On Friday, October 18, 2019 at 5:58:15 AM UTC-4, Vladimir Botka wrote:
>
> On Thu, 17 Oct 2019 23:35:30 -0700 (PDT)
> Jeff Baldwin <tarhe...@gmail.com <javascript:>> wrote:
>
> > *What I Am Seeing: *
> > - The 'jeff5' user (system adminstrator) and AIXAdmin group are being
> > created on the lx00011010d box ONLY (the expectation is that it would be
> > created on both)
> > - The oracle/DBA users are being created on lx00016141d, which is NOT
> the
> > oracle box (expectation is that these would get created on lx00011010d
> only)
> > [...]
> > ################################### INVENTORY
> > # file: *inventory/oracle*
> > [oracle]
> > lx00011010d
> >
> > # file: *inventory/other*
> > [other]
> > lx00016141d
> > [...]
> > ################################### GROUP_VARS
> > # file: *group_vars/all.yml*
> > users:
> > - username: jeff5
> > name: Jeff - AIX Linux Engineer
> > group: AIXAdmin
> > uid: 318427
> > [...]
> >
> > file: *group_vars/oracle.yml*
> > users:
> > - username: oracle
> > name: Oracle
> > group: dba
> > uid: 202
> > - username: kwhit
> > name: Kathryn - DBA
> > group: dba
> > uid: 225114
> > [...]
> > ################################### PLAYBOOKS
> > # file: *site.yml*
> > - import_playbook: common.yml
> > - import_playbook: oracle.yml
> > ---
> > # file: *common.yml*
> > - hosts: all
> > become: yes
> > roles:
> > - ansible-users
> > ---
> > # file: *oracle.yml*
> > - hosts: oracle
> > become: yes
> > roles:
> > - ansible-users
>
> It's not possible to explain the output below and other results you
> observe
> with the input provided. You'll have to minimise the example and make it
> verifiable. It's simply out of scope this way.
>
> PLAY [oracle]
> *************************
> TASK [Gathering Facts]
> *************************
> ok: [lx00016141d]
>
> Notes
> * How does the command-line look like?
> * Output of "ansible-inventory --list --vars"
> * Output of "ansible-config dump"
> * Role ansible-users
>
> Cheers,
>
> -vlado
>
Thank you for your time vlado. Below is the information you have
requested:
*Command Line:*
ansible-playbook site.yml -C
*ansible-inventory --list --vars*
*Question: *Why is group 'AIXAdmin' and user 'jeff5' vars not getting
applied to both boxes?
[admin@lx00010300p ansible-help]$ ansible-inventory --list --vars
{
"_meta": {
"hostvars": {
"lx00011010d": {
"groups_to_create": [
{
"gid": "901",
"name": "AIXAdmin",
"state": "present"
}
],
"users": [
{
"group": "AIXAdmin",
"name": "Jeff - AIX Linux Engineer",
"uid": 318427,
"username": "jeff5"
}
]
},
"lx00016141d": {
"file": "group_vars/oracle.yml",
"groups_to_create": [
{
"gid": 201,
"name": "dba"
}
],
"users": [
{
"group": "dba",
"name": "Oracle",
"uid": 202,
"username": "oracle"
},
{
"group": "dba",
"name": "Kathryn - DBA",
"uid": 225114,
"username": "kwhit"
}
]
}
}
},
"all": {
"children": [
"oracle",
"other",
"ungrouped"
]
},
"oracle": {
"hosts": [
"lx00016141d"
]
},
"other": {
"hosts": [
"lx00011010d"
]
}
}
*Ansible-Users role details:*
There are only two files in this role. Details below:
