Re: [ansible-project] iptables, new chains, marking

2019-09-20 Thread Vladimir Botka 
On Fri, 20 Sep 2019 17:53:18 -0700 (PDT)
Marc Singer  wrote:

> I'm working to reimplement an existing firewall using the iptables module.  
> I'm not seeing a command to create (or make to exist) a chain ...
> I also don't see commands to handle marking.  The match option is present, 
> but I also need the ctorigdst/ctorigsrc and other options.
> 
> So, is the best way to work around this to simply issue the commands with 
> "command"?

Yes. In fact, that's what iptable module recommends:

"This module just deals with individual rules.If you need advanced chaining
of rules the recommended way is to template the iptables restore file."
https://docs.ansible.com/ansible/latest/modules/iptables_module.html#notes

For example 1) create a template and 2) restore the iptables with a handler

- template:
src: "iptables.j2"
dest: "/etc/network/iptables"
owner: "root"
group: "root"
mode: "0644"
  notify: reload iptables

- name: reload iptables
  shell: "/sbin/iptables-restore < /etc/network/iptables"

The next option would be ufw
https://docs.ansible.com/ansible/latest/modules/ufw_module.html

Cheers,

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20190921054224.619b8b3d%40gmail.com.


pgpeylGShJ2CV.pgp
Description: OpenPGP digital signature

[ansible-project] iptables, new chains, marking

2019-09-20 Thread Marc Singer 
Greetings,

I'm working to reimplement an existing firewall using the iptables module.  
I'm not seeing a command to create (or make to exist) a chain.  Seems like 
this would be a relatively normal thing to do.  Of course, I can create it 
elsewise since it only needs to be done once.  Still, is there harm in it?

I also don't see commands to handle marking.  The match option is present, 
but I also need the ctorigdst/ctorigsrc and other options.

So, is the best way to work around this to simply issue the commands with 
"command"?

Cheers

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/80091388-4436-4f97-b677-ae3ff4539e69%40googlegroups.com.

[ansible-project] New Ansible pre-release 2.9.0rc1

2019-09-20 Thread Toshio Kuratomi 
Hi all- we're happy to announce that the first release candidate of
Ansible 2.9, Ansible-2.9.0rc1 rc1 is now available!


How do you get it?
--

$ pip install ansible==2.9.0rc1 --user

The tar.gz of the release can be found here:

* 2.9.0rc1
  https://releases.ansible.com/ansible/ansible-2.9.0rc1.tar.gz
  SHA256: a24bac21f1cc15130b74851a1d3b5128c48d235d940ead25997c85337965e703


What's new in 2.9.0rc1
--

This release is a maintenance release containing numerous bugfixes.
The full changelog is at:

* 2.9.0rc1
  
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst


What's the schedule for the rest of 2.9.0?


Please see the ROADMAP for the schedule of future 2.9.0 releases
leading up to 2.9.0 final:
https://docs.ansible.com/ansible/devel/roadmap/ROADMAP_2_9.html

The 2.9.0rc1 release cycle was a little messy with some bugfixes that
were a little closer to features than normal making their way in.
Despite that, we think that this is a solid release candidate and we
currently don't see any blockers for the 2.9.0 release.

Please test out this release candidate, report any problems that you
encounter, and draw our attention to any that you'd like us to
consider as blockers for the 2.9.0 final release.  The more time we
have to look at a potential blocker, the more likely we'll consider it
a blocker for release rather than something that we will fix in 2.9.1
instead.

Porting Help


We've published a porting guide at
https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.9.html to
help migrate your content to 2.9.


If you discover any errors or if any of your working playbooks break when you
upgrade to 2.9.0rc1, please use the following link to report the regression:

  https://github.com/ansible/ansible/issues/new/choose

In your issue, be sure to mention the Ansible version that works and the one
that doesn't.

Thanks!

-Toshio Kuratomi

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPrnkaQUCPpHAPGfQWApGu%2BEohrKTkoppnXf%3DyqrCoP1ZB6JbA%40mail.gmail.com.

[ansible-project] Uninstalling Houdini

2019-09-20 Thread Bryce Gattis 
Hi,

I'm trying to uninstall houdini 17.0 with Ansible, I've tried the 
following: 

- name: Uninstall Houdini 17.0.416
  hosts: all
  tasks:
   - name: uninstall houdini
 win_command: cmd.exe "C:\\Program Files\\Side Effects 
Software\\Houdini 17.0.416\\Uninstall Houdini.exe /S"

   - name: uninstall houdini 2.0
 win_package:
   path: C:\Program Files\Side Effects Software\Houdini 
17.0.416\Uninstall Houdini.exe
   product_id: Houdini 17.0.416
   arguments: /S
   state: absent

This is the given verbose output:


