chillancezen
commented
4 years ago hi @s0x00 ,
thanks for your issue, it has been fixed but not released, I will keep you updated util next release is done soon.
thanks, Link
Closed s0x00 closed 4 years ago
chillancezen
commented
4 years ago hi @s0x00 ,
thanks for your issue, it has been fixed but not released, I will keep you updated util next release is done soon.
thanks, Link
chillancezen
commented
4 years ago hi @s0x00 ,
please re-install your fortios galaxy collection with latest 1.0.9
$ ansible-galaxy collection install fortinet.fortios:1.0.9 -fhere is an example that use non-regular characters in primary key:
- hosts: fortigate01
connection: httpapi
collections:
- fortinet.fortios
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure global attributes.
fortios_firewall_address:
vdom: "{{ vdom }}"
state: "present"
firewall_address:
name: 'FW/ADDRESS? with escape letters'I mark this issue as closed.
please reopen it and let me know if there is anything I could do to help.
thanks, Link
s0x00
commented
4 years ago Hi Link,
I've upated the collection to 1.0.9. Unfortunatly im getting the same error.
[httpsd 5119 - 1591195498 info] cmdb_generate_schema[1037] -- generating schema for firewall.address
[httpsd 5119 - 1591195498 info] handle_cli_req_v2_vdom[1965] -- returning to original vdom "root"
[httpsd 5119 - 1591195498 info] ap_invoke_handler[616] -- request completed (handler='api_cmdb_v2-handler' result==0)
[httpsd 5119 - 1591195498 info] ap_invoke_handler[593] -- new request (handler='api_cmdb_v2-handler', uri='/api/v2/cmdb/firewall/address/FOO/BAR?vdom=ANS', method='PUT')
[httpsd 5119 - 1591195498 info] ap_invoke_handler[597] -- User-Agent: python-requests/2.22.0
[httpsd 5119 - 1591195498 info] ap_invoke_handler[600] -- Source: x.x.x.x:36648 Destination: y.y.y.y:443
[httpsd 5119 - 1591195498 info] api_cmdb_v2_handler[2055] -- received api_cmdb_v2_request from 'x.x.x.x'
[httpsd 5119 - 1591195498 info] aps_init_process_vdom[1195] -- initialized process vdom to 'root' (cookie='(null)')
[httpsd 5119 - 1591195498 info] api_store_parameter[227] -- add API parameter 'vdom': '"ANS"' (type=string)
[httpsd 5119 - 1591195498 info] api_store_parameter[227] -- add API parameter 'subnet': '"1.1.1.1 255.255.255.255"' (type=string)
[httpsd 5119 - 1591195498 info] api_store_parameter[227] -- add API parameter 'type': '"ipmask"' (type=string)
[httpsd 5119 - 1591195498 info] api_store_parameter[227] -- add API parameter 'name': '"FOO\/BAR"' (type=string)
[httpsd 5119 - 1591195498 info] handle_cli_req_v2_vdom[1954] -- attempting to change from vdom "root" to vdom "ANS"
[httpsd 5119 - 1591195498 info] handle_cli_req_v2_vdom[1957] -- new CMDB API request (vdom='ANS',user='admin')
[httpsd 5119 - 1591195498 info] api_cmdb_request_init_by_path[1360] -- new CMDB query (path='firewall',name='address')
[httpsd 5119 - 1591195498 info] api_cmdb_request_init_by_path[1389] -- querying CMDB entry (mkey='FOO')
[httpsd 5119 - 1591195498 info] api_cmdb_request_init_by_path[1393] -- unable to find 'FOO' in table 'firewall.address'
[httpsd 5119 - 1591195498 info] api_cmdb_request_init[1488] -- new CMDB child query for 'firewall.address:BAR'
[httpsd 5119 - 1591195498 error] api_cmdb_request_init[1494] -- unable to create child query
[httpsd 5119 - 1591195498 error] api_return_http_result[631] -- API error 400 raised
[httpsd 5119 - 1591195498 info] handle_cli_req_v2_vdom[1965] -- returning to original vdom "root"
[httpsd 5119 - 1591195498 info] ap_invoke_handler[616] -- request completed (handler='api_cmdb_v2-handler' result==0)
[httpsd 3157 - 1591195498 info] ap_invoke_handler[593] -- new request (handler='logout-handler', uri='/logout', method='POST')
[httpsd 3157 - 1591195498 info] ap_invoke_handler[597] -- User-Agent: python-requests/2.22.0
[httpsd 3157 - 1591195498 info] ap_invoke_handler[600] -- Source: x.x.x.x:36650 Destination: y.y.y.y:443
[httpsd 3157 - 1591195498 info] ap_invoke_handler[616] -- request completed (handler='logout-handler' result==0)BR
chillancezen
commented
4 years ago hi @s0x00 ,
did you use collection via the following statement in your playbook?