*[admin@lx00010300p ansible-users]$ cat defaults/main.yml*
---
# Create a group for every user and make that their primary group
users_create_per_user_group: true
# If we're not creating a per-user group, then this is the group all users
# belong to
users_group: users
# The default shell for a user if none is specified
users_default_shell: /bin/bash
# Create home dirs for new users? Set this to false if you manage home
# directories in some other way.
users_create_homedirs: true
# Lists of users to create and delete
users: []
users_deleted: []
# List of groups to create
# Example:
# groups_to_create:
# - name: developers
# gid: 10000
groups_to_create: []
authorized_keys_file: ".ssh/authorized_keys"
*[admin@lx00010300p ansible-users]$ cat tasks/main.yml*
---
- name: Creating groups
group:
name: "{{ item.name }}"
gid: "{{ item.gid | default(omit) }}"
gname: "{{ item.gname | default(omit) }}"
with_items: "{{ groups_to_create }}"
tags: ["users", "groups", "configuration"]
- name: Per-user group creation
group:
name: "{{ item.username }}"
gid: "{{ item.gid | default(item.uid) | default(omit) }}"
with_items: "{{ users }}"
when: "'group' not in item and users_create_per_user_group"
tags: ["users", "configuration"]
- name: User creation
user:
name: "{{ item.username }}"
group: "{{ item.group | default(item.username if
users_create_per_user_group else users_group) }}"
# empty string removes user from all secondary groups
groups: "{{ item.groups | join(',') if 'groups' in item else '' }}"
append: "{{ item.append | default(omit) }}"
shell: "{{ item.shell if item.shell is defined else users_default_shell
}}"
expires: "{{ item.expires | default(omit) }}"
password: "{{ item.password if item.password is defined else '!' }}"
comment: "{{ item.name if item.name is defined else '' }}"
uid: "{{ item.uid | default(omit) }}"
home: "{{ item.home | default('/home/' + item.username) }}"
createhome: "{{ 'yes' if users_create_homedirs else 'no' }}"
generate_ssh_key: "{{ item.generate_ssh_key | default(omit) }}"
update_password: "{{ item.update_password | default(omit) }}"
with_items: "{{ users }}"
tags: ["users", "configuration"]
- name: SSH keys
authorized_key:
user: "{{ item.0.username }}"
key: "{{ item.1 }}"
path: "{{ item.0.home | default('/home/' + item.0.username) }}/{{
authorized_keys_file }}"
with_subelements:
- "{{ users }}"
- ssh_key
- skip_missing: yes
tags: ["users", "configuration"]
- name: Setup user profiles
blockinfile:
block: "{{ item.profile }}"
dest: "{{ item.home | default('/home/' + item.username) }}/.profile"
owner: "{{ item.username }}"
group: "{{ item.group | default(item.username if
users_create_per_user_group else users_group) }}"
mode: 0644
create: true
when: users_create_homedirs and item.profile is defined
with_items: "{{ users }}"
- name: Deleted user removal
user:
name: "{{ item.username }}"
state: absent
remove: "{{ item.remove | default(omit) }}"
force: "{{ item.force | default(omit) }}"
with_items: "{{ users_deleted }}"
tags: ["users", "configuration"]
- name: Deleted per-user group removal
group:
name: "{{ item.username }}"
state: absent
with_items: "{{ users_deleted }}"
when: users_create_per_user_group
tags: ["users", "configuration"]
*ANSIBLE CONFIG DUMP*
[admin@lx00010300p ansible-help]$ ansible-config dump
ACTION_WARNINGS(default) = True
AGNOSTIC_BECOME_PROMPT(default) = True
