are you able to connect to it regularly? at the end you can see this error
},
"msg": "Error connecting device"
On Mon, Aug 20, 2018 at 11:37 AM nbctcp <nbct...@gmail.com> wrote:
> with this setting, I got this erro
>
> # cat playbooks/forti.yml
> ---
> - name: fortios command
> connection: local
> hosts: forti
> tasks:
> - name: backup
> fortios_config:
> host: forti
> username: "{{ansible_user}}"
> password: "{{ansible_ssh_pass}}"
> backup: yes
> backup_path: "backup/forti"
> backup_filename:
> "{{inventory_hostname}}_{{ansible_date_time.date}}.cfg"
>
> - name: dns
> fortios_address:
> host: forti
> username: "{{ansible_user}}"
> password: "{{ansible_ssh_pass}}"
> state: present
> name: "google_dns"
> type: ipmask
> value: 8.8.8.8
>
> - name: allow external dns call
> fortios_ipv4_policy:
> host: forti
> username: "{{ansible_user}}"
> password: "{{ansible_ssh_pass}}"
> id: 51
> src_addr: LAN
> dst_addr: all
> service: DNS
> nat: True
> state: present
> policy_action: accept
> logtraffic: disable
>
>
> # ansible-playbook playbooks/forti.yml -vvv
> ansible-playbook 2.6.3
> config file = /home/admin2/ansible.cfg
> configured module search path = [u'/root/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
> ansible python module location = /usr/lib/python2.7/dist-packages/ansible
> executable location = /usr/bin/ansible-playbook
> python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0]
> Using /home/admin2/ansible.cfg as config file
> Parsed /home/admin2/hosts inventory source with ini plugin
>
> PLAYBOOK: forti.yml
> ************************************************************
> 1 plays in playbooks/forti.yml
>
> PLAY [fortios command]
> *********************************************************
>
> TASK [Gathering Facts]
> *********************************************************
> task path: /home/admin2/playbooks/forti.yml:2
> <10.0.10.123> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.0.10.123> EXEC /bin/sh -c 'echo ~root && sleep 0'
> <10.0.10.123> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488 `" && echo
> ansible-tmp-1534779254.43-16916669350488="` echo
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488 `" ) && sleep 0'
> <10.0.10.124> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.0.10.124> EXEC /bin/sh -c 'echo ~root && sleep 0'
> <10.0.10.124> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642 `" && echo
> ansible-tmp-1534779254.45-169933572556642="` echo
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642 `" ) && sleep
> 0'
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
> <10.0.10.123> PUT /root/.ansible/tmp/ansible-local-21928tnYti6/tmpRXZMWj
> TO /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488/setup.py
> <10.0.10.123> EXEC /bin/sh -c 'chmod u+x
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488/
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488/setup.py &&
> sleep 0'
> <10.0.10.124> PUT /root/.ansible/tmp/ansible-local-21928tnYti6/tmpciiAer
> TO /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642/setup.py
> <10.0.10.124> EXEC /bin/sh -c 'chmod u+x
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642/
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642/setup.py &&
> sleep 0'
> <10.0.10.123> EXEC /bin/sh -c '/usr/bin/python
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488/setup.py &&
> sleep 0'
> <10.0.10.124> EXEC /bin/sh -c '/usr/bin/python
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642/setup.py &&
> sleep 0'
> <10.0.10.124> EXEC /bin/sh -c 'rm -f -r
> /root/.ansible/tmp/ansible-tmp-1534779254.45-169933572556642/ > /dev/null
> 2>&1 && sleep 0'
> <10.0.10.123> EXEC /bin/sh -c 'rm -f -r
> /root/.ansible/tmp/ansible-tmp-1534779254.43-16916669350488/ > /dev/null
> 2>&1 && sleep 0'
> ok: [fgt2]
> ok: [fgt1]
> META: ran handlers
>
> TASK [backup]
> ******************************************************************
> task path: /home/admin2/playbooks/forti.yml:6
> <10.0.10.123> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.0.10.123> EXEC /bin/sh -c 'echo ~root && sleep 0'
> <10.0.10.123> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779 `" && echo
> ansible-tmp-1534779255.48-268549543286779="` echo
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779 `" ) && sleep
> 0'
> <10.0.10.124> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.0.10.124> EXEC /bin/sh -c 'echo ~root && sleep 0'
