Re: [ansible-project] How to build docker image?

2014-12-11 Thread James Cammarata 
Hi Shunsuke, that module can still be used despite being deprecated, it
just may be removed at some point in the future. An alternative would be to
simply use the command module to run the build command directly. At some
point, the functionality to build images may be moved into the docker
module itself, so this should be a short-term solution.

Thanks!

On Thu, Dec 11, 2014 at 4:59 PM, Shunsuke Mie  wrote:

> I want to build docker image by ansible, but docker_image is deprecated
> module.
> Can I be build in any way?
>
> I couldn't write english well, so this sentence is incorrect.
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4af0983f-94c0-401b-9007-6ea267a0a3b0%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFie_PzYi%3D2PMQPC%3DnMQYMtLrd8jyGrquYWedZBqw6RXRg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Handling Failure during AMI creation

2014-12-11 Thread Navid Paya 
Hi guys
I have a playbook that:


   - Creates an EC2 instance
   - Provisions the instance using a few roles
   - Creates an AMI out of that instance
   - Destroys the instance after the AMI is created successfully

Now the problem is if there's a failure somewhere after the instance 
creation, let's say npm is having issues which is quite normal or some 
ubuntu repository is having issues, and I run the playbook again, it will 
spin up a new instance. How can I handle this? Preferably a way to use the 
same instance if the failure happens before AMI creation part or at least 
automatically delete the instance if I hit an error before exiting the 
playbook successfully.

Here's my current playbook:

---
- name: Making preprations for the provisioning
  hosts: localhost
  connection: local
  gather_facts: no
  roles:
- workstation

- name: Launch an Ubuntu 14.04 EC2 instance
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - name: Find the latest Ubuntu AMI
ec2_ami_search: distro=ubuntu release=trusty region=ap-southeast-1 
store=ebs-ssd virt=hvm
register: ubuntu_image
  - name: Start the new EC2 instance
ec2:
  image: "{{ ubuntu_image.ami }}"
  region: ap-southeast-1
  zone: ap-southeast-1b
  instance_type: t2.small
  vpc_subnet_id: subnet-x
  group_id: ['sg-', 'sg-']
  key_name: blahblah-deploy
  wait: yes
  wait_timeout: 500
  instance_tags:
Name: basebox.exmaple.net
Role: Blahblah Base AMI
register: ec2
  - name: Add the new instance to host group
add_host: hostname={{ item.private_ip }} groupname=launched
with_items: ec2.instances
  - name: Wait for SSH to come up on the new instance
wait_for: host={{ item.private_ip }} port=22 delay=60 timeout=320 
state=started
with_items: ec2.instances

- name: Copy the code to the new instance
  hosts: launched
  user: ubuntu
  sudo: true
  tasks:
  - synchronize: src=code/ dest=/tmp/code delete=yes archive=yes

- name: Provision the new instance to create the base AMI
  hosts: launched
  user: ubuntu
  sudo: true
  vars:
app_user: blahblah
app_root: /home/{{ app_user }}/apps
  roles:
- nodesource.node
- basebox

- name: Remove the code from the instance before creating the AMI
  hosts: launched
  user: ubuntu
  sudo: true
  tasks:
  - file: path=/tmp/code state=absent

- name: Create an AMI from the provisioned instance
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - ec2_ami: region=ap-southeast-1 instance_id={{ item.id }} wait=no 
name=basebox-200 wait=yes wait_timeout=300
with_items:
  - "{{ ec2.instances }}"

- name: Delete the instance now that the AMI is created
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - ec2:
  region: ap-southeast-1
  instance_ids: "{{ ec2.instance_ids }}"
  state: 'absent'

I'm not looking for the complete answer. Just a clue how to do it.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e7c898e5-69af-4f77-bb35-8586d8db2b13%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way to manage firewalls with Ansible?

2014-12-11 Thread Brian Coca 
if you need a GUI, firewall builder http://www.fwbuilder.org/  is a
desktop app that can generate iptables rules (among others), you can
use it to get the commands for your templates.

Though iptables is not hard the syntax can get clunky, the new linux
fireall system, nftables, is much nicer and with clearer sytnax, it
seems to borrow some good things from BSD's pf (packet filter). It
might not be available to you yet.


-- 
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJ5XC8mfFZJF-YJZBxfbJPnLhTAw%3DSVATJegQ8wwnsd16D%2BFTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the best way to manage firewalls with Ansible?

2014-12-11 Thread Michael DeHaan 
"CentOS has /etc/sysconfig/iptables if I knew iptables. "

Learning iptables config is not hard actually, nor is templating it.

It can be used for very complex things (
http://www.ex-parrot.com/pete/upside-down-ternet.html) but simple
accept/deny rules are straightforward

You just write the iptables config file and then have to do /sbin/service
iptables restart to make it "apply"

Google "manage iptables" and you should be able to find some good examples.

I can't say I have any specific tutorials or references that I like, but
others may have some good ones.

So anyway, hopefully at least good for some encouragement!




On Thu, Dec 11, 2014 at 9:41 PM, David Reagan  wrote:
>
> So, to resurrect an old topic... And remind myself why I like having a
> hardware firewall covering my behind...
>
> I've about figured out how to use the UFW module correctly. Which makes me
> happy.
>
> Unfortunately, I have to administer SLES and CentOS vm's as well. I was
> going to use the firewalld module, but then I couldn't find a firewalld
> package in the repos to install...
>
> That leaves me kind of hanging...
>
> CentOS has /etc/sysconfig/iptables if I knew iptables.
>
> Not sure if SLES has a decent command line interface I could use... It
> does use a GUI tool, and force me to install a GUI on the server, so I
> might just run them manually...
>
> Anyway, apologies for the rambling, it's the end of the day for me. Here
> are my questions:
>
> Has anyone looked at creating an iptables module that would just work on
> all OS's that have Python and iptables? Maybe make the most common stuff
> easy, and then have a way for people to input a full iptables command? So,
> for people running simple stuff, like me, could make a task like
>
> iptables: ports="22," proto="tcp,udp" allowed_from="10.0.0.0/8"
> allowed_to="everywhere"
>
> More complicated stuff could be:
>
> iptables: command="stuff that is currently gibberish to me"
>
>
> Micheal, you mentioned a config file, which one were you talking about?
>
>
> Is there a way to install firewalld that my google-fu missed? Or even ufw?
>
>
> Is there a really good introduction to iptables that you would recommend?
> Since the obvious route to solve my problem is to suck it up and learn
> iptables...
>
>
> Thanks!
>
> --David Reagan
>
> On Tue, Oct 8, 2013 at 8:09 AM, Michael DeHaan 
> wrote:
>
>> Generally speaking, I like to do the following with iptables
>>
>> {% if 'webservers' in group_names %}
>>section of iptables config for webservers
>> {% endif %}
>>
>> And just template the config file, and set up a notify to reload iptables
>> when it changes.
>>
>> I should also point out there is a firewalld module in the devel branch
>> now too.
>>
>>
>> On Tue, Oct 8, 2013 at 9:15 AM, Guillaume Subiron 
>> wrote:
>>
>>> I also think shorewall is a good way to deploy firewall configuration
>>> using ansible.
>>>
>>> I tried to use iptables-persitent, but shorewall allows to split the
>>> rules in many files. Using run-parts in /etc/shorewall/rules, you can
>>> put any file in rules.d/.
>>>
>>> So in my "common" playbook, I only deploy common rules (close
>>> everything by default, allow ping and ssh). Then, each roles can add
>>> some rules. The "webserver" role, for instance, adds a rule file to
>>> open HTTP and HTTP ports.
>>>
>>> You just have to pay attention to the order in which the files will be
>>> executed.
>>>
>>> Le 13/10/08 14:43, Kahlil Hodgson claviotta :
>>> > I'm using shorewall for all my VMs.  It's kinda overkill for a single
>>> > nic, but I find it works quite well with ansible.
>>> > The configuration for VMs with a single nic is very basic.
>>> >
>>> > The files
>>> >
>>> >shorewall.conf (1 one setting changed from default)
>>> >policy (3 lines)
>>> >zones  (2 lines)
>>> >interfaces (1 line)
>>> >
>>> > are somewhat trivial and identical across all VMs.
>>> >
>>> > The
>>> >
>>> >rules  (3 - 10 lines)
>>> >
>>> > file is where the ingress and egress filtering is controlled and is
>>> > easily templated.
>>> >
>>> > I also 'chain' handlers as follows to ensure modifications don't leave
>>> > iptables in a bad state:
>>> >
>>> > tasks:
>>> > 
>>> >
>>> > notify: check shorewall
>>> >
>>> > 
>>> >
>>> > handlers:
>>> >
>>> > - name: check shorewall
>>> >   command: /sbin/shorewall check
>>> >   notify: restart shorewall
>>> >
>>> > - name: restart shorewall
>>> >   action: service name=shorewall state=restarted
>>> >
>>> > I'm happy to provide some initial content to get you started.
>>> >
>>> > Cheers,
>>> >
>>> > K
>>> >
>>> > Kahlil (Kal) Hodgson   GPG: C9A02289
>>> > Head of Technology (m) +61 (0) 4 2573 0382
>>> > DealMax Pty Ltd(w) +61 (0) 3 9008 5281
>>> >
>>> > Suite 1415
>>> > 401 Docklands Drive
>>> > Docklands VIC 3008 Australia
>>> >
>>> > "All parts should go t

Re: [ansible-project] What is the best way to manage firewalls with Ansible?

2014-12-11 Thread David Reagan 
So, to resurrect an old topic... And remind myself why I like having a
hardware firewall covering my behind...

I've about figured out how to use the UFW module correctly. Which makes me
happy.

Unfortunately, I have to administer SLES and CentOS vm's as well. I was
going to use the firewalld module, but then I couldn't find a firewalld
package in the repos to install...

That leaves me kind of hanging...

CentOS has /etc/sysconfig/iptables if I knew iptables.

Not sure if SLES has a decent command line interface I could use... It does
use a GUI tool, and force me to install a GUI on the server, so I might
just run them manually...

Anyway, apologies for the rambling, it's the end of the day for me. Here
are my questions:

Has anyone looked at creating an iptables module that would just work on
all OS's that have Python and iptables? Maybe make the most common stuff
easy, and then have a way for people to input a full iptables command? So,
for people running simple stuff, like me, could make a task like

iptables: ports="22," proto="tcp,udp" allowed_from="10.0.0.0/8"
allowed_to="everywhere"

More complicated stuff could be:

iptables: command="stuff that is currently gibberish to me"


Micheal, you mentioned a config file, which one were you talking about?


Is there a way to install firewalld that my google-fu missed? Or even ufw?


Is there a really good introduction to iptables that you would recommend?
Since the obvious route to solve my problem is to suck it up and learn
iptables...


Thanks!

