[ansible-project] Adding AD User to a local linux group

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

Is there a way to add an AD user to a local linux group?  the user function
doesn't work because it's only looking in /etc/passwd for this user.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgCE-AJQ0UH%2B4p5QPi%2BwN0zOi9SZ1jcWJsFZCGgM_CQqQ%40mail.gmail.com.

[ansible-project] Importing multiple ansible playbooks

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

Is there a way, or what is the syntax since I can't seem to find it on
importing an ansible playbook and with that applying a specific tag to one
or some of those playbooks?

---
# Add tsg keys
- import_playbook: tsg.yml
- import_playbook: tsgkey.yml

# Connect to RHSM
- import_playbook: capsule.yml

# Install Server environment for RHEL8
- import_playbook: rhel8_svr_env.yml
*  - add tag here??  Doesn't work.*

# Setup puppet
- import_playbook: chrony.yml

# Do updates
- import_playbook: cfu.yml

# Reboot after updates
- import_playbook: cfr.yml

# Install EPEL
- import_playbook: epel.yml

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgZTe1dGG06KP%2BwO1Lm5FSspzKuH6N75fc2xdxj%2BxuuXQ%40mail.gmail.com.

Re: [ansible-project] Trying to gather facts to write to local file on ansible server

['Chris Bidwell - NOAA Federal' via Ansible Project]

Dang!  Thank you!

On Wed, Sep 29, 2021 at 2:15 PM Matt Martz  wrote:

> Your output doesn't match the provided play, however, I'm guessing you
> need a `become: no` on the task that has `delegate_to: localhost` on it.
>
> On Wed, Sep 29, 2021 at 3:13 PM 'Chris Bidwell - NOAA Federal' via Ansible
> Project  wrote:
>
>> Hi all!
>>
>> So this has worked at one point but is no longer.
>>
>> I'm trying to gather information on each of my rhel clients and write
>> that information to one file on my answer server.
>>
>> Here is my playbook:
>>
>> ---
>> - hosts: 'ALL_LINUX'
>>   become: yes
>>   become_method: sudo
>>   vars_files:
>> - passwd.yml
>> - vars.yml
>>
>>   vars:
>> - RHEL_INV: "/home/chris.bidwell/rhel_inventory"
>> - VAR: "{{ hostvars[item].facter_virtual }}"
>>
>>   tasks:
>> - name: Workstation or Server?
>>   shell: cat /etc/redhat-release | awk '{print $5}'
>>   register: rh_type
>>   tags: name
>>
>> - name: Append to file
>>   lineinfile:
>> dest: "{{ RHEL_INV }}"
>> line: "{{ ansible_default_ipv4.address }},{{ inventory_hostname
>> }},{{ ansible_default_ipv4.macaddress }},{{ansible_distribution }}, {{
>> ansible_distribution_major_version }}, {{ rh_type.stdout }}"
>> insertafter: EOF
>> create: yes
>>   delegate_to: localhost
>>
>> - debug:
>> msg: "{{ ansible_default_ipv4.address }},{{ inventory_hostname
>> }},{{ ansible_default_ipv4.macaddress }},{{ ansible_distribution }} {{
>> ansible_distribution_major_version }} {{ rh_type.stdout }}"
>>   with_items: "{{ ansible_play_hosts }}"
>>
>> Where my output is saying:
>> chris.bidwell@atsb-swpc-pup-svr-lx:roles$ ap rhel_inventory.yml -K
>> --limit 'rhel8-base-lx'
>> BECOME password:
>>
>> PLAY [ALL_LINUX]
>> **
>>
>> TASK [Gathering Facts]
>> 
>> ok: [rhel8-base-lx]
>>
>> TASK [Make sure files exist]
>> **
>>
>>
>>
>> *Sorry, try again.failed: [rhel8-base-lx]
>> (item=/home/chris.bidwell/rhel.svr) => {"ansible_loop_var": "item",
>> "changed": false, "item": "/home/chris.bidwell/rhel.svr", "module_stderr":
>> "[sudo via ansible, key=hkjseytyeuvgdyqbndymptpnvkghxbld] password:\nsudo:
>> no password was provided\nsudo: 1 incorrect password attempt\n",
>> "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the
>> exact error", "rc": 1}Sorry, try again.failed: [rhel8-base-lx]
>> (item=/home/chris.bidwell/rhel.wkstn) => {"ansible_loop_var": "item",
>> "changed": false, "item": "/home/chris.bidwell/rhel.wkstn",
>> "module_stderr": "[sudo via ansible, key=vhtrrvzwdhssvgmxrexsvvhxvzyonmeu]
>> password:\nsudo: no password was provided\nsudo: 1 incorrect password
>> attempt\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr
>> for the exact error", "rc": 1}*
>>
>> PLAY RECAP
>> 
>> rhel8-base-lx  : ok=1changed=0unreachable=0
>>  failed=1skipped=0rescued=0ignored=0
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAHKi8CgdMkrnAeCarf5S1eJiigr%2B9o

[ansible-project] Trying to gather facts to write to local file on ansible server

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all!

So this has worked at one point but is no longer.

I'm trying to gather information on each of my rhel clients and write that
information to one file on my answer server.

