Re: [ansible-project] Ansible zabbix module issues

[Kai Stian Olstad]

On 24.01.2018 07:52, Andrew Morgan wrote:

I keep getting the error:

TASK [This is installation]
**
fatal: [zabbix_server]: FAILED! => {"changed": false, "msg": "Missing
required zabbix-api module (check docs or install with: pip install
zabbix-api)"}
to retry, use: --limit @/ansible/playbook.retry


I have installed pip zabbix-api , zabbix_api, pyzabbix and neither 
works. I

have even tried installing them to the targe directory ansible has as
python module location /usr/lib/python2.6/site-packages/ansible
 but I still get that error.Can someone please help.


In the documentation[1] is says
"Requirements (on host that executes module)"

So you need to install it on the remote host, zabbix_server in your 
case. so just add this task to you play


- name: Install requirement
  pip:
name: zabbix-api


[1] 
http://docs.ansible.com/ansible/latest/zabbix_maintenance_module.html


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fd6194c8d4b3986986e231ad1afb02a5%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: msg: Failed to find required executable mysql

[Mona Gopal]

Hi, 


We are facing similar issue. The only difference being this error occurs at 
all times. Also to mention we are running this playbook on an AWS instance. 
On other servers and VM's it has worked before.
Any help would be appriciated.

Thanks in advance,
Mona 

On Thursday, December 11, 2014 at 3:28:14 PM UTC+5:30, Marti Butler wrote:
>
> Hi
>
> I am importing an SQL file into my already created DB but getting the 
> above error:
>
> - name: import database 
>   mysql_db: name=DB state=import target=DB.sql login_user=root 
> login_host=localhost login_unix_socket=/var/lib/mysql/tmp/mysqld 
> login_password=''
>
> Error:
> msg: Failed to find required executable mysql
>
> When I run this again it is fine and imports correctly.  Anybody else been 
> having this issue please?
>
> Thanks
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8ff6720d-4c6b-4028-85b0-fab4b1104b88%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible zabbix module issues

[Andrew Morgan]

Hello All, 

My ansible module is 

ansible 2.4.2.0
  config file = /ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u
'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.7 
20120313 (Red Hat 4.4.7-17)]


my play is 

- hosts: zabbix

  tasks:
  - name: This is installation
zabbix_maintenance:
 name: Zabbix123
 host_groups: Discovered host,Linux servers
 state: present
 minutes: 90
 server_url: http://zabbix.socialpatrol.net
 login_user: Admin
 login_password: yORKKEI1!
 desc: Setting up maintenance window for builds


my issue is that when I try to run ansible-playbook playbook.yaml

I keep getting the error:

TASK [This is installation] 
**
fatal: [zabbix_server]: FAILED! => {"changed": false, "msg": "Missing 
required zabbix-api module (check docs or install with: pip install 
zabbix-api)"}
to retry, use: --limit @/ansible/playbook.retry


I have installed pip zabbix-api , zabbix_api, pyzabbix and neither works. I 
have even tried installing them to the targe directory ansible has as 
python module location /usr/lib/python2.6/site-packages/ansible
 but I still get that error.Can someone please help.


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fcf2e329-5d24-4cb6-81e1-d8769cf66e7d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Simple cisco IOS show version

[Surjeet Singh]

Thank you for your response. Please excuse me for my multiple question i am
new to this programming world.

now i manage to collect the facts using the ansible get_fact module. i will
further spend time today for regular expression.

my playbook looks like below:

---
- name: collect device facts and display OS version
  hosts: "{{ inventory | default('all') }}"
  gather_facts: false
  connection: local
  ignore_errors: yes

  vars:
cli:
  host: "{{ inventory_hostname }}"
  username: cisco
  password: cisco

  tasks:
- ios_facts:
  gather_subset: all
  provider: "{{ cli }}"
  register: facts_output

- debug: var=facts_output.ansible_facts.ansible_net_hostname
- debug: var=facts_output.ansible_facts.ansible_net_version
- debug: var=facts_output.ansible_facts.ansible_net_model

- name: write the inventory in into file
  copy: content="{{ facts_output.ansible_facts.ansible_net_hostname,
facts_output.ansible_facts.ansible_net_version ,
facts_output.ansible_facts.ansible_net_model }}" dest="facts/iosfacts.txt"

now my question is there any way to copy this information excel for all
devices because currently i am getting information for only one
device.since information is getting overwrite everytime instead of append.

can we use loop to achieve above task ?



Regards,
*Surjeet Singh*
Technical Specialist – Networks DATA
CCNA, CCNP(R)
Cell : +917838707047

To become bigger person,need to walk with bigger Vision 

On Tue, Jan 23, 2018 at 9:20 PM, Claudia de Luna  wrote:

> Hi Surjeet,
>
> My intent with the second message was to show you the power of the
> ios/nxos facts modules.  These modules return device information in a
> structured way so that you don't have to mine your output with regular
> expressions if it returns the data you are looking for.  With the ios facts
> module you get version, serial number, ip addresses (ipv4/6), hostname,
> etc..
>
> If you take the output and paste it into http://jsoneditoronline.org/ you
> can "decompose" the ansible_facts object.   Here is the first part so you
> can see that ansible_facts is a dictionary and the first key is
> ansible_net_all_ipv4_addresses and the value is a list with two IPs (the
> two IPv4 ips this switch has configured).  The next key would hold all the
> IPv6 IPs in list but as you can see the list is empty [] because I don't
> have ipv6 configured on this switch.
>
>>
>> "ansible_facts": {
>> "ansible_net_all_ipv4_addresses": [
>> "10.1.10.25",
>> "192.0.2.33"
>> ],
>> "ansible_net_all_ipv6_addresses": [],
>> "ansible_net_filesystems": [
>> "flash:"
>> ],
>>
>
> In this  playbook I use the ios_facts module to get the version of code in
> the ansible_net_version key value pair that is part of the ansible_facts
> "dictionary".
>
>   tasks:
>> - name: Gather IOS Facts
>>   ios_facts:
>
>
>
> so the last line
>
> debug: var=facts_output.ansible_facts.ansible_net_version
>
>
> is just printing the value of the ansible_net_version key from the
> ansible_facts dictionary returned by the ios_facts module that I stuffed in
> a varialbe called "facts_output"
>
> Having said all of that, there are many scenarios where you will need to
> parse your output for data that has not been nicely packaged up for us in
> these ansible modules so it is a valuable skill with many approaches.  You
> want to use the one you are most comfortable with but you also don't want
> to work any harder than you have to!
>
> Here are some of the approaches I'm aware of and maybe others can chime in
> with what works for them.
>
> *1.  embed regexp in the command you send with the ios_command module.*
> Here is sample output from the attached playbook.  I'm just sending the
> regexp as part of the command as you would if you were in the CLI.
> Ethan Banks at Packet Pushers does a nice little summary
> and I'm
> sure you can Google a bunch more
>
> root@e8d7daa45b5b:/ansible/ansible2_4_base# ansible-playbook -i hosts
>> get_ios_cmd_filter.yml
>> PLAY [cisco] 
>> 
>> 
>> TASK [Show command with embedded regexp inc connected for all Conneced
>> interfaces] 
>> **
>> ok: [arctic-3650] => (item=show int status | inc connected)
>> TASK [debug] 
>> 
>> 
>> ok: [arctic-3650] => {
>> "output.results[0].stdout_lines": [
>> [
>> "Gi1/0/4  connected1  a-full
>> a-1000 10/100/1000BaseTX"
>> ]

[ansible-project] per-host proxy setting

[Sureshkumar Kaliannan]

Hi,

Can https_proxy be set on a per-host basis for e.g,

[nodes]
NFL-00053.abc.com ansible_ssh_port=16385 ansible_ssh_host=localhost 
https_proxy=http://192.168.101.1:3128

This doesn't seem to work. 

The https_proxy looks like needs to be setup as an environment variable in 
a playbook.

  environment:
https_proxy: "{{ https_proxy }}"

But then this would apply to all hosts...

Can environment section be generated per-host from the inventory script?

I'm using ansible 2.3

thanks a lot for any guidance
Suresh

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6500cecf-e538-45e0-8e03-2c847ac3b6d9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Setting variables from within a plugin

[thebearup]

Any pointers on writing data to a task variable from within a plugin? I've 
looked at the host_group_vars plugin (which just returns a dictionary) and 
at the templar (set_available_variables). I can get the current variables 
and "write" to them but the variable I set doesn't seem to be persisted. 
Most likely I'm getting a copy of the actual vars.