--David Reagan

On Tue, Oct 8, 2013 at 8:09 AM, Michael DeHaan 
wrote:

> Generally speaking, I like to do the following with iptables
>
> {% if 'webservers' in group_names %}
>section of iptables config for webservers
> {% endif %}
>
> And just template the config file, and set up a notify to reload iptables
> when it changes.
>
> I should also point out there is a firewalld module in the devel branch
> now too.
>
>
> On Tue, Oct 8, 2013 at 9:15 AM, Guillaume Subiron 
> wrote:
>
>> I also think shorewall is a good way to deploy firewall configuration
>> using ansible.
>>
>> I tried to use iptables-persitent, but shorewall allows to split the
>> rules in many files. Using run-parts in /etc/shorewall/rules, you can
>> put any file in rules.d/.
>>
>> So in my "common" playbook, I only deploy common rules (close
>> everything by default, allow ping and ssh). Then, each roles can add
>> some rules. The "webserver" role, for instance, adds a rule file to
>> open HTTP and HTTP ports.
>>
>> You just have to pay attention to the order in which the files will be
>> executed.
>>
>> Le 13/10/08 14:43, Kahlil Hodgson claviotta :
>> > I'm using shorewall for all my VMs.  It's kinda overkill for a single
>> > nic, but I find it works quite well with ansible.
>> > The configuration for VMs with a single nic is very basic.
>> >
>> > The files
>> >
>> >shorewall.conf (1 one setting changed from default)
>> >policy (3 lines)
>> >zones  (2 lines)
>> >interfaces (1 line)
>> >
>> > are somewhat trivial and identical across all VMs.
>> >
>> > The
>> >
>> >rules  (3 - 10 lines)
>> >
>> > file is where the ingress and egress filtering is controlled and is
>> > easily templated.
>> >
>> > I also 'chain' handlers as follows to ensure modifications don't leave
>> > iptables in a bad state:
>> >
>> > tasks:
>> > 
>> >
>> > notify: check shorewall
>> >
>> > 
>> >
>> > handlers:
>> >
>> > - name: check shorewall
>> >   command: /sbin/shorewall check
>> >   notify: restart shorewall
>> >
>> > - name: restart shorewall
>> >   action: service name=shorewall state=restarted
>> >
>> > I'm happy to provide some initial content to get you started.
>> >
>> > Cheers,
>> >
>> > K
>> >
>> > Kahlil (Kal) Hodgson   GPG: C9A02289
>> > Head of Technology (m) +61 (0) 4 2573 0382
>> > DealMax Pty Ltd(w) +61 (0) 3 9008 5281
>> >
>> > Suite 1415
>> > 401 Docklands Drive
>> > Docklands VIC 3008 Australia
>> >
>> > "All parts should go together without forcing.  You must remember that
>> > the parts you are reassembling were disassembled by you.  Therefore,
>> > if you can't get them together again, there must be a reason.  By all
>> > means, do not use a hammer."  -- IBM maintenance manual, 1925
>> >
>> >
>> >
>> > On Tue, Oct 8, 2013 at 1:49 PM, David Reagan  wrote:
>> > > Yes, the firewall also manages internal DMZ's. We are protected quite
>> well,
>> > > adding the firewall to the VM's on our network is just on extra step
>> to be
>> > > as secure as possible.
>> > >
>> > > I do have a few VM's outside the main firewall, on those I'm
>> currently using
>> > > ufw.
>> > >
>> > > So the main point of my post was just to get a general idea of how
>> others
>> > > are managing firewalls with Ansible.
>> > >
>> > > --David Reagan
>> > >
>> > >
>> > > On Mon, Oct 7, 2013 at 5:38

Re: [ansible-project] register ec2 instance id and use it in ec2_ami module

2014-12-11 Thread Navid Paya 
Thanks, James. Upgrading Ansible from 1.8.1 to 1.8.2 and adding the braces
totally did the job.

On Thu, Dec 11, 2014 at 11:30 PM, James Cammarata 
wrote:
>
> Hi Navid, what version of Ansible are you running? You might try using
> jinja2 braces around the ec2.instances variable in the with_items list, as
> there was a bug recently about variables like that not expanding properly
> (which should be fixed in 1.8.2).
>
> On Thu, Dec 11, 2014 at 8:36 AM, Navid Paya  wrote:
>
>> Hi all
>> I'm trying to make some kind of automation to create an AMI out of an EC2
>> instance. So I have this chunk that creates the instance:
>>
>> - name: Launch an Ubuntu 14.04 EC2 instance
>>   hosts: localhost
>>   connection: local
>>   gather_facts: no
>>   tasks:
>>   - name: Find the latest Ubuntu AMI
>> ec2_ami_search: distro=ubuntu release=trusty region=ap-southeast-1
>> store=ebs-ssd virt=hvm
>> register: ubuntu_image
>>   - name: Start the new EC2 instance
>> ec2:
>>   image: "{{ ubuntu_image.ami }}"
>>   region: ap-southeast-1
>>   zone: ap-southeast-1b
>>   instance_type: t2.small
>>   vpc_subnet_id: 
>>   group_id: ['sg-', 'sg-xxx']
>>   key_name: random_key
>>   wait: yes
>>   wait_timeout: 500
>> register: ec2
>>   - name: Add the new instance to host group
>> add_host: hostname={{ item.private_ip }} groupname=launched
>> with_items: ec2.instances
>>   - name: Wait for SSH to come up on the new instance
>> wait_for: host={{ item.private_ip }} port=22 delay=60 timeout=320
>> state=started
>> with_items: ec2.instances
>>
>> Then I try to use the instance and generate an AMI out of that:
>>
>> - name: Create an AMI from the provisioned instance
>>   hosts: localhost
>>   connection: local
>>   gather_facts: no
>>   tasks:
>>   - ec2_ami: region=ap-southeast-1 instance_id={{ item.id }} wait=no
>> name=basebox-200
>> with_items:
>>   - ec2.instances
>>
>> - name: Delete the instance now that the AMI is created
>>   hosts: localhost
>>   connection: local
>>   gather_facts: no
>>   tasks:
>>   - ec2:
>>   region: ap-southeast-1
>>   instance_ids: "{{ item.id }}"
>>   state: 'absent'
>> with_items:
>>   - ec2.instances
>>
>> But I get errors like this:
>>
>>
>> TASK: [ec2_ami region=ap-southeast-1 instance_id={{ item.id }} wait=no
>> name=basebox-200] ***
>> fatal: [localhost] => One or more undefined variables: 'str object' has
>> no attribute 'id'
>>
>> I guess I'm missing something with iterating over a hash but can't figure
>> what. Any ideas?
>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/cc359c02-afd3-4c71-931d-7c5db8fde6a6%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/VkA8f77Pn9E/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAMFyvFip1qw%2B_bFSB2YrOqHoMYPwEL%2B4%2Bgckj18Y_CnWkE3J5g%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFsFwzvQxNRuYzn45EyMntyYbWKUWSbdiH2RQYJges%2BBjww5dQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Creating Windows modules

2014-12-11 Thread Michael DeHaan 
They are required to be in powershell (unfortunately for those that don't
like Powershell!  maybe fortunate for those that do - as it does provide a
very strong 'standard library' of stuff to do on Windows that Microsoft
maintains for us - so ... that's a win).   This is so we don't have to
install any agents on the remote machines, and they work using Windows
powershell remoting.



On Thu, Dec 11, 2014 at 5:43 PM, skinnedknuckles <
andersonjonatha...@gmail.com> wrote:
>
> Are modules intended to run on windows remote nodes required to be written
> in powershell script or is there a way to turn python code into a "windows"
> module?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/aa18830a-30d9-483e-b446-e0562491ddd7%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgymdeL-_%2BiVSDitRULqVEb2k4LH_Ds-RWpbGcTDFk6FrA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] how to build docker image?

2014-12-11 Thread Michael DeHaan 
Yeah so we find it odd that a Dockerfile, that usually contains
ansible-playbooks, would be executed by Ansible.

We think in most cases it would be executed by a build system (like
Jenkins), or even a Makefile... and that like most packaging tools it would
be done before the ansible-playbook was run.

So the command module is we think the nice way to go, if you really want to
do that, and I think that's fine.

Hope this helps!

On Thu, Dec 11, 2014 at 6:18 PM, Shunsuke Mie  wrote:
>
> I find docker_image module, but this module is deprecated.
> So now, I using commands module.
> Can i build docker image any way?
>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/a8030ff0-71e2-4eff-9a8d-62d46f84e3b1%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzJrM9xaZn9rJM2z%3DSBZ1Ri0W%2BZmioXKog%2BLW%3DbsiNVGQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] how to build docker image?

2014-12-11 Thread Shunsuke Mie 
I find docker_image module, but this module is deprecated.
So now, I using commands module.
Can i build docker image any way?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a8030ff0-71e2-4eff-9a8d-62d46f84e3b1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to build docker image?

2014-12-11 Thread Shunsuke Mie 
I want to build docker image by ansible, but docker_image is deprecated 
module.
Can I be build in any way?

I couldn't write english well, so this sentence is incorrect.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4af0983f-94c0-401b-9007-6ea267a0a3b0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] git diff vault files

2014-12-11 Thread Michael DeHaan 
I'd consider using the new "ansible-vault view" command to view when you
don't want to edit -- it's new on the devel branch if not actually part of
1.8.

I don't remember :) ... but it may help and avoid writing the script.



On Tue, Dec 9, 2014 at 7:45 PM, Toshio Kuratomi 
wrote:
>
> I haven't used vault extensively so I've never had to dive into this
> before.  however, I think that either filters or pointing git at an
> external diff tool which you write a short wrapper to do the
> decryption are the ways to do this.  Doing some web searching I do
> notive that other people are using git's filters for similar
> transparent encryption and decryption operations.  For instance:
>
> https://www.agwa.name/projects/git-crypt/
>
> http://stackoverflow.com/questions/11575398/how-can-i-save-my-secret-keys-and-password-securely-in-my-version-control-system
>
> Sorry I don't have an out of the box recipe for you but it does seem
> doable with a bit of time and reading.
>
> -Toshio
>
> On Tue, Dec 9, 2014 at 8:26 AM, Damjan Georgievski 
> wrote:
> > Now that we started using vault files for secret data, one of the
> problems
> > is that git diff on the vault files gives the whole file as changed
> > (understandably).
> > The trouble I have now is that I use git diff before I commit to double
> > check I didn't change something I didn't want to.
> >
> > Is there some trick that people are using to git diff encrypted files?
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to ansible-project+unsubscr...@googlegroups.com.
> > To post to this group, send email to ansible-project@googlegroups.com.
> > To view this discussion on the web visit
> >
> https://groups.google.com/d/msgid/ansible-project/05816297-316c-48fb-b1a0-875202ef1fc6%40googlegroups.com
> .
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAG9juEqz0BvLzEqmHTFzaw1XeXZNZq99a1L9SHjfETkMujpHOA%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwJqeHCgprAYfAGhG9g2JG6tpAUMEBKWFe1VD3ZXrFgWg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Regexp matching with replace module, but not with lineinfile

2014-12-11 Thread Michael DeHaan 
Alas, not much time to help debug a regex.

It is said:

There was a man who had a problem.  He tried to solve it with a regex.
Now the man had two problems.

I generally like to use the "template" module whenever I can, as Ansible's
ethos is generally "keep things simple" wherever possible.

Lineinfile only really makes sense when there is no other way, and even
then, sed can occasionally be an easier thing to master.  I'm not a great
fan of the module, to be honest.  Others like it though, so it stays :)



On Wed, Dec 10, 2014 at 11:58 AM, Florent B  wrote:
>
> Hi,
>
> I'm a newbie with Ansible, and I have a problem.
>
> First, I use version 1.8.2, stock, without anything added.
>
> Then, I want to configure /etc/network/interfaces file with Ansible, so I
> need to work with regexp to do what I want.
>
> My goal is to add or rewrite some bridges configuration in that file.
>
> I use this :
>
> - name: Configure /etc/network/interfaces
>   lineinfile:
> dest: /etc/network/interfaces
> regexp: '[\r\n](# DO NOT TOUCH BEGIN[\n\r])?auto[ \t]+{{ item.if }}[
> \t]*[\n\r](?:[ \t]*.*[\n\r])*?[ \t]*bridge_maxwait[ \t]+0[ \t]*([\n\r]# DO
> NOT TOUCH END[\n\r])?'
> line: |
>
>   # DO NOT TOUCH BEGIN
>   auto {{ item.if }}
>   iface {{ item.if }} inet static
>   address {{ item.ip }}{{ ipconfig.stdout|trim }}
>   netmask 255.255.0.0
>   bridge_portsnone
>   bridge_stp  off
>   bridge_fd   0
>   bridge_maxwait  0
>   # DO NOT TOUCH END
>   with_items: vlans
>   register: interface_configured
>
> I want to add the "DO NOT TOUCH" for existing bridges too, and of course
> create lines for non-existing ones.
>
> You can test regexp here : https://regex101.com/r/sK7iF0/1
>
> We can see that for example, it matches for vmbr10.
>
> Instead of replacing those lines, Ansible lineinfile add the line at the
> end of file :
>
> # DO NOT TOUCH BEGIN
> auto vmbr10
> iface vmbr10 inet static
> address 10.111.0.2
> netmask 255.255.0.0
> bridge_portsnone
> bridge_stp  off
> bridge_fd   0
> bridge_maxwait  0
> # DO NOT TOUCH END
>
> If I change "lineinfile" and "line" with "replace" and "replace", it works
> ! It replaces the matched result, but of course it does not add lines when
> bridge does not exists :(
>
> I see in documentation that replace module is working with "multiline"
> regexp, but if I force multiline mode in lineinfile adding "(?m)" at the
> beginning, it does not work better... :(
>
> Is someone understanding what is my problem ? And how can I do it better :)
>
> Thank you a lot.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/296f1ded-339a-4221-908c-4fc13e16c7ee%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgwKPp702s20AqHxwafJXpSJGNsXPRN%2Bp6Tgj8buXaCexQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Passing register variable to a role called by playbook?

