[ansible-project] Ansible 1.6.9 Released

[James Cammarata]

Hi everyone,

We have released Ansible 1.6.9, which also addresses some regressions in
module parameter parsing introduced by the 1.6.7 security release.

This update is available via PyPi and releases.ansible.com now, and
packages for distros will be available as soon as possible.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFgCXqnFpnT-3hGLtQKXhZgtDKBfoSvrWC7peWLUWfWoVQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Debugging templates

[Matt Clarkson]

Hi Michael,

Thanks for your response.   The config in my original email was as it was 
in my playbook.   That being said, your hint to add list item delimiters in 
front of my tasks did the trick.  I am now able to run the tasks.  Thanks 
for that.

MTC

On Thursday, July 24, 2014 7:06:06 PM UTC+8, Michael DeHaan wrote:
>
> Your playbook appears to be manually typed in as I would expect to see 
> tasks starting with a "-".
>
> Can you please be sure to copy/paste the actual playbook.
>
> I say this because even the first task is not correctly formatted, 
> otherwise I would suggest this error with respect to the second, and also 
> know we have error detection to make sure "tasks" is a list and suggest 
> changes appropriately.
>
>
>
>
> On Thu, Jul 24, 2014 at 2:46 AM, Matt Clarkson  > wrote:
>
>> Hi,
>>
>> I'm looking for a way to quickly render/debug template files populated 
>> with variables from ec2.
>>
>> My strategy is to write a playbook that discovers that facts then runs 
>> the template module locally.
>>
>> Here is my current playbook:
>>
>> ---
>>
>> - name: Gather ec2 facts
>>
>>   hosts: all
>>
>>   tasks:
>>
>>local_action: ec2_facts
>>
>> - name: atemplate
>>
>>   hosts: localhost
>>
>>   tasks:
>>
>> action: template src=~/templates/raw/mako_PROD.properties.j2 
>> dest=~/templates/out
>>
>>
>> The playbook runs completely but the atemplate command is never run. 
>>  Here's the output (my localhost is part of ec2 inventory):
>>
>> PLAY [Gather ec2 facts] 
>> *** 
>>
>>
>> GATHERING FACTS 
>> *** 
>>
>> >
>>
>> ok: [localhost]
>>
>>
>> PLAY [atemplate] 
>> ** 
>>
>>
>> GATHERING FACTS 
>> *** 
>>
>> ok: [localhost]
>>
>>
>> PLAY RECAP 
>>  
>>
>> >
>>
>> localhost  : ok=2changed=0unreachable=0
>> failed=0   
>>
>>
>> Can I get some tips on what's wrong?  Or if there's a better way to 
>> achieve my objective would like to hear that too Thanks!
>>
>> MTC
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/4a7a14ef-3ca1-49c7-bcb1-6c9a424f8a69%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d4b3783c-8e85-4754-98e0-f0177d2e61c2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Dynamic inventories and variables best practices.

[Michael DeHaan]

>
> So quick 'my issue' which looks like 'chicken and egg' problem ;)
> 1. I would like to use ansible to provision servers.
> 2. I would like to use ansible to do some small changes on servers (for
> example add / remote some account etc - depends of dynamic work)
> 3. I would like to have records about facts (inlcuding local facts) wich
> can be used for playbooks.
> 4. I would like to have easy way of reasigning host and different tasks
> will be run.
>
>
Ok, this is all straighforward.


> The way which I see, is that:
> 1. First initial run of ansible - gathers facts and setup some local facts
> based on varialbe (role / product / environment (test / dev / etc))
>(Know already how to use callback functions and record results to DB).
> 2. Next runs, reads DB (Dynamic Inventory) and setup servers, updating
> local facts as well.
> 3. I can change some 'flag' in Dynamic Inventory and ansible will run
> different tasks.
>

Inventory doesn't control what playbooks you run - it describes what you
have.


>
> Expected solution is that:
> 1. I can quickly see on which status is server, for example:
>- ENV: Development - web servers - completed,
>- ENV: Testing - ready for application deplyement.
>- Prodcution  configuration XXX.
>

You can use different tags for different cloud systems, as one of many
possible ways.  Dynamic inventory typically groups by tag.


> 2. When I am going to a server I can quickly see in local facts forder
> what has been done (ini or js file) in terms of configuraiton.
>
> My issue is now that we have a lot of INI inventories files and we
> maintaning quite a lot of servers (250+).
>

You definitely would want to get away from this.

If you are non-cloudy, dynamic inventory can also access other CMDBs,
including bare metal provisioning systems like Cobbler.   Tower is also a
great choice because not only can it graphically sync with other
inventories and track history in the DB, but you can also still on top of
that use it to manage variables.  (Thus it provides that same CMDB-ish
capability).


> Adding new servers in ini file depends of product line, and is a bit of
> slow, this is why I whould like to have start using dynamic invenotry.
> However I am not quite sure how to deal with all these variables which we
> are using.
>
> I like to assigning server to some group, then I can use it in tempaltes,
> etc. And use variables only for some configuration specific details.
>
> So I would like to ask you in general:
> How are you working with ansible day by day when you have to:
> - manage big number of hosts where configuration is different (not only
> web server / DB server - but also web servers have different configuration
> [apache, nginx])
>

Use lots of roles.

Use group_vars to manage differences between groups, regions, and types of
systems, and to set common variables.


> - see what has been already done via ansible on server (wihtout reading
> YAML files over and over).
>

Not sure I follow this part.   if you want a list of all the things
configured that Ansible last touched versus something the user touched,
this is a bit of a pseudo-NP-complete type problem.


> - Dealing with small tasks to adjust configuration on server (for example
> php variables must be adjusted, or apache max_clients have to be decrased,
> etc).
>

Playbooks and templates.


> - Quickly add / modify server roles and anothers tasks are running.
>

Modification of roles is done in your editor.

Not sure what "anothers tasks are running".

If you want a central control chokepoint for all of your team to use, with
good inventory locking, Tower also fits well here.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyK3bQ1rxA7%3DOumMwtgFQ1xik_ho-yEvBeeY_%2BmpUOA5A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Best Practice to deploy your fleet with asg module

[raul rodriguez]

Hi guys,

I've been a very happy ansible user for the past 3 months, and I found the 
docs & community are very helpful.
But now, I'm looking to deploy three small asg groups.

I've been looking to find the best way to do this, but while there is an 
example for asg module, I haven't seen any best practice or a playbook that 
executes the whole workflow.
This one was suggested by @mdehaan
https://github.com/jsmartin/the_light/blob/master/roles/myapp_infra/tasks/main.yml

My main concern is when creating the ami, is it best bake a full ami with 
everthing ready or have a half-baked ami that will be provisioned by 
ansible pull or something else to get the latest code from git repo.
The last option looks to be more flexible, specially if you'll be 
continuously deploying to your cluster.

I wonder if we could gather best practices so later we can add it to the 
docs.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c1c73310-3435-4897-b595-6c2611fb3f0b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] using 2 loops with_first_found and with_items

[Michael DeHaan]

Can't combine these two things.

Also, when using with_foo: var, don't use jinja2.

Not like:

with_items: "{{ foo }}"

Do it like so:

with_items: alist_variable

I'd just have a bunch of templates like so:

- template: src={{ item}} dest=/etc/apt/sources.list.d/{{ item.basename }}
  with_fileglob: '*.sources.j2'

You may need to reference a hash that keys off of something like "{{ item |
basename }}" inside your template, such as

{# set basename = item|basename #}
{{ repo_url[basename] }}

etc

Sort of make sense?





On Wed, Jul 23, 2014 at 12:24 AM, Hudec Peter  wrote:

> Hi,
>
> I’m trying to write role for configuration of the package management. In
> this role I following setup.
>
> — defaults/main.yml
> debain_source_list:
>   - name: debian
>   state: enabled
> - name: debian-backports
>   state: enabled
> - name: debian-lts
>   state: enabled
>
>
>
>
>
> — task/setup-Debian.yml
> - name: "[repository] apt source list files"
>   action: template src= dest=/etc/apt/sources.d/.list
>   with_items: " {{ debain_source_list }}"
>   when: "item.state != 'enabled'"
>   with_first_found:
>   - {{ item.name }}.list.{{ ansible_lsb.id }}.{{ ansible_lsb.codename }}
>   - default.list
>
>
> The idea is to have separate source list files for each Debian release
> /wheeze, squeeze, …/, if the file is not found put there some default
> file. The problem is how to run more loops and address variables in one
> action.
>
> Consider this to be an example and will be used as template for another
> actions. I do not want to sync the directories.
>
> Best regards
> Peter Hudec
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CFF505AC.3A5BF%25peter.hudec%40cnc.sk
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzXkAfD1SS74bnwmSpPz0zfJ0ivwyEwwBoxmbR0NSB7UA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansigenome: A tool to help you gather information and manage your roles

[Michael DeHaan]

On Tue, Jul 22, 2014 at 6:47 PM, Nick Janetakis 
wrote:

> Unclear of how inventory and example playbooks are related.
>>
>
> In a lot of cases the playbook itself is always the same except for the
> name of the role. I have around 20 roles on the galaxy and pretty much all
> of them have an identical playbook in the example.
>

This is probably a sign they might need better examples :)


>
>
>
> I'd like to see an attempt at not bifurcating the tooling here.
>>
>
> I wanted to merge some of this into core if you guys felt it was
> reasonable but the ansible-galaxy script is untouchable IMO. It is already
> massive with a bunch of mixed concerns.
>


Strongly disagree with this statement.  It's quite easy to add new
functions, and it doesn't matter what functions or files things are in.
 It's also easy enough to make a galaxy_utils/ subpackage in there too.

I


> I don't think it can sustain me dropping in 1k+ lines of python without it
> exploding and to keep it all broken up would have required coming up with
> my own directory structure which is fine for my project but I wasn't sure
> that would fly over well with ansible.
>
> What parts do you like and don't like?
> How much of it wouldn't ever get into core?
>

We are going to have editorial views about what Ansible should be.   All
being said, we do appreicate and welcome attempts to contribute and work
towards good combined tooling.  Your cases seem a bit niche for the
mainstream, and that's fine, you can absolutely keep using it - but we seem
to be at an impasse and should call it as such, I think.


> Would ansible-galaxy need to be renamed?
>

It has no reason to be.

>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2ed77b14-bf13-4151-9e5a-e83643f12639%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxvT0DDO9%2BzMP-T1JpJdKN4Ta6yyWp9gt5dUYZ13qpZXg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: psycopg2.ProgrammingError: conflicting or redundant options

[Michael DeHaan]

Yeah we should totally catch the Exception and make it look friendly in
output regardless, can you file a github ticket on that?

We like to treat python tracebacks as bugs even if they are informing
someone of an error condition.

Thanks!




On Thu, Jul 24, 2014 at 6:47 PM, John Oliver  wrote:

> OK, I'm going to answer my own question :-)  I got the "conflicting or
> redundant options" when I used a command:  It turns out that NOSUPERUSER is
> sufficient, and psycopg just throws a fit instead of accepting the
> "redundant" permissions.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/738bc12a-3448-410b-ab8c-890f0f1b5357%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyFD%2BRatd4TV0m_whzyorHyj7vSVzszkUABMoOYun8Dsg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Newby Requirements and missing workarounds

[Michael DeHaan]

On Thu, Jul 24, 2014 at 2:38 PM, Bastian Bringenberg <
avalarionavar...@googlemail.com> wrote:

> Hey together,
>
> I am working with ansible for a few days now and it is perfect and really
> what I needed, but there are a few things I am not able to solute for
> myself and where I have ( in my opinion ) ugly workarounds that should be
> able to be done a lot smoother.
>

Replies inline !




>
> *1.) Merging Variables per Playbook*
>
>
>- I know that merging variables is possible with editing ansible.cfg
>- I know, that a lot of playbooks do not use this behavior so enabling
>it could create problems
>
>
It's not really going to cause any problems, but it's more confusing than
it's worth for most people new to ansible - and most people don't need it.


>
>- Is it somehow possible to create it just for my own playbooks?
>
>
It's set in ansible.cfg as "hash_merge_behavior".

>
>- Reason:
>- All my variables are build like this:
>   - bbnetz.PLAYBOOK.packages.[nano, screen, curl, ...] ( for example
>   ) set in the vars folder per distribution/version
>   - bbnetz.PLAYBOOK.settings.[database.*, vhost, defaultUser, ... ]
>   set in the defaults folder and also in my host_vars.
>
> Just as a workaround: I just renamed the bbnetz.PLAYBOOK.packages to
> bbnetz_packages.PLAYBOOK, but this is not as clean as I would like to have
> it.
>
> *2.) Creating Runtime variables*
>
> This is my set up:
>
>- I tried to setup a PHP-FPM setup with different ports
>- I created for each php-fpm vhost a file in /etc/php5/fpm/pool.d/ and
>name it HOSTNAME_PORTNUMBER where portnumber is 9000 + i.
>- And here is where this ends. I am not able to figure out what my i
>is or how to add it to 9000.
>
>
Look into the "set_fact" module for exactly this.

- set_fact:
  x: "{{ ((x|int) + 1) }}"

I'm being a little paranoid with the int casting, in case you have it as a
string somewhere.

Etc.



>
> Just as workaround: I am working with PHP-FPM over Sockets for the
> moment...
>
> *3.) Git Module and owners*
>
> This is one of my settings:
>
>- I am connected as user bbringenberg to my test server
>- I create a new user named openproject and want to create the github
>repo from openproject in /home/openproject as user openproject.
>- There is no attribute owner/group so this is not possible =(.
>
>
There's a better approach here.   You could "sudo_user: username" to that
user and check that thing out as you.

You could also just set this after the fact, but it's cleaner to do the
other.   This is the same reason the git command itself does not have owner
and group modes.


>
>- I am also not able to configure the user for a new connection in my
>vars file
>
>
I'm not sure what this part means.


>
> Just as a workaround: I am creating a copy of the gitrepo for the moment
> and set the new owner there.
>
> *4.) How are you working with SSL Certs?*
>
>
>- The last of my problems is, that I am not sure how to deploy SSL
>Certs
>- I could add them to my host_vars file, but that would make it really
>huge and as my configuration is in a locale git it would not make it any
>more secure...
>- I need to deploy them as files with gitignore or so...
>- How are you doing this?
>
>
I'll let other people answer this part...


