Closed grahamneville closed 6 years ago
Hi @grahamneville , Try also upgrading hconfig-remediation-ansible
in conjunction with 1.4.1
.
Hi @jtdub , I'm using the very latest library file: https://raw.githubusercontent.com/netdevops/hconfig-remediation-ansible/master/library/hconfig_remediation.py, with hier-config 1.4.1.
If I downgrade to 1.4.0 it works with the very same library file, as soon as I go up to 1.4.1 it errors.
I'm pretty sure that you're not using the latest version of hconfig-remediation-ansible
, based on the traceback. I updated it right after hier_config 1.4.1
was released.
MPW1BSDV30:hconfig-remediation-ansible $ ls
LICENSE README.md env example library roles
MPW1BSDV30:hconfig-remediation-ansible $ git branch
* codefactor-fixes
master
MPW1BSDV30:hconfig-remediation-ansible $ git checkout master
Switched to branch 'master'
MPW1BSDV30:hconfig-remediation-ansible $ git pull upstream master
remote: Counting objects: 1, done.
remote: Total 1 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (1/1), done.
From github.com:netdevops/hconfig-remediation-ansible
* branch master -> FETCH_HEAD
5704620..5d10a12 master -> upstream/master
Updating 5704620..5d10a12
Fast-forward
README.md | 2 ++
library/hconfig_remediation.py | 20 ++++++++++----------
2 files changed, 12 insertions(+), 10 deletions(-)
MPW1BSDV30:hconfig-remediation-ansible $ rm env
rm: env: is a directory
MPW1BSDV30:hconfig-remediation-ansible $ rm -rf env
MPW1BSDV30:hconfig-remediation-ansible $ virtualenv env
New python executable in /Users/<>/Documents/code/hconfig-remediation-ansible/env/bin/python
Installing setuptools, pip, wheel...done.
MPW1BSDV30:hconfig-remediation-ansible $ source env/bin/activate
(env) MPW1BSDV30:hconfig-remediation-ansible $ pip install hier_config ansible
Collecting hier_config
Collecting ansible
Downloading https://files.pythonhosted.org/packages/93/53/925881db1049134679908698115752ad0b0fe95c82b3055a632476cd3687/ansible-2.5.5.tar.gz (10.2MB)
100% |████████████████████████████████| 10.2MB 746kB/s
Collecting PyYAML>=3.12 (from hier_config)
Collecting jinja2 (from ansible)
Using cached https://files.pythonhosted.org/packages/7f/ff/ae64bacdfc95f27a016a7bed8e8686763ba4d277a78ca76f32659220a731/Jinja2-2.10-py2.py3-none-any.whl
Collecting paramiko (from ansible)
Using cached https://files.pythonhosted.org/packages/3e/db/cb7b6656e0e7387637ce850689084dc0b94b44df31cc52e5fc5c2c4fd2c1/paramiko-2.4.1-py2.py3-none-any.whl
Collecting cryptography (from ansible)
Using cached https://files.pythonhosted.org/packages/58/c1/23bea66007d4be75ce02056fac665f9a207535e89fb3c7931420fa4a5f57/cryptography-2.2.2-cp27-cp27m-macosx_10_6_intel.whl
Requirement already satisfied: setuptools in ./env/lib/python2.7/site-packages (from ansible) (39.2.0)
Collecting MarkupSafe>=0.23 (from jinja2->ansible)
Collecting pyasn1>=0.1.7 (from paramiko->ansible)
Using cached https://files.pythonhosted.org/packages/a0/70/2c27740f08e477499ce19eefe05dbcae6f19fdc49e9e82ce4768be0643b9/pyasn1-0.4.3-py2.py3-none-any.whl
Collecting bcrypt>=3.1.3 (from paramiko->ansible)
Using cached https://files.pythonhosted.org/packages/a1/9c/c89411a505dca5ae822a28c6de6946583ff8a1d5d9190292f301d28dcf85/bcrypt-3.1.4-cp27-cp27m-macosx_10_6_intel.whl