connection: httpapi
collections:
- fortinet.fortioscould you please share the playbook and host inventory ?
thanks, Link
s0x00
commented
4 years ago Hi Link,
I'm using the collection in the playbook:
playbook:
- hosts: localhost
connection: httpapi
collections:
- fortinet.fortios
vars:
vd: "ANS"
host: "x.x.x.x"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
ansible_httpapi_password: "xxxx"
ansible_user: "xxxx"
tasks:
- name: add adresses.
include_tasks: ./tasks/fos_addr.ymltask:
- name: Configure IPv4 addresses.
fortios_firewall_address:
host: '{{ host }}'
username: '{{ username }}'
password: '{{ password }}'
vdom: '{{ vd }}'
https: yes
ssl_verify: no
state: 'present'
firewall_address:
name: 'FOO/BAR'
type: 'ipmask'
subnet: '1.1.1.1 255.255.255.255'Thanks and br.
chillancezen
commented
4 years ago oh I see! you are using galaxy collection but still using legacy fortiosapi
could you please use httpapi instead? here is the guide: https://ansible-galaxy-fortios-docs.readthedocs.io/en/latest/playbook.html
the issue is not fixed in legacy fortiosapi, as a matter of fact, the legacy fortiosapi will be deprecated?
thanks. Link
s0x00
commented
4 years ago Thanks for pointing this out. I've made the changes using the provided guide.
I'm now getting the following error.
The full traceback is:
Traceback (most recent call last):
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-5923bfmxKf/ansible-tmp-1591278974.8-129395244653859/AnsiballZ_fortios_firewall_address.py", line 102, in <module>
_ansiballz_main()
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-5923bfmxKf/ansible-tmp-1591278974.8-129395244653859/AnsiballZ_fortios_firewall_address.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-5923bfmxKf/ansible-tmp-1591278974.8-129395244653859/AnsiballZ_fortios_firewall_address.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.fortinet.fortios.plugins.modules.fortios_firewall_address', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib/python2.7/runpy.py", line 188, in run_module
fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 82, in _run_module_code
mod_name, mod_fname, mod_loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 578, in <module>
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 556, in main
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 461, in fortios_firewall
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 444, in firewall_address
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 173, in set
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 146, in get_mkey
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 137, in get_mkeyname
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 126, in schema
File "/tmp/ansible_fortios_firewall_address_payload_5qsK4g/ansible_fortios_firewall_address_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
ansible.module_utils.connection.ConnectionError: addinfourl instance has no attribute 'getheaders'But I don't know if this is still related to this issue.
chillancezen
commented
4 years ago could you please use python3 ?
python2 has been deprecated.
thanks
Sent from my iPhone
On Jun 4, 2020, at 10:01 PM, EK notifications@github.com<mailto:notifications@github.com> wrote:
Thanks for pointing this out. I've made the changes using the provided guide.
I'm now gettig the following error.
The full traceback is:
Traceback (most recent call last):
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-5923bfmxKf/ansible-tmp-1591278974.8-129395244653859/AnsiballZ_fortios_firewall_address.py", line 102, in
But I don't know if this is still related to this issue.