>
> Thanks for your help and have a very nice evening,
>

You are welcome!  Hope the above helps!


> Greetings from Ruhrarea, Germany,
>
> Bastian
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/79b95ecd-61ad-4252-93f9-34e3f5266a53%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzDAyn04Zotvypup-Na%2BoDGVOzkh1FbFrzF-02CF4Cyvw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] set_fact on 'meta' playbook

[Michael DeHaan]

Well... sort of, not really.

What happens when you "when" a role, it applies a "when" as the first
condition of every task in the role.

So I suspect you have applied the "when" to your "set_fact" :)


All the "is_executed" stuff is generally non-idiomatic, the goal of a
playbook is to allow repeated configuration, and should be written to allow
reconfiguration or reassertion of configuration reliably.

If there are steps that will fail if rerun, failed_when can be a useful
guide, as can conditionals around the stat module, but just guard those
specific parts.




On Thu, Jul 24, 2014 at 4:52 PM, Michael Dur  wrote:

> I have a role who's sole purpose is as a meta playbook.
> It has a bunch of includes in meta/main.yml:
> allow_duplicates: no
> dependencies:
>   - { role: feature/zypper, when: "common_has_executed is defined" }
>   - { role: feature/rc.firewall, when: "common_has_executed is defined" }
>   - { role: base/base, when: "common_has_executed is defined" }
>   - { role: feature/perl, when: "common_has_executed is defined" }
>   - { role: feature/python, when: "common_has_executed is defined" }
>   - { role: feature/ruby, when: "common_has_executed is defined" }
>
> I want this to just run once, so I made a task:
>
> - name: log common status
>   set_fact:  common_has_executed = "1"
>
> Unfortunately the task seems to be parsed before the meta includes, so
> nothing runs.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/77f77ecc-29f1-4077-9fd1-78e49dd02eec%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyd3757C3JnT85mEHf%2BbRYLrnUh3xXO5MLBAWNEkk3xdQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] tags

[Michael DeHaan]

A --list-tags would be a fine thing to have.

We were waiting on some refactoring to make some of the playbook parsing
classes a bit more usable for that, though it actually might not be
terribly difficult.

Really I want a way to compile a playbook down to a list of task objects
w/o executing them.

Right now that doesn't quite fit for /usr/bin/ansible-playbook (the script)
though so it needs a little bit of cleanup first.

Though I'll admit - Runner is our first target, so this may be a while.

I'd use the "specify an invalid tag" hack for now.




On Thu, Jul 24, 2014 at 3:52 PM, Michael Dur  wrote:

> I notice when you try use a tag that does not exist ansible happily prints
> those that do exist in the error output.
> Would it be possible/desirable to have an option to just print the tags on
> demand?  How about a tree of playbooks by tags (think of the output of the
> utility tree)?
>
> Our infrastructure is complicated, and we are beginning to get lots of
> tags going on.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/df2cd839-e971-4848-9f13-b01a03dc23fd%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgww%2BNp%2Bv3QtQM3b9m84m6DMb4QJyOC6XFVe_RTMfWKTyg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Update : stat upside down

[Michael DeHaan]

I think I replied to the previous copy of this one, please see the other
thread.

It can sometimes be confusing as the very first post to the list is
moderated to prevent spam, so I occasionally double approve a duplicate
post.




On Thu, Jul 24, 2014 at 10:11 AM, 'Diogene Laerce' via Ansible Project <
ansible-project@googlegroups.com> wrote:

> Hi,
>
> I have this strange issue. The following code was working fine (I think)
> as :
>
> 
>
> - name: Verify Python-3.4.1.tgz download
> stat: path=/tmp/Python-3.4.1.tgz
> register: a
> - name: Extract archive
> unarchive: >
> src=/tmp/Python-3.4.1.tgz
> dest=/home/{{ user_installer }}/src
> copy=no
> when: a.stat.isfile is not defined
>
> 
>
> Until today I enable it again in the playbook and it now works "upside
> down" :
> It does extract the archive only when a.stat.isfile is not defined and
> when "a.stat.isfile is defined and a.stat.isfile == true" : it just
> skips the whole code.
>
> I rewrite this as it seems that the "isdir" directive works just as it
> should. So I guess the issue comes from the "isfile" statement and my
> new question : is there a list of all arguments taken by the stat module
> ? I couldn't find one.
>
> Thank you
>
> --
> “One original thought is worth a thousand mindless quotings.”
> “Le vrai n'est pas plus sûr que le probable.”
>
>   Diogene Laerce
>
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzhsaqpd9m%3DtzcLvqMkPNBf9G4vqjhOASJ%2B%3DAAmUAWtzA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[Michael DeHaan]

Right now handlers are just about notifying things in the context of one
host.

There's not (yet) a concept of a global handler, nor really a "global:
True" kind of variant on set_fact.  If there were, it would be easy to set
a global flag True if a particular host hit a state, and then use that
state to trigger actions on another set, without having to rely on the
result of just one particular host, which you can already do with hostvars.

Sorry if this doesn't entirely make sense.

There are ways you could do it that are a little bit hackish, like creating
a signal file with a handler that delegated to localhost, but mass
delegation to localhost with 500 systems is usually going to make your
control server unhappy.

I think it's about time we do have a "set_global" that a handler could
call, and you could use that in another play.  Seems like a good idea now.





On Thu, Jul 24, 2014 at 9:38 AM, Michael Peters 
wrote:

> On Thu, Jul 24, 2014 at 7:00 AM, Michael DeHaan 
> wrote:
>
> > You could also set a simple play like this, which would probably be
> cleaner:
> >
> > - hosts: blarg
> >   serial: 1
> >   tasks:
> > - pause: seconds={{ n }}
> > - service: name=foo state=restarted
>
> Is there a way to do something like this as a handler? I think that's
> the main problem here is that a configuration change should trigger a
> restart handler, but right now there's no way to throttle/serialize
> the execution of that handler. Unless I'm missing something...
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJQqANe3_nycqbbpcRTEjwck1%2BcmaDQBd3cFgzW6-Y7EphuYKg%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyWab7dS8Ht2gq%3DxajO99ymkF2ztPos_Ai%3Dd9Yso2c-iw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Subversion only on server

[Michael DeHaan]

Could go either way.

If you had a pattern like so:

- hosts: localhost
  tasks:
 - svn: ...

- hosts: webservers
  tasks:
 - synchronize: ...

You could do a local checkout to the server once and then blast it out,
rather than have every server connect to SVN directly.

unarchive would be another alternative if you had a tarball rather than
synchronize, which is a wrapper around rsync.




On Thu, Jul 24, 2014 at 3:03 PM, Mauricio Tavares 
wrote:

>   If I am storing templates and other files in subversion, does
> the client need to be able to reach the svn server or can I just have
> the ansible server grab files from svn server and feed them to client?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAHEKYV6cgsG3tJ6zJqBZ%3DmJ5nxf049T94xp_zvaz8MmN8zE9kw%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgw2i3e6Sb1x98tpzfvq00dkbmjmEzaN9YbAeyExPRgbTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Defining variables and save them as json file.

[Michael DeHaan]

If you have variables defined centrally, use them via vars_files,
group_vars, or whatever, and you don't need to copy them to local facts *at
all*.

Local facts are there for when an administrator wants to make the mortals
who use a system be able to configure it basically.

(Or it's a shortcut to avoid writing a fact module, in some cases, though
fact modules are better-er)

So ultimately I want to step back and understand the use case a bit rather
than working through your questions above - though they aren't bad
questions, I think we'd be leading you a bit astray - maybe.

I could be wrong.




On Thu, Jul 24, 2014 at 11:17 AM, Marcin Prączko 
wrote:

> Hi,
>
> I struggle with some issue with variables definition which I am not
> totally understand and can't find help in ansible docs.
>
> I am trying to have nice variables structure and save it as json file
> (re-use as local facts).
>
> So I have *groups_vars* file:
> g_core_vars:
>   version : "0.1.0"
>   varinfo:
> vi_name: "core_vars"
> vi_vartype : "groupvars-all"
>   vars:
> status : "non-prod"
> env: "develop"
> lob: "none"
> product: "none"
> prole  : "other"
> roles:
>   - web
>
>
> Now I would like to create variable based on above values:
> For example:
> g_core_nagios_filename: '{{ g_core_vars.vars.env }}-{{
> g_core_vars.vars.product }}'.cfg
>
> However I am gettig error on ansible:
> ERROR: One or more undefined variables: 'dict object' has no attribute:
> 'vars'.
>
> My goal is no that I can write this variabe 'g_core_vars' to json with
> 'copy' module:
> - name: Write g_core_vars variables to local facts
>   copy: content="{{ g_core_vars }}" dest=/etc/ansible/facts.d/{{
> g_core_vars.varinfo.vi_name }}.fact
> owner=root group=root mode=0644
>
>
> *Summary:*
> - How I can use defined variables which used previous variables names and
> can be saved as json in one task?
> - Not quite undertand this principle that I have to define each variable
> sepearatly.
>
> # Variables files.
> var01: 'value01'
> var02: 'value02'
>
> somevars1:
>   v01: '{{ var01 }}'
>   v02: '{{ var02 }}'
>
> # Will work
> somevars2: '{{ var01 }}-{{ var02 }}'
>
> # Will not work
> somevars2: '{{ somevars1.var01 }}'
>
>
> Please advice.
>
> Best regards.
> Marcin
>
>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1d3b58f6-aa1f-4bd2-8f65-38bbef00aac7%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgz%2BYJD3uap9QsXspQbYf9rykgg7SrfZK8fDxOat3Bg9qQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: psycopg2.ProgrammingError: conflicting or redundant options

[John Oliver]

OK, I'm going to answer my own question :-)  I got the "conflicting or 
redundant options" when I used a command:  It turns out that NOSUPERUSER is 
sufficient, and psycopg just throws a fit instead of accepting the 
"redundant" permissions.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/738bc12a-3448-410b-ab8c-890f0f1b5357%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Nested directory walking question

[Michael DeHaan]

I wouldn't shell out.

I'd call python's very handy os.path.walk with a custom function.  If you'd
like to talk about this, ansible-devel is probably a bit more on topic (and
I'm trying to spur that list into greater life).




On Thu, Jul 24, 2014 at 10:05 AM, Bill Lubanovic  wrote:

> Thanks, Michael. It looks like with_fileglob() only shows files, not
> directories, so that wouldn't work for me.
>
> I'm testing a workaround using "find" or "ls", then split() to grab ,
> , and . It would be nice to pass  and  as arguments to a task
> using the synchronize module.
>
> On Wednesday, July 23, 2014 5:18:21 PM UTC-5, Michael DeHaan wrote:
>
>> So there's already "with_fileglob" in Ansible
>>
>> - debug: msg={{ path }}
>>   with_fileglob: /path/to/files/*/*.tgz
>>
>> This isn't recursive however, despite being able to specify multiple
>> directories to read.
>>
>> It would be possible to make a lookup plugin that was, like a
>> "with_fileglob_recursive" that used the results of something like
>> os.path.walk.
>>
>> So basically yes, you need a new one.
>>
>> With_nested is for constructing nested loops and is something a bit
>> different.
>>
>>
>>
>>
>> On Wed, Jul 23, 2014 at 1:30 PM, Bill Lubanovic 
>> wrote:
>>
>>> I'd like to walk a directory hierarchy of the form ///. 
>>> is a fixed root directory, and isn't relevant. I have a number of 
>>> directories, which represent machine categories. Under each  are zero or
>>> more  directories, which are string values for that category. Finally,
>>>  is a directory hierarchy to copy to machines that match the parent
>>> / combination. For example:
>>>
>>> /tmp/test/color/red/etc/passwd
>>> /tmp/test/color/green/etc/motd
>>> /tmp/test/flavor/cinnamon/var/something
>>>
>>>  here is /tmp/test. There are two  categories (color and flavor):
>>> the first (color) has two  subdirectories (red and green) and the second
>>> (flavor) has one (cinnamon). Each  has a different  (file hierarchy)
>>> to be copied to machines that match /.
>>>
>>> How do I walk each , passing its value, its  subdirectories, and
>>> their  subdirectories to a task? I need to consider  and  together
>>> with other vars and facts (machine "colors" and "flavors") to pick target
>>> destinations for .
>>>
>>> I've looked at the various loop constructs, and see how to chain with
>>> register, but not how to populate the lists for with_nested.
>>>
>>> Thanks!
>>>
>>>
>>>  --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>>
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/5ec31b08-1b0d-4041-b867-
>>> 1c46f8c13c46%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/549f8410-17af-41a2-b7d8-5393e093d00b%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyUUfgeQLStOmt%2BGDHjFfRAyPZDZq1x6cyhyZzxJBJ4%3Dw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Calling Tags From a Playbook

[Michael DeHaan]

Role and play level both would be acceptable, but I'd want it in both.

We'd need to find a nice way to work it into the docs on tags w/o making it
too confusing.




On Thu, Jul 24, 2014 at 10:36 AM, Greg Swift  wrote:

> So In my proposal you would specify use_tags (or whatever) when calling
> the role specifically, not at the play level.  If i'm bringing in multiple
> roles it seems like it would make sense to support it at the role level, or
> i guess maybe at both? Maybe I'm just over thinking it, but i can
> definitely see reasons why you would want to allow the more specific
> implementation. Seems like a anti-pattern to constantly add new plays just
> because a set of roles might share a tag yet you want one role to run tagA
> the other tagB, but they both have tagA.
>
> Basically, what is the defining reason why this should be at the play
> level rather than in the call of the role?  I haven't looked at the code
> yet, so maybe its implementation?
>
> -greg
>
>
> On Sunday, July 20, 2014 7:36:25 AM UTC-5, Michael DeHaan wrote:
>
>> Basically this would be asking for a play level "use_tags" parameter.
>>  (It would not be called "tags", as that would mean the existing ability
>> *to tag*)
>>
>> This is not something we are working on, but patches would be considered
>> certaintly, the variable should only exist at play level (on level with
>> "hosts:").
>>
>>
>>
>>
>> On Sun, Jul 20, 2014 at 6:06 AM, Michael Liu  wrote:
>>
>>> I know you have to ability to call task tags from the command line, for
>>> example:
>>>
>>> ansible-playbook -i staging_env mydeploy.yml --tags "web_stop"
>>>
>>> But, is there a way to call task tags from with in a playbook?  I would
>>> rather create multiple playbooks such as web_start.yml, web_deploy.yml,
>>> stop_all.yml, start_all.yml and not have to worry about calling the
>>> appropriate tags at the command line.  My issue is that not everyone on the
>>> Ops team is as familiar with ansible (and all of the tags we use), so
>>> allowing them to just run "ansible-playbook -i staging_env start_all.yml"
>>> seems easier and safer.  And the goal is to keep my existing role/tasks
>>> structure without duplicating tasks between roles.  The main issue with the
>>> playbook is that when you apply a role to hosts it applies all of the tasks
>>> in that role, no way to pick and choose tasks in the playbook.
>>>
>>> My dir structure for my web servers is as follows:
>>> roles/web/tasks
>>> main.yml
>>> stop.yml
>>> update_code.yml
>>> start.yml
>>> check_service.yml
>>>
>>> If it's not possible to call task tags from a playbook, is this
>>> something you're currently working?  Is there another way to achieve this?
>>>
>>> Thanks so much for your time.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>>
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/7e93c579-5ecc-426d-b168-
>>> 728c06e946a7%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2ccae7c2-be55-412a-9f56-f76acf2460ba%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxQ%2Bw6nVFJA3uQhiLYu08A-ZHX5wG92ieg9N70F3TNXuw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] stat upside down

[Michael DeHaan]

That doesn't quite follow for me.

However, I think you might really want this:

when: a is defined and a.stat.isfile

OR (depending on use case)

when: a is defined and not a.stat.isfile

Maybe try one of those first...




On Thu, Jul 24, 2014 at 9:32 AM, 'Diogene Laerce' via Ansible Project <
ansible-project@googlegroups.com> wrote:

> Hi,
>
> I have this strange issue. The following code was working fine (I think)
> as :
>
> 
>
> - name: Verify Python-3.4.1.tgz download
> stat: path=/tmp/Python-3.4.1.tgz
> register: a
> - name: Extract archive
> unarchive: >
> src=/tmp/Python-3.4.1.tgz
> dest=/home/{{ user_installer }}/src
> copy=no
> when: a.stat.isfile is not defined
>
> 
>
> Until today I enable it again in the playbook and it now works "upside
> down" :
> It does extract the archive only when a.stat.isfile is not defined and
> when "a.stat.isfile is defined and a.stat.isfile == true" : it just
> skips the whole code.
>
> Anyone knows what could happened here ?
>
> Thank you
>
> --
> “One original thought is worth a thousand mindless quotings.”
> “Le vrai n'est pas plus sûr que le probable.”
>
>   Diogene Laerce
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxdtXXp-Kq7eE8QXVfq8sMcdn8N01aBi25G7y2fja77xQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] unable to update sudoers file on RH6u5 with validate option.

[Michael DeHaan]

H.

No such file or directory *MIGHT* be referring to visudo.  Can you try
explicitly pathing it?




On Thu, Jul 24, 2014 at 9:05 AM, Yasir Saleem  wrote:

>
> Hi,
>   I am not able to change '/etc/sudoers' file successfully on RH 6.5
> (Santiago) when using validate option. The same thing works fine on RH6u4
> sever.
>
> Below is my playbook and response from the server.
>
> Note: When I run the commented 'lineinfile' task works fine on RH6u5 as
> well but I want to validate before changing 'sudoers' file.
>
> - hosts: proxy
>   gather_facts: yes
>   remote_user: "{{ ssh_remote_user }}"
>   sudo: yes
>   tasks:
> - name: update sudoer file to allow ADMIN nopasswd
>   lineinfile: dest=/etc/sudoers state=present regexp='^%admin ALL ='
> line='%admin ALL=(ALL) NOPASSWD:ALL' validate='visudo -cf %s'
>   #lineinfile: dest=/etc/sudoers state=present regexp='^%admin ALL ='
> line='%admin ALL=(ALL) NOPASSWD:ALL'
>
>
> TASK: [update sudoer file to allow ADMIN nopasswd]
> ***
> failed: [proxy10-qa1] => {"cmd": "visudo -cf /tmp/tmp8UPaDy", "failed":
> true, "rc": 2}
> msg: [Errno 2] No such file or directory
>
> FATAL: all hosts have already failed -- aborting
>
> Thanks,
> Yasir.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ffda7799-0b24-469a-89fa-476dc389024c%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgz97SPKGHJeDP8E%3DzxQYV-DwXdUCy67%3DjDYU7hrf_o4VQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] issue setting tags on ec2 module

[Brent Langston]

On Tue, Jul 22, 2014 at 3:13 PM, Michael DeHaan  wrote:

> Also "local_action" is usually not needed in cloud provisioning tasks as
> you can just have a play that talks to localhost
>

yeah, this was written before localhost was handled the way it is today. I
haven't gone back and edited this in quite some time.




Brent


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CABta7G2M6xqLUEQKRLFWCwXWZ5CwxcOE7yizyh9JAWDbZWRtvQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Error 'msg: You need to be root to perform this command.' with sudo on

[Michael DeHaan]

"What am I doing wrong?"

Not running this step as root.

Consider "remote_user: root" in your playbook for this step, as you can't
run it as user "raven".

Also, sudo'ing from raven to raven is a little strange, I think you
probably want to just not set sudo_user, then it would assume "raven" is
sudoing to "root".






On Thu, Jul 24, 2014 at 12:58 PM, Thomas Hudson 
wrote:

> I'm getting this error with the following playbook:
>
> ---
> # file: deploy.yml
> # usage: ansible-playbook deploy.yml --inventory-file 
> --extra-vars "service_name= rpm_src_url="
> # extra-vars:
> #   service_name- name of the RPM service e.g. medio-spitback
> #   rpm_src_url - URL where RPM to install can be downloaded
> - hosts: webservers
>   remote_user: raven
>   gather_facts: false
>   sudo: yes
>   sudo_user: raven
>   vars:
> rpm_dest: "/tmp/{{ service_name }}.rpm"
>   tasks:
>   - name: download RPM to host
> get_url: url="{{ rpm_src_url }}" dest="{{ rpm_dest }}" force=yes
>   - name: yum uninstall service if needed
> yum: name="{{ service_name }}" state=absent
>   - name: yum install RPM
> yum: name="{{ rpm_dest }}" state=present
>   - name: ensure service is running
> service: name="{{ service_name }}" state=started
>   - name: Delete uploaded RPM
> file: dest="{{ rpm_dest }}" state=absent
>
>
> The full logging:
>
> TASK: [yum uninstall service if needed]
> ***
>  ESTABLISH CONNECTION FOR USER: raven on PORT 22 TO
> dla19-sea.hq.msrch
>  REMOTE_MODULE yum name="medio-spitback" state=absent
>  EXEC /bin/sh -c 'mkdir -p
> /tmp/ansible-tmp-1406220230.33-96765765740082 && chmod a+rx
> /tmp/ansible-tmp-1406220230.33-96765765740082 && echo
> /tmp/ansible-tmp-1406220230.33-96765765740082'
>  PUT /tmp/tmpq7NAYC TO
> /tmp/ansible-tmp-1406220230.33-96765765740082/yum
>  EXEC /bin/sh -c 'chmod a+r
> /tmp/ansible-tmp-1406220230.33-96765765740082/yum'
>  EXEC /bin/sh -c 'LC_CTYPE=en_US.UTF-8
> LANG=en_US.UTF-8 /usr/bin/python -tt
> /tmp/ansible-tmp-1406220230.33-96765765740082/yum'
>  EXEC /bin/sh -c 'rm -rf
> /tmp/ansible-tmp-1406220230.33-96765765740082/ >/dev/null 2>&1'
> failed: [dla19-sea.hq.msrch] => {"changed": false, "failed": true, "rc":
> 1, "results": ["Loaded plugins: fastestmirror\n"]}
> msg: You need to be root to perform this command.
>
> What am I doing wrong?
>
> TIA
> Tomy
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4838c027-00f8-475f-8214-15721b1ac526%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzLfFhd-paAarh%3DT6cnm%3DcELjLzuN10L0kZPP4kp8AV6w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Error 'msg: You need to be root to perform this command.' with sudo on

[Thomas Hudson]

I'm getting this error with the following playbook:

---
# file: deploy.yml
# usage: ansible-playbook deploy.yml --inventory-file  
--extra-vars "service_name= rpm_src_url=" 
# extra-vars:
#   service_name- name of the RPM service e.g. medio-spitback
#   rpm_src_url - URL where RPM to install can be downloaded
- hosts: webservers
  remote_user: raven
  gather_facts: false
  sudo: yes
  sudo_user: raven
  vars:
rpm_dest: "/tmp/{{ service_name }}.rpm"
  tasks:
  - name: download RPM to host
get_url: url="{{ rpm_src_url }}" dest="{{ rpm_dest }}" force=yes
  - name: yum uninstall service if needed
yum: name="{{ service_name }}" state=absent
  - name: yum install RPM
yum: name="{{ rpm_dest }}" state=present
  - name: ensure service is running
service: name="{{ service_name }}" state=started
  - name: Delete uploaded RPM
file: dest="{{ rpm_dest }}" state=absent


The full logging:

TASK: [yum uninstall service if needed] 
***
 ESTABLISH CONNECTION FOR USER: raven on PORT 22 TO 
dla19-sea.hq.msrch
 REMOTE_MODULE yum name="medio-spitback" state=absent
 EXEC /bin/sh -c 'mkdir -p 
/tmp/ansible-tmp-1406220230.33-96765765740082 && chmod a+rx 
/tmp/ansible-tmp-1406220230.33-96765765740082 && echo 
/tmp/ansible-tmp-1406220230.33-96765765740082'
 PUT /tmp/tmpq7NAYC TO 
/tmp/ansible-tmp-1406220230.33-96765765740082/yum
 EXEC /bin/sh -c 'chmod a+r 
/tmp/ansible-tmp-1406220230.33-96765765740082/yum'
 EXEC /bin/sh -c 'LC_CTYPE=en_US.UTF-8 LANG=en_US.UTF-8 
/usr/bin/python -tt /tmp/ansible-tmp-1406220230.33-96765765740082/yum'
 EXEC /bin/sh -c 'rm -rf 
/tmp/ansible-tmp-1406220230.33-96765765740082/ >/dev/null 2>&1'
failed: [dla19-sea.hq.msrch] => {"changed": false, "failed": true, "rc": 1, 
"results": ["Loaded plugins: fastestmirror\n"]}
msg: You need to be root to perform this command.

What am I doing wrong?

TIA
Tomy

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4838c027-00f8-475f-8214-15721b1ac526%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Newby Requirements and missing workarounds

[Bastian Bringenberg]

Hey together,

I am working with ansible for a few days now and it is perfect and really 
what I needed, but there are a few things I am not able to solute for 
myself and where I have ( in my opinion ) ugly workarounds that should be 
able to be done a lot smoother.

*1.) Merging Variables per Playbook*


   - I know that merging variables is possible with editing ansible.cfg
   - I know, that a lot of playbooks do not use this behavior so enabling 
   it could create problems
   - Is it somehow possible to create it just for my own playbooks?
   - Reason:
   - All my variables are build like this: 
  - bbnetz.PLAYBOOK.packages.[nano, screen, curl, ...] ( for example ) 
  set in the vars folder per distribution/version
  - bbnetz.PLAYBOOK.settings.[database.*, vhost, defaultUser, ... ] set 
  in the defaults folder and also in my host_vars.
   
Just as a workaround: I just renamed the bbnetz.PLAYBOOK.packages to 
bbnetz_packages.PLAYBOOK, but this is not as clean as I would like to have 
it.

*2.) Creating Runtime variables*

This is my set up:

   - I tried to setup a PHP-FPM setup with different ports 
   - I created for each php-fpm vhost a file in /etc/php5/fpm/pool.d/ and 
   name it HOSTNAME_PORTNUMBER where portnumber is 9000 + i.
   - And here is where this ends. I am not able to figure out what my i is 
   or how to add it to 9000.


Just as workaround: I am working with PHP-FPM over Sockets for the moment...

*3.) Git Module and owners*

This is one of my settings:

   - I am connected as user bbringenberg to my test server
   - I create a new user named openproject and want to create the github 
   repo from openproject in /home/openproject as user openproject.
   - There is no attribute owner/group so this is not possible =(.
   - I am also not able to configure the user for a new connection in my 
   vars file


Just as a workaround: I am creating a copy of the gitrepo for the moment 
and set the new owner there.

*4.) How are you working with SSL Certs?*


   - The last of my problems is, that I am not sure how to deploy SSL Certs
   - I could add them to my host_vars file, but that would make it really 
   huge and as my configuration is in a locale git it would not make it any 
   more secure...
   - I need to deploy them as files with gitignore or so...
   - How are you doing this?

Just as a workaround: I am doing this manually on each server...

It would be really cool if you'd be able to help me out here, because I 
have a lot of cool things todo with ansible =).

Thanks for your help and have a very nice evening,
Greetings from Ruhrarea, Germany,

Bastian

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/79b95ecd-61ad-4252-93f9-34e3f5266a53%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Variable registration step, ignore_errors, and idempotency

[Synaesthete]

Perfect, exactly what I needed. Thanks!


