[ansible-project] Re: Ansible issues with Windows deployment

[12177589]

Ok, it should be the syntax of win_shell. The error is as follows：




在 2018年3月21日星期三 UTC+8上午11:12:59，Jordan Borean写道：
>
> You pretty much need to copy the win_shell task as it was (with any 
> credential or path changes you need). You also don't need the win_copy 
> tasks as the win_shell task will do that for you, I only provided that 
> example to show you how it is easier to use become when 2.5 comes out.
>
> In the future, when you say there are errors, please provide those errors 
> itself as it makes it easier to see what is going on.
>
> Thanks
>
> Jordan
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e93e0f71-3579-4a26-be5f-f0078c91abf7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible issues with Windows deployment

[Jordan Borean]

You pretty much need to copy the win_shell task as it was (with any 
credential or path changes you need). You also don't need the win_copy 
tasks as the win_shell task will do that for you, I only provided that 
example to show you how it is easier to use become when 2.5 comes out.

In the future, when you say there are errors, please provide those errors 
itself as it makes it easier to see what is going on.

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6a9506b9-8377-4a61-9ed7-b6f9f40e94cc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] napalm-ansible...NXOS

[Sunil6057]

hi

---
- hosts: leaf
  connection: local
  tasks:
- napalm_install_config:
hostname: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
dev_os: "{{ nxos }}"
config_file: leaf.conf
commit_changes: True
diff_file: initial.diff


This is the yml file. By default it tries to connect using HTTPS (NXAPI). How 
do i bypass this and make it connect using SSH

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/135ca6c8-7427-42ae-94e5-53ed2c77b425%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible issues with Windows deployment

[12177589]

Thank you very much for your reply. I tried to use win-shell, but there was 
a syntax error!

Because I can't understand this meaning, please help to see!

As follows:


- hosts: dbServer

  tasks:

  - name: shell

- win_shell:

  $username: 'xie11'

  $password: '11'

  $sec_password: ConvertTo-SecureString -String $password -AsPlainText 
-Force

  $credentials: New-Object -TypeName PSCredential -ArgumentList 
$username, $sec_password

  New-PSDrive -Name temp_path -PSProvider FileSystem -Root 
'\\192.168.20.13\WuhanTeam' -Credential $credentials -Scope Script

  Copy-Item -Path temp_path:\100_test -DestinationPath C:\tools

  

  - name: copy file

win_copy:

  src: \\192.168.20.13\WuhanTeam\100_test

  dest: D:\tools

  remote_src: True

在 2018年3月19日星期一 UTC+8下午7:10:51，Jordan Borean写道：
>
> You need to stop trying to map a network drive and then copying from that 
> drive, as I said I don't believe it is possible and have never been able to 
> get it working from a WinRM session. There are 2 ways you can do this 
> currently, with Ansible 2.5 is out you can do this
>
> become with become flags
>
> - win_copy:
> src: \\192.168.20.13\WuhanTeam\100_test
> dest: C:\tools
>   become: yes
>   become_method: runas
>   become_flags: logon_type=new_credentials logon_flags=netcredentials_only
>   vars:
> ansible_become_user: xie11
> ansible_become_pass: 11
>
> Unfortunately the become_flags were not added until 2.5 so for older 
> versions you need to do something like this
>
> - win_shell: |
> $username = 'xie11'
> $password = '11'
> $sec_password = ConvertTo-SecureString -String $password -AsPlainText 
> -Force
> $credentials = New-Object -TypeName PSCredential -ArgumentList 
> $username, $sec_password
> New-PSDrive -Name temp_path -PSProvider FileSystem -Root 
> '\\192.168.20.13\WuhanTeam' -Credential $credential -Scope Script
> Copy-Item -Path temp_path:\100_test -DestinationPath C:\tools
>
> That win_shell task, registers a temporary network path using a custom set 
> of credentials and then copies the file from that temporary path with those 
> credentials. This works because everything happens under that one script 
> scope whereas running net use and then the xcopy commands as separate tasks 
> do not (each task is run under a different shell)
>
> Thanks
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5ad6454b-fcc2-4ea2-bd65-124455d331da%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: vault-encrypted admin_password issues in azure_rm_virtualmachine module

[Jordan Borean]

No worries, glad it worked out in the end and wasn't a bug in the module.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7c5ba0c3-f9f4-4d8c-8ec3-76586a62a66c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] current run timestamp

