Try SpotterProvides a persistent connection using the netconf protocol
| "added in version" 2.3 of ansible.builtin"
Authors: Ansible Networking Team
pipInstall with pip install ansible==2.9.27
This connection plugin provides a connection to remote devices over the SSH NETCONF subsystem. This connection plugin is typically used by network devices for sending and receiving RPC calls over NETCONF.
Note this connection plugin requires ncclient to be installed on the local Ansible controller.
host:
default: inventory_hostname
description:
- Specifies the remote device FQDN or IP address to establish the SSH connection to.
vars:
- name: ansible_host
port:
default: 830
description:
- Specifies the port on the remote device that listens for connections when establishing
the SSH connection.
env:
- name: ANSIBLE_REMOTE_PORT
ini:
- key: remote_port
section: defaults
type: int
vars:
- name: ansible_port
timeout:
default: 120
description:
- Sets the connection time, in seconds, for communicating with the remote device. This
timeout is used as the default timeout value when awaiting a response after issuing
a call to a RPC. If the RPC does not return in timeout seconds, an error is generated.
type: int
password:
description:
- Configures the user password used to authenticate to the remote device when first
establishing the SSH connection.
vars:
- name: ansible_password
- name: ansible_ssh_pass
- name: ansible_ssh_password
- name: ansible_netconf_password
network_os:
description:
- Configures the device platform network operating system. This value is used to
load a device specific netconf plugin. If this option is not configured (or set
to C(auto)), then Ansible will attempt to guess the correct network_os to use. If
it can not guess a network_os correctly it will use C(default).
vars:
- name: ansible_network_os
remote_user:
description:
- The username used to authenticate to the remote device when the SSH connection is
first established. If the remote_user is not specified, the connection will use
the username of the logged in user.
- Can be configured from the CLI via the C(--user) or C(-u) options.
env:
- name: ANSIBLE_REMOTE_USER
ini:
- key: remote_user
section: defaults
vars:
- name: ansible_user
look_for_keys:
default: true
description:
- Enables looking for ssh keys in the usual locations for ssh keys (e.g. :file:`~/.ssh/id_*`).
env:
- name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS
ini:
- key: look_for_keys
section: paramiko_connection
type: boolean
private_key_file:
description:
- The private SSH key or certificate file used to authenticate to the remote device
when first establishing the SSH connection.
env:
- name: ANSIBLE_PRIVATE_KEY_FILE
ini:
- key: private_key_file
section: defaults
vars:
- name: ansible_private_key_file
host_key_checking:
default: true
description: Set this to "False" if you want to avoid host key checking by the underlying
tools Ansible uses to connect to the host
env:
- name: ANSIBLE_HOST_KEY_CHECKING
- name: ANSIBLE_SSH_HOST_KEY_CHECKING
- name: ANSIBLE_NETCONF_HOST_KEY_CHECKING
ini:
- key: host_key_checking
section: defaults
- key: host_key_checking
section: paramiko_connection
type: boolean
vars:
- name: ansible_host_key_checking
- name: ansible_ssh_host_key_checking
- name: ansible_netconf_host_key_checking
netconf_ssh_config:
description:
- This variable is used to enable bastion/jump host with netconf connection. If set
to True the bastion/jump host ssh settings should be present in ~/.ssh/config file,
alternatively it can be set to custom ssh configuration file path to read the bastion/jump
host settings.
env:
- name: ANSIBLE_NETCONF_SSH_CONFIG
ini:
- key: ssh_config
section: netconf_connection
version_added: '2.7'
version_added_collection: ansible.builtin
vars:
- name: ansible_netconf_ssh_config
version_added: '2.7'
version_added_collection: ansible.builtin
persistent_log_messages:
default: false
description:
- This flag will enable logging the command executed and response received from target
device in the ansible log file. For this option to work 'log_path' ansible configuration
option is required to be set to a file path with write access.
- Be sure to fully understand the security implications of enabling this option as
it could create a security vulnerability by logging sensitive information in log
file.
env:
- name: ANSIBLE_PERSISTENT_LOG_MESSAGES
ini:
- key: log_messages
section: persistent_connection
type: boolean
vars:
- name: ansible_persistent_log_messages
persistent_command_timeout:
default: 30
description:
- Configures, in seconds, the amount of time to wait for a command to return from
the remote device. If this timer is exceeded before the command returns, the connection
plugin will raise an exception and close.
env:
- name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT
ini:
- key: command_timeout
section: persistent_connection
type: int
vars:
- name: ansible_command_timeout
persistent_connect_timeout:
default: 30
description:
- Configures, in seconds, the amount of time to wait when trying to initially establish
a persistent connection. If this value expires before the connection to the remote
device is completed, the connection will fail.
env:
- name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT
ini:
- key: connect_timeout
section: persistent_connection
type: int
vars:
- name: ansible_connect_timeout