ansible / ansible.netcommon / 3.1.3 / connection / network_cli Use network_cli to run command on network appliances | "added in version" 1.0.0 of ansible.netcommon" Authors: Ansible Networking Team (@ansible-network)ansible.netcommon.network_cli (3.1.3) — connection
Install with ansible-galaxy collection install ansible.netcommon:==3.1.3
collections: - name: ansible.netcommon version: 3.1.3
This connection plugin provides a connection to remote devices over the SSH and implements a CLI shell. This connection plugin is typically used by network devices for sending and receiving CLi commands to network devices.
host: default: inventory_hostname description: - Specifies the remote device FQDN or IP address to establish the SSH connection to. vars: - name: inventory_hostname - name: ansible_host port: default: 22 description: - Specifies the port on the remote device that listens for connections when establishing the SSH connection. env: - name: ANSIBLE_REMOTE_PORT ini: - key: remote_port section: defaults type: int vars: - name: ansible_port become: default: false description: - The become option will instruct the CLI session to attempt privilege escalation on platforms that support it. Normally this means transitioning from user mode to C(enable) mode in the CLI session. If become is set to True and the remote device does not support privilege escalation or the privilege has already been elevated, then this option is silently ignored. - Can be configured from the CLI via the C(--become) or C(-b) options. env: - name: ANSIBLE_BECOME ini: - key: become section: privilege_escalation type: boolean vars: - name: ansible_become password: description: - Configures the user password used to authenticate to the remote device when first establishing the SSH connection. vars: - name: ansible_password - name: ansible_ssh_pass - name: ansible_ssh_password ssh_type: choices: - libssh - paramiko - auto default: auto description: - The python package that will be used by the C(network_cli) connection plugin to create a SSH connection to remote host. - I(libssh) will use the ansible-pylibssh package, which needs to be installed in order to work. - I(paramiko) will instead use the paramiko package to manage the SSH connection. - I(auto) will use ansible-pylibssh if that package is installed, otherwise will fallback to paramiko. env: - name: ANSIBLE_NETWORK_CLI_SSH_TYPE ini: - key: ssh_type section: persistent_connection vars: - name: ansible_network_cli_ssh_type network_os: description: - Configures the device platform network operating system. This value is used to load the correct terminal and cliconf plugins to communicate with the remote device. vars: - name: ansible_network_os remote_user: description: - The username used to authenticate to the remote device when the SSH connection is first established. If the remote_user is not specified, the connection will use the username of the logged in user. - Can be configured from the CLI via the C(--user) or C(-u) options. env: - name: ANSIBLE_REMOTE_USER ini: - key: remote_user section: defaults vars: - name: ansible_user become_errors: choices: - ignore - warn - fail default: fail description: - This option determines how privilege escalation failures are handled when I(become) is enabled. - When set to C(ignore), the errors are silently ignored. When set to C(warn), a warning message is displayed. The default option C(fail), triggers a failure and halts execution. type: str vars: - name: ansible_network_become_errors become_method: default: sudo description: - This option allows the become method to be specified in for handling privilege escalation. Typically the become_method value is set to C(enable) but could be defined as other values. env: - name: ANSIBLE_BECOME_METHOD ini: - key: become_method section: privilege_escalation vars: - name: ansible_become_method import_modules: default: true description: - Reduce CPU usage and network module execution time by enabling direct execution. Instead of the module being packaged and executed by the shell, it will be directly executed by the Ansible control node using the same python interpreter as the Ansible process. Note- Incompatible with C(asynchronous mode). Note- Python 3 and Ansible 2.9.16 or greater required. Note- With Ansible 2.9.x fully qualified modules names are required in tasks. env: - name: ANSIBLE_NETWORK_IMPORT_MODULES ini: - key: import_modules section: ansible_network type: boolean vars: - name: ansible_network_import_modules terminal_errors: choices: - ignore - warn - fail default: fail description: - This option determines how failures while setting terminal parameters are handled. - When set to C(ignore), the errors are silently ignored. When set to C(warn), a warning message is displayed. The default option C(fail), triggers a failure and halts execution. type: str vars: - name: ansible_network_terminal_errors version_added: 3.1.0 version_added_collection: ansible.netcommon private_key_file: description: - The private SSH key or certificate file used to authenticate to the remote device when first establishing the SSH connection. env: - name: ANSIBLE_PRIVATE_KEY_FILE ini: - key: private_key_file section: defaults vars: - name: ansible_private_key_file single_user_mode: default: false description: - This option enables caching of data fetched from the target for re-use. The cache is invalidated when the target device enters configuration mode. - Applicable only for platforms where this has been implemented. env: - name: ANSIBLE_NETWORK_SINGLE_USER_MODE type: boolean vars: - name: ansible_network_single_user_mode version_added: 2.0.0 version_added_collection: ansible.netcommon host_key_auto_add: default: false description: - By default, Ansible will prompt the user before adding SSH keys to the known hosts file. Since persistent connections such as network_cli run in background processes, the user