Essayer d'exécuter un simple playbook gather_ facts en utilisant Ansible. Je peux connecter via SSH en utilisant les informations d'identification utilisateur sans problème, mais pour une raison que je ne peux pas obtenir ma tête autour du PlayBook échoue avec le message suivant:Comment identifier un problème avec crypto lors de l'exécution d'un playbbok Ansible?
2017-10-07 22:57:44,248 ncclient.transport.ssh Unknown exception: cannot import name aead
OS: Ubuntu (Ubuntu 16.04.3 LTS) Router Destination : VirtualBox Junos Olive [12.1R1.9] Ansible version: 2.4.0.0
hôtes:
[all:vars]
ansible_python_interpreter=/usr/bin/python
ansible_connection = local
[junos]
lab.r1
Playbook:
---
- hosts: junos
gather_facts: no
tasks:
- name: obtain login credentials
include_vars: ../auth/secrets.yml
- name: Checking NETCONF connectivity
wait_for: host={{ inventory_hostname }} port=830 timeout=5
- name: Gather Facts
junos_facts:
host: "{{ inventory_hostname }}"
username: "{{ creds['username'] }}"
password: "{{ creds['password'] }}"
register: junos
- name: version
debug: msg="{{ junos.facts.version }}"
sortie Playbook:
$ ansible-playbook -vvvv junos-get_facts.yml
ansible-playbook 2.4.0.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/usr/local/lib/python2.7/dist-packages/ansible/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
executable location = /usr/local/bin/ansible-playbook
python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/local/lib/python2.7/dist-packages/ansible/plugins/callback/__init__.pyc
PLAYBOOK: junos-get_facts.yml ******************************************************************************************************************
1 plays in junos-get_facts.yml
PLAY [junos] ***********************************************************************************************************************************
META: ran handlers
TASK [obtain login credentials] ****************************************************************************************************************
task path: /usr/local/share/ansible/junos/junos-get_facts.yml:6
Trying secret FileVaultSecret(filename='/usr/local/share/ansible/auth/vault/vault_pass.py') for vault_id=default
ok: [lab.r1] => {
"ansible_facts": {
"creds": {
"password": "*******",
"username": "ansible"
}
},
"ansible_included_var_files": [
"/usr/local/share/ansible/junos/../auth/secrets.yml"
],
"changed": false,
"failed": false
}
TASK [Checking NETCONF connectivity] ***********************************************************************************************************
task path: /usr/local/share/ansible/junos/junos-get_facts.yml:9
Using module file /usr/local/lib/python2.7/dist-packages/ansible/modules/utilities/logic/wait_for.py
<lab.r1> ESTABLISH LOCAL CONNECTION FOR USER: ansible
<lab.r1> EXEC /bin/sh -c '(umask 77 && mkdir -p "` echo $HOME/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412 `" && echo ansible-tmp-1507431462.1-117888621897412="` echo $HOME/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412 `") && sleep 0'
<lab.r1> PUT /tmp/tmpW193y0 TO /usr/local/share/ansible/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412/wait_for.py
<lab.r1> EXEC /bin/sh -c 'chmod u+x /usr/local/share/ansible/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412/ /usr/local/share/ansible/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412/wait_for.py && sleep 0'
<lab.r1> EXEC /bin/sh -c '/usr/bin/python /usr/local/share/ansible/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412/wait_for.py; rm -rf "/usr/local/share/ansible/.ansible/tmp/ansible-tmp-1507431462.1-117888621897412/" > /dev/null 2>&1 && sleep 0'
ok: [lab.r1] => {
"changed": false,
"elapsed": 0,
"failed": false,
"invocation": {
"module_args": {
"active_connection_states": [
"ESTABLISHED",
"FIN_WAIT1",
"FIN_WAIT2",
"SYN_RECV",
"SYN_SENT",
"TIME_WAIT"
],
"connect_timeout": 5,
"delay": 0,
"exclude_hosts": null,
"host": "lab.r1",
"msg": null,
"path": null,
"port": 830,
"search_regex": null,
"sleep": 1,
"state": "started",
"timeout": 5
}
},
"path": null,
"port": 830,
"search_regex": null,
"state": "started"
}
TASK [Gather Facts] ****************************************************************************************************************************