Here is my playbook:

---
- hosts: 'ALL_LINUX'
  become: yes
  become_method: sudo
  vars_files:
- passwd.yml
- vars.yml

  vars:
- RHEL_INV: "/home/chris.bidwell/rhel_inventory"
- VAR: "{{ hostvars[item].facter_virtual }}"

  tasks:
- name: Workstation or Server?
  shell: cat /etc/redhat-release | awk '{print $5}'
  register: rh_type
  tags: name

- name: Append to file
  lineinfile:
dest: "{{ RHEL_INV }}"
line: "{{ ansible_default_ipv4.address }},{{ inventory_hostname
}},{{ ansible_default_ipv4.macaddress }},{{ansible_distribution }}, {{
ansible_distribution_major_version }}, {{ rh_type.stdout }}"
insertafter: EOF
create: yes
  delegate_to: localhost

- debug:
msg: "{{ ansible_default_ipv4.address }},{{ inventory_hostname
}},{{ ansible_default_ipv4.macaddress }},{{ ansible_distribution }} {{
ansible_distribution_major_version }} {{ rh_type.stdout }}"
  with_items: "{{ ansible_play_hosts }}"

Where my output is saying:
chris.bidwell@atsb-swpc-pup-svr-lx:roles$ ap rhel_inventory.yml -K --limit
'rhel8-base-lx'
BECOME password:

PLAY [ALL_LINUX]
**

TASK [Gathering Facts]

ok: [rhel8-base-lx]

TASK [Make sure files exist]
**



*Sorry, try again.failed: [rhel8-base-lx]
(item=/home/chris.bidwell/rhel.svr) => {"ansible_loop_var": "item",
"changed": false, "item": "/home/chris.bidwell/rhel.svr", "module_stderr":
"[sudo via ansible, key=hkjseytyeuvgdyqbndymptpnvkghxbld] password:\nsudo:
no password was provided\nsudo: 1 incorrect password attempt\n",
"module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the
exact error", "rc": 1}Sorry, try again.failed: [rhel8-base-lx]
(item=/home/chris.bidwell/rhel.wkstn) => {"ansible_loop_var": "item",
"changed": false, "item": "/home/chris.bidwell/rhel.wkstn",
"module_stderr": "[sudo via ansible, key=vhtrrvzwdhssvgmxrexsvvhxvzyonmeu]
password:\nsudo: no password was provided\nsudo: 1 incorrect password
attempt\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr
for the exact error", "rc": 1}*

PLAY RECAP

rhel8-base-lx  : ok=1changed=0unreachable=0failed=1
   skipped=0rescued=0ignored=0

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgdMkrnAeCarf5S1eJiigr%2B9orVj8RYRq2ttRxF%3DPrOnA%40mail.gmail.com.

[ansible-project] Getting a errors with ansible checks...

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

I am routinely getting this error running a playbook.  I've verified that
python3-dnf IS installed, so I'm not sure why it's complaining here.

failed: [dido-test] (item=['puppet-agent', 'puppet5-release']) =>
{"ansible_loop_var": "item", "changed": false, "cmd": "dnf install -y
python3-dnf", "item": ["puppet-agent", "puppet5-release"], "msg": "Could
not import the dnf python module using /usr/bin/python (3.8.3 (default, Aug
18 2020, 08:56:04) [GCC 8.3.1 20191121 (Red Hat 8.3.1-5)]). Please install
`python3-dnf` package or ensure you have specified the correct
ansible_python_interpreter.", "rc": 0, "results": [], "stderr": "",
"stderr_lines": [], "stdout": "Updating Subscription Management
repositories.\nRed Hat Enterprise Linux 8 for x86_64 - AppStre  57 kB/s |
2.8 kB 00:00\nRed Hat Enterprise Linux 8 for x86_64 - BaseOS   50
kB/s | 2.4 kB 00:00\nRed Hat Satellite Tools 6.6 for RHEL 8 x86_64
(  42 kB/s | 2.1 kB 00:00\nPackage python3-dnf-4.2.23-4.el8.noarch
is already installed.\nDependencies resolved.\nNothing to
do.\nComplete!\n", "stdout_lines": ["Updating Subscription Management
repositories.", "Red Hat Enterprise Linux 8 for x86_64 - AppStre  57 kB/s |
2.8 kB 00:00", "Red Hat Enterprise Linux 8 for x86_64 - BaseOS   50
kB/s | 2.4 kB 00:00", "Red Hat Satellite Tools 6.6 for RHEL 8
x86_64 (  42 kB/s | 2.1 kB 00:00", "Package
python3-dnf-4.2.23-4.el8.noarch is already installed.", "Dependencies
resolved.", "Nothing to do.", "Complete!"]}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8ChFRAM0ZaZrUHMCbQROEDPCF8E8TLrj0pDjUvHGg_z8jQ%40mail.gmail.com.

Re: [ansible-project] How can I use with_items twice in a single tasks?

