I am trying to create a demo playbook to show ansible/AWX/Tower configuring a cisco switch… and failing miserably.

I have tried using cisco.ios.ios_vlans and the deprecated cisco.ios.ios_vlan and get errors on both.

I have tried network credential with the authorize box ticked and the enable password as the authorize password

I have tried machine credential with privilege escalation method set to enable and am unable to create a vlan with either.

my play with cisco.ios.ios_vlans:

`

now create vlan 10

• name: create vlan 10
  ios_vlans:
  config:
• name: Vlan_10
  vlan_id: 10
  state: active
  shutdown: disabled
  state: replaced

`

I have tried with merged and replaced I always get:

`
invalid literal for int() with base 10: ‘Gi1/0/49,’\n",

`

I am not trying to add any interfaces or anything at this point - GI1/0/49 is my uplink to the switch is the only thing I can think of, but no idea why this message comes up in stderr. I did see this error in an issue in git, I did not find a solution, but apparently the user decided to move to using cisco.ios.ios_vlan instead and it worked ok. So I followed that route

playbook now:

`

now create vlan 10

• name: create vlan 10
  ios_vlan:
  vlan_id: 10
  name: vlan_10
  state: present

`

and traceback with network credential with authorize ticked and authorize password entered.

`

{
“msg”: “configure terminal\r\n ^\r\n% Invalid input detected at ‘^’ marker.\r\n\r\nterrapin-2960-bu>”,
“exception”: " File "/tmp/ansible_ios_vlan_payload_862tmftw/ansible_ios_vlan_payload.zip/ansible/module_utils/network/ios/ios.py", line 144, in load_config\n resp = connection.edit_config(commands)\n File "/tmp/ansible_ios_vlan_payload_862tmftw/ansible_ios_vlan_payload.zip/ansible/module_utils/connection.py", line 185, in rpc\n raise ConnectionError(to_text(msg, errors=‘surrogate_then_replace’), code=code)\n",
“invocation”: {
“module_args”: {
“vlan_id”: 10,
“name”: “vlan_10”,
“state”: “present”,
“purge”: false,
“delay”: 10,
“aggregate”: null,
“interfaces”: null,
“associated_interfaces”: null,
“provider”: null,
“host”: null,
“port”: null,
“username”: null,
“password”: null,
“ssh_keyfile”: null,
“authorize”: null,
“auth_pass”: null,
“timeout”: null
}
},
“ansible_facts”: {
“discovered_interpreter_python”: “/usr/libexec/platform-python”
},
“_ansible_no_log”: false,
“changed”: false
}

`

and traceback with machine credential and privilege’s escalation method set to enable

`

fatal: [192.168.10.251]: FAILED! => {

64
“ansible_facts”: {

65
“discovered_interpreter_python”: “/usr/libexec/platform-python”

66
},

67
“changed”: false,

68
“invocation”: {

69
“module_args”: {

70
“aggregate”: null,

71
“associated_interfaces”: null,

72
“auth_pass”: null,

73
“authorize”: null,

74
“delay”: 10,

75
“host”: null,

76
“interfaces”: null,

77
“name”: “vlan_10”,

78
“password”: null,

79
“port”: null,

80
“provider”: null,

81
“purge”: false,

82
“ssh_keyfile”: null,

83
“state”: “present”,

84
“timeout”: null,

85
“username”: null,

86
“vlan_id”: 10

87
}

88
},

89
“msg”: “show user-account root\r\n ^\r\n% Invalid input detected at ‘^’ marker.\r\n\r\nterrapin-2960-bu>”

90
}

91

`

so the invalid input detected at… and the terrapin-2960-bu> prompt with configure terminal command looks to me like it hasn’t escalated to privilege enable mode, which is why I have tried all the different credential types and tickboxes etc… but they seem to be saying that that will put it in enable mode… but I am stuck on this error. I realize that ios_vlan is deprecated - info on versions is:

awx 13
ansible 2.9.10

I think I have tried every thing that I can think of right now, I am supposed to be demoing it tomorrow and it’s going to look a little pitiful as the only thing that I can current get to work is show version… which it seems to do fine.

I am going to convert my playbooks back to just standard ansible with become_method: enable etc to see if I get any other results, but as far as I can tell that should be the same as I am getting from AWX and AWX is what they are really interested in.

Regards
Bill

So, I got this all to run under ansible using become_method: enable so it isn’t my playbook or ansible that is the problem entering privilege mode.

It is an AWX problem as far as I can tell. I am using machine credential with privilege escalation method set to enable, privilege username and password set and also in the template enable privilege escalation box is ticked. I still get an error:

“msg”: “show user-account root\r\n ^\r\n% Invalid input detected at ‘^’ marker.\r\n\r\nterrapin-2960-bu>”

Which looks like lack of privilege escalation… this works with Ansible Tower – Redhat have run a simple playbook and crated a vlan and sent me screen shots of the template and credential pages and I have matched them exactly but I still get an error.

Is anyone else using AWX with privilege escalation on Cisco and gotten it to work?

Regards

Bill

my bad, I had a variable stuck in my inventory stating OS was NXOS I had copied some vars from someone elses playbook and completely forgot about them in the inventory file extra vars.

All good now.