ansible - cisco IOS和“reload”命令

yacmzcpb  于 2023-01-14  发布在  iOS
关注(0)|答案(6)|浏览(113)

我想向Cisco IOS发送命令"reload in",但需要按如下方式确认该特定命令:

#reload in 30
Reload scheduled in 30 minutes by admin on vty0 (192.168.253.15)
Proceed with reload? [confirm]

它的semms像ios_command模块不处理这种情况.我的配置:

tasks:
   - name: do reload in case of "catting off"
     ios_command:
      commands: reload in 30
      commands: y
      provider: "{{ cli }}"

行动手册的回应:

TASK [do reload in case of "catting off"] **************************************
    task path: /etc/ansible/test1.yml:14
    <192.168.0.33> ESTABLISH LOCAL CONNECTION FOR USER: root
    <192.168.0.33> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1476454008.17-103724241654271 `" && echo ansible-tmp-1476454008.17-103724241654271="` echo $HOME/.ansible/tmp/ansible-tmp-1476454008.17-103724241654271 `" ) && sleep 0'
    <192.168.0.33> PUT /tmp/tmpAJiZR2 TO /root/.ansible/tmp/ansible-tmp-1476454008.17-103724241654271/ios_command
    <192.168.0.33> EXEC /bin/sh -c 'LANG=pl_PL.UTF-8 LC_ALL=pl_PL.UTF-8 LC_MESSAGES=pl_PL.UTF-8 /usr/bin/python /root/.ansible/tmp/ansible-tmp-1476454008.17-103724241654271/ios_command; rm -rf "/root/.ansible/tmp/ansible-tmp-1476454008.17-103724241654271/" > /dev/null 2>&1 && sleep 0'
    fatal: [192.168.0.33]: FAILED! => {"changed": false, "commands": ["y"], "failed": true, "invocation": {"module_args": {"auth_pass": null, "authorize": false, "commands": ["y"], "host": "192.168.0.33", "interval": 1, "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", "port": 22, "provider": "{'username': 'admin', 'host': '192.168.0.33', 'password': '********'}", "retries": 10, "ssh_keyfile": null, "timeout": 10, "username": "admin", "waitfor": null}, "module_name": "ios_command"}, "msg": "matched error in response: y\r\n                   ^\r\n% Invalid input detected at '^' marker.\r\n\r\nsw7.test.lab#"}

我该怎么办?
更新日期:
如果我尝试在YAML文件中使用expect模块,如下所示:

name: some tests
  hosts: sw-test
  gather_facts: False
#  connection: local

  tasks:
  - name: do reload in case of "catting off"
    expect:
     command: reload in 30
     responses:
      'Reload scheduled in 30 minutes by admin on vty0 (192.168.253.20)\nProceed with reload? \[confirm\]' : y
     echo: yes

但是连接有一个问题:

oot@Kali:/etc/ansible# ansible-playbook test3 -u admin -k -vvvv 
Using /etc/ansible/ansible.cfg as config file
SSH password: 
Loaded callback default of type stdout, v2.0

PLAYBOOK: test3 ****************************************************************
1 plays in test3

PLAY [some tests] **************************************************************

TASK [do reload in case of "catting off"] **************************************
task path: /etc/ansible/test3:9
<192.168.0.33> ESTABLISH SSH CONNECTION FOR USER: admin
<192.168.0.33> SSH: EXEC sshpass -d12 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.0.33 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1476882070.37-92402455055985 `" && echo ansible-tmp-1476882070.37-92402455055985="` echo $HOME/.ansible/tmp/ansible-tmp-1476882070.37-92402455055985 `" ) && sleep 0'"'"''
<192.168.0.33> PUT /tmp/tmp30wGsF TO "` echo $HOME/.ansible/tmp/ansible-tmp-1476882070.37-92402455055985 `" ) && sleep 0'"/expect
<192.168.0.33> SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r '[192.168.0.33]'
fatal: [192.168.0.33]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh", "unreachable": true}
    to retry, use: --limit @/etc/ansible/test3.retry

PLAY RECAP *********************************************************************
192.168.0.33               : ok=0    changed=0    unreachable=1    failed=0   

root@Kali:/etc/ansible# ansible-playbook test3 -u admin -k -vvvv -c ssh
Using /etc/ansible/ansible.cfg as config file
SSH password: 
Loaded callback default of type stdout, v2.0