['Chris Bidwell - NOAA Federal' via Ansible Project]

I think this would be your syntax:

- name: setup directory permissions
  file:
path: "{{ item.path }}"
state: "{{ item.state }}"
mode: "{{ item.mode }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
  with_items:
- { path: "/data/gong", state: "directory", mode: '2775', owner:
"conductor", group: "pipe" }
- { path: "/data/gong/pipe", state: "directory", mode: '0775',
owner: "conductor", group: "pipe" }
- { path: "/data/gong/pipe/conductor", state: "directory", mode:
'0755', owner: "conductor", group: "pipe" }
- { path: "/opt/db", state: "directory", mode: '0775', owner:
"conductor", group: "pipe" }
- { path: "/iraf", state: "directory", mode: '0775', owner: "gong",
group: "pipe" }
- { path: "/local", state: "directory", mode: '0775', owner:
"gong", group: "pipe" }
- { path: "/data/ftps_in", state: "directory", mode: '0775', owner:
"conductor", group: "pipe" }
- { path: "/localpipe", state: "directory", mode: '0775', owner:
"conductor", group: "pipe" }
- { path: "/var/log/local0.log", state: "touch", mode: '0664',
owner: 'root', group: "pipe" }
- { path: "/chroot/files/idl", state: "directory", mode: '0775',
owner: 'root', group: "root" }

On Mon, Mar 8, 2021 at 7:58 AM Vladimir Botka  wrote:

> On Mon, 8 Mar 2021 06:33:03 -0800 (PST)
> "dudu.c...@gmail.com"  wrote:
>
> > - name: update file
> >   lineinfile:
> > path: {{ item }} *<-- This should describe the files*
> > regexp: "{{ item.from }}"
> > line: "{{ item.replace_with }}"
> >   with_items:
> >  - { from: parameter1= , replace_with: parameter1=test1 }
> >  - { from: parameter1= , replace_with: parameter1=test2 }
> >   with_items:  *-- > This should be for the path*
> >  - “/opt/file1”
> >  - “/opt/file2”
>
> Try this
>
>  - name: update file
>lineinfile:
>  path: "{{ item.0 }}"
>  regexp: "{{ item.1.from }}"
>  line: "{{ item.1.replace_with }}"
>with_nested:
>   - - “/opt/file1”
> - “/opt/file2”
>   - - {from: parameter1=, replace_with: parameter1=test1}
> - {from: parameter1=, replace_with: parameter1=test2}
>
> (not tested)
>
> --
> Vladimir Botka
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/20210308155804.17e2826e%40gmail.com
> .
>


-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cjz7_hP%2B6V34S3cTb3hSDXngbmX_TQVONUN5CkH3e0bBw%40mail.gmail.com.

[ansible-project] Ansible writing to a file

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

So I'm trying to write to a local file from my ansible server based off
information I've gotten from my inventory hosts.  For some reason, it keeps
creating the file ON the inventory host instead of my ansible server.  Here
is my playbook:

---
- hosts: ALL_LINUX
  become: yes
  vars_files:
- vars.yml

  vars:
- SVR: "rhel.svr"
- WKSTN: "rhel.wkstn"

  tasks:
- name: Make sure files exist
  file:
path: "{{ item }}"
state: touch
  with_items:
- "{{ SVR }}"
- "{{ WKSTN }}"

- name: Zero out files
  shell: cat /dev/null > "{{ item }}"
  with_items:
- "{{ SVR }}"
- "{{ WKSTN }}"
  delegate_to: localhost

- name: Workstation or Server?
  shell: cat /etc/redhat-release | awk '{print $5}'
  register: rh_type
  tags: name

- name: "Find rhel servers"
  lineinfile:
dest: "{{ SVR }}"
line: "{{ inventory_hostname }}"
create: yes
insertafter: EOF
  delegate_to: localhost
  when: rh_type.stdout == "Server"
  with_items: "{{ ansible_play_hosts }}"

- name: "Find rhel workstations"
  lineinfile:
dest: "{{ WKSTN }}"
line: "{{ inventory_hostname }}"
create: yes
insertafter: EOF
  delegate_to: localhost
  when: rh_type.stdout == "Workstation"
  with_items: "{{ ansible_play_hosts }}"

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgrQ9KZoT1ViiPBuAr7UrwuUQ54DZc%3DDSnbZq3-Q7M%2B4Q%40mail.gmail.com.

[ansible-project] Writing output to ansible server local file

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

I've tried this and it's worked before but after an upgrade some time ago,
it stopped working.  I haven't used it in ages.

Anyway, if I want to get variables about my inventory: mac address, ip, os
version, etc., and write that to a file, what would be my syntax on doing
this?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci5Nk4gF3x3PfKizx9JUYCqmLqwy0_Oq43CG1X56s9%2BmA%40mail.gmail.com.

Re: [ansible-project] ansible yum install

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

I tried this:
- name: Install Wazuh-agent
  yum:
name: wazuh-agent
state: latest
  environment: "WAZUH_MANAGER='10.0.0.2'"

And this was my result:
TASK [Install Wazuh-agent]

[WARNING]: could not parse environment value, skipping:
["WAZUH_MANAGER='10.0.0.2'"]
changed: [zli-lx]


On Fri, Nov 20, 2020 at 10:11 AM Dick Visser  wrote:

