aruba_config: Unable to decode JSON from response to exec_command. Received 'None'.

[Yannik]

SUMMARY

I'm trying to configure an Aruba AP-303 via community.network.aruba_command / community.network.aruba_config.

All commands fail with the error Unable to decode JSON from response to exec_command({"command": "show version", "prompt": null, "answer": null}). Received ''None''.

ISSUE TYPE

• Bug Report

COMPONENT NAME

community.network.aruba_command

ANSIBLE VERSION

ansible 2.9.24
  config file = /home/yannik/projects/ansible/ansible.cfg
  configured module search path = ['/home/yannik/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.9.6 (default, Jul 16 2021, 00:00:00) [GCC 10.3.1 20210422 (Red Hat 10.3.1-1)]

COLLECTION VERSION

3.0.0

CONFIGURATION

ANSIBLE_NOCOWS(/home/yannik/projects/ansible/ansible.cfg) = True
ANSIBLE_PIPELINING(/home/yannik/projects/ansible/ansible.cfg) = True
COLLECTIONS_PATHS(/home/yannik/projects/ansible/ansible.cfg) = ['/home/yannik/projects/ansible/vendor_collections']
DEFAULT_HOST_LIST(/home/yannik/projects/ansible/ansible.cfg) = ['/home/yannik/projects/ansible/hosts']
DEFAULT_MANAGED_STR(/home/yannik/projects/ansible/ansible.cfg) = This file is managed by ansible and will be overwritten! Do not change it manually!
DEFAULT_ROLES_PATH(/home/yannik/projects/ansible/ansible.cfg) = ['/home/yannik/projects/ansible/vendor_roles']
DEFAULT_STDOUT_CALLBACK(/home/yannik/projects/ansible/ansible.cfg) = yaml
INTERPRETER_PYTHON(/home/yannik/projects/ansible/ansible.cfg) = auto_legacy_silent
MAX_FILE_SIZE_FOR_DIFF(/home/yannik/projects/ansible/ansible.cfg) = 500000
RETRY_FILES_ENABLED(/home/yannik/projects/ansible/ansible.cfg) = False

OS / ENVIRONMENT

ArubaOS 8.6.0.11

STEPS TO REPRODUCE

hosts file:

ap1 ansible_host=192.168.1.33 ansible_user=admin ansible_password=xxx ansible_network_os=aruba

playbook:

- hosts: ap1
  connection: network_cli
  gather_facts: no
  tasks:
    - community.network.aruba_command:
        commands: show version

EXPECTED RESULTS

Show version of aruba ap

ACTUAL RESULTS

PLAY [ap1] ********************************************************************************************************************************************
META: ran handlers

TASK [community.network.aruba_command] ****************************************************************************************************************
task path: /home/yannik/projects/ansible/run.yml:28
<192.168.1.33> attempting to start connection
<192.168.1.33> using connection plugin network_cli
<192.168.1.33> local domain socket does not exist, starting it
<192.168.1.33> control socket path is /home/yannik/.ansible/pc/261aefcb0c
<192.168.1.33> local domain socket listeners started successfully
<192.168.1.33> loaded cliconf plugin aruba from path /usr/lib/python3.9/site-packages/ansible/plugins/cliconf/aruba.py for network_os aruba
<192.168.1.33> 
<192.168.1.33> local domain socket path is /home/yannik/.ansible/pc/261aefcb0c
<192.168.1.33> Using network group action community.network.aruba for community.network.aruba_command
<192.168.1.33> ANSIBLE_NETWORK_IMPORT_MODULES: disabled
<192.168.1.33> ANSIBLE_NETWORK_IMPORT_MODULES: module execution time may be extended
<ap1> Attempting python interpreter discovery
<192.168.1.33> ESTABLISH LOCAL CONNECTION FOR USER: yannik
<192.168.1.33> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<192.168.1.33> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
Using module file /home/yannik/projects/ansible/vendor_collections/ansible_collections/community/network/plugins/modules/aruba_command.py
Pipelining is enabled.
<192.168.1.33> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
fatal: [ap1]: FAILED! => changed=false 
  ansible_facts:
    discovered_interpreter_python: /usr/bin/python
  invocation:
    module_args:
      commands:
      - show version
      host: null
      interval: 1
      match: all
      password: null
      port: null
      provider: null
      retries: 10
      ssh_keyfile: null
      timeout: null
      username: null
      wait_for: null
  msg: 'Unable to decode JSON from response to exec_command({"command": "show version", "prompt": null, "answer": null}). Received ''None''.'
  rc: 1

[Yannik]

The same issue has been reported here: https://github.com/ansible/ansible/issues/70275

[afc-ict]

Any chance this is going to be looked at? @Yannik do you happen to have a work around? I am deploying some 9100's and need a way to backup configs automatically.

[Yannik]

@afc-ict I looked into it, but wasn't able to find a work around for this issue.

[ansibullbot]

cc @karthikeyan-dhandapani click here for bot help

[Nihlus]

I started having the same issue on my machine all of a sudden - everything worked perfectly fine beforehand, and something happened between a week ago and now that broke it. This is an airgapped system, so there wouldn't have been any external updates - just something either I did to my workstation or something that happened with the switch.

Will continue investigating - a full factory reset of the switch is next on my list.

[Nihlus]

Factory reset changed nothing, unfortunately, so it's definitely controller-side. The error is exactly the same as the error I get when trying to connect to a dead IP address, too, which might be a hint in some way.

[afc-ict]

Hey @Nihlus not directly related but I ended up getting around this using a different role: arubanetworks.aoscx_role

Example:

[ansible@auto101mdf ansible]$ cat aruba-config-backup.yml

---
- hosts: aruba_switches_backstage
  roles:
    - role: arubanetworks.aoscx_role

  vars:
    ansible_connection: httpapi
    ansible_user: XXXXXXX
    ansible_password: XXXXXXX
    ansible_network_os: aoscx
    ansible_python_interpreter: '/usr/bin/python3'
    ansible_httpapi_validate_certs: False
    ansible_httpapi_use_ssl: True
    ansible_acx_no_proxy: True
  gather_facts: False

  tasks:
    - name: Backup config
      aoscx_backup_config:
        config_name: 'running-config'
        output_file: '/etc/ansible/backups/network/switches/{{ inventory_hostname }}.config'

Maybe this will assist?

[Nihlus]

This remains an isssue for me, and it seems the aos_switch collection is also experiencing the same fault: https://github.com/aruba/aos-switch-ansible-collection/issues/85

[Nihlus]

While testing again, I noticed that my smartcard reader that contains my SSH key does not light up when attempting to run the playbook, suggesting Ansible isn't trying to use the stored SSH keys at all.

EDIT: found the issue, at least for me - paramiko does not work with external SSH keys, so ansible-pylibssh must be installed for this to work. On Debian, this package is not available in the repos, so it has to be installed via pip at a system level instead.

EDIT 2: another note for other people having the same issue - aruba_config and friends does not properly display a prompt for unknown host keys, so make sure you've SSH'd into the device using both its FQDN and IP address before you attempt to run the module. Both must be reachable without any host key prompting.

[Andersson007]

@karthikeyan-dhandapani you mentioned as a module maintainer in BOTMETA.yml file, could you please take a look? In case of no response from the maintainer, here's a quick-start dev guide if there are other volunteers to fix the issue.