Problem running role on the switch

lflaks commented 7 months ago

This looks like a very basic issue. I have a simple role to try to add alias to zone configuration. It looks like this:

---

- name: Create FC zone aliases
  brocade.fos.brocade_zoning_alias:
    credential: "{{ credential }}"
    fvid: -1
    aliases:
      - name: esxi-hs-11_p1
        members:
          - 10:00:b4:7a:f1:d3:30:81
- name: Check results
  ansible.builtin.debug:
    msg: "{{ result }}"

Credentials are set with user "admin", password and IP. If I run role as user admin with -u option, I have error -

UNREACHABLE! => {"changed": false, "msg": "Failed to create temporary directory. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p \" echo ~/.ansible/tmp \"&& mkdir \" echo ~/.ansible/tmp/ansible-tmp-1709930061.640703-48447-92783185083991 \" && echo ansible-tmp-1709930061.640703-48447-92783185083991=\" echo ~/.ansible/tmp/ansible-tmp-1709930061.640703-48447-92783185083991 \" ), exited with result 1", "unreachable": true}

If I run it as user 'root', I can't connect to the switch - understandably, as user root is not configured on the switch. I can easily log into switch with credentials provided. Looks like role is trying to communicate using SSH, not API over https. Is there a simple way to fix it? Thanks!

prasad-valmeti-broadcom commented 5 months ago

Let's say this config is in zone_config.yml

name: Create FC zone aliases brocade.fos.brocade_zoning_alias: credential: "{{ credential }}" fvid: -1 <--- This is wrong it should be vfid: -1 aliases:
- name: esxi-hs-11_p1 members:
  - 10:00:b4:7a:f1:d3:30:81
name: Check results ansible.builtin.debug: msg: "{{ result }}"

ansible-playbook -i san-inventory zone_config.yml -vvv This way it works fine.

Please elaborate more details on how you are running the playbook.

lflaks commented 5 months ago

Thanks for catching it!. Unfortunately, the error was in my post but actual code was correct. Some more details: I have a role with task/main.yml

name: Create FC zone aliases brocade.fos.brocade_zoning_alias: credential: "{{ credential }}" vfid: -1 aliases:
- name: esxi-hs-osp01_p1 members:
  - 10:00:b4:7a:f1:d3:30:81
name: Check results ansible.builtin.debug: msg: "{{ result }}"

Credentials are set in vars/main.yml

credential: fos_ip_addr: A.B.C.D fos_user_name: admin fos_password: !vault | $ANSIBLE_VAULT;1.1;AES256 Encrypted password is here ssh_hostkeymust: false https: true

I am calling this role from the playbook

name: Playbook to test or run roles hosts: all roles:
- _fc_alias

The target switch is called hsfc-b3600-1 and is listed in hosts file. I run this command: ansible-playbook -l hsfc-b3600-1 -u admin test.yml -vvv --ask-vault-password -CD

Here is the output ( skipped a few lines in the beginning )

PLAYBOOK: test.yml ***********************************************************************************************************************************************************************************************************************************
1 plays in test.yml

PLAY [Playbook to test or run roles] *****************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************************************************************
task path: /Users/flaks/git/cshlansible/playbooks/test.yml:9
ESTABLISH SSH CONNECTION FOR USER: admin
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="admin"' -o ConnectTimeout=10 -o 'ControlPath="/Users/flaks/.ansible/cp/5ab09a8973"' hsfc-b3600-1 '/bin/sh -c '"'"'echo ~admin && sleep 0'"'"''
(1, b'', b"welcome\nX11 forwarding request failed\r\nrbash: /bin/sh: restricted: cannot specify /' in command names\n") <hsfc-b3600-1> Failed to connect to the host via ssh: welcome X11 forwarding request failed rbash: /bin/sh: restricted: cannot specify /' in command names
ESTABLISH SSH CONNECTION FOR USER: admin
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="admin"' -o ConnectTimeout=10 -o 'ControlPath="/Users/flaks/.ansible/cp/5ab09a8973"' hsfc-b3600-1 '/bin/sh -c '"'"'echo "pwd" && sleep 0'"'"''
(1, b'', b"X11 forwarding request failed\r\nrbash: /bin/sh: restricted: cannot specify /' in command names\n") <hsfc-b3600-1> Failed to connect to the host via ssh: X11 forwarding request failed rbash: /bin/sh: restricted: cannot specify /' in command names
ESTABLISH SSH CONNECTION FOR USER: admin
SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="admin"' -o ConnectTimeout=10 -o 'ControlPath="/Users/flaks/.ansible/cp/5ab09a8973"' hsfc-b3600-1 '/bin/sh -c '"'"'( umask 77 && mkdir -p "echo ~/.ansible/tmp"&& mkdir "echo ~/.ansible/tmp/ansible-tmp-1715109688.869764-20282-149182023619447" && echo ansible-tmp-1715109688.869764-20282-149182023619447="echo ~/.ansible/tmp/ansible-tmp-1715109688.869764-20282-149182023619447" ) && sleep 0'"'"''
(1, b'', b"X11 forwarding request failed\r\nrbash: /bin/sh: restricted: cannot specify /' in command names\n") <hsfc-b3600-1> Failed to connect to the host via ssh: X11 forwarding request failed rbash: /bin/sh: restricted: cannot specify /' in command names
fatal: [hsfc-b3600-1]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to create temporary directory. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "echo ~/.ansible/tmp"&& mkdir "echo ~/.ansible/tmp/ansible-tmp-1715109688.869764-20282-149182023619447" && echo ansible-tmp-1715109688.869764-20282-149182023619447="echo ~/.ansible/tmp/ansible-tmp-1715109688.869764-20282-149182023619447" ), exited with result 1",
"unreachable": true
}

PLAY RECAP *******************************************************************************************************************************************************************************************************************************************
hsfc-b3600-1 : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0

mgoetze5 commented 5 months ago

Looks like you are missing ansible_connection: local somewhere.

lflaks commented 4 months ago

Yes, that was missing! Now if I run it with "-c local" option, it works. Thanks for help, really appreciate it.

brocade / ansible

Problem running role on the switch #150