我是Ansible and Networking的新手,但是我开始在网络公司工作,在那里我们开始使用Ansible自动化网络节点的配置。瞻博网络设备没有问题,但是Arista交换机在尝试中继简单命令时会出现问题。
所以我想要实现的是使用Ansible在Arista交换机上创建VLAN。 我正在使用通过https(敏感数据替换为xxx)的eapi连接:
show management api http-commands
Enabled: Yes
HTTPS server: running, set to use port 443
HTTP server: shutdown, set to use port 80
VRF: MGMT
Hits: 318
Last hit: 766 seconds ago
Bytes in: 25241
Bytes out: 3985523
Requests: 40
Commands: 80
Duration: 79.082 seconds
User Hits Bytes in Bytes out Last hit
---------- ---------- -------------- --------------- ---------------
xxx 40 25241 3985523 766 seconds ago
URLs
-------------------------------------
Vlan2 : https://xxx
这是我的任务:
- name: create vlan
eos_vlan:
vlan_id: "{{ vlan_id }}"
name: "{{ vlan_descr }}"
state: present
authorize: yes
auth_pass: "{{ auth_password }}"
transport: "{{ transport }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: false
ssh_keyfile: "{{ ssh_keyfile }}"
如您所见,我使用授权密码,所有变量都存储在另一个文件中。问题是我收到此错误:
changed": false, "code": 1002, "msg": "CLI command 2 of 2 'vlan 777' failed: invalid command"
此服务器运行在:
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-957.21.2.el7.x86_64
Architecture: x86-64
使用Ansible:
config file = /opt/ansible/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.6/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.6.8 (default, May 2 2019, 20:40:44) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
Arista版本:
Arista DCS-7050QX-32-F
Hardware version: 02.00
Software image version: 4.13.5F
Architecture: i386
我在测试环境中使用相同的任务进行了尝试,但是使用了不同的ansible VM和arista映像:
Arista vEOS
Hardware version:
Serial number:
Software image version: 4.21.1.1F
Architecture: i386
Internal build version: 4.21.1.1F-10146868.42111F
一切似乎还好,使用相同的文档来设置用户等等。
我相信这可能是由于用户没有特权,但是我包括了管理员密码,而eapi和ansible用户都具有网络管理员角色。
这是更详细的输出:
fatal: [x.x.x.x]: FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"code": 1002,
"invocation": {
"module_args": {
"aggregate": null,
"associated_interfaces": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"delay": 10,
"host": "x.x.x.x",
"interfaces": null,
"name": null,
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"provider": {
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"host": "x.x.x.x",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"ssh_keyfile": "/root/.ssh/id_rsa.pub",
"timeout": 45,
"transport": "eapi",
"use_proxy": true,
"use_ssl": true,
"username": "eapi",
"validate_certs": false
},
"purge": false,
"ssh_keyfile": "/root/.ssh/id_rsa.pub",
"state": "present",
"timeout": 45,
"transport": "eapi",
"url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"url_username": "eapi",
"use_ssl": true,
"username": "eapi",
"validate_certs": false,
"vlan_id": 777
}
},
"msg": "CLI command 2 of 2 'vlan 777' failed: invalid command"
}
值得注意的另一件事是,如果我使用已经存在的VLAN,并且不包含描述(以便不进行任何更改),Ansible将返回成功:
ok: [x.x.x.x] => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"commands": [],
"invocation": {
"module_args": {
"aggregate": null,
"associated_interfaces": null,
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"delay": 10,
"host": "x.x.x.x",
"interfaces": null,
"name": null,
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"provider": {
"auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"authorize": true,
"host": "x.x.x.x",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"ssh_keyfile": "/root/.ssh/id_rsa.pub",
"timeout": 45,
"transport": "eapi",
"use_proxy": true,
"use_ssl": true,
"username": "eapi",
"validate_certs": false
},
"purge": false,
"ssh_keyfile": "/root/.ssh/id_rsa.pub",
"state": "present",
"timeout": 45,
"transport": "eapi",
"url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"url_username": "eapi",
"use_ssl": true,
"username": "eapi",
"validate_certs": false,
"vlan_id": 777
}
}
}
有人可以将我指向应该寻找答案的地方吗? 或有什么建议吗?我将非常感谢。
谢谢
答案 0 :(得分:0)
答案一直是我的问题: 原来是由于软件版本:
Arista DCS-7050QX-32-F
Hardware version: 02.00
Software image version: 4.13.5F
Architecture: i386
您至少需要4.15.5F
和Ansible 2.8.1
一起运行