On Wednesday, July 23, 2014 6:15:36 PM UTC-4, Michael DeHaan wrote:
>
> Instead of ignore_errors: True, consider:
>
> failed_when: False
>
> The reporting of changed always can be fixed with
>
> changed_when: False
>
>
>
>
> On Wed, Jul 23, 2014 at 1:14 PM, Synaesthete  > wrote:
>
>> I'm writing a playbook that runs an initial git commit on a folder if 
>> there has not yet been a commit. I check this using:
>>
>> - name: Get commit count
>>   command: git rev-list HEAD --count chdir={{ project_path }}
>>   ignore_errors: yes
>>   register: git_commit_count
>>
>> If there have been no commits, this command returns an error, in which 
>> case I then conditionally run a few other git-related steps. I have two 
>> issues with this:
>>
>>1. Even if the error is ignored, it is still reported in the log 
>>display even if I have not enabled verbose mode
>>2. This step always reports "changed" which breaks my idempotency 
>>check that ensures changed=0 on a second run 
>>
>> Is there a good way to work around this? Can I take this step "off the 
>> record"?
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/e7a16351-f652-4d12-96a9-5be523b32aad%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5338ddbf-29ba-4673-bd69-93da4bc10296%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] set_fact on 'meta' playbook

[Michael Dur]

I have a role who's sole purpose is as a meta playbook.
It has a bunch of includes in meta/main.yml:
allow_duplicates: no
dependencies:
  - { role: feature/zypper, when: "common_has_executed is defined" }
  - { role: feature/rc.firewall, when: "common_has_executed is defined" }
  - { role: base/base, when: "common_has_executed is defined" }
  - { role: feature/perl, when: "common_has_executed is defined" }
  - { role: feature/python, when: "common_has_executed is defined" }
  - { role: feature/ruby, when: "common_has_executed is defined" }

I want this to just run once, so I made a task:

- name: log common status
  set_fact:  common_has_executed = "1"

Unfortunately the task seems to be parsed before the meta includes, so 
nothing runs.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/77f77ecc-29f1-4077-9fd1-78e49dd02eec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] autoscaling_group + add_host == not possible?

[Paul Durivage]

Hi Guy!

I'm not an expert on this module because it's my coworker who wrote it and
not me, so I'll try to give you as much good advice as I can.  So I think
the issue here is that the autoscale groups don't return data about the
servers they may create or delete.  Correct me if I'm wrong in my
understanding.

So, this isn't an issue with the module per se, it's more of an issue with
the way that ASGs operate -- you create ASGs and they in turn create
servers, or delete them, work on load balancers, etc.

Ansible won't know about these servers until you run the dynamic inventory
script again.

There are three ways to handle this, I think:

1. ansible-pull
2. tower + webhooks
3. bake-in ansible-pull into the image so that it ansible-pulls on boot

The first two methods will take advantage of cloud-init, essentially.  So,

1. For ansible-pull you'll need to cloud-init install ansible-pull ont he
machine as it comes online, and when it does, it pulls down a git repo, and
"Ansibles" itself.
2.  But for Tower & Webhooks, when a server comes online, have it use a
cloud-init webhook to call back to a Tower server, which would then kick of
a playbook of some kind
3. Baking in ansible-pull is really simple but requires work ahead of
deployment; can't be done afterwards via ansible in they way you desire
(you could write a playbook to do this before hand, though!)

When you're working with Autoscale, cloud-init is your new BFF.  It'll
handle the stuff you're looking to do.

There's more documentation about cloud-init around.  Here's a started
article:
https://developer.rackspace.com/blog/using-cloud-init-with-rackspace-cloud/

And this is a repo made by a Racker specifically covering getting Autoscale
working with cloud-init.
https://github.com/devx/autoscale_cloudinit

Essentially, when you set up your autoscale configuration, you'll need to
pass some custom data, base64 encoded a la the webdocs:
http://docs.rackspace.com/cas/api/v1.0/autoscale-devguide/content/Manage_Launch_Configuration.html
http://docs.rackspace.com/servers/api/v2/cs-devguide/content/config_drive_ext.html

*Please note that the current implementation of the rax_autoscale_group
does not allow you to work with cloud-init, but I have an idea of how I
might go about adding such functionality.  Apologies for the inconvenience.*



On Thu, Jul 24, 2014 at 1:18 PM, Guy Matz  wrote:

> :-(  I'm on Rackspace  :-(
>
> ;-)
>
>
> On Thursday, July 24, 2014 1:53:30 PM UTC-4, James Martin wrote:
>>
>> Instead of baking the Tower callback script into the AMI, it also can be
>> baked into the ASG's Launch Config User Data.  That may be a bitter easier
>> to manage.
>>
>> - James
>>
>> On Thursday, July 24, 2014 11:26:39 AM UTC-4, Michael DeHaan wrote:
>>>
>>> Tower provisioning callbacks embedded into the image are a GREAT
>>> solution for this.
>>>
>>> http://www.ansible.com/tower
>>>
>>> Alternatively schedule a run to configure and apply policy periodically,
>>> only adding machines into the LB once configured.
>>>
>>> Alternatively, ansible-pull
>>>
>>> The provisioning callbacks are the cleanest option and allow ephmeral
>>> systems to request configuration as they come online, while still operating
>>> in push mode and getting full history/status/logging of activity during
>>> that configuration (as with ansible-pull this info can be lost).
>>>
>>>
>>>
>>>
>>> On Thu, Jul 24, 2014 at 10:51 AM, Guy Matz  wrote:
>>>
 Right, but with an auto-scaling group I don't know of a way to get the
 new hostnames of the servers the AS group creates . . .  the new host are
 not returned in the output from the call to create the autoscaling group

 Thanks,
 Guy


 On Thursday, July 24, 2014 10:09:02 AM UTC-4, Michael Peters wrote:

> If I understand correctly, this is what add_hosts is for. After you've
> dynamically created a host you can add it to a group and then in a
> subsequent play include a role that would configure that group.
>
> Is that what you're looking for?
>
> On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz  wrote:
> > Hi!  Is there any way to provision hosts built by a
> rax_scaling_group?  Is
> > it possible to re-read dynamic inventory midway through the run -
> after the
> > servers have been built - and have them ansibled?  Or is the only
> option to
> > have them pull after they build?
> >
> > Thanks a lot!
> > Guy
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups
> > "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it,
> send an
> > email to ansible-proje...@googlegroups.com.
> > To post to this group, send email to ansible...@googlegroups.com.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/ansible-project/afa8953b-
> 437e-4c7e-847c-8372ca63881d%40googlegroups.com.
> > For more op

[ansible-project] tags

[Michael Dur]

I notice when you try use a tag that does not exist ansible happily prints 
those that do exist in the error output.
Would it be possible/desirable to have an option to just print the tags on 
demand?  How about a tree of playbooks by tags (think of the output of the 
utility tree)?

Our infrastructure is complicated, and we are beginning to get lots of tags 
going on.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/df2cd839-e971-4848-9f13-b01a03dc23fd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[David Reagan]

Heh, yeah, guessing how long it takes to restart is not ideal. It's just
what I was thinking of as a work around that properly tweaked would avoid
clobbering the cluster.

The more I think about it, the more I'm not sure there's a good way to do
this in Ansible. For Elasticsearch, I'd want to issue a command like
'service elasticsearch safe-restart' that waits for the status of the
cluster to be green before restarting. For RabbitMQ, I'd want something
similar, though I haven't worked with it enough to know exaction what.

I think I'll head off to the elasticsearch group and Google to see how
others have avoided clobbering their clusters when updating config. :)
Thanks for all the responses so far.

--David Reagan


On Thu, Jul 24, 2014 at 11:05 AM, Michael Peters 
wrote:

> On Thu, Jul 24, 2014 at 11:54 AM, David Reagan  wrote:
>
> > So, handlers seem like they are just special tasks that you can call with
> > the "notify" option. If that's the case, couldn't I just make a handler
> that
> > uses the at module instead of the service module? Actually, I think I've
> > done that already in a differen role.. Hmm...
>
> The problem with at is that you have to manually figure out how long
> something should take and hope it never takes over that and then try
> to randomize how quickly how many servers restart.
> Or you leave a lot of time between which makes it inefficient.
>
> Just saying it would be nice if we could already leverage all of the
> power of serial (including all of the niceties like
> max_fail_percentage).
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/SBo2dPYNuGI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJQqANe0znq%2BT-Sx8LdXpP7m8EXctSvp5%3DcN1qLdjEXG%2BzHi4w%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANo%2B_Ac6QDQGiS7vGasc1YZc2hgUHZFB8dnyHWX%2B-8VcJ0DtWA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Subversion only on server

[Mauricio Tavares]

  If I am storing templates and other files in subversion, does
the client need to be able to reach the svn server or can I just have
the ansible server grab files from svn server and feed them to client?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHEKYV6cgsG3tJ6zJqBZ%3DmJ5nxf049T94xp_zvaz8MmN8zE9kw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] autoscaling_group + add_host == not possible?

[Guy Matz]

:-(  I'm on Rackspace  :-(

;-)

On Thursday, July 24, 2014 1:53:30 PM UTC-4, James Martin wrote:
>
> Instead of baking the Tower callback script into the AMI, it also can be 
> baked into the ASG's Launch Config User Data.  That may be a bitter easier 
> to manage.
>
> - James
>
> On Thursday, July 24, 2014 11:26:39 AM UTC-4, Michael DeHaan wrote:
>>
>> Tower provisioning callbacks embedded into the image are a GREAT solution 
>> for this.
>>
>> http://www.ansible.com/tower
>>
>> Alternatively schedule a run to configure and apply policy periodically, 
>> only adding machines into the LB once configured.
>>
>> Alternatively, ansible-pull
>>
>> The provisioning callbacks are the cleanest option and allow ephmeral 
>> systems to request configuration as they come online, while still operating 
>> in push mode and getting full history/status/logging of activity during 
>> that configuration (as with ansible-pull this info can be lost).
>>
>>
>>
>>
>> On Thu, Jul 24, 2014 at 10:51 AM, Guy Matz  wrote:
>>
>>> Right, but with an auto-scaling group I don't know of a way to get the 
>>> new hostnames of the servers the AS group creates . . .  the new host are 
>>> not returned in the output from the call to create the autoscaling group
>>>
>>> Thanks,
>>> Guy 
>>>
>>>
>>> On Thursday, July 24, 2014 10:09:02 AM UTC-4, Michael Peters wrote:
>>>
 If I understand correctly, this is what add_hosts is for. After you've 
 dynamically created a host you can add it to a group and then in a 
 subsequent play include a role that would configure that group. 

 Is that what you're looking for? 

 On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz  wrote: 
 > Hi!  Is there any way to provision hosts built by a 
 rax_scaling_group?  Is 
 > it possible to re-read dynamic inventory midway through the run - 
 after the 
 > servers have been built - and have them ansibled?  Or is the only 
 option to 
 > have them pull after they build? 
 > 
 > Thanks a lot! 
 > Guy 
 > 
 > -- 
 > You received this message because you are subscribed to the Google 
 Groups 
 > "Ansible Project" group. 
 > To unsubscribe from this group and stop receiving emails from it, 
 send an 
 > email to ansible-proje...@googlegroups.com. 
 > To post to this group, send email to ansible...@googlegroups.com. 
 > To view this discussion on the web visit 
 > https://groups.google.com/d/msgid/ansible-project/
 afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com. 
 > For more options, visit https://groups.google.com/d/optout. 

>>>  -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/ansible-project/95901259-7644-4c9f-ba88-431332b8d903%40googlegroups.com
>>>  
>>> 
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3d66b088-ed84-4c08-bbf7-96308b8d6140%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[Michael Peters]

On Thu, Jul 24, 2014 at 11:54 AM, David Reagan  wrote:

> So, handlers seem like they are just special tasks that you can call with
> the "notify" option. If that's the case, couldn't I just make a handler that
> uses the at module instead of the service module? Actually, I think I've
> done that already in a differen role.. Hmm...

The problem with at is that you have to manually figure out how long
something should take and hope it never takes over that and then try
to randomize how quickly how many servers restart.
Or you leave a lot of time between which makes it inefficient.

Just saying it would be nice if we could already leverage all of the
power of serial (including all of the niceties like
max_fail_percentage).

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJQqANe0znq%2BT-Sx8LdXpP7m8EXctSvp5%3DcN1qLdjEXG%2BzHi4w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] autoscaling_group + add_host == not possible?

[James Martin]

Instead of baking the Tower callback script into the AMI, it also can be 
baked into the ASG's Launch Config User Data.  That may be a bitter easier 
to manage.

