TechQA.

Handling Ansible prompt validation with netcommon.cli

30 views Asked by At

I'm currently fighting with some Aruba switch and Ansible. Aruba Ansible module is quite poor unfortunately but I have to deal with that and find a workaround.

I'm working on a playbook and tasks to enable then configure snmpv3 on those switches.

To better understand my issue, first I must explain how it's configured manually :

  1. go to conf t mode
  2. launch snmpv3 enable command
  3. It starts a workflow (yes, you can't configure it another way...) that asks authentication password + privacy password. Those 2 prompts needs to be validated with Enter key.
  4. Then another 2 prompts "Would you like to create a user that uses SHA? [y/n]" & "Would you like to restrict SNMPv1 and SNMPv2c messages to have read only access (you can set this later by the command 'snmpv3 restricted-access')? [y/n]" where I press 'n' EXCEPT, pressing a key automatically validate your choice (so no need to enter) and here's my pain.
aruba-switch# conf t
aruba-switch(config)# snmpv3 enable
SNMPv3 Initialization process.
Creating user 'initial'
Authentication Protocol: MD5
Enter authentication password: ********* <= This need keyboard input + enter validation
Privacy protocol is DES
Enter privacy password: ********* <= This need keyboard input + enter validation
User 'initial' has been created
Would you like to create a user that uses SHA? [y/n] n <= This is "automatically" validated when y/n is pressed
User creation is done. SNMPv3 is now functional.
Would you like to restrict SNMPv1 and SNMPv2c messages to have read only
access (you can set this later by the command 'snmpv3 restricted-access')? [y/n] n <= This is "automatically" validated when y/n is pressed
aruba-switch(config)#

From an Ansible perspective, here's how I translate all of that :

---
- name: enable-snmpv3-aruba-switch
  hosts: all
  become: true
  become_method: enable

  vars:
    ansible_connection: ansible.netcommon.network_cli
    ansible_network_os: arubanetworks.aos_switch.arubaoss
    ansible_user: my_account
    ansible_password: my_password

  tasks:
  - name: Enable SNMPv3
    ansible.netcommon.cli_command:
      command: '{{ item }}'
      check_all: True
      prompt:
        - "Enter authentication password:"
        - "Enter privacy password:"
        - "Would you like to create a user that uses SHA? [y/n]"
        - "Would you like to restrict SNMPv1 and SNMPv2c messages to have read only access (you can set this later by the command 'snmpv3 restricted-access')? [y/n]"
      answer:
        - "123456789"
        - "123456789"
        - "n"
        - "n"
    loop:
    - configure
    - snmpv3 enable

Here's my issue : On the prompt parameters, the first 2 prompts are alright, but it seems the 2 last "Would you like to..." aren't validated, I mean, ansible doesn't receive any return from this task and the task fails due to a timeout (i tried 30,60 and 120sec timeout to be sure )

It's seems very tricky but is there any possibility to say I want my prompt answers to press OR not press enter ?

Thanks a lot for reading

Gael

[EDIT] Here's a sample of debug trace where prompt command are sent:

2024-03-07 11:51:12,658 p=321809 u=si n=ansible | send command: b'configure terminal\r'
2024-03-07 11:51:12,658 p=321809 u=si n=ansible | command: b'configure terminal'
2024-03-07 11:51:12,658 p=321809 u=si n=ansible | response-1: b'\x1b[24;15Hconfigure \x1b[24;15H\x1b[?25h\x1b[24;25H\x1b[24;25Hterminal\x1b[24;25H\x1b[?25h\x1b[24;33H\x1b[1;0H\x1b[1M\x1b[24;1H\x1b[1L\x1b[24;33H\x1b[24;1H\x1b[2K\x1b[24;1H\x1b[?25h\x1b[24;1H\x1b[1;24r\x1b[24;1H\x1b[1;24r\x1b[24;1H\x1b[24;1H\x1b[2K\x1b[24;1H\x1b[?25h\x1b[24;1H\x1b[24;1Hmy_switch(config)# \x1b[24;1H\x1b[24;23H\x1b[24;1H\x1b[?25h\x1b[24;23H'
2024-03-07 11:51:12,660 p=321809 u=si n=ansible | matched cli prompt 'b'terminalmy_switch(config)# '' with regex 'b'[\\r\\n]?[\\w]*\\(.+\\)\\s*[\\^\\*]?(?:\\[.+\\])? ?#(?:\\s*)$'' from response 'b'configure terminalmy_switch(config)# ''
2024-03-07 11:51:12,660 p=321818 u=si n=ansible | jsonrpc request: b'{"jsonrpc": "2.0", "method": "get", "id": "0f6a88ca-13bf-4e98-aee6-23194c7d1cc5", "params": [[], {"command": "snmpv3 enable", "check_all": true, "prompt": ["Enter authentication password*", "Enter privacy password*", "Would you like to create a user*", "Would you like to restrict SNMPv1 and SNMPv2c messages to have read only access*"], "answer": ["123456789", "123456789", "n", "n"], "newline": true, "sendonly": false}]}'
2024-03-07 11:51:42,660 p=321818 u=si n=ansible | command timeout triggered, timeout value is 30 secs.
See the timeout setting options in the Network Debug and Troubleshooting Guide.
parsing ansible prompt switching
Original Q&A
0

There are 0 answers

Related Questions in PARSING

Related Questions in ANSIBLE

Related Questions in PROMPT

Related Questions in SWITCHING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions