Developer

 View Only
last person joined: 2 days ago 

Back to discussions
Expand all | Collapse all

AOSCX - Ansible connection via jump host

This thread has been viewed 38 times

  • 1.  AOSCX - Ansible connection via jump host

    Posted May 10, 2022 01:37 PM
    Hi,

    Great to be part of this community.

    We are writing ansible playbook to manage Aruba CX switches. However, we the playbook get the output of commands when switch is connected to a jump host.

    Our environment -

    [Ansible Execution Host] -> Jump Host -> Switch

    The playbook times out with following error - 

    "msg": "socket_path does not exist or cannot be found.\nSee the socket_path issue category in Network Debug and Troubleshooting Guide"​


    Traceback -

    The full traceback is:
  File "/tmp/ansible_arubanetworks.aoscx.aoscx_command_payload_zt3y_wa1/ansible_arubanetworks.aoscx.aoscx_command_payload.zip/ansible_collections/arubanetworks/aoscx/plugins/module_utils/aoscx.py", line 447, in run_commands
    return conn.run_commands(commands=commands, check_rc=check_rc)
  File "/tmp/ansible_arubanetworks.aoscx.aoscx_command_payload_zt3y_wa1/ansible_arubanetworks.aoscx.aoscx_command_payload.zip/ansible/module_utils/connection.py", line 184, in __rpc__
    response = self._exec_jsonrpc(name, *args, **kwargs)
  File "/tmp/ansible_arubanetworks.aoscx.aoscx_command_payload_zt3y_wa1/ansible_arubanetworks.aoscx.aoscx_command_payload.zip/ansible/module_utils/connection.py", line 138, in _exec_jsonrpc
    raise ConnectionError('socket_path does not exist or cannot be found.'

    However, same playbook works when executed on the Jump Host.

    What might be the problem?

    Thanks
    Ratnesh

    ------------------------------
    Ratnesh Nagori
    ------------------------------


  • 2.  RE: AOSCX - Ansible connection via jump host

    MVP GURU
    Posted May 10, 2022 04:27 PM
    Hi,

    Do you have look https://docs.ansible.com/ansible/latest/network/user_guide/network_debug_troubleshooting.html#troubleshooting-socket-path-issues

    May be also also on aruba ansible-collection github ?

    ------------------------------
    PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

    PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

    PowerArubaCL: Powershell Module to use Aruba Central

    PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

    ACEP / ACMX #107 / ACDX #1281
    ------------------------------

    Original Message


  • 3.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 01:07 AM
    Hello Ratnesh,

    have you managed to get this to work? I have the same setup as you and I'm experiencing the same issue. The sockets are being created on the Ansible host, but the playbook is basically in a loop and then fails because the sockets are timing out.
    Original Message


  • 4.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 01:42 AM
    Hi kg36,

    No, couldn't get it working. Luckily, galaxy collection for Aruba works for Aruba CX also so we used that as a workaround.
    Original Message


  • 5.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 01:49 AM
    Hello,

    thank you for the response. Which galaxy collection are you talking about? The Aruba OS-Switch collection? https://galaxy.ansible.com/arubanetworks/aos_switch

    We are mainly after the aoscx_command module to get a readable config. The API modules for CX are working for us, but the SSH modules aren't.
    Original Message


  • 6.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 04:56 AM
    I have managed to get this working using the community aruba_command module (https://docs.ansible.com/ansible/latest/collections/community/network/aruba_command_module.html). This works with an SSH connection over a jump host, but the official Aruba module/collection doesn't.

    Here is a sanitized playbook:

     - name: "Backup ArubaOS-CX as CLI"
   hosts: aruba_oscx_ssh
   gather_facts: no
   strategy: free
   collections:
     - community.network

   tasks:

    - name: "Get hostname from running-config"
      when: ansible_network_os is defined and ansible_network_os == "arubanetworks.aoscx.aoscx"
      aruba_command:
        commands:
          - show running-config | include hostname
      register: hostname

    - name: "Change hostname variable"
      when: ansible_network_os is defined and ansible_network_os == "arubanetworks.aoscx.aoscx"
      set_fact:
        hostname: "{{ hostname.stdout[0] | regex_replace('.*\\s','') | regex_replace('\\\"','') }}"

    - name: "Copy running-config to local as CLI"
      when: ansible_network_os is defined and ansible_network_os == "arubanetworks.aoscx.aoscx"
      aruba_command:
        commands:
          - show running-config
      register: backupinfo

    - name: "Save backup info to file"
      when: ansible_network_os is defined and ansible_network_os == "arubanetworks.aoscx.aoscx"
      copy:
        content: '{{ backupinfo.stdout[0] }}'
        dest: "/tmp/aruba/switches/{{ hostname }}_cli"
​

    And here the variables for the host itself:
    [aruba_oscx_ssh:vars]
ansible_connection=ansible.netcommon.network_cli
ansible_network_os=arubanetworks.aoscx.aoscx
​

    Hope this helps someone in the future.
    Original Message


  • 7.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 07:37 AM
    Hi, in the aoscx collection it's only aoscx_config and aoscx_command which are using ssh. Everything else are using the API and you need to use a reverse http proxy to get jump host functionality.

    ------------------------------
    Arne Opdal
    ------------------------------

    Original Message


  • 8.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 07:46 AM
    I am aware of how to use it, but the modules do not work via a jump host. The actual Ansible host can SSH to the devices just fine. The API modules, over the jump host, which is also the reverse proxy, also work. It is simply the combination of Ansible SSH modules + jump host that doesn't work.

    Maybe there is a ProxyCommand option for the SSH modules, but I don't know it. The API connection has the ansible_aoscx_use_proxy setting, but that's not relevant to the SSH connection.
    Original Message


  • 9.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 08:05 AM
    Have you tried to configure your jump host in the .ssh/config file? And using ssh-key for auth on the jump host? 
    Host jmp
   User username
   Hostname jmp.example.com
   IdentityFile ~/.ssh/id_rsa

Host cx-sw.example.com
   ProxyJump jmp
   
Host 172.16.1.*
   ProxyJump jmp​


    ------------------------------
    Arne Opdal
    ------------------------------

    Original Message


  • 10.  RE: AOSCX - Ansible connection via jump host

    Posted Aug 17, 2022 08:11 AM
    As I said:

    "The actual Ansible host can SSH to the devices just fine. The API modules, over the jump host, which is also the reverse proxy, also work. It is simply the combination of Ansible SSH modules + jump host that doesn't work."
    ​​
    Original Message