ALLOW_WORLD_READABLE_TMPFILES(default) = False
ANSIBLE_CONNECTION_PATH(default) = None
ANSIBLE_COW_PATH(default) = None
ANSIBLE_COW_SELECTION(default) = default
ANSIBLE_COW_WHITELIST(default) = ['bud-frogs', 'bunny', 'cheese', 'daemon',
'default', 'dragon', 'elephant-in-snake', 'elephant', 'eyes', 'hellokitty',
'kitty', 'luke
ANSIBLE_FORCE_COLOR(default) = False
ANSIBLE_NOCOLOR(default) = False
ANSIBLE_NOCOWS(default) = False
ANSIBLE_PIPELINING(default) = False
ANSIBLE_SSH_ARGS(default) = -C -o ControlMaster=auto -o ControlPersist=60s
ANSIBLE_SSH_CONTROL_PATH(default) = None
ANSIBLE_SSH_CONTROL_PATH_DIR(default) = ~/.ansible/cp
ANSIBLE_SSH_EXECUTABLE(default) = ssh
ANSIBLE_SSH_RETRIES(default) = 0
ANY_ERRORS_FATAL(default) = False
BECOME_ALLOW_SAME_USER(default) = False
BECOME_PLUGIN_PATH(default) = [u'/home/ifreling/.ansible/plugins/become',
u'/usr/share/ansible/plugins/become']
CACHE_PLUGIN(default) = memory
CACHE_PLUGIN_CONNECTION(default) = None
CACHE_PLUGIN_PREFIX(default) = ansible_facts
CACHE_PLUGIN_TIMEOUT(default) = 86400
COLLECTIONS_PATHS(default) = [u'/home/ifreling/.ansible/collections',
u'/usr/share/ansible/collections']
COLOR_CHANGED(default) = yellow
COLOR_CONSOLE_PROMPT(default) = white
COLOR_DEBUG(default) = dark gray
COLOR_DEPRECATE(default) = purple
COLOR_DIFF_ADD(default) = green
COLOR_DIFF_LINES(default) = cyan
COLOR_DIFF_REMOVE(default) = red
COLOR_ERROR(default) = red
COLOR_HIGHLIGHT(default) = white
COLOR_OK(default) = green
COLOR_SKIP(default) = cyan
COLOR_UNREACHABLE(default) = bright red
COLOR_VERBOSE(default) = blue
COLOR_WARN(default) = bright purple
COMMAND_WARNINGS(default) = True
CONDITIONAL_BARE_VARS(default) = True
CONNECTION_FACTS_MODULES(default) = {'junos': 'junos_facts', 'eos':
'eos_facts', 'frr': 'frr_facts', 'iosxr': 'iosxr_facts', 'nxos':
'nxos_facts', 'ios': 'ios_facts',
DEFAULT_ACTION_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/action',
u'/usr/share/ansible/plugins/action']
DEFAULT_ALLOW_UNSAFE_LOOKUPS(default) = False
DEFAULT_ASK_PASS(default) = False
DEFAULT_ASK_SUDO_PASS(default) = False
DEFAULT_ASK_SU_PASS(default) = False
DEFAULT_ASK_VAULT_PASS(default) = False
DEFAULT_BECOME(default) = False
DEFAULT_BECOME_ASK_PASS(default) = False
DEFAULT_BECOME_EXE(default) = None
DEFAULT_BECOME_FLAGS(default) =
DEFAULT_BECOME_METHOD(default) = sudo
DEFAULT_BECOME_USER(default) = root
DEFAULT_CACHE_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/cache',
u'/usr/share/ansible/plugins/cache']
DEFAULT_CALLABLE_WHITELIST(default) = []
DEFAULT_CALLBACK_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/callback',
u'/usr/share/ansible/plugins/callback']
DEFAULT_CALLBACK_WHITELIST(default) = []
DEFAULT_CLICONF_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/cliconf',
u'/usr/share/ansible/plugins/cliconf']
DEFAULT_CONNECTION_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/connection',
u'/usr/share/ansible/plugins/connection']
DEFAULT_DEBUG(default) = False
DEFAULT_EXECUTABLE(default) = /bin/sh
DEFAULT_FACT_PATH(default) = None
DEFAULT_FILTER_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/filter',
u'/usr/share/ansible/plugins/filter']
DEFAULT_FORCE_HANDLERS(default) = False
DEFAULT_FORKS(default) = 5
DEFAULT_GATHERING(default) = implicit
DEFAULT_GATHER_SUBSET(default) = ['all']
DEFAULT_GATHER_TIMEOUT(default) = 10
DEFAULT_HANDLER_INCLUDES_STATIC(default) = False