task path: /usr/local/share/ansible/junos/junos-get_facts.yml:12
<lab.r1> using connection plugin netconf
<lab.r1> socket_path: None
fatal: [lab.r1]: FAILED! => {
"changed": false,
"failed": true,
"msg": "unable to open shell. Please see: https://docs.ansible.com/ansible/network_debug_troubleshooting.html#unable-to-open-shell"
}
to retry, use: --limit @/usr/local/share/ansible/junos/junos-get_facts.retry
PLAY RECAP *************************************************************************************************************************************
lab.r1 : ok=2 changed=0 unreachable=0 failed=1
La sortie détaillée de journal affiche les éléments suivants:
2017-10-07 23:19:51,177 p=2906 u=ansible | TASK [Gather Facts] ****************************************************************************************************************************
2017-10-07 23:19:51,180 p=2906 u=ansible | task path: /usr/local/share/ansible/junos/junos-get_facts.yml:12
2017-10-07 23:19:52,739 p=2937 u=ansible | creating new control socket for host lab.r1:830 as user ansible
2017-10-07 23:19:52,740 p=2937 u=ansible | control socket path is /usr/local/share/ansible/.ansible/pc/b52ae79c72
2017-10-07 23:19:52,740 p=2937 u=ansible | current working directory is /usr/local/share/ansible/junos
2017-10-07 23:19:52,741 p=2937 u=ansible | using connection plugin netconf
2017-10-07 23:19:52,937 p=2937 u=ansible | network_os is set to junos
2017-10-07 23:19:52,951 p=2937 u=ansible | ssh connection done, stating ncclient
2017-10-07 23:19:52,982 p=2937 u=ansible | failed to create control socket for host lab.r1
2017-10-07 23:19:52,985 p=2937 u=ansible | Traceback (most recent call last):
File "/usr/local/bin/ansible-connection", line 316, in main
server = Server(socket_path, pc)
File "/usr/local/bin/ansible-connection", line 112, in __init__
self.connection._connect()
File "/usr/local/lib/python2.7/dist-packages/ansible/plugins/connection/netconf.py", line 158, in _connect
ssh_config=ssh_config
File "/usr/local/lib/python2.7/dist-packages/ncclient/manager.py", line 154, in connect
return connect_ssh(*args, **kwds)
File "/usr/local/lib/python2.7/dist-packages/ncclient/manager.py", line 116, in connect_ssh
session.load_known_hosts()
File "/usr/local/lib/python2.7/dist-packages/ncclient/transport/ssh.py", line 299, in load_known_hosts
self._host_keys.load(filename)
File "/usr/local/lib/python2.7/dist-packages/paramiko/hostkeys.py", line 97, in load
e = HostKeyEntry.from_line(line, lineno)
File "/usr/local/lib/python2.7/dist-packages/paramiko/hostkeys.py", line 358, in from_line
key = ECDSAKey(data=decodebytes(key), validate_point=False)
File "/usr/local/lib/python2.7/dist-packages/paramiko/ecdsakey.py", line 156, in __init__
self.verifying_key = numbers.public_key(backend=default_backend())
File "/usr/local/lib/python2.7/dist-packages/cryptography/hazmat/backends/__init__.py", line 15, in default_backend
from cryptography.hazmat.backends.openssl.backend import backend
File "/usr/local/lib/python2.7/dist-packages/cryptography/hazmat/backends/openssl/__init__.py", line 7, in <module>
from cryptography.hazmat.backends.openssl.backend import backend
File "/usr/local/lib/python2.7/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 23, in <module>
from cryptography.hazmat.backends.openssl import aead
ImportError: cannot import name aead
2017-10-07 23:20:02,775 p=2906 u=ansible | fatal: [lab.r1]: FAILED! => {
"changed": false,
"failed": true,
"msg": "unable to open shell. Please see: https://docs.ansible.com/ansible/network_debug_troubleshooting.html#unable-to-open-shell"
}
Toute aide est appréciée.
Quelle version de 'pycrypto' avez-vous installé? – techraf
Merci pour les commentaires. Nom: pycrypto Version: 2.6.1 –
'aead' est importé par le backend, mais également introuvable. Cela peut sembler vouloir essayer d'importer deux versions différentes de 'cryptography'. 'pycrypto' n'est pas pertinent ici (c'est un paquet non apparenté). Tout d'abord, je suggèrerais de mettre à jour 'cryptography', mais depuis que cette extension a été ajoutée dans 2.0, vous devrez peut-être vous assurer que vous n'avez pas de cryptographie installée via pip et via votre gestionnaire de paquets de distribution. –