Background: I'm working on a solution to do phased deployment over 
sequentialruns. E.g. target group A on this run, then group B on the 
subsequent run. This consists of a lookup plugin (which determines which 
group to target) and a strategy plugin (which captures/manages the state of 
one run to the next). All I need at the moment is to persist the group 
selected by the lookup plugin so that it can be found by the strategy 
plugin. I could write this to a file on disk or a static variable etc, but 
writing to a var seemed like the cleanest approach.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5e2cbfaf-e4c4-48f8-a20f-2b484e51e202%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible jsnapy issue

[Alvaro Arriola]

Here's the command that ansible mentions that fails, you can see I can 
import it with no issues:

(juniper1) aarriola@linux:~$ python
Python 2.7.3 (default, Oct 26 2016, 21:04:23) 
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from ansible.plugins.action.normal import ActionModule as ActionNormal
>>> globals()['ActionNormal']


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a14e945a-076d-4d60-8010-022d9dd09ff2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible jsnapy issue

[Alvaro Arriola]

Hello Everyone, I hope you're doing well.

I used to run ansible normal, everything was working fine, and now I moved 
everything to a virtualenv. I moved the ansible.cfg and changed the 
configuration to adjust to the new paths. I suspect the issue is with the 
past /usr/share/ansible/ , but I did change the path (also the plugin ones) 
to the virtualenv in ansible.cfg:

library  = ~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/ 

action_plugins = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/action
callback_plugins   = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/callback
connection_plugins = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/connection
lookup_plugins = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/lookup
vars_plugins   = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/vars
filter_plugins = 
~/mine/ve/juniper1/lib/python2.7/site-packages/ansible/plugins/filter

I have an issue which really doesn't make sense to me and maybe I'm missing 
something. When using ansible for module juniper_junos_jsnapy I get the 
following error (I can run everything on jsnapy as a python module in a 
script, so it's an issue with ansible not jsnapy).

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py", line 
399, in 
main()
  File "/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py", line 
257, in main
juniper_junos_common = import_juniper_junos_common()
  File "/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py", line 
248, in import_juniper_junos_common
import juniper_junos_common
  File 
"/home/aarriola/etc/ansible/roles/Juniper.junos/module_utils/juniper_junos_common.py",
 
line 39, in 
from ansible.plugins.action.normal import ActionModule as ActionNormal
ImportError: No module named plugins.action.normal

fatal: [mx960_nap_1]: FAILED! => {
"changed": false, 
"module_stderr": "Traceback (most recent call last):\n  File 
\"/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py\", line 399, 
in \nmain()\n  File 
\"/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py\", line 257, 
in main\njuniper_junos_common = import_juniper_junos_common()\n  File 
\"/tmp/ansible_05PG1b/ansible_module_juniper_junos_jsnapy.py\", line 248, 
in import_juniper_junos_common\nimport juniper_junos_common\n  File 
\"/home/aarriola/etc/ansible/roles/Juniper.junos/module_utils/juniper_junos_common.py\",
 
line 39, in \nfrom ansible.plugins.action.normal import 
ActionModule as ActionNormal\nImportError: No module named 
plugins.action.normal\n", 
"module_stdout": "", 
"msg": "MODULE FAILURE", 
"rc": 0
}

I am able to open python in the same virtualenv and run "from 
ansible.plugins.action.normal import ActionModule as ActionNormal" without 
issues. 
I already made sure that the ansible.cfg file is the one I modified 
properly. And seems ansible is able to use inventory plugin ok:

ansible-playbook 2.4.2.0
  config file = /home/aarriola/.ansible.cfg
  configured module search path = 
[u'/home/aarriola/mine/ve/juniper1/lib/python2.7/site-packages/ansible']
  ansible python module location = 
/home/aarriola/mine/ve/juniper1/local/lib/python2.7/site-packages/ansible
  executable location = /home/aarriola/mine/ve/juniper1/bin/ansible-playbook
  python version = 2.7.3 (default, Oct 26 2016, 21:04:23) [GCC 4.6.3]
Using /home/aarriola/.ansible.cfg as config file
setting up inventory plugins
Parsed /home/aarriola/etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from 
/home/aarriola/mine/ve/juniper1/local/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc
Loading callback plugin jsnapy of type aggregate, v2.0 from 
/home/aarriola/mine/ve/juniper1/local/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc

Like I mentioned before, jsnapy works fine as a module in a script. I would 
really appreciate any help I can get. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7cb8c5d3-04b0-485c-97ab-0707a5fe2505%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] include_tasks: multipe yml files

[John Harmon]

Doh!  I could kick myself.  I should have known that.  Thank you.

On Tuesday, January 23, 2018 at 3:47:34 PM UTC-7, Uwe Sauter wrote:
>
> What about: 
>
> - include_tasks: '{{ item }}' 
>with_items: 
>  - test.yml 
>  - test2.yml 
>  - test3.yml 
>when:install_type |lower |search ("n") 
>
> Am 23.01.2018 um 23:44 schrieb John Harmon: 
> > I can't seem to find examples on this that show more than one task/yml 
> file.  How can I specify multiple files for 
> > include_tasks? 
> > 
> > | 
> > -include_tasks:test.yml,test2.yml,test3.yml 
> > when:install_type |lower |search ("n") 
> > | 
> > 
> > The above looks for a file called "|test.yml,test2.yml,test3.yml".  I 
> want it to search for 3 individual files. 
> > | 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to 
> > ansible-proje...@googlegroups.com   ansible-project+unsubscr...@googlegroups.com >. 
> > To post to this group, send email to ansible...@googlegroups.com 
>  . 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/58b055cd-35df-4f6e-ad7e-cf66f9cb2aaf%40googlegroups.com
>  
> > <
> https://groups.google.com/d/msgid/ansible-project/58b055cd-35df-4f6e-ad7e-cf66f9cb2aaf%40googlegroups.com?utm_medium=email_source=footer>.
>  
>
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ceac1d22-2db9-4c3f-a1e4-ce90a7960075%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] include_tasks: multipe yml files

[Uwe Sauter]

What about:

- include_tasks: '{{ item }}'
  with_items:
- test.yml
- test2.yml
- test3.yml
  when:install_type |lower |search ("n")

Am 23.01.2018 um 23:44 schrieb John Harmon:
I can't seem to find examples on this that show more than one task/yml file.  How can I specify multiple files for 
include_tasks?


|
-include_tasks:test.yml,test2.yml,test3.yml
when:install_type |lower |search ("n")
|

The above looks for a file called "|test.yml,test2.yml,test3.yml".  I want it 
to search for 3 individual files.
|

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 
ansible-project+unsubscr...@googlegroups.com .

To post to this group, send email to ansible-project@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/58b055cd-35df-4f6e-ad7e-cf66f9cb2aaf%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/51db69ae-b08f-5ff3-7c4d-20857fc2a5bd%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] include_tasks: multipe yml files

[John Harmon]

I can't seem to find examples on this that show more than one task/yml 
file.  How can I specify multiple files for include_tasks?

- include_tasks: test.yml, test2.yml, test3.yml
  when: install_type | lower | search ("n")

The above looks for a file called "test.yml, test2.yml, test3.yml".  I want 
it to search for 3 individual files.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/58b055cd-35df-4f6e-ad7e-cf66f9cb2aaf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Any tips on working with SQL Express on Windows

[Justin Seiser]

I think i can work from that, so thanks.  My real issue is how to get the 
return of those powershell commands.  Im sure im missing it in the ansible 
documentation but I dont know how to register and access the output of the 
script itself.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6fd019ad-a9c5-4ed2-8ccd-1bc19d8761af%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Bug: ansible json cache not always invalidated when switching between non/privileged plays

[Budding Mechanic]

I found an issue in ansible 2.4.2.0.  This may have existed in previous 
versions.

[defaults]
callback_whitelist = timer
fact_caching = jsonfile
fact_caching_connection = ./.fact_cache
gathering = smart
host_key_checking = False
inventory = ./inventories
log_path = /tmp/ansible.${USER}.log
roles_path = ./roles

The issue revolves around the cache file not being invalidated when 
different parameters are used to fetch the facts.

In the example below, the root_fact will not be printed and an error is 
raised.

- hosts: example_host
  gather_facts: true
  tasks:
  - debug:
  msg: "user_fact:  {{ user_fact }}"

- hosts: example_host
  gather_facts: true
  become: true  # fetch privileged facts
  tasks:
  - debug:
  msg: "root_fact:  {{ root_fact }}"

The reason is the first play fetched the facts and primed the cache with 
non-privileged results.  Subsequent privileged fact lookups will use the 
cache file, but the privileged facts aren't in the cache.

I consider this a bug.

And the inverse is also true; if privileged facts are obtained first then 
subsequent plays will use the cache results and those subsequent plays will 
have access to privileged facts.  In the example below, "root_fact_nonpriv" 
will be printed.

- hosts: example_host
  gather_facts: true
  become: true  # fetch privileged facts
  tasks:
  - debug:
  msg: "root_fact:  {{ root_fact }}"

- hosts: example_host
  gather_facts: true
  tasks:
  - debug:
  msg: "root_fact_nonpriv:  {{ root_fact }}"

I don't know whether I consider this a security bug, but it smells.

In both cases, subtle bugs can be introduced that can be hard to track down.

