Re: [ansible-project] Inventory folder structure verification

[Albert Autin]

The behavior is the same if I specify -i ec2.py. I like to specify
inventory manually instead of making it a global setting. Are you saying
the yml should call the python script?

On Thu, Dec 13, 2018 at 10:07 PM Tony Chia  wrote:

>
>
> That is expected.
>
> If you don’t specify -i how the ansible-playbook know you want to run
> against production or staging or test env ?
>
> You could probably set some defaults using the inventory  setting under
> defaults section in ansible.cfg. For example
>
> https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg
>
> I would probably organize all the inventories in one folder by moving the
> production, staging and test folder under an inventory folder
>
> Then you should be able to run
> Ansible-playbook -i inventory/production my-play.yml and pick up the
> grou_vars and host_vars
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3e83bf7b-346e-424f-9612-2b99593e603c%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAODYyWC%3DWjHVBC160MAXwP0kd%3DZCXKtiJL_avTbpqGCVpnkOcg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] AWS Dynamic Inventory ec2.py cache doesn't work?

[Tony Chia]

You can probably reduce some time by setting the region that expect your 
resource to be in and one or note tags in the ex2.ini file 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7ec3fb54-a165-4dc8-8830-209157dfad4a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Inventory folder structure verification

[Tony Chia]

That is expected. 

If you don’t specify -i how the ansible-playbook know you want to run against 
production or staging or test env ? 

You could probably set some defaults using the inventory  setting under 
defaults section in ansible.cfg. For example 
https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg

I would probably organize all the inventories in one folder by moving the 
production, staging and test folder under an inventory folder 

Then you should be able to run 
Ansible-playbook -i inventory/production my-play.yml and pick up the grou_vars 
and host_vars

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3e83bf7b-346e-424f-9612-2b99593e603c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Become root using become_exe such as sesu

[Mitch Resch]

Hi,

I'm working on a job template in Tower that needs to be run as root. On our 
target hosts, we have it setup so you must use the command "sesu" to become 
root. Currently, I'm using become_exe in the ansible.cfg file to specify 
the sesu command. This works when password-less sesu is enabled.  However, 
when password entry is required for sesu, the job times out with the error: 
"Timeout (32s) waiting for privilege escalation prompt." Some of our 
servers have password-less entry on, while other don't. Another detail: I'm 
running the job using a user ID as the machine credential (the user is 
capable of sesu-ing to root).

If there are any suggestions how to get around this error, or if anyone has 
implemented this in a different way, please let me know.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ef222022-9dc8-422c-bee5-ddf0597305dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible 2.5.14, 2.6.11, and 2.7.5 are available

[Toshio Kuratomi]

Hi all,

Ansible 2.5.14, 2.6.11, and 2.7.5 were released today. These releases
include a fix for a reported security vulnerability, CVE-2018-16876
https://bugzilla.redhat.com/show_bug.cgi?id=1657330 as well as other
general bugfixes.

CVE-2018-16876 prevented Ansible from respecting the no_log task
setting for ssh output when verbosity was high and Ansible had to
retry the ssh connection.

The new releases are available via the usual installation methods on
PyPI, https://releases.ansible.com/ansible/, and on GitHub. Detailed
installation instructions are available at
https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html.

The next releases for the 2.6 and 2.7 series are expected in January,
after the winter holiday season is over.  2.5 will only release for
security updates.

Changelog links for each release and tarball SHAs from releases.ansible.com:
- 2.7.5
  URL: https://releases.ansible.com/ansible/ansible-2.7.5.tar.gz
  Changelog: 
https://github.com/ansible/ansible/blob/v2.7.5/changelogs/CHANGELOG-v2.7.rst
  SHA256: aaf9e1974bd12840ca055ac156f37601c08d73d726a3a6b98a2fe759a57051bb
 ansible-2.7.5.tar.gz

- 2.6.11
  URL: https://releases.ansible.com/ansible/ansible-2.6.11.tar.gz
  Changelog: 
https://github.com/ansible/ansible/blob/v2.6.11/changelogs/CHANGELOG-v2.6.rst
  SHA256: 2cc41e51a70a0e37d7db29e2f16af137bf548c3372fec4f7b48cc0575da55e32
 ansible-2.6.11.tar.gz

- 2.5.14
  URL: https://releases.ansible.com/ansible/ansible-2.5.14.tar.gz
  Changelog: 
https://github.com/ansible/ansible/blob/v2.5.14/changelogs/CHANGELOG-v2.5.rst
  SHA256: 695ac8ebce0be57062924ff90f4b98cd61caa99cd21cdb10a964e3320524a069
 ansible-2.5.14.tar.gz


-Toshio Kuratomi (@abadger1999)

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPrnkaRZseeAEfxFT8MegMEMuOsooSZWFWArO1XsTiGpuunr0w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] AWS Dynamic Inventory ec2.py cache doesn't work?