will never be prompted. By enabling this option, unknown host keys will automatically be added to the known hosts file. - Be sure to fully understand the security implications of enabling this option on production systems as it could create a security vulnerability. env: - name: ANSIBLE_HOST_KEY_AUTO_ADD ini: - key: host_key_auto_add section: paramiko_connection type: boolean host_key_checking: default: true description: Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host env: - name: ANSIBLE_HOST_KEY_CHECKING - name: ANSIBLE_SSH_HOST_KEY_CHECKING ini: - key: host_key_checking section: defaults - key: host_key_checking section: persistent_connection type: boolean vars: - name: ansible_host_key_checking - name: ansible_ssh_host_key_checking terminal_stderr_re: description: - This option provides the regex pattern and optional flags to match the error string from the received response chunk. This option accepts C(pattern) and C(flags) keys. The value of C(pattern) is a python regex pattern to match the response and the value of C(flags) is the value accepted by I(flags) argument of I(re.compile) python method to control the way regex is matched with the response, for example I('re.I'). elements: dict type: list vars: - name: ansible_terminal_stderr_re terminal_stdout_re: description: - A single regex pattern or a sequence of patterns along with optional flags to match the command prompt from the received response chunk. This option accepts C(pattern) and C(flags) keys. The value of C(pattern) is a python regex pattern to match the response and the value of C(flags) is the value accepted by I(flags) argument of I(re.compile) python method to control the way regex is matched with the response, for example I('re.I'). elements: dict type: list vars: - name: ansible_terminal_stdout_re network_cli_retries: default: 3 description: - Number of attempts to connect to remote host. The delay time between the retires increases after every attempt by power of 2 in seconds till either the maximum attempts are exhausted or any of the C(persistent_command_timeout) or C(persistent_connect_timeout) timers are triggered. env: - name: ANSIBLE_NETWORK_CLI_RETRIES ini: - key: network_cli_retries section: persistent_connection type: integer vars: - name: ansible_network_cli_retries persistent_log_messages: default: false description: - This flag will enable logging the command executed and response received from target device in the ansible log file. For this option to work 'log_path' ansible configuration option is required to be set to a file path with write access. - Be sure to fully understand the security implications of enabling this option as it could create a security vulnerability by logging sensitive information in log file. env: - name: ANSIBLE_PERSISTENT_LOG_MESSAGES ini: - key: log_messages section: persistent_connection type: boolean vars: - name: ansible_persistent_log_messages terminal_initial_answer: description: - The answer to reply with if the C(terminal_initial_prompt) is matched. The value can be a single answer or a list of answers for multiple terminal_initial_prompt. In case the login menu has multiple prompts the sequence of the prompt and excepted answer should be in same order and the value of I(terminal_prompt_checkall) should be set to I(True) if all the values in C(terminal_initial_prompt) are expected to be matched and set to I(False) if any one login prompt is to be matched. elements: string type: list vars: - name: ansible_terminal_initial_answer terminal_initial_prompt: description: - A single regex pattern or a sequence of patterns to evaluate the expected prompt at the time of initial login to the remote host. elements: string type: list vars: - name: ansible_terminal_initial_prompt persistent_command_timeout: default: 30 description: - Configures, in seconds, the amount of time to wait for a command to return from the remote device. If this timer is exceeded before the command returns, the connection plugin will raise an exception and close. env: - name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT ini: - key: command_timeout section: persistent_connection type: int vars: - name: ansible_command_timeout persistent_connect_timeout: default: 30 description: - Configures, in seconds, the amount of time to wait when trying to initially establish a persistent connection. If this value expires before the connection to the remote device is completed, the connection will fail. env: - name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT ini: - key: connect_timeout section: persistent_connection type: int vars: - name: ansible_connect_timeout persistent_buffer_read_timeout: default: 0.1 description: - Configures, in seconds, the amount of time to wait for the data to be read from Paramiko channel after the command prompt is matched. This timeout value ensures that command prompt matched is correct and there is no more data left to be received from remote host. env: - name: ANSIBLE_PERSISTENT_BUFFER_READ_TIMEOUT ini: - key: buffer_read_timeout section: persistent_connection type: float vars: - name: ansible_buffer_read_timeout terminal_inital_prompt_newline: default: true description: - This boolean flag, that when set to I(True) will send newline in the response if any of values in I(terminal_initial_prompt) is matched. type: boolean vars: - name: ansible_terminal_initial_prompt_newline terminal_initial_prompt_checkall: default: false description: - By default the value is set to I(False) and any one of the prompts mentioned in C(terminal_initial_prompt) option is matched it won't check for other prompts. When set to I(True) it will check for all the prompts mentioned in C(terminal_initial_prompt) option in the given order and all the prompts should be received from remote host if not it will result in timeout. type: boolean vars: - name: ansible_terminal_initial_prompt_checkall