> Try the yum module and a custom environment variable:
>
> https://docs.ansible.com/ansible/latest/user_guide/playbooks_environment.html#setting-the-remote-environment-in-a-task
>
> On Fri, 20 Nov 2020 at 17:55, 'Chris Bidwell - NOAA Federal' via
> Ansible Project  wrote:
> >
> > Hi all!  Curious how I could do this using the yum module, or should I
> just run this command as shell or "command"?
> >
> > WAZUH_MANAGER="10.0.0.2" yum install wazuh-agent
> >
> > So essentially setting this variable and applying it to this install.
> >
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAHKi8Cjycnrfo-S5gMW49BdBqvbkAa4wQvbZNUvRVqJ7U9DUiA%40mail.gmail.com
> .
>
>
>
> --
> Dick Visser
> Trust & Identity Service Operations Manager
> GÉANT
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwNkvKXBmL6NzdZUL_LPuOuL2W9cSmBAQmmuLHe%2B%3D0dXyg%40mail.gmail.com
> .
>


-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Chx3XHMJGkk-zJQjJmhSHbJzS8e%3DrdcKF%2B4_eZLBFMJAQ%40mail.gmail.com.

[ansible-project] ansible yum install

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all!  Curious how I could do this using the yum module, or should I just
run this command as shell or "command"?

WAZUH_MANAGER="10.0.0.2" yum install wazuh-agent

So essentially setting this variable and applying it to this install.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cjycnrfo-S5gMW49BdBqvbkAa4wQvbZNUvRVqJ7U9DUiA%40mail.gmail.com.

[ansible-project] Search and remove string that matches a pattern at beginning of a line

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

Interesting question here.  I want to remove the string noexec out of a
line in my /etc/fstab.  In this instance, I only want it to be in the /tmp
line.
I was thinking a replace module, but not sure about a regexp that would
work.  Any thoughts?

#
# /etc/fstab
# Created by anaconda on Tue Nov  3 01:51:55 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/vg_rhel-root /   xfs defaults0 0
UUID=3da5b7f5-fc36-4e8f-beb4-d270d3dff5f8 /boot ext4 defaults,nosuid,nodev
0 0
/dev/mapper/vg_rhel-home /home xfs defaults,nosuid,nodev 0 0
/dev/mapper/vg_rhel-opt /optxfs defaults0 0
/dev/mapper/vg_rhel-tmp /tmp xfs defaults,noexec,nodev,nosuid 0 0
/dev/mapper/vg_rhel-usr /usrxfs defaults0 0
/dev/mapper/vg_rhel-usr_local /usr/local  xfs defaults
   0 0
/dev/mapper/vg_rhel-var /var xfs defaults,nodev 0 0
/dev/mapper/vg_rhel-var_lib_docker /var/lib/docker xfs defaults
   0 0
/dev/mapper/vg_rhel-var_log /var/log xfs defaults,nodev,noexec,nosuid 0 0
/dev/mapper/vg_rhel-var_log_audit /var/log/audit xfs
defaults,nodev,noexec,nosuid 0 0
/dev/mapper/vg_rhel-var_tmp /var/tmp xfs defaults,noexec,nosuid,nodev 0 0
/dev/mapper/vg_rhel-swap swapswapdefaults0 0
tmpfs /dev/shm tmpfs rw,nosuid,nodev,noexec,seclabel 0 0

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiS-9EK%2BmL1bHY3-VO5RkYOzboh8d0Bz5oUYMYnTi9AoQ%40mail.gmail.com.

Re: [ansible-project] new ansible server build

['Chris Bidwell - NOAA Federal' via Ansible Project]

I was unable to do a successful RHEL 7 -> 8 upgrade.  So I did a clean
install on a separate system and moved all of my content over to that
system.  The RHEL8 system is the controller node.  I am using the same ssh
keys from the RHEL7 system.

On Wed, Sep 16, 2020 at 3:18 AM Dick Visser  wrote:

> Hii
>
> On Wed, 16 Sep 2020 at 04:27, 'Chris Bidwell - NOAA Federal' via
> Ansible Project  wrote:
> >
> > Hi all, so this may be simple but I can't seem to figure it out.  :(
> >
> > I built a new RHEL8 server from my RHEL7 system and ran my playbooks as
> normally would and now I'm getting these errors:
>
>
> Building to me means creating from scratch - I assume you meant you
> upgraded a RHEL7 to RHEL8?
> Also it is not clear whether this built (or upgraded) RHEL8 system is
> the controller node or one of the managed nodes. Please specify.
>
> > WARNING]: sftp transfer mechanism failed on [host1-lx]. Use
> ANSIBLE_DEBUG=1 to see detailed information
> > [WARNING]: scp transfer mechanism failed on [host1-lx]. Use
> ANSIBLE_DEBUG=1 to see detailed information
> > An exception occurred during task execution. To see the full traceback,
> use -vvv. The error was: PermissionError: [Errno 1] Operation not
> permitted: b'/home/user/.ansible/tmp/ansible-local-73581mdop998/tmps7c2r6yx'
> > fatal: [host1-lx]: FAILED! => {"msg": "Unexpected failure during module
> execution.", "stdout": ""}
>
> This would indicate an authentication issue. I would look at
> SSH/config changes between RHEL7 and 8.
>
>
>
> --
> Dick Visser
> Trust & Identity Service Operations Manager
> GÉANT
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwM7M3ypMpyYBp5gE%2BSC7J9pZ0%3D-hBFh1%3DkzgDkxFQtaug%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8ChqLLeLjbHcLyhGOTOk44RhsAO7AYMGptRsPLmyrfxfLQ%40mail.gmail.com.