- James

On Thursday, July 24, 2014 11:26:39 AM UTC-4, Michael DeHaan wrote:
>
> Tower provisioning callbacks embedded into the image are a GREAT solution 
> for this.
>
> http://www.ansible.com/tower
>
> Alternatively schedule a run to configure and apply policy periodically, 
> only adding machines into the LB once configured.
>
> Alternatively, ansible-pull
>
> The provisioning callbacks are the cleanest option and allow ephmeral 
> systems to request configuration as they come online, while still operating 
> in push mode and getting full history/status/logging of activity during 
> that configuration (as with ansible-pull this info can be lost).
>
>
>
>
> On Thu, Jul 24, 2014 at 10:51 AM, Guy Matz 
> > wrote:
>
>> Right, but with an auto-scaling group I don't know of a way to get the 
>> new hostnames of the servers the AS group creates . . .  the new host are 
>> not returned in the output from the call to create the autoscaling group
>>
>> Thanks,
>> Guy 
>>
>>
>> On Thursday, July 24, 2014 10:09:02 AM UTC-4, Michael Peters wrote:
>>
>>> If I understand correctly, this is what add_hosts is for. After you've 
>>> dynamically created a host you can add it to a group and then in a 
>>> subsequent play include a role that would configure that group. 
>>>
>>> Is that what you're looking for? 
>>>
>>> On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz  wrote: 
>>> > Hi!  Is there any way to provision hosts built by a rax_scaling_group? 
>>>  Is 
>>> > it possible to re-read dynamic inventory midway through the run - 
>>> after the 
>>> > servers have been built - and have them ansibled?  Or is the only 
>>> option to 
>>> > have them pull after they build? 
>>> > 
>>> > Thanks a lot! 
>>> > Guy 
>>> > 
>>> > -- 
>>> > You received this message because you are subscribed to the Google 
>>> Groups 
>>> > "Ansible Project" group. 
>>> > To unsubscribe from this group and stop receiving emails from it, send 
>>> an 
>>> > email to ansible-proje...@googlegroups.com. 
>>> > To post to this group, send email to ansible...@googlegroups.com. 
>>> > To view this discussion on the web visit 
>>> > https://groups.google.com/d/msgid/ansible-project/
>>> afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com. 
>>> > For more options, visit https://groups.google.com/d/optout. 
>>>
>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/95901259-7644-4c9f-ba88-431332b8d903%40googlegroups.com
>>  
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bb38a620-8f6f-4e59-ae2b-aad5b57310e4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] psycopg2.ProgrammingError: conflicting or redundant options

[John Oliver]

ansible 1.6.6

This stanza in my playbook:

  - name: Create database user
postgresql_user: name={{rc_db_user}}
 password={{rc_db_pass}}

 role_attr_flags=NOSUPERUSER,NOCREATEROLE,NOCREATEUSER,NOCREATEDB
 login_user={{pg_user}}
 login_password={{pg_pass}}


Results in:

TASK: [Create database user] 
** 
failed: [jedis-test] => {"failed": true, "parsed": false}
invalid output was: SUDO-SUCCESS-cgtcsjketcpyopmfjrlmiidxvqxogoai
Traceback (most recent call last):
  File 
"/home/joliver/.ansible/tmp/ansible-tmp-1406221646.88-85343250424775/postgresql_user",
 
line 1743, in 
main()
  File 
"/home/joliver/.ansible/tmp/ansible-tmp-1406221646.88-85343250424775/postgresql_user",
 
line 499, in main
changed = user_add(cursor, user, password, role_attr_flags, encrypted, 
expires)
  File 
"/home/joliver/.ansible/tmp/ansible-tmp-1406221646.88-85343250424775/postgresql_user",
 
line 181, in user_add
cursor.execute(query, query_password_data)
psycopg2.ProgrammingError: conflicting or redundant options


I used ANSIBLE_KEEP_REMOTE_FILES=1 to look at those lines, but I'm no 
python or postgresql guru.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e90fd096-74cf-48b1-86c3-0691c9d07bf4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[David Reagan]

> A possible workaround would be to make a somewhat non-idiomatic version
of 'handlers' by putting the tasks that restart the services in a separate
play in the end of your playbook with serial: 1. This will cause these
tasks to run one after the other. You would also have 'when' conditionals
on these tasks checking whether any other tasks that should cause restart
of services have actually made changes. Last, if you need to add a delay
between the restarts, you can use the 'wait_for' directive on the tasks
restarting the services.

On the template task, register a variable that says to restart the service,
then at the end of the play I could use the at module to set a service
restart for sometime in the future.

So, handlers seem like they are just special tasks that you can call with
the "notify" option. If that's the case, couldn't I just make a handler
that uses the at module instead of the service module? Actually, I think
I've done that already in a differen role.. Hmm...


What about adjusting how far into the future the at module should run
restart the service? As in, for the first node done, it would be right
away, for the next 5 minutes from now, for the next 10 minutes from now,
and so on. Can I register a variable and then add to it?



> You could also set a simple play like this, which would probably be
cleaner:
>
> - hosts: blarg
>   serial: 1
>   tasks:
> - pause: seconds={{ n }}
> - service: name=foo state=restarted

I did think of something like that, but then my playbook would end up
waiting that long to be finished, and I'm not sure how to get the rolling
restarts I want.

Hmm... Maybe waiting to end the playbook is actually a good thing. I'll
have to think about it.

--David Reagan


On Thu, Jul 24, 2014 at 6:38 AM, Michael Peters 
wrote:

> On Thu, Jul 24, 2014 at 7:00 AM, Michael DeHaan 
> wrote:
>
> > You could also set a simple play like this, which would probably be
> cleaner:
> >
> > - hosts: blarg
> >   serial: 1
> >   tasks:
> > - pause: seconds={{ n }}
> > - service: name=foo state=restarted
>
> Is there a way to do something like this as a handler? I think that's
> the main problem here is that a configuration change should trigger a
> restart handler, but right now there's no way to throttle/serialize
> the execution of that handler. Unless I'm missing something...
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/SBo2dPYNuGI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJQqANe3_nycqbbpcRTEjwck1%2BcmaDQBd3cFgzW6-Y7EphuYKg%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANo%2B_AeiqjkiD%2BM-x6XHLrMTXfEVcLmUpej7kaVe51b4H84xuA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] autoscaling_group + add_host == not possible?

[Michael DeHaan]

Tower provisioning callbacks embedded into the image are a GREAT solution
for this.

http://www.ansible.com/tower

Alternatively schedule a run to configure and apply policy periodically,
only adding machines into the LB once configured.

Alternatively, ansible-pull

The provisioning callbacks are the cleanest option and allow ephmeral
systems to request configuration as they come online, while still operating
in push mode and getting full history/status/logging of activity during
that configuration (as with ansible-pull this info can be lost).




On Thu, Jul 24, 2014 at 10:51 AM, Guy Matz  wrote:

> Right, but with an auto-scaling group I don't know of a way to get the new
> hostnames of the servers the AS group creates . . .  the new host are not
> returned in the output from the call to create the autoscaling group
>
> Thanks,
> Guy
>
>
> On Thursday, July 24, 2014 10:09:02 AM UTC-4, Michael Peters wrote:
>
>> If I understand correctly, this is what add_hosts is for. After you've
>> dynamically created a host you can add it to a group and then in a
>> subsequent play include a role that would configure that group.
>>
>> Is that what you're looking for?
>>
>> On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz  wrote:
>> > Hi!  Is there any way to provision hosts built by a rax_scaling_group?
>>  Is
>> > it possible to re-read dynamic inventory midway through the run - after
>> the
>> > servers have been built - and have them ansibled?  Or is the only
>> option to
>> > have them pull after they build?
>> >
>> > Thanks a lot!
>> > Guy
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups
>> > "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an
>> > email to ansible-proje...@googlegroups.com.
>> > To post to this group, send email to ansible...@googlegroups.com.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msgid/ansible-project/
>> afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/95901259-7644-4c9f-ba88-431332b8d903%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxn3Ndmmq_utjbaFMt5-oWnK2%2BuVogWMdo%2BHyXsT0hfSw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Defining variables and save them as json file.

[Marcin Prączko]

Hi,

I struggle with some issue with variables definition which I am not totally 
understand and can't find help in ansible docs.

I am trying to have nice variables structure and save it as json file 
(re-use as local facts).

So I have *groups_vars* file:
g_core_vars:
  version : "0.1.0"
  varinfo:
vi_name: "core_vars"
vi_vartype : "groupvars-all"
  vars:
status : "non-prod"
env: "develop"
lob: "none"
product: "none"
prole  : "other"
roles:
  - web


Now I would like to create variable based on above values:
For example:
g_core_nagios_filename: '{{ g_core_vars.vars.env }}-{{ 
g_core_vars.vars.product }}'.cfg

However I am gettig error on ansible:
ERROR: One or more undefined variables: 'dict object' has no attribute: 
'vars'.

My goal is no that I can write this variabe 'g_core_vars' to json with 
'copy' module:
- name: Write g_core_vars variables to local facts
  copy: content="{{ g_core_vars }}" dest=/etc/ansible/facts.d/{{ g_core_vars
.varinfo.vi_name }}.fact 
owner=root group=root mode=0644


*Summary:*
- How I can use defined variables which used previous variables names and 
can be saved as json in one task? 
- Not quite undertand this principle that I have to define each variable 
sepearatly.

# Variables files.
var01: 'value01'
var02: 'value02'

somevars1:
  v01: '{{ var01 }}'
  v02: '{{ var02 }}'

# Will work
somevars2: '{{ var01 }}-{{ var02 }}'

# Will not work
somevars2: '{{ somevars1.var01 }}'


Please advice.

Best regards.
Marcin



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1d3b58f6-aa1f-4bd2-8f65-38bbef00aac7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Nested directory walking question

[Bill Lubanovic]

Thanks, Michael. It looks like with_fileglob() only shows files, not 
directories, so that wouldn't work for me.

I'm testing a workaround using "find" or "ls", then split() to grab , 
, and . It would be nice to pass  and  as arguments to a task 
using the synchronize module.

On Wednesday, July 23, 2014 5:18:21 PM UTC-5, Michael DeHaan wrote:
>
> So there's already "with_fileglob" in Ansible
>
> - debug: msg={{ path }}
>   with_fileglob: /path/to/files/*/*.tgz
>
> This isn't recursive however, despite being able to specify multiple 
> directories to read.
>
> It would be possible to make a lookup plugin that was, like a 
> "with_fileglob_recursive" that used the results of something like 
> os.path.walk.
>
> So basically yes, you need a new one.
>
> With_nested is for constructing nested loops and is something a bit 
> different.
>
>
>
>
> On Wed, Jul 23, 2014 at 1:30 PM, Bill Lubanovic  > wrote:
>
>> I'd like to walk a directory hierarchy of the form ///.  
>> is a fixed root directory, and isn't relevant. I have a number of  
>> directories, which represent machine categories. Under each  are zero or 
>> more  directories, which are string values for that category. Finally, 
>>  is a directory hierarchy to copy to machines that match the parent 
>> / combination. For example:
>>
>> /tmp/test/color/red/etc/passwd
>> /tmp/test/color/green/etc/motd
>> /tmp/test/flavor/cinnamon/var/something
>>
>>  here is /tmp/test. There are two  categories (color and flavor): 
>> the first (color) has two  subdirectories (red and green) and the second 
>> (flavor) has one (cinnamon). Each  has a different  (file hierarchy) 
>> to be copied to machines that match /.
>>
>> How do I walk each , passing its value, its  subdirectories, and 
>> their  subdirectories to a task? I need to consider  and  together 
>> with other vars and facts (machine "colors" and "flavors") to pick target 
>> destinations for .
>>
>> I've looked at the various loop constructs, and see how to chain with 
>> register, but not how to populate the lists for with_nested.
>>
>> Thanks!
>>
>>
>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/5ec31b08-1b0d-4041-b867-1c46f8c13c46%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/549f8410-17af-41a2-b7d8-5393e093d00b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Connect to remote servers

[Sisu]

I found my problem.

As I was running ansible with sudo (-s) parameter,  my ssh-agent socket was 
forwarded for the regular user only. Then I need to add "sudo: yes" to all 
the tasks I need sudo and be sure the task where I run ssh to remote tasks 
has no sudo.

This link helped me to find the 
problem: https://github.com/ansible/ansible/issues/7235

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/067ec060-971d-4cd7-a641-ebf212056838%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] autoscaling_group + add_host == not possible?

[Guy Matz]

Right, but with an auto-scaling group I don't know of a way to get the new 
hostnames of the servers the AS group creates . . .  the new host are not 
returned in the output from the call to create the autoscaling group

Thanks,
Guy 

On Thursday, July 24, 2014 10:09:02 AM UTC-4, Michael Peters wrote:
>
> If I understand correctly, this is what add_hosts is for. After you've 
> dynamically created a host you can add it to a group and then in a 
> subsequent play include a role that would configure that group. 
>
> Is that what you're looking for? 
>
> On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz > 
> wrote: 
> > Hi!  Is there any way to provision hosts built by a rax_scaling_group? 
>  Is 
> > it possible to re-read dynamic inventory midway through the run - after 
> the 
> > servers have been built - and have them ansibled?  Or is the only option 
> to 
> > have them pull after they build? 
> > 
> > Thanks a lot! 
> > Guy 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ansible-proje...@googlegroups.com . 
> > To post to this group, send email to ansible...@googlegroups.com 
> . 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com.
>  
>
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/95901259-7644-4c9f-ba88-431332b8d903%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Calling Tags From a Playbook

[Greg Swift]

So In my proposal you would specify use_tags (or whatever) when calling the 
role specifically, not at the play level.  If i'm bringing in multiple 
roles it seems like it would make sense to support it at the role level, or 
i guess maybe at both? Maybe I'm just over thinking it, but i can 
definitely see reasons why you would want to allow the more specific 
implementation. Seems like a anti-pattern to constantly add new plays just 
because a set of roles might share a tag yet you want one role to run tagA 
the other tagB, but they both have tagA.

Basically, what is the defining reason why this should be at the play level 
rather than in the call of the role?  I haven't looked at the code yet, so 
maybe its implementation?

-greg

On Sunday, July 20, 2014 7:36:25 AM UTC-5, Michael DeHaan wrote:
>
> Basically this would be asking for a play level "use_tags" parameter.   
>  (It would not be called "tags", as that would mean the existing ability 
> *to tag*)
>
> This is not something we are working on, but patches would be considered 
> certaintly, the variable should only exist at play level (on level with 
> "hosts:").
>
>
>
>
> On Sun, Jul 20, 2014 at 6:06 AM, Michael Liu  > wrote:
>
>> I know you have to ability to call task tags from the command line, for 
>> example:
>>
>> ansible-playbook -i staging_env mydeploy.yml --tags "web_stop"
>>
>> But, is there a way to call task tags from with in a playbook?  I would 
>> rather create multiple playbooks such as web_start.yml, web_deploy.yml, 
>> stop_all.yml, start_all.yml and not have to worry about calling the 
>> appropriate tags at the command line.  My issue is that not everyone on the 
>> Ops team is as familiar with ansible (and all of the tags we use), so 
>> allowing them to just run "ansible-playbook -i staging_env start_all.yml" 
>> seems easier and safer.  And the goal is to keep my existing role/tasks 
>> structure without duplicating tasks between roles.  The main issue with the 
>> playbook is that when you apply a role to hosts it applies all of the tasks 
>> in that role, no way to pick and choose tasks in the playbook.
>>
>> My dir structure for my web servers is as follows: 
>> roles/web/tasks
>> main.yml
>> stop.yml
>> update_code.yml
>> start.yml
>> check_service.yml
>>
>> If it's not possible to call task tags from a playbook, is this something 
>> you're currently working?  Is there another way to achieve this?
>>
>> Thanks so much for your time.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/7e93c579-5ecc-426d-b168-728c06e946a7%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2ccae7c2-be55-412a-9f56-f76acf2460ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Update : stat upside down

['Diogene Laerce' via Ansible Project]

Hi,

I have this strange issue. The following code was working fine (I think)
as :



- name: Verify Python-3.4.1.tgz download
stat: path=/tmp/Python-3.4.1.tgz
register: a
- name: Extract archive
unarchive: >
src=/tmp/Python-3.4.1.tgz
dest=/home/{{ user_installer }}/src
copy=no
when: a.stat.isfile is not defined



Until today I enable it again in the playbook and it now works "upside
down" :
It does extract the archive only when a.stat.isfile is not defined and
when "a.stat.isfile is defined and a.stat.isfile == true" : it just
skips the whole code.