2014-12-11 Thread Michael DeHaan 
Perhaps I'm not completely following the question:

" I am able to capture the elastic IP via register but how do I call it
from the role?"

Basically any variable already registered can be used like "{{ foo }}" in
subsequent roles/tasks/whatever -- so maybe you could help me understand
where the point of confusion is?

Want to help, just a bit unclear on it.  Thanks!



On Wed, Dec 10, 2014 at 3:18 PM,  wrote:
>
> Quick correction on this. I pasted the wrong data where it says "name:
> allocate a new elastic IP without associating it to anything" The play
> actually looks like this:
>
> - name: Associate a new Elastic IP to instance
>   ec2_eip: region=us-east-1 in_vpc=yes "instance_id={{ item }}"
>   with_items: ec2.instance_ids
>   register: eiptest
>
> On Wednesday, December 10, 2014 2:11:41 PM UTC-6, ji...@pristine.io wrote:
>>
>> I am launching one-off ec2 instance for development purposes and in the
>> main playbook I am launching an EC2 instance then assigning an elastic IP.
>> Once all of that is done I am configuring the server via a role. I am able
>> to capture the elastic IP via register but how do I call it from the role?
>> Or more specifically how can I call it in a configuration template from
>> within the role that is applied?
>>
>> Here's an example:
>>
>> launch-server.yml:
>>
>> - name: Launch ec2 instance
>>   hosts: localhost
>>   gather_facts: False
>>   vars:
>> key_name: ssh-key
>> instance_type: t2.medium
>> group_id: sg-f834234
>> image: ami-b234234
>> region: us-east-1
>> vpc_subnet_id: subnet-65wer234
>>   tasks:
>>
>> - name: Launch instance
>>   local_action: ec2 key_name={{ key_name }} group_id={{ group_id }}
>> instance_type={{ instance_type }} image={{ image }} wait=true region={{
>> region }} vpc_subnet_id={{ vpc_subnet_id }} instance_tags='{"Name":"ec2-
>> instance"}'
>>   register: ec2
>>
>> - name: allocate a new elastic IP without associating it to anything
>>   action: ec2_eip region=us-east-1
>>   register: eiptest
>>
>> - name: output the IP
>>   debug: msg="Allocated IP is {{ eiptest.public_ip }}" <--- this
>> prints the elastic IP to the screen.
>>
>> - name: Add new instance to host group
>>   local_action: add_host hostname={{ item.private_ip }}
>> groupname=launched
>>   with_items: ec2.instances
>>
>> - name: Wait for SSH to come up
>>   local_action: wait_for host={{ item.private_ip }} port=22 delay=60
>> timeout=320 state=started
>>   with_items: ec2.instances
>>
>> - name: Configure instance
>>   hosts: launched
>>   sudo: True
>>   gather_facts: True
>>   roles:
>> - myrole
>>
>> In the template from within the role it doesn't know about
>> eiptest.public_ip so it fails and reading the docs it seems that var will
>> be destroyed at the end of the play that calls the role. If I run ansible
>> hostname -m setup I don't see any entries for the elastic IP assigned to
>> the instance.
>>
>> I've tried a number of things and read through the docs but not having
>> much luck. I would like to keep the roles separate from the plays that
>> launch the instances if at all possible.
>>
>> Thanks!
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6613e7b0-3be9-40f1-9eb9-4fbe685297ea%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxH_VcJYzw47Q6c%2BwD_5if7JnbKa1oqTLe6v%2B1EcYxDbw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] mysql_db state=import only once

2014-12-11 Thread Michael DeHaan 
" as I was running several tasks in a row, all using with_items on the same
array and could not use a handler."

If using with_items and a handler, you'll get one notification if anything
in the list reports changed.

I think what you have is ok really, because you'll want those things to
happen "then" rather than at the end when handlers normally run, so good
work!

On Mon, Dec 8, 2014 at 2:14 PM, Jae Task  wrote:
>
> Hi, First of all I want to thank you all for this thread, it helped me
> solve a problem that I was struggling with. This is my first post to the
> group and want to say hello :)
>
> I have a slightly different solution to this problem as I was running
> several tasks in a row, all using with_items on the same array and could
> not use a handler.
>
> I am building a multi wordpress installation playbook and solved the
> problem like this:
>
> - name: Create wordpress database
>   mysql_db: name={{ item.wp_db_name }} state=present
>   with_items: wordpress_nginx_sites
>   register: create_wordpress_databases
>
> #- name: debug reg
> #  debug: var="{{ create_wordpress_databases }}"
>
> - name: Create wordpress database user
>   mysql_user: name={{ item.wp_db_user }} password={{ item.wp_db_password
> }} priv={{ item.wp_db_name }}.*:ALL host='localhost' state=present
>   with_items: wordpress_nginx_sites
>
> - name: Copy the wordpress mysql db
>   copy: src=files/sites/{{ item.item.name }}/{{ item.item.wp_db_name
> }}.sql dest=/tmp
>   when: item.changed == True
>   with_items: create_wordpress_databases.results
>
> - name: Import the database
>   mysql_db: name={{ item.item.wp_db_name }} state=import target=/tmp/{{
> item.item.wp_db_name }}.sql
>   when: item.changed == True
>   with_items: create_wordpress_databases.results
>
>
> As you can see. Because there are multiple databases being created via
> looping a dictionary, I could not see a way to call a handler and know
> which element of the dictionary had triggered the handler.
>
> The interesting part of this is when looping the result of the create
> task, you must use {{ item.item.name }} to get at the value.
>
> I am fairly new to ansible so feel free to advise on a better way of doing
> this if Its not best practice.
>
> Jae.
>
>
>
> On Friday, 7 February 2014 04:06:48 UTC, Jeff Geerling wrote:
>>
>> Coming into this discussion a little late, but here's an example to
>> illustrate what's being suggested:
>>
>> Play:
>>
>> - name: Ensure example database exists.
>>   mysql_db: name=exampledb state=present
>>   notify: import example database
>>
>> Handler:
>>
>> - name: import example database
>>   mysql_db: name=example state=import target=/path/to/example_schema.sql
>>
>> This works great, and avoids errors I was getting when I tried doing the
>> import straightaway; the import only seems to work if the database already
>> exists.
>>
>> On Tuesday, November 26, 2013 3:12:25 PM UTC-6, Fred Badel wrote:
>>>
>>> I don’t know why, but in my mind, notifying handlers was only to restart
>>> a service … now I can see the light!! :)
>>>
>>> Although, this would not help if the db exists but is empty, you just
>>> help me understand how I can use and how useful “notify” can be !
>>>
>>> Thank you.
>>>
>>> fred
>>>
>>> On Nov 26, 2013, at 19:18 , David Karban  wrote:
>>>
>>> Hi,
>>>
>>> you can use notify in create DB to create schema. That way, it will be
>>> called only on db creation.
>>>
>>> David
>>>  Dne 26.11.2013 17:42 "Fred Badel"  napsal(a):
>>>
 Hello,

 I have a playbook that create a mysql DB and import an empty schema:

 - name: create DB
   mysql_db: name={{ db_name }} state=present login_host=127.0.0.1

 - name: create schema
   mysql_db: name={{ db_name }} state=import login_host=127.0.0.1
 target=/create_tables.sql

 From what i could notice, the sql file is imported each time the
 playbook is run ... (aka, the task is marked as changed each time I run the
 playbook)
 is this an expected behavior?
 does someone have a recommended way of using the import feature and run
 it only once?

 Thanks.

 Fred

 --
 You received this message because you are subscribed to the Google
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to ansible-proje...@googlegroups.com.
 For more options, visit https://groups.google.com/groups/opt_out.

>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>>
>>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-projec

Re: [ansible-project] using anyconfig-0.0.5 as a module in ansible

2014-12-11 Thread Michael DeHaan 
"  Are there any other requirements or protocols unique to windows
modules? "

Generally if submitting them to core (I don't understand anyconfig yet so
not sure we'd take it), docs go in a corresponding ".py" file (see other
windows modules for an example.

But that's pretty much it - just follow the examples of the others, etc.



On Thu, Dec 11, 2014 at 5:16 PM, skinnedknuckles <
andersonjonatha...@gmail.com> wrote:
>
> Along with updating software remotely I need to update multiple parameter
> files where sometimes values are to be overwritten and other times original
> values should be persisted (maintained) if they already exist. I found a
> python library called anyconfig which
> seems to have this capability using the MS_REPLACE and MS_NO_REPLACE
> flags.  So as I understand, in order to use this code as an ansible module
> I need to modify it to conform to ansible module standards as defined in
> the documentation
> .
> And since my remote nodes are windows machines it will be set up to run on
> windows and the module name should be prefixed with "win_" like all the
> other windows modules.  Are there any other requirements or protocols
> unique to windows modules?  This is a bit over my head so before I dive in
> and wrestle with it for days I just want to be sure I'm on the right track.
> OR maybe there is an easier way to do this. And I'd like to know that I'm
> attempting something that is at least in the realm of possibility.  Any
> comments or suggestions are welcome.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ee88172a-b916-4092-ae7b-a165238f0045%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzhTKM5HMXdJ2-gGN8JLqa6quNBvkBHvtNOQB-sfLN5gg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Creating Windows modules

2014-12-11 Thread skinnedknuckles 
Are modules intended to run on windows remote nodes required to be written 
in powershell script or is there a way to turn python code into a "windows" 
module?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/aa18830a-30d9-483e-b446-e0562491ddd7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible fails to restart if handler is broken?

2014-12-11 Thread Michael DeHaan 
"I am afraid this is not correct. I am testing it now with 1.8.2 and I can
assure you that  '--force-handlers' will not trigger a handler if that
handler has not been notified by a task."

Can you please paste a minimal playbook that shows this as well as your CLI
invocation?

Thanks!