[ansible-project] new ansible server build

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all, so this may be simple but I can't seem to figure it out.  :(

I built a new RHEL8 server from my RHEL7 system and ran my playbooks as
normally would and now I'm getting these errors:

WARNING]: sftp transfer mechanism failed on [host1-lx]. Use ANSIBLE_DEBUG=1
to see detailed information
[WARNING]: scp transfer mechanism failed on [host1-lx]. Use ANSIBLE_DEBUG=1
to see detailed information
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: PermissionError: [Errno 1] Operation not permitted:
b'/home/user/.ansible/tmp/ansible-local-73581mdop998/tmps7c2r6yx'
fatal: [host1-lx]: FAILED! => {"msg": "Unexpected failure during module
execution.", "stdout": ""}

ansible 2.9.13
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/user1/.ansible/plugins/modules',
'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Dec  5 2019, 15:45:45) [GCC 8.3.1
20191121 (Red Hat 8.3.1-5)]

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgheFP%2B%2B%3DqUPMOF5fLtk_x3wzJ0B1Fx-RG0oi%2BmkCK_Aw%40mail.gmail.com.

[ansible-project] Re: lineinfile using insertafter

['Chris Bidwell - NOAA Federal' via Ansible Project]

Because I've got checks that applies the proxy based of which subnet the
playbook runs on.

On Friday, July 17, 2020, Stefan Hornburg (Racke)  wrote:
> On 7/17/20 10:21 PM, 'Chris Bidwell - NOAA Federal' via Ansible Project
wrote:
>> Hey all,
>>
>> Trying to insert a line to multiple instances in the same file.
>>
>> I tried insertafter but that only put in one spot.  Here's the code:
>>
>> - name: add proxy to zabbix.repo if needed
>>   lineinfile:
>> path: /etc/yum.repos.d/zabbix.repo
>> state: present
>> insertafter: '\[zabbix*'
>> line: 'proxy=http://proxy:8080'
>>   when:
>> - ansible_default_ipv4.address is match('192\.168\.226\.') or
>>   ansible_default_ipv4.address is match('10\.172\.226\.')
>>
>> Here's the result:
>>
>> [zabbix]
>> name=Zabbix Official Repository - $basearch
>> baseurl=https://repo.zabbix.com/zabbix/4.4/rhel/8/$basearch/
>> enabled=1
>> gpgcheck=1
>> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591
>>
>> [zabbix-non-supported]
>> *proxy=http://proxy:8080   *

>>
>> name=Zabbix Official Repository non-supported - $basearch
>> baseurl=https://repo.zabbix.com/non-supported/rhel/8/$basearch/
>> enabled=1
>> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
>> gpgcheck=1
>>
>> I would have thought my insertafter regexp would match both of those
[zabbix] and [zabbix-non-supported] but it doesn't.
>
> No, lineinfile replaces one line. But why don't you set the proxy
variable globally for yum / your system?
>
> Regards
>  Racke
>
>>
>> --
>> You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send
an email to
>> ansible-project+unsubscr...@googlegroups.com .
>> To view this discussion on the web visit
>>
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg_J_ybBhRZ8S0VVX0c6SqB-W2vz6nVNo9nFKNuia%2Bb-A%40mail.gmail.com
>> <
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg_J_ybBhRZ8S0VVX0c6SqB-W2vz6nVNo9nFKNuia%2Bb-A%40mail.gmail.com?utm_medium=email&utm_source=footer
>.
>
>
> --
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
> --
> You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20b9be73-44b4-4a33-8258-d00b200e1f47%40linuxia.de
.
>

-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiGB7_AAFw6diHWb8_riYF7Tw-%2Bv_uV3KABN96rhxF8LA%40mail.gmail.com.

[ansible-project] lineinfile using insertafter

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

Trying to insert a line to multiple instances in the same file.

I tried insertafter but that only put in one spot.  Here's the code:

- name: add proxy to zabbix.repo if needed
  lineinfile:
path: /etc/yum.repos.d/zabbix.repo
state: present
insertafter: '\[zabbix*'
line: 'proxy=http://proxy:8080'
  when:
- ansible_default_ipv4.address is match('192\.168\.226\.') or
  ansible_default_ipv4.address is match('10\.172\.226\.')

Here's the result:

[zabbix]
name=Zabbix Official Repository - $basearch
baseurl=https://repo.zabbix.com/zabbix/4.4/rhel/8/$basearch/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX-A14FE591

[zabbix-non-supported]
*proxy=http://proxy:8080    *


name=Zabbix Official Repository non-supported - $basearch
baseurl=https://repo.zabbix.com/non-supported/rhel/8/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-ZABBIX
gpgcheck=1

I would have thought my insertafter regexp would match both of those
[zabbix] and [zabbix-non-supported] but it doesn't.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg_J_ybBhRZ8S0VVX0c6SqB-W2vz6nVNo9nFKNuia%2Bb-A%40mail.gmail.com.

Re: [ansible-project] environment proxy variable not working

['Chris Bidwell - NOAA Federal' via Ansible Project]

Interesting.  That must have been my own typo.