[orderedchaosdev]

I want to set it up so there is a current ansible playbook run timestamp 
set at the start of every playbook run so I can use this var in various 
roles.
The only way so far I have found is to set a pre_task with set fact in 
every playbook.
Does anyone have any suggestions or information on a current playbook run 
start timestamp or a way to set this var so that I dont need to add the 
set_fact to every playbook?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/76c1af0e-bc69-456e-8878-dcf6c67d0ccd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Aliases + module.params

[Alex Stephen]

I'm in the process of writing an Ansible module. 
I've currently got an Ansible task that includes this piece of code:

```
...
allowed:
  - ip_protocol: 'tcp'
  - port: '22'
...
```

AnsibleModule looks something like this:

```
  AnsibleModule(
argument_spec=dict(
 allowed=dict(type='list', elements='dict', options=dict(
 IPProtocol=dict(required=True, type='str', 
aliases=['ip_protocol']),
 ports=dict(type='list', elements='str')
  ))
)
  )
```

(tldr; ip_protocol is an alias of IPProtocol).

I end up doing some work with module.params later on. I would expect 
module.params to look like this:

```
{
  allowed: [
 {
IPProtocol: 'tcp',
ports: '22'
 }
   ]
}
```

Instead, it looks like this:

```
{
  allowed: [
 {
IPProtocol: 'tcp',
ip_protocol: 'tcp',
ports: '22'
 }
   ]
}
```

Is there a way to get a version of module.params that doesn't have each 
alias listed out in this way?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a7962f3c-9127-4a0c-8711-1482b2e162a0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: vault-encrypted admin_password issues in azure_rm_virtualmachine module

[Alex Pilon]

Hey Jordan,

Thanks for the answer, and sorry for my delay. Weekend, AWX setup and other 
things got in the way of me trying this out.

Did your suggestions. The first one returned the proper value, so that's a 
good sign.
Did the second one: Worked fine as well, which confused me.
I removed the literal password string, re-configured the vault variable 
while leaving the debug task there, and tried againand it worked.

I'm thoroughly confused as to why it now works, but hey, I won't complain 
haha

Thanks for your help!

On Wednesday, March 14, 2018 at 6:46:42 PM UTC-4, Jordan Borean wrote:
>
> 2 things you can try;
>
> * Run `*- debug: var=vault_cloud_windows_admin_password*` before the task 
> and make sure the password is what you expect
> * Just write the password as a string to the module task instead of 
> sourcing from a variable
>
> The first thing tells you the correct variable is being sourced from vault 
> and is what you expect. The second thing let's you know whether there may 
> be a bug in the module as you are explicitly telling what one to use.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/dab51bd6-d7c2-4745-a33a-26d65fc9aeb7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Inventory

[Brian Coca]

- hosts: test
  tasks:
- task1
- task2
- task3
- task4
- task5

- hosts: test[0], test[1]
  tasks:
- task6
- task7
- task8

- hosts: test[-1]
  tasks:
- task9
- task10

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7eDYm0-4AQ70YHMRSVnzqdqjHeJ96-5FeLWj%2BOmeLfk5g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Inventory

[Vino B]

Hi All,

Can someone provide me an example on how to accomplish the below task,

I have 10 task, I need to execute 5 task on all the host which are under the 
group test in the inventory file and task 6-8 on first 2 servers only and the 
task 9-10 to the last server only.


Host file
[test]
Server1
Server2
Server3

From,
Vino.B

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/41e6edf1-eecf-4eda-91b0-9ccdea6040ab%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to remote to Windows using Linux

[Rachel Leonard]

Jordan,

Thank you!  They enabled and listening.  I read there could be a bug with 
TLS.  I reading more about that.  

Thank you,
Rachel 

On Monday, March 19, 2018 at 2:35:34 PM UTC-7, Jordan Borean wrote:
>
> Have you enabled the WinRM listeners and configured WinRM itself, you can 
> check by running
>
> winrm e winrm/config/listener
>
> More info on this 
> http://docs.ansible.com/ansible/devel/user_guide/windows_setup.html#winrm-setup
> .
>
> Thanks
>
> Jordan
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/155e4016-184a-4c72-aa3e-fc8efc2c3153%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Using serial strategy for playbook imported in a toplevel playbook causes entire play termination if some host is unreachable

[Marcos Alano]

I ran a playbook on batches and one host failed but just that batch stopped.

