junipersid
08-04-2019 16:23
junipersid
08-05-2019 14:46
junipersid
08-12-2019 16:32
wend2357
11-13-2019 08:08
Hello Experts,
I am trying to set up my first ansible lab to test automation. I am facing difficulties when I run my ansible-playbook.
This is my playbook code
-
name
:
Simple junos commands
hosts
:
junos-all
connection
:
local
gather_facts
:
no
roles
:
-
Juniper.junos
tasks
:
-
name
:
Execute single "show version" command.
juniper_junos_command
:
commands
:
"show version"
register
:
response
-
name
:
Print the command output
debug
:
var
:
response.stdout
MacBook-Pro:Ansible project deepansiddarthan$ ansible-playbook Simple.yml
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note
that the implicit localhost does not match 'all'
[WARNING]: Could not match supplied host pattern, ignoring: junos-all
PLAY [Simple junos commands] ***************************************************
skipping: no hosts matched
PLAY RECAP *********************************************************************
I understand that I have to create an Inventory file. Should it be in the same folder as my playbook that I am running? Does it search only in this folder. Should the inventory file be named inventory ?.
I would really appreciate if someone could correct me on my inventory file, any samples would very helpful.
Let's say the Junos device IP is 192.168.2.11, where do I specify the login methods for username and password.
hosts
:
junos-all
:
ansible_port
:
22
ansible_host
:
192.168.2.11
Any inputs or a better way of representing the inventory file will be highly appreciated.
So many different ways to define ansible inventory, json, ini, yaml, dynamic, static etc. Here's a straightforward approach, hope that this helps.
inventory.ini
[all:children]
routers
switches
firewalls
[routers]
mx01 ansible_ssh_host=192.168.0.1
mx02 ansible_ssh_host=192.168.0.2
[firewalls]
srx01 ansible_ssh_host=192.168.0.11
srx02 ansible_ssh_host=192.168.0.12
[switches]
qfx01 ansible_ssh_host=192.168.0.21
qfx02 ansible_ssh_host=192.168.0.22
so the above, has 4 groups defined, all, routers, firewalls and switches. You can see that the group "all" is defined so that it will inherit the children from each of the defined groups. Of course you can create your own groupings, or not even have them, but you can see an approach in this example at least.
I've assigned the IP address for each host using the ansible_ssh_host variable, but once again IP addresses could be defined using any variable and then just provide the appropriate substitution when needed.
For device credentials, I'd stick them in a vault for security, but the yaml equivalent would be something like the following:
credentials:
host: "{{ ansible_host }}"
username: autouser
ssh_keyfile: /var/project/ssh_private_key/id_auto_user
port: 22
timeout: 180
So in this example above I'm pointing to a SSH keyfile for authentication, but it could be a "password" too.
Finally, when you create your playbook/role, then you will need to reference those credentials for the provider, e.g.
- name: Gather facts
juniper_junos_facts:
provider: "{{ credentials }}"
register: junos
Not sure if this is enough detail for you to progress further, if you're still blocked, then please shout again and I'll see what I can do to assist.
Regards,
- name: Execute single "show version" command.
juniper_junos_command:
commands: "show version"
register: response
- name: Print the command output
debug:
var: response.stdout
My inventory.ini
[all:children]
routers
switches
firewalls
[routers]
mx01 ansible_ssh_host=192.168.1.1
mx02 ansible_ssh_host=192.168.0.2
[firewalls]
srx01 ansible_ssh_host=192.168.0.11
srx02 ansible_ssh_host=192.168.0.12
[switches]
lab ansible_ssh_host=192.168.2.10
When I try to run the playbook, I get error messages
PLAY [Simple junos commands] ***************************************************
TASK [Execute single "show version" command.] **********************************
[WARNING]: Platform darwin on host lab is using the discovered Python
interpreter at /usr/bin/python, but future installation of another Python
interpreter could change this. See
https://docs.ansible.com/ansible/2.8/referen
ce_appendices/interpreter_discovery.html for more information.
fatal: [lab]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "msg": "junos-eznc (aka PyEZ) >= 2.1.7 is required for this module. However, junos-eznc does not appear to be currently installed. See
https://github.com/Juniper/py-junos-eznc#installation
for details on installing junos-eznc."}
However, I already have it installed
Successfully installed bcrypt-3.1.7 junos-eznc-2.2.1 lxml-4.4.0 ncclient-0.6.6 netaddr-0.7.19 paramiko-2.6.0 pynacl-1.3.0 pyserial-3.4 scp-0.13.2 selectors2-2.0.1.