I rewrite this as it seems that the "isdir" directive works just as it
should. So I guess the issue comes from the "isfile" statement and my
new question : is there a list of all arguments taken by the stat module
? I couldn't find one.

Thank you

-- 
“One original thought is worth a thousand mindless quotings.”
“Le vrai n'est pas plus sûr que le probable.”

  Diogene Laerce







signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] autoscaling_group + add_host == not possible?

[Michael Peters]

If I understand correctly, this is what add_hosts is for. After you've
dynamically created a host you can add it to a group and then in a
subsequent play include a role that would configure that group.

Is that what you're looking for?

On Thu, Jul 24, 2014 at 9:43 AM, Guy Matz  wrote:
> Hi!  Is there any way to provision hosts built by a rax_scaling_group?  Is
> it possible to re-read dynamic inventory midway through the run - after the
> servers have been built - and have them ansibled?  Or is the only option to
> have them pull after they build?
>
> Thanks a lot!
> Guy
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJQqANc9_zK02mvB4DYHHC8nuJUgELmfwqrfq-Xyc-UtjB2Emw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] autoscaling_group + add_host == not possible?

[Guy Matz]

Hi!  Is there any way to provision hosts built by a rax_scaling_group?  Is 
it possible to re-read dynamic inventory midway through the run - after the 
servers have been built - and have them ansibled?  Or is the only option to 
have them pull after they build?

Thanks a lot!
Guy

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/afa8953b-437e-4c7e-847c-8372ca63881d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[Michael Peters]

On Thu, Jul 24, 2014 at 7:00 AM, Michael DeHaan  wrote:

> You could also set a simple play like this, which would probably be cleaner:
>
> - hosts: blarg
>   serial: 1
>   tasks:
> - pause: seconds={{ n }}
> - service: name=foo state=restarted

Is there a way to do something like this as a handler? I think that's
the main problem here is that a configuration change should trigger a
restart handler, but right now there's no way to throttle/serialize
the execution of that handler. Unless I'm missing something...

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJQqANe3_nycqbbpcRTEjwck1%2BcmaDQBd3cFgzW6-Y7EphuYKg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] stat upside down

['Diogene Laerce' via Ansible Project]

Hi,

I have this strange issue. The following code was working fine (I think)
as :



- name: Verify Python-3.4.1.tgz download
stat: path=/tmp/Python-3.4.1.tgz
register: a
- name: Extract archive
unarchive: >
src=/tmp/Python-3.4.1.tgz
dest=/home/{{ user_installer }}/src
copy=no
when: a.stat.isfile is not defined



Until today I enable it again in the playbook and it now works "upside
down" :
It does extract the archive only when a.stat.isfile is not defined and
when "a.stat.isfile is defined and a.stat.isfile == true" : it just
skips the whole code.

Anyone knows what could happened here ?

Thank you

-- 
“One original thought is worth a thousand mindless quotings.”
“Le vrai n'est pas plus sûr que le probable.”

  Diogene Laerce





signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] not able to reference fact for network interface in the template

[Greg M]

template/relayd.yml.j2:


# {{ ansible_managed }}
#

#
# Macros
#
carp0_ip="{{ ansible_carp0["ipv4"]["address"] }}"
webhost="{{ web_server }}"

#
# Global Options
#

interval 10
log updates
prefork 5
timeout 3000

...
# more in the relayd.conf.j2 file, is removed

the web_server comes from variable file, but the carp0_ip is pulled from 
facts when the play is run
as user ansible, using sudo 


and the play file: task/main.yml:


---
# file: roles/proxy_server/tasks/main.yml


# carp0 interface
- name: carp0 interface file
  template: src=hostname.carp0.j2 dest=/etc/hostname.carp0 owner=root 
group=wheel mode=0640

- name: install relayd.conf
  template: src=relayd.conf.j2 dest=/etc/relayd.conf owner=root group=wheel 
mode=0644
  notify:
  - restart relayd

- name: start relayd
  service: name=relayd state=started

# EOF

  Also one more time the snipet  of the command: ansible proxy_server -m 
setup (the original file was not complete(damaged))
  

   "ansible_architecture": "amd64", 
"ansible_carp0": {
"device": "carp0", 
"flags": [
"UP", 
"BROADCAST", 
"RUNNING", 
"SIMPLEX", 
"MULTICAST"
], 
"ipv4": [
{
"address": "10.0.0.33", 
"broadcast": "10.0.0.255", 
"netmask": "255.255.255.0", 
"network": "10.0.0.0"
}
], 
"ipv6": [
{
"address": "fe80::200:5eff:fe00:101%carp0", 
"prefix": "64", 
"scope": "0x4"
}
], 
"macaddress": "00:00:5e:00:01:01", 
"mtu": "1500", 
"status": "master", 
"type": "unknown"
}, 
"ansible_date_time":

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fdfff820-a3e0-4290-afea-7038ae530976%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] unable to update sudoers file on RH6u5 with validate option.

[Yasir Saleem]

Hi,
  I am not able to change '/etc/sudoers' file successfully on RH 6.5 
(Santiago) when using validate option. The same thing works fine on RH6u4 
sever.

Below is my playbook and response from the server.

Note: When I run the commented 'lineinfile' task works fine on RH6u5 as 
well but I want to validate before changing 'sudoers' file.

- hosts: proxy
  gather_facts: yes
  remote_user: "{{ ssh_remote_user }}"
  sudo: yes
  tasks:
- name: update sudoer file to allow ADMIN nopasswd
  lineinfile: dest=/etc/sudoers state=present regexp='^%admin ALL =' 
line='%admin ALL=(ALL) NOPASSWD:ALL' validate='visudo -cf %s'
  #lineinfile: dest=/etc/sudoers state=present regexp='^%admin ALL =' 
line='%admin ALL=(ALL) NOPASSWD:ALL'


TASK: [update sudoer file to allow ADMIN nopasswd] 
*** 
failed: [proxy10-qa1] => {"cmd": "visudo -cf /tmp/tmp8UPaDy", "failed": 
true, "rc": 2}
msg: [Errno 2] No such file or directory

FATAL: all hosts have already failed -- aborting

Thanks,
Yasir.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ffda7799-0b24-469a-89fa-476dc389024c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible ovirt module

[Piet83]

That would be very much appreciated. Ansible is awesome.

If I need to provide more info please let me know.

Regards,

Peter 

Op donderdag 24 juli 2014 13:49:37 UTC+2 schreef Vincent Van der Kussen:
>
> I might have a look at this. Not sure if the API has changed over time. 
> I still have a RHEV setup running where I can test on 
>
> Regards, 
> Vincent 
>
> On Thu, Jul 24, 2014 at 1:10 PM, Michael DeHaan  > wrote: 
> > Are their any ovirt users that would like to help with this one? 
> > 
> > https://github.com/ansible/ansible/commits/devel/library/cloud/ovirt 
> > 
> > 
> > 
> > 
> > 
> > 
> > On Thu, Jul 24, 2014 at 4:26 AM, Piet83  > wrote: 
> >> 
> >> Hello, 
> >> 
> >> I'm trying to setup vm provisioning for Rhev with the ansible ovirt 
> >> module. I have installed ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch 
> on my 
> >> Centos 6.5 Ansible server and created a simple playbook to play around 
> with 
> >> this. The playbook tries to provision a vm based on a template defined 
> >> within the Rhev manager: 
> >> 
> >> 
> >> --- 
> >> - hosts: localhost 
> >> 
> >>   tasks: 
> >>   - name: create vm based on template 
> >> ovirt: user=admin@internal url=https://rhevm.domain.nl/ 
> >> instance_name=ansibletest2 password=xx image=Ubuntu_template 
> >> zone=datacenter_default resource_type=new 
> >> 
> >> 
> >> When I run this play book I get the following output: 
> >> 
> >> ansible-playbook -v create_vm.yml 
> >> 
> >> PLAY [localhost] 
> >> ** 
> >> 
> >> GATHERING FACTS 
> >> *** 
> >> ok: [localhost] 
> >> 
> >> TASK: [create vm] 
> >> * 
> >> failed: [localhost] => {"failed": true, "parsed": false} 
> >> invalid output was: Traceback (most recent call last): 
> >>   File 
> >> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
> line 
> >> 1642, in  
> >> main() 
> >>   File 
> >> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
> line 
> >> 379, in main 
> >> if get_vm(c, vmname) == "empty": 
> >>   File 
> >> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
> line 
> >> 311, in get_vm 
> >> vm = conn.vms.get(name=vmname) 
> >>   File 
> >> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/brokers.py", 
> line 
> >> 18940, in get 
> >> headers={"All-Content":all_content} 
> >>   File 
> >> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
> line 
> >> 58, in get 
> >> return self.request(method='GET', url=url, headers=headers) 
> >>   File 
> >> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
> line 
> >> 118, in request 
> >> persistent_auth=self._persistent_auth) 
> >>   File 
> >> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
> line 
> >> 140, in __doRequest 
> >> persistent_auth=persistent_auth 
> >>   File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", 
> line 
> >> 134, in doRequest 
> >> raise RequestError, response 
> >> ovirtsdk.infrastructure.errors.RequestError: 
> >> status: 401 
> >> reason: Unauthorized 
> >> detail: JBWEB65: HTTP Status 401 
> >> 
> >> 
> >> FATAL: all hosts have already failed -- aborting 
> >> 
> >> On the rhev manager server I see the following output in the 
> >> /var/log/ovirt-engine/engine.log: 
> >> 
> >> 2014-07-24 10:21:42,769 INFO 
>  [org.ovirt.engine.core.bll.LoginUserCommand] 
> >> (ajp-/127.0.0.1:8702-7) Running command: LoginUserCommand internal: 
> false. 
> >> 2014-07-24 10:21:42,783 INFO 
> >> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
> >> (ajp-/127.0.0.1:8702-7) Correlation ID: null, Call Stack: null, Custom 
> Event 
> >> ID: -1, Message: User admin logged in. 
> >> 
> >> It seems to logon to the rhev api but sill I'm getting a 401 
> Unauthorized 
> >> message when using the ansible ovirt module. 
> >> Is there someone who can help me resolve this? 
> >> 
> >> -- 
> >> You received this message because you are subscribed to the Google 
> Groups 
> >> "Ansible Project" group. 
> >> To unsubscribe from this group and stop receiving emails from it, send 
> an 
> >> email to ansible-proje...@googlegroups.com . 
> >> To post to this group, send email to ansible...@googlegroups.com 
> . 
> >> To view this discussion on the web visit 
> >> 
> https://groups.google.com/d/msgid/ansible-project/47a76152-fe0f-4734-b390-69470a604947%40googlegroups.com.
>  
>
> >> For more options, visit https://groups.google.com/d/optout. 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ansible-proje...@googlegroups.com . 
> > To post to this group, send email to ansible...@googlegroups.com 

Re: [ansible-project] ansible ovirt module

[Vincent Van der Kussen]

I might have a look at this. Not sure if the API has changed over time.
I still have a RHEV setup running where I can test on

Regards,
Vincent

On Thu, Jul 24, 2014 at 1:10 PM, Michael DeHaan  wrote:
> Are their any ovirt users that would like to help with this one?
>
> https://github.com/ansible/ansible/commits/devel/library/cloud/ovirt
>
>
>
>
>
>
> On Thu, Jul 24, 2014 at 4:26 AM, Piet83  wrote:
>>
>> Hello,
>>
>> I'm trying to setup vm provisioning for Rhev with the ansible ovirt
>> module. I have installed ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch on my
>> Centos 6.5 Ansible server and created a simple playbook to play around with
>> this. The playbook tries to provision a vm based on a template defined
>> within the Rhev manager:
>>
>>
>> ---
>> - hosts: localhost
>>
>>   tasks:
>>   - name: create vm based on template
>> ovirt: user=admin@internal url=https://rhevm.domain.nl/
>> instance_name=ansibletest2 password=xx image=Ubuntu_template
>> zone=datacenter_default resource_type=new
>>
>>
>> When I run this play book I get the following output:
>>
>> ansible-playbook -v create_vm.yml
>>
>> PLAY [localhost]
>> **
>>
>> GATHERING FACTS
>> ***
>> ok: [localhost]
>>
>> TASK: [create vm]
>> *
>> failed: [localhost] => {"failed": true, "parsed": false}
>> invalid output was: Traceback (most recent call last):
>>   File
>> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", line
>> 1642, in 
>> main()
>>   File
>> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", line
>> 379, in main
>> if get_vm(c, vmname) == "empty":
>>   File
>> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", line
>> 311, in get_vm
>> vm = conn.vms.get(name=vmname)
>>   File
>> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/brokers.py", line
>> 18940, in get
>> headers={"All-Content":all_content}
>>   File
>> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line
>> 58, in get
>> return self.request(method='GET', url=url, headers=headers)
>>   File
>> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line
>> 118, in request
>> persistent_auth=self._persistent_auth)
>>   File
>> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", line
>> 140, in __doRequest
>> persistent_auth=persistent_auth
>>   File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", line
>> 134, in doRequest
>> raise RequestError, response
>> ovirtsdk.infrastructure.errors.RequestError:
>> status: 401
>> reason: Unauthorized
>> detail: JBWEB65: HTTP Status 401
>>
>>
>> FATAL: all hosts have already failed -- aborting
>>
>> On the rhev manager server I see the following output in the
>> /var/log/ovirt-engine/engine.log:
>>
>> 2014-07-24 10:21:42,769 INFO  [org.ovirt.engine.core.bll.LoginUserCommand]
>> (ajp-/127.0.0.1:8702-7) Running command: LoginUserCommand internal: false.
>> 2014-07-24 10:21:42,783 INFO
>> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
>> (ajp-/127.0.0.1:8702-7) Correlation ID: null, Call Stack: null, Custom Event
>> ID: -1, Message: User admin logged in.
>>
>> It seems to logon to the rhev api but sill I'm getting a 401 Unauthorized
>> message when using the ansible ovirt module.
>> Is there someone who can help me resolve this?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/47a76152-fe0f-4734-b390-69470a604947%40googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyrNkSGjXq6iDKeMCuADdRjuZHtd7RCnt%3DdfCPLr0cp%3DQ%40mail.gmail.com.
>
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.googl

Re: [ansible-project] Re: How to detect why Ansible playbook hangs during execution

[Karl E. Jorgensen]

Hi

On Tue, Jul 22, 2014 at 02:41:53PM -0700, Michael Palumbo wrote:
> So there is no solution to avoid being stuck on the following? It happens to 
> me
> often when I am upgrading the system!
> - name: upgrade all safe packages
>   sudo: yes
>   apt: upgrade=safe
> 
> Is there at least a way to see the progress? Looking at some logs on the
> machine?