On Tue, Mar 20, 2018 at 12:55 PM, Andrey Agenosov
 wrote:
> Hello all.
> Here is a simplified example:
> - import_playbook: test_unavailable_node_different_strategy.yml
>
> - hosts: 127.0.0.1
>   connection: local
>
> # The question is would we end up here in case of imported playbook (above)
> touches unavailable host
>   tasks:
> - debug: msg="Playbook finished"Введите код...
>
>
> And the code for imported playbook:
> - hosts: all
>   # Comment the line below and everything would be fine
>   serial: 1
>
>   tasks:
> - debug: msg="{{ inventory_hostname }}"Введите код...
>
> So when I'm launching something like this
> ansible-playbook -i '127.0.0.1,10.0.0.1' use_unavailable_nodes.yml
> --ask-pass -u andreyВведите код...
> when the 10.0.0.1 host is unreachable, the entire play aborts before
> reaching the task to be performed locally (see main playbook).
>
> If you comment 'serial: 1' then the local action in the main playbook also
> would be performed.
> Why there is such behaviour? Is this a bug or I'm missing something?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3c31fa30-7b75-4fbc-9e3b-ece572980f06%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3DkcnKHqUsi7KKy4rySngqMozdxZBtY%3DYDkjhMGCJD_nMA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Absurd run_once behavior, skipping entirely if first node fails a when test

[Alex Hunt]

Thanks everyone, I think the root of the issue is finally clear.

I'd love to have a 'run_first_host_that_matches_when' keyword, though I 
understand there might be technical issues getting in the way. I think the 
most intuitive way to set the status would be to set it for all hosts that 
match the when, but that's a bit of an arbitrary thing.

The current set of keywords makes it very difficult to make reusable code. 
If we want to include roles or tasks conditionally, we simply can't use 
run_once safely. Even the "ugly-ass workarounds" mentioned above are not 
possible in some instances, since the conditions might be completely 
different depending on where it gets included.

Another alternative would be to expose the list of hosts skipped by outer 
when clauses in another variable that can be used in inner when clauses. 
Something like "ansible_not_already_skipped_hosts". I know the logic is to 
skip the task, not the host, but when using includes, it's effectively the 
same. If we haven't done any includes with when clauses, it'd be 
effectively the same as ansible_play_hosts.

If we had a variable like that, I could put something like this in the 
inner-task.yml:
- name: Inner task
  command: hostname
  when: inventory_hostname == ansible_not_already_skipped_hosts[0]
If I needed to save the result to all hosts, I could register the result 
and then follow up with a set_fact using the var from that one host.

This isn't as clean as having a 'run_first_host_that_matches_when' keyword, 
but still prevents the "ugly-ass workarounds" from being needed on EVERY 
included task.

On Tuesday, March 20, 2018 at 7:07:27 AM UTC-7, Brian Coca wrote:
>
> A couple of  clarifications, these are important when you hit the 
> corner case in which it matters: 
>
> - its not 'run on the first host in play/inventory' its 'run on the 
> first host that reaches the task' which means that hosts that fail 
> and/or are removed in previous tasks are not considered. Normally (in 
> the absence of failure) this does mean the first host in 
> play/inventory, changing to other strategies can affect this. 
>
> - it is 'mostly' equivalent to `when: inventory_hostname == 
> ansible_play_batch.0` but there is one major difference, other hosts 
> are not 'skipped', they are all given the same status/return from the 
> single execution. 
>
>
> The feature should really be named 
> 'only_first_host_tries_to_run_and_applies_status_to_rest'.  To make it 
> work as 'run_first_host_that_matches_when' would make the part of 
> applying the status to all hosts a lot more difficult to do sanely ... 
> do we set 'skipped' for the ones we skipped? do we set same status for 
> all hosts? 
>
> At this point I don't see us modifying the feature (maybe clarifying 
> docs?), but I'm open to create a new set of keywords that allows for 
> the difference in range of behaviors not already available via 
> conditional construction. 
>
> -- 
> -- 
> Brian Coca 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d8e83919-a72c-4ca4-ac5b-b5a269cdc8e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] debug output for task

[Cyberbob]

Hi team,
i have this playbook:

---
- hosts: "{{ leaf_name }}"
  gather_facts: no
  connection: local
 
  vars_prompt:

