eos_vlan和ansible,“ cli命令“ vlan 777”失败:无效命令”

时间:2019-06-17 12:29:08

标签: python ansible eos

我是Ansible and Networking的新手,但是我开始在网络公司工作,在那里我们开始使用Ansible自动化网络节点的配置。瞻博网络设备没有问题,但是Arista交换机在尝试中继简单命令时会出现问题。

所以我想要实现的是使用Ansible在Arista交换机上创建VLAN。 我正在使用通过https(敏感数据替换为xxx)的eapi连接:

show management api http-commands
Enabled:        Yes
HTTPS server:   running, set to use port 443
HTTP server:    shutdown, set to use port 80
VRF:            MGMT
Hits:           318
Last hit:       766 seconds ago
Bytes in:       25241
Bytes out:      3985523
Requests:       40
Commands:       80
Duration:       79.082 seconds
   User       Hits       Bytes in       Bytes out    Last hit        
---------- ---------- -------------- --------------- --------------- 
   xxx       40         25241          3985523      766 seconds ago 

URLs                                  
------------------------------------- 
Vlan2       : https://xxx

这是我的任务:

     - name: create vlan
       eos_vlan:
          vlan_id: "{{ vlan_id }}"
          name: "{{ vlan_descr }}"
          state: present
          authorize: yes
          auth_pass: "{{ auth_password }}"
          transport: "{{ transport }}"
          username: "{{ username }}"
          password: "{{ password }}"
          validate_certs: false
          ssh_keyfile: "{{ ssh_keyfile }}"

如您所见,我使用授权密码,所有变量都存储在另一个文件中。问题是我收到此错误:

changed": false, "code": 1002, "msg": "CLI command 2 of 2 'vlan 777' failed: invalid command"

此服务器运行在:

     CPE OS Name: cpe:/o:centos:centos:7
     Kernel: Linux 3.10.0-957.21.2.el7.x86_64
     Architecture: x86-64

使用Ansible:

  config file = /opt/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, May  2 2019, 20:40:44) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

Arista版本:

Arista DCS-7050QX-32-F
Hardware version:    02.00
Software image version: 4.13.5F
Architecture:           i386

我在测试环境中使用相同的任务进行了尝试,但是使用了不同的ansible VM和arista映像:

Arista vEOS
Hardware version:    
Serial number:       
Software image version: 4.21.1.1F
Architecture:           i386
Internal build version: 4.21.1.1F-10146868.42111F

一切似乎还好,使用相同的文档来设置用户等等。

我相信这可能是由于用户没有特权,但是我包括了管理员密码,而eapi和ansible用户都具有网络管理员角色。

这是更详细的输出:

fatal: [x.x.x.x]: FAILED! => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "code": 1002,
    "invocation": {
        "module_args": {
            "aggregate": null,
            "associated_interfaces": null,
            "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "authorize": true,
            "delay": 10,
            "host": "x.x.x.x",
            "interfaces": null,
            "name": null,
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": 443,
            "provider": {
                "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "authorize": true,
                "host": "x.x.x.x",
                "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "port": 443,
                "ssh_keyfile": "/root/.ssh/id_rsa.pub",
                "timeout": 45,
                "transport": "eapi",
                "use_proxy": true,
                "use_ssl": true,
                "username": "eapi",
                "validate_certs": false
            },
            "purge": false,
            "ssh_keyfile": "/root/.ssh/id_rsa.pub",
            "state": "present",
            "timeout": 45,
            "transport": "eapi",
            "url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "url_username": "eapi",
            "use_ssl": true,
            "username": "eapi",
            "validate_certs": false,
            "vlan_id": 777
        }
    },
    "msg": "CLI command 2 of 2 'vlan 777' failed: invalid command"
}

值得注意的另一件事是,如果我使用已经存在的VLAN,并且不包含描述(以便不进行任何更改),Ansible将返回成功:

ok: [x.x.x.x] => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "changed": false,
    "commands": [],
    "invocation": {
        "module_args": {
            "aggregate": null,
            "associated_interfaces": null,
            "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "authorize": true,
            "delay": 10,
            "host": "x.x.x.x",
            "interfaces": null,
            "name": null,
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "port": 443,
            "provider": {
                "auth_pass": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "authorize": true,
                "host": "x.x.x.x",
                "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "port": 443,
                "ssh_keyfile": "/root/.ssh/id_rsa.pub",
                "timeout": 45,
                "transport": "eapi",
                "use_proxy": true,
                "use_ssl": true,
                "username": "eapi",
                "validate_certs": false
            },
            "purge": false,
            "ssh_keyfile": "/root/.ssh/id_rsa.pub",
            "state": "present",
            "timeout": 45,
            "transport": "eapi",
            "url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "url_username": "eapi",
            "use_ssl": true,
            "username": "eapi",
            "validate_certs": false,
            "vlan_id": 777
        }
    }
}

有人可以将我指向应该寻找答案的地方吗? 或有什么建议吗?我将非常感谢。

谢谢

1 个答案:

答案 0 :(得分:0)

答案一直是我的问题: 原来是由于软件版本:

   Arista DCS-7050QX-32-F 
   Hardware version: 02.00 
   Software image version: 4.13.5F 
   Architecture: i386

您至少需要4.15.5FAnsible 2.8.1一起运行