I've verified that my variable name says proxy_env on both the declaration
and where it's trying to be applied to.

Here's the verbose output -- it keeps trying to use the http_proxy instead
of the https_proxy.

* SSH: EXEC sshpass -d10 ssh -vvv -C -o ControlMaster=auto -o
ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="tsg"' -o
ConnectTimeout=90 -o ControlPath=/home/chris.bidwell/.ansible/cp/84c0dc074e
-tt corona-lx '/bin/sh -c '"'"'sudo -H -S  -p "[sudo via ansible,
key=roxxdufstmkkexijnydloqgrgbewanlx] password:" -u root /bin/sh -c
'"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-roxxdufstmkkexijnydloqgrgbewanlx ;
http_proxy=http://proxy:8080 <http://proxy:8080>
/usr/libexec/platform-python
/home/tsg/.ansible/tmp/ansible-tmp-1595008297.67-12298-28530305002590/AnsiballZ_dnf.py'"'"'"'"'"'"'"'"'
&& sleep 0'"'"''Escalation succeeded*



On Fri, Jul 17, 2020 at 11:09 AM Stefan Hornburg (Racke) 
wrote:

> On 7/17/20 6:53 PM, 'Chris Bidwell - NOAA Federal' via Ansible Project
> wrote:
> > Hey all,
> >
> > I'm having an issue trying to get ansible to use my environment variable
> to pull through a proxy server.
> >
> > Running: ansible 2.9.10
> >
> > Here's my variable declarations:
> >
> > ---
> > - name: puppet5
> >   hosts: ALL_LINUX
> >   become: yes
> >   vars_files:
> > - passwd.yml
> > - vars.yml
> >
> >   vars:
> > os_version: "{{ ansible_distribution_major_version }}"
> > puppet5_repo: /etc/yum.repos.d/puppet5.repo
> > proxy_env:
> >   https_proxy: http://proxy:8080 <http://proxy.swpc.noaa.gov:8080>
> >   http_proxy: http://proxy:8080 <http://proxy.swpc.noaa.gov:8080>
> >
> > Here is it being used in my playbook:
> >
> >   tasks:
> > - name: check if repo files exists
> >   stat:
> > path: "{{ puppet5_repo }}"
> >   register: puppet5_exists
> >
> > - name: "Install puppet5 EL{{ os_version }}.rpm for NCS or internal
> networks"
> >   yum:
> > name: "https://yum.puppetlabs.com/puppet5-release-el-{{ <
> https://yum.puppetlabs.com/puppet5-release-el-%7B%7B>
> > os_version }}.noarch.rpm"
> > state: present
> > disable_gpg_check: yes
> >   environment: "{{ proxy_envy }}"
> >   when:
> > - puppet5_exists.stat.exists == False
> > - ansible_default_ipv4.address is match('192\.168\.226\.') or
> >   ansible_default_ipv4.address is match('192\.168\.223\.')
> >
> > Notice that the URL I'm trying to pull is https.  When I run the
> playbook, it's defaulting to http.  If I hard code the
> > environment with:
> >
> > environment:
> >   - https_proxy: http://proxy:8080
> >
> > This works.  Is there a bug somewhere in this version of ansible?
>
> Is the name of the variable proxy_envy a typo in your playbook?
>
> Regards
> Racke
>
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to
> > ansible-project+unsubscr...@googlegroups.com  ansible-project+unsubscr...@googlegroups.com>.
> > To view this discussion on the web visit
> >
> https://groups.google.com/d/msgid/ansible-project/CAHKi8CiZbvkUKQBwYdM4ejdPxPvJ9FObLR%3DNi2XVy%2BcSx74sAg%40mail.gmail.com
> > <
> https://groups.google.com/d/msgid/ansible-project/CAHKi8CiZbvkUKQBwYdM4ejdPxPvJ9FObLR%3DNi2XVy%2BcSx74sAg%40mail.gmail.com?utm_medium=email&utm_source=footer
> >.
>
>
> --
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/702e6c53-1d70-19c5-2b3a-17a38e7dba50%40linuxia.de
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiV1c5QnvCOvBDE3YyVHP1JU9Zm2H_qBs%2B1GshqoNpqNg%40mail.gmail.com.

[ansible-project] environment proxy variable not working

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

I'm having an issue trying to get ansible to use my environment variable to
pull through a proxy server.

Running: ansible 2.9.10

Here's my variable declarations:

---
- name: puppet5
  hosts: ALL_LINUX
  become: yes
  vars_files:
- passwd.yml
- vars.yml

  vars:
os_version: "{{ ansible_distribution_major_version }}"
puppet5_repo: /etc/yum.repos.d/puppet5.repo
proxy_env:
  https_proxy: http://proxy:8080 
  http_proxy: http://proxy:8080 

Here is it being used in my playbook:

  tasks:
- name: check if repo files exists
  stat:
path: "{{ puppet5_repo }}"
  register: puppet5_exists

- name: "Install puppet5 EL{{ os_version }}.rpm for NCS or internal
networks"
  yum:
name: "https://yum.puppetlabs.com/puppet5-release-el-{{ os_version
}}.noarch.rpm"
state: present
disable_gpg_check: yes
  environment: "{{ proxy_envy }}"
  when:
- puppet5_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.226\.') or
  ansible_default_ipv4.address is match('192\.168\.223\.')