In the case of apt (which uses dpkg), it may be useful to:

tail -f /var/log/dpkg.log

on the server being upgraded.

If you interrupt the task, I'd expect ansible to give info about what
was output by the upgrade so far - that should contain clues as to
what it was doing at the time of the upgrade.

Also, for debugging purposes, it may be useful to find out which tty
is being used by ansible on the target machine (ps -ef|grep ansible or
similar), and see what is running on that tty:

  ps -ft${basename-of-the-tty}

Hope this helps

-- 
Karl E. Jorgensen

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20140724113222.GB9315%40hawking.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Reminder about ansible-devel list (you might be interested!)

[Michael DeHaan]

Just a quick reminder as I've gotten a few questions what
ansible-development mailing list is.

https://groups.google.com/forum/#!forum/ansible-devel

Ansible-development list is a great list to join to:

* ask questions about how to write modules
* ask questions about how to contribute code, or how internals work
* discuss a proposed feature implementation
* talk about writing callback plugins (or other plugins)
* help with contributing to integration tests

It's not a list for:

* asking how do I X (ansible-project) at playbook level
* best practices advise
* troubleshooting / bug reports / etc

It is a naturally lower traffic list than the user-list (which is full of
support type questions and best practices discussions), so if you are a
developer who is so inclined, it might not hurt to join both.

Link here:

https://groups.google.com/forum/#!forum/ansible-devel

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxq-bsaZY4EPzB4G%3D447mfN0vtT8JzzLFR0A4W61ysqRQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] locations for the "lookup('file'...)

[Michael DeHaan]

It won't look in the playbook root when inside a role, no.Sorry I
mispoke on that one.

You can path the src as {{ lookup('file', playbook_dir + '/filename') }} if
you want this, and it will find things there using the (derived) path of
the playbook root.

Ansible will look in the root if you are not using roles.

Relative pathing would also find it.









On Wed, Jul 23, 2014 at 7:41 PM, Dmitry Makovey 
wrote:

>
>
> On Wednesday, July 23, 2014 4:12:12 PM UTC-6, Michael DeHaan wrote:
>>
>> It looks relative to the playbook root, and if in roles, will look in the
>> "files/" dir of roles.
>>
>
> I've noticed that it does look in role's "files" dir but apparently it
> doesn't look at playbook root. Is there a parameter I tweaked someplace?
>
>
>>
>> If you try it and it can't find something, it will tell you where it
>> looked.
>>
>>
> tells me it can't find it in roles/pgsql/files
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c56a87e9-f1e2-4bb2-93fd-eb1d1fa9fd73%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzH8NwsOPzRkZhWbOuc3o7LmHOso%2Bc5Z488qr8X9OK9xA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible ovirt module

[Michael DeHaan]

Are their any ovirt users that would like to help with this one?

https://github.com/ansible/ansible/commits/devel/library/cloud/ovirt






On Thu, Jul 24, 2014 at 4:26 AM, Piet83  wrote:

> Hello,
>
> I'm trying to setup vm provisioning for Rhev with the ansible ovirt
> module. I have installed ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch on my
> Centos 6.5 Ansible server and created a simple playbook to play around with
> this. The playbook tries to provision a vm based on a template defined
> within the Rhev manager:
>
>
> ---
> - hosts: localhost
>
>   tasks:
>   - name: create vm based on template
> ovirt: user=admin@internal url=https://rhevm.domain.nl/
> instance_name=ansibletest2 password=xx image=Ubuntu_template
> zone=datacenter_default resource_type=new
>
>
> When I run this play book I get the following output:
>
> ansible-playbook -v create_vm.yml
>
> PLAY [localhost]
> **
>
> GATHERING FACTS
> ***
> ok: [localhost]
>
> TASK: [create vm]
> *
> failed: [localhost] => {"failed": true, "parsed": false}
> invalid output was: Traceback (most recent call last):
>   File
> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt",
> line 1642, in 
> main()
>   File
> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt",
> line 379, in main
> if get_vm(c, vmname) == "empty":
>   File
> "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt",
> line 311, in get_vm
> vm = conn.vms.get(name=vmname)
>   File
> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/brokers.py",
> line 18940, in get
> headers={"All-Content":all_content}
>   File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py"
> , line 58, in get
> return self.request(method='GET', url=url, headers=headers)
>   File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py"
> , line 118, in request
> persistent_auth=self._persistent_auth)
>   File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py"
> , line 140, in __doRequest
> persistent_auth=persistent_auth
>   File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py",
> line 134, in doRequest
> raise RequestError, response
> ovirtsdk.infrastructure.errors.RequestError:
> status: 401
> reason: Unauthorized
> detail: JBWEB65: HTTP Status 401
>
>
> FATAL: all hosts have already failed -- aborting
>
> On the rhev manager server I see the following output in the
> /var/log/ovirt-engine/engine.log:
>
> 2014-07-24 10:21:42,769 INFO  [org.ovirt.engine.core.bll.LoginUserCommand]
> (ajp-/127.0.0.1:8702-7) Running command: LoginUserCommand internal: false.
> 2014-07-24 10:21:42,783 INFO
>  [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp-/127.0.0.1:8702-7) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User admin logged in.
>
> It seems to logon to the rhev api but sill I'm getting a 401 Unauthorized
> message when using the ansible ovirt module.
> Is there someone who can help me resolve this?
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/47a76152-fe0f-4734-b390-69470a604947%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyrNkSGjXq6iDKeMCuADdRjuZHtd7RCnt%3DdfCPLr0cp%3DQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] "Play recap" or current status programmatically available in task?

[Michael DeHaan]

The answer to accessing events programmatically is a callback plugin, and
Matt Martz from Rackspace contributed one exactly for hipchat.

https://github.com/ansible/ansible/blob/devel/plugins/callbacks/hipchat.py

See the docs about callback plugins, but basically you just need to have
this stored at a filesystem location and configure ansible.cfg to include
the callback plugin directory that it is in, and it will load everything in
that dir.

You may wish to modify the output it creates.

This is a way better way to share things in chat than the individual
notification modules for things like this, as callbacks have an opportunity
to see *everything* and it's also going to be more efficient as they can
limit the number of connections/disconnections involved in the chat server.




On Thu, Jul 24, 2014 at 5:35 AM, Daniel Schroeder 
wrote:

> Hello,
>
> I'd like to send a summary of the run (basically the play recap which is
> shown after playbook execution on the command line) to a hipchat room.
>
> PLAY RECAP
> 
> host1: ok=8changed=0unreachable=0failed=0
> host2: ok=8changed=0unreachable=0failed=0
> host3: ok=8changed=0unreachable=0failed=0
>
>
>
> Is there a way how I could programmatically access the current status?
>
>
> Thanks,
>
> Daniel
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c6bdbeb1-8371-4643-9c05-84b8c26e3b40%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgy5C080_04YeKoJuUJKZMShrFdWJ3SaVPQ7jWU%3Dv%2BGUwA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Debugging templates

[Michael DeHaan]

Your playbook appears to be manually typed in as I would expect to see
tasks starting with a "-".

Can you please be sure to copy/paste the actual playbook.

I say this because even the first task is not correctly formatted,
otherwise I would suggest this error with respect to the second, and also
know we have error detection to make sure "tasks" is a list and suggest
changes appropriately.




On Thu, Jul 24, 2014 at 2:46 AM, Matt Clarkson  wrote:

> Hi,
>
> I'm looking for a way to quickly render/debug template files populated
> with variables from ec2.
>
> My strategy is to write a playbook that discovers that facts then runs the
> template module locally.
>
> Here is my current playbook:
>
> ---
>
> - name: Gather ec2 facts
>
>   hosts: all
>
>   tasks:
>
>local_action: ec2_facts
>
> - name: atemplate
>
>   hosts: localhost
>
>   tasks:
>
> action: template src=~/templates/raw/mako_PROD.properties.j2
> dest=~/templates/out
>
>
> The playbook runs completely but the atemplate command is never run.
>  Here's the output (my localhost is part of ec2 inventory):
>
> PLAY [Gather ec2 facts]
> ***
>
>
> GATHERING FACTS
> ***
>
> >
>
> ok: [localhost]
>
>
> PLAY [atemplate]
> **
>
>
> GATHERING FACTS
> ***
>
> ok: [localhost]
>
>
> PLAY RECAP
> 
>
> >
>
> localhost  : ok=2changed=0unreachable=0
> failed=0
>
>
> Can I get some tips on what's wrong?  Or if there's a better way to
> achieve my objective would like to hear that too Thanks!
>
> MTC
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4a7a14ef-3ca1-49c7-bcb1-6c9a424f8a69%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgz%2BRAE4ZpCSMMb8mgfURk260uyNvVj0ShLGjkOowyZ%3Dew%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] calculate from facts

[Michael DeHaan]

The precedence of the "|" is high in Jinja2.   You'll need some parenthesis.




On Thu, Jul 24, 2014 at 5:14 AM, Nico K.  wrote:

> I'm actually using this in a template, however the behavior is not as
> expected:
>
> someVar = {{ ansible_memtotal_mb / 4|int }}
>
> The result is '256.0', same when I remove the |int and same when I do *
> 0.25.
>
>
> Op maandag 17 februari 2014 16:15:07 UTC+1 schreef Brian Coca:
>
>> something like {{ansible_memory * 0.75|int }} ?
>>
>>
>> --
>> Brian Coca
>> Stultorum infinitus est numerus
>> 011101110010011001010110111000100111011101100111
>> 100101100111010100100111001101101101011101110010
>> 01110111
>> Pedo mellon a minno
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1906f097-2e7c-4ba2-bed3-48dbbb5278b5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxsyBMY-2xzosVcQ2r5BnsgqEAN3d04NYFLh4Lyf6RXYQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] In a large enviroment, with duplicated stacks, why use group_vars and host_vars instead of vars_files ?

[Michael DeHaan]

If your variable information is about multiple hosts, it belongs in
group_vars not host_vars.  Consider applying more groups if you wish to
include them.

vars_files is definitely subscribed, but most people set variables in roles
now, rather than in the play at the top.

You are welcome to use whatever works for you.  Every environment is
different.


On Thu, Jul 24, 2014 at 3:39 AM, Luca Carboni 
wrote:

> I like group_vars and host_vars.
>
> Using group_vars and host_vars, we have a lot of files for hosts.
> But, if we use group_vars, and vars_files, we can reduce drastically the
> number of files, in one or two file, one for credentials and one for other
> variables .
> vars_files are not described in best practice, why ? why have lot of
> host_vars, divided in files for hosts instead of one file included by
> vars_files ?
> with vars_files we can simplify the manitenance.
> So we aren't understanding the use of host_vars ?
>
>
> Il giorno mercoledì 23 luglio 2014 23:56:56 UTC+2, Michael DeHaan ha
> scritto:
>>
>> Not understanding the question but we really love group_vars/ and
>> host_vars/ a lot here.
>>
>> vars_files is more like if your play wants to bring in variables for that
>> specific play, rather than describing info about those hosts.
>>
>>
>>
>>
>> On Wed, Jul 23, 2014 at 12:07 PM, Luca Carboni 
>> wrote:
>>
>>> Hi all,
>>> I'm fine tuning roles for our farm.
>>> we started with group_vars and host_vars, but it results dispersive, lot
>>> of file in group_vars and more important number of files in host_vars.
>>> We changed all to use vars_files, and now we have 2 files, one for
>>> credentials and one for all the other variables.
>>>
>>> My question is, we don't understand how to right use of group_vars and
>>> host_vars? Because they are in best practices, we there aren't vars_files.
>>>
>>> thanks all for answers.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>>
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/da4a69a1-eda0-4ea5-b1dd-
>>> 90263022cdf1%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/327b8e8d-4a38-4cf0-a016-1c43b9734cf6%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxQYv-VdzdJFm3TBn4W-HgRYH8ZnTAYm77wpoPo7HWEvA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] shortcuts for OpenStack operations

[Michael DeHaan]

Common auth functions for things like ec2 live here -
https://github.com/ansible/ansible/tree/devel/lib/ansible/module_utils

OpenStack really needs stubs here for common auth, and then it can take
variables like EC2/RAX/GCE and others.

This would also make sure all that happens in one place.

Contributions would be welcome!  Stop by ansible-devel list if you'd like
to discuss!



On Wed, Jul 23, 2014 at 8:40 PM, Dmitry Makovey 
wrote:

> I have finally gottent my first OpenStack "node creation" playbook which
> in fact turned out rather nice, once I looked at source code ;)
>
> I have found out that names used in OpenStack component creation routines
> from ansible will be considered "unique" and ansible will happily provide
> me with needed "id" for the component (like tenant_id, image_id, etc.), see
> https://github.com/droopy4096/openstack-ng/blob/multinode/sample.yml
>
> however I found it rather unpleasant to repeat all of the authentication
> tokens with every OpenStack call. Looking at source code it doesn't seem
> like it's possible to bypass this "feature" by setting up ENV vars
> according to OpenStack tradition.
>
> Question: what could be done to optimize such a playbook? Or, conversely:
> what am I missing?
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4fafafc2-9404-4f31-9bc3-b49fe7741464%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzOp5Y1D61O8Oj_rqfWJc_o4bN8gBEwB6LX0YKyY1Vwew%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way of restarting services that are part of a cluster without taking the cluster down?