[Albert Autin]

Every time I run this plugin, it takes at least a minute to get anything 
back. Each time it is execute I can see a new cache being built inside 
~/.ansible/tmp. Has anyone else had this problem?

$ time ./ec2.py --refresh-cache > /dev/null 

   


real1m30.124s

user0m3.784s

sys 0m0.357s

$ time ./ec2.py --list > /dev/null  

   


real1m17.029s

user0m3.692s

sys 0m0.334s


$ time ./ec2.py --list > /dev/null


real1m36.347s

user0m3.783s

sys 0m0.381s


$ env|grep INI

EC2_INI_PATH=/etc/ansible/ec2.ini


$ egrep 'cache_path|cache_max_age' $EC2_INI_PATH

cache_path = ~/.ansible/tmp

cache_max_age = 3000



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1ada15c7-b81d-47ae-b0ef-fdbcdba8c7eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] using regex in replace module

[Dick Visser]

On Thu, 13 Dec 2018 at 17:42, danish09  wrote:
>
> amazing. thanks a lot. tried it just now and it did the magic. However, tried 
> to give it a little thought. I am assuming 1 is for the expression with in 
> the first bracket (). But since it is an OR '|', how does it know which word 
> needs to be replaced with what and in which line. I mean could it not be 
> possible that the words are replaced as privkey3.pem in the first line and 
> cert3.pem in the second line., the other way round.

No. The pipe (OR) means it can match cert.cruk.org.something or
privkey.cruk.org.something.
Because of the parentheses around it, it can be used later on in the
replacement, this is called backreferencing.
And because it's the first match, it will normally be referenced in
the replacement string by '\1'.
However, because you need a number directly after that, this would
mean '\13` - which is interpreted as the 13th match and will fail.
We therefore have to use a numbered group to reference it, which is the '\g<1>'.
The second pair of parentheses also has an OR, meaning that the
extension can either be 'key.pem', or just 'crt'.
Your example doesn't require using that in the replacement later on,
so there is no '\2' or anything.

Dick


>
> Hope I am clear
>
> Thanks
>
> Danish
> On Thursday, 13 December 2018 11:43:42 UTC, Dick Visser wrote:
>>
>> This should do it:
>>
>> - name: backup conf file and search and replace regex
>>   replace:
>> path: /etc/nginx/sites-available/cruk-eb
>> regexp: '(privkey|cert)\.cruk\.org\.(key\.pem|crt)'
>> replace: '\g<1>3.pem'
>> backup: yes
>>
>> Dick
>>
>> On Thu, 13 Dec 2018 at 11:23, danish09  wrote:
>> >
>> > Hey there,
>> >
>> > I am using ansible 2.6.4. In on the projects I was working on, I had to 
>> > search for 2 different words in the same file and replace them as 
>> > necessary. Used replace module 2 times for this. Below is the playbook 
>> > that I have used.
>> >
>> > - name: backup conf file and search and replace regex
>> >   replace:
>> > path: /etc/nginx/sites-available/cruk-eb
>> > regexp: 'cert\.cruk\.org\.crt'
>> > replace: 'cert3.pem'
>> > backup: yes
>> >
>> > - name: backup conf file and search and replace regex again
>> >   replace:
>> > path: /etc/nginx/sites-available/cruk-eb
>> > regexp: 'privkey\.cruk\.org\.key\.pem'
>> > replace: 'privkey3.pem'
>> > backup: yes
>> >
>> >
>> > Is there a way that I can search and replace 2 words in one task/play
>> >
>> >
>> > Pleas let me know if there is any other information that you need. And 
>> > apologies if I have missed out anything.
>> >
>> >
>> > Thanks
>> >
>> > Danish.
>> >
>> >
>> >
>> >
>> >
>> > --
>> > You received this message because you are subscribed to the Google Groups 
>> > "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an 
>> > email to ansible-proje...@googlegroups.com.
>> > To post to this group, send email to ansible...@googlegroups.com.
>> > To view this discussion on the web visit 
>> > https://groups.google.com/d/msgid/ansible-project/157209d1-ad23-4f62-ab98-bf5a373227da%40googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>>
>>
>>
>> --
>> Dick Visser
>> Trust & Identity Service Operations Manager
>> GÉANT
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/0db22ad8-6dae-4442-b033-d77b7ef7abdb%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwPkPpHSre6v%2B-oWTWSjkZdU0SkNt-DdhSdy2u-Cm3PiUA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] how can pass nohup log print to target server for jar/java process using playbook?

