Network credential type

You can create Network credential types in automation controller to manage network devices that use Ansible networking modules.

Note

Select the Network credential type if you are using a local connection with provider to use Ansible networking modules to connect to and manage networking devices.

When connecting to network devices, the credential type must match the connection type:
  • For local connections using provider, credential type should be Network.
  • For all other network connections (httpapi, netconf, and network_cli), the credential type should be Machine.

    For more information about connection types available for network devices, see Multiple Communication Protocols.

    Automation controller uses the following environment variables for Network credentials:

    ANSIBLE_NET_USERNAME
ANSIBLE_NET_PASSWORD

Provide the following information for network credentials:

  • Username: The username to use in conjunction with the network device.
  • Password: The password to use in conjunction with the network device.
  • SSH Private Key: Copy or drag-and-drop the actual SSH Private Key to be used to authenticate the user to the network through SSH.
  • Private Key Passphrase: The passphrase for the private key to authenticate the user to the network through SSH.
  • Authorize: Select this to control whether or not to enter privileged mode.

Access network credentials in an Ansible Playbook
Copy link

When using the Controller Access Network Credentials credential type, you can access the username and password parameters in your Ansible Playbook by using the following environment variables:

  • ANSIBLE_NET_USERNAME
  • ANSIBLE_NET_PASSWORD

You can get the username and password parameters from a job runtime environment:

vars:
  network:
    username: '{{ lookup("env", "ANSIBLE_NET_USERNAME") }}'
    password: '{{ lookup("env", "ANSIBLE_NET_PASSWORD") }}'

Multiple communication protocols
Copy link

Ansible network modules can communicate with network devices by using different protocols.

Because network modules run on the control node instead of on the managed nodes, they can support multiple communication protocols. The communication protocols (XML over SSH, CLI over SSH, or API over HTTPS) selected for each network module depend on the platform and the purpose of the module. Some network modules support only one protocol, while some offer a choice.

The most common protocol is CLI over SSH. You set the communication protocol with the ansible_connection variable:

Expand
Value of ansible_connection Protocol Requires Persistent?

ansible.netcommon.network_cli

CLI over SSH

network_os setting

yes

ansible.netcommon.netconf

XML over SSH

network_os setting

yes

ansible.netcommon.httpapi

API over HTTP/HTTPS

network_os setting

yes

local

depends on provider

provider setting

no

The ansible_connection: local is deprecated. Use one of the persistent connection types listed above instead. With persistent connections, you can define the hosts and credentials only once, rather than in every task. You must also set the network_os variable for the specific network platform you are communicating with.