Re: ansible.module_utils.connection.ConnectionErro...

Tai_Bui · ‎2021-06-22

Hi,

I just rebuilt my Ubuntu and re-installed all modules that I had before for my lab. I know my playbook worked previously but not sure why not this time.

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ansible.module_utils.connection.ConnectionError: string indices must be integers
fatal: [checkpoint]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/home/osboxes/.ansible/tmp/ansible-local-4258683ilf5oi0/ansible-tmp-1624393456.3348339-425981-7450313037159/AnsiballZ_cp_mgmt_network.py\", line 100, in <module>\n    _ansiballz_main()\n  File \"/home/osboxes/.ansible/tmp/ansible-local-4258683ilf5oi0/ansible-tmp-1624393456.3348339-425981-7450313037159/AnsiballZ_cp_mgmt_network.py\", line 92, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/osboxes/.ansible/tmp/ansible-local-4258683ilf5oi0/ansible-tmp-1624393456.3348339-425981-7450313037159/AnsiballZ_cp_mgmt_network.py\", line 40, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_network', init_globals=dict(_module_fqn='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_network', _modlib_path=modlib_path),\n  File \"/usr/lib/python3.8/runpy.py\", line 207, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib/python3.8/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib/python3.8/runpy.py\", line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_cp_mgmt_network_payload_tpg00l8b/ansible_cp_mgmt_network_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py\", line 225, in <module>\n  File \"/tmp/ansible_cp_mgmt_network_payload_tpg00l8b/ansible_cp_mgmt_network_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_network.py\", line 220, in main\n  File \"/tmp/ansible_cp_mgmt_network_payload_tpg00l8b/ansible_cp_mgmt_network_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 265, in api_call\n  File \"/tmp/ansible_cp_mgmt_network_payload_tpg00l8b/ansible_cp_mgmt_network_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 65, in send_request\n  File \"/tmp/ansible_cp_mgmt_network_payload_tpg00l8b/ansible_cp_mgmt_network_payload.zip/ansible/module_utils/connection.py\", line 195, in __rpc__\nansible.module_utils.connection.ConnectionError: string indices must be integers\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

Here is my host.yml

---
firewall:
 hosts:
  checkpoint:
    ckp_sms_ngen ansible_host: 10.10.10.2
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate: False
    ansible_user: admin
    ansible_network_os: check_point.mgmt.checkpoint

Here is my playbook

---


- hosts: checkpoint
  connection: httpapi

  tasks:
   - name: Adding Site1 VL 10
     cp_mgmt_network:
      name: Site1-VL10-Nets
      state: present
      subnet: 10.10.10.0
      subnet_mask: 255.255.255.0
      comments: Network
      auto_publish_session: yes

   - name: Adding Site1 VL 20
     cp_mgmt_network:
      name: Site1-VL20-Nets
      state: present
      subnet: 10.10.20.0
      subnet_mask: 255.255.255.0
      comments: Desktop
      auto_publish_session: yes

   - name: Adding Site1 VL 30
     cp_mgmt_network:
      name: Site1-VL30-Nets
      state: present
      subnet: 10.10.30.0
      subnet_mask: 255.255.255.0
      comments: Secure
      auto_publish_session: yes

   - name: Adding Site2 VL 10
     cp_mgmt_network:
      name: Site2-VL10-Nets
      state: present
      subnet: 10.20.10.0
      subnet_mask: 255.255.255.0
      comments: Network
      auto_publish_session: yes

   - name: Adding Site2 VL 20
     cp_mgmt_network:
      name: Site2-VL20-Nets
      state: present
      subnet: 10.20.20.0
      subnet_mask: 255.255.255.0
      comments: Network
      auto_publish_session: yes

   - name: Adding Site2 VL 30
     cp_mgmt_network:
      name: Site2-VL30-Nets
      state: present
      subnet: 10.20.30.0
      subnet_mask: 255.255.255.0
      comments: Secure
      auto_publish_session: yes

   - name: Adding Site3 VL 10
     cp_mgmt_network:
      name: Site3-VL10-Nets
      state: present
      subnet: 10.30.10.0
      subnet_mask: 255.255.255.0
      comments: Network
      auto_publish_session: yes