  - name: "leaf_name"
prompt: "Enter switch hostname/ip"
private: no
  - name: "vlan_id"
prompt: "Enter access vlan  for L2 ACCESS setup (example 10)"
private: no

  vars:
cli:
  username: admin
  password: password
  transport: cli

  tasks:

  - name: Checking configuration for  vlan {{ vlan_id }}
ignore_errors: true
nxos_command:
  commands: show vlan id {{ vlan_id }}
  provider: "{{ cli }}"
register: output


  - debug: var=output.stdout_lines
  - debug:
  msg="Looks like  switch {{ leaf_name }} has no vlan {{ vlan_id }}."
when: output.stdout_lines is not defined

The questions is: i want to get output if van exist and get message "Looks 
like  switch {{ leaf_name }} has no vlan {{ vlan_id }}" if it doesn't. 
What i must add to this playbook ?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fd58048b-291e-46e9-9a2f-f2724bcbcffb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] source archive succeeds however, downloading and unarchiving fails

[danish09]

Hi,


Please provide your suggestions. Kindly help me on what mistake I am doing,

ansible --version
ansible 2.4.3.0
  config file = None
  configured module search path = 
[u'/home/xx/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = 
/usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.12 (default, Dec  4 2017, 14:50:18) [GCC 5.4.0 
20160609]


cat /etc/issue
Linux Mint 18.3 Sylvia \n \l



1. First playbook below:


- name: downloading java 
  get_url:
url: https:
//download.java.net/java/GA/jdk9/9.0.4/binaries/openjdk-9.0.4_linux-x64_bin.tar.gz
dest: /usr/share/
owner: root
group: root
mode: 0644
  register: status  


- name: unarchiving java source file
  unarchive:
src: /usr/share/openjdk-9.0.4_linux-x64_bin.tar.gz
dest: /usr/share/
owner: root
group: root
mode: 0644
remote_src: no
  when: status| success

- name: changing permissions recursively
  file:
path: /usr/share/jdk-9.0.4
mode: 0755
recurse: yes



fails with below error:

<127.0.0.1> (0, '', '')
The full traceback is:
  File "/tmp/ansible_YOPdb4/ansible_module_unarchive.py", line 141, in 

from shlex import quote


fatal: [127.0.0.1]: FAILED! => {
"changed": false, 
"invocation": {
"module_args": {
"attributes": null, 
"backup": null, 
"content": null, 
"creates": null, 
"delimiter": null, 
"dest": "/usr/share/", 
"directory_mode": null, 
"exclude": [], 
"extra_opts": [], 
"follow": false, 
"force": null, 
"group": "root", 
"keep_newer": false, 
"list_files": false, 
"mode": 420, 
"original_basename": "openjdk-9.0.4_linux-x64_bin.tar.gz", 
"owner": "root", 
"regexp": null, 
"remote_src": true, 
"selevel": null, 
"serole": null, 
"setype": null, 
"seuser": null, 
"src": "/usr/share/openjdk-9.0.4_linux-x64_bin.tar.gz", 
"unsafe_writes": null, 
"validate_certs": true
}
}, 
"msg": "Failed to find handler for 
\"/usr/share/openjdk-9.0.4_linux-x64_bin.tar.gz\". Make sure the required 
command to extract the file is installed. Commands \"gtar\" and \"tar\" not 
found. Command \"unzip\" not found."
}
 to retry, use: --limit @/home/xx/gitlab/ansb-plybooks/playbook.retry
 
< PLAY RECAP >
 
\   ^__^
 \  (oo)\___
(__)\   )\/\
||w |
|| ||


127.0.0.1  : ok=3changed=1unreachable=0failed=1 
  


2. second playbook with only the same piece of unarchive module code: 
source archived file already present in the target path, succeeds



---


- name: testing the unarchive module
  hosts: all
  become: yes


  tasks:


- name: unarchiving java source file
  unarchive:
src: /usr/share/openjdk-9.0.4_linux-x64_bin.tar.gz
dest: /usr/share/
owner: root
group: root
mode: 0644

result:


changed: [127.0.0.1] => {
"changed": true, 
"dest": "/usr/share/", 
"extract_results": {
"cmd": [
"/bin/gtar", 
"--extract", 
"-C", 
"/usr/share/", 
"-z", 
"--owner=root", 
"--group=root", 
"-f", 