DEFAULT_HASH_BEHAVIOUR(default) = replace
DEFAULT_HOST_LIST(/sdd/ansible-help/ansible.cfg) =
[u'/sdd/ansible-production/inventory']
DEFAULT_HTTPAPI_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/httpapi',
u'/usr/share/ansible/plugins/httpapi']
DEFAULT_INTERNAL_POLL_INTERVAL(default) = 0.001
DEFAULT_INVENTORY_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/inventory',
u'/usr/share/ansible/plugins/inventory']
DEFAULT_JINJA2_EXTENSIONS(default) = []
DEFAULT_JINJA2_NATIVE(default) = False
DEFAULT_KEEP_REMOTE_FILES(default) = False
DEFAULT_LIBVIRT_LXC_NOSECLABEL(default) = False
DEFAULT_LOAD_CALLBACK_PLUGINS(default) = False
DEFAULT_LOCAL_TMP(default) =
/home/ifreling/.ansible/tmp/ansible-local-10705WmW2Mw
DEFAULT_LOG_FILTER(default) = []
DEFAULT_LOG_PATH(default) = None
DEFAULT_LOOKUP_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/lookup',
u'/usr/share/ansible/plugins/lookup']
DEFAULT_MANAGED_STR(default) = Ansible managed
DEFAULT_MODULE_ARGS(default) =
DEFAULT_MODULE_COMPRESSION(default) = ZIP_DEFLATED
DEFAULT_MODULE_LANG(default) = {{ CONTROLLER_LANG }}
DEFAULT_MODULE_NAME(default) = command
DEFAULT_MODULE_PATH(default) = [u'/home/ifreling/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
DEFAULT_MODULE_SET_LOCALE(default) = False
DEFAULT_MODULE_UTILS_PATH(default) =
[u'/home/ifreling/.ansible/plugins/module_utils',
u'/usr/share/ansible/plugins/module_utils']
DEFAULT_NETCONF_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/netconf',
u'/usr/share/ansible/plugins/netconf']
DEFAULT_NO_LOG(default) = False
DEFAULT_NO_TARGET_SYSLOG(default) = False
DEFAULT_NULL_REPRESENTATION(default) = None
DEFAULT_POLL_INTERVAL(default) = 15
DEFAULT_PRIVATE_KEY_FILE(default) = None
DEFAULT_PRIVATE_ROLE_VARS(default) = False
DEFAULT_REMOTE_PORT(default) = None
DEFAULT_REMOTE_USER(default) = None
DEFAULT_ROLES_PATH(/sdd/ansible-help/ansible.cfg) =
[u'/sdd/ansible-production/roles']
DEFAULT_SCP_IF_SSH(default) = smart
DEFAULT_SELINUX_SPECIAL_FS(default) = ['fuse', 'nfs', 'vboxsf', 'ramfs',
'9p']
DEFAULT_SFTP_BATCH_MODE(default) = True
DEFAULT_SQUASH_ACTIONS(default) = ['apk', 'apt', 'dnf', 'homebrew',
'openbsd_pkg', 'pacman', 'pip', 'pkgng', 'yum', 'zypper']
DEFAULT_SSH_TRANSFER_METHOD(default) = None
DEFAULT_STDOUT_CALLBACK(default) = default
DEFAULT_STRATEGY(default) = linear
DEFAULT_STRATEGY_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/strategy',
u'/usr/share/ansible/plugins/strategy']
DEFAULT_SU(default) = False
DEFAULT_SU_EXE(default) = su
DEFAULT_SU_FLAGS(default) =
DEFAULT_SU_USER(default) = None
DEFAULT_SYSLOG_FACILITY(default) = LOG_USER
DEFAULT_TASK_INCLUDES_STATIC(default) = False
DEFAULT_TERMINAL_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/terminal',
u'/usr/share/ansible/plugins/terminal']
DEFAULT_TEST_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/test',
u'/usr/share/ansible/plugins/test']
DEFAULT_TIMEOUT(default) = 10
DEFAULT_TRANSPORT(default) = smart
DEFAULT_UNDEFINED_VAR_BEHAVIOR(default) = True
DEFAULT_VARS_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/vars',
u'/usr/share/ansible/plugins/vars']
DEFAULT_VAULT_ENCRYPT_IDENTITY(default) = None
DEFAULT_VAULT_IDENTITY(default) = default
DEFAULT_VAULT_IDENTITY_LIST(default) = []
DEFAULT_VAULT_ID_MATCH(default) = False
DEFAULT_VAULT_PASSWORD_FILE(default) = None
DEFAULT_VERBOSITY(default) = 0
