I am trying to connect to a cisco switch using ansible creds(username and password that are being fetched from PAM) while trying to execute a command sh version, I’m getting authentication issue. Both user name and password are correct.
Below is the code and error:
-
name: Playbook to check Nodedown details on Cisco_devices
tasks:-
name: Gather inputs from incident
set_fact:
device_name: “{{ device_name }}”
incident_number: “{{ incident_number }}”
incident_sysid: “{{ incident_sysid}}”
failed_when: false -
name: Display inputs Captured from Incident
debug:
msg:
- Device Name: “{{ device_name }}”
- Incident Number: “{{ incident_number }}”
- Incident Sys_id: “{{ incident_sysid }}” -
name: Executing task when device name is defined and not empty
block:-
name: Creating Inmemory inventory
add_host:
name: “{{ item }}”
groups: network_devices
with_items:- “{{ device_name }}”
when: “device_name is defined and (device_name | length > 0)”
- “{{ device_name }}”
-
name: Display Inventory details
debug:
msg: “{{ groups[‘network_devices’] }}”
when: “device_name is defined and (device_name | length >0)”
when: “device_name is defined and (device_name | length > 0)”
-
-
name: Executing task when device name is not defined and empty
debug:
msg: “The device_name details is not defined”
when: “device_name is not defined and (device_name | length == 0)”
-
-
name: Fetching credentials from PAM
hosts: all
gather_facts: false
tasks:- name: Include role to get creds from PAM
include_role:
name: PAM_Connection
- name: Include role to get creds from PAM
-
name: Connecting to Network Device
hosts: network_devices
gather_facts: false
ignore_unreachable: true
connection: network_cli
vars:
ansible_network_os: ios
ansible_user: "{{ device_username }} "
ansible_password: “{{ device_password }}”
ansible_command_timeout: 240
ansible_python_interpreter: “/usr/libexec/platform-python”
ansible_become: yes
ansible_become_method: enable
tasks:-
name: Setting environment variable globally
set_fact:
ansible_env_var:
ANSIBLE_PARAMIKO_LOOK_FOR_KEYS: “False”vars:
ansible_user: "{{ device_username }} "
ansible_password: “{{ device_password }}”
ansible_command_timeout: 240
ansible_become: yes
ansible_become_method: enable -
name: Execute Command On Network Device
include_role:
name: nodedown_check( file to execute sh version command and register in a variable and printing it)
-
Error:
fatal: [xx-xxxx-xx-xx-a01.domain.net]: FAILED! => {
“changed”: false,
“invocation”: {
“module_args”: {
“auth_pass”: null,
“authorize”: null,
“commands”: [
“show version”
],
“host”: null,
“interval”: 1,
“match”: “all”,
“password”: null,
“port”: null,
“provider”: null,
“retries”: 10,
“ssh_keyfile”: null,
“timeout”: null,
“username”: null,
“wait_for”: null
}
},
“msg”: “Failed to authenticate: Authentication failed.”