On Thu, Dec 11, 2014 at 1:58 PM, Kevin Burton  wrote:

> Interesting.  Nice discussion.
>
> I think one issue is that there would be no easy way to revert tasks that
> fail without some type of API that instrumented changes.  Either that or
> have the tasks run in some sort of container that logged changes.  But of
> course you're not sure what type of changes to expect.  It could be a
> sysctl, FS changes, API call, etc.  How do you reliably roll those back?
>
> So I guess the solution is to just be careful and know what your scripts
> are doing.  And maybe in the future tasks could implement a rollback API
> for when they fail but of course this might not be reliably supported
> everywhere.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/30797ca0-8128-4f2e-9600-0650d1b92d40%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxeRNXJj9o_yGfJfndjqmm%2BUUNJJucJJkEc05jhbZJJpA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] using anyconfig-0.0.5 as a module in ansible

2014-12-11 Thread skinnedknuckles 
Along with updating software remotely I need to update multiple parameter 
files where sometimes values are to be overwritten and other times original 
values should be persisted (maintained) if they already exist. I found a 
python library called anyconfig which 
seems to have this capability using the MS_REPLACE and MS_NO_REPLACE flags. 
 So as I understand, in order to use this code as an ansible module I need 
to modify it to conform to ansible module standards as defined in the 
documentation 
. 
 And since my remote nodes are windows machines it will be set up to run on 
windows and the module name should be prefixed with "win_" like all the 
other windows modules.  Are there any other requirements or protocols 
unique to windows modules?  This is a bit over my head so before I dive in 
and wrestle with it for days I just want to be sure I'm on the right track. 
OR maybe there is an easier way to do this. And I'd like to know that I'm 
attempting something that is at least in the realm of possibility.  Any 
comments or suggestions are welcome.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ee88172a-b916-4092-ae7b-a165238f0045%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread Mikael Sandström 
And just for completeness sake:

ansible-playbook extravar.yml -e 
'{"listname":[{"name":"foo","path":"/asd/bsdfr", 
"version":"2"}]}'


PLAY [localhost] 
** 


TASK: [test extravars] 
 
ok: [localhost] => (item={u'path': u'/asd/bsdfr', u'version': u'2', u'name': 
u'foo'}) => {
"item": {
"name": "foo", 
"path": "/asd/bsdfr", 
"version": "2"
}, 
"msg": "version - 2"
}


Thanks!
/M

Den torsdagen den 11:e december 2014 kl. 20:44:48 UTC+1 skrev Michael 
DeHaan:
>
> JSON needs to be valid JSON :)
>
>
>
> On Thu, Dec 11, 2014 at 2:30 PM, Mikael Sandström  > wrote:
>
>> Thanks!
>>
>> I cant get it to behave as a 'normal' list though, so obviously I'm doing 
>> something wrong.
>>
>> If I run this playbook without extra vars:
>>
>>
>> ---
>> - hosts: localhost
>>   connection: local
>>   gather_facts: false
>>   vars: 
>> listname:  
>>   - name: ble
>> version: 1
>> path: /some/path
>>
>>   tasks:
>>   - name: test extravars
>> debug: msg="version - {{ item.version }}"
>> #debug: msg=""
>> with_items: listname
>>
>>
>>
>> It works as expected, and I get this:
>>
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item={'path': '/some/path', 'version': 1, 'name': 
>> 'ble'}) => {
>> "item": {
>> "name": "ble", 
>> "path": "/some/path", 
>> "version": 1
>> }, 
>> "msg": *"version - 1"*
>> }
>>
>>
>> However, if I try to do this 
>>
>> ansible-playbook extravar.yml *-e '{"listname":["name: foo, path: 
>> /asd/bsdfr, version: 2"]}'*
>>
>>
>> PLAY [localhost] 
>> ** 
>>
>>
>> TASK: [test extravars] 
>>  
>> fatal: [localhost] => One or more undefined variables: 'unicode object' 
>> has no attribute 'version'
>>
>>
>> And I guess that is because everything in 'item' is treated like one 
>> string
>>
>>
>>
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item=name: foo, path: /asd/bsdfr, version: 2) => {
>> "item": "name: foo, path: /asd/bsdfr, version: 2", 
>> "msg": ""
>> }
>>
>>
>> If I quote each pair, I get 3 different 'items'
>>
>> ansible-playbook extravar.yml -e '{"listname":["name: foo", "path: 
>> /asd/bsdfr", "version: 2"]}'
>>
>>
>> PLAY [localhost] 
>> ** 
>>
>>
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item=name: foo) => {
>> "item": "name: foo", 
>> "msg": ""
>> }
>> ok: [localhost] => (item=path: /asd/bsdfr) => {
>> "item": "path: /asd/bsdfr", 
>> "msg": ""
>> }
>> ok: [localhost] => (item=version: 2) => {
>> "item": "version: 2", 
>> "msg": ""
>>
>>
>>
>> So, how should the quotes be placed to get it to behave like a 'normal' 
>> list? Or is there something else I need to do?
>>
>> regards
>> /M
>>
>>
>>
>>
>> Den torsdagen den 11:e december 2014 kl. 18:36:19 UTC+1 skrev James 
>> Cammarata:
>>>
>>> Hi Mikael,
>>>
>>> There are essentially two ways you can do this:
>>>
>>> 1) Use quoted JSON
>>> 2) Put the data in either a JSON or YAML file.
>>>
>>> Please refer to the documentation here for more details: 
>>> http://docs.ansible.com/playbooks_variables.html#
>>> passing-variables-on-the-command-line
>>>
>>> Thanks!
>>>
>>> On Thu, Dec 11, 2014 at 11:22 AM, Mikael Sandström  
>>> wrote:
>>>
 Hi,

 I got a list that looks like this

 listname:  
   - name: ble
 version: 1
 path: /some/path
 ...
 ...


 which is accessed as

 - name: do something
   shell: run some command
   with_items: listname


 If I want to pass the list to a playbook as an --extra-vars, how would 
 I do that?

 regards
 /M

 -- 
 You received this message because you are subscribed to the Google 
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send 
 an email to ansible-proje...@googlegroups.com.
 To post to this group, send email to ansible...@googlegroups.com.
 To view this discussion on the web visit https://groups.google.com/d/
 msgid/ansible-project/bd3b24c6-0936-41a6-87ed-
 581142f0b354%40googlegroups.com 
 
 .
 For more options, visit https://groups.google.com/d/optout.

>>>
>>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe fro

Re: [ansible-project] Using dependency graphs to speed up ansible?

2014-12-11 Thread Michael DeHaan 
Yep, I would highly recommend tags to reference just the stuff you changed.

There is nothing that is going to monitor what files you edited
automatically - that's a bit too complex of a problem and not a use case
we're interested in.

Do read http://www.ansible.com/blog/ansible-performance-tuning if you have
not already.



On Thu, Dec 11, 2014 at 3:18 PM, James Cammarata 
wrote:

> Hi Kevin,
>
> This is probably something better suited for ansible-devel, however to
> answer your question we do already provide several methods for limiting the
> scope of playbook runs (--tags, --start-at-task, --step, etc.). Ansible is
> really very linear, even when considering role dependencies (we compile
> everything down into a single list of tasks, and iterate through that), so
> there's no crazy dependency resolution to fix.
>
> Also, there is the added complication that things on remote targets may
> have changed, so in general you would not want to automatically limit the
> execution of a playbook to only those parts of the play which have changed
> on the controlling machine.
>
> While your suggestion might be technically possible, it definitely seems
> overly complex for what Ansible does. If you only need to re-run a single
> role or even a small subset of tasks, it is pretty trivial to create a new
> playbook to do so.
>
> Thanks!
>
>
> On Thu, Dec 11, 2014 at 1:48 PM, Kevin Burton 
> wrote:
>
>> Has anyone done any work on using dependency graphs to speed up ansible.
>>
>> For example, if I have one big site.yml, and I only change an edge role,
>> something small, it doesn't make sense to re-run ALL playbooks.
>>
>> There might be situations where this makes sense.  There might be some
>> API dependencies though but maybe you could hard code some exemptions for
>> dependency computation.
>>
>> This is generally how incremental compilers work btw.  No sense
>> recompiling your whole app if dependencies haven't changed.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/0ba85b46-00fc-426c-87ea-7ba54a8cc585%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAMFyvFhZtF%3DR3G1%3DzNtWVYXvDZdCyoj_Bq9A5OWg9_dOP-dY1Q%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgxxMqQwUeVCueGsUZBxpd7hw1iUKLeBrRs%3DVyc786kyPQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Using dependency graphs to speed up ansible?

2014-12-11 Thread James Cammarata 
Hi Kevin,

This is probably something better suited for ansible-devel, however to
answer your question we do already provide several methods for limiting the
scope of playbook runs (--tags, --start-at-task, --step, etc.). Ansible is
really very linear, even when considering role dependencies (we compile
everything down into a single list of tasks, and iterate through that), so
there's no crazy dependency resolution to fix.

Also, there is the added complication that things on remote targets may
have changed, so in general you would not want to automatically limit the
execution of a playbook to only those parts of the play which have changed
on the controlling machine.

While your suggestion might be technically possible, it definitely seems
overly complex for what Ansible does. If you only need to re-run a single
role or even a small subset of tasks, it is pretty trivial to create a new
playbook to do so.

Thanks!


On Thu, Dec 11, 2014 at 1:48 PM, Kevin Burton  wrote:

> Has anyone done any work on using dependency graphs to speed up ansible.
>
> For example, if I have one big site.yml, and I only change an edge role,
> something small, it doesn't make sense to re-run ALL playbooks.
>
> There might be situations where this makes sense.  There might be some API
> dependencies though but maybe you could hard code some exemptions for
> dependency computation.
>
> This is generally how incremental compilers work btw.  No sense
> recompiling your whole app if dependencies haven't changed.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/0ba85b46-00fc-426c-87ea-7ba54a8cc585%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFhZtF%3DR3G1%3DzNtWVYXvDZdCyoj_Bq9A5OWg9_dOP-dY1Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread Mikael Sandström 
Well,  I guess that helps ;-) it's been a long day...

All good now, thanks!
/M


> On 11 dec 2014, at 20:44, Michael DeHaan  wrote:
> 
> JSON needs to be valid JSON :)
> 
> 
> 
>> On Thu, Dec 11, 2014 at 2:30 PM, Mikael Sandström  wrote:
>> Thanks!
>> 
>> I cant get it to behave as a 'normal' list though, so obviously I'm doing 
>> something wrong.
>> 
>> If I run this playbook without extra vars:
>> 
>> 
>> ---
>> - hosts: localhost
>>   connection: local
>>   gather_facts: false
>>   vars: 
>> listname:  
>>   - name: ble
>> version: 1
>> path: /some/path
>> 
>>   tasks:
>>   - name: test extravars
>> debug: msg="version - {{ item.version }}"
>> #debug: msg=""
>> with_items: listname
>> 
>> 
>> 
>> It works as expected, and I get this:
>> 
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item={'path': '/some/path', 'version': 1, 'name': 
>> 'ble'}) => {
>> "item": {
>> "name": "ble", 
>> "path": "/some/path", 
>> "version": 1
>> }, 
>> "msg": "version - 1"
>> }
>> 
>> 
>> However, if I try to do this 
>> 
>> ansible-playbook extravar.yml -e '{"listname":["name: foo, path: /asd/bsdfr, 
>> version: 2"]}'
>> 
>> 
>> PLAY [localhost] 
>> ** 
>> 
>> 
>> TASK: [test extravars] 
>>  
>> fatal: [localhost] => One or more undefined variables: 'unicode object' has 
>> no attribute 'version'
>> 
>> 
>> And I guess that is because everything in 'item' is treated like one string
>> 
>> 
>> 
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item=name: foo, path: /asd/bsdfr, version: 2) => {
>> "item": "name: foo, path: /asd/bsdfr, version: 2", 
>> "msg": ""
>> }
>> 
>> 
>> If I quote each pair, I get 3 different 'items'
>> 
>> ansible-playbook extravar.yml -e '{"listname":["name: foo", "path: 
>> /asd/bsdfr", "version: 2"]}'
>> 
>> 
>> PLAY [localhost] 
>> ** 
>> 
>> 
>> TASK: [test extravars] 
>>  
>> ok: [localhost] => (item=name: foo) => {
>> "item": "name: foo", 
>> "msg": ""
>> }
>> ok: [localhost] => (item=path: /asd/bsdfr) => {
>> "item": "path: /asd/bsdfr", 
>> "msg": ""
>> }
>> ok: [localhost] => (item=version: 2) => {
>> "item": "version: 2", 
>> "msg": ""
>> 
>> 
>> 
>> So, how should the quotes be placed to get it to behave like a 'normal' 
>> list? Or is there something else I need to do?
>> 
>> regards
>> /M
>> 
>> 
>> 
>> 
>>> Den torsdagen den 11:e december 2014 kl. 18:36:19 UTC+1 skrev James 
>>> Cammarata:
>>> Hi Mikael,
>>> 
>>> There are essentially two ways you can do this:
>>> 
>>> 1) Use quoted JSON
>>> 2) Put the data in either a JSON or YAML file.
>>> 
>>> Please refer to the documentation here for more details: 
>>> http://docs.ansible.com/playbooks_variables.html#passing-variables-on-the-command-line
>>> 
>>> Thanks!
>>> 
 On Thu, Dec 11, 2014 at 11:22 AM, Mikael Sandström  
 wrote:
 Hi,
 
 I got a list that looks like this
 
 listname:  
   - name: ble
 version: 1
 path: /some/path
 ...
 ...
 
 
 which is accessed as
 
 - name: do something
   shell: run some command
   with_items: listname
 
 
 If I want to pass the list to a playbook as an --extra-vars, how would I 
 do that?
 
 regards
 /M
 -- 
 You received this message because you are subscribed to the Google Groups 
 "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to ansible-proje...@googlegroups.com.
 To post to this group, send email to ansible...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/ansible-project/bd3b24c6-0936-41a6-87ed-581142f0b354%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/c670d5db-060a-4208-9aff-d921b6bf258b%40googlegroups.com.
>> 
>> For more options, visit https://groups.google.com/d/optout.
> 
> -- 
> You received this message because you are subscribed to a topic in the Google 
> Groups "Ansible Project" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/ansible-pr

Re: [ansible-project] Can I slice an existing group within a play (without a unique attribute to group_by)?