Notice that the URL I'm trying to pull is https.  When I run the playbook,
it's defaulting to http.  If I hard code the environment with:

environment:
  - https_proxy: http://proxy:8080

This works.  Is there a bug somewhere in this version of ansible?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiZbvkUKQBwYdM4ejdPxPvJ9FObLR%3DNi2XVy%2BcSx74sAg%40mail.gmail.com.

Re: [ansible-project] ansible - rhel8

['Chris Bidwell - NOAA Federal' via Ansible Project]

 when:
- ansible_distribution_major_version is version('6', '=')
- ansible_default_ipv4.address is match('192\.168\.226\.') or
  ansible_default_ipv4.address is match('10\.172\.226\.')

- name: Change http to https
  replace:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'http:'
replace: 'https:'
  tags:
- HTTPS
  notify: yum clean all

- name: add proxy to zabbix.repo for NCS systems
  lineinfile:
path: /etc/yum.repos.d/zabbix.repo
regexp: 'proxy'
state: present
line: 'proxy=http://proxy:8080'
insertafter: '\[zabbix\]'
  when:
- upgrade_proxy.stdout.find('proxy') != -1

- name: Upgrade zabbix-agent
  yum:
name: zabbix-agent
state: latest
  notify: restart zabbix
  tags: never

  handlers:
- name: restart zabbix
  service:
name: zabbix-agent
state: restarted

- name: restart firewalld
  service:
name: firewalld
state: restarted

- name: iptables save
  command: iptables-save > /etc/sysconfig/iptables
  tags: IPTABLES

- name: restart iptables
  service:
name: iptables
state: restarted
  tags: IPTABLES

- name: yum clean all
  shell: yum clean all

On Wed, Jul 15, 2020 at 12:24 PM vinoth kumar  wrote:

> Where is your actual tasks starts ?
>
> Tasks is missing
>
> On Wed 15. Jul 2020 at 20:17, 'Chris Bidwell - NOAA Federal' via Ansible
> Project  wrote:
>
>> Hey all,
>>
>> having an interesting issue with my latest rhel8 installation.
>>
>> Trying to install an rpm from a URL.  Here's my playbook:
>>
>> ---
>> - name: Install zabbix
>>   hosts: ALL_LINUX
>>   become: yes
>>   vars_files:
>> - passwd.yml
>> - vars.yml
>>   ignore_errors: yes
>>
>>   vars:
>> os_version: "{{ ansible_distribution_major_version }}"
>> zabbix_repo: /etc/yum.repos.d/zabbix.repo
>> zabbix_config: /etc/zabbix/zabbix_agentd.conf
>>
>> *zabbix_8:
>> https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
>> <https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm>*
>>   zabbix_7:
>> https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
>> zabbix_6:
>> https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
>> proxy_env:
>>   http_proxy: 'http://proxy:8080'
>>
>> - name: check if repo files exists
>>   stat:
>> path: "{{ zabbix_repo }}"
>>   register: zabbix_exists
>>   tags:
>> - YUM
>> - CHECK
>>
>> - name: "install 8 if not exists (proxy)"
>>   dnf:
>> name: "{{ zabbix_8 }}"
>> state: latest
>> disable_gpg_check: yes
>>   ignore_errors: true
>>   environment: "{{ proxy_env }}"
>>   when:
>> - ansible_distribution_major_version is version('8', '=')
>> - zabbix_exists.stat.exists == False
>> - ansible_default_ipv4.address is match('192\.168\.226\.') or
>>   ansible_default_ipv4.address is match('10\.172\.226\.')
>>   tags:
>> - PROXY
>> - YUM
>>
>>
>> Here is my error output:
>> TASK [install 8 if not exists (proxy)]
>> ***
>> fatal: [corona-lx]: FAILED! => {"changed": false, "msg": "Failure
>> downloading
>> https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm,
>> Request failed: > protocol>", "results": []}
>>
>> Thought it may be dns-related but I'm able to resolve the name fine.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci7hMJzUDYuDM1AVpnpYf9xH%2BjogANN6EzMOvWNF8AMrA%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci7hMJzUDYuDM1AVpnpYf9xH%2BjogANN6EzMOvWNF8AMrA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJ%2BRxtQjbUTX%3DmEf6qh%2BR%2BSdh%3DKMRiC7TpbhJm3y9SaaRGQ%2B1w%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAJ%2BRxtQjbUTX%3DmEf6qh%2BR%2BSdh%3DKMRiC7TpbhJm3y9SaaRGQ%2B1w%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CjcDDDm92M%3D8tO1ZHbY1gu5Lc22dg_Rp8qpk23oBTKneg%40mail.gmail.com.

[ansible-project] ansible - rhel8

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

having an interesting issue with my latest rhel8 installation.