[oxido A]

I think that you can send the output into a file and then you can read it
,,,


*nohup*. *nohup* is a POSIX *command* to ignore the HUP (hangup) signal.
The HUP signal is, by convention, the way a terminal warns dependent
processes of logout. Output that would normally go to the terminal goes to
a file called *nohup*.out if it has not already been redirected.

regards!

El mié., 12 dic. 2018 a las 22:38, Dick Visser ()
escribió:

> What does your playbook look like?
> And what do you mean by “printing nohup log”? Is it something java
> specific?
>
> Dick
>
> On Wed, 12 Dec 2018 at 00:57, 4Register Tony 
> wrote:
>
>> when i was trying to pass nohup command via playbook, the target servers
>> would not print nohup log. is here any tips to solve it? thanks in advance.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/bfce13c9-6f64-4454-bc13-e980497f5c57%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
> --
> Sent from a mobile device - please excuse the brevity, spelling and
> punctuation.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwOeQYvtZMB2urF80UXTkJfhZHUvXzh9aY%2Bqf3XCNkyX8g%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>


-- 

 _ _
 // \\
/'   `\
   /,' ..-.. `.\
  /,'   .'' ``.   `.\
 /,'   :   .---.   :   `.\
I I   :  .'\   /`.  :   I I
I b__:   . .`~'. .   :__d I
I p~~:   . `._.' .   :~~q I
I I   :   ./   \.   :   I I
 \`.   :   `---'   :   ,'/
  \`.   `.. ..'   ,'/
   \`. ``~'' ,'/
\`   '/
 \\ //
  ~ ~

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CABoYg3ViCFg0kL5ake8_SHrdc%2ByiK0Wg2nN05SE8WH%2B80kZz4A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] using regex in replace module

[danish09]

amazing. thanks a lot. tried it just now and it did the magic. However, 
tried to give it a little thought. I am assuming 1 is for the expression 
with in the first bracket (). But since it is an OR '|', how does it know 
which word needs to be replaced with what and in which line. I mean could 
it not be possible that the words are replaced as privkey3.pem in the first 
line and cert3.pem in the second line., the other way round.

Hope I am clear

Thanks

Danish
On Thursday, 13 December 2018 11:43:42 UTC, Dick Visser wrote:
>
> This should do it: 
>
> - name: backup conf file and search and replace regex 
>   replace: 
> path: /etc/nginx/sites-available/cruk-eb 
> regexp: '(privkey|cert)\.cruk\.org\.(key\.pem|crt)' 
> replace: '\g<1>3.pem' 
> backup: yes 
>
> Dick 
>
> On Thu, 13 Dec 2018 at 11:23, danish09  > wrote: 
> > 
> > Hey there, 
> > 
> > I am using ansible 2.6.4. In on the projects I was working on, I had to 
> search for 2 different words in the same file and replace them as 
> necessary. Used replace module 2 times for this. Below is the playbook that 
> I have used. 
> > 
> > - name: backup conf file and search and replace regex 
> >   replace: 
> > path: /etc/nginx/sites-available/cruk-eb 
> > regexp: 'cert\.cruk\.org\.crt' 
> > replace: 'cert3.pem' 
> > backup: yes 
> > 
> > - name: backup conf file and search and replace regex again 
> >   replace: 
> > path: /etc/nginx/sites-available/cruk-eb 
> > regexp: 'privkey\.cruk\.org\.key\.pem' 
> > replace: 'privkey3.pem' 
> > backup: yes 
> > 
> > 
> > Is there a way that I can search and replace 2 words in one task/play 
> > 
> > 
> > Pleas let me know if there is any other information that you need. And 
> apologies if I have missed out anything. 
> > 
> > 
> > Thanks 
> > 
> > Danish. 
> > 
> > 
> > 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible-proje...@googlegroups.com . 
> > To post to this group, send email to ansible...@googlegroups.com 
> . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/157209d1-ad23-4f62-ab98-bf5a373227da%40googlegroups.com.
>  
>
> > For more options, visit https://groups.google.com/d/optout. 
>
>
>
> -- 
> Dick Visser 
> Trust & Identity Service Operations Manager 
> GÉANT 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0db22ad8-6dae-4442-b033-d77b7ef7abdb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: HELP: Problem with 'become' and pbrun