2014-12-11 Thread James Cammarata 
Hi Mark, the way you're planning is the correct way to do this, however you
could use a conditional on the ldap role such that it would only run if the
consul_ldap group was in the current host's groups:

- { role: consul_ldap, when: "'consul_ldap' is in group_names" }

I don't really recommend doing that, but it's there should you decide to
use it.


On Thu, Dec 11, 2014 at 12:47 PM, Mark Casey  wrote:

> Hello,
>
> I have a group of servers in EC2 that will be a cluster of Consul server
> nodes, but on some of them I also want to run LDAP.
>
> I believe in a static inventory file this would be:
>
> [consul]
> server1
> server2
> server3
>
> [ldap]
> server1
> server 2
>
> I'm using the pattern from the EC2 guide of calling out to the ec2 module
> to create or persist/no-op the instances and then using add_host to group
> them (so it does ec2/add_host during every call to ansible-playbook). I'm
> passing 'type: consul' in to the ec2 role which ends up in some of the
> naming tags and being used for idempotence/exact_count.
>
> My question is: Where do I create the second group ('ldap')?
>
> I'm kind of hoping I could slice the existing 'consul' group into an ldap
> group or start a play (within the same run of ansible-playbook) on only
> some of the hosts in the consul group:
>
> - name: Create instances
>   hosts: localhost
>   connection: local
>   roles:
> - role: ec2
>   type: consul
>   count: 3
>
> - name: Install Consul
>   hosts: consul
>   roles:
> - role: consul
>
> - name: Install LDAP
>   hosts: *"A subset of 'consul', or a new 'ldap' subgroup created from a
> subset of 'consul'"*
>   roles:
> - role: ldap
>
>
> And finally... the catch.
>
> I'm using just enough tags to name the instances and get
> 'count_tags'+'exact_count' to work with the EC2 module. I'd rather not add
> more tags to get an 'ldap' group out of ec2.py because I want to be able to
> use this with other cloud providers (existing playbooks already work with
> EC2 and Rackspace). In the past I've found that some providers may only
> support one tag/group, may not allow changing groups via API, or don't do
> tags/groups at all and impotence is based on the instance name alone.
>
> I'm hoping I'm overlooking an obvious fix but right now I'm planning to do:
>
> - name: Create instances
>   hosts: localhost
>   connection: local
>   roles:
> - role: ec2
>   type: consul_ldap
>   count: 2
> - role: ec2
>   type: consul
>   count: 1
>
> - name: Install Consul
>   hosts: *consul_ldap:consul*
>   roles:
> - role: consul
>
> - name: Install LDAP
>   hosts: consul_ldap
>   roles:
> - role: ldap
>
>
> Thanks,
> Mark
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/24334d89-61fa-45ef-b1f1-8a71c67e7ff4%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFhqf-%2Be6FU_%2BnXN3Yw2qXgvvRXvmi2y%3DjOCaqVC3R9o7A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Using dependency graphs to speed up ansible?

2014-12-11 Thread Kevin Burton 
Has anyone done any work on using dependency graphs to speed up ansible.

For example, if I have one big site.yml, and I only change an edge role, 
something small, it doesn't make sense to re-run ALL playbooks.

There might be situations where this makes sense.  There might be some API 
dependencies though but maybe you could hard code some exemptions for 
dependency computation.

This is generally how incremental compilers work btw.  No sense recompiling 
your whole app if dependencies haven't changed.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0ba85b46-00fc-426c-87ea-7ba54a8cc585%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: custom modules & how to include custom files

2014-12-11 Thread Ananda Debnath 
Apologies if this topic has been hashed to death - but I wanted to follow 
up to see if there is a simple/clever way to solve this problem. I too am 
writing custom modules for Xen and there's a lot of boilerplate code common 
to many such modules that would be better off in a common shared python 
file rather than exist in each module file. It would definitely be nice if 
this could be done declaratively within each module file rather than 
hacking module_utils or some such "unsanctioned" mechanism.



On Friday, February 21, 2014 4:38:31 PM UTC-6, Raphael Randschau wrote:
>
> Hey there,
>
> while working on [ansible-rails][1] I came across a problem I have not yet 
> been able to solve by just reading and interpreting the ansible source code:
>
> how can I share common dependencies between multiple, custom commands? 
> E.g. given the following role directory structure:
>
> /example
> /example/library
> /example/library/command_a
> /example/library/command_b
> /example/library/shared_utility.py
> /example/library/__init__.py
>
> shared_utility.py contains classes used in both command_a AND command_b. 
>
> The way I understand ansible right now is that when command_a is used 
> inside a playbook/ role it's source is expanded and copied to the server 
> (sie ModuleReplacer inside the ansible source).
> However, due to this processing, I can't just import shared_utility, 
> because it's not copied to the remote server.
>
> My question now is this: how do I import shared code into ansible 
> commands? And equally important: how do I properly test these custom 
> commands without much hackery (I'm talking about good old unit tests in 
> this case!)
>
> Please advice - is this left out on purpose or just very badly documented 
> & hidden away?
>
> Thanks,
> Raphael
>
> [1]:https://github.com/nicolai86/ansible-rails
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/df136584-a555-4039-b433-4d0f9e7ce391%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread Michael DeHaan 
JSON needs to be valid JSON :)



On Thu, Dec 11, 2014 at 2:30 PM, Mikael Sandström  wrote:

> Thanks!
>
> I cant get it to behave as a 'normal' list though, so obviously I'm doing
> something wrong.
>
> If I run this playbook without extra vars:
>
>
> ---
> - hosts: localhost
>   connection: local
>   gather_facts: false
>   vars:
> listname:
>   - name: ble
> version: 1
> path: /some/path
>
>   tasks:
>   - name: test extravars
> debug: msg="version - {{ item.version }}"
> #debug: msg=""
> with_items: listname
>
>
>
> It works as expected, and I get this:
>
> TASK: [test extravars]
> 
> ok: [localhost] => (item={'path': '/some/path', 'version': 1, 'name':
> 'ble'}) => {
> "item": {
> "name": "ble",
> "path": "/some/path",
> "version": 1
> },
> "msg": *"version - 1"*
> }
>
>
> However, if I try to do this
>
> ansible-playbook extravar.yml *-e '{"listname":["name: foo, path:
> /asd/bsdfr, version: 2"]}'*
>
>
> PLAY [localhost]
> **
>
>
> TASK: [test extravars]
> 
> fatal: [localhost] => One or more undefined variables: 'unicode object'
> has no attribute 'version'
>
>
> And I guess that is because everything in 'item' is treated like one string
>
>
>
> TASK: [test extravars]
> 
> ok: [localhost] => (item=name: foo, path: /asd/bsdfr, version: 2) => {
> "item": "name: foo, path: /asd/bsdfr, version: 2",
> "msg": ""
> }
>
>
> If I quote each pair, I get 3 different 'items'
>
> ansible-playbook extravar.yml -e '{"listname":["name: foo", "path:
> /asd/bsdfr", "version: 2"]}'
>
>
> PLAY [localhost]
> **
>
>
> TASK: [test extravars]
> 
> ok: [localhost] => (item=name: foo) => {
> "item": "name: foo",
> "msg": ""
> }
> ok: [localhost] => (item=path: /asd/bsdfr) => {
> "item": "path: /asd/bsdfr",
> "msg": ""
> }
> ok: [localhost] => (item=version: 2) => {
> "item": "version: 2",
> "msg": ""
>
>
>
> So, how should the quotes be placed to get it to behave like a 'normal'
> list? Or is there something else I need to do?
>
> regards
> /M
>
>
>
>
> Den torsdagen den 11:e december 2014 kl. 18:36:19 UTC+1 skrev James
> Cammarata:
>>
>> Hi Mikael,
>>
>> There are essentially two ways you can do this:
>>
>> 1) Use quoted JSON
>> 2) Put the data in either a JSON or YAML file.
>>
>> Please refer to the documentation here for more details:
>> http://docs.ansible.com/playbooks_variables.html#
>> passing-variables-on-the-command-line
>>
>> Thanks!
>>
>> On Thu, Dec 11, 2014 at 11:22 AM, Mikael Sandström 
>> wrote:
>>
>>> Hi,
>>>
>>> I got a list that looks like this
>>>
>>> listname:
>>>   - name: ble
>>> version: 1
>>> path: /some/path
>>> ...
>>> ...
>>>
>>>
>>> which is accessed as
>>>
>>> - name: do something
>>>   shell: run some command
>>>   with_items: listname
>>>
>>>
>>> If I want to pass the list to a playbook as an --extra-vars, how would I
>>> do that?
>>>
>>> regards
>>> /M
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit https://groups.google.com/d/
>>> msgid/ansible-project/bd3b24c6-0936-41a6-87ed-
>>> 581142f0b354%40googlegroups.com
>>> 
>>> .
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c670d5db-060a-4208-9aff-d921b6bf258b%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this

Re: [ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread Mikael Sandström 
Thanks!

I cant get it to behave as a 'normal' list though, so obviously I'm doing 
something wrong.

If I run this playbook without extra vars:


---
- hosts: localhost
  connection: local
  gather_facts: false
  vars: 
listname:  
  - name: ble
version: 1
path: /some/path

  tasks:
  - name: test extravars
debug: msg="version - {{ item.version }}"
#debug: msg=""
with_items: listname



It works as expected, and I get this:

TASK: [test extravars] 
 
ok: [localhost] => (item={'path': '/some/path', 'version': 1, 'name': 
'ble'}) => {
"item": {
"name": "ble", 
"path": "/some/path", 
"version": 1
}, 
"msg": *"version - 1"*
}


However, if I try to do this 

ansible-playbook extravar.yml *-e '{"listname":["name: foo, path: 
/asd/bsdfr, version: 2"]}'*


PLAY [localhost] 
** 


TASK: [test extravars] 
 
fatal: [localhost] => One or more undefined variables: 'unicode object' has 
no attribute 'version'


And I guess that is because everything in 'item' is treated like one string



TASK: [test extravars] 
 
ok: [localhost] => (item=name: foo, path: /asd/bsdfr, version: 2) => {
"item": "name: foo, path: /asd/bsdfr, version: 2", 
"msg": ""
}


If I quote each pair, I get 3 different 'items'

ansible-playbook extravar.yml -e '{"listname":["name: foo", "path: 
/asd/bsdfr", "version: 2"]}'


PLAY [localhost] 
** 


TASK: [test extravars] 
 
ok: [localhost] => (item=name: foo) => {
"item": "name: foo", 
"msg": ""
}
ok: [localhost] => (item=path: /asd/bsdfr) => {
"item": "path: /asd/bsdfr", 
"msg": ""
}
ok: [localhost] => (item=version: 2) => {
"item": "version: 2", 
"msg": ""



So, how should the quotes be placed to get it to behave like a 'normal' 
list? Or is there something else I need to do?

regards
/M




Den torsdagen den 11:e december 2014 kl. 18:36:19 UTC+1 skrev James 
Cammarata:
>
> Hi Mikael,
>
> There are essentially two ways you can do this:
>
> 1) Use quoted JSON
> 2) Put the data in either a JSON or YAML file.
>
> Please refer to the documentation here for more details: 
> http://docs.ansible.com/playbooks_variables.html#passing-variables-on-the-command-line
>
> Thanks!
>
> On Thu, Dec 11, 2014 at 11:22 AM, Mikael Sandström  > wrote:
>
>> Hi,
>>
>> I got a list that looks like this
>>
>> listname:  
>>   - name: ble
>> version: 1
>> path: /some/path
>> ...
>> ...
>>
>>
>> which is accessed as
>>
>> - name: do something
>>   shell: run some command
>>   with_items: listname
>>
>>
>> If I want to pass the list to a playbook as an --extra-vars, how would I 
>> do that?
>>
>> regards
>> /M
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/bd3b24c6-0936-41a6-87ed-581142f0b354%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c670d5db-060a-4208-9aff-d921b6bf258b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible fails to restart if handler is broken?

