0

I am using an Ansible Server to connect to a Cisco NXOS Switch (N93180LC). The connection runs over paramiko using ssh user/password and has always worked without a problem until I upgraded from 9.3(8) to 9.3(9) software release. When I downgrade the software, then the ssh-connection works again. The connection works also with other devices using the same ssh user/password that are not on version 9.3(9).

SSH-connection over putty works just fine with the same user/password for the nexus switch. It only doesnt work over Ansible. Ansible is on version core 2.11.7 with python 3.6.8.

The ssh-connection is attempted both with a playbook and simply with "ssh user@ip-of-switch" on the Ansible Server. When "ssh user@ip-of-switch" is attempted, the process just gets stuck as if its still "loading". The error output from playbook is appended at the end of the post.

The playbook content is not posted here because it works fine with other devices. It basically just has one task asking the nxos to show hostname.

I thought the problem may be fingerprint related, so I have set ansible_host_key_checking = False in ansible.cfg. Just to be sure, I also manually added the fingerprint from the switch (which i got with "show ssh key") to the ansible known_hosts file.

I've also tried setting ansible connection to libssh instead of paramiko.

Is there maybe a bug with the 9.3(9) release specifically in combination with Ansible that I have not been able to find? I would be appreciative of any help I could get!

But none of the above could solve the problem. The output error that I get from ansible is as follows:

TASK [ask Hostname NXOS] ******************************************************************************************************************
task path: /home/ansible/var/test/Angel/nxos/playbook_hostcheck.yaml:24
The full traceback is:
Traceback (most recent call last):
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 100, in <module>
    _ansiballz_main()
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 92, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 41, in invoke_module
    run_name='__main__', alter_sys=True)
  File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/modules/nxos_com                                mand.py", line 237, in <module>
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/modules/nxos_com                                mand.py", line 206, in main
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/module_utils/net                                work/nxos/nxos.py", line 1370, in run_commands
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/module_utils/net                                work/nxos/nxos.py", line 129, in get_connection
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc                                __
ansible.module_utils.connection.ConnectionError: [Errno 110] Connection timed out
fatal: [17.237.73.11]: FAILED! => {
    "changed": false,
    "rc": 1
}

MSG:

MODULE FAILURE
See stdout/stderr for the exact error


MODULE_STDERR:

Traceback (most recent call last):
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 100, in <module>
    _ansiballz_main()
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 92, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/ansible/.ansible/tmp/ansible-local-62419fhcrsg9/ansible-tmp-1653908906.3061478-6248-45658655329117/AnsiballZ_nxos_command.py"                                , line 41, in invoke_module
    run_name='__main__', alter_sys=True)
  File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/modules/nxos_com                                mand.py", line 237, in <module>
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/modules/nxos_com                                mand.py", line 206, in main
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/module_utils/net                                work/nxos/nxos.py", line 1370, in run_commands
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible_collections/cisco/nxos/plugins/module_utils/net                                work/nxos/nxos.py", line 129, in get_connection
  File "/tmp/ansible_nxos_command_payload_xau7a6f5/ansible_nxos_command_payload.zip/ansible/module_utils/connection.py", line 200, in __rpc                                __
ansible.module_utils.connection.ConnectionError: [Errno 110] Connection timed out
Kenster
  • 23,465
  • 21
  • 80
  • 106
riteangle
  • 1
  • Did you check you are using the latest nxos collection ? Moreover, I would also test with the lastest ansible version. From your error output, the ssh connection is absolutely ok, only running the sent module payload on the remote target sends an error. – Zeitounator May 30 '22 at 14:27
  • Thanks for the suggestion! I upgraded my nxos module to the latest (3.0.0) but that didn't solve the issue. Updating ansible is in this environment unfortunately not an option... – riteangle May 31 '22 at 10:05
  • Installing whatever version of ansible for your system user using pip in a virtualenv takes about 2 minutes and can be wiped out in even less time (if you can run the virtualenv command of course). – Zeitounator May 31 '22 at 11:09
  • upon checking again, updating the nxos collection actually did do the trick! thanks so much :) – riteangle Jun 07 '22 at 14:26

0 Answers0