I don't know what am I missing. I would really appreciate your suggestion. I could also show my lab environment over a remote web session which would be a great help.
Could you provide the following output for:
pip list
ansible --version
ansible-galaxy list
cat ansible.cfg
# pip list
Package Version
---------------------------- -------------------
ansible 2.7.0
asn1crypto 0.24.0
backports.ssl-match-hostname 3.5.0.1
bcrypt 3.1.4
beautifulsoup4 4.6.0
bs4 0.0.1
certifi 2019.3.9
cffi 1.11.5
chardet 3.0.4
colorama 0.3.9
configparser 3.5.0
CouchDB 1.2
cryptography 2.3.1
docker 2.4.2
docker-py 1.10.6
docker-pycreds 0.3.0
enum34 1.1.6
future 0.16.0
icdiff 1.9.1
idna 2.8
ipaddress 1.0.22
Jinja2 2.10
jsnapy 1.3.2
junos-eznc 2.2.0
junos-netconify 1.0.2
jxmlease 1.0.1
lxml 3.8.0
MarkupSafe 1.0
ncclient 0.6.3
netaddr 0.7.19
paramiko 2.4.2
pip 18.1
pyasn1 0.4.4
pycparser 2.19
PyNaCl 1.3.0
pynetbox 4.0.6
pyparsing 2.2.2
pyserial 3.4
python-gitlab 0.21.2
PyYAML 3.13
requests 2.21.0
scp 0.11.0
selectors2 2.0.1
setuptools 33.1.1.post20171031
six 1.12.0
urllib3 1.24.1
websocket-client 0.53.0
You are using pip version 18.1, however version 19.2.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
# ansible --version
ansible 2.7.0
config file = None
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15 (default, Aug 22 2018, 13:24:18) [GCC 6.4.0]
# ansible-galaxy list
- Juniper.junos, 2.1.0
# cat ansible.cfg
Many thanks.
Thank you for your reply. Here is the output
Deepans-MacBook-Pro:Ansible project deepansiddarthan$ pip list
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Package Version
------------------ -------
ansible 2.8.3
ansible-lint 4.1.0
asn1crypto 0.24.0
bcrypt 3.1.7
cffi 1.12.3
cryptography 2.7
enum34 1.1.6
ipaddress 1.0.22
Jinja2 2.10.1
junos-eznc 2.2.1
lxml 4.4.0
MarkupSafe 1.1.1
ncclient 0.6.6
netaddr 0.7.19
paramiko 2.6.0
pip 19.2.1
pycparser 2.19
PyNaCl 1.3.0
pyserial 3.4
PyYAML 5.1.2
ruamel.ordereddict 0.4.14
ruamel.yaml 0.16.0
ruamel.yaml.clib 0.1.0
scp 0.13.2
selectors2 2.0.1
setuptools 41.0.1
six 1.12.0
wheel 0.33.4
WARNING: You are using pip version 19.2.1, however version 19.2.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Deepans-MacBook-Pro:Ansible project deepansiddarthan$ ansible --version
ansible 2.8.3
config file = None
configured module search path = [u'/Users/deepansiddarthan/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python2.7/site-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.16 (default, Jun 19 2019, 07:40:37) [GCC 4.2.1 Compatible Apple LLVM 10.0.1 (clang-1001.0.46.4)]
Deepans-MacBook-Pro:Ansible project deepansiddarthan$ ansible-galaxy list
ERROR! Unexpected Exception, this is probably a bug: [Errno 13] Permission denied: '/Users/deepansiddarthan/.ansible_galaxy'
to see the full traceback, use -vvv
Deepans-MacBook-Pro:Ansible project deepansiddarthan$ sudo ansible-galaxy list
Password:
# /Users/deepansiddarthan/.ansible/roles
- Juniper.junos, 2.1.0
[WARNING]: - the configured path /usr/share/ansible/roles does not exist.
[WARNING]: - the configured path /etc/ansible/roles does not exist.
Deepans-MacBook-Pro:Ansible project deepansiddarthan$ cat ansible.cfg
cat: ansible.cfg: No such file or directory