2014-12-11 Thread Kevin Burton 
Interesting.  Nice discussion. 

I think one issue is that there would be no easy way to revert tasks that 
fail without some type of API that instrumented changes.  Either that or 
have the tasks run in some sort of container that logged changes.  But of 
course you're not sure what type of changes to expect.  It could be a 
sysctl, FS changes, API call, etc.  How do you reliably roll those back?

So I guess the solution is to just be careful and know what your scripts 
are doing.  And maybe in the future tasks could implement a rollback API 
for when they fail but of course this might not be reliably supported 
everywhere. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/30797ca0-8128-4f2e-9600-0650d1b92d40%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Vagrant Ansible Provisioner failing to ssh to guest machine

2014-12-11 Thread Mehul Ved 
I was looking through the docs again and saw
http://docs.ansible.com/intro_configuration.html#private-key-file so
vagrant is supplying the wrong CLI parameters? Has the parameter changed at
any point?


On Wed, Dec 10, 2014 at 3:08 PM, Mehul Ved  wrote:

> I am working on setting up Ansible provisioning with Vagrant.
> Here's what the relevant configuration looks like
> http://pastebin.com/Tr6DPsY2
> And here's the output http://pastebin.com/bDgWPHmY
> I am not sure why is it failing when private key file is given in the
> command line, if I give
> ansible_ssh_private_key_file=/home/mehul/.vagrant.d/insecure_private_key it
> works fine.
>
> --
> With Regards,
> Mehul Ved
>



-- 
With Regards,
Mehul Ved

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CADTL0oa8kKOpjEhwmFQOXjh12ZHVYoFVa7eW0bQ%3DvGFX1jUYyw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Can I slice an existing group within a play (without a unique attribute to group_by)?

2014-12-11 Thread Mark Casey 
Hello,

I have a group of servers in EC2 that will be a cluster of Consul server 
nodes, but on some of them I also want to run LDAP.

I believe in a static inventory file this would be:

[consul]
server1
server2
server3

[ldap]
server1
server 2

I'm using the pattern from the EC2 guide of calling out to the ec2 module 
to create or persist/no-op the instances and then using add_host to group 
them (so it does ec2/add_host during every call to ansible-playbook). I'm 
passing 'type: consul' in to the ec2 role which ends up in some of the 
naming tags and being used for idempotence/exact_count.

My question is: Where do I create the second group ('ldap')?

I'm kind of hoping I could slice the existing 'consul' group into an ldap 
group or start a play (within the same run of ansible-playbook) on only 
some of the hosts in the consul group:

- name: Create instances
  hosts: localhost
  connection: local
  roles:
- role: ec2
  type: consul
  count: 3

- name: Install Consul
  hosts: consul
  roles:
- role: consul

- name: Install LDAP
  hosts: *"A subset of 'consul', or a new 'ldap' subgroup created from a 
subset of 'consul'"*
  roles:
- role: ldap


And finally... the catch.

I'm using just enough tags to name the instances and get 
'count_tags'+'exact_count' to work with the EC2 module. I'd rather not add 
more tags to get an 'ldap' group out of ec2.py because I want to be able to 
use this with other cloud providers (existing playbooks already work with 
EC2 and Rackspace). In the past I've found that some providers may only 
support one tag/group, may not allow changing groups via API, or don't do 
tags/groups at all and impotence is based on the instance name alone.

I'm hoping I'm overlooking an obvious fix but right now I'm planning to do:

- name: Create instances
  hosts: localhost
  connection: local
  roles:
- role: ec2
  type: consul_ldap
  count: 2
- role: ec2
  type: consul
  count: 1

- name: Install Consul
  hosts: *consul_ldap:consul*
  roles:
- role: consul

- name: Install LDAP
  hosts: consul_ldap
  roles:
- role: ldap


Thanks,
Mark

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/24334d89-61fa-45ef-b1f1-8a71c67e7ff4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread James Cammarata 
Hi Mikael,

There are essentially two ways you can do this:

1) Use quoted JSON
2) Put the data in either a JSON or YAML file.

Please refer to the documentation here for more details:
http://docs.ansible.com/playbooks_variables.html#passing-variables-on-the-command-line

Thanks!

On Thu, Dec 11, 2014 at 11:22 AM, Mikael Sandström 
wrote:

> Hi,
>
> I got a list that looks like this
>
> listname:
>   - name: ble
> version: 1
> path: /some/path
> ...
> ...
>
>
> which is accessed as
>
> - name: do something
>   shell: run some command
>   with_items: listname
>
>
> If I want to pass the list to a playbook as an --extra-vars, how would I
> do that?
>
> regards
> /M
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/bd3b24c6-0936-41a6-87ed-581142f0b354%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFh_OL_Uq7wZWFe3HZukqb%2BLbAthehEds-TCQkbTjsJByw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to convince ansible-playbook to colorize output?

2014-12-11 Thread Bryan Berry 
tks guys! that's fantastic


On Thu, Dec 11, 2014 at 5:05 PM, Michael DeHaan  wrote:

> Actually, it's just
>
> export ANSIBLE_FORCE_COLOR=True
>
> unset the variable to remove the behavior
>
>
>
>
> On Thu, Dec 11, 2014 at 10:31 AM, Brian Coca  wrote:
>
>> try setting the environment variable in your master's shell
>> ANSIBLE_COLOR=True
>>
>>
>>
>> --
>> Brian Coca
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAJ5XC8mhWL0AhVSUq5JHHhOQ8HFdV1nS6N5F0emzdvYtLJzwng%40mail.gmail.com
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzAcwbVZ89NJCpKFhJv87u2ShmBjVO9UFs%3DceJZ7dKiww%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANsX4xRmUpsnXxTSW7pbOg6XB3Zf-743A51_GKq2dDubcye7Cg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How do I pass a list as an --extra-vars

2014-12-11 Thread Mikael Sandström 
Hi,

I got a list that looks like this

listname:  
  - name: ble
version: 1
path: /some/path
...
...


which is accessed as

- name: do something
  shell: run some command
  with_items: listname


If I want to pass the list to a playbook as an --extra-vars, how would I do 
that?

regards
/M

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bd3b24c6-0936-41a6-87ed-581142f0b354%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Service Module on Package Upgrade

2014-12-11 Thread James Cammarata 
You can also flush handlers in the middle of a play with the following task:

   - meta: flush_handlers



On Thu, Dec 11, 2014 at 10:52 AM, Matt Hughes  wrote:

> K, I will use restarted.
>
> Handler wouldn’t work as handlers work only at the end of the play to my
> knowledge. That would be too later; subsequent tasks depend on docker being
> up.
>
>
>
>
>
> On December 11, 2014 at 10:59:32 AM, James Cammarata (
> jcammar...@ansible.com) wrote:
>
> Hi Matt, this appears to be an issue with the docker init script I'd say,
> which is only looking at the PID file and not the process it's supposed to
> be referring to. I would continue to use state=restarted, and simply modify
> that to either be a handler (notified by the install) or to have it use a
> when: statement, which could check to see if the install actually changed
> something before trying to restart the service.
>
> Hope that helps!
>
>
> On Thu, Dec 11, 2014 at 9:50 AM, Matt Hughes 
> wrote:
>
>> If I try and upgrade a package that has already been started, 'service'
>> module doesn't seem to behave:
>>
>>
>> - name: Install Docker
>>   yum: name=docker-io-1.3.1 state=installed
>> - name: Start Docker
>>   service: name=docker state=started
>>
>>
>> If Docker has already been installed and started and we just upgraded,
>> 'service' module blows up with:
>>
>> /var/run/docker.pid still exists...
>>
>>
>>
>> I have to manually issue a service state=restarted command to get hosts
>> back in line.  Is Docker misbehaving or should 'service' be smarter in this
>> case?
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/1f46ebe4-2972-419a-b00d-f214d1ef0ba5%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/N6jYWgvRgeM/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAMFyvFj2SmRN2L_Obz5160UExiWgfk34R-f4FMHVUdH5_zWn%3Dg%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFjbNPQv%3DbANNdQ9X-hhb%2BFAcKYSnmBRV0g6xXrP9ccK4Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible fails to restart if handler is broken?

2014-12-11 Thread Michael DeHaan 
No, you actually use that after.

If you had a failure and you needed a handler to run on the next run
because something should have triggered but did not, you can use that flag.

The retry suggestion has been made before.


On Thu, Dec 11, 2014 at 11:54 AM, Petros Moisiadis 
wrote:

>  On 12/11/14 18:15, Michael DeHaan wrote:
>
> Don't see how this is a bug.  Can you elaborate.
>
>  Tried --force-handlers ?
>
>
> The option --force-handlers will work only proactively. You must use it
> _before_ the failure occurs. However, this is almost never the case.
> Normally, you don't expect your playbook tasks to fail.
> A much better solution would be to extend retry files to include handlers
> that have already been notified before the failure, so that when using the
> retry files, these handlers are pre-notified regardless of the results of
> the tasks that notify them normally. I guess that would be a nice feature
> for v2. :)
>
>
>
> On Tue, Dec 9, 2014 at 10:00 PM, Kevin Burton 
> wrote:
>
>> this is a bug...
>>
>>  TASK: [pdns-recursor | recursor.conf file]
>>> 
>>> changed: [10.56.252.12]
>>> ERROR: change handler (restart pdns-recursor) is not defined
>>
>>
>>  ... so my issue was that the handler wasn't defined (typo).  So now it
>> has a new file, and the daemon NEEDS to be restarted , but it isn't.
>>
>> Now, when I run ansible again, it does NOT restart the daemon, because
>> the template is already updated.
>>
>> The solution here would obviously need to restart the daemon and properly
>> run the handler.
>>
>> I think the fix is to revert the 'template' so that the previous file was
>> used.
>>--
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/de02e7e4-b996-4f1c-b4df-0bd773512d7f%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyv%3DeMYD9aWe%2B%3DZT6rPUDT7X2T0PNLK6FT6RYTbPfQn1w%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyXeOxYO6%3DG0E8f1sK7urAbMQT8%3D9BSHVLViWfnz6bjjw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Service Module on Package Upgrade

2014-12-11 Thread Matt Hughes 
K, I will use restarted.

Handler wouldn’t work as handlers work only at the end of the play to my 
knowledge. That would be too later; subsequent tasks depend on docker being up.





On December 11, 2014 at 10:59:32 AM, James Cammarata (jcammar...@ansible.com) 
wrote:

Hi Matt, this appears to be an issue with the docker init script I'd say, which 
is only looking at the PID file and not the process it's supposed to be 
referring to. I would continue to use state=restarted, and simply modify that 
to either be a handler (notified by the install) or to have it use a when: 
statement, which could check to see if the install actually changed something 
before trying to restart the service.

Hope that helps!


On Thu, Dec 11, 2014 at 9:50 AM, Matt Hughes  wrote:
If I try and upgrade a package that has already been started, 'service' module 
doesn't seem to behave:


- name: Install Docker
  yum: name=docker-io-1.3.1 state=installed
- name: Start Docker
  service: name=docker state=started


If Docker has already been installed and started and we just upgraded, 
'service' module blows up with:

/var/run/docker.pid still exists...



I have to manually issue a service state=restarted command to get hosts back in 
line.  Is Docker misbehaving or should 'service' be smarter in this case?
--
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1f46ebe4-2972-419a-b00d-f214d1ef0ba5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the Google 
Groups "Ansible Project" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/ansible-project/N6jYWgvRgeM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFj2SmRN2L_Obz5160UExiWgfk34R-f4FMHVUdH5_zWn%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/etPan.5489cbb5.1190cde7.8e8a%40Matthews-MacBook-Pro.local.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Michael DeHaan 
"Anyway... is there a way of breaking out of a loop or would patches be
accepted to provide such a mechanism?"

