How to use Machine Credentials to connect to network devices ()

Archives AWX Project
1

Hi guys,

I’m trying to connect to some Juniper network devices from AWX.

I’m struggling to understand how to use the Credentials (See image below for the username and ssh key) I’ve set up in AWX to connect to the network devices.

How could I pass the ssh key and username to my playbook? Is it something like this possible after saving the credentials in AWX?



tasks:

  • name: Retrieving full config from devices
    juniper_junos_config:
    host: ‘{{ inventory_hostname }}’
    user: {{ AWX.Credentials.test_key }}
    ssh_private_key_file: {{ AWX.Credentials.test_key }}

At this moment I’m pointing the playbook to look for the key on '~/.ssh/test_key which explains why I get authentication errors (The key doesn’t exists on the container). What I’d like to do is to use the test_key and the username that I’ve defined in the AWX-Credentials area (See image below).

My SSH key is protected with a passphrase so I’m trying as well to pass that passphrase when I select the option “Private key passphrase - Prompt on launch” (I assume this should work and the -k option when running ansible-playbook main.yaml -k) (See image below).

Current Playbook

`

(attachments)

Screen Shot 2018-07-31 at 13.39.11.png
Screen Shot 2018-07-31 at 13.39.11.png1719×856 48 KB

2

Daniel,

Credentials are injected in the running Ansible environment in 3 ways:

  1. env variables
  2. ansible extra variables
  3. files (usually with an env variable pointing at the file path)

For your specific case, looks like you want:

3

Fantastic!!! This is what I was looking for Chris as I wasn’t aware of which env variables to reference in my playbook.

Appreciated. I’ll give that a try later today.

4

Hi Daniel

Did you ever manage to figure out how to use the ssh key credentials in AWX?

I’m trying with the junos_config module, and according to the docs it also makes use of the ANSIBLE_NET_SSH_KEYFILE env var .

Like you, I have my private key loaded in the inventory as shown in your screenshot.

But that variable seems to be empty, for this playbook:

`

5

Wow, I think my issue was an extra empty line at the end of my rsa private key.

Even though the ANSIBLE_NET_SSH_KEYFILE env var still prints nothing in the debug, I can now successfully authenticate with private key