmp-1594999309.616183-280419117836686/AnsiballZ_cli_config.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.network.cli.cli_config', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib64/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib64/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib64/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/modules/network/cli/cli_config.py\", line 400, in <module>\n File \"/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/modules/network/cli/cli_config.py\", line 366, in main\n File \"/tmp/ansible_cli_config_payload_y4ee3wgn/ansible_cli_config_payload.zip/ansible/module_utils/connection.py\", line 185, in __rpc__\nansible.module_utils.connection.ConnectionError: q must be exactly 160, 224, or 256 bits long\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
If I continue to use cli_command with the same script (after removing delegate_to) the result changes for me as below:
failed: [TOR_A] (item=config) => {"ansible_loop_var": "item", "changed": false, "item": "config", "msg": "q must be exactly 160, 224, or 256 bits long"}
failed: [TOR_A] (item=interface Tengigabitethernet 0/34) => {"ansible_loop_var": "item", "changed": false, "item": "interface Tengigabitethernet 0/34", "msg": "q must be exactly 160, 224, or 256 bits long"}
I fail to comprehend the part : "msg": "q must be exactly 160, 224, or 256 bits long"}
So "q must be exactly 160, 224, or 256 bits long"
is an internal paramiko
issue (or, rather, a cryptography
issue that paramiko
is letting pass up) relating to parsing DSA keys. This seems particularly suspect given that you're supplying a password and while you have DEFAULT_PRIVATE_KEY_FILE
set, it appears to be an RSA key.
Given that you're using a password anyway, the quickest way to avoid that issue is to set ANSIBLE_PARAMIKO_LOOK_FOR_KEYS=False
and disable DEFAULT_PRIVATE_KEY_FILE
from your configuration to make sure that ansible only authenticates using the supplied password.
From @srivaa31 on Jul 14, 2020 10:33
SUMMARY
shutdown command on switch interface consistently fails with "command timeout triggered, timeout value is 30 secs" message
ISSUE TYPE
COMPONENT NAME
cli_command module
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
CentOS Linux release 8.1.1911 (Core)
STEPS TO REPRODUCE
switch_shutdown.yml
switch.yml <- playbook file
switch_test is the role file task file is switch_shutdown.yml
Content of hosts file below /etc/ansible/hosts
EXPECTED RESULTS
Successful login to switch and shut down of specified port
ACTUAL RESULTS
Copied from original issue: ansible/ansible#70633