Join Log in
Score:1
abdo_ch avatar Server

Ansible Ad-Hoc command - raw module not working on Cisco IOS devices

us flag
abdo_ch

trying to use Ad Hoc commands on both my Cisco ios Router and Switch with the -m raw Module. But getting the following error instead.

$ansible -i inventory_file02.ini netgrp -m raw -a "show version" -u abdo -K

Error====

BECOME password: 
R1 | FAILED | rc=127 >>
/bin/sh: 1: show: not found
non-zero return code
SW1 | FAILED | rc=127 >>
/bin/sh: 1: show: not found
non-zero return code

Inventory file=====

R1 ansible_host=192.168.20.1
SW1 ansible_host=192.168.10.2

[netgrp]
R1
SW1

group_vars/netgrp.yml===

---
ansible_connection: network_cli
ansible_network_os: ios
ansible_user: abdo
absible_password: kali/abdo
ansible_become: yes
ansible_become_method: enable
ansible_ssh_pass: kali/abdo

$ ansible -i inventory_file02.ini netgrp -m raw -a "show version" -u abdo -kK -vvv

ansible [core 2.12.6]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/kali/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.10/dist-packages/ansible
  ansible collection location = /home/kali/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.10.4 (main, Mar 24 2022, 13:07:27) [GCC 11.2.0]
  jinja version = 3.0.3
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
SSH password: 
BECOME password[defaults to SSH password]: 
host_list declined parsing /home/kali/ansible_play01/net_play02/inventory_file02.ini as it did not pass its verify_file() method                                                                                                        
script declined parsing /home/kali/ansible_play01/net_play02/inventory_file02.ini as it did not pass its verify_file() method                                                                                                           
auto declined parsing /home/kali/ansible_play01/net_play02/inventory_file02.ini as it did not pass its verify_file() method                                                                                                             
yaml declined parsing /home/kali/ansible_play01/net_play02/inventory_file02.ini as it did not pass its verify_file() method                                                                                                             
Parsed /home/kali/ansible_play01/net_play02/inventory_file02.ini inventory source with ini plugin
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
META: ran handlers
redirecting (type: connection) ansible.builtin.network_cli to ansible.netcommon.network_cli
redirecting (type: connection) ansible.builtin.network_cli to ansible.netcommon.network_cli
redirecting (type: terminal) ansible.builtin.ios to cisco.ios.ios
redirecting (type: cliconf) ansible.builtin.ios to cisco.ios.ios
redirecting (type: terminal) ansible.builtin.ios to cisco.ios.ios
redirecting (type: become) ansible.builtin.enable to ansible.netcommon.enable
redirecting (type: cliconf) ansible.builtin.ios to cisco.ios.ios
redirecting (type: become) ansible.builtin.enable to ansible.netcommon.enable
<192.168.10.2> ESTABLISH LOCAL CONNECTION FOR USER: kali
<192.168.10.2> EXEC show version
<192.168.20.1> ESTABLISH LOCAL CONNECTION FOR USER: kali
<192.168.20.1> EXEC show version
SW1 | FAILED | rc=127 >>
/bin/sh: 1: show: not found
non-zero return code
R1 | FAILED | rc=127 >>
/bin/sh: 1: show: not found
non-zero return code
9
0 + 0
Score:0
John Mahowald avatar Server
cn flag
John Mahowald

ESTABLISH LOCAL CONNECTION is not a -vvv message I would expect, the local connection plugin just execs commands on localhost. Note the /bin/sh shell, not something found on IOS. For network_cli, I would expect LOCAL to instead be PARAMIKO or LIBSSH. (Years ago network devices used local connection plugin plus module parameters, but this is long obsolete by actual connection plugins.)

Network troubleshooting guide suggests it could be just ESTABLISH CONNECTION. But that could be outdated; modern connection plugins by convention include their name.

So your connection variables are consistent with how to configure connections to IOS, but they may not be applying correctly. Which you put in group_vars, which is a fine choice. However, I think defining hosts R1 and SW1 twice is causing problems.

Keeping your ini format inventory, delete the hosts outside the group but keep the host variables:

[netgrp]
R1 ansible_host=192.168.20.1
SW1 ansible_host=192.168.10.2

Vars can be defined almost anywhere. Try defining these in other places, to see what works, and what feels natural. For example, there is syntax for defining group level vars in inventory which could replace your use of group_vars for connection details.

[netgrp:vars]
ansible_connection=network_cli
ansible_network_os=ios
ansible_user=abdo
ansible_become_method=enable
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.