[Nitin Thakur]

Even I have issues running ansible with powerbroker.
Can you please advise?

The output from ansible server  is
TRUNCATED**
 ESTABLISH SSH CONNECTION FOR USER: ithakur
 SSH: EXEC sshpass -d14 ssh -C -o 
ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 
User=ithakur -o ConnectTimeout=10 -o 
ControlPath=/home/ithakur/.ansible/cp/f7a7b94991 bonnie.corp.toronto.ca 
'/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853 `" && 
echo ansible-tmp-1544716066.76-279050599284853="` echo 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853 `" ) 
&& sleep 0'"'"''
 (0, 
'ansible-tmp-1544716066.76-279050599284853=/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853\n',
 
'')
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
 PUT 
/home/ithakur/.ansible/tmp/ansible-local-99556TgIARg/tmpq1ZjQE TO 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/command.py
 SSH: EXEC sshpass -d14 sftp -o BatchMode=no -b - 
-C -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no 
-o User=ithakur -o ConnectTimeout=10 -o 
ControlPath=/home/ithakur/.ansible/cp/f7a7b94991 '[bonnie.corp.toronto.ca]'
 (0, 'sftp> put 
/home/ithakur/.ansible/tmp/ansible-local-99556TgIARg/tmpq1ZjQE 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/command.py\n',
 
'')
 ESTABLISH SSH CONNECTION FOR USER: ithakur
 SSH: EXEC sshpass -d14 ssh -C -o 
ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 
User=ithakur -o ConnectTimeout=10 -o 
ControlPath=/home/ithakur/.ansible/cp/f7a7b94991 bonnie.corp.toronto.ca 
'/bin/sh -c '"'"'chmod u+x 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/ 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/command.py 
&& sleep 0'"'"''
 (0, '', '')
 ESTABLISH SSH CONNECTION FOR USER: ithakur
 SSH: EXEC sshpass -d14 ssh -C -o 
ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 
User=ithakur -o ConnectTimeout=10 -o 
ControlPath=/home/ithakur/.ansible/cp/f7a7b94991 -tt bonnie.corp.toronto.ca 
'/bin/sh -c '"'"'pbrun  -u root '"'"'"'"'"'"'"'"'echo 
BECOME-SUCCESS-mqwghadmolrcjovmnwvtcsmcbeorgfzs; /usr/bin/python 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/command.py'"'"'"'"'"'"'"'"'
 
&& sleep 0'"'"''
 (127, 'Command rejected !\r\n\r\nYou can run the 
following commands on bonnie.corp.toronto.ca :\r\npbrun su -\r\npbrun 
gentok username token /MM/DD /MM/DD server1 server2 
...\r\n\r\npbrun9.4.3-18[119443]: If you need further help, please contact 
SysAdmin!\r\n', 'Shared connection to bonnie.corp.toronto.ca closed.\r\n')
 ESTABLISH SSH CONNECTION FOR USER: ithakur
 SSH: EXEC sshpass -d14 ssh -C -o 
ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 
User=ithakur -o ConnectTimeout=10 -o 
ControlPath=/home/ithakur/.ansible/cp/f7a7b94991 bonnie.corp.toronto.ca 
'/bin/sh -c '"'"'rm -f -r 
/home/ithakur/.ansible/tmp/ansible-tmp-1544716066.76-279050599284853/ > 
/dev/null 2>&1 && sleep 0'"'"''
 (0, '', '')
fatal: [bonnie.corp.toronto.ca]: FAILED! => {
"changed": false, 
"module_stderr": "Shared connection to bonnie.corp.toronto.ca 
closed.\r\n", 

#
tHE POWER BROKER CONF FILE IS 
AnsibleUsers = {"ansible", "ithakur"}; AnsibleCommands = {"/bin/sh" , 
"/usr/bin/python"};

if ( user in AnsibleUsers && command in AnsibleCommands ) {
if ( ( runargv[1] == "-c" && runargv[2] == "echo" ) || ( 
glob("~/.ansible/tmp/ansible-tmp-*/command.py", runargv[1]) == 0 ) ) {
runuser = "root";
rungroup = "!g!";
rungroups = {"!G!"};
runcommand = command;
#runcommand = basename(command);
#setenv("PATH", "/sbin:/bin:/usr/bin:/usr/local/bin:/usr/sbin");
#iolog = logmktemp("/tmp/" + user + "/pb." + user + "." + command + 
"."+ strftime("%m-%d-%y.%H-%M-%S")+ ".XX");
#print("This request will be logged in:", iolog);
accept;
}
}

cAN YOU ADVISE WHY IT FAILS.
THERE IS A GLOBAL POLICY WHER I HAVE pbrun su - 
On Friday, April 1, 2016 at 7:18:16 PM UTC-4, phillip@gmail.com wrote:
>
> I'm relatively experienced with Ansible 1.3, but just now trying to bring 
> Ansible 2.0 for the first time in a new project (and hoping to displace 
> chef). I Have round 1k servers to manage that use pbrun, but others 
> installed and control pbrun,
> I have traditional sudo in a few of these hosts as well, but pbrun is the 
> preferred privilege elevation method
>
> I use all ssh-config auth in the following example.
>
> HELP - I really need to figure this out, as ansible will be mostly useless 
> to me unless I can reliably use it with pbrun
>
>  $ ansible all -i myhosts -o -m shell -a 'uptime' -b --become-method pbrun
> c00413.mydom.com | FAILED! => {"changed": false, "failed": true, 
> "module_stderr": "", "module_stdout": "/bin

[ansible-project] Re: expect "Press enter to continue"

[Abhishek Yadav]

Hi Stefano, 
I'm too working with the expect module for automating bmc shell upgrade for 
which I need to telnet to a machine and then login into its bmc shell 
followed by some commands.
The problem I'm facing is while logging into the its bmc shell I need to 
enter user and password followed by 2 enters. The 1st enter returns blank 
and then 2nd enter gives the console prompt of the bmc shell.
Can you suggest me something for this case.
Thanks in advance