TASK [uninstall houdini] 

changed: [ws-001.MYDOMAIN.COM] => {
"changed": true,
"cmd": "cmd.exe \"C:Program FilesSide Effects 
SoftwareHoudini 17.0.416Uninstall Houdini.exe /S\"",
"delta": "0:00:00.320820",
"end": "2019-09-20 04:22:06.665368",
"rc": 0,
"start": "2019-09-20 04:22:06.344548",
"stderr": "",
"stderr_lines": [],
"stdout": "Microsoft Windows [Version 10.0.17763.292]\r\n(c) 2018 
Microsoft Corporation. All rights 
reserved.\r\n\r\nC:\\Users\\admin>\r\nC:\\Users\\admin>",
"stdout_lines": [
"Microsoft Windows [Version 10.0.17763.292]",
"(c) 2018 Microsoft Corporation. All rights reserved.",
"",
"C:\\Users\\admin>",
"C:\\Users\\admin>"
]
}

TASK [uninstall houdini 2.0] 

changed: [ws-001.MYDOMAIN.COM] => {
"changed": true,
"exit_code": 0,
"rc": 0,
"reboot_required": false,
"restart_required": false
}
META: ran handlers
META: ran handlers

As you can see, both of these run, and return a zero exit code. However, 
neither way seems to ACTUALLY uninstall houdini. Has anyone been successful 
uninstalling houdini with ansible? Or does anyone have any ideas of what 
may be the issue or how to debug it?
Im using ansible version 2.7.10

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c87d03ec-4fe5-4607-b178-679380ea56cc%40googlegroups.com.

Re: [ansible-project] Ansible in virtualenv mixing python with os

2019-09-20 Thread Stefan Hornburg (Racke) 
On 9/20/19 4:28 PM, Mr Decisive wrote:
> Hi Stefan,
> 
> Thanks for the info. 
> 
> I'd tried putting 
> 
> ansible_python_interpreter: /home//py3/bin/python
> 
> in the ansible.cfg file in /etc/ansible/ but whilst it read the file as I 
> could tell from the -vvv switch I was still
> seeing parts of the run falling back to /usr/bin/python??
> 
> Anyway I subsequently (prior to you replying) installed the missing packages 
> in the system os python version (cheating I
> know bu I wanted to make sure it really was a problem with the path and this 
> was the easiest way to test it). It worked.
> but this didn't fix the original problem. So I saw your response and put 
> the variable definition in the playbook and
> this worked. I could see via the -vvv switch that all the python paths were 
> correct. 
> 
> Thanks for your help.

You are welcome. According to the docs the correct name for ansible.cfg is 
"python_interpreter" in the [defaults]
section 
(https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html).

Regards
 Racke

> 
> Cheers
> Phill
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/7d8db251-30a4-4d48-a171-adaf618e7b73%40googlegroups.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9ff70567-8ea0-636a-5df7-c4831341037a%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

[ansible-project] Help with meta end_host

2019-09-20 Thread KSS 
Hi,

I have a playbook that uses a meta task to end the play for hosts not 
meeting a certain condition. Further along the playbook I have a run_once 
task that uses the ansible_play_hosts variable to provide a list of the 
hosts in the current play to a command.

My issue is that although I end the play for the hosts not meeting the 
required condition, they persist in the ansible_play_hosts variable - I 
guess this is expected since they are not failed and therefore still 
technically part of the play even though they will not have any further 
tasks executed against them. Is there any way of getting or creating a list 
of the hosts that remain active for the remaining tasks?

Here is a test playbook demonstrating that the play has ended for a 
particular host but remains in the play_hosts variable;


-- test_meta.yml -

---

   - hosts: all

 tasks:

- name: Ending the play for hosts not meeting the required condition
  meta: end_host
  when:
 - inventory_hostname == "test01"

- block:

 - debug:
 msg: "Host {{ inventory_hostname }}"
   delegate_to: localhost

 - debug:
 msg: "Host {{ item }} still in play_hosts"
   with_items: "{{ ansible_play_hosts }}"
   delegate_to: localhost
   run_once: true

  rescue:

 - debug:
 msg: "Failed host - {{ inventory_hostname }} - {{ 
ansible_failed_result.msg }}"
   delegate_to: localhost

--- eof -

The playbook run;

PLAY [all] 
*

TASK [Gathering Facts] 
*
ok: [test01]
ok: [test02]
ok: [test03]

TASK [debug] 
***
ok: [test02 -> localhost] => {
"msg": "Host test02"
}
ok: [test03 -> localhost] => {
"msg": "Host test03"
}

TASK [debug] 
***
ok: [test02 -> localhost] => (item=test01) => {
"msg": "Host test01 still in play_hosts"
}
ok: [test02 -> localhost] => (item=test02) => {
"msg": "Host test02 still in play_hosts"
}
ok: [test02 -> localhost] => (item=test03) => {
"msg": "Host test03 still in play_hosts"
}

PLAY RECAP 
*
test03  : ok=2changed=0unreachable=0failed=0
skipped=0rescued=0ignored=0  
test01   : ok=1changed=0unreachable=0failed=0
skipped=0rescued=0ignored=0  
test02 : ok=3changed=0unreachable=0failed=0
skipped=0rescued=0ignored=0  

Can anyone suggest how I get a list of hosts actually still active (i.e. 
still having tasks executed against them)?

ansible-2.8.4 and 2.8.5

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/26dce5a2-d887-4abc-b053-44b576b02528%40googlegroups.com.

