search

napalm-automation / napalm-ansible

Apache License 2.0
245 stars 103 forks source link

nxos - napalm_validate - not working with os=nxos #164

Closed writememe closed 4 years ago

writememe commented 4 years ago

Hello,

When attempting to use napalm_validate, it's not working correctly when the os is set to nxos.

However, when using the same playbook, host and validation file, it works using os set to nxos_ssh

hosts file

[nxos]
lab-nxos-01.lab.dfjt.local

[nxos:vars]
ansible_network_os=nxos
os=nxos 

[all:vars]
ansible_connection=network_cli

Ansible/NAPALM/NXAPI Plumbing Versions

ansible==2.8.0
napalm==2.5.0
napalm-ansible==1.0.0
nxapi-plumbing==0.5.2

Validation file - lab-nxos-01.lab.dfjt.local/automated-validation.yml

# Dynamically generated NAPALM validation rules
---
- get_facts:
    fqdn: lab-nxos-01.lab.dfjt.local
    hostname: lab-nxos-01
- get_bgp_neighbors:
    global:
      peers:
        192.168.30.9:
          is_enabled: true
          is_up: true
          local_as: 65014
          remote_as: 65011
        192.168.30.13:
          is_enabled: true
          is_up: true
          local_as: 65014
          remote_as: 65018
      router_id: 192.168.40.14
- get_interfaces:
    Ethernet1/3:
      description: To lab-arista-01.lab.dfjt.local - Ethernet3
      is_enabled: true
      is_up: true
    Ethernet1/2:
      description: To lab-arista-02.lab.dfjt.local - Ethernet2
      is_enabled: true
      is_up: true
    loopback0:
      description: Loopback Interface
      is_enabled: true
      is_up: true
- get_interfaces_ip:
    Ethernet1/3:
      ipv4:
        192.168.30.10:
          prefix_length: 30
    Ethernet1/2:
      ipv4:
        192.168.30.14:
          prefix_length: 30
    loopback0:
      ipv4:
        192.168.40.14:
          prefix_length: 32
- get_lldp_neighbors_detail:
    Ethernet1/3:
    - remote_system_name: lab-arista-01
    Ethernet1/2:
    - remote_system_name: lab-arista-02

Playbook

---
- name: Compiled automated validation files
  hosts: all
  connection: local
  vars:
    validate_dir: "{{ playbook_dir }}/validate/files"
    datamodel_dir: "{{ playbook_dir }}/datamodel"
    raw_report_dir: "{{ playbook_dir }}/validate/reports"
  tasks:
    - name: Prepare validate datamodel directory
      set_fact:
        val_dir: "{{ validate_dir }}/{{ inventory_hostname }}"
      changed_when: false
    - name: Ensure there are no files from previous runs
      file:
        path: "{{ val_dir }}"
        state: absent
      changed_when: false
    - name: Create directory where assembled validation rule file is stored
      file:
        path: "{{ val_dir }}"
        state: directory
      changed_when: false
    - name: Prepare reports directory
      file:
        path: "{{ raw_report_dir }}"
        state: directory
      changed_when: false
      run_once: true

- name: Create validation files, based on the datamodel
  hosts: all
  vars:
    datamodel_dir: "{{ playbook_dir }}/datamodel"
  connection: local
  gather_facts: false
  vars_files: ["{{ datamodel_dir }}/node-model.yml"]
  roles:
    - validate

