Extreme EXOS Ansible modules support multiple connections. This page offers details on how each connection works in Ansible and how to use it.
uses SSH keys / SSH-agent if present
|uses HTTPS certificates if present|
|Indirect Access||via a bastion (jump host)||via a web proxy|
|not supported by EXOS||not supported by EXOS|
|Returned Data Format||
EXOS does not support
ansible_connection: local. You must use
ansible_connection: network_cli or
ansible_connection: network_cli ansible_network_os: exos ansible_user: myuser ansible_password: !vault... ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"'
- If you are using SSH keys (including an ssh-agent) you can remove the
- If you are accessing your host directly (not through a bastion/jump host) you can remove the
- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the
ProxyCommanddirective. To prevent secrets from leaking out (for example in
psoutput), SSH does not support providing passwords via environment variables.
ansible_connection: httpapi ansible_network_os: exos ansible_user: myuser ansible_password: !vault... proxy_env: http_proxy: http://proxy.example.com:8080
- If you are accessing your host directly (not through a web proxy) you can remove the
- If you are accessing your host through a web proxy using
- name: Retrieve EXOS OS version exos_command: commands: show version when: ansible_network_os == 'exos'
In this example the
proxy_env variable defined in
group_vars gets passed to the
environment option of the module used in the task.
Never store passwords in plain text. We recommend using SSH keys to authenticate SSH connections. Ansible supports ssh-agent to manage your SSH keys. If you must use passwords to authenticate SSH connections, we recommend encrypting them with Ansible Vault.