Using arubaoss_command to update a Switch with SFTP
Closed this issue · 7 comments
Hello,
I'm trying to update my switchs 2930F with ansible and the arubaoss_command module.
Here is a play that works :
- name: Upload du firmware sur le Serveur SFTP
arubaoss_command:
commands:
- command: "copy flash sftp {{ sftp_user }}@{{ sftp_server }} firmware{{ nom_switch }}.swi primary"
prompt:
- "Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
answer:
- "{{ password }}"
But I'm havig trouble making the following work :
- name: Dowload le firmware sur le Serveur SFTP
arubaoss_command:
commands:
- command: "copy sftp flash {{ sftp_user }}@{{ sftp_server }} {{ nom_firmware }} primary"
prompt:
- "Continue (y/n)?"
answer:
- "y"
prompt:
- "Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
answer:
- "{{ password }}"
Is there a workaround to Continue and answer the password prompt or is there nothing I can do? (Ansible says that I can't have 2 prompts on the same task)
Also, I haven't seen documentation to use "prompt" and "answer". Is it possible to have some about the usage of prompt and how it works?
Thank's in advance for your help.
Hi @Facou-Br !
You'll want to supply the prompts & answers as a list with each entry corresponding to the other in regards to position in the list - for example your playbook should be as follows:
- name: Dowload le firmware sur le Serveur SFTP
arubaoss_command:
commands:
- command: "copy sftp flash {{ sftp_user }}@{{ sftp_server }} {{ nom_firmware }} primary"
prompt:
- "Continue (y/n)?"
- "Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
answer:
- "y"
- "{{ password }}"
It seems to work but not totally.
Now i'm having issues with the dowload of the firmware.
To be more precise, the part that is commented out is working but not the other part ... the switch returns an "000M General error." and I don't know why
Here is some of the code :
#code: language-ansible
---
- hosts: switchs
gather_facts: no
collections:
- arubanetworks.aos_switch
- ansible.buitin.shell
vars:
sftp_user: "TheSftpUser"
sftp_server: "**.**.**.**"
nom_switch: "{{ inventory_hostname }}"
password: "TotallyThePassword"
ansible_connection: network_cli
ansible_command_timeout: 18000
tasks:
- name: Version du switch.
arubaoss_command:
commands:
- "show flash | include WC. | exclude Boot | exclude Secondary"
#- name: Upload du firmware sur le Serveur SFTP
# arubaoss_command:
# commands:
# - command: "copy flash sftp {{ sftp_user }}@{{ sftp_server }} firmware{{ inventory_hostname }}.swi primary"
# prompt:
# - "Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
# answer:
# - "{{ password }}"
- name: Dowload le firmware sur le Serveur SFTP
arubaoss_command:
commands:
- command: "copy sftp flash {{ sftp_user }}@{{ sftp_server }} {{ nom_firmware }}.swi primary"
prompt:
- "Continue (y/n)?"
- "Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
answer:
- "y"
- "{{ password }}"
- name: Version du switch.
arubaoss_command:
commands:
- "show flash | include WC. | exclude Boot | exclude Secondary"
And here is the logs that ansible returns :
ok: [SW15114804] => {
"changed": false,
"invocation": {
"module_args": {
"api_version": "None",
"commands": [
{
"answer": [
"y",
"{{ password }}"
],
"check_all": false,
"command": "copy sftp flash {{ sftp_user }}@{{ sftp_server }} WC_16_08_0001.swi primary",
"newline": true,
"prompt": [
"Continue (y/n)?",
"Enter {{ sftp_user }}@{{ sftp_server }}'s password:"
],
"sendonly": false
}
],
"host": null,
"interval": 1,
"match": "all",
"output_file": null,
"password": null,
"port": null,
"provider": {
"api_version": "None",
"host": "{{ inventory_hostname }}",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 80,
"ssh_keyfile": null,
"timeout": 30,
"transport": "aossapi",
"use_proxy": false,
"use_ssl": false,
"username": "{{ user_name }}",
"validate_certs": false
},
"retries": 10,
"ssh_keyfile": null,
"timeout": null,
"use_ssl": null,
"username": null,
"validate_certs": false,
"wait_for": null
}
},
"stdout": [
"copy sftp flash {{ sftp_user }}@{{ sftp_server }} WC_16_08_0001.swi primaryThe primary image will be deleted.\n\nContinue (y/n)? yAttempting username/password authentication...\nEnter {{ sftp_user }}@{{ sftp_server }}'s password: Enter {{ sftp_user }}@{{ sftp_server }}'s password: \n000M General error."
