netconf – Provides a persistent connection using the netconf protocol

From Get docs
< Connection PluginsAnsible/docs/2.9/plugins/connection/netconf


netconf – Provides a persistent connection using the netconf protocol

Synopsis

  • This connection plugin provides a connection to remote devices over the SSH NETCONF subsystem. This connection plugin is typically used by network devices for sending and receiving RPC calls over NETCONF.
  • Note this connection plugin requires ncclient to be installed on the local Ansible controller.

Requirements

The below requirements are needed on the local master node that executes this connection.

  • ncclient

Parameters

Parameter Choices/Defaults Configuration Comments

host

-

Default:

"inventory_hostname"

var: ansible_host

Specifies the remote device FQDN or IP address to establish the SSH connection to.

host_key_checking

boolean

Default:

"yes"

ini entries: [defaults]host_key_checking = yes

[paramiko_connection]host_key_checking = yes


env:ANSIBLE_HOST_KEY_CHECKING

env:ANSIBLE_SSH_HOST_KEY_CHECKING

env:ANSIBLE_NETCONF_HOST_KEY_CHECKING

var: ansible_host_key_checking

var: ansible_ssh_host_key_checking

var: ansible_netconf_host_key_checking

Set this to "False" if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host

look_for_keys

boolean

Default:

"yes"

ini entries: [paramiko_connection]look_for_keys = yes


env:ANSIBLE_PARAMIKO_LOOK_FOR_KEYS

Enables looking for ssh keys in the usual locations for ssh keys (e.g. :file:`~/.ssh/id_*`).

netconf_ssh_config

-

ini entries: [netconf_connection]ssh_config = VALUE


env:ANSIBLE_NETCONF_SSH_CONFIG

var: ansible_netconf_ssh_config

This variable is used to enable bastion/jump host with netconf connection. If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config file, alternatively it can be set to custom ssh configuration file path to read the bastion/jump host settings.

network_os

-

var: ansible_network_os

Configures the device platform network operating system. This value is used to load a device specific netconf plugin. If this option is not configured (or set to auto), then Ansible will attempt to guess the correct network_os to use. If it can not guess a network_os correctly it will use default.

password

-

var: ansible_password

var: ansible_ssh_pass

var: ansible_ssh_password

var: ansible_netconf_password

Configures the user password used to authenticate to the remote device when first establishing the SSH connection.

persistent_command_timeout

integer

Default:

30

ini entries: [persistent_connection]command_timeout = 30


env:ANSIBLE_PERSISTENT_COMMAND_TIMEOUT

var: ansible_command_timeout

Configures, in seconds, the amount of time to wait for a command to return from the remote device. If this timer is exceeded before the command returns, the connection plugin will raise an exception and close.

persistent_connect_timeout

integer

Default:

30

ini entries: [persistent_connection]connect_timeout = 30


env:ANSIBLE_PERSISTENT_CONNECT_TIMEOUT

var: ansible_connect_timeout

Configures, in seconds, the amount of time to wait when trying to initially establish a persistent connection. If this value expires before the connection to the remote device is completed, the connection will fail.

persistent_log_messages

boolean

Default:

"no"

ini entries: [persistent_connection]log_messages = no


env:ANSIBLE_PERSISTENT_LOG_MESSAGES

var: ansible_persistent_log_messages

This flag will enable logging the command executed and response received from target device in the ansible log file. For this option to work 'log_path' ansible configuration option is required to be set to a file path with write access.

Be sure to fully understand the security implications of enabling this option as it could create a security vulnerability by logging sensitive information in log file.

port

integer

Default:

830

ini entries: [defaults]remote_port = 830


env:ANSIBLE_REMOTE_PORT

var: ansible_port

Specifies the port on the remote device that listens for connections when establishing the SSH connection.

private_key_file

-

ini entries: [defaults]private_key_file = VALUE


env:ANSIBLE_PRIVATE_KEY_FILE

var: ansible_private_key_file

The private SSH key or certificate file used to authenticate to the remote device when first establishing the SSH connection.

remote_user

-

ini entries: [defaults]remote_user = VALUE


env:ANSIBLE_REMOTE_USER

var: ansible_user

The username used to authenticate to the remote device when the SSH connection is first established. If the remote_user is not specified, the connection will use the username of the logged in user.

Can be configured from the CLI via the --user or -u options.

timeout

integer

Default:

120

Sets the connection time, in seconds, for communicating with the remote device. This timeout is used as the default timeout value when awaiting a response after issuing a call to a RPC. If the RPC does not return in timeout seconds, an error is generated.



Status

Authors

  • Ansible Networking Team

Hint

If you notice any issues in this documentation, you can edit this document to improve it.


Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/plugins/connection/netconf.html


Retrieved from "https://getdocs.org/index.php?title=Ansible/docs/2.9/plugins/connection/netconf&oldid=75121"
Powered by MediaWiki