Problem
运用 Ansible 2.4.2 自带模块 ios_command,得到的结果中登录使用的用户名、明文密码都是用星号替代的,这让人很纠结,后续要恢复的时候,诸多不便。
# backup_by_ios_command_with_vault_password.yml
---
- hosts: ios_devices
gather_facts: no
connection: local
vars_files:
- vault.yml
tasks:
- name: SYS | Define provider
set_fact:
provider:
host: "{{ inventory_hostname }}"
username: "{{ mgmt_username }}"
password: "{{ mgmt_password }}"
auth_pass: "{{ mgmt_enable }}"
authorize: yes
- name: IOS | Show Run
ios_command:
provider: "{{ provider }}"
commands:
- show configuration
register: config
- debug: msg="{{ config }}"
- name: SYS | copy config to local
copy:
content: "{{ config.stdout[0] }}"
dest: "/tmp/config"
~
Solution
安装 ntc_save_config 模块替代原生模块
Code
# backup_by_ntc_save_config_with_vault_password.yml
---
- hosts: ios_devices
gather_facts: no
connection: local
vars_files:
- vault.yml
tasks:
- name: save and backup configs
ntc_save_config:
local_file="{{ inventory_hostname }}"
platform=cisco_ios_ssh
host="{{ inventory_hostname }}"
username="{{ mgmt_username }}"
password="{{ mgmt_password }}"
secret="{{ mgmt_enable }}"
Setup
# Clone the ntc-ansible repository
git clone https://github.com/networktocode/ntc-ansible --recursive
# Install pip if it hasn’t already been installed
sudo apt install python-pip
# Install the ntc-ansible dependencies
pip install ntc-ansible
# copy filter_plugins, library and ntc-templates directories to own playbooks location like this
# ├── filter_plugins
# │ └── <files>
# ├── library
# │ └── <files>
# ├── ntc-templates
# │ └── <files>
# ├── site.yml
# ├── inventory
# │ ├── group_vars
# │ │ └── all.yml
# │ └── hosts
# └── roles
# ├── common
# └── gns3
# └── tasks
# └── main.yml