PLAYBOOK: test3 ****************************************************************
1 plays in test3

PLAY [some tests] **************************************************************

TASK [do reload in case of "catting off"] **************************************
task path: /etc/ansible/test3:9
<192.168.0.33> ESTABLISH SSH CONNECTION FOR USER: admin
<192.168.0.33> SSH: EXEC sshpass -d12 ssh -C -vvv -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r 192.168.0.33 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1476882145.78-139203779538157 `" && echo ansible-tmp-1476882145.78-139203779538157="` echo $HOME/.ansible/tmp/ansible-tmp-1476882145.78-139203779538157 `" ) && sleep 0'"'"''
<192.168.0.33> PUT /tmp/tmpY5qqyW TO "` echo $HOME/.ansible/tmp/ansible-tmp-1476882145.78-139203779538157 `" ) && sleep 0'"/expect
<192.168.0.33> SSH: EXEC sshpass -d12 sftp -o BatchMode=no -b - -C -vvv -o 

ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o User=admin -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/ansible-ssh-%h-%p-%r '[192.168.0.33]'
    fatal: [192.168.0.33]: UNREACHABLE! => {"changed": false, "msg": "SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh", "unreachable": true}
        to retry, use: --limit @/etc/ansible/test3.retry

    PLAY RECAP *********************************************************************
    192.168.0.33               : ok=0    changed=0    unreachable=1    failed=0   

root@Kali:/etc/ansible# ansible-playbook test3 -u admin -k -vvvv -c local
Using /etc/ansible/ansible.cfg as config file
SSH password: 
Loaded callback default of type stdout, v2.0

PLAYBOOK: test3 ****************************************************************
1 plays in test3

PLAY [some tests] **************************************************************

TASK [do reload in case of "catting off"] **************************************
task path: /etc/ansible/test3:9
<192.168.0.33> ESTABLISH LOCAL CONNECTION FOR USER: root
<192.168.0.33> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809 `" && echo ansible-tmp-1476882426.62-172601217553809="` echo $HOME/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809 `" ) && sleep 0'
<192.168.0.33> PUT /tmp/tmpdq1pYy TO /root/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809/expect
<192.168.0.33> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809/ /root/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809/expect && sleep 0'
<192.168.0.33> EXEC /bin/sh -c 'LANG=pl_PL.UTF-8 LC_ALL=pl_PL.UTF-8 LC_MESSAGES=pl_PL.UTF-8 /usr/bin/python /root/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809/expect; rm -rf "/root/.ansible/tmp/ansible-tmp-1476882426.62-172601217553809/" > /dev/null 2>&1 && sleep 0'
fatal: [192.168.0.33]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_args": {"chdir": null, "command": "reload in 30", "creates": null, "echo": true, "removes": null, "responses": {"Reload scheduled in 30 minutes by admin on vty0 (192.168.253.20)\\nProceed with reload? \\[confirm\\]": "y"}, "timeout": 30}, "module_name": "expect"}, "msg": "The command was not found or was not executable: reload."}

NO MORE HOSTS LEFT *************************************************************
    to retry, use: --limit @/etc/ansible/test3.retry

PLAY RECAP *********************************************************************
192.168.0.33               : ok=0    changed=0    unreachable=0    failed=1

更新
我已经安装了ansible 2.3,并尝试如下:

tasks:
    - name: do reload in case of "catting off"
      ios_command:
       commands:
        - reload in 30
        - y
       wait_for:
       - result[0] contains "Proceed with reload"
       provider: "{{ cli }}"

但是,我仍然得到了一个错误。我认为这是因为ios模块总是等待promt作为响应。另外,按"y"后,重新加载命令的确认没有"回车",所以这可能是另一个问题。

$ sudo  ansible-playbook test1.yml -vvvv
    Using /etc/ansible/ansible.cfg as config file
    Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python2.7/dist-packages/ansible/plugins/callback/__init__.pyc

    PLAYBOOK: test1.yml ************************************************************
    1 plays in test1.yml