DEPRECATION_WARNINGS(default) = True
DIFF_ALWAYS(default) = False
DIFF_CONTEXT(default) = 3
DISPLAY_ARGS_TO_STDOUT(default) = False
DISPLAY_SKIPPED_HOSTS(default) = True
DOCSITE_ROOT_URL(default) = https://docs.ansible.com/ansible/
DOC_FRAGMENT_PLUGIN_PATH(default) =
[u'/home/ifreling/.ansible/plugins/doc_fragments',
u'/usr/share/ansible/plugins/doc_fragments']
ENABLE_TASK_DEBUGGER(default) = False
ERROR_ON_MISSING_HANDLER(default) = True
FACTS_MODULES(default) = ['smart']
GALAXY_IGNORE_CERTS(default) = False
GALAXY_ROLE_SKELETON(default) = None
GALAXY_ROLE_SKELETON_IGNORE(default) = ['^.git$', '^.*/.git_keep$']
GALAXY_SERVER(default) = https://galaxy.ansible.com
GALAXY_TOKEN(default) = None
HOST_KEY_CHECKING(default) = True
HOST_PATTERN_MISMATCH(default) = warning
INJECT_FACTS_AS_VARS(default) = True
INTERPRETER_PYTHON(default) = auto_legacy
INTERPRETER_PYTHON_DISTRO_MAP(default) = {'centos': {'8':
'/usr/libexec/platform-python', '6': '/usr/bin/python'}, 'rhel': {'8':
'/usr/libexec/platform-python', '6':
INTERPRETER_PYTHON_FALLBACK(default) = ['/usr/bin/python', 'python3.7',
'python3.6', 'python3.5', 'python2.7', 'python2.6',
'/usr/libexec/platform-python', '/usr/bin/
INVALID_TASK_ATTRIBUTE_FAILED(default) = True
INVENTORY_ANY_UNPARSED_IS_FAILED(default) = False
INVENTORY_CACHE_ENABLED(default) = False
INVENTORY_CACHE_PLUGIN(default) = None
INVENTORY_CACHE_PLUGIN_CONNECTION(default) = None
INVENTORY_CACHE_PLUGIN_PREFIX(default) = ansible_facts
INVENTORY_CACHE_TIMEOUT(default) = 3600
INVENTORY_ENABLED(default) = ['host_list', 'script', 'auto', 'yaml', 'ini',
'toml']
INVENTORY_EXPORT(default) = False
INVENTORY_IGNORE_EXTS(default) = {{(BLACKLIST_EXTS + ( '.orig', '.ini',
'.cfg', '.retry'))}}
INVENTORY_IGNORE_PATTERNS(default) = []
INVENTORY_UNPARSED_IS_FAILED(default) = False
LOCALHOST_WARNING(default) = True
MAX_FILE_SIZE_FOR_DIFF(default) = 104448
NETCONF_SSH_CONFIG(default) = None
NETWORK_GROUP_MODULES(default) = ['eos', 'nxos', 'ios', 'iosxr', 'junos',
'enos', 'ce', 'vyos', 'sros', 'dellos9', 'dellos10', 'dellos6', 'asa',
'aruba', 'aireos', 'b
OLD_PLUGIN_CACHE_CLEARING(default) = False
PARAMIKO_HOST_KEY_AUTO_ADD(default) = False
PARAMIKO_LOOK_FOR_KEYS(default) = True
PERSISTENT_COMMAND_TIMEOUT(default) = 30
PERSISTENT_CONNECT_RETRY_TIMEOUT(default) = 15
PERSISTENT_CONNECT_TIMEOUT(default) = 30
PERSISTENT_CONTROL_PATH_DIR(default) = /home/ifreling/.ansible/pc
PLAYBOOK_VARS_ROOT(default) = top
PLUGIN_FILTERS_CFG(default) = None
PYTHON_MODULE_RLIMIT_NOFILE(default) = 0
RETRY_FILES_ENABLED(default) = False
RETRY_FILES_SAVE_PATH(default) = None
SHOW_CUSTOM_STATS(default) = False
STRING_CONVERSION_ACTION(default) = warn
STRING_TYPE_FILTERS(default) = ['string', 'to_json', 'to_nice_json',
'to_yaml', 'ppretty', 'json']
SYSTEM_WARNINGS(default) = True
TAGS_RUN(default) = []
TAGS_SKIP(default) = []
TASK_DEBUGGER_IGNORE_ERRORS(default) = True
TRANSFORM_INVALID_GROUP_CHARS(default) = never
USE_PERSISTENT_CONNECTIONS(default) = False
VARIABLE_PRECEDENCE(default) = ['all_inventory', 'groups_inventory',
'all_plugins_inventory', 'all_plugins_play', 'groups_plugins_inventory',
'groups_plugins_play']
VERBOSE_TO_STDERR(default) = False
YAML_FILENAME_EXTENSIONS(default) = ['.yml', '.yaml', '.json']
(END)
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/4468f532-55cf-449c-ba25-9b961ffadcd9%40googlegroups.com.