"/home/xxx/.ansible/tmp/ansible-tmp-1521563805.88-153511776087494/source"
], 
"err": "", 
"out": "", 
"rc": 0
}, 
"gid": 0, 
"group": "root", 
"handler": "TgzArchive", 
"invocation": {
"module_args": {
"attributes": null, 
"backup": null, 
"content": null, 
"creates": null, 
"delimiter": null, 
"dest": "/usr/share/", 
"directory_mode": null, 
"exclude": [], 
"extra_opts": [], 
"follow": false, 
"force": null, 
"group": "root", 
"keep_newer": false, 
"list_files": false, 
"mode": 420, 
"original_basename": "openjdk-9.0.4_linux-x64_bin.tar.gz", 
"owner": "root", 
"regexp": null, 
"remote_src": false, 
"selevel": null, 
"serole": null, 
"setype": null, 
"seuser": null, 
"src": 
"/home/xxx/.ansible/tmp/ansible-tmp-1521563805.88-153511776087494/source"
, 
"unsafe_writes": null, 
"validate_certs": true
}
}, 
"mode": "0755", 
"owner": "root", 
"size": 12288, 
"src": 
"/home/xx/.ansible

[ansible-project] Re: how to convert Template to VM

[Sebastien Desbois]

Sorry, I didn't understand properly.

You want to convert a template to a VM.
Can't do that with vmware_guest.

To do that, I'm using a Powercli script executed by Ansible.

Le mardi 20 mars 2018 17:13:42 UTC+1, Sebastien Desbois a écrit :
>
> Hello,
>
> It is possible.
> Seems that you are missing a few parameters
>
> Here is an example of task that can work: (the 
>   tasks:
>- name: Create VM from template
>  vmware_guest:
>hostname: "{{vcenter_IP}}"
>username: "{{vcenter_user}}"
>password: "{{vcenter_pass}}"
>validate_certs: no
>datacenter: "{{vcenter_datacenter}}"
>cluster: "{{vcenter_cluster}}"
>resource_pool: "{{ vcenter_resource_pool }}"
>folder: "{{folder}}"
>name: "{{hostname}}"
>state: poweredoff
>template: "{{template}}"
>hardware:
>  memory_mb: "{{ram}}"
>  num_cpus: "{{vcpu}}"
>
>
> What are the error messages you have ?
>
>
> Le dimanche 18 mars 2018 11:48:25 UTC+1, olivier pouilly a écrit :
>>
>> Hi all,
>>
>> I tried to convert my template to a VM.
>> I created a playbook to do that but when I play the playbook it, It don't 
>> work:
>>
>> - hosts: all
>>   gather_facts: false
>>   connection: local
>>   tasks:
>>   - name: Create a VM template
>> vmware_guest: hostname=192.168.0.1 username=usernme password=password 
>> validate_certs=no datacenter='Datacenter' esxi_hostname='esx' name='VM' 
>> is_template=no
>>
>> I wonder if this is possible. Do you have any idea ?
>>
>> Best regards,
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4a48edfc-85b2-4456-8863-428abe63dcaf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: how to convert Template to VM

[Sebastien Desbois]

Hello,

It is possible.
Seems that you are missing a few parameters

Here is an example of task that can work: (the 
  tasks:
   - name: Create VM from template
 vmware_guest:
   hostname: "{{vcenter_IP}}"
   username: "{{vcenter_user}}"
   password: "{{vcenter_pass}}"
   validate_certs: no
   datacenter: "{{vcenter_datacenter}}"
   cluster: "{{vcenter_cluster}}"
   resource_pool: "{{ vcenter_resource_pool }}"
   folder: "{{folder}}"
   name: "{{hostname}}"
   state: poweredoff
   template: "{{template}}"
   hardware:
 memory_mb: "{{ram}}"
 num_cpus: "{{vcpu}}"


What are the error messages you have ?


Le dimanche 18 mars 2018 11:48:25 UTC+1, olivier pouilly a écrit :
>
> Hi all,
>
> I tried to convert my template to a VM.
> I created a playbook to do that but when I play the playbook it, It don't 
> work:
>
> - hosts: all
>   gather_facts: false
>   connection: local
>   tasks:
>   - name: Create a VM template
> vmware_guest: hostname=192.168.0.1 username=usernme password=password 
> validate_certs=no datacenter='Datacenter' esxi_hostname='esx' name='VM' 
> is_template=no
>
> I wonder if this is possible. Do you have any idea ?
>
> Best regards,
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e8b7d832-9dfa-441a-b535-d9a576d483b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Using serial strategy for playbook imported in a toplevel playbook causes entire play termination if some host is unreachable

[Andrey Agenosov]

Hello all.
Here is a simplified example:
- import_playbook: test_unavailable_node_different_strategy.yml

- hosts: 127.0.0.1
  connection: local

# The question is would we end up here in case of imported playbook (above) 
touches unavailable host
  tasks:
- debug: msg="Playbook finished"Введите код...


