Provider arguments

As we have seen from Chapter 2, Low Level Network Device Interactions, and chapter 3, API and Intent-Driven Networking, network equipment can be connected via both SSH or API, depending on the platform and software release. All core networking modules implement a provider argument, which is a collection of arguments used to define how to connect to the network device. Some modules only support cli while some support other values, for example Arista EAPI and Cisco NXAPI. This is where Ansible's "let the vendor shine" philosophy is demonstrated. The module will have documentation on which transport method they support.

Some of the basic arguments supported by the transport are here:

  • host: This defines the remote host
  • port: This defines the port to connect to
  • username: This is the username to be authenticated
  • password: This is the password to be authenticated
  • transport: This is the type of transport for the connection
  • authorize: This enables privilege escalation for devices that requires it
  • auth_pass: This defines the privilege escalation password

As you can see, not all arguments need to be specified. For example, for our previous playbooks, our user is always at the admin privilege when log in, therefore we do not need to specify the authorize or the auth_pass arguments.

These arguments are just variables, so they follow the same rules for variable precedence. For example, if I change the cisco_3.yml to cisco_4.yml and observe the following precedence:

    ---
    - name: Configure SNMP Contact
      hosts: "nexus_by_name"
      gather_facts: false
      connection: local

      vars:
        cli:
          host: "{{ ansible_host }}"
          username: "{{ username }}"
          password: "{{ password }}"
          transport: cli

      tasks:
        - name: configure snmp contact
          nxos_snmp_contact:
            contact: TEST_1
            state: present
            username: cisco123
            password: cisco123
            provider: "{{ cli }}"

          register: output

        - name: show output in output["end_state"]["contact"]
          debug:
            msg: '{{ output["end_state"]["contact"] }}'

        - name: show output in output.end_state.contact
          debug:
            msg: '{{ output.end_state.contact }}'

The username and password defined on the task level will override the username and password at the playbook level. I will receive the following error when trying to connect because the user does not exist on the device:

    PLAY [Configure SNMP Contact] 
    **************************************************

    TASK [configure snmp contact] 
    **************************************************
    fatal: [switch2]: FAILED! => {"changed": false, "failed": true,  
    "msg": "failed to connect to 192.168.199.149:22"}
    fatal: [switch1]: FAILED! => {"changed": false, "failed": true, 
    "msg": "failed to connect to 192.168.199.148:22"}
     to retry, use: --limit  
    @/home/echou/Master_Python_Networking/Chapter4/cisco_4.retry

    PLAY RECAP  
    *********************************************************************
    switch1 : ok=0 changed=0 unreachable=0 failed=1
    switch2 : ok=0 changed=0 unreachable=0 failed=1
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.241.250