- name: Perform automated validation and produce compliance report
  hosts: all
  connection: local
  vars:
    val_dir: "validate/files"
    debug_report_dir: "reports/debug"
    report_dir: "reports"
  tasks:
    - name: Ensure that no report files are present from previous runs
      file:
        path: "{{ report_dir }}"
        state: absent
      changed_when: false
      run_once: true
    - name: Recreate report directory
      file:
        path: "{{ report_dir }}"
        state: directory
      changed_when: false
      run_once: true
    - name: Ensure that no debug report files are present from previous runs
      file:
        path: "{{ debug_report_dir }}"
        state: absent
      changed_when: false
      run_once: true
    - name: Recreate debug report directory
      file:
        path: "{{ debug_report_dir }}"
        state: directory
      run_once: true
    - name: Use NAPALM to automatically validate configuration
      napalm_validate:
        hostname: "{{ inventory_hostname }}"
        username: "{{ username }}"
        dev_os: "{{ os }}"
        password: "{{ password }}"
        validation_file: "{{ val_dir }}/automated-validation.yml"
      register: val_results
      ignore_errors: true
    - name: Dump results to debug files
      delegate_to: localhost
      copy: >
        content="{{ val_results | to_nice_json }}"
          dest="{{ debug_report_dir }}/{{ inventory_hostname }}-Report.json"
    - name: Render Individual Summary Reports
      template:
        src: "templates/report-validation.j2"
        dest: "{{ report_dir }}/{{ inventory_hostname }}-Summary-Report.txt"
    - name: Remove old compiled summary report
      file:
        path: "{{ report_dir }}/All-Host-Validation-Report.txt"
        state: absent
      run_once: true
    - name: Compile Individual summary reports into single report
      assemble:
        src: "{{ report_dir }}"
        dest: "{{ report_dir }}/All-Host-Validation-Report.txt"
      run_once: true
    # Always display the successful compliance results
    - name: Display compliance results
      debug:
        var: val_results.compliance_report.complies
    # If a host fails compliance, fail the play and display the file to review
    - name: Compliance check failure
      fail:
        msg: >
              "{{ inventory_hostname }} failed compliance. Refer to the full
              report at {{ debug_report_dir }}/{{ inventory_hostname }}
              -Validation-Compliance-Report.json"
      when: not val_results.compliance_report.complies

This is the error message that I get (sorry for the horrible formatting)

fatal: [lab-nxos-01.lab.dfjt.local]: FAILED! => {
    "changed": false,
    "module_stderr": "/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\n/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/urllib3/connectionpool.py:1004: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings\n  InsecureRequestWarning,\nTraceback (most recent call last):\n  File \"/Users/danielteycheney/.ansible/tmp/ansible-local-35041493clw_f/ansible-tmp-1575228315.08892-15840563162134/AnsiballZ_napalm_validate.py\", line 114, in <module>\n    _ansiballz_main()\n  File \"/Users/danielteycheney/.ansible/tmp/ansible-local-35041493clw_f/ansible-tmp-1575228315.08892-15840563162134/AnsiballZ_napalm_validate.py\", line 106, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/Users/danielteycheney/.ansible/tmp/ansible-local-35041493clw_f/ansible-tmp-1575228315.08892-15840563162134/AnsiballZ_napalm_validate.py\", line 49, in invoke_module\n    imp.load_module('__main__', mod, module, MOD_DESC)\n  File \"/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/imp.py\", line 235, in load_module\n    return load_source(name, filename, file)\n  File \"/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/imp.py\", line 170, in load_source\n    module = _exec(spec, sys.modules[name])\n  File \"<frozen importlib._bootstrap>\", line 618, in _exec\n  File \"<frozen importlib._bootstrap_external>\", line 678, in exec_module\n  File \"<frozen importlib._bootstrap>\", line 219, in _call_with_frames_removed\n  File \"/var/folders/pf/vg3mmfz95qn9wkw3j0pbl52c0000gn/T/ansible_napalm_validate_payload_ctf0o0wl/__main__.py\", line 260, in <module>\n  File \"/var/folders/pf/vg3mmfz95qn9wkw3j0pbl52c0000gn/T/ansible_napalm_validate_payload_ctf0o0wl/__main__.py\", line 239, in main\n  File \"/var/folders/pf/vg3mmfz95qn9wkw3j0pbl52c0000gn/T/ansible_napalm_validate_payload_ctf0o0wl/__main__.py\", line 139, in get_compliance_report\n  File \"/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/napalm/base/base.py\", line 1676, in compliance_report\n    self, validation_file=validation_file, validation_source=validation_source\n  File \"/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/napalm/base/validate.py\", line 204, in compliance_report\n    actual_results = getattr(cls, getter)(**kwargs)\n  File \"/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/napalm/nxos/nxos.py\", line 1127, in get_interfaces_ip\n    ipv6_command, \"TABLE_intf\", \"ROW_intf\"\n  File \"/Users/danielteycheney/Documents/Networking/Python/ansible-meetup-demo/venv/lib/python3.6/site-packages/napalm/nxos/nxos.py\", line 639, in _get_command_table\n    json_output = json.loads(json_output)\n  File \"/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/json/__init__.py\", line 348, in loads\n    'not {!r}'.format(s.__class__.__name__))\nTypeError: the JSON object must be str, bytes or bytearray, not 'NoneType'\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}

Cheers, Daniel

writememe commented 4 years ago

I'm going to close out this issue as it's resolved in the napalm core itself (https://github.com/napalm-automation/napalm/issues/1097)