It seems to me the cache file needs to store the conditions in which it was 
retrieved.  A simple approach would be appending 'privileged' to the cache 
file and using the appropriate cache file based on whether 'become=true' is 
set.  Example:

.fact_cache/example_host # non-privileged facts
.fact_cache/example_host.privileged  # privileged facts

In summary, a fact cache file obviously needs to continue to check whether 
it's stale or not by comparing age of the file to the cache timeout.

In addition, I would argue that ansible also needs to know whether the 
cache file is privileged or not when considering whether it's stale or not.

BTW, using meta: clear_facts is a workaround not really a solution.

Thoughts?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/85e987d1-ceb0-498a-8296-73dc951d1f08%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: SSL/Certificate errors when running playbooks against Azure

[david diez]

Hi Jos,
Could you please specify what version of python and what components were 
outdated? I seem to be running into the same problem 

On Monday, December 18, 2017 at 2:15:58 PM UTC-5, JOS wrote:
>
> For anyone else that runs into this, it  looks like I had several 
> different versions of python and out dated components, I reinstalled 
> everything from scratch and no longer have this issue.
>
> On Tuesday, December 12, 2017 at 2:03:40 PM UTC-7, JOS wrote:
>>
>> Hello,
>>
>> So I have an Azure free trial subscription and am trying to deploy VMs 
>> for it through ansible.  For reference, I mostly followed this guide: 
>> https://github.com/erjosito/ansible-azure-lab
>>
>> I am unable to execute any playbook task at all, even something as simple 
>> as merely creating a resource group with a network.  Here is the error I 
>> always get:
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x318b9b0>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_uaTUwO/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 235, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 440, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 473, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
>> line 48, in raise_with_traceback\nraise 
>> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
>> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
>> retries exceeded with url: /*b4f64759-blah-blah*/oauth2/token (Caused by 
>> SSLError(SSLError(\"bad handshake: Error([('SSL routines', 
>> 'ssl3_get_server_certificate', 'certificate verify failed')],)\",),))\n", 
>> "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
>>
>>
>> I am able to connect to azure via the azure CLI create VMs and such 
>> through a bash script, but I need to get this working with ansible.
>>
>>
>> My credentials file
>>
>> subscription_id=5eff-blah-blah
>> client_id=83e09b01-blah-blah
>> secret=passwordblahblah
>> tenant=b4f64759-blah-blah
>>
>>
>>
>> Sample yml
>>
>> - name: whatever
>>   hosts: localhost
>>   connection: local
>>
>>   tasks:
>>   - name: Create virtual network
>> azure_rm_virtualnetwork:
>>   resource_group: myResourceGroup
>>   name: myVnet
>>   address_prefixes: "10.10.0.0/16"
>>
>> I have even tried modifying my credentials file to include the azure AD 
>> username & password (yes, I know this is considered bad practice, but I got 
>> desperate) and it still fails with a certificate error:
>>
>> ad_user=du...@dummy.com 
>> password=DummyLab
>> subscription_id=5eff-blah-blah
>>
>> fatal: [192.168.0.177]: FAILED! => {"changed": false, "failed": true, 
>> "module_stderr": "From cffi callback > 0x30f3938>:\nTraceback (most recent call last):\n  File 
>> \"/usr/lib/python2.7/site-packages/OpenSSL/SSL.py\", line 313, in 
>> wrapper\n_lib.X509_up_ref(x509)\nAttributeError: 'module' object has no 
>> attribute 'X509_up_ref'\nTraceback (most recent call last):\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 354, in \nmain()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 351, in main\nAzureRMVirtualNetwork()\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_module_azure_rm_virtualnetwork.py\", line 
>> 206, in __init__\nsupports_check_mode=True)\n  File 
>> \"/tmp/ansible_B6bKF3/ansible_modlib.zip/ansible/module_utils/azure_rm_common.py\",
>>  
>> line 245, in __init__\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 367, in __init__\nself.set_token()\n  File 
>> \"/usr/lib/python2.7/site-packages/msrestazure/azure_active_directory.py\", 
>> line 404, in set_token\nraise_with_traceback(AuthenticationError, \"\", 
>> err)\n  File \"/usr/lib/python2.7/site-packages/msrest/exceptions.py\", 
>> line 48, in raise_with_traceback\nraise 
>> error\nmsrest.exceptions.AuthenticationError: , SSLError: 
>> HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max 
>> retries exceeded with url: /common/oauth2/token (Caused by 
>> 

Re: [ansible-project] ERROR! Unexpected Exception, this is probably a bug: unhashable type: 'dict'

[Tim Wall]

Thanks!  I was totally blind to that...


From: ansible-project@googlegroups.com  on 
behalf of Matt Martz 
Sent: Tuesday, January 23, 2018 2:15:31 PM
To: ansible-project@googlegroups.com
Subject: Re: [ansible-project] ERROR! Unexpected Exception, this is probably a 
bug: unhashable type: 'dict'

You need to drop the `name: ` from your `notify`:

```
notify:
- restart postgres
```

On Tue, Jan 23, 2018 at 12:15 PM, 
> wrote:
Running Ansible 2.4.2.0 on OSX 10.13.2 (via macports), python version 3.6.4.

I'm running a playbook of some 100-odd tasks and this error occurs at some 
point in that operation.  I can repeatedly run the playbook and get 
successively closer to the end.

Some operations must run; if everything is skipped then no error occurs.  The 
stack trace usually seems to point to a handler, but I can't spot the error.

With "-vvv":

the full traceback was:
Traceback (most recent call last):
  File "/opt/local/bin/ansible-playbook", line 106, in 
exit_code = cli.run()
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/cli/playbook.py",
 line 130, in run
results = pbex.run()
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/executor/playbook_executor.py",
 line 154, in run
result = self._tqm.run(play=play)
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/executor/task_queue_manager.py",
 line 290, in run
play_return = strategy.run(iterator, play_context)
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/linear.py",
 line 292, in run
results += self._wait_on_pending_results(iterator)
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
 line 586, in _wait_on_pending_results
results = self._process_pending_results(iterator)
  File 
"/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
 line 470, in _process_pending_results
if handler_name in self._listening_handlers:
TypeError: unhashable type: 'dict'

It would seem that the error is happening when notifications are collected, 
e.g. one task after which the failure occurs.  Note that this is one task in 
the middle of several which do the "notify":

- name: install hiredis 0.13 shared library
  become: yes
  copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
  with_items:
- { src: "libhiredis.so.0.13", dest: "/usr/lib64/", mode: '0755' }
  tags: provision, hiredis, redis_fdw
  notify:
- name: restart postgres

The handler definition:

---
- name: restart postgres
  become: yes
  service: name="{{ pg_service }}" state=restarted
- name: reload sysctl configuration
  become: yes
  shell: sysctl -p /etc/sysctl.conf

--
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to 
ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c80ee46d-edcb-4d7f-8bd3-99de620df508%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.



--
Matt Martz
@sivel
sivel.net

--
You received this message because you are subscribed to a topic in the Google 
Groups "Ansible Project" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/ansible-project/6aqZBCG6I8k/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to 
ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v-rmOtBT8-5DOs6sz-kUctO296DHvT6U0Lks7t1BRtzdA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 

Re: [ansible-project] Questions regarding "when: condition"

[John Harmon]

Oh, I like that.  Thank you.

On Tuesday, January 23, 2018 at 12:35:15 PM UTC-7, Kai Stian Olstad wrote:
>
> On Monday, 22 January 2018 23.55.22 CET John Harmon wrote: 
> >   when: ansible_hostname | lower | search("item") 
> > #  when: ansible_hostname | lower | search("prod") or 
> > #ansible_hostname | lower | search("backup") or 
> > #ansible_hostname | lower | search("nfs") or 
> > #ansible_hostname | lower | search("ansible") 
> >   with_items: 
> > - prod 
> > - backup 
> > - nfs 
> > - ansible 
> >   failed_when: false 
> > 
> > So, I have a couple of questions. 
> > 1.  What would be the proper way to see if the hostname contains "splat" 
> > using with_items?   
>
> You got the answer from Matt, and that should work. 
>
> An alternative is to not use with_items but just use regex or. 
>
>   when: ansible_hostname | lower is search("prod|backup|nfs|ansible") 
>
> > 2.  What would be the reverse of this?  (ie not in, or not contained, 
> etc) 
>
>   when: not (ansible_hostname | lower is 
> search("prod|backup|nfs|ansible")) 
>
>
> -- 
> Kai Stian Olstad 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7bfe8e22-a30e-4810-bdb6-c454e6060248%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Questions regarding "when: condition"

[Kai Stian Olstad]

On Monday, 22 January 2018 23.55.22 CET John Harmon wrote:
>   when: ansible_hostname | lower | search("item")
> #  when: ansible_hostname | lower | search("prod") or
> #ansible_hostname | lower | search("backup") or
> #ansible_hostname | lower | search("nfs") or
> #ansible_hostname | lower | search("ansible")
>   with_items:
> - prod
> - backup
> - nfs
> - ansible
>   failed_when: false
> 
> So, I have a couple of questions.
> 1.  What would be the proper way to see if the hostname contains "splat" 
> using with_items?  

