Unsolved
2 Posts
0
958
Unity Ansible Consistency Groups
I saw a recent post where there is no module available for adding hosts to CG's.
I have tried to use Ansible URI to do this but can't figure out the correct authentication for the POST.
Get's are working fine.
I grab the cookie & X-EMC-CSRF-TOKEN from the previous task but still get
"msg": "Status code was 401 and not [204]: HTTP Error 401: Unauthorized",
Has anyone got any code that works for a Unity post using Ansible uri module?
---
- hosts: localhost
vars:
unispherehost: "XXX.XXX.XXX.XXX"
username: "{{ user }}"
password: "{{ vault_password }}"
verifycert: "false"
tasks:
- name: Do initial Unity login to get token
uri:
method: GET
validate_certs: no
return_content: yes
url: "https://{{ unispherehost }}/api/types/loginSessionInfo/instances"
body_format: json
url_username: "ansible"
url_password: "{{ password }}"
headers:
Accept: "application/json"
Content-type: "application/json"
X-EMC-REST-CLIENT: "true"
register: token
- name: get Host ID from array
uri:
method: GET
validate_certs: no
return_content: yes
url: "https://{{ unispherehost }}/api/instances/host/name:{{ serverName }}"
body_format: json
url_username: "ansible"
url_password: "{{ password }}"
headers:
Accept: "application/json"
Content-type: "application/json"
X-EMC-REST-CLIENT: "true"
register: hostinfo
- name: Set authentication token
set_fact:
logincred: "{{ token.emc_csrf_token }}"
hostid: "{{ hostinfo.json.content.id }}"
- name: Add host to Consistency Group
uri:
method: POST
validate_certs: no
url: "https://{{ unispherehost }}/api/instances/storageResource/res_1/action/modifyConsistencyGroup"
url_username: "{{ username }}"
url_password: "{{ password }}"
force_basic_auth: yes
status_code: "204"
body_format: json
body:
addBlockHostAccess:
- host:
id: "{{ hostid }}"
accessMask: "1"
headers:
Accept: "application/json"
Content-Type: "application/json"
X-EMC-REST-CLIENT: "true"
X-EMC-CSRF-TOKEN: "{{ token.emc_csrf_token }}"
Cookie: "{{ hostinfo.cookies_string }}"
TASK [Add host to Consistency Group] *************************************************************************************************************************************
task path: /opt/storage/ansible-unity/dellemc_ansible/testurl.yml:51
Trying secret FileVaultSecret(filename='/opt/storage/ansible-unity/dellemc_ansible/group_vars/.unityvault') for vault_id=default
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: root
<127.0.0.1> EXEC /bin/sh -c 'echo ~root && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp `"&& mkdir "` echo /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428 `" && echo ansible-tmp-1612466819.41-124670-59318624474428="` echo /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428 `" ) && sleep 0'
Using module file /usr/lib/python2.7/site-packages/ansible/modules/net_tools/basics/uri.py
<127.0.0.1> PUT /root/.ansible/tmp/ansible-local-1245108lk73i/tmpAhzq7j TO /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428/AnsiballZ_uri.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428/ /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428/AnsiballZ_uri.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python2 /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428/AnsiballZ_uri.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1612466819.41-124670-59318624474428/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
"changed": false,
"connection": "close",
"content": "\n\n401 Unauthorized \n\nUnauthorized
\nThis server could not verify that you\nare authorized to access the document\nrequested. Either you supplied the wrong\ncredentials (e.g., bad password), or your\nbrowser doesn't understand how to supply\nthe credentials required.
\n
\n",
"content_length": "381",
"content_type": "text/html; charset=iso-8859-1",
"date": "Thu, 04 Feb 2021 19:26:59 GMT",
"elapsed": 0,
"invocation": {
"module_args": {
"attributes": null,
"backup": null,
"body": {
"addBlockHostAccess": [
{
"accessMask": "1",
"host": {
"id": "Host_1"
}
}
]
},
"body_format": "json",
"client_cert": null,
"client_key": null,
"content": null,
"creates": null,
"delimiter": null,
"dest": null,
"directory_mode": null,
"follow": false,
"follow_redirects": "safe",
"force": false,
"force_basic_auth": true,
"group": null,
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"Cookie": "MOD_AUTH_CAS_S=c37738dd534aa1cabab72ba304b6313e51bb9d20; mod_sec_emc=value2&2e2f432dfb95cc5e776d1c2889204cb3dc0b7fa40710bea736912d6c8e0a4d6c&value1&vpiUbaMXx7sXNxTBm4xKcXafuPE%2BSQJh3E%2FwomFCbH9jbGW4cinhOGXnLM3Dm9T8%0A&value3&1; JSESSIONID=EFCF8CBB1D61203AD5599E6CD9B347F6; CASTGC=TGT-210-faJu7rpEq9PhjIEI0zmdswl2yJj5LfeGPI1G44zXWHAw2PlLfY-Unisphere",
"X-EMC-CSRF-TOKEN": "BLa8vszEPSTdb78ZVzkPz2Six6hUHWSQiIyXe6Uy/aBhF9SvQa+Xp6Cbt+fV85PbxRT6tdSLclT4C6ZjekVjAVQhgod47OOwLikGJ6UdJoI=",
"X-EMC-REST-CLIENT": "true"
},
"http_agent": "ansible-httpget",
"method": "POST",
"mode": null,
"owner": null,
"regexp": null,
"remote_src": null,
"removes": null,
"return_content": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"status_code": [
"204"
],
"timeout": 30,
"unix_socket": null,
"unsafe_writes": null,
"url": "https://172.26.13.244/api/instances/storageResource/res_1/action/modifyConsistencyGroup",
"url_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"url_username": "admin",
"use_proxy": true,
"validate_certs": false
}
},
"msg": "Status code was 401 and not [204]: HTTP Error 401: Unauthorized",
"redirected": false,
"server": "Apache",
"status": 401,
"strict_transport_security": "max-age=63072000; includeSubdomains;",
"url": "https://172.26.13.244/api/instances/storageResource/res_1/action/modifyConsistencyGroup",
"x_frame_options": "SAMEORIGIN"
}
PLAY RECAP ***************************************************************************************************************************************************************
Thanks.
bmcfeeters
1 Rookie
1 Rookie
•
72 Posts
0
February 4th, 2021 11:00
Hi Ihami,
I haven't setup an environment yet to test but I did notice that the "Add host to Consistency Group" task uses a different url_username than the previous two tasks. Perhaps that what is tripping up the authentication?
Thanks
Bryan
ihami
2 Posts
0
February 5th, 2021 05:00
Thanks for looking at this. I think the URL is ok. I have used in Postman and ran a test in this small python test script and it works. Pretty sure that is because I use the same session and it has all the cookie info. Not sure how I would emulate that in Ansible.