Still want to understand your use case before we start talking
implementation and language changes to find the best way to express the
construct.

Ultimately Ansible isn't a arbitrary scripting language, and I don't want
to make it one - but we do want to find the best possible way to express
what you may want to express.




On Thu, Dec 11, 2014 at 11:33 AM, Hugh Saunders  wrote:

> On 11 December 2014 at 16:18, Michael DeHaan  wrote:
>
>> if you are downloading tars of git repos from GitHub from lots of
>> production servers, that seems to be a bit of a bad practice to me that
>> assaults the mirror.
>>
>> I would consider setting up a mirror of all that content on one server
>> initially and then have your individual production nodes download off that
>> box.
>>
>
> I haven't said that I had multiple servers downloading the same content.
>
> Anyway... is there a way of breaking out of a loop or would patches be
> accepted to provide such a mechanism?
>
> --
> Hugh Saunders
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAAD%2BY3VzJH1cLe6QOBC%3DQ9z_YtZSes15Q0o%2BPj-Zd%2BEKgqKXFA%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgycRkqb-7FVuGy_2m%2BpT96muC4OZ3nfMfFRXOhb9n_DaQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Hugh Saunders 
On 11 December 2014 at 16:18, Michael DeHaan  wrote:

> if you are downloading tars of git repos from GitHub from lots of
> production servers, that seems to be a bit of a bad practice to me that
> assaults the mirror.
>
> I would consider setting up a mirror of all that content on one server
> initially and then have your individual production nodes download off that
> box.
>

I haven't said that I had multiple servers downloading the same content.

Anyway... is there a way of breaking out of a loop or would patches be
accepted to provide such a mechanism?

--
Hugh Saunders

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAD%2BY3VzJH1cLe6QOBC%3DQ9z_YtZSes15Q0o%2BPj-Zd%2BEKgqKXFA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Michael DeHaan 
if you are downloading tars of git repos from GitHub from lots of
production servers, that seems to be a bit of a bad practice to me that
assaults the mirror.

I would consider setting up a mirror of all that content on one server
initially and then have your individual production nodes download off that
box.






On Thu, Dec 11, 2014 at 11:09 AM, Hugh Saunders  wrote:

> On 11 December 2014 at 16:00, Michael DeHaan  wrote:
>
>> "I would like to be able to exit a with_items loop based on the result
>> of the previous iteration. Think of it as a generalisation of
>> with_first_found. "
>>
>> Would like to step back to use cases first before we propose it be done
>> with the "with_" here, as that's not how that part works.
>>
>> Curious what kinds of files you are downloading - for instance, package
>> managers like yum already do this, etc.
>>
>
> In this particular instance, I am downloading tars of git repos.
>
> See also the second use case, its a bit of an edge case but shows that a
> general answer may be more useful than fixing a specific module. For
> example the file download case could be solved by modifying they get_url
> module to take a list of sources, but that only solves one specific case.
> Add the functionality to core and it can be used with any module.
>
> I'm also not sure a new with_ is needed, maybe access to another variable
> within loop conditionals, or a new conditional such as break_when?
>
> --
> Hugh Saunders
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAAD%2BY3Vh7uwrAwTVVcDf-MkbciLOTn%3Dj-5WSbq9OQu%3D0puhR_Q%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzUAHpiKj-_bBRX1UwgrZu1phMvAMymRpj1Tq59GhBM3g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ansible fails to restart if handler is broken?

2014-12-11 Thread Michael DeHaan 
Don't see how this is a bug.  Can you elaborate.

Tried --force-handlers ?



On Tue, Dec 9, 2014 at 10:00 PM, Kevin Burton  wrote:

> this is a bug...
>
> TASK: [pdns-recursor | recursor.conf file]
>> 
>> changed: [10.56.252.12]
>> ERROR: change handler (restart pdns-recursor) is not defined
>
>
> ... so my issue was that the handler wasn't defined (typo).  So now it has
> a new file, and the daemon NEEDS to be restarted , but it isn't.
>
> Now, when I run ansible again, it does NOT restart the daemon, because the
> template is already updated.
>
> The solution here would obviously need to restart the daemon and properly
> run the handler.
>
> I think the fix is to revert the 'template' so that the previous file was
> used.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/de02e7e4-b996-4f1c-b4df-0bd773512d7f%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgyv%3DeMYD9aWe%2B%3DZT6rPUDT7X2T0PNLK6FT6RYTbPfQn1w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Hugh Saunders 
On 11 December 2014 at 16:00, Michael DeHaan  wrote:

> "I would like to be able to exit a with_items loop based on the result of
> the previous iteration. Think of it as a generalisation of
> with_first_found. "
>
> Would like to step back to use cases first before we propose it be done
> with the "with_" here, as that's not how that part works.
>
> Curious what kinds of files you are downloading - for instance, package
> managers like yum already do this, etc.
>

In this particular instance, I am downloading tars of git repos.

See also the second use case, its a bit of an edge case but shows that a
general answer may be more useful than fixing a specific module. For
example the file download case could be solved by modifying they get_url
module to take a list of sources, but that only solves one specific case.
Add the functionality to core and it can be used with any module.

I'm also not sure a new with_ is needed, maybe access to another variable
within loop conditionals, or a new conditional such as break_when?

--
Hugh Saunders

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAD%2BY3Vh7uwrAwTVVcDf-MkbciLOTn%3Dj-5WSbq9OQu%3D0puhR_Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to convince ansible-playbook to colorize output?

2014-12-11 Thread Michael DeHaan 
Actually, it's just

export ANSIBLE_FORCE_COLOR=True

unset the variable to remove the behavior




On Thu, Dec 11, 2014 at 10:31 AM, Brian Coca  wrote:

> try setting the environment variable in your master's shell
> ANSIBLE_COLOR=True
>
>
>
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJ5XC8mhWL0AhVSUq5JHHhOQ8HFdV1nS6N5F0emzdvYtLJzwng%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzAcwbVZ89NJCpKFhJv87u2ShmBjVO9UFs%3DceJZ7dKiww%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Michael DeHaan 
"I would like to be able to exit a with_items loop based on the result of
the previous iteration. Think of it as a generalisation of
with_first_found. "

Would like to step back to use cases first before we propose it be done
with the "with_" here, as that's not how that part works.

Curious what kinds of files you are downloading - for instance, package
managers like yum already do this, etc.



On Thu, Dec 11, 2014 at 10:41 AM, Hugh Saunders  wrote:

> Hi All,
> I've been asking on IRC,  twitter
> , and github
>  about this and was asked
> to post to the ML as well so here goes :)
>
> I would like to be able to exit a with_items loop based on the result of
> the previous iteration. Think of it as a generalisation of
> with_first_found.
>
> Two use cases:
>
>1. I have a list of mirrors known to host file, I want to iterate over
>that list until I successfully retrieve the file, then stop iterating. No
>point in downloading the file multiple times.
>2. I have a git ref (branch/tag) and a list of mirrors of that repo (
>git.openstack.org, github.com), I want to resolve that ref to a SHA
>without cloning the repo. Run git ls-remote via shell passing in each
>remote url in turn until the ref is successfully resolved. No point in
>resolving it twice. Note that for this use case I do not want to clone the
>repo.
>
> I'm sure there are other situations where it would be useful to break out
> of a loop.
>
> As explained in the issue, I can think of two ways of doing this, both
> would require modifications to ansible:
>
>1. Add previous_iteration variable for use in when clause, eg when:
>previous_iteration | failed
>2. Allow registered variable to be used within a loop, eg when:
>shell_result['results'][-1].rc != 0
>
>
> Thanks for any insight.
>
> --
> Hugh Saunders
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/be63ee7b-502b-40a8-a776-cf05d8534c1c%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BnsWgzi%3DOhWEfGgVQ0pdZcQW8F1nLcTvoHi9H8ATPUO0es01g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Service Module on Package Upgrade

2014-12-11 Thread James Cammarata 
Hi Matt, this appears to be an issue with the docker init script I'd say,
which is only looking at the PID file and not the process it's supposed to
be referring to. I would continue to use state=restarted, and simply modify
that to either be a handler (notified by the install) or to have it use a
when: statement, which could check to see if the install actually changed
something before trying to restart the service.

Hope that helps!


On Thu, Dec 11, 2014 at 9:50 AM, Matt Hughes  wrote:

> If I try and upgrade a package that has already been started, 'service'
> module doesn't seem to behave:
>
>
> - name: Install Docker
>   yum: name=docker-io-1.3.1 state=installed
> - name: Start Docker
>   service: name=docker state=started
>
>
> If Docker has already been installed and started and we just upgraded,
> 'service' module blows up with:
>
> /var/run/docker.pid still exists...
>
>
>
> I have to manually issue a service state=restarted command to get hosts
> back in line.  Is Docker misbehaving or should 'service' be smarter in this
> case?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1f46ebe4-2972-419a-b00d-f214d1ef0ba5%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFj2SmRN2L_Obz5160UExiWgfk34R-f4FMHVUdH5_zWn%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Service Module on Package Upgrade

2014-12-11 Thread Matt Hughes 
If I try and upgrade a package that has already been started, 'service' 
module doesn't seem to behave:


- name: Install Docker
  yum: name=docker-io-1.3.1 state=installed
- name: Start Docker
  service: name=docker state=started


If Docker has already been installed and started and we just upgraded, 
'service' module blows up with:

/var/run/docker.pid still exists...



I have to manually issue a service state=restarted command to get hosts 
back in line.  Is Docker misbehaving or should 'service' be smarter in this 
case?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1f46ebe4-2972-419a-b00d-f214d1ef0ba5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Exit with_items loop after first success?

2014-12-11 Thread Hugh Saunders 
Hi All, 
I've been asking on IRC,  twitter 
, and github 
 about this and was asked 
to post to the ML as well so here goes :)

I would like to be able to exit a with_items loop based on the result of 
the previous iteration. Think of it as a generalisation of 
with_first_found. 

Two use cases: 

   1. I have a list of mirrors known to host file, I want to iterate over 
   that list until I successfully retrieve the file, then stop iterating. No 
   point in downloading the file multiple times.
   2. I have a git ref (branch/tag) and a list of mirrors of that repo 
   (git.openstack.org, github.com), I want to resolve that ref to a SHA 
   without cloning the repo. Run git ls-remote via shell passing in each 
   remote url in turn until the ref is successfully resolved. No point in 
   resolving it twice. Note that for this use case I do not want to clone the 
   repo. 

I'm sure there are other situations where it would be useful to break out 
of a loop. 

As explained in the issue, I can think of two ways of doing this, both 
would require modifications to ansible: 

   1. Add previous_iteration variable for use in when clause, eg when: 
   previous_iteration | failed
   2. Allow registered variable to be used within a loop, eg when: 
   shell_result['results'][-1].rc != 0
   

Thanks for any insight. 

--
Hugh Saunders

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/be63ee7b-502b-40a8-a776-cf05d8534c1c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] inconsistant when accessing fact attributes

2014-12-11 Thread James Cammarata 
Hi Steve,

Could you open an issue on github for this? My guess would be that the
target OS being detected is different between the runs, and the differing
methods used for each OS are returning the inconsistent results. We can
definitely look into that.

Thanks!

On Wed, Dec 10, 2014 at 9:54 PM, Steve Kieu  wrote:

> Hi Team,
>
> When I first create a docker container which is centos6 based. Run ansible
> setup and the fact return for  "ansible_selinux" is a boolean.
>
> After a while not sure what has been done if runs setup again - the value
> now is a dict.
>
> "ansible_selinux": {
> "status": "disabled"
> },
>
> That makes harder in the condition I use. Should we have the dict at the
> beginning?
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/401be86f-a99d-4f4b-b58f-6d2dddf08f23%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFgcn9hDxQL87xJsJRtuSoUzk4uwa2WAUjQ3sc_fZAqKZQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] msg: Failed to find required executable mysql

2014-12-11 Thread James Cammarata 
Hi Marti, can you share any details about how the mysql binary was
installed? Was it via a tar or package? I'm very curious as to why it would
fail in one instance but not when re-run.

