Try SpotterUse network_cli to run command on network appliances
| "added in version" 2.3 of ansible.builtin"
Authors: Ansible Networking Team
pipInstall with pip install ansible==2.9.27
This connection plugin provides a connection to remote devices over the SSH and implements a CLI shell. This connection plugin is typically used by network devices for sending and receiving CLi commands to network devices.
host:
default: inventory_hostname
description:
- Specifies the remote device FQDN or IP address to establish the SSH connection to.
vars:
- name: ansible_host
port:
default: 22
description:
- Specifies the port on the remote device that listens for connections when establishing
the SSH connection.
env:
- name: ANSIBLE_REMOTE_PORT
ini:
- key: remote_port
section: defaults
type: int
vars:
- name: ansible_port
become:
default: false
description:
- The become option will instruct the CLI session to attempt privilege escalation
on platforms that support it. Normally this means transitioning from user mode
to C(enable) mode in the CLI session. If become is set to True and the remote device
does not support privilege escalation or the privilege has already been elevated,
then this option is silently ignored.
- Can be configured from the CLI via the C(--become) or C(-b) options.
env:
- name: ANSIBLE_BECOME
ini:
- key: become
section: privilege_escalation
type: boolean
vars:
- name: ansible_become
timeout:
default: 120
description:
- Sets the connection time, in seconds, for communicating with the remote device. This
timeout is used as the default timeout value for commands when issuing a command
to the network CLI. If the command does not return in timeout seconds, an error
is generated.
type: int
password:
description:
- Configures the user password used to authenticate to the remote device when first
establishing the SSH connection.
vars:
- name: ansible_password
- name: ansible_ssh_pass
- name: ansible_ssh_password
network_os:
description:
- Configures the device platform network operating system. This value is used to
load the correct terminal and cliconf plugins to communicate with the remote device.
vars:
- name: ansible_network_os
remote_user:
description:
- The username used to authenticate to the remote device when the SSH connection is
first established. If the remote_user is not specified, the connection will use
the username of the logged in user.
- Can be configured from the CLI via the C(--user) or C(-u) options.
env:
- name: ANSIBLE_REMOTE_USER
ini:
- key: remote_user
section: defaults
vars:
- name: ansible_user
become_method:
default: sudo
description:
- This option allows the become method to be specified in for handling privilege escalation. Typically
the become_method value is set to C(enable) but could be defined as other values.
env:
- name: ANSIBLE_BECOME_METHOD
ini:
- key: become_method
section: privilege_escalation
vars:
- name: ansible_become_method
private_key_file:
description:
- The private SSH key or certificate file used to authenticate to the remote device
when first establishing the SSH connection.
env:
- name: ANSIBLE_PRIVATE_KEY_FILE
ini:
- key: private_key_file
section: defaults
vars:
- name: ansible_private_key_file
host_key_auto_add:
default: false
description:
- By default, Ansible will prompt the user before adding SSH keys to the known hosts
file. Since persistent connections such as network_cli run in background processes,
the user will never be prompted. By enabling this option, unknown host keys will
automatically be added to the known hosts file.
- Be sure to fully understand the security implications of enabling this option on
production systems as it could create a security vulnerability.
env:
- name: ANSIBLE_HOST_KEY_AUTO_ADD
ini:
- key: host_key_auto_add
section: paramiko_connection
type: boolean
terminal_stderr_re:
description:
- This option provides the regex pattern and optional flags to match the error string
from the received response chunk. This option accepts C(pattern) and C(flags) keys.
The value of C(pattern) is a python regex pattern to match the response and the
value of C(flags) is the value accepted by I(flags) argument of I(re.compile) python
method to control the way regex is matched with the response, for example I('re.I').
elements: dict
type: list
vars:
- name: ansible_terminal_stderr_re
version_added: '2.9'
version_added_collection: ansible.builtin
terminal_stdout_re:
description:
- A single regex pattern or a sequence of patterns along with optional flags to match
the command prompt from the received response chunk. This option accepts C(pattern)
and C(flags) keys. The value of C(pattern) is a python regex pattern to match the
response and the value of C(flags) is the value accepted by I(flags) argument of
I(re.compile) python method to control the way regex is matched with the response,
for example I('re.I').