],
"stdout_lines": [
[
"copy sftp flash {{ sftp_user }}@{{ sftp_server }} WC_16_08_0001.swi primaryThe primary image will be deleted.",
"",
"Continue (y/n)? yAttempting username/password authentication...",
"Enter {{ sftp_user }}@{{ sftp_server }}'s password: Enter {{ sftp_user }}@{{ sftp_server }}'s password: ",
"000M General error."
]
]
}
That error is typically due to the prompt's not matching what is being provided. I realize you're also missing a field check_all: True which tells Ansible to ensure to match/check all the prompts provided. Additionally, I would recommend doing a more generic regex match like so, but as always, to double check, also enter the commands on an existing switch and ensure what you're providing as an output for Ansible to match is correct:
- name: Dowload le firmware sur le Serveur SFTP
arubaoss_command:
commands:
- command: "copy sftp flash {{ sftp_user }}@{{ sftp_server }} {{ nom_firmware }}.swi primary"
check_all: True
prompt:
- '.*\(y\/n\)\?.*'
- '.*password:.*'
answer:
- "y"
- "{{ password }}"
Thank you so much !
It works very well, i'm just having some trouble for the reboot but everything seems to work.
Thank you again.
@Facou-Br you can use the following logic/tasks for rebooting:
- name: reboot device
arubaoss_reboot:
boot_image: BI_PRIMARY_IMAGE
is_wait: False
- name: Pause for 10 seconds to allow for boot command
pause:
seconds: 10
- name: Wait for the switch to come online after FW upgrade and reboot.
wait_for:
host: "{{ ansible_host }}"
port: 22
sleep: 10
timeout: 900
Hello @tchiapuziowong
I can't use Rest commands because they can't be enabled on my service.
But I have something like this that works:
#code: language-ansible
---
- hosts: switchs
collections:
- arubanetworks.aos_switch
- ansible.buitin.shell
vars_files:
- variables.yml
tasks:
- name: Version du switch.
arubaoss_command:
commands:
- "show flash | include WC. | exclude Boot | exclude Secondary"
- "copy flash flash secondary"
register: primary_flash
- name: Pause for 5 minutes to build app cache
ansible.builtin.pause:
minutes: 5
- name: Extraire les 10 caractères suivant 'WC.'
set_fact:
extracted_version: "{{ primary_flash.stdout | regex_search('WC.16(.{8})') }}"
- name: Vérfier le flash secondaire
arubaoss_command:
commands:
- "show flash | include WC. | exclude Boot | exclude Primary"
wait_for:
- result[0] contains "{{ extracted_version }}"
match: all
retries: 5
interval: 5
- name: Telecharger le firmware sur le switch
arubaoss_command:
commands:
- command: "copy sftp flash {{ sftp_user }}@{{ sftp_server }} {{ nom_firmware }} primary"
check_all: True
prompt:
- '.*\(y\/n\)\?.*'
- ".*password:.*"
answer:
- "y"
- "{{ password }}"
- name: Pause for 5 minutes to build app cache
ansible.builtin.pause:
minutes: 5
- name: Montrer le primaire et s'il est bon, reboot le switch sur le primaire
arubaoss_command:
commands:
- "show flash | include WC. | exclude Boot | exclude Secondary"
wait_for:
- result[0] contains "WC.16.11.0020"
match: all
retries: 5
interval: 5
- name: Telecharger le firmware sur le switch
arubaoss_command:
commands:
- command: "boot system flash primary"
check_all: True
prompt:
- '.*\(y\/n\)\?.*'
answer:
- "y"
Only issue that I have is that Ansible doesn't seem to like when the switch reboots because it causes a time out.
@Facou-Br does it error on the last task of arubaoss_command which executes the reboot? you can add ignore_errors: True which will continue the task and then add this to ensure the switch comes back online?
- name: Telecharger le firmware sur le switch
arubaoss_command:
commands:
- command: "boot system flash primary"
check_all: True
prompt:
- '.*\(y\/n\)\?.*'
answer:
- "y"
ignore_errors: True
- name: Pause for 10 seconds to allow for boot command
pause:
seconds: 10
- name: Wait for the switch to come online after FW upgrade and reboot.
wait_for:
host: "{{ ansible_host }}"
port: 22
sleep: 10
timeout: 900