[Michael DeHaan]

"Is there a way to tell ansible to set a service restart task sometime in
the future? Say, right now for node1, 5 minutes later for node2, 10 minutes
later for node3, and so on."

There is a module for "at" which could be used to do this.

at runs some commands at scheduled times in the future, without setting up
a crontab.

You could also set a simple play like this, which would probably be cleaner:

- hosts: blarg
  serial: 1
  tasks:
- pause: seconds={{ n }}
- service: name=foo state=restarted

Which will walk across your infra 1 host at a time, with a lag of n seconds
between, and restart everything.  The serial: 1 could likely be increased
beyond 1 depending on the application context.






On Wed, Jul 23, 2014 at 7:16 PM, David Reagan  wrote:

> Specifically, an elasticsearch cluster, but doing this the right way would
> also apply to other kinds of clusters, like RabbitMQ or Redis.
>
> I'm using https://github.com/LaneCommunityCollege/aspects_elasticsearch
> to manage my elasticsearch cluster. Currently, if I modify the
> configuration settings, Ansible would issue a restart to all the nodes in
> the cluster.
>
> The obvious answer is to only run the playbook on one node at a time. But
> there are situations where that isn't convenient. If I run Ansible like a
> puppet agent then setting the configuration setting in the group_vars file
> will apply it on all the nodes, thus restarting them all. Or if I have a
> large number of nodes. Or simply need to apply the change, but don't have
> time to do it one or two nodes at a time.
>
> The other solutions I've thought of involve custom scripts that would not
> be part of the Ansible playbook. And likely be application specific.
>
> Is there a way to tell ansible to set a service restart task sometime in
> the future? Say, right now for node1, 5 minutes later for node2, 10 minutes
> later for node3, and so on.
>
> Maybe the at module? How would it know to set it 10 minutes in the future
> instead of 5 for the third node?
>
> So, yeah, is there a good Ansible specific method for this? Or do I need
> to look outside of Ansible?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/dcd691af-f8f3-47c8-b481-87a49c55ab89%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwYB%3DW7EGYhYfSXw1On43n4%2B1GtHFO84yAZuucyaZPhGQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Server Side Module

[Michael DeHaan]

We will answer on the ansible-devel group.

Patience grasshopper, we've got all the heavy guns on that side anyway, but
have been frying some other fish so don't have our usual 15 second response
time :)




On Thu, Jul 24, 2014 at 4:19 AM, Timothy Vandenbrande <
timothy.vandenbra...@gmail.com> wrote:

> (This is a copy from the Ansible Development group, but it seems there
> aren't as many ppl active there)
>
> Hey,
>
> I tried making a win_copy module for ansible,
> but misunderstood Mr De Haan a bit.
> (on GitHub: https://github.com/ansible/ansible/pull/8241)
> I thought with an action plugin he meant to convert it to a .ps1 script
> that runs from the client,
> but after some research I discovered that under 
> ansible/lib/ansible/runner/action_plugins/
> are action plugins that run on the server side.
> Now my question, is there any place where I can find some documentation on
> how to write server-side modules?
> This because I've written some client side modules that solved my problems
> for now, but this would be a lot more practical to run server-side.
>
> Especially since this would make me able to totally step away from Salt,
> because untill the implementation, I made a call to salt from ansible to
> get things done on my windows machines.
> But it would be a lot more comfortable to have everything in the same
> provider.
>
> (Just fyi, I'm not a seasoned python coder, that's why I couldn't
> replicate what I needed from the sources in the action_plugins path and is
> why I'm searching for some documentation to help me along)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/55694eab-4266-4d45-aa42-d68662a03629%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgw6atssgPR90Va2NCeWqV021YUMQ3LMAy-Rfruzc8tegA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Debugging templates

[Matt Clarkson]

Hi,

I'm looking for a way to quickly render/debug template files populated with 
variables from ec2.

My strategy is to write a playbook that discovers that facts then runs the 
template module locally.

Here is my current playbook:

---

- name: Gather ec2 facts

  hosts: all

  tasks:

   local_action: ec2_facts

- name: atemplate

  hosts: localhost

  tasks:

action: template src=~/templates/raw/mako_PROD.properties.j2 
dest=~/templates/out


The playbook runs completely but the atemplate command is never run. 
 Here's the output (my localhost is part of ec2 inventory):

PLAY [Gather ec2 facts] 
*** 


GATHERING FACTS 
*** 

>

ok: [localhost]


PLAY [atemplate] 
** 


GATHERING FACTS 
*** 

ok: [localhost]


PLAY RECAP 
 

>

localhost  : ok=2changed=0unreachable=0failed=0  
 


Can I get some tips on what's wrong?  Or if there's a better way to achieve 
my objective would like to hear that too Thanks!

MTC

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4a7a14ef-3ca1-49c7-bcb1-6c9a424f8a69%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] "Play recap" or current status programmatically available in task?

[Daniel Schroeder]

Hello,

I'd like to send a summary of the run (basically the play recap which is 
shown after playbook execution on the command line) to a hipchat room.

PLAY RECAP 
 
host1: ok=8changed=0unreachable=0failed=0
host2: ok=8changed=0unreachable=0failed=0
host3: ok=8changed=0unreachable=0failed=0



Is there a way how I could programmatically access the current status?


Thanks,

Daniel

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c6bdbeb1-8371-4643-9c05-84b8c26e3b40%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Server Side Module

[Timothy Vandenbrande]

(This is a copy from the Ansible Development group, but it seems there 
aren't as many ppl active there)

Hey,

I tried making a win_copy module for ansible,
but misunderstood Mr De Haan a bit.
(on GitHub: https://github.com/ansible/ansible/pull/8241)
I thought with an action plugin he meant to convert it to a .ps1 script 
that runs from the client,
but after some research I discovered that under 
ansible/lib/ansible/runner/action_plugins/ are action plugins that run on 
the server side.
Now my question, is there any place where I can find some documentation on 
how to write server-side modules?
This because I've written some client side modules that solved my problems 
for now, but this would be a lot more practical to run server-side.

Especially since this would make me able to totally step away from Salt, 
because untill the implementation, I made a call to salt from ansible to 
get things done on my windows machines.
But it would be a lot more comfortable to have everything in the same 
provider.

(Just fyi, I'm not a seasoned python coder, that's why I couldn't replicate 
what I needed from the sources in the action_plugins path and is why I'm 
searching for some documentation to help me along)

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/55694eab-4266-4d45-aa42-d68662a03629%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] ansible ovirt module

[Piet83]

Hello,

I'm trying to setup vm provisioning for Rhev with the ansible ovirt module. 
I have installed ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch on my Centos 
6.5 Ansible server and created a simple playbook to play around with this. 
The playbook tries to provision a vm based on a template defined within the 
Rhev manager:


---
- hosts: localhost

  tasks:
  - name: create vm based on template
ovirt: user=admin@internal url=https://rhevm.domain.nl/ 
instance_name=ansibletest2 password=xx image=Ubuntu_template 
zone=datacenter_default resource_type=new


When I run this play book I get the following output:

ansible-playbook -v create_vm.yml
 
PLAY [localhost] 
** 

GATHERING FACTS 
*** 
ok: [localhost]

TASK: [create vm] 
* 
failed: [localhost] => {"failed": true, "parsed": false}
invalid output was: Traceback (most recent call last):
  File "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
line 1642, in 
main()
  File "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
line 379, in main
if get_vm(c, vmname) == "empty":
  File "/root/.ansible/tmp/ansible-tmp-1406189516.72-109759934250973/ovirt", 
line 311, in get_vm
vm = conn.vms.get(name=vmname)
  File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/brokers.py"
, line 18940, in get
headers={"All-Content":all_content}
  File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
line 58, in get
return self.request(method='GET', url=url, headers=headers)
  File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
line 118, in request
persistent_auth=self._persistent_auth)
  File "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py", 
line 140, in __doRequest
persistent_auth=persistent_auth
  File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py", line 
134, in doRequest
raise RequestError, response
ovirtsdk.infrastructure.errors.RequestError: 
status: 401
reason: Unauthorized
detail: JBWEB65: HTTP Status 401


FATAL: all hosts have already failed -- aborting

On the rhev manager server I see the following output in the 
/var/log/ovirt-engine/engine.log:

2014-07-24 10:21:42,769 INFO  [org.ovirt.engine.core.bll.LoginUserCommand] (
ajp-/127.0.0.1:8702-7) Running command: LoginUserCommand internal: false.
2014-07-24 10:21:42,783 INFO 
 [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(ajp-/127.0.0.1:8702-7) Correlation ID: null, Call Stack: null, Custom Event 
ID: -1, Message: User admin logged in.

It seems to logon to the rhev api but sill I'm getting a 401 Unauthorized 
message when using the ansible ovirt module.
Is there someone who can help me resolve this?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/47a76152-fe0f-4734-b390-69470a604947%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: How to detect why Ansible playbook hangs during execution

[Tony Marin]

I use a screen trick but mostly useful when using commands modules. 
Anyway, if it hangs doing apt upgrade, the behavior should be the same 
if your run it as a command.


- debug: msg="Please, connect to {{ inventory_hostname }}, screen -r, 
and respond the possible questions."

   when: ansible_hostname == drbd_master.name
- name: Enable HA
*command: screen -dm -S halizard* bash -c 'ha-cfg status'
   when: ansible_hostname == drbd_master.name
   async: 60
   poll: 60

It's also useful when you cannot avoid interactive mode on some actions, 
but you miss the unattended possibilities.


Br,
Tony

On 22/07/14 23:41, Michael Palumbo wrote:
So there is no solution to avoid being stuck on the following? It 
happens to me often when I am upgrading the system!

- name: upgrade all safe packages
  sudo: yes
  apt: upgrade=safe

Is there at least a way to see the progress? Looking at some logs on 
the machine?


The state of my machine is messy when this task is stuck because I 
have to stop ansible-playbook with CTRL+C and all the handlers are not 
notified... :-/




Le vendredi 11 juillet 2014 17:30:35 UTC-5, Michael DeHaan a écrit :

apt should never need a parameter to not hang, however some
*specific* packages can sometimes be poorly coded.

Not saying that's the case here.

I'd first check your ansible version and then file a bug with
steps to reproduce.


On Thu, Jul 10, 2014 at 7:45 PM, Michael Palumbo
> wrote:

What is the parameter of the apt module to use to avoid that?

I run the following and it hangs...

- name: update APT package cache
sudo: yes
apt: update_cache=yes

- name: upgrade all safe packages
sudo: yes
apt: upgrade=safe


Thanks
-- 
You received this message because you are subscribed to the

Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from
it, send an email to ansible-proje...@googlegroups.com
.
To post to this group, send email to
ansible...@googlegroups.com .
To view this discussion on the web visit

https://groups.google.com/d/msgid/ansible-project/d0595406-cff0-441d-98b3-a79b8f19b5de%40googlegroups.com

.
For more options, visit https://groups.google.com/d/optout
.


--
You received this message because you are subscribed to the Google 
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to ansible-project+unsubscr...@googlegroups.com 
.
To post to this group, send email to ansible-project@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e8099617-0b3f-4ba5-8698-235976cf7194%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
Email Signature | Swiss Mobility Solutions a Gemalto company
Swiss Mobility Solutions 


 Tony Marin

DevOps Manager

Swiss Mobility Solutions
a Gemalto Company

Mobile+34 637402568 

Office Telephone+34 966370055 

Skypeantonymcs 

LocationAv. Locutor Vicente Hipólito 39
03540 Alicante Spain 



Email  LinkedIn 
 Website 



--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/53D0DB67.20109%40swissms.ch.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] calculate from facts

[Nico K.]

I'm actually using this in a template, however the behavior is not as 
expected:

someVar = {{ ansible_memtotal_mb / 4|int }}

The result is '256.0', same when I remove the |int and same when I do * 
0.25.


Op maandag 17 februari 2014 16:15:07 UTC+1 schreef Brian Coca:
>
> something like {{ansible_memory * 0.75|int }} ?
>
>
> -- 
> Brian Coca
> Stultorum infinitus est numerus
>
> 0111011100100110010101101110001001110111011000010110011101010010011100110110110101110111001001110111
> Pedo mellon a minno
>  

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1906f097-2e7c-4ba2-bed3-48dbbb5278b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] In a large enviroment, with duplicated stacks, why use group_vars and host_vars instead of vars_files ?

[Luca Carboni]

I like group_vars and host_vars. 

Using group_vars and host_vars, we have a lot of files for hosts. 
But, if we use group_vars, and vars_files, we can reduce drastically the 
number of files, in one or two file, one for credentials and one for other 
variables . 
vars_files are not described in best practice, why ? why have lot of 
host_vars, divided in files for hosts instead of one file included by 
vars_files ?
with vars_files we can simplify the manitenance. 
So we aren't understanding the use of host_vars ?
 

Il giorno mercoledì 23 luglio 2014 23:56:56 UTC+2, Michael DeHaan ha 
scritto:
>
> Not understanding the question but we really love group_vars/ and 
> host_vars/ a lot here.
>
> vars_files is more like if your play wants to bring in variables for that 
> specific play, rather than describing info about those hosts.
>
>
>
>
> On Wed, Jul 23, 2014 at 12:07 PM, Luca Carboni  > wrote:
>
>> Hi all, 
>> I'm fine tuning roles for our farm. 
>> we started with group_vars and host_vars, but it results dispersive, lot 
>> of file in group_vars and more important number of files in host_vars. 
>> We changed all to use vars_files, and now we have 2 files, one for 
>> credentials and one for all the other variables. 
>>
>> My question is, we don't understand how to right use of group_vars and 
>> host_vars? Because they are in best practices, we there aren't vars_files. 
>>
>> thanks all for answers.  
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/da4a69a1-eda0-4ea5-b1dd-90263022cdf1%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/327b8e8d-4a38-4cf0-a016-1c43b9734cf6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.