> <10.0.10.124> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915 `" && echo
> ansible-tmp-1534779255.53-240639271872915="` echo
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915 `" ) && sleep
> 0'
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/network/fortios/fortios_config.py
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/network/fortios/fortios_config.py
> <10.0.10.123> PUT /root/.ansible/tmp/ansible-local-21928tnYti6/tmppMHw05
> TO
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779/fortios_config.py
> <10.0.10.124> PUT /root/.ansible/tmp/ansible-local-21928tnYti6/tmptnVRou
> TO
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915/fortios_config.py
> <10.0.10.124> EXEC /bin/sh -c 'chmod u+x
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915/
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915/fortios_config.py
> && sleep 0'
> <10.0.10.123> EXEC /bin/sh -c 'chmod u+x
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779/
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779/fortios_config.py
> && sleep 0'
> <10.0.10.123> EXEC /bin/sh -c '/usr/bin/python
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779/fortios_config.py
> && sleep 0'
> <10.0.10.124> EXEC /bin/sh -c '/usr/bin/python
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915/fortios_config.py
> && sleep 0'
> <10.0.10.124> EXEC /bin/sh -c 'rm -f -r
> /root/.ansible/tmp/ansible-tmp-1534779255.53-240639271872915/ > /dev/null
> 2>&1 && sleep 0'
> The full traceback is:
> File "/tmp/ansible_9zRRFw/ansible_module_fortios_config.py", line 126,
> in main
> f.open()
> File "/usr/local/lib/python2.7/dist-packages/pyFG/fortios.py", line 103,
> in open
> self.ssh.connect(**cfg)
> File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 296, in
> connect
> to_try = list(self._families_and_addresses(hostname, port))
> File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 200, in
> _families_and_addresses
> addrinfos = socket.getaddrinfo(hostname, port, socket.AF_UNSPEC,
> socket.SOCK_STREAM)
>
> fatal: [fgt2]: FAILED! => {
> "changed": false,
> "invocation": {
> "module_args": {
> "backup": true,
> "backup_filename": "fgt2_2018-08-20.cfg",
> "backup_path": "backup/forti",
> "config_file": null,
> "file_mode": false,
> "filter": "",
> "host": "forti",
> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
> "src": null,
> "timeout": 60,
> "username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
> "vdom": null
> }
> },
> "msg": "Error connecting device"
> }
> <10.0.10.123> EXEC /bin/sh -c 'rm -f -r
> /root/.ansible/tmp/ansible-tmp-1534779255.48-268549543286779/ > /dev/null
> 2>&1 && sleep 0'
> The full traceback is:
> File "/tmp/ansible_kdXym7/ansible_module_fortios_config.py", line 126,
> in main
> f.open()
> File "/usr/local/lib/python2.7/dist-packages/pyFG/fortios.py", line 103,
> in open
> self.ssh.connect(**cfg)
> File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 296, in
> connect
> to_try = list(self._families_and_addresses(hostname, port))
> File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 200, in
> _families_and_addresses
> addrinfos = socket.getaddrinfo(hostname, port, socket.AF_UNSPEC,
> socket.SOCK_STREAM)
>
> fatal: [fgt1]: FAILED! => {
> "changed": false,
> "invocation": {
> "module_args": {
> "backup": true,
> "backup_filename": "fgt1_2018-08-20.cfg",
> "backup_path": "backup/forti",
> "config_file": null,
> "file_mode": false,
> "filter": "",
> "host": "forti",
> "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
> "src": null,
> "timeout": 60,
> "username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
> "vdom": null
> }
> },
> "msg": "Error connecting device"
> }
>
> PLAY RECAP
> *********************************************************************
> fgt1 : ok=1 changed=0 unreachable=0 failed=1
> fgt2 : ok=1 changed=0 unreachable=0 failed=1
>
>
>
> On Monday, August 20, 2018 at 10:30:55 PM UTC+7, Jonathan Lozada De La
> Matta wrote:
>>
>> have you run it this way yet? it should do both host in that group
>>
>> On Mon, Aug 20, 2018 at 10:45 AM nbctcp <nbc...@gmail.com> wrote:
>>
>>> QUESTION1: SOLVED
>>> QUESTION2: Here my goal
>>> I have 2 fortigate (fgt1 and fgt2 with their respective ip)
>>> I want to backup both using 1 group name "forti" instead issuing 1
>>> backup task to each fgt1 and fgt2
>>> Is that possible?