Collecting pynacl>=1.0.1 (from paramiko->ansible)
Using cached https://files.pythonhosted.org/packages/7b/b2/8588fb7665c8b4f6b46921ead952dcd28ec15ed66d686b4ae69d6f0aed3c/PyNaCl-1.2.1-cp27-cp27m-macosx_10_6_intel.whl
Collecting six>=1.4.1 (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/67/4b/141a581104b1f6397bfa78ac9d43d8ad29a7ca43ea90a2d863fe3056e86a/six-1.11.0-py2.py3-none-any.whl
Collecting cffi>=1.7; platform_python_implementation != "PyPy" (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/7e/4a/b647e46faaa2dcfb16069b6aad2d8509982fd63710a325b8ad7db80f18be/cffi-1.11.5-cp27-cp27m-macosx_10_6_intel.whl
Collecting enum34; python_version < "3" (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/c5/db/e56e6b4bbac7c4a06de1c50de6fe1ef3810018ae11732a50f15f62c7d050/enum34-1.1.6-py2-none-any.whl
Collecting idna>=2.1 (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/4b/2a/0276479a4b3caeb8a8c1af2f8e4355746a97fab05a372e4a2c6a6b876165/idna-2.7-py2.py3-none-any.whl
Collecting asn1crypto>=0.21.0 (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl
Collecting ipaddress; python_version < "3" (from cryptography->ansible)
Using cached https://files.pythonhosted.org/packages/fc/d0/7fc3a811e011d4b388be48a0e381db8d990042df54aa4ef4599a31d39853/ipaddress-1.0.22-py2.py3-none-any.whl
Collecting pycparser (from cffi>=1.7; platform_python_implementation != "PyPy"->cryptography->ansible)
Building wheels for collected packages: ansible
Running setup.py bdist_wheel for ansible ... done
Stored in directory: /Users/jame4848/Library/Caches/pip/wheels/3c/99/fc/e9a65e79ddc32c3b956dccb2aa085dc2b7a52fb76112f6fe47
Successfully built ansible
Installing collected packages: PyYAML, hier-config, MarkupSafe, jinja2, pyasn1, six, pycparser, cffi, bcrypt, enum34, idna, asn1crypto, ipaddress, cryptography, pynacl, paramiko, ansible
Successfully installed MarkupSafe-1.0 PyYAML-3.12 ansible-2.5.5 asn1crypto-0.24.0 bcrypt-3.1.4 cffi-1.11.5 cryptography-2.2.2 enum34-1.1.6 hier-config-1.4.1 idna-2.7 ipaddress-1.0.22 jinja2-2.10 paramiko-2.4.1 pyasn1-0.4.3 pycparser-2.18 pynacl-1.2.1 six-1.11.0
(env) MPW1BSDV30:hconfig-remediation-ansible $ python
Python 2.7.10 (default, Oct 6 2017, 22:29:07)
[GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.31)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from hier_config import __version__
>>> __version__
'1.4.1'
>>> ^D
(env) MPW1BSDV30:hconfig-remediation-ansible $ cd example/
(env) MPW1BSDV30:example $ ansible-playbook -i inventory test.pb.yml -v
No config file found; using defaults
PLAY [all] ********************************************************************************************************************
TASK [BUILD REMEDIATION CONFIG WITHOUT TAGS] **********************************************************************************