    PLAY [testowe dzialania] *******************************************************

    TASK [do reload in case of "catting off"] **************************************
    task path: /home/user1/test1.yml:13
    Using module file /usr/local/lib/python2.7/dist-packages/ansible/modules/core/network/ios/ios_command.py
    <192.168.0.33> ESTABLISH LOCAL CONNECTION FOR USER: root
    <192.168.0.33> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324 `" && echo ansible-tmp-1477557527.56-157304653717324="` echo $HOME/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324 `" ) && sleep 0'
    <192.168.0.33> PUT /tmp/tmphf8EWO TO /home/mszczesniak/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324/ios_command.py
    <192.168.0.33> EXEC /bin/sh -c 'chmod u+x /home/mszczesniak/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324/ /home/mszczesniak/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324/ios_command.py && sleep 0'
    <192.168.0.33> EXEC /bin/sh -c '/usr/bin/python /home/mszczesniak/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324/ios_command.py; rm -rf "/home/user1/.ansible/tmp/ansible-tmp-1477557527.56-157304653717324/" > /dev/null 2>&1 && sleep 0'
    fatal: [192.168.0.33]: FAILED! => {
        "changed": false,
        "failed": true,
        "invocation": {
            "module_args": {
                "auth_pass": null,
                "authorize": false,
                "commands": [
                    "reload in 30",
                    "y"
                ],
                "host": "192.168.0.33",
                "interval": 1,
                "match": "all",
                "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "port": null,
                "provider": {
                    "host": "192.168.0.33",
                    "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                    "username": "admin"
                },
                "retries": 10,
                "ssh_keyfile": null,
                "timeout": 10,
                "transport": null,
                "use_ssl": true,
                "username": "admin",
                "validate_certs": true,
                "wait_for": [
                    "result[0] contains \"Proceed with reload\""
                ]
            },
            "module_name": "ios_command"
        },
        "msg": "timeout trying to send command: reload in 30\r"
    }
            to retry, use: --limit @/home/user1/test1.retry

    PLAY RECAP *********************************************************************
    192.168.0.33               : ok=0    changed=0    unreachable=0    failed=1

有人知道如何在ansible中解决这个问题吗?唯一的方法可能是使用纯python脚本或编写自己的ansible模块?

cotxawn7

cotxawn71#

您可以使用:

- name: reload device
  ios_command:
    commands:
      - "reload in 1\ny"
    provider: "{{ cli }}"

这将在1分钟内重新加载设备,并接受重新加载提示。它对Ansible效果很好,因为iOS的默认提示将回来(重新加载将在1分钟内触发)。
问候你西蒙

pb3skfrl

pb3skfrl2#

ios_command模块的commands参数需要YAML的命令列表。但在提供的代码示例中,commands参数设置了多次。请尝试执行ios_command任务,如下所示:

- name: do reload in case of "catting off"
  ios_command:
    commands:
      - reload in 30
      - y
  provider: "{{ cli }}"
tkclm6bt

tkclm6bt3#

仅适用于Ansible 2.2

您可以使用以下内容:

- name: send reload command inc confirmation
    ios_command:
      commands: 
        - reload in 30
        - y
      wait_for: 
        - result[0] contains "Proceed with reload" 
      provider: "{{ cli }}"

未测试,但与ios_command模块的上一个示例相似。
不过要小心Ansible 2.2,它还没有发布,新版本的Ansible可能会有显著的回归。
Ansible 2.0+包括expect module,但它需要远程设备上的Python,因此它不能在IOS或类似设备上工作。

k97glaaz

k97glaaz4#

看起来最简单的方法是使用“raw”模块向设备发送原始SSH命令。
这避免了必须使用expect和必须使用ios_command模块。
原始模块将运行命令,而不关心设备的响应或提示。

wz1wpwve

wz1wpwve5#

下面是我在ansible-playbook 2.9.0和Python 3.7中使用的。请注意,在- command行中,确保使用双引号"而不是单引号'。不要忘记在命令末尾放置\n

- name: Reloading switch using ios_command.
      ios_command:
        commands: 
          - command: "reload\n"
            prompt: 'Proceed with reload? [confirm]'
            answer: "\r"
xxb16uws

xxb16uws6#

我有类似的问题。需要重新加载Cisco设备,然后得到提示:
1.保存?
1.[确认]
如何正确回答这个问题?

  • 名称:如果不在线,将在1分钟内重新加载cisco.ios.ios_命令:命令:-命令:重新加载1提示:'系统配置已修改。是否保存?[是/否]:'答案:“n”回答:“y”

相关问题