Trying to install an rpm from a URL.  Here's my playbook:

---
- name: Install zabbix
  hosts: ALL_LINUX
  become: yes
  vars_files:
- passwd.yml
- vars.yml
  ignore_errors: yes

  vars:
os_version: "{{ ansible_distribution_major_version }}"
zabbix_repo: /etc/yum.repos.d/zabbix.repo
zabbix_config: /etc/zabbix/zabbix_agentd.conf

*zabbix_8:
https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm
*
  zabbix_7:
https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
zabbix_6:
https://repo.zabbix.com/zabbix/4.4/rhel/6/x86_64/zabbix-release-4.4-1.el6.noarch.rpm
proxy_env:
  http_proxy: 'http://proxy:8080'

- name: check if repo files exists
  stat:
path: "{{ zabbix_repo }}"
  register: zabbix_exists
  tags:
- YUM
- CHECK

- name: "install 8 if not exists (proxy)"
  dnf:
name: "{{ zabbix_8 }}"
state: latest
disable_gpg_check: yes
  ignore_errors: true
  environment: "{{ proxy_env }}"
  when:
- ansible_distribution_major_version is version('8', '=')
- zabbix_exists.stat.exists == False
- ansible_default_ipv4.address is match('192\.168\.226\.') or
  ansible_default_ipv4.address is match('10\.172\.226\.')
  tags:
- PROXY
- YUM


Here is my error output:
TASK [install 8 if not exists (proxy)]
***
fatal: [corona-lx]: FAILED! => {"changed": false, "msg": "Failure
downloading
https://repo.zabbix.com/zabbix/4.4/rhel/8/x86_64/zabbix-release-4.4-1.el8.noarch.rpm,
Request failed: ", "results": []}

Thought it may be dns-related but I'm able to resolve the name fine.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci7hMJzUDYuDM1AVpnpYf9xH%2BjogANN6EzMOvWNF8AMrA%40mail.gmail.com.

Re: [ansible-project] Updated ansible failed on checks

['Chris Bidwell - NOAA Federal' via Ansible Project]

Thanks all!

On Fri, Nov 15, 2019 at 11:56 AM Vladimir Botka  wrote:

> On Fri, 15 Nov 2019 11:28:44 -0500
> Sam Doran  wrote:
>
> > Vlado,
> > You're not missing anything. The version_compare test still exists, is
> not
> > deprecated, and is fine to use — just not as a filter.
> > We used to register tests as filters. Since we no longer do this, Jinja
> > raises an error that version_compare is not a valid filter, which is
> > accurate.
> > Sam
>
> Sam,
>
> thank you very much for the clarification!
>
> For the record, quoting from *Ansible 2.9 "Immigrant Song" Release Notes*
>
> https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst#id2
>
>   * Jinja tests - Remove deprecated functionality of registering tests as
> filters (https://github.com/ansible/ansible/issues/55319)
>
> (This explains the error in 2.9: "no filter named 'version_compare'")
>
> -vlado
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/20191115195638.3d40a74e%40gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg4%3DwmFb3w2LHuK4DKgAvRSf-96C7ZuY45p1DY3eW9xrA%40mail.gmail.com.

[ansible-project] Updated ansible failed on checks

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

After running ansible 2.9, I'm getting these errors:

fatal: [jjohnson-lx]: FAILED! => {"msg": "The conditional check
'ansible_distribution_major_version | version_compare('6', '=')' failed.
The error was: template error while templating string: no filter named
'version_compare'. String: {% if ansible_distribution_major_version |
version_compare('6', '=') %} True {% else %} False {% endif %}\n\nThe error
appears to be in '/zabbix.yml': line 76, column 7, but may\nbe elsewhere in
the file depending on the exact syntax problem.\n\nThe offending line
appears to be:\n\n\n- name: \"install 6 if not exists (no proxy)\"\n
   ^ here\n"}

Here is what's in that section:

name: "install 6 if not exists (no proxy)"
  yum:
name: "{{ zabbix_6 }}"
state: latest
  ignore_errors: true
  environment: "{{ proxy_env }}"
  when:
*- ansible_distribution_major_version | version_compare('6', '=')*
- zabbix_exists.stat.exists == False
- proxy.stdout.find('proxy') == -1
  tags:
- YUM

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Chf5XnOLB%2BY3vKXwiHkGg5%3DRisF%3DXqqZGL6KPo%2BkFmgCg%40mail.gmail.com.

[ansible-project] Playbook run order

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all!

Just a simple question but it may be just looking into it too deep.

I've got several playbooks that I run sequentially manually during a server
build.  How would I create a separate playbook and call these other
playbooks in their respective order?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8ChJxSL-0gN3c1oztrM15LdnNtpu9M5cUg-mpY25NbbY7Q%40mail.gmail.com.

[ansible-project] Get number based off inventory criteria

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all

Is there any way to output a growing count of, let's say, systems that
match a specific RH version or RH type (Workstation or Server).  Like an
end result showing 35 Servers, or 42 Workstations, etc.

Thanks!
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci9iLWWdV%3DzFAPgKgDj_KkQhyMPBWp%3DazGc3_Q44j6ywQ%40mail.gmail.com.

Re: [ansible-project] Reboot wait for port to come available

['Chris Bidwell - NOAA Federal' via Ansible Project]

Doesn't this use the ansible server running the playbook to check if the
port is open?

On Tue, Oct 22, 2019 at 5:07 PM Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On 23.10.2019 00:42, 'Chris Bidwell - NOAA Federal' via Ansible Project
> wrote:
> > Hi all,
> >
> > So I know how to do this for the most part, but I've got two servers that
> