diff options
| author | Gaige B Paulsen <gaige@cluetrust.com> | 2025-02-12 17:45:23 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-12 22:45:23 +0000 |
| commit | 7a276a73b554a8b107944c6f2a593d49fc9e4389 (patch) | |
| tree | f64098d30078d45cc342acf4da5807efaf05a525 /docs/docsite/rst | |
| parent | 6e7f4b365184522810293f4901ea86dfeea2c422 (diff) | |
| download | vyos.vyos-7a276a73b554a8b107944c6f2a593d49fc9e4389.tar.gz vyos.vyos-7a276a73b554a8b107944c6f2a593d49fc9e4389.zip | |
T6891: chore: move platform_vyos to internal (#392)
Diffstat (limited to 'docs/docsite/rst')
| -rw-r--r-- | docs/docsite/rst/platform_vyos.rst | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/docs/docsite/rst/platform_vyos.rst b/docs/docsite/rst/platform_vyos.rst new file mode 100644 index 00000000..6e51e4eb --- /dev/null +++ b/docs/docsite/rst/platform_vyos.rst @@ -0,0 +1,78 @@ +.. _vyos_platform_options: + +*************************************** +VyOS Platform Options +*************************************** + +The `VyOS <https://galaxy.ansible.com/ui/repo/published/vyos/vyos>`_ collection supports the ``ansible.netcommon.network_cli`` connection type. +This page offers details on connection options to manage VyOS using Ansible. + +.. contents:: + :local: + +Connections available +================================================================================ + +.. table:: + :class: documentation-table + + ==================== ========================================== + .. CLI + ==================== ========================================== + Protocol SSH + + Credentials uses SSH keys / SSH-agent if present + + accepts ``-u myuser -k`` if using password + + Indirect Access by a bastion (jump host) + + Connection Settings ``ansible_connection: ansible.netcommon.network_cli`` + + |enable_mode| not supported + + Returned Data Format Refer to individual module documentation + ==================== ========================================== + +.. |enable_mode| replace:: Enable Mode |br| (Privilege Escalation) + + +The ``ansible_connection: local`` has been deprecated. Please use ``ansible_connection: ansible.netcommon.network_cli`` instead. + +Using CLI in Ansible +==================== + +Example CLI ``group_vars/vyos.yml`` +----------------------------------- + +.. code-block:: yaml + + ansible_connection: ansible.netcommon.network_cli + ansible_network_os: vyos.vyos.vyos + ansible_user: myuser + ansible_password: !vault... + ansible_ssh_common_args: '-o ProxyCommand="ssh -W %h:%p -q bastion01"' + + +- If you are using SSH keys (including an ssh-agent) you can remove the ``ansible_password`` configuration. +- If you are accessing your host directly (not through a bastion/jump host) you can remove the ``ansible_ssh_common_args`` configuration. +- If you are accessing your host through a bastion/jump host, you cannot include your SSH password in the ``ProxyCommand`` directive. To prevent secrets from leaking out (for example in ``ps`` output), SSH does not support providing passwords through environment variables. + +Example CLI task +---------------- + +.. code-block:: yaml + + - name: Retrieve VyOS version info + vyos.vyos.vyos_command: + commands: show version + when: ansible_network_os == 'vyos.vyos.vyos' + +.. warning:: + Never store passwords in plain text. We recommend using SSH keys to authenticate SSH connections. + Ansible supports ssh-agent to manage your SSH keys. If you must use passwords to authenticate SSH connections, + we recommend encrypting them with :ref:`Ansible Vault <playbooks_vault>`. + +.. seealso:: + + :ref:`timeout_options` |