0

The use case is as follows.

---
- name: Playbook to run custom module
  hosts: "10.28.10.1"
  connection: network_cli
  gather_facts: false

  vars:
      ansible_network_os: nokia.sros.classic

  tasks:
    - name: Run Show Version
      cli_command: 
          command: "show version"
      register: result

    - name: Execute Custom Module
      cli_command_for_secondary_device:
          command: "show version"
          secondary_device: "10.28.10.2"
      register: result

Here devices are from nokia, I wanted to execute a command on secondary device "10.28.10.2" from a server using ansible-playbook but we can't do direct SSH to this device hence we need to first connect to primary device "10.28.10.1" then again do SSH to secondary device and execute the command.

To achieve this I may have to write a custom module like below which accepts primary ip, secondary ip and command.

    - name: Execute Custom Module
      cli_command_for_secondary_device:
          command: "show version"
          primary_device: "10.28.10.1"
          secondary_device: "10.28.10.2"
      register: result

Internally custom module will do SSH to primary first "10.28.10.1" then SSH to 10.28.10.2 and executes the command without using Ansible created SSH connection. So this process will increase our run time of playbook.

Hence I wanted to use existing ansible created SSH connection (internal Connection obj in Python) in my custom module so that it will do direct SSH to secondary ip 10.28.10.2 without creating explicit connection again. This improves the performance too.

Zeitounator
  • 38,476
  • 7
  • 53
  • 66
Sindu Kovi
  • 1
  • 2
  • Can you not just configure primary_device as a jump-host in your ssh config ("ProxyJump" setting)? – Richard Huxton Mar 31 '23 at 08:26
  • @RichardHuxton thanks for the suggestion, I managed to use ProxyJump in SSH command but it is not allowed in the network. Here is the error: @'s password: channel 0: open failed: administratively prohibited: open failed stdio forwarding failed ssh_exchange_identification: Connection closed by remote host – Sindu Kovi Apr 04 '23 at 05:39
  • Then you aren't allowed to do what you are trying to do. You aren't supposed to be able to connect to secondary through primary. – Richard Huxton Apr 04 '23 at 07:51
  • I have a working custom module for this, which is implemented using Netmiko but here I have to do SSH two times.. first to Primary, once connection established again SSH to secondary then executing the command. I am looking for some plugin/module in ansible which extends my use case. Something like this [connection plugin](https://docs.ansible.com/ansible/latest/dev_guide/developing_plugins.html) – Sindu Kovi Apr 05 '23 at 05:51

0 Answers0