And the code for imported playbook:
- hosts: all
  # Comment the line below and everything would be fine
  serial: 1

  tasks:
- debug: msg="{{ inventory_hostname }}"Введите код...

So when I'm launching something like this
ansible-playbook -i '127.0.0.1,10.0.0.1' use_unavailable_nodes.yml --ask-
pass -u andreyВведите код...
when the 10.0.0.1 host is unreachable, the entire play aborts before 
reaching the task to be performed locally (see main playbook).

If you comment *'serial: 1'* then the local action in the main playbook 
also would be performed.
Why there is such behaviour? Is this a bug or I'm missing something?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3c31fa30-7b75-4fbc-9e3b-ece572980f06%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Pass output variable of one role as an input to another role

[Ukesh Kumar Vasudevan]

Hi,

I am having the below ansible script.

While executing the script, I am getting error in the role 'install-packages'. 
The error is,

"msg": "The task includes an option with an undefined variable. The error 
was: {{ ip }}: 'ip' is undefined.

It is looking for 'ip' variable inside the role 'install-packages',

Please provide your feedback..

---

# Create an EC2 instance

- name: Create EC2 Instance
  hosts: "local"
  connection: "local"
  roles:
- ec2-provision

- name: set_facts
  hosts: local
  tasks:
- set_fact:
ip: "{{ ec2.instances[0].private_ip }}"
- debug:
var: ip

- name: Install packages
  hosts: new_vms
  gather_facts: yes
  vars: 
ip_addrs: "{{ ip }}"
  roles:
   - install-packages


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cacd0e6e-f54c-450e-9892-227492d728a7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] setting environment variables

[danish09]

Thank you for responding to me. I am stuck now at some silly mistake of 
mine in that playbook. I will come back to your suggestion as soon as I 
correct the error.

Thanks for your advise again.

On Tuesday, 20 March 2018 13:31:36 UTC, Brian Coca wrote:
>
> as you have it there, the `environment` keyword ONLY affects the 
> get_url task, I would add it to the include so all included tasks 
> inherit it or put all tasks in install_java in a block that has the 
> environment keyword attached to it. 
>
>
>
> -- 
> -- 
> Brian Coca 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b9198407-46bf-4cce-9068-ba8827c02b9c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Absurd run_once behavior, skipping entirely if first node fails a when test

[Brian Coca]

A couple of  clarifications, these are important when you hit the
corner case in which it matters:

- its not 'run on the first host in play/inventory' its 'run on the
first host that reaches the task' which means that hosts that fail
and/or are removed in previous tasks are not considered. Normally (in
the absence of failure) this does mean the first host in
play/inventory, changing to other strategies can affect this.

- it is 'mostly' equivalent to `when: inventory_hostname ==
ansible_play_batch.0` but there is one major difference, other hosts
are not 'skipped', they are all given the same status/return from the
single execution.


The feature should really be named
'only_first_host_tries_to_run_and_applies_status_to_rest'.  To make it
work as 'run_first_host_that_matches_when' would make the part of
applying the status to all hosts a lot more difficult to do sanely ...
do we set 'skipped' for the ones we skipped? do we set same status for
all hosts?

At this point I don't see us modifying the feature (maybe clarifying
docs?), but I'm open to create a new set of keywords that allows for
the difference in range of behaviors not already available via
conditional construction.

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7e2HFYBmMjiXTU83gO0N-XErCQAGVy2cz3dMHtgsWY9HQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Absurd run_once behavior, skipping entirely if first node fails a when test

[Josh Smift]

Yep, your suggestions there are the kind of things I had in mind with the 
phrase "ugly-ass workaround". :^) (They're task-level, and can't be applied 
to the inclusion of the role in the playbook; they require baking logic 
about the way you manage colors into the role; etc.)