You got the answer from Matt, and that should work.

An alternative is to not use with_items but just use regex or.

  when: ansible_hostname | lower is search("prod|backup|nfs|ansible")

> 2.  What would be the reverse of this?  (ie not in, or not contained, etc)

  when: not (ansible_hostname | lower is search("prod|backup|nfs|ansible"))


-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2294743.a4WG3BZna4%40x1.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] ERROR! Unexpected Exception, this is probably a bug: unhashable type: 'dict'

[Matt Martz]

You need to drop the `name: ` from your `notify`:

```
notify:
- restart postgres
```

On Tue, Jan 23, 2018 at 12:15 PM,  wrote:

> Running Ansible 2.4.2.0 on OSX 10.13.2 (via macports), python version
> 3.6.4.
>
> I'm running a playbook of some 100-odd tasks and this error occurs at some
> point in that operation.  I can repeatedly run the playbook and get
> successively closer to the end.
>
> Some operations must run; if everything is skipped then no error occurs.
> The stack trace usually seems to point to a handler, but I can't spot the
> error.
>
> With "-vvv":
>
> the full traceback was:
>> Traceback (most recent call last):
>>   File "/opt/local/bin/ansible-playbook", line 106, in 
>> exit_code = cli.run()
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/cli/playbook.py", line
>> 130, in run
>> results = pbex.run()
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/
>> executor/playbook_executor.py", line 154, in run
>> result = self._tqm.run(play=play)
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/
>> executor/task_queue_manager.py", line 290, in run
>> play_return = strategy.run(iterator, play_context)
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/linear.py",
>> line 292, in run
>> results += self._wait_on_pending_results(iterator)
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
>> line 586, in _wait_on_pending_results
>> results = self._process_pending_results(iterator)
>>   File "/opt/local/Library/Frameworks/Python.framework/
>> Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
>> line 470, in _process_pending_results
>> if handler_name in self._listening_handlers:
>> TypeError: unhashable type: 'dict'
>
>
> It would seem that the error is happening when notifications are
> collected, e.g. one task after which the failure occurs.  Note that this is
> one task in the middle of several which do the "notify":
>
> - name: install hiredis 0.13 shared library
>>   become: yes
>>   copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
>>   with_items:
>> - { src: "libhiredis.so.0.13", dest: "/usr/lib64/", mode: '0755' }
>>   tags: provision, hiredis, redis_fdw
>>   notify:
>> - name: restart postgres
>
>
> The handler definition:
>
> ---
>> - name: restart postgres
>>   become: yes
>>   service: name="{{ pg_service }}" state=restarted
>> - name: reload sysctl configuration
>>   become: yes
>>   shell: sysctl -p /etc/sysctl.conf
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/c80ee46d-edcb-4d7f-8bd3-99de620df508%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v-rmOtBT8-5DOs6sz-kUctO296DHvT6U0Lks7t1BRtzdA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] gather_facts: ansible_hostname only

[Kai Stian Olstad]

On Tuesday, 23 January 2018 19.09.06 CET John Harmon wrote:
> Thanks Matt.  It seems platform and !all,min equate to the same thing.  I 
> tried the following in my playbook and it works:
> 
>   pre_tasks:
> - setup:
> gather_subset: min
> filter: ansible_hostname

gather_subset is also allowed on the play[1] level.

- hosts: all
  gather_subset: min


[1] https://docs.ansible.com/ansible/latest/playbooks_keywords.html#play

-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8480417.tI9P22h2rz%40x1.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] ERROR! Unexpected Exception, this is probably a bug: unhashable type: 'dict'

[timothy . wall]

Running Ansible 2.4.2.0 on OSX 10.13.2 (via macports), python version 3.6.4.

I'm running a playbook of some 100-odd tasks and this error occurs at some 
point in that operation.  I can repeatedly run the playbook and get 
successively closer to the end.

Some operations must run; if everything is skipped then no error occurs. 
 The stack trace usually seems to point to a handler, but I can't spot the 
error.

With "-vvv":

the full traceback was:
> Traceback (most recent call last):
>   File "/opt/local/bin/ansible-playbook", line 106, in 
> exit_code = cli.run()
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/cli/playbook.py",
>  
> line 130, in run
> results = pbex.run()
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/executor/playbook_executor.py",
>  
> line 154, in run
> result = self._tqm.run(play=play)
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/executor/task_queue_manager.py",
>  
> line 290, in run
> play_return = strategy.run(iterator, play_context)
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/linear.py",
>  
> line 292, in run
> results += self._wait_on_pending_results(iterator)
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
>  
> line 586, in _wait_on_pending_results
> results = self._process_pending_results(iterator)
>   File 
> "/opt/local/Library/Frameworks/Python.framework/Versions/3.6/lib/python3.6/site-packages/ansible/plugins/strategy/__init__.py",
>  
> line 470, in _process_pending_results
> if handler_name in self._listening_handlers:
> TypeError: unhashable type: 'dict'


It would seem that the error is happening when notifications are collected, 
e.g. one task after which the failure occurs.  Note that this is one task 
in the middle of several which do the "notify":

- name: install hiredis 0.13 shared library
>   become: yes
>   copy: src={{ item.src }} dest={{ item.dest }} mode={{ item.mode }}
>   with_items:
> - { src: "libhiredis.so.0.13", dest: "/usr/lib64/", mode: '0755' }
>   tags: provision, hiredis, redis_fdw
>   notify:
> - name: restart postgres


The handler definition:

---
> - name: restart postgres
>   become: yes
>   service: name="{{ pg_service }}" state=restarted
> - name: reload sysctl configuration
>   become: yes
>   shell: sysctl -p /etc/sysctl.conf

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c80ee46d-edcb-4d7f-8bd3-99de620df508%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] gather_facts: ansible_hostname only

[John Harmon]

Thanks Matt.  It seems platform and !all,min equate to the same thing.  I 
tried the following in my playbook and it works:

  pre_tasks:
- setup:
gather_subset: min
filter: ansible_hostname



On Tuesday, January 23, 2018 at 10:59:23 AM UTC-7, Matt Martz wrote:
>
> The most minimal you can do, and still get that would be to define:
>
> gather_subset: platform
>
> It will include ansible_hostname, plus a few extras.
>
>
> On Tue, Jan 23, 2018 at 11:42 AM, John Harmon  > wrote:
>
>> Is there a way for me to specify the only fact I care about gathering?  I 
>> have a server that is giving me grief due to the way its disks are setup 
>> (tons of nfs shares, etc) at least I assume that is why it is giving me 
>> grief.  I just need to gather the ansible_hostname fact.
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/9dc29978-9cdf-4895-afbb-5da27bc9b4a5%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f7549ba6-92b9-4048-bfd9-3389b06beea9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: gather_facts: ansible_hostname only

[John Harmon]

The following works on the command line, but I can't seem to find the right 
syntax to put it into a playbook:
root@ansible:/playbooks # ansible -m setup -a 'filter=ansible_hostname' 
ansible-oel6
ansible-oel6 | SUCCESS => {
"ansible_facts": {
"ansible_hostname": "ansible-oel6"
},
"changed": false
}



On Tuesday, January 23, 2018 at 10:42:52 AM UTC-7, John Harmon wrote:
>
> Is there a way for me to specify the only fact I care about gathering?  I 
> have a server that is giving me grief due to the way its disks are setup 
> (tons of nfs shares, etc) at least I assume that is why it is giving me 
> grief.  I just need to gather the ansible_hostname fact.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/813491c6-1212-4340-883f-762f83c39d4e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] gather_facts: ansible_hostname only

[Matt Martz]

The most minimal you can do, and still get that would be to define:

gather_subset: platform

It will include ansible_hostname, plus a few extras.


On Tue, Jan 23, 2018 at 11:42 AM, John Harmon 
wrote:

> Is there a way for me to specify the only fact I care about gathering?  I
> have a server that is giving me grief due to the way its disks are setup
> (tons of nfs shares, etc) at least I assume that is why it is giving me
> grief.  I just need to gather the ansible_hostname fact.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/9dc29978-9cdf-4895-afbb-5da27bc9b4a5%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v_X6W2QkSwCoviN285s6tJ0vQFU%2BRS7TCstHMdOherUjQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] gather_facts: ansible_hostname only

[John Harmon]

Is there a way for me to specify the only fact I care about gathering?  I 
have a server that is giving me grief due to the way its disks are setup 
(tons of nfs shares, etc) at least I assume that is why it is giving me 
grief.  I just need to gather the ansible_hostname fact.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9dc29978-9cdf-4895-afbb-5da27bc9b4a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Command module failure- ansible

['J Hawkesworth' via Ansible Project]

It seems like that something that your script is doing is causing the 
command module to fail.  Without seeing the code for script_name.sh it is 
hard to make any useful suggestions about what is causing the failure.