-Thanks and Regards
 Abhishek Yadav

On Monday, November 20, 2017 at 3:33:33 PM UTC+5:30, 
stefano...@nap-anywhere.com wrote:
>
> Here the code to make the CLI configuration:
>
> *  - name: Launch the CLI first time*
> *expect:*
> *  command: telnet 0 2200*
> *  responses:*
> *login: "user"*
> *Password: "passwd"*
> *Press any key to continue\.: ""*
> *Enable Secure Backup mode.*: "n"*
> *Enable Common Criteria Compatibility mode.*: "n"*
> *Please enter new password.*: "new_password!"*
> *Please re-enter new password to confirm.*: "new_password!"*
> *idg#:*
> *  - configure terminal*
> *  - exit*
> *idg\(config\)#:*
> *  - web-mgmt*
> *  - write memory*
> *  - "exit"*
> *idg\(config web-mgmt\)#:*
> *  - "admin-state enabled"*
> *  - "local-address  "*
> *  - "exit"*
> *register: result*
> *failed_when: result.rc > 1*
> *tags:*
> *   - cli*
> this code perform these actions:
>
> 1)Access the cli with telnet 0 2200
> 2)insert default username and password
> 3)Press enter
> 4)Answer No to a couple of questions
> 5)add new password and confirm it again
> 6) then start with configuration:
>
>
>- configure terminal
>- web-mgmt
>- admin-state enabled
>- local-address host port
>- exit
>- write memory
>- exit
>
> A tag "cli" is added in case to run only the last step, indeed this is the 
> last step of a larger playbook
>
> Hoping to help someone.
>
> Regards
>
> On Wednesday, 15 November 2017 15:07:58 UTC+1, stefano...@nap-anywhere.com 
> wrote:
>>
>> HI
>>
>> I created an ansble role which install on the target hosts IBM api 
>> connect gateways software and enable the service.
>> I would improve this role adding configuration steps.
>>
>> After the installation the APIC gateways need to be configured accessing 
>> to a dedicated command line interface, the first access is made of the 
>> following steps:
>>
>> $ telnet 0 2200  *//command to launch to access the CLI*
>> Trying 0.0.0.0...
>> Connected to 0.
>> Escape character is '^]'.
>> stefano2.prv
>> Unauthorized access prohibited.
>>
>> login: user  *//here i need to write the username*
>> Password: *  *// as well as the password*
>>
>> 
>> ATTENTION: Use care when making your selections for operational
>> modes. If you select an incorrect mode for your environment,
>> the only way to change an operational mode is to reinitialize
>> the appliance.
>>
>> Press any key to continue.
>> 
>>
>> I'm stuck here, i tried to add these lines:
>>
>>  * - name: Launch the CLI first time*
>> *expect:*
>> *  command: telnet 0 2200*
>> *  responses:*
>> *Question:*
>> *  login: "user"*
>> *  Password: "password"*
>> *  Press any key to continue.: /bin/bash -c "echo"*
>>
>> Every time i try to run the role i gt this error at the end:
>>
>> *TASK [Launch the CLI first time] 
>> *
>> *fatal: [stefano3]: FAILED! => {"changed": false, "failed": true, "msg": 
>> "The pexpect python module is required"}*
>> *fatal: [stefano2]: FAILED! => {"changed": false, "failed": true, "msg": 
>> "The pexpect python module is required"}*
>> *to retry, use: --limit @/etc/ansible/api_gateways/apigw.retry*
>>
>> Could you help me? 
>> How can i answer to the "Press any key to continue"? 
>>
>> Or maybe there are further errors i did not get in the previous steps.
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3f7d04a0-c4a7-48bc-a317-3d08b6660e8c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] High memory usage when running multiple ansible playbooks on localhost

[Jonathan Lozada De La Matta]

tou ahould check out AWX

On Thu, Dec 13, 2018 at 12:19 AM pradeep.hk  wrote:

> Got it. Thanks for your time.
> My requirement is to be able to sequence together tasks(to create a
> workflow) and after some prototyping, I found ansible playbook to meet that
> requirement.
> But then, scalability is turning out to be an issue. If we could daemonize
> the ansible process so that it can receive requests and execute playbook in
> a thread, that would scale.
> But then, that is not how ansible is supposed to work
>
>
> On Wednesday, December 12, 2018 at 5:02:56 PM UTC+5:30, Kai Stian Olstad
> wrote:
>>
>> On 12.12.2018 11:22, pradeep.hk wrote:
>> > The requirement is to be able to launch a playbook on receiving a
>> > request
>> > (ie on demand). So, if 100 requests are received, it will result in 100
>> > playbooks being executed parallely.
>> > You mentioned - Ansible uses about 50MB of memory per playbook. Is
>> > there
>> > something that can be done to optimize on that ?
>>
>> 50MB is just the minimum, it might be a lot more depending on playbook.
>> I highly doubt there is much that can be done.
>>
>> Just a Hello World in python uses 7MB
>>
>> $ /usr/bin/time -f %M  python -c 'print "Hello World"'
>> Hello World
>> Mem used in kB: 7316
>>
>>
>>
>> An Ansible equivalent Hello World uses 48MB
>>
>> $ /usr/bin/time -f "Mem used in kB: %M" ansible-playbook test.yml
>>
>> PLAY [localhost]
>> ***
>>
>> TASK [debug]
>> ***
>> ok: [localhost] => {}
>>
>> MSG:
>>
>> Hello World
>>
>>
>> PLAY RECAP
>> *
>> localhost  : ok=1changed=0unreachable=0
>> failed=0
>>
>> Mem used in kB: 48316
>>
>>
>> If you use Ansible dynamic inventory you can easily change the inventory
>> depending on the dynamic demand.
>>
>
>> --
>> Kai Stian Olstad
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6d1609ed-7b2e-4067-af41-ad40de8e78ff%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>
-- 

Jonathan lozada de la matta

AUTOMATION PRACTICE

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BKrbG5mRd%2B9o%3DrrhzKzxrUCP35VscvEUUaq9MZJ2AOhMw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] using regex in replace module