`run_once: true` is effectively the same as adding `when: 
> inventory_hostname == ansible_play_batch.0` to the task .
>

This is a very clear and concise way to put it, and highlights exactly how 
run_once works, and why it doesn't mean "run this task once", but "run this 
task on the first host in the list of hosts in the play, not the first host 
that you're actually running tasks on". It's not a guarantee that a task 
will run once, it's an alias for a common `when` pattern.

I'm juggling too many other things to want to put in a documentation PR 
right now, but if anyone else does, I think this would be useful to 
clarify. In particular, where the docs say

When “run_once” is not used with “delegate_to” it will execute on the first 
> host, as defined by inventory, in the group(s) of hosts targeted by the 
> play - e.g. webservers[0] if the play targeted “hosts: webservers”. 

 

This approach is similar to applying a conditional to a task

 
I think it'd be clearer if this said something about how it *always* 
executes in the context of the first host, as defined by inventory, in the 
group(s) of hosts targeted by the play -- the delegate_to part doesn't 
change that, it just changes which host actually runs the task -- and that 
this isn't just "similar" to applying a conditional to a task, it's 
*identical* to supplying a conditional to a task, and that in particular, 
this condition is logical-AND-ed with any other conditions on the task, 
such that if the task has conditions that cause it to get skipped on the 
first host in inventory, this condition will cause it to get skipped on all 
the other hosts as well.

On Tuesday, March 20, 2018 at 1:13:58 AM UTC-4, flowerysong wrote:
>
> On Monday, March 19, 2018 at 9:42:58 PM UTC-4, Josh Smift wrote:
>>
>> My use case involved roles. I had something like
>>
>> - hosts: web:app:db
>>   roles:
>> - role: myrole
>>   when: color == "blue"
>>
>> In the role, there was a task that ran on localhost (via delegate_to), 
>> but only once (via run_once) for the whole batch of hosts.
>>
>> Everything worked fine, except that if the first host in inventory 
>> happened not to be blue, the run_once caused the localhost task to be 
>> skipped. The order of the hosts in inventory was completely arbitrary -- 
>> these were EC2 instances at AWS.
>>
>> The eventual workaround was to add the `when` to every single task in the 
>> role *except* the run_once one, which made both the playbook and the role 
>> less readable.
>>
>
> Disregarding the implementation details, `run_once: true` is effectively 
> the same as adding `when: inventory_hostname == ansible_play_batch.0` to 
> the task . As I said before, if that's not what you want you should instead 
> write a conditional that expresses your actual intent.
>
> Here's one approach:
>
> - group_by:
> key: color_{{ color | default('octarine') }}
> 
> - name: Run on localhost once
>   delegate_to: localhost
>   debug:
> msg: His pills, his hands, his jeans
>   when: inventory_hostname == groups.color_blue.0
>
> Or you might opt for something like this, which is overly clever and 
> requires a very recent version of Jinja:
>
> - name: Run on localhost once
>   delegate_to: localhost
>   debug:
> msg: Suddenly I was a lilac sky
>   vars:
> first_host: "{{ ansible_play_hosts | map('extract', hostvars) | 
> selectattr('color', 'defined') | selectattr('color', 'equalto', 'blue') | 
> first }}"
>   when: inventory_hostname == first_host.inventory_hostname
>
> Or you might restructure the playbook so it only runs the role on blue 
> hosts and doesn't need a separate conditional, and use `run_once` on the 
> task. The best approach depends on personal taste and other decisions made 
> in writing the playbook and setting up your Ansible environment.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5442ecce-dd03-46fa-9903-08b4240617d6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] setting environment variables

[Brian Coca]

as you have it there, the `environment` keyword ONLY affects the
get_url task, I would add it to the include so all included tasks
inherit it or put all tasks in install_java in a block that has the
environment keyword attached to it.



-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7f43fn1gavbXEmPUvRMSoMQd7aGJ%2Bz%2BCzOO5bgLYSukwA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: running a command & remotely

[Mike Klebolt]

Sounds like you may want to use async “fire and forget” by specifying a 
poll value of 0.
http://docs.ansible.com/ansible/latest/playbooks_async.html

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7ecaacd8-37e4-404a-9357-ee42b8ec436f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] running a command & remotely

[Brian Coca]

use nohup to detach the tty.

In any case, it is not a good way to start backgrounded services, it
is much better to use the init system or some other service control
software on the target.