Also its possible you need some environment variables set by your login 
shell, so you might need to be using 'shell' instead of command.

If possible I suggest breaking the script_name.sh into several separate 
scripts to help narrow down where it fails.

Hope this helps,

Jon

On Tuesday, January 23, 2018 at 3:01:06 PM UTC, Jayashri Garud wrote:
>
> Sorry JYL. I posted it wrongly. It is actually
>
> -  name: deploy script_name script
>   command:  /path/to/script/script_name.sh
>
>
>
>
> On Tue, Jan 23, 2018 at 6:00 PM,  
> wrote:
>
>>
>>
>> 23 janvier 2018 13:07 "Jayashri Garud" > > a écrit:
>>
>> Hi,
>> I have a playbook for deployment . In which I have a task which execute 
>> script to extract artifacts. I am using jenkins server to run ansible. 
>> while running this playbook it is throwing error like "MODULE FAILURE".
>> deployment.yml
>> - run deployment script
>> command: /path/to/my/script/.sh
>> error:
>>
>> FAILED! => {"changed": false, "failed": true, "module_stderr": "", 
>> "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
>>
>> ansible version -2.0.0
>>
>>
>> Try this :
>> - name: run deployment script
>> command: /path/to/my/script/.sh
>>
>> Explanations :
>> You forget to add "name" before describiing the action So ansible try 
>> to interpret "run" as a module
>> Be careful about indentations
>>
>> Regards,
>>
>> JYL
>>
>> -- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/ansible-project/6nEUY2Qfboo/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to 
>> ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/a115e58a4bf6968a6f500898763375a7%40wwws.lenhof.eu.org
>>  
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7436be60-c1c4-407b-80ac-cb65b4609771%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Any tips on working with SQL Express on Windows

['J Hawkesworth' via Ansible Project]

I don't know if there's any difference with Express but this guy seems to 
have done something similar 
http://sqlblog.com/blogs/allen_white/archive/2011/05/19/change-sql-servers-authentication-mode-with-powershell.aspx

Assuming you can load the SMO dll (like here):

http://sqlblog.com/blogs/allen_white/archive/2008/01/09/create-agent-jobs-to-run-powershell-scripts.aspx

Then I guess you can get the current state and return it into a registered 
variable (with 

changed_when: False ),
then i

then only run the

#Change to Mixed Mode
$s.Settings.LoginMode = 
[Microsoft.SqlServer.Management.SMO.ServerLoginMode]::Mixed

# Make the changes
$srv.Alter()


bit when the login mode isn't what you expect.  You could also then notify 
a handler to restart SQL Express to pick up the changed login mode.

Alternatively you could do the check and change in a simple (custom) module 
and if the module returns 'changed: true' then trigger a restart that way.  
Its a little more work to create a custom powershell module but worth 
having a look at some of the included ones (win_environment for example) as 
often the only extra things they do that you probably wouldn't have to do 
in a one-shot powershell script  is handling the module args and creating 
the hash that is used to return the results of the module execution.

Sorry its a bit vague I haven't made much use of SQL Express.

Hope this helps to give an idea of how you could do this.

Jon
On Tuesday, January 23, 2018 at 2:46:09 AM UTC, Justin Seiser wrote:
>
> I'm looking to start a project working against an Amazon image with SQL 
> Express preinstalled. I know that it comes with windows auth. I know I can 
> also configure the authentication mode to use a SA account. My real issue 
> is that this will have to be done with powershell, and I can't not find a 
> powershell command to return the current auth mode. I would really like 
> some tips for doing things like this, so it's not going to flag itself as a 
> change each run.
>
> Has anyone already dealt with this? Things like enable sa user, enable tcp 
> pipes etc.
>
> Thanks,
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/755e7cad-d828-4878-acfc-ab89c83a860f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Simple cisco IOS show version

[Claudia de Luna]

Hi Surjeet,

My intent with the second message was to show you the power of the ios/nxos
facts modules.  These modules return device information in a structured way
so that you don't have to mine your output with regular expressions if it
returns the data you are looking for.  With the ios facts module you get
version, serial number, ip addresses (ipv4/6), hostname, etc..

If you take the output and paste it into http://jsoneditoronline.org/ you
can "decompose" the ansible_facts object.   Here is the first part so you
can see that ansible_facts is a dictionary and the first key is
ansible_net_all_ipv4_addresses and the value is a list with two IPs (the
two IPv4 ips this switch has configured).  The next key would hold all the
IPv6 IPs in list but as you can see the list is empty [] because I don't
have ipv6 configured on this switch.

>
> "ansible_facts": {
> "ansible_net_all_ipv4_addresses": [
> "10.1.10.25",
> "192.0.2.33"
> ],
> "ansible_net_all_ipv6_addresses": [],
> "ansible_net_filesystems": [
> "flash:"
> ],
>

In this  playbook I use the ios_facts module to get the version of code in
the ansible_net_version key value pair that is part of the ansible_facts
"dictionary".

  tasks:
> - name: Gather IOS Facts
>   ios_facts:



so the last line

debug: var=facts_output.ansible_facts.ansible_net_version


is just printing the value of the ansible_net_version key from the
ansible_facts dictionary returned by the ios_facts module that I stuffed in
a varialbe called "facts_output"

Having said all of that, there are many scenarios where you will need to
parse your output for data that has not been nicely packaged up for us in
these ansible modules so it is a valuable skill with many approaches.  You
want to use the one you are most comfortable with but you also don't want
to work any harder than you have to!

Here are some of the approaches I'm aware of and maybe others can chime in
with what works for them.

*1.  embed regexp in the command you send with the ios_command module.*
Here is sample output from the attached playbook.  I'm just sending the
regexp as part of the command as you would if you were in the CLI.
Ethan Banks at Packet Pushers does a nice little summary
and I'm
sure you can Google a bunch more

root@e8d7daa45b5b:/ansible/ansible2_4_base# ansible-playbook -i hosts
> get_ios_cmd_filter.yml
> PLAY [cisco]
> 
> TASK [Show command with embedded regexp inc connected for all Conneced
> interfaces]
> **
> ok: [arctic-3650] => (item=show int status | inc connected)
> TASK [debug]
> 
> ok: [arctic-3650] => {
> "output.results[0].stdout_lines": [
> [
> "Gi1/0/4  connected1  a-full
> a-1000 10/100/1000BaseTX"
> ]
> ]
> }
> TASK [Show command with embedded regexp for all IPs]
> 
> ok: [arctic-3650] => (item=show ip interface brief | inc \.[0-9]+[ ]+YES)
> TASK [debug]
> 
> ok: [arctic-3650] => {
> "output.results[0].stdout_lines": [
> [
> "Vlan1  192.0.2.33  YES manual up
>   up  ",
> "GigabitEthernet0/0 10.1.10.25  YES DHCP   up
>   up"
> ]
> ]
> }
> PLAY RECAP
> **
> arctic-3650: ok=4changed=0unreachable=0failed=0


2.  Use the newish jinja2 filters regex_findall and regex_search

Ivan Pepelnjak has a nice summary of 1 and 2 here.


3.  Look at the textfsm modules and filters

4.  look at napalm getters which return data for a variety of network
hardware in a structured way so that you can abstract out your actions in
your playbooks across many device types.

Kirk Byer has a very good Ansible series and he covers jinja filters and
using the textfsm parsing modules.  That is my favorite and I've moved most
of my parsing scripts to TextFSM these days.  Check out the ntc modules
from Network to Code (Jason Edelman).

Re: [ansible-project] What should be the proper way to use include_tasks in ansible 2.5

[Matt Martz]

Michael,

It is indeed a changed behavior in 2.4.3rc2, however we are working to
revert that specific behavior, which will be included in an upcoming rc3.



