Rebooting a Cisco ASA device

Archives Ansible Project
1

I’m trying to reboot a Cisco ASA Firewall, and run the “show version” command after it. It seems that rebooting works, but when the playbook gets to the show version command, it will get failed by showing the error down below. Any idea about it?

  • name: Rebooting the ASA
    asa_command:
    commands:

  • “reload\n”

  • wait_for: timeout=180

  • name: check the version
    asa_command:
    commands:

  • show version
    register: output

  • name: check the version
    debug: var=output.stdout

TASK [Rebooting the ASA] ***********************************************************************************************************
skipping: [Fw4Script-02.tor.bellnhs.int]
ok: [Fw4Script-01.tor.bellnhs.int]

TASK [wait_for] ********************************************************************************************************************
skipping: [Fw4Script-02.tor.bellnhs.int]
ok: [Fw4Script-01.tor.bellnhs.int]

TASK [check the version] ************************************************************************************************
skipping: [Fw4Script-02.tor.bellnhs.int]
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.module_utils.connection.ConnectionError: Socket is closed
fatal: [Fw4Script-01.tor.bellnhs.int]: FAILED! => {“changed”: false, “module_stderr”: “Traceback (most recent call last):\n File "/home/shdianat/.ansible/tmp/ansible-local-12216t0E3Bw/ansible-tmp-1546555792.58-98199446309935/AnsiballZ_asa_command.py", line 113, in \n ansiballz_main()\n File "/home/shdianat/.ansible/tmp/ansible-local-12216t0E3Bw/ansible-tmp-1546555792.58-98199446309935/AnsiballZ_asa_command.py", line 105, in ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File "/home/shdianat/.ansible/tmp/ansible-local-12216t0E3Bw/ansible-tmp-1546555792.58-98199446309935/AnsiballZ_asa_command.py", line 48, in invoke_module\n imp.load_module(‘main’, mod, module, MOD_DESC)\n File "/tmp/ansible_asa_command_payload_4Z1mL/main.py", line 195, in \n File "/tmp/ansible_asa_command_payload_4Z1mL/main.py", line 165, in main\n File "/tmp/ansible_asa_command_payload_4Z1mL_/ansible_asa_command_payload.zip/ansible/module_utils/network/asa/asa.py", line 124, in run_commands\n File "/tmp/ansible_asa_command_payload_4Z1mL_/ansible_asa_command_payload.zip/ansible/module_utils/connection.py", line 173, in rpc\nansible.module_utils.connection.ConnectionError: Socket is closed\n”, “module_stdout”: “”, “msg”: “MODULE FAILURE\nSee stdout/stderr for the exact error”, “rc”: 1}

These are the parameters in ansible.cfg file:

[persistent_connection]

connect_timeout = 300
command_timeout = 300

2

Try adding “meta: reset_connection” after wait_for task and before check version task.
Also, which Ansible version are you using?

Regards,
Ganesh

3

Please refer below link as well,

https://gdykeman.github.io/2018/06/26/ios-upgrades/

4

Thanks. My ansible version is: 2.7.4. This command let me proceed. Is this a normal output?

TASK [wait_for] ********************************************************************************************************************
skipping: [Fw4Script-01.tor.bellnhs.int]
ok: [Fw4Script-02.tor.bellnhs.int]
[WARNING]: reset_connection task does not support when conditional

TASK [show version on ASA Firewall] ************************************************************************************************
skipping: [Fw4Script-01.tor.bellnhs.int]
ok: [Fw4Script-02.tor.bellnhs.int]

My ansible version is: 2.7.4