ansible.netcommon.network_cli connection – Use network_cli to run command on network appliances
Note
This connection plugin is part of the ansible.netcommon collection (version 5.3.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install ansible.netcommon
.
You need further requirements to be able to use this connection plugin,
see Requirements for details.
To use it in a playbook, specify: ansible.netcommon.network_cli
.
New in ansible.netcommon 1.0.0
Synopsis
This connection plugin provides a connection to remote devices over the SSH and implements a CLI shell. This connection plugin is typically used by network devices for sending and receiving CLi commands to network devices.
Requirements
The below requirements are needed on the local controller node that executes this connection.
ansible-pylibssh if using ssh_type=libssh
Parameters
Parameter |
Comments |
---|---|
The become option will instruct the CLI session to attempt privilege escalation on platforms that support it. Normally this means transitioning from user mode to Can be configured from the CLI via the Choices:
Configuration:
|
|
This option determines how privilege escalation failures are handled when become is enabled. When set to Choices:
Configuration:
|
|
This option allows the become method to be specified in for handling privilege escalation. Typically the become_method value is set to Default: Configuration:
|
|
Specifies the remote device FQDN or IP address to establish the SSH connection to. Default: Configuration:
|
|
By default, Ansible will prompt the user before adding SSH keys to the known hosts file. Since persistent connections such as network_cli run in background processes, the user will never be prompted. By enabling this option, unknown host keys will automatically be added to the known hosts file. Be sure to fully understand the security implications of enabling this option on production systems as it could create a security vulnerability. Choices:
Configuration:
|
|
Set this to “False” if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host Choices:
Configuration:
|
|
Reduce CPU usage and network module execution time by enabling direct execution. Instead of the module being packaged and executed by the shell, it will be directly executed by the Ansible control node using the same python interpreter as the Ansible process. Note- Incompatible with Choices:
Configuration:
|
|
Number of attempts to connect to remote host. The delay time between the retires increases after every attempt by power of 2 in seconds till either the maximum attempts are exhausted or any of the Default: Configuration:
|
|
Configures the device platform network operating system. This value is used to load the correct terminal and cliconf plugins to communicate with the remote device. Configuration:
|
|
Configures the user password used to authenticate to the remote device when first establishing the SSH connection. Configuration:
|
|
Configures, in seconds, the amount of time to wait for the data to be read from Paramiko channel after the command prompt is matched. This timeout value ensures that command prompt matched is correct and there is no more data left to be received from remote host. Default: Configuration:
|
|
Configures, in seconds, the amount of time to wait for a command to return from the remote device. If this timer is exceeded before the command returns, the connection plugin will raise an exception and close. Default: Configuration:
|
|
Configures, in seconds, the amount of time to wait when trying to initially establish a persistent connection. If this value expires before the connection to the remote device is completed, the connection will fail. Default: Configuration:
|
|
This flag will enable logging the command executed and response received from target device in the ansible log file. For this option to work ‘log_path’ ansible configuration option is required to be set to a file path with write access. Be sure to fully understand the security implications of enabling this option as it could create a security vulnerability by logging sensitive information in log file. Choices:
Configuration:
|
|
Specifies the port on the remote device that listens for connections when establishing the SSH connection. Default: Configuration:
|
|
The private SSH key or certificate file used to authenticate to the remote device when first establishing the SSH connection. Configuration:
|
|
The username used to authenticate to the remote device when the SSH connection is first established. If the remote_user is not specified, the connection will use the username of the logged in user. Can be configured from the CLI via the Configuration:
|
|
This option enables caching of data fetched from the target for re-use. The cache is invalidated when the target device enters configuration mode. Applicable only for platforms where this has been implemented. Choices:
Configuration:
|
|
The python package that will be used by the libssh will use the ansible-pylibssh package, which needs to be installed in order to work. paramiko will instead use the paramiko package to manage the SSH connection. auto will use ansible-pylibssh if that package is installed, otherwise will fallback to paramiko. Choices:
Configuration:
|
|
This option determines how failures while setting terminal parameters are handled. When set to Choices:
Configuration:
|
|
This boolean flag, that when set to True will send newline in the response if any of values in terminal_initial_prompt is matched. Choices:
Configuration:
|
|
The answer to reply with if the Configuration:
|
|
A single regex pattern or a sequence of patterns to evaluate the expected prompt at the time of initial login to the remote host. Configuration:
|
|
By default the value is set to False and any one of the prompts mentioned in Choices:
Configuration:
|
|
This option provides the regex pattern and optional flags to match the error string from the received response chunk. This option accepts Configuration:
|
|
A single regex pattern or a sequence of patterns along with optional flags to match the command prompt from the received response chunk. This option accepts Configuration:
|