On Tue, Jan 23, 2018 at 4:40 AM, Michael Ströder 
wrote:

> chipcha wrote:
> > Would it be possible to also add best practices of how to migrate
> > include_tasks to import_tasks with loops
> > After https://github.com/ansible/ansible/pull/33595 it seems that all my
> > include_tasks with tags are ignored
>
> I can confirm this issue using ansible-2.4.3.0-0.5.rc2.tar.gz and I
> wonder why such a breaking change is done for minor update within 2.4.x.
>
> Ciao, Michael.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/f51d7dc3-cced-d2b3-73ad-30c0b84df274%40stroeder.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9-NGzMYNcuzRNCy_y54eNbBN6bimkKh-f9TPtGTHst2Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Command module failure- ansible

[Jayashri Garud]

Sorry JYL. I posted it wrongly. It is actually

-  name: deploy script_name script
  command:  /path/to/script/script_name.sh




On Tue, Jan 23, 2018 at 6:00 PM,  wrote:

>
>
> 23 janvier 2018 13:07 "Jayashri Garud"  <%22jayashri%20garud%22%20%3cjayashrigarud...@gmail.com%3E>> a écrit:
>
> Hi,
> I have a playbook for deployment . In which I have a task which execute
> script to extract artifacts. I am using jenkins server to run ansible.
> while running this playbook it is throwing error like "MODULE FAILURE".
> deployment.yml
> - run deployment script
> command: /path/to/my/script/.sh
> error:
>
> FAILED! => {"changed": false, "failed": true, "module_stderr": "", 
> "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
>
> ansible version -2.0.0
>
>
> Try this :
> - name: run deployment script
> command: /path/to/my/script/.sh
>
> Explanations :
> You forget to add "name" before describiing the action So ansible try
> to interpret "run" as a module
> Be careful about indentations
>
> Regards,
>
> JYL
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/ansible-project/6nEUY2Qfboo/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/a115e58a4bf6968a6f500898763375
> a7%40wwws.lenhof.eu.org
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CALKJ44goe2wxgGAvqBuMKO0RaWVHkNCM_%2BrCSNDC6GQyBXF0JQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] VARIABLE IS NOT DEFINED!

[Kai Stian Olstad]

On Saturday, 20 January 2018 08.26.56 CET Surjeet Singh wrote:
> ---
> - name: collect device facts and display OS version
>   hosts: "{{ inventory | default('all') }}"
>   gather_facts: no
>   connection: local
> 
>   
>   tasks:
> - name: run the show commands
>   ios_command:
> commands:
>   - show version
> host: "{{ inventory_hostname }}"
> username: cisco
> password: cisco
>   register: version
>   
> - debug: var=version.stdout[0].Version

I have never used ios_command, but my guess is that version.stdout[0] is a 
string not dictionary with the key Version in it.


-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3193442.HCZvX6jUOS%40x1.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to do math in Ansible?

[Kai Stian Olstad]

On Monday, 22 January 2018 19.23.29 CET ZillaYT wrote:
> I'm using yum (RHEL). However with this approach, don't you have to update 
> the file when the major version changes?

With that regex yes, it's a nice way to control upgrade to major versions.
And it also preventing upgrade of a package if someone should run apt 
dist-upgrade (equivalent to yum upgrade)


My file for Gitlab looks like this

$ more /etc/apt/preferences.d/gitlab 
Package: gitlab-ce
Pin: version /[0-9]+\.[0-9]+\.([5-9]-|[0-9]{2,}-)/
Pin-Priority: 1000

It only upgrade if the package is x.y.5 or higher, the reason for this is 
Gitlab tends to be very buggy until around x.y.5 version is released.


-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2140276.yyDdSyT0jU%40x1.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: nxos_acl module

[Claudia de Luna]

Hi Julian,

All I meant by that comment is that in the module notes the statement below
is made.  It actually is at the ACE level but I'm not 100% clear on the
implications.  I need to try it out.


>- *Although this module is idempotent in that if the ace as presented
>in the task is identical to the one on the switch, no changes will be made.
>If there is any difference, what is in Ansible will be pushed (configured
>options will be overridden). This is to improve security, but at the same
>time remember an ACE is removed, then re-added, so if there is a change,
>the new ACE will be exactly what parameters you are sending to the module.*
>
>
Let me know if you find a better way! or if you can work through the
nxos_acl module.

Take care,

Claudia


On Tue, Jan 23, 2018 at 12:51 AM, Julien Guirlinger <
julien.guirlin...@gmail.com> wrote:

> Interesting way of doing it.
>
> What do you mean by :
>
>> *Also, the idempotency works at the ACL level but the module at the ACE
>> level and that always worried me*
>>
>
> Thank you for the feedback
>
> Julien
>
>
> On Monday, January 22, 2018 at 4:12:18 PM UTC+1, Claudia de Luna wrote:
>>
>> HI Julien,
>>
>> I confess I've not used this module for ACL management for many of the
>> reasons you note.  Also, the idempotency works at the ACL level but the
>> module at the ACE level and that always worried me.  I can see myself
>> checking for one ACE and basically turning my ACL into a one line ACL.
>>
>> I tend to use the template module and then the -config module (ios or
>> nxos).
>>
>> I'd stay away from the include_vars and go with a  group_vars file or a
>> host_vars file depending on what you need.
>>
>> For example, I have a standard NTP ACL for all the NXOS devices which I
>> represent with a group called [nxos] in my host file.
>>
>> So in my group_vars directory i have an nxos.yml file with something like
>> this:
>>
>> ntp_acl:
>>   - src: any
>> dest: 1.1.1.123/24
>>   - src: any
>> dest: 1.1.1.23/24
>>
>>
>> and in my template file I have
>>
>> # ntp_acl.j2
>> no ip access-list NTP_ACL
>> ip access-list NTP_ACL
>>  permit ip any 192.168.2.123/24
>>  permit ip any 192.168.1.23/24
>>
>>
>>
>>
>> {% for ace in ntp_acl %}
>> # Additional Local NTP Servers
>>  permit ip {{ ace.src }} {{ ace.dest }}
>>
>> {% endfor %}
>>
>>
>> # End ntp_acl.j2
>>
>>
>> That builds the ACL I want using the template module and then I use the
>> config module to apply it.
>>
>> so i have a make_cfg.yml playbook with this task
>>
>> - name: Create hostname config file from template
>>   template:
>> src: templates/ntp_acl.j2
>> dest: src/{{ inventory_hostname }}.cfg
>>
>>
>> and then I have an apply_cfg.yml playbook with this task
>>
>> - name: Configure Using nxos_config Module
>>   nxos_config:
>> provider: "{{ cli }}"
>> backup: yes
>> match: none
>> timeout: 15
>> src: src/{{ inventory_hostname }}.cfg
>> intended_config: src/{{ inventory_hostname }}.cfg
>> diff_against: intended
>>
>>
>> I do this when I'm first setting up a site but these can certainly be in
>> one playbook.
>>
>> You can also use the config module to do diffs so thats how I check
>> compliance.
>>
>> Not sure if that helps...but that may be another way to tackle the
>> problem...
>>
>>
>>
>>
>> On Tuesday, January 16, 2018 at 7:16:19 AM UTC-8, Julien Guirlinger wrote:
>>>
>>>
>>> Hello,
>>>
>>> Does anybody use ansible to manage ACL on Cisco Nexus switches ?
>>>
>>> I have started to use, but i face some issues :
>>> - I didn't find a way to set the "per entry statistics on my ACL"
>>> - I have to call the module for each ACE in my ACL, which is not
>>> satisfying for performance and for readability when it comes to large ACL
>>> - I'm still not sure of the way i should write my playbook, either
>>> including all the ACL in it with a task for each ACE, or looping over a
>>> dict containing my ACL (a file imported via an "include_vars" statement for
>>> exemple)
>>>
>>> I will be happy to have feedback of how you achieve it.
>>>
>>> Thanks
>>>
>>> Julien
>>>
>>> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/ansible-project/02Sff9C6rU8/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/de8ebe98-b9da-4bfe-a1d5-a1a316d42e26%40googlegroups.
> com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are 

[ansible-project] Re: Should pip still use /usr/bin/python if the ansible_python_interpreter env var is set to a virtualenv

[Wajdi Al-Hawari]

I forgot to specify my Ansible version. I am using: 2.4.2.0

On Tuesday, 23 January 2018 07:59:58 UTC-5, Wajdi Al-Hawari wrote:
>
> The Scenario: 
>
> I have encountered an issue that I first drafted as a bug, but before I 
> post it, I wanted to ask about it here first.
>
> The scenario I'm facing is wanting to run my playbook without explicitly 
> setting a virtualenv in my pip module. So, instead I'm using the 
> ansible_python_interpreter to point to the python interpreter I want to 
> use. 
>
> example call: ansible-playbook -i inventory --connection=local 
> playbook.yml -e ansible_python_interpreter=/home/user/foo_proj/venv
>
> I noticed that when running my playbook with my python interpreter set to 
> /home/user/foo_proj/venv/, my expectation was for the venv to be within 
> that context using /home/user/foo_proj/venv/bin/pip. It, however instead 
> was using /usr/local/bin/pip3 per the small snippet of my output: 
>
> ok: [localhost] => {
> "changed": false, 
> "cmd": "/usr/local/bin/pip3 install docker-compose", 
> "invocation": {
> "module_args": {
>
>
> I do have a growing suspicion that the intention of this 
> "ansible_python_interpreter" environment variable is not necessarily meant 
> for virtual environments (meaning my supposed bug is invalid) but specific 
> locations of the Python executable you want to use, thus, in turn using its 
> respecting /usr/bin/pipX (X being the version). 
>
> It is fairly clear even from the code here 
> 
>  that the behaviour is to look for /usr/bin/pip. 
>
> The question:
>
> So, my question is whether using the ansible_python_interpreter should in 
> fact get the pip module to use the respective environment pip, or is it as 
> specified in the code not intended to change the pip module path to the 
> virtualenv pip, but rather to the system level pip for the version of 
> Python being specified by ansible_python_interpreter? 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/62fb75bd-9574-4e7b-9682-d7bd0e991dba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Should pip still use /usr/bin/python if the ansible_python_interpreter env var is set to a virtualenv

[Wajdi Al-Hawari]

The Scenario: 

I have encountered an issue that I first drafted as a bug, but before I 
post it, I wanted to ask about it here first.

