For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

pranay48's avatar
pranay48
Icon for Nimbostratus rankNimbostratus
Apr 26, 2024

Error while running ansible

I am getting the following error when I am trying to run ansible script on f5 instance through jumphost  The full traceback is: Traceback (most recent call last):   File "/Library/Frameworks/Pytho...
Ansible
devops
error
f5
pranay48's avatar
pranay48
Icon for Nimbostratus rankNimbostratus
May 08, 2024

Anysolution anyone?"

boneyard's avatar
boneyard
Icon for MVP rankMVP
May 09, 2024

For any playbook? Can you share a simple one which triggers this?

 

The errors "<urlopen error [SSL: WRONG_VERSION_NUMBER]" point to a lower SSL version then the F5 accepts, does a curl from the jump host towards it work?

  • pranay48's avatar
    pranay48
    Icon for Nimbostratus rankNimbostratus
    May 09, 2024

    Yes, it is every playbook. 
    Ex: 

    ---
    - name: List virtual
      hosts: f5
      connection: local
      vars:
        provider:
          server: "localhost"
          user: "<>"
          password: "<>"
          server_port: <>
          validate_certs: no

      tasks:
      - name: Retrieve LTM pool list
        bigip_command:
          commands:
            - tmsh -c "list ltm pool"
          provider: "{{ provider }}"
        register: ltm_pool_list

      - name: Display LTM pool list
        debug:
          var: ltm_pool_list.stdout_lines

    Inventory:

    [f5]

    <Ip>

     

    [f5:vars]

    ansible_ssh_common_args='-o StrictHostKeyChecking=no -J <user>@localhost:<port>'

     

    -Yes, curl and ssh from jumphost towards F5 works

     

     

    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP
      May 13, 2024

      Is that ansible_ssh_common_args needed? Do you tunnel or such towards the F5?

      Have you limited the allowed TLS versions on the F5 management interface?