   - name: Adding Site3 VL 20
     cp_mgmt_network:
      name: Site3-VL20-Nets
      state: present
      subnet: 10.30.20.0
      subnet_mask: 255.255.255.0
      comments: Desktop
      auto_publish_session: yes

   - name: Adding Site3 VL 30
     cp_mgmt_network:
      name: Site3-VL10-Nets
      state: present
      subnet: 10.30.30.0
      subnet_mask: 255.255.255.0
      comments: Secure
      auto_publish_session: yes

PhoneBoy · ‎2021-06-22

So what happens when you run the playbook with -vvv as suggested by the error message?

Art_Zalenekas · ‎2021-06-22

If you look carefully, your YML based inventory has an additional string ckp_sms_ngen that should not be present. In that section, you need to provide var: value .

---
firewall:
 hosts:
  checkpoint:
    ansible_host: 10.10.10.2
    ansible_httpapi_use_ssl: True
    ansible_httpapi_validate: False
    ansible_user: admin
    ansible_network_os: check_point.mgmt.checkpoint

Additionally, for the sake of readability, I would have a host-based host_var with all the values of networks as a var, and then use one task to loop over the networks var of that particular host. Also, don't publish on each and one task, but rather notify a handler for publish to call the cp_mgmt_publish module.

host_vars/checkpoint.yml

networks:
  - name: Site1-VL10-Nets
    state: present
    subnet: 10.10.10.0
    subnet_mask: 255.255.255.0
    comments: Network
  - name: Site1-VL20-Nets
    state: present
    subnet: 10.10.20.0
    subnet_mask: 255.255.255.0
    comments: Desktop
  - name: Site1-VL30-Nets
    state: present
    subnet: 10.10.30.0
    subnet_mask: 255.255.255.0
    comments: Secure
  - name: Site2-VL10-Nets
    state: present
    subnet: 10.20.10.0
    subnet_mask: 255.255.255.0
    comments: Network
  - name: Site2-VL20-Nets
    state: present
    subnet: 10.20.20.0
    subnet_mask: 255.255.255.0
    comments: Network
  - name: Site2-VL30-Nets
    state: present
    subnet: 10.20.30.0
    subnet_mask: 255.255.255.0
    comments: Secure
  - name: Site3-VL10-Nets
    state: present
    subnet: 10.30.10.0
    subnet_mask: 255.255.255.0
    comments: Network
  - name: Site3-VL20-Nets
    state: present
    subnet: 10.30.20.0
    subnet_mask: 255.255.255.0
    comments: Desktop
  - name: Site3-VL30-Nets
    state: present
    subnet: 10.30.30.0
    subnet_mask: 255.255.255.0
    comments: Secure

Then in the playbook call:

---
- name: Test Playbook
  hosts: checkpoint
  gather_facts: false
  connection: httpapi
  collections:
    - check_point.mgmt
  tasks:
    - name: Add network object
      cp_mgmt_network:
        name: '{{ item.name }}'
        state: '{{ item.state }}'
        subnet: '{{ item.subnet }}'
        subnet_mask: '{{ item.subnet_mask }}'
        comments: '{{ item.comments }}'
      loop: '{{ networks }}'
      notify: publish

  handlers:
    - name: publish
      cp_mgmt_publish:

This way your playbook stays clean, quick, short, and your host (SMS/CMA) based host_var inventory file has data that it needs. Now you can manage the variable data file and leave the playbook file alone. Feel free to change the variable names as you see fit. I hope that helps!

Kind regards,
Arturas Zalenekas

E_AGH107 · ‎2023-04-24

Hello,

Any solution to this? Two years later and I'm facing the same issue.

