Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

New version of netconify does not appear to be used

See original GitHub issue

I’ve been trying to get a NOOB functionality with Ansible-junos using junos_install_config. Ideally we open a console connection over SSH then establish a netconf session with, ‘xml-mode netconf need-trailer’ followed by the config sent over netconf. The key here is we are communicating over ssh to a server connected to the qfx switches serial console port.

When using ‘mode: telnet’ this actually works. However we obviously don’t want to connect to console servers over telnet passing sensitive information like root password hashes etc…

Most console servers I have used support SSH. So we look to the 'console: ’ method.

    - name: Push the generated config to the device.
      juniper_junos_config:
        file: "{{ ANSIBLE_PATH }}/files/generated/{{ ansible_hostname }}.set"
        console: --ssh=10.95.15.72,3002,neteng,Backup
        user: "{{ CONSOLE_USER }}"
        passwd: pw
        host: "{{ CONSOLE_HOST }}"
        logfile: /Users/crosson/Desktop/troubleshooting.log

I have the following task in a playbook. Notice the netconify command in the console section. This command fails.

The playbook fails with the following output.

TASK [Push the generated config to the device.] ***************************************************************************************************************************************************************************************
fatal: [tuk8as1.qa.skytap.com]: FAILED! => {"changed": false, "msg": "Unable to parse the console value (--ssh=10.95.15.72,3002,neteng,Backup). Error: unrecognized arguments: --ssh=10.95.15.72,3002,neteng,Backup"}

And yet the --shh arguments work on the command line with netconify.

netconify --ssh=10.95.15.72,3002,neteng,Backup
TTY:connecting to TTY:10.95.15.72:3002:neteng:Backup ...
TTY:logging in ...
TTY: OK ... starting NETCONF
logout:logging out ...

And I see the appropriate communication working over the console to the switch.

I assume that the module is using the older version of netconify, which to my extreme surprise, does not support the --ssh arg but does support telnet.

Is there a way I can get the module to use the latest netconify? Or is there something else that is causing this problem? Perhaps, hopefully, I have a simple syntax issue? Currently I am proceeding with builds over telnet which is a bit of a bummer.

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:15 (6 by maintainers)

github_iconTop GitHub Comments

2reactions
mmouckacommented, Apr 12, 2018

Before we have proper SSH support, I was able to workaround this using ncat.

See my playbook:

- name: 'Open ssh tunnel'
  shell: 'ncat --sh-exec "ssh {{ node.console_server }} -p  {{node.console_port | int + 3000 }} -tt" -l 4444 --keep-open &'
  register: output
  changed_when: False

- name: 'Push minimal config'
  juniper_junos_config:
    format: 'text'
    provider:
      host: 'localhost'
      mode: 'telnet'
      port: '4444'
    load: 'override'
    diff: 'no'
    check: 'no'
    src: '{{ temp_dir }}{{ item.hostname }}.minimal'
  ignore_errors: 'yes'

- name: 'Get tunnel PID'
  shell: "ps -ef | grep '{{ node.console_server }} -p {{ node.console_port | int + 3000 }}' | grep -v grep | awk '{print $2}'"
  register: ncat_pid
  changed_when: False

- name: 'Close tunnel'
  shell: 'kill {{ pid }}'
  with_items: '{{ ncat_pid.stdout_lines }}'
  loop_control:
    loop_var: 'pid'
  changed_when: False
0reactions
rahkumar651991commented, Sep 16, 2021

Based on the discussion, the issue seems to be resolved. Closing the issue due to inactivity.

Read more comments on GitHub >

github_iconTop Results From Across the Web

New version of netconify does not appear to be used - - Bountysource
I've been trying to get a NOOB functionality with Ansible-junos using junos_install_config. Ideally we open a console connection over SSH then establish a ......
Read more >
junos-eznc required but does not appear to be installed
Hi all, I am getting the following error when trying to run a playbook. NY-APatel-home:ansible anish.patel$ ansible-playbook -i dev interface.yaml
Read more >
Automate configuring Juniper factory default devices with PyEZ
Juniper devices that are running with factory default settings can only be configured through the serial console port. You can use the netconify ......
Read more >
How to install and use Juniper Netconify 1.0.0 | - Next Header
This is a great tool if you need to apply default configuration to new Juniper devices, but not only for that. You can...
Read more >
junos-netconify 1.0.2 on PyPI - Libraries.io
If you take a clone, you are getting the latest, and perhaps not ... --help show this help message and exit --version show...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

"module_stderr": "No handlers could be found for logger

Next page

Set commands now failing on junos_install_config