What if you don't place the vars file in a groups_vars subdirectory. What if you place it in the directory of the playbook that runs the roles.
vars_files: - my_vars.yml Where my_vars.yml exists next to the playbook? Walter -- Walter Rowe, Division Chief Infrastructure Services Division Mobile: 202.355.4123 On Feb 14, 2024, at 12:56 PM, Kathy L <lyonsf...@gmail.com> wrote: I removed the vars_file from my playbook. I just double-checked and I am not loading iptables_v4_rules and/or iptables_directory twice.. I wish I could throw it into a repo but this is on a non-Internet connected device and can't be moved off. I've moved from curious to frustrated. On Tuesday, February 13, 2024 at 4:38:46 PM UTC-5 Todd Lewis wrote: Do you still have that vars_files: thing? As Dick suggested, it feels like that file is getting loaded more than once, and you don't want that. Is it at all possible that variables iptables_v4_rules and/or iptables_directory are being set anywhere else? [If you want to toss the whole thing in a private repo that I can clone, or some other way get to me, I'm willing to take a look; I'm really curious to know how this is happening.] On Tuesday, February 13, 2024 at 3:55:23 PM UTC-5 Kathy Lyons wrote: Todd- thank you for clearing that up for me I made default.yml all.yml amd reran things with the same errors. I am running my roles from within a playbook like this. - roles - role1 become: true - role2 become: true On Tue, Feb 13, 2024 at 2:51 PM Todd Lewis <uto...@gmail.com> wrote: This bears repeating. I know I missed it the first few times I was told, and then the light came on. * All hosts are in the "all" group. (That much I got the first time. :) * Any files or directories in ./group_vars/ that match a host's group names – including "all" – get loaded for that host. It was the "or directories" part I didn't appreciate at first. For example, if a host is in the "foo" group, then the files ./group_vars/foo, or better, ./group_vars/foo.yml (the former won't be ansible-linted; the latter will be) get loaded for that host. But more than that, if ./group_vars/foo/ is a directory, then all the files within ./group_vars/foo/ get loaded for all hosts in the foo group. * That works even for groups that don't exist when the playbook starts but are created on-they-fly by, for example, the ansible.builtin.group_by module. This allows you to have amazingly crazy ad hoc groups – like "hosts the CEO has logged into in the last 30 minutes" – and still use relevant ./group_vars/ files in a straightforward way. We suffered a bit initially because in some of our projects different competing interests clashed over ownership of the ./group_vars/all.yml file. When we realized we could have files ./group_vars/all/interest_aaa.yml, ./group_vars/all/interest_bbb.yml, ./group_vars/all/interest_ccc.yml, ./group_vars/all/interest_ddd.yml, etc., then the competition for that namespace became cooperation, and things just got much easier. On 2/13/24 12:19 PM, Dick Visser wrote: On Tue, 13 Feb 2024 at 17:35, Kathy L <lyon...@gmail.com> wrote: When I make Todd's changes, I get the same original error EXCEPT it tells me CentOS is not a dict, even though I am targeting a Debian box. Dick, are you saying that the file all.yml in the group_vars folder does not need to be explicitly stated in my playbook? Yes. It sounds like the vars file is somehow used twice, which I think (after Todd's comment) may screw up the level of laziness. (speculation on my side, but let's see) -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAF8BbLbksQ5HTbbD4xcofM8-e2LUQB8eAFDF5%2BYV%2BGOXv3J3%2BQ%40mail.gmail.com<https://groups.google.com/d/msgid/ansible-project/CAF8BbLbksQ5HTbbD4xcofM8-e2LUQB8eAFDF5%2BYV%2BGOXv3J3%2BQ%40mail.gmail.com?utm_medium=email&utm_source=footer>. -- Todd -- You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/irvn6QeOB_w/unsubscribe. To unsubscribe from this group and all its topics, send an email to ansible-proje...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4858ac06-ca17-447e-a345-d52724145520%40gmail.com<https://groups.google.com/d/msgid/ansible-project/4858ac06-ca17-447e-a345-d52724145520%40gmail.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com<mailto:ansible-project+unsubscr...@googlegroups.com>. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/634560b6-d90a-4895-aecf-e872bf992388n%40googlegroups.com<https://groups.google.com/d/msgid/ansible-project/634560b6-d90a-4895-aecf-e872bf992388n%40googlegroups.com?utm_medium=email&utm_source=footer>. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/D6D20C4D-F0C6-4C3F-96ED-1DCC4517C23D%40nist.gov.