The scenario I'm facing is wanting to run my playbook without explicitly 
setting a virtualenv in my pip module. So, instead I'm using the 
ansible_python_interpreter to point to the python interpreter I want to 
use. 

example call: ansible-playbook -i inventory --connection=local playbook.yml 
-e ansible_python_interpreter=/home/user/foo_proj/venv

I noticed that when running my playbook with my python interpreter set to 
/home/user/foo_proj/venv/, my expectation was for the venv to be within 
that context using /home/user/foo_proj/venv/bin/pip. It, however instead 
was using /usr/local/bin/pip3 per the small snippet of my output: 

ok: [localhost] => {
"changed": false, 
"cmd": "/usr/local/bin/pip3 install docker-compose", 
"invocation": {
"module_args": {


I do have a growing suspicion that the intention of this 
"ansible_python_interpreter" environment variable is not necessarily meant 
for virtual environments (meaning my supposed bug is invalid) but specific 
locations of the Python executable you want to use, thus, in turn using its 
respecting /usr/bin/pipX (X being the version). 

It is fairly clear even from the code here 

 that the behaviour is to look for /usr/bin/pip. 

The question:

So, my question is whether using the ansible_python_interpreter should in 
fact get the pip module to use the respective environment pip, or is it as 
specified in the code not intended to change the pip module path to the 
virtualenv pip, but rather to the system level pip for the version of 
Python being specified by ansible_python_interpreter? 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/14cec82e-b261-4d87-8295-a2dfb6ff3d9b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Command module failure- ansible

[jean-yves]

23 janvier 2018 13:07 "Jayashri Garud"  a écrit:
Hi,
I have a playbook for deployment . In which I have a task which execute script 
to extract artifacts. I am using jenkins server to run ansible. while running 
this playbook it is throwing error like "MODULE FAILURE". 
deployment.yml 
- run deployment script 
command: /path/to/my/script/.sh 
error: 
FAILED! => {"changed": false, "failed": true, "module_stderr": "", 
"module_stdout": "", "msg": "MODULE FAILURE", "parsed": false} 
ansible version -2.0.0 
Try this :
- name: run deployment script 
 command: /path/to/my/script/.sh

Explanations :
You forget to add "name" before describiing the action So ansible try to 
interpret "run" as a module
Be careful about indentations

Regards,

JYL

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a115e58a4bf6968a6f500898763375a7%40wwws.lenhof.eu.org.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Command module failure- ansible

[Jayashri Garud]

Hi,
 I have a playbook for deployment . In which I have a task which execute 
script to extract artifacts. I am using jenkins server to run ansible. 
while running this playbook it is throwing error like "MODULE FAILURE".

deployment.yml

-  run deployment script
command:  /path/to/my/script/.sh

error:

FAILED! => {"changed": false, "failed": true, "module_stderr": "", 
"module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}


ansible version -2.0.0

 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/db3488fc-9bec-4f1e-ac8f-1167c40b6b32%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What should be the proper way to use include_tasks in ansible 2.5

[Michael Ströder]

chipcha wrote:
> Would it be possible to also add best practices of how to migrate
> include_tasks to import_tasks with loops
> After https://github.com/ansible/ansible/pull/33595 it seems that all my
> include_tasks with tags are ignored

I can confirm this issue using ansible-2.4.3.0-0.5.rc2.tar.gz and I
wonder why such a breaking change is done for minor update within 2.4.x.

Ciao, Michael.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f51d7dc3-cced-d2b3-73ad-30c0b84df274%40stroeder.com.
For more options, visit https://groups.google.com/d/optout.


smime.p7s
Description: S/MIME Cryptographic Signature

Re: [ansible-project] What should be the proper way to use include_tasks in ansible 2.5

[chipcha]

Thanks for the quick input Matt :)
Would it be possible to also add best practices of how to migrate 
include_tasks to import_tasks with loops
After https://github.com/ansible/ansible/pull/33595 it seems that all my 
include_tasks with tags are ignored and changing those to import_tasks 
after they already configured  loops seems to be impossible.

Thanks


On Tuesday, January 23, 2018 at 12:37:14 AM UTC+2, Matt Martz wrote:
>
> I've recently started work on this specific topic for the 2.5 porting 
> guide which you can find at https://github.com/ansible/ansible/pull/35199 
> 
>
> On Mon, Jan 22, 2018 at 4:32 PM, chipcha  > wrote:
>
>> Hi all,
>>
>> Following the discussion in issue #35065: included include_role fails to 
>> escalate since ebf971f
>> (see also 
>> https://groups.google.com/forum/#%21searchin/ansible-project/chipcha%7Csort:date/ansible-project/2-A3BVF02X4/USl6hixDDQAJ
>> )
>>
>> My issue is related to include_tasks.
>> I understood that for ansible 2.4.3 the behavior of include_tasks will 
>> stay the same while in ansible 2.5 this behavior is about to be changed and 
>> only import_tasks should merge down attributes.
>> To apply my playlist for ansible 2.5 should I change all include_tasks to 
>> import_tasks? If so, should I need to add anything else?
>> Any help will be appreciated
>>
>> Thanks
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/a7e75da6-f4f3-4c64-b6d0-4b6eac6b7894%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b8466fc5-6fe2-4fe3-9e3e-d79d1d031c36%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: nxos_acl module

[Julien Guirlinger]

Interesting way of doing it. 

What do you mean by :

> *Also, the idempotency works at the ACL level but the module at the ACE 
> level and that always worried me*
>

Thank you for the feedback

Julien

On Monday, January 22, 2018 at 4:12:18 PM UTC+1, Claudia de Luna wrote:
>
> HI Julien,
>
> I confess I've not used this module for ACL management for many of the 
> reasons you note.  Also, the idempotency works at the ACL level but the 
> module at the ACE level and that always worried me.  I can see myself 
> checking for one ACE and basically turning my ACL into a one line ACL.
>
> I tend to use the template module and then the -config module (ios or 
> nxos).
>
> I'd stay away from the include_vars and go with a  group_vars file or a 
> host_vars file depending on what you need.
>
> For example, I have a standard NTP ACL for all the NXOS devices which I 
> represent with a group called [nxos] in my host file.
>
> So in my group_vars directory i have an nxos.yml file with something like 
> this:
>
> ntp_acl:
>   - src: any
> dest: 1.1.1.123/24
>   - src: any
> dest: 1.1.1.23/24
>
>
> and in my template file I have
>
> # ntp_acl.j2
> no ip access-list NTP_ACL
> ip access-list NTP_ACL
>  permit ip any 192.168.2.123/24
>  permit ip any 192.168.1.23/24
>
>
>
>
> {% for ace in ntp_acl %}
> # Additional Local NTP Servers
>  permit ip {{ ace.src }} {{ ace.dest }}
>
> {% endfor %}
>
>
> # End ntp_acl.j2
>
>
> That builds the ACL I want using the template module and then I use the 
> config module to apply it.
>
> so i have a make_cfg.yml playbook with this task
>
> - name: Create hostname config file from template
>   template:
> src: templates/ntp_acl.j2
> dest: src/{{ inventory_hostname }}.cfg
>
>
> and then I have an apply_cfg.yml playbook with this task
>
> - name: Configure Using nxos_config Module
>   nxos_config:
> provider: "{{ cli }}"
> backup: yes
> match: none
> timeout: 15
> src: src/{{ inventory_hostname }}.cfg
> intended_config: src/{{ inventory_hostname }}.cfg
> diff_against: intended
>
>
> I do this when I'm first setting up a site but these can certainly be in 
> one playbook.  
>
> You can also use the config module to do diffs so thats how I check 
> compliance.
>
> Not sure if that helps...but that may be another way to tackle the 
> problem...
>
>
>
>
> On Tuesday, January 16, 2018 at 7:16:19 AM UTC-8, Julien Guirlinger wrote:
>>
>>
>> Hello,
>>
>> Does anybody use ansible to manage ACL on Cisco Nexus switches ?
>>
>> I have started to use, but i face some issues :
>> - I didn't find a way to set the "per entry statistics on my ACL"
>> - I have to call the module for each ACE in my ACL, which is not 
>> satisfying for performance and for readability when it comes to large ACL
>> - I'm still not sure of the way i should write my playbook, either 
>> including all the ACL in it with a task for each ACE, or looping over a 
>> dict containing my ACL (a file imported via an "include_vars" statement for 
>> exemple)
>>
>> I will be happy to have feedback of how you achieve it.
>>
>> Thanks
>>
>> Julien
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/de8ebe98-b9da-4bfe-a1d5-a1a316d42e26%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: vsphere_guest module doesn't receve datastore value

['J Hawkesworth' via Ansible Project]

I use vmware_guest to clone vms and it works fine.  However I recall having 
problems with using VMXNET3 and wound up switching to e1000e.  I think this 
is because VMXNET3 depends on vmware tools and so isn't available during 
the early boot up process (I could be wrong about why, but I definitely 
could not get ip assigned when using VMXNET3) - things may be different for 
you - I most clone windows vms, but worth experimenting with available 
network adaptors.