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7fPExxs2g3VvdR85iTjvV%2B9%3D7Y5jBG4udzsxbEjY-eo4w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Starting AppDynamics with play

[Patrick Hunt]

Good idea Kai, thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0351c16e-5e86-439e-b212-7f51f7f3b93e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] running a command & remotely

[Abhijit Chakraborty]

Hi all,
  I am running a command using the command module. This is how
it is

*- name: start*
*command: /opt/eate/bin/script.pl  >/dev/null &*

Now the problem is , after running the command, its not able to come out
and i have to manually abort the playbook to come out of the execution.

How can i handle this so that after trigerring the command successfully  ,
it exits properly ?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFybtmOg9j_y-bMsFFSQ9JnUcw5rY_7WPAa%3D79irzQmhAbffvw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] setting environment variables

[danish09]

Hi,

I know the solution to this topic has been posted many times and I have 
tried searching through google and other forums including the ansible docs 
but unfortunately, nothing seems to be working for me. Please provide your 
feedback and help me with the solution. Also please let me know if you need 
any further information.

I am trying to create a playbook to download and install jenkins from a war 
file and so installing java from the source file as a pre-requisite.

I check for the presence of Java and if not found, go on to download and 
install java from source and then registering the env variable JAVA_HOME 
and adding the java binary onto my PATH. However, the environment variable 
part is frustratingly not working for me.

I initially started out with using the shell module to source /etc/profile 
using /bin/bash, but that didnt work. Read more and found out about 
environment keyword. As part of my playbook, I create a user jenkins_user 
and then download the jenkins war file and try to run with the above 
defined env variables.  unfortunately, it is not working. However, I am not 
sure I am doing this the correct way as I keep getting failures and the 
latest is that 'java' cannot be found by newly created jenkins_user.

Pasted below is all my code.

playbook.yaml


---
- hosts: all
  become: yes
  tasks:
- name: Do I need to install java
  shell: java --version
  register: result
  ignore_errors: True


- include: tasks/install_java.yaml
  when: result|failed



install_java.yaml



- name: Installing java and setting environment variables
  
  environment: 
JAVA_HOME: /usr/share/jdk-9.0.4/
PATH: $PATH:/usr/share/jdk-9.0.4/bin/


  get_url:
url: https:
//download.java.net/java/GA/jdk9/9.0.4/binaries/openjdk-9.0.4_linux-x64_bin.tar.gz
dest: /usr/share/
owner: root
group: root
mode: 0644  
 
- name: unarchiving java source file
  unarchive:
src: /usr/share/openjdk-9.0.4_linux-x64_bin.tar.gz
dest: /usr/share/
owner: root
group: root
mode: 0644


- name: changing permissions recursively
  file:
path: /usr/share/jdk-9.0.4
state: directory
mode: 0755
recurse: yes


- name: setting the environment
  blockinfile:
backup: yes
dest: /etc/profile.d/env.sh
block: |
  JAVA_HOME=/usr/share/jdk-9.0.4/
  PATH=$PATH:/usr/share/jdk-9.0.4/bin/
insertafter: EOF



- name: creating jenkins user
  
  user: 
name: jenkinsuser
  register: creation


- include: tasks/install_jenkins.yaml
  when: creation|success

>
>
install_jenkins.yaml



 
- name: downloading latest jenkins war-stable
  get_url:
url: http://mirrors.jenkins.io/war-stable/latest/jenkins.war
dest: /home/jenkinsuser
owner: jenkinsuser
group: jenkinsuser
mode: 0755


- name: starting jenkins war-stable
  shell: java -jar /home/jenkinsuser/jenkins.war
  args:
executable: /bin/bash

>
>  

Thanks

Danish 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9e2565e2-a95b-4c10-970c-e632e86766e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Jumphost + Ansible

[Luke Baldan]

Hi,

I've started my ansible journey and i am impressed so far.

A function i am hoping to utilise is the ability to connect via a 
jump/bastion host in order to get to my devices i wish to run commands on.
The issue is that in order to get to a device i want ansible to run 
commands on, i need to do the following:


*ssh into server1 issue command 'connect device1'*
*device1 command prompt appears ready for input*

The documentation i have read seems to only cater for this type of 
arrangement:

*ssh into server1 *
*ssh into device1 *
*device1 command prompt appears ready for input*

Does anyone have any tips on how to achieve the above behaviour?

Thanks. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f1660976-cae1-4abe-8bf8-5ec18a21bdc7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.