I could login the cisco device with SSH and run the show version successfully.
Did you ever find a fix for this? I’m seeing the same error when connecting to an ASA 5505.
I think I have found the cause of this message.
ios_command module seems to run “terminal length 0” on the iOS target so that the output is displayed without any breaks. However this command is only valid against Cisco routers and switches. The proper command for an ASA is “terminal pager 0”. So naturally with terminal length 0 is executed, iOS generates an error, and execution of the playbook is halted.
There are now ASA specific modules available in extras (https://github.com/ansible/ansible-modules-extras/tree/devel/network/asa) I would recommend using those for management of ASA devices.
Yep - those don’t work for me. I don’t have ASA v 9.3 which is a requirement for those ASA modules.
Yes, there are ASA specific modules. But those modules require ASA v9.3 and use Cisco’s REST API introduced in ASA v9.3. For anyone not wishing to use the REST API or who does not have ASA v9.3, those ASA modules do not work. In addition, it doesn’t appear that those modules are ready for “production” use yet. According to the developer on his own website - he is still testing, asking for help testing, He’s still finding bugs (normal even after release). Some his own, and some are bugs in Cisco’s REST API.
Now - to post what I found wrong because you didn’t publish it the first time…
Ansible’s ios_command module tries to run the command “terminal length 0” to disable breaks which would require the user to interact and “continue” the output. The problem with this is that the “terminal length 0” command only works on Cisco routers and switches. The appropriate command for an ASA is “terminal pager 0”.
You should at least post my Answer about the error so that others who might encounter it can quickly and easily discover the cause rather than continue digging into possible causes while beating their head against a wall because it doesn’t work.
I’ve found that by copying and modifying ios.py in …/ansible/module_utils/ and then pointing ios_template to this new module its easy to change “terminal length 0” to “terminal pager 0”. Doing so, however, has apparently broken something else because now Ansible does not interpret templates correctly and sends the template name as a command, instead of parsing the template and executing the contents. If anyone has a solution for that I’d be glad to hear it.
NOTICE: The information contained in this email may be confidential, proprietary and/or legally privileged. It has been sent for the sole use of the intended recipient(s). If the reader of this message is not an intended recipient, you are hereby notified that any unauthorized review, use, disclosure, dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please reply to the sender and destroy all copies of the message. Thank you.
Yep, I did the same thing. I haven’t had the chance to try running it to see if I got any errors.
Also, just FYI - according to the REST API documentation, the ASA REST API is not supported with the ASA 5505.
The ASA modules in extras are CLI based not REST based so there is no dependency on REST API. Not sure about the 9.3 requirement, I don’t see that anywhere in the module docstring.
Agreed that the modules are currently part of devel and not ready for production use yet (as in still be tested) but going down the path of force fitting ios_command to fill that role is no more or no less ready for production as it isn’t tested against ASA devices
Well I apologize. I found an ASA module that uses the REST API and that is the module I was referring to. I found the asa_command module you’re referring to and ha I’ve tried it. Basically I replaced ios_command with asa_command and command with commands. The playbook will not run.
Can you provide a good known working playbook example?
YAML:
You need one more space in front of your “commands:”.
This is correct:
`
- hosts: 192.168.0.1
gather_facts: False
connection: local
tasks:
- asa_command:
commands: - sh ver
`
A YAML parser like http://yaml-online-parser.appspot.com/ is super helpful in debugging little syntax things like that sometimes.
That doesn’t seem to do it. I tried the YAML parser. I even copied and pasted from the parser. I still get the same exact error. I also tried moving the Host option under asa_command.
The asa_* commands are not part of latest Ansible version (2.1.1.0) yet.
You need to clone the repository https://github.com/ansible/ansible-modules-extras and modify ansible’s configuration to point to your local folder in /etc/ansible/ansible.cfg with “library = …”
OK, any other ideas? I cloned the repository. I edited ansible.cfg. I also tried the --module-path command line parameter. But all I get is this error about not being able to find the asa_command module:
TASK [asa_command] *************************************************************
fatal: [asa5505]: FAILED! => {“failed”: true, “msg”: “Could not find imported module support code for asa_command. Looked for either * or asa”}
can you paste a copy of ansible --version into this thread? I suspect you are not running the latest version from devel
You’re right, I’m not running from devel. I’m running Latest Release from Apt.
To install from official PPA for Ubuntu: http://docs.ansible.com/ansible/intro_installation.html#latest-releases-via-apt-ubuntu
Another way is through pip: sudo pip install ansible
If you want the very latest builds (stable & RC release candidates), you can use my own PPA (only for Ubuntu 16.04) which also distributes many other fresh packages.