Hope this helps,

Jon

On Monday, January 22, 2018 at 1:59:47 PM UTC, Sebastien Desbois wrote:
>
> Hello,
>
> When deploying from a template, this parameter will no be used.
> Your VM will be deployed in the same datastore as the template.
> This deployment is just a clone that will take by default all the 
> parameters CPU / RAM / Disks of the template.
>
> For my part, since I like complicated things, after the deployement, 
> Ansible is launching a powercli script that will place the VM in a 
> datastore based on categories and available space.
> (The whole VM, not just the disk, in order not to have the vmx and log 
> files in a datastore and the disk in another datastore)
>
> Le mercredi 17 janvier 2018 20:04:53 UTC+1, Arkanon a écrit :
>>
>> Hello.
>>
>> I want to deploy a VMWare Linux VM from a template and then customize IP 
>> and hostname.
>>
>> With vmware_guest module the deploy where finished, but I couldn't set 
>> IP/hostname. So I changed to vsphere_guest module to give a try.
>> However, with vsphere module the deploy process doesn't even finish. The 
>> message received is:
>>
>> *"Could not clone selected machine: [Task Error]: Insufficient disk space 
>> on datastore ''."*
>>
>> Apparently datastore has no value, but it was set, accordingly with 
>> documentation in <
>> http://docs.ansible.com/ansible/latest/vsphere_guest_module.html#examples
>> >
>>
>> Details:
>>
>> $ ansible-playbook --version
>> ansible-playbook 2.5.0
>>   config file = /etc/ansible/ansible.cfg
>>   configured module search path = [u'*HOME*/.ansible/plugins/modules', 
>> u'/usr/share/ansible/plugins/modules']
>>   ansible python module location = 
>> /usr/local/lib/python2.7/dist-packages/ansible
>>   executable location = /usr/bin/ansible-playbook
>>   python version = 2.7.14+ (default, Dec  5 2017, 15:17:02) [GCC 7.2.1 
>> 20171205]
>>
>> $ cat vmware.yml
>> ---
>>
>> - name: interaction with vCenter
>>   hosts: localhost
>>   connection: local
>>   gather_facts: no
>>
>>   vars:
>> run_time: "{{ lookup('pipe','date \"+%Y/%m/%d %H:%M:%S\"') }}"
>> domain: *DOMAIN*
>> vc_hn: vcenter
>> vc_un: "{{ lookup('env','USER') }}"
>> vc_pw: "{{ lookup('env','password') }}"
>> vc_dc: *DC*
>> vc_cluster: *CLUSTER*
>> vc_hv: 172.23.1.156
>> vc_ds: Server1156
>> vc_folder: *FOLDER*
>> vm_name: test
>> vm_note: Deployed with ansible
>> vm_hn: test
>>
>>   tasks:
>>
>> - name: Deploy VM from Template
>>   vsphere_guest:
>>
>> validate_certs: no
>> vcenter_hostname: "{{ vc_hn }}.{{ domain }}"
>> username: "{{ vc_un }}@{{ domain }}"
>> password: "{{ vc_pw }}"
>> guest: "{{ vm_name }}"
>> from_template: yes
>> template_src: CentOS-Template-7.3
>>
>> esxi:
>>   datacenter: "{{ vc_dc }}"
>>   hostname: "{{ vc_hv }}"
>>
>> vm_extra_config:
>>   notes: "{{ vm_note }} - {{ run_time }}"
>>   folder: "{{ vc_folder }}"
>>
>> vm_hardware:
>>   osid: centos64guest
>>   memory_mb: 2048
>>   num_cpus: 1
>>   scsi: paravirtual
>>
>> vm_disk:
>>   disk1:
>> size_gb: 20
>> type: thin
>> *datastore: "{{ vc_ds }}"*
>>
>> vm_nic:
>>   nic1:
>> type: vmxnet3
>> network: VLAN_30
>> network_type: dvs
>>
>> $ ansible-playbook vmware.yml -vvv
>> ansible-playbook 2.5.0
>>   config file = /etc/ansible/ansible.cfg
>>   configured module search path = [u'*HOME*/.ansible/plugins/modules', 
>> u'/usr/share/ansible/plugins/modules']
>>   ansible python module location = 
>> /usr/local/lib/python2.7/dist-packages/ansible
>>   executable location = /usr/bin/ansible-playbook
>>   python version = 2.7.14+ (default, Dec  5 2017, 15:17:02) [GCC 7.2.1 
>> 20171205]
>> Using /etc/ansible/ansible.cfg as config file
>> Parsed /etc/ansible/hosts inventory source with ini plugin
>>
>> PLAYBOOK: vmware.yml 
>> **
>> 1 plays in vmware.yml
>>
>> PLAY [interaction with vCenter] 
>> ***
>> META: ran handlers
>>
>> TASK [Deploy VM from Template] 
>> 
>> task path: /export/fs/share/ansible/vmware.yml:28
>> Using module file 
>> 

[ansible-project] Re: VARIABLE IS NOT DEFINED!

['J Hawkesworth' via Ansible Project]

I think you just need to set 

gather_facts: yes

otherwise host-related variables, such as 
 inventory_hostname

won't exist when you come to use them later in your playbook.

Hope this helps,

Jon

On Saturday, January 20, 2018 at 7:26:57 AM UTC, Surjeet Singh wrote:
>
> am i impacted with some bug ?
>
>  "VARIABLE IS NOT DEFINED!"
>
> root@eve-ng:/etc/ansible# ansible-playbook test.yaml 
>
> PLAY [collect device facts and display OS version] 
> **
>
> TASK [run the show commands] 
> 
>  [WARNING]: argument username has been deprecated and will be removed in a 
> future version
>  [WARNING]: argument host has been deprecated and will be removed in a 
> future version
>  [WARNING]: argument password has been deprecated and will be removed in a 
> future version
> ok: [8.8.8.8]
> ok: [5.5.5.5]
>
> TASK [debug] 
> 
> ok: [8.8.8.8] => {
> "version.stdout[0].Version": "VARIABLE IS NOT DEFINED!"
> }
> ok: [5.5.5.5] => {
> "version.stdout[0].Version": "VARIABLE IS NOT DEFINED!"
> }
>
> PLAY RECAP 
> **
> 5.5.5.5: ok=2changed=0unreachable=0
> failed=0   
> 8.8.8.8: ok=2changed=0unreachable=0
> failed=0   
>
>
>
> root@eve-ng:/etc/ansible# more test.yaml 
> ---
> - name: collect device facts and display OS version
>   hosts: "{{ inventory | default('all') }}"
>   gather_facts: no
>   connection: local
>
>   
>   tasks:
> - name: run the show commands
>   ios_command:
> commands:
>   - show version
> host: "{{ inventory_hostname }}"
> username: cisco
> password: cisco
>   register: version
>   
> - debug: var=version.stdout[0].Version
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b69b0955-06ef-48e1-ad6d-1a1e918eeb57%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Tasks in rescue don't work if host is unreachable

['J Hawkesworth' via Ansible Project]

I suggest you delegate your rescue tasks to localhost - when things go 
wrong on remote hosts, the local host, where ansible is running, is the 
most likely thing to still be working.  Documentation about delegation is 
here if you aren't familiar with it: 
http://docs.ansible.com/ansible/latest/playbooks_delegation.html

You may need to adjust what you rescue actually does because of this - 
perhaps send a mail or message to get a human involved.

Hope this helps,

Jon 

On Friday, January 19, 2018 at 2:59:35 PM UTC, Graham Dougan wrote:
>
> Hi Vlad,
>
> Struggling with the same issue, did you get anywhere with it?
>
> Thanks,
> Graham
>
> On Sunday, March 19, 2017 at 10:29:48 PM UTC, kaufma...@gmail.com wrote:
>>
>> Hello everyone,
>>
>> For error handling I'm trying to use "block - rescue". I looked im 
>> internet and found out that rescue doesn't have any effekt if tasks in 
>> block failed because of unreachable host. Does anyone any workaround or 
>> idea how to manage it anyway?
>>
>> Thank you very much!
>>
>> Vlad
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/623c771f-f9a7-4bd6-9cf3-ab827f2c7da9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.