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHubhttps://github.com/fortinet-ansible-dev/ansible-galaxy-fortios-collection/issues/8#issuecomment-638868328, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACOVYVPSVW4CKNUXO3RK6PDRU6SJ7ANCNFSM4MZY3GQQ.
s0x00
commented
4 years ago Still the same error:
The full traceback is:
Traceback (most recent call last):
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 102, in <module>
_ansiballz_main()
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.fortinet.fortios.plugins.modules.fortios_firewall_address', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 578, in <module>
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 556, in main
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 461, in fortios_firewall
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 444, in firewall_address
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 173, in set
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 146, in get_mkey
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 137, in get_mkeyname
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 126, in schema
File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__
ansible.module_utils.connection.ConnectionError: addinfourl instance has no attribute 'getheaders'it's no FortiOS issue , but ansible core issue.
could you dump the urllib version and upgrade your urllib to the latest?
pip3 list |grep urllib3pip3 install urllib3==1.25.9my ansible env:
$ansible --version
ansible 2.9.8
config file = None
configured module search path = ['/home/linky/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/linky/.local/lib/python3.7/site-packages/ansible
executable location = /home/linky/.local/bin/ansible
python version = 3.7.3 (default, Oct 7 2019, 12:56:13) [GCC 8.3.0]urllib is on the lastest version
$ pip3 list | grep urllib3
urllib3 (1.25.9)
$ ansible --version
ansible 2.9.6
config file = None
configured module search path = [u'/home/abc/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.15rc1 (default, Nov 12 2018, 14:31:15) [GCC 7.3.0]Python3 is used as I set it in my inventory file via ansible_python_interpreter
chillancezen
commented
4 years ago I am not sure whether ansible_python_interpreter works, but I am sure it's Ansible core issue for which you can seek help from Ansible community https://github.com/ansible/ansible/issues
could you please setup a python3 Ansible environment? it's supposed to be even all right to setup a virtual python3 env.
thanks, Link
chillancezen
commented
4 years ago @s0x00 just an Update for the issue:
Still the same error:
The full traceback is: Traceback (most recent call last): File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 102, in <module> _ansiballz_main() File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 94, in _ansiballz_main invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS) File "/home/ssa.local/a785189/.ansible/tmp/ansible-local-12238tRZHmN/ansible-tmp-1591352529.87-138903508393115/AnsiballZ_fortios_firewall_address.py", line 40, in invoke_module runpy.run_module(mod_name='ansible_collections.fortinet.fortios.plugins.modules.fortios_firewall_address', init_globals=None, run_name='__main__', alter_sys=True) File "/usr/lib/python3.6/runpy.py", line 205, in run_module return _run_module_code(code, init_globals, run_name, mod_spec) File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code mod_name, mod_spec, pkg_name, script_name) File "/usr/lib/python3.6/runpy.py", line 85, in _run_code exec(code, run_globals) File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 578, in <module> File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 556, in main File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 461, in fortios_firewall File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py", line 444, in firewall_address File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 173, in set File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 146, in get_mkey File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 137, in get_mkeyname File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/fortios.py", line 126, in schema File "/tmp/ansible_fortios_firewall_address_payload_gvqe7is0/ansible_fortios_firewall_address_payload.zip/ansible/module_utils/connection.py", line 185, in __rpc__ ansible.module_utils.connection.ConnectionError: addinfourl instance has no attribute 'getheaders'
I got this reproduced!
This is a Py2/Py3 compatibility issue in urllib library.
PLEASE DON'T USE PYTHON2.
as a workaround, you can uninstall python2 ansible and reinstall python3 ansible:
1) # pip2 uninstall ansible
2) # pip3 install ansible==2.9.10remember to confirm whether the Ansible has a right association with Py3 by running:
[root@localhost ~]# ansible-playbook --version
ansible-playbook 2.9.10
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/site-packages/ansible
executable location = /usr/local/bin/ansible-playbook
python version = 3.6.8 (default, Nov 27 2019, 14:21:59) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39.0.1)]Thanks, Link
chillancezen
commented
4 years ago and ansible_python_interpreter variable is not working for this issue.
Trying to add an address object which name includes a slash '/' character e.g. 'FOO/BAR'. Which raises "Error in repo" in Ansible or "API error 400 raised" on Fortigate.
api debug:
Thanks in advance.