Output:

fatal: [172.23.173.20]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-local-4048lapt5vhg/ansible-tmp-1682330622.249256-4053-2356661523179/AnsiballZ_cp_mgmt_host_facts.py\", line 107, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-local-4048lapt5vhg/ansible-tmp-1682330622.249256-4053-2356661523179/AnsiballZ_cp_mgmt_host_facts.py\", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-local-4048lapt5vhg/ansible-tmp-1682330622.249256-4053-2356661523179/AnsiballZ_cp_mgmt_host_facts.py\", line 47, in invoke_module\n runpy.run_module(mod_name='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_host_facts', init_globals=dict(_module_fqn='ansible_collections.check_point.mgmt.plugins.modules.cp_mgmt_host_facts', _modlib_path=modlib_path),\n File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py\", line 145, in <module>\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible_collections/check_point/mgmt/plugins/modules/cp_mgmt_host_facts.py\", line 138, in main\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 570, in api_call_facts\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 502, in handle_call\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible_collections/check_point/mgmt/plugins/module_utils/checkpoint.py\", line 247, in send_request\n File \"/tmp/ansible_check_point.mgmt.cp_mgmt_host_facts_payload_bh0xo013/ansible_check_point.mgmt.cp_mgmt_host_facts_payload.zip/ansible/module_utils/connection.py\", line 200, in __rpc__\nansible.module_utils.connection.ConnectionError: string indices must be integers\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}

Erik_Lagzdins · ‎2023-07-26

The "string indices must be intergers" is a general error that can occur when the intent data is not in the correct format.

However this error can also occur for others reasons. One cause of this exact error that I have experienced is forgetting to disable or bypass the proxy before running any playbooks with cp_mgmt modules. After setting up a new server, this could be extremely common scenario.

Nowshad · ‎2024-01-30

Hi,

Can any one please update us if you have any new update. I am facing the same error when trying to update the parameter using the ansible module "check_point.mgmt.cp_mgmt_set_global_properties". Is there any changes to the inventory file needed?

- name: Set minimum password length
  cp_mgmt_set_global_properties:
    user_directory:
      - min_password_length: 14

Erik_Lagzdins · ‎2024-01-30

I was able to get the module to work correctly. I believe you have a minor typo, you do not need the hyphen before the min_password_length parameter.

Here's a copy of my working playbook.

---
- name: " Edit Global Properties "
  hosts: mds-primary
  gather_facts: no
  vars:
     #ansible_python_interpreter: "/usr/bin/python"
     ansible_connection: httpapi
     ansible_httpapi_use_ssl: True
     ansible_httpapi_validate_certs: False
     ansible_network_os: check_point.mgmt.checkpoint #Using Galaxy https://galaxy.ansible.com/check_point collection
     ansible_checkpoint_domain: Domain1 # Default domain for a SMS (SmartCenter)
     ansible_user: admin  # Change to your Check Point management admin user
     ansible_ssh_pass: vpn123

  tasks:
    - name: Set minimum password length
      check_point.mgmt.cp_mgmt_set_global_properties:
        user_directory:
          min_password_length: 14
        auto_publish_session: true

Nowshad · ‎2024-01-30

Thank you for the prompt response.

We are still receiving the same error message. I have attached the error screenshot. Please check on this.

Erik_Lagzdins · ‎2024-01-31

If you are still receiving the "string indices must be integers" error then there must be a problem with your intent data or general Ansible connection to the server, not in the task for the module. That error is a general error message that can occur for multiple reasons. I recommend opening an SR with TAC.

Nowshad · ‎2024-02-02

Hi Erik,

Thank you, we are raising the ticket. Can you also please let me know what is the python and Ansible versions you are using? I suspect that this module works only with pyhton version less than 3. If it supports only >3 then we cannot use this module with the latest version of ansible. Pls let me know your thoughts.

Erik_Lagzdins · ‎2024-02-06

Here is my Ansible version output. Python versions >3 are supported.

cpadmin@ubuntu22:/etc/ansible/Playbooks$ ansible --version
ansible [core 2.16.1]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/cpadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/cpadmin/.local/lib/python3.10/site-packages/ansible
ansible collection location = /home/cpadmin/.ansible/collections:/usr/share/ansible/collections
executable location = /home/cpadmin/.local/bin/ansible
python version = 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] (/usr/bin/python3)
jinja version = 3.0.3
libyaml = True

Are you a member of CheckMates?

ansible.module_utils.connection.ConnectionError: string indices must be integers