问题
Hello I am trying to run the following playbook using the vault, but i can't seem to get it to work.
Created an ansible vault file using:
ansible-valut create group_vars/routers
in there i had the following entries:
ansible_ssh_user: admin
ansible_ssh_pw: admin
auth_pass: admin
Then i had the following playbook:
---
- hosts:routers
gather_facts: true
connection: local
tasks:
- name: show run
ios_command:
authorize: yes
auth_pass: "{{ auth_pass }}"
commands:
- show run
register: config
When i try to run it using this cli command
ansible-playbook -u admin script.yaml --ask-vault-pass
I get the following error everytime
Unable to elevate privelage to enable mode, at prompt [None] with error: timeout value 10 seconds reached while trying to send command: enable
UPDATE
If i change the connection to network_cli, now i get the following error:
fatal: [ROUTER-A]: Failed! => {"changed": false, "msg": "show run\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\rROUTER-A>"}
回答1:
See minimal example below. Text to be encrypted in the file is
shell> cat group_vars/routers
test: "TEST VARIABLE"
shell> set | grep VAULT
ANSIBLE_VAULT_PASSWORD_FILE=/home/admin/.vault_pass.txt
shell> ls -1
ansible.cfg
group_vars
hosts
test.yml
shell> cat ansible.cfg
[defaults]
inventory = $PWD/hosts
shell> cat hosts
localhost
[routers]
localhost
shell> ansible-vault create group_vars/routers
shell> cat group_vars/routers
$ANSIBLE_VAULT;1.1;AES256
3733 ...
shell> cat test.yml
- hosts: routers
tasks:
- debug: var=test
shell> ansible-playbook test.yml
PLAY [routers]
TASK [Gathering Facts]
ok: [localhost]
TASK [debug]
ok: [localhost] => {
"test": "TEST VARIABLE"
}
PLAY RECAP
localhost: ok=2 changed=0 unreachable=0 failed=0
来源:https://stackoverflow.com/questions/55048340/using-vault-in-playbooks