elements: dict
type: list
vars:
- name: ansible_terminal_stdout_re
version_added: '2.9'
version_added_collection: ansible.builtin
network_cli_retries:
default: 3
description:
- Number of attempts to connect to remote host. The delay time between the retires
increases after every attempt by power of 2 in seconds till either the maximum attempts
are exhausted or any of the C(persistent_command_timeout) or C(persistent_connect_timeout)
timers are triggered.
env:
- name: ANSIBLE_NETWORK_CLI_RETRIES
ini:
- key: network_cli_retries
section: persistent_connection
type: integer
vars:
- name: ansible_network_cli_retries
version_added: '2.9'
version_added_collection: ansible.builtin
persistent_log_messages:
default: false
description:
- This flag will enable logging the command executed and response received from target
device in the ansible log file. For this option to work 'log_path' ansible configuration
option is required to be set to a file path with write access.
- Be sure to fully understand the security implications of enabling this option as
it could create a security vulnerability by logging sensitive information in log
file.
env:
- name: ANSIBLE_PERSISTENT_LOG_MESSAGES
ini:
- key: log_messages
section: persistent_connection
type: boolean
vars:
- name: ansible_persistent_log_messages
terminal_initial_answer:
description:
- The answer to reply with if the C(terminal_initial_prompt) is matched. The value
can be a single answer or a list of answers for multiple terminal_initial_prompt.
In case the login menu has multiple prompts the sequence of the prompt and excepted
answer should be in same order and the value of I(terminal_prompt_checkall) should
be set to I(True) if all the values in C(terminal_initial_prompt) are expected to
be matched and set to I(False) if any one login prompt is to be matched.
type: list
vars:
- name: ansible_terminal_initial_answer
version_added: '2.9'
version_added_collection: ansible.builtin
terminal_initial_prompt:
description:
- A single regex pattern or a sequence of patterns to evaluate the expected prompt
at the time of initial login to the remote host.
type: list
vars:
- name: ansible_terminal_initial_prompt
version_added: '2.9'
version_added_collection: ansible.builtin
persistent_command_timeout:
default: 30
description:
- Configures, in seconds, the amount of time to wait for a command to return from
the remote device. If this timer is exceeded before the command returns, the connection
plugin will raise an exception and close.
env:
- name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT
ini:
- key: command_timeout
section: persistent_connection
type: int
vars:
- name: ansible_command_timeout
persistent_connect_timeout:
default: 30
description:
- Configures, in seconds, the amount of time to wait when trying to initially establish
a persistent connection. If this value expires before the connection to the remote
device is completed, the connection will fail.
env:
- name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT
ini:
- key: connect_timeout
section: persistent_connection
type: int
vars:
- name: ansible_connect_timeout
persistent_buffer_read_timeout:
default: 0.1
description:
- Configures, in seconds, the amount of time to wait for the data to be read from
Paramiko channel after the command prompt is matched. This timeout value ensures
that command prompt matched is correct and there is no more data left to be received
from remote host.
env:
- name: ANSIBLE_PERSISTENT_BUFFER_READ_TIMEOUT
ini:
- key: buffer_read_timeout
section: persistent_connection
type: float
vars:
- name: ansible_buffer_read_timeout
terminal_inital_prompt_newline:
default: true
description:
- This boolean flag, that when set to I(True) will send newline in the response if
any of values in I(terminal_initial_prompt) is matched.
type: boolean
vars:
- name: ansible_terminal_initial_prompt_newline
version_added: '2.9'
version_added_collection: ansible.builtin
terminal_initial_prompt_checkall:
default: false
description:
- By default the value is set to I(False) and any one of the prompts mentioned in
C(terminal_initial_prompt) option is matched it won't check for other prompts. When
set to I(True) it will check for all the prompts mentioned in C(terminal_initial_prompt)
option in the given order and all the prompts should be received from remote host
if not it will result in timeout.
type: boolean
vars:
- name: ansible_terminal_initial_prompt_checkall
version_added: '2.9'
version_added_collection: ansible.builtin