changed: [router1] => {"changed": true, "response": "ipv4 access-list vty\n permit ip host 10.4.1.9 any\n permit ip any 10.4.106.0 0.0.0.255\n permit ip 10.0.150.0 0.127.0.255 any\n permit ip 10.0.125.0 0.127.0.255 any\n permit ip 10.4.108.0 0.0.0.15 any\n permit ip host 10.4.126.56 any\n permit ip 10.0.255.64 0.127.0.31 any\n!\nrouter ospf 65000\n max-metric router-lsa summary-lsa external-lsa on-startup wait-for-bgp\n ispf\n log-adjacency-changes\n auto-cost reference-bandwidth 1000000\nrouter bgp 65000\n no neighbor RR-Client remote-as 65000\n no neighbor RR-Client update-source Loopback0\n no maximum-paths ibgp 16\n bgp log-neighbor-changes\n neighbor RR-CLIENT peer-group\n neighbor RR-CLIENT remote-as 65000\n neighbor RR-CLIENT update-source Loopback0\n neighbor 10.4.2.234 remote-as 65000\n neighbor 10.4.2.234 peer-group RR-CLIENT\n neighbor 10.4.2.234 description RR1B\n neighbor 10.4.2.235 remote-as 65000\n neighbor 10.4.2.235 peer-group RR-CLIENT\n neighbor 10.4.2.235 description RR1A\n !\n address-family ipv4\n no neighbor RR-Client soft-reconfiguration inbound\n neighbor RR-CLIENT soft-reconfiguration inbound\n neighbor 10.4.2.234 activate\n neighbor 10.4.2.235 activate\n maximum-paths ibgp 16\n no auto-summary\n no synchronization\n exit-address-family\n exit-address-family\n"}
TASK [BUILD REMEDIATION CONFIG WITH INCLUDE TAGS] *****************************************************************************
changed: [router1] => {"changed": true, "response": "ipv4 access-list vty\n permit ip host 10.4.1.9 any\n permit ip any 10.4.106.0 0.0.0.255\n permit ip 10.0.150.0 0.127.0.255 any\n permit ip 10.0.125.0 0.127.0.255 any\n permit ip 10.4.108.0 0.0.0.15 any\n permit ip host 10.4.126.56 any\n permit ip 10.0.255.64 0.127.0.31 any\nrouter bgp 65000\n neighbor RR-CLIENT peer-group\n neighbor RR-CLIENT remote-as 65000\n neighbor RR-CLIENT update-source Loopback0\n neighbor 10.4.2.234 remote-as 65000\n neighbor 10.4.2.234 peer-group RR-CLIENT\n neighbor 10.4.2.234 description RR1B\n neighbor 10.4.2.235 remote-as 65000\n neighbor 10.4.2.235 peer-group RR-CLIENT\n neighbor 10.4.2.235 description RR1A\n address-family ipv4\n neighbor RR-CLIENT soft-reconfiguration inbound\n neighbor 10.4.2.234 activate\n neighbor 10.4.2.235 activate\n maximum-paths ibgp 16\n no neighbor RR-Client soft-reconfiguration inbound\n exit-address-family\n no neighbor RR-Client remote-as 65000\n no neighbor RR-Client update-source Loopback0\n"}
TASK [BUILD REMEDIATION CONFIG WITH EXCLUDE TAGS] *****************************************************************************
changed: [router1] => {"changed": true, "response": "!\nrouter ospf 65000\n max-metric router-lsa summary-lsa external-lsa on-startup wait-for-bgp\n ispf\n log-adjacency-changes\n auto-cost reference-bandwidth 1000000\nrouter bgp 65000\n no maximum-paths ibgp 16\n bgp log-neighbor-changes\n !\n address-family ipv4\n no auto-summary\n no synchronization\n exit-address-family\n"}
PLAY RECAP ********************************************************************************************************************
router1 : ok=3 changed=3 unreachable=0 failed=0
(env) MPW1BSDV30:example $
Stratch that -- my virtualenv is in the wrong location.
I just pushed a patch in hconfig-remediation-ansible
: https://github.com/netdevops/hconfig-remediation-ansible/pull/8
Thanks @jtdub, confirmed that this works now.
Since going from hier-config 1.4.0 to 1.4.1 and using the very latest hconfig-remediation-ansible hier-config breaks with the following error:
Downgrading back to hier-config 1.4.0 everything works again. Looks like the codefactor_fixes broke things