>>> tq
>>>
>>> # cat hosts
>>> [forti]
>>> fgt1 ansible_host=10.0.10.123
>>> fgt2 ansible_host=10.0.10.124
>>>
>>> # cat group_vars/forti.yml
>>> ---
>>> ansible_user: admin
>>> ansible_ssh_pass: admin
>>>
>>> # cat playbooks/forti.yml
>>> ---
>>> - name: fortios command
>>> connection: local
>>> hosts: forti
>>> tasks:
>>> - name: backup
>>> fortios_config:
>>> host: forti
>>> username: "{{ansible_user}}"
>>> password: "{{ansible_ssh_pass}}"
>>> backup: yes
>>> backup_path: "backup/forti"
>>>
>>>
>>> On Monday, August 20, 2018 at 3:16:31 PM UTC+7, Kai Stian Olstad wrote:
>>>>
>>>> On Monday, 20 August 2018 05.58.58 CEST nbctcp wrote:
>>>> > I have playbook for fortios and working.
>>>> > But is that possible
>>>> > 1. I don't want to put password in playbook, but put that in
>>>> > group_vars/forti.yml
>>>> >
>>>> > # cat ../hosts
>>>> > [cisco]
>>>> > cisco1 ansible_host=10.0.10.121
>>>> >
>>>> > [forti]
>>>> > fgt1 ansible_host=10.0.10.123
>>>>
>>>> In group_vars/forti.yml you can have any variable you like, so lets say
>>>> forti_password.
>>>>
>>>> group_vars/forti.yml
>>>> ---
>>>> forti_password: admin
>>>>
>>>>
>>>> > # cat playbooks/forti.yml
>>>> > ---
>>>> > - name: fortios command
>>>> > connection: local
>>>> > hosts: forti
>>>> > tasks:
>>>> > - name: backup
>>>> > fortios_config:
>>>> > host: fgt1
>>>> > username: admin
>>>> > password: admin
>>>> > backup: yes
>>>> > backup_path: "backup/forti"
>>>> > backup_filename:
>>>> > "{{inventory_hostname}}_{{ansible_date_time.date}}.cfg"
>>>>
>>>> Instead of
>>>> password: admin
>>>> you use
>>>> password: '{{ forti_password }}'
>>>>
>>>>
>>>> You also have host_vars that you can use, host_vars will overwrite the
>>>> same variable in group_vars that way you can easily have unique password on
>>>> all or some of your hosts and use the same playbook.
>>>>
>>>> --
>>>> Kai Stian Olstad
>>>>
>>>>
>>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/a598bddc-d70b-4063-b760-8b2cec213cb1%40googlegroups.com
>>> <https://groups.google.com/d/msgid/ansible-project/a598bddc-d70b-4063-b760-8b2cec213cb1%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>> --
>>
>> Jonathan lozada de la matta
>>
>> AUTOMATION CONSULTANT - AUTOMATION PRACTICE
>>
>> Red Hat Consulting Services <https://www.redhat.com/>
>>
>> jloz...@redhat.com
>>
>>
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/03c2098b-889f-4886-a07b-04259b5b638d%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/03c2098b-889f-4886-a07b-04259b5b638d%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Jonathan lozada de la matta
AUTOMATION CONSULTANT - AUTOMATION PRACTICE
Red Hat Consulting Services <https://www.redhat.com/>
jloza...@redhat.com
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BKcyTu%3DDH4ZT-v9LcbTNJV9aV32uO%2B64UxXENfHwChZww%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