[Dick Visser]

This should do it:

- name: backup conf file and search and replace regex
  replace:
path: /etc/nginx/sites-available/cruk-eb
regexp: '(privkey|cert)\.cruk\.org\.(key\.pem|crt)'
replace: '\g<1>3.pem'
backup: yes

Dick

On Thu, 13 Dec 2018 at 11:23, danish09  wrote:
>
> Hey there,
>
> I am using ansible 2.6.4. In on the projects I was working on, I had to 
> search for 2 different words in the same file and replace them as necessary. 
> Used replace module 2 times for this. Below is the playbook that I have used.
>
> - name: backup conf file and search and replace regex
>   replace:
> path: /etc/nginx/sites-available/cruk-eb
> regexp: 'cert\.cruk\.org\.crt'
> replace: 'cert3.pem'
> backup: yes
>
> - name: backup conf file and search and replace regex again
>   replace:
> path: /etc/nginx/sites-available/cruk-eb
> regexp: 'privkey\.cruk\.org\.key\.pem'
> replace: 'privkey3.pem'
> backup: yes
>
>
> Is there a way that I can search and replace 2 words in one task/play
>
>
> Pleas let me know if there is any other information that you need. And 
> apologies if I have missed out anything.
>
>
> Thanks
>
> Danish.
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/157209d1-ad23-4f62-ab98-bf5a373227da%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwMfScSaKutUGfAAVFwJ7Jp7%3DKu6p5W3%3Di3FTM-ZTXntHg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] using regex in replace module

[danish09]

Hey there,

I am using ansible 2.6.4. In on the projects I was working on, I had to 
search for 2 different words in the same file and replace them as 
necessary. Used *replace* module 2 times for this. Below is the playbook 
that I have used.

- name: backup conf file and search and replace regex
  replace:
path: /etc/nginx/sites-available/cruk-eb
regexp: 'cert\.cruk\.org\.crt'
replace: 'cert3.pem'
backup: yes

- name: backup conf file and search and replace regex again
  replace:
path: /etc/nginx/sites-available/cruk-eb
regexp: 'privkey\.cruk\.org\.key\.pem'
replace: 'privkey3.pem'
backup: yes


Is there a way that I can search and replace 2 words in one task/play


Pleas let me know if there is any other information that you need. And 
apologies if I have missed out anything.


Thanks

Danish.



 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/157209d1-ad23-4f62-ab98-bf5a373227da%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] vmware_guest - Modify Multiple VM's

[Shaun Glass]

Good Day,

How would one compose a list of VM's to  make changes against. I have the 
following which works for a single machine :















*- hosts: 127.0.0.1  tasks:  - name: Change NIC Configuration
delegate_to: localhostvmware_guest:  hostname: X  
username: X  password: X  datacenter: 
X  name: VSAN025  validate_certs: False  state: 
present  folder: /X  networks:  - name: Internal*

... however, I need to make changes to dozens of machines. I have tried 
*vars* etc but it is like it cannot handle multiple servers against *name* ?

*"msg": "No folder /**X matched in the search path : /*
*X/vm/**X"*

Regards

Shaun

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ba0e8fcd-02b6-47ae-ab49-8e456860aad5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to delete aws user?

[istisno]

I found out that I was using older ansible version v2.6.2. This is fixed in 
later version of ansible. 
Now I've updated to latest ansible v2.7.4 version and deleting AWS user is 
working. 
I can delete like this:

- name: Absent iam user
  iam:
iam_type: user
state: absent
name: username


So, this is resolved.

On Thursday, December 13, 2018 at 10:52:57 AM UTC+5, ist...@gmail.com wrote:
>
> I'm trying to delete aws user like this:
>
> - name: Delete AWS users
>
>   iam:
> name: userName
> iam_type: user
> state: absent
>
>
> It gives following error:
>
> Failed to delete login profile: BotoServerError: 404 Not Found 
> https://iam.amazonaws.com/doc/2010-05-08/";> 
>   
>Sender 
>NoSuchEntity 
>Login Profile for User  cannot be found. 
>   
>  asdfsdf-fe98-11e8-23fr-035cerw9269a 
> 
>
> If I try to delete with "iam_user", it says "Delete first user access 
> keys". How can I delete aws user?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/568b6f2b-f7d3-412a-a8f5-efb5ad192755%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.