Re: [ansible-project] Ansible in virtualenv mixing python with os

2019-09-20 Thread Mr Decisive 
Hi Stefan,

Thanks for the info. 

I'd tried putting 

ansible_python_interpreter: /home//py3/bin/python

in the ansible.cfg file in /etc/ansible/ but whilst it read the file as I 
could tell from the -vvv switch I was still seeing parts of the run falling 
back to /usr/bin/python??

Anyway I subsequently (prior to you replying) installed the missing 
packages in the system os python version (cheating I know bu I wanted to 
make sure it really was a problem with the path and this was the easiest 
way to test it). It worked. but this didn't fix the original problem. 
So I saw your response and put the variable definition in the playbook 
and this worked. I could see via the -vvv switch that all the python paths 
were correct. 

Thanks for your help.

Cheers
Phill

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7d8db251-30a4-4d48-a171-adaf618e7b73%40googlegroups.com.

[ansible-project] Ansible in virtualenv mixing python with os

2019-09-20 Thread Mr Decisive 
Hi,

I have this error when running a playbook to connect to azure to update 
virtual machines.

"Failed to import the required Python library (packaging) on  
Python /usr/bin/python. Please read module documentation and install in the 
appropriate location"

I can see it is using /usr/bin/python but I'm running ansible in a 
virtualenv with python3 and the python path is /home//py3/bin/python. I 
know the packaging library is installed in the virtualenv.

So my question is: Why is ansible trying to use the os python and how do I 
make it use the virtualenv version?

Cheers
Phill 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4216bbee-c9e8-49f8-9a0e-60ae35e35fb8%40googlegroups.com.

[ansible-project] install chrome-msi with ansible

2019-09-20 Thread Andre Gronwald 
hi,
im am not able to deploy google chrome msi via ansible on wondows hosts. 
using the exe-file is working ok, but with some side effects.
was anyone able to install the chrome-msi via win_package?

tried msi with:
- name: install file
  win_package:
path: C:\temp\GoogleChromeStandaloneEnterprise64.msi
arguments: /q /l
state: present

(also tried arguments: /quiet /qn /i and some combinations of that)

successful installed exe with:
- name: install file
  win_package:
path: C:\temp\ChromeStandaloneSetup64.exe
arguments: /silent /install
state: present

kind regards,
andre

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3e3ca7a6-b939-4281-a2df-65aca2153475%40googlegroups.com.

[ansible-project] How to use variables from one task in another task

2019-09-20 Thread Srinivas Naram 
Hello Ansible Gurus,

I am new to Ansible and trying to get my hands dirty on playbooks. I wrote 
an yaml file to use a variable from one host tasks to another. Here is my 
code ( logically this code may not make sense in real world, I am trying to 
understand features in Ansible ) 


---
-
  hosts: modified_user1
  tasks:
-
  name: "test connection"
  ping: 
  register: result
-
  debug:
var: result
  when: result is succeeded
-
  file:
   path: "/home/ansible_user/from_controller3/file_name"
   state: touch
  when: result is succeeded

-
  hosts: modified_user2
  tasks:
- name: "create a file in the directory"
  file:
   path: "/home/ansible_user/from_controller4/file_name"
   state: touch
  when: result is succeeded
-
  debug:
   var: result



Is there a provision to pass 'result' variable to second host ?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e5156200-9b84-49a3-837e-5b2dc4b9c39e%40googlegroups.com.

Re: [ansible-project] Image Snapshot Module for Openstack

2019-09-20 Thread Rakesh Parida 
Hi ,
Can anyone guide me on this

On Thu, 19 Sep, 2019, 9:34 PM Rakesh Parida, 
wrote:

> Hi ,
> The ansible has a module to take volume snapshot for Openstack:
> - name: create snapshot
>   hosts: all
>   tasks:
>   - name: create snapshot
> os_volume_snapshot:
>   state: present
>   cloud: test
>   availability_zone: nova
>   display_name: test_snapshot
>   volume: test_volume
>
>   My requirement is to take only Image snapshot as my Openstack is
> associated with External NFS, so i need to take only image snapshot.
> Is there any module to take image snapsnot rather than Volume snapshot.
> Any help will be appreciated.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f564b181-24c2-40bf-860e-cd9d2ec3ef4d%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPKxTaCHzoUx33wDDdDSh8zbXO8H_YzP%3DZG6RuDwtxp7nZnhsw%40mail.gmail.com.

Re: [ansible-project] Re: How can I run the commnads in Linux vm after creation with vmware_guest

2019-09-20 Thread Aravind Balaji 
Hi  Phani Akkina,

In the response of vmware_guest module you can find whether VM is created
or not while executing vmware_guest module.

Use the response of  vmware_guest module  and execute vmware_vm_shell
module.

*Thanks & Regards*,
Aravind Balaii S

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CADzzmGf6j1OB%2B6EwLwMDwWtujOPUTnJFrMXm819AVX8paewt7w%40mail.gmail.com.