On Thu, Dec 11, 2014 at 3:58 AM, Marti Butler  wrote:

> Hi
>
> I am importing an SQL file into my already created DB but getting the
> above error:
>
> - name: import database
>   mysql_db: name=DB state=import target=DB.sql login_user=root
> login_host=localhost login_unix_socket=/var/lib/mysql/tmp/mysqld
> login_password=''
>
> Error:
> msg: Failed to find required executable mysql
>
> When I run this again it is fine and imports correctly.  Anybody else been
> having this issue please?
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/76195472-d778-48cf-9d29-0eb0d96587e7%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFh83iijk%3DLS-41Z60s09nq2n7S1UfK8-iX6%3DYsNWKp1jg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] msg: Failed to find required executable mysql

2014-12-11 Thread Marti Butler 
Hi

I am importing an SQL file into my already created DB but getting the above 
error:

- name: import database 
  mysql_db: name=DB state=import target=DB.sql login_user=root 
login_host=localhost login_unix_socket=/var/lib/mysql/tmp/mysqld 
login_password=''

Error:
msg: Failed to find required executable mysql

When I run this again it is fine and imports correctly.  Anybody else been 
having this issue please?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/76195472-d778-48cf-9d29-0eb0d96587e7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Pinging another machine using AWS/ec2 dynamic inventory

2014-12-11 Thread James Cammarata 
Hi Sven, this is most likely due to the caching of data by the inventory
script. You can set "cache_max_age = 0" in your ec2.ini to disable caching,
to see if that helps.

On Thu, Dec 11, 2014 at 4:33 AM, Sven Ehlert  wrote:

> Hi all,
>
> I have a rather simple usecase for which I don't seem to find an answer.
>
> How can I ping a AWS/ec2 instance from another instance in a different
> play? I'm using the dynamic inventory.
>
> The scenario is like this:
>
> I create two ec2 instance in a play like this:
>
> ec2:
> group: "{{ security_group }}"
> instance_type: "{{ instance_type }}"
> image: "{{ image }}"
> region: "{{ region }}"
> key_name: "{{ keypair }}"
> instance_tags:
> Name: Destination
>
>
> ec2:
> group: "{{ security_group }}"
> instance_type: "{{ instance_type }}"
> image: "{{ image }}"
> region: "{{ region }}"
> key_name: "{{ keypair }}"
> instance_tags:
> Name: Source
>
> This works well, the nodes are started and I can see them when running
> ./ec2.py
>
> Then, in another play  (ping.yml) I want to do this
>
> - name: pinging host
>   hosts: tag_Name_Source
>   remote_user: ubuntu
>
>   tasks:
>   - shell: ping {{ tag_Name_Destination }}
>
> I run it with
> ansible-playbook -i ec2.py ping.yml
> but it gives me "One or more undefined variables: 'tag_Name_Destination'
> is undefined"
>
> What is the right way to get the IP of the target machine?
>
> I'm running Ansible 1.8.2 on Ubuntu.
>
> Thanks for any hints.
> /Sven
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2e04f49d-d154-471e-89fd-0d626866ae4c%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFj7hJ_etc7_kx-w_wy7JpngbsPU5qoAAZdsOPtuFgOiGQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to convince ansible-playbook to colorize output?

2014-12-11 Thread Brian Coca 
try setting the environment variable in your master's shell ANSIBLE_COLOR=True



-- 
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJ5XC8mhWL0AhVSUq5JHHhOQ8HFdV1nS6N5F0emzdvYtLJzwng%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] register ec2 instance id and use it in ec2_ami module

2014-12-11 Thread James Cammarata 
Hi Navid, what version of Ansible are you running? You might try using
jinja2 braces around the ec2.instances variable in the with_items list, as
there was a bug recently about variables like that not expanding properly
(which should be fixed in 1.8.2).

On Thu, Dec 11, 2014 at 8:36 AM, Navid Paya  wrote:

> Hi all
> I'm trying to make some kind of automation to create an AMI out of an EC2
> instance. So I have this chunk that creates the instance:
>
> - name: Launch an Ubuntu 14.04 EC2 instance
>   hosts: localhost
>   connection: local
>   gather_facts: no
>   tasks:
>   - name: Find the latest Ubuntu AMI
> ec2_ami_search: distro=ubuntu release=trusty region=ap-southeast-1
> store=ebs-ssd virt=hvm
> register: ubuntu_image
>   - name: Start the new EC2 instance
> ec2:
>   image: "{{ ubuntu_image.ami }}"
>   region: ap-southeast-1
>   zone: ap-southeast-1b
>   instance_type: t2.small
>   vpc_subnet_id: 
>   group_id: ['sg-', 'sg-xxx']
>   key_name: random_key
>   wait: yes
>   wait_timeout: 500
> register: ec2
>   - name: Add the new instance to host group
> add_host: hostname={{ item.private_ip }} groupname=launched
> with_items: ec2.instances
>   - name: Wait for SSH to come up on the new instance
> wait_for: host={{ item.private_ip }} port=22 delay=60 timeout=320
> state=started
> with_items: ec2.instances
>
> Then I try to use the instance and generate an AMI out of that:
>
> - name: Create an AMI from the provisioned instance
>   hosts: localhost
>   connection: local
>   gather_facts: no
>   tasks:
>   - ec2_ami: region=ap-southeast-1 instance_id={{ item.id }} wait=no
> name=basebox-200
> with_items:
>   - ec2.instances
>
> - name: Delete the instance now that the AMI is created
>   hosts: localhost
>   connection: local
>   gather_facts: no
>   tasks:
>   - ec2:
>   region: ap-southeast-1
>   instance_ids: "{{ item.id }}"
>   state: 'absent'
> with_items:
>   - ec2.instances
>
> But I get errors like this:
>
>
> TASK: [ec2_ami region=ap-southeast-1 instance_id={{ item.id }} wait=no
> name=basebox-200] ***
> fatal: [localhost] => One or more undefined variables: 'str object' has no
> attribute 'id'
>
> I guess I'm missing something with iterating over a hash but can't figure
> what. Any ideas?
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/cc359c02-afd3-4c71-931d-7c5db8fde6a6%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMFyvFip1qw%2B_bFSB2YrOqHoMYPwEL%2B4%2Bgckj18Y_CnWkE3J5g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Pinging another machine using AWS/ec2 dynamic inventory

2014-12-11 Thread Sven Ehlert 
Hi all,

I have a rather simple usecase for which I don't seem to find an answer.

How can I ping a AWS/ec2 instance from another instance in a different 
play? I'm using the dynamic inventory.

The scenario is like this:

I create two ec2 instance in a play like this:

ec2:  
group: "{{ security_group }}"
instance_type: "{{ instance_type }}" 
image: "{{ image }}" 
region: "{{ region }}"
key_name: "{{ keypair }}"
instance_tags:
Name: Destination


ec2:  
group: "{{ security_group }}"
instance_type: "{{ instance_type }}" 
image: "{{ image }}" 
region: "{{ region }}"
key_name: "{{ keypair }}"
instance_tags:
Name: Source

This works well, the nodes are started and I can see them when running 
./ec2.py

Then, in another play  (ping.yml) I want to do this

- name: pinging host
  hosts: tag_Name_Source
  remote_user: ubuntu

  tasks: 
  - shell: ping {{ tag_Name_Destination }}

I run it with 
ansible-playbook -i ec2.py ping.yml
but it gives me "One or more undefined variables: 'tag_Name_Destination' is 
undefined"

What is the right way to get the IP of the target machine?

I'm running Ansible 1.8.2 on Ubuntu.

Thanks for any hints.
/Sven



   

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2e04f49d-d154-471e-89fd-0d626866ae4c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to convince ansible-playbook to colorize output?

2014-12-11 Thread Bryan Berry 
Dear Ansiblists,

I have written a tool that wraps ansible-playbook to enforce a client's 
fairly complex workflow and provides helper functions specific to their use 
case. The only thing that I lose by doing is the colorized output. Is there 
anyway I can trick ansible-playbook and other commands to output colorized 
output?


I use this invocation of subprocess.Popen to spawn the ansible playbook and 
flush the stdout

 p = subprocess.Popen('ansible-playbook . . . ', stdout=subprocess.PIPE, 
stderr=subprocess.PIPE, shell=True) 
 flush_subprocess_stdout(p.stdout)

# this function is located elsewhere
def flush_subprocess_stdout(stdout_fd):
  lines = []
  while True:
line = stdout_fd.readline()
if not line:
  break
lines.append(line)
print line.strip()
  return lines

I found these lines in ansible-playbook, which appear to determine what 
output is colorized and which is not. I also looked at the display method 
in ansible.callbacks. It's still not clear to me how I can convince 
ansible-playbook to colorize stdout.  Any suggestions?

https://github.com/ansible/ansible/blob/devel/bin/ansible-playbook#L287-L303

Bryan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d7c1b914-c464-4bbf-a331-80151524897e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] register ec2 instance id and use it in ec2_ami module

2014-12-11 Thread Navid Paya 
Hi all
I'm trying to make some kind of automation to create an AMI out of an EC2 
instance. So I have this chunk that creates the instance:

- name: Launch an Ubuntu 14.04 EC2 instance
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - name: Find the latest Ubuntu AMI
ec2_ami_search: distro=ubuntu release=trusty region=ap-southeast-1 
store=ebs-ssd virt=hvm
register: ubuntu_image
  - name: Start the new EC2 instance
ec2:
  image: "{{ ubuntu_image.ami }}"
  region: ap-southeast-1
  zone: ap-southeast-1b
  instance_type: t2.small
  vpc_subnet_id: 
  group_id: ['sg-', 'sg-xxx']
  key_name: random_key
  wait: yes
  wait_timeout: 500
register: ec2
  - name: Add the new instance to host group
add_host: hostname={{ item.private_ip }} groupname=launched
with_items: ec2.instances
  - name: Wait for SSH to come up on the new instance
wait_for: host={{ item.private_ip }} port=22 delay=60 timeout=320 
state=started
with_items: ec2.instances

Then I try to use the instance and generate an AMI out of that:

- name: Create an AMI from the provisioned instance
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - ec2_ami: region=ap-southeast-1 instance_id={{ item.id }} wait=no 
name=basebox-200
with_items:
  - ec2.instances

- name: Delete the instance now that the AMI is created
  hosts: localhost
  connection: local
  gather_facts: no
  tasks:
  - ec2:
  region: ap-southeast-1
  instance_ids: "{{ item.id }}"
  state: 'absent'
with_items:
  - ec2.instances

But I get errors like this:


TASK: [ec2_ami region=ap-southeast-1 instance_id={{ item.id }} wait=no 
name=basebox-200] ***
fatal: [localhost] => One or more undefined variables: 'str object' has no 
attribute 'id'

I guess I'm missing something with iterating over a hash but can't figure 
what. Any ideas?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cc359c02-afd3-4c71-931d-7c5db8fde6a6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Unexpected "Item is undefined"

2014-12-11 Thread Capi Etheriel 
Thanks. I had misunderstood how with_items were expanded.
I have managed to wrap my head around it, results can be seen here: 
https://github.com/barraponto/ansible-aws-vpc/blob/master/tasks/main.yml 

Em quarta-feira, 10 de dezembro de 2014 18h44min33s UTC-2, Serge van 
Ginderachter escreveu:
>
>
>
> On 10 December 2014 at 21:41, Capi Etheriel  > wrote:
>
>> Hi folks
>>
>> I got kind of stuck with 
>> https://gist.github.com/barraponto/a14c264a7755c8371ade
>>
>
> ​kast line(13) in the task file, the indent of with_items is wrong:
>
> with_items: aws_vpc_subnets
>
> ​
>  
> ​Indent should be the same as the name: of the task
>
> ​
>
>> It's in a role as you can see. I've gisted the only files I edited in it.
>> The problem is it says item is not defined:
>>
>> fatal: [localhost] => One or more undefined variables: 'item' is undefined
>>
>> I'm running with - but I can't get any better debug output, that is 
>> all :(
>> The thing is, I believe it *should* work. I can't see what's the issue 
>> here...
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/dd3ec46e-3a94-4809-b0e8-152d4e7733af%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fe8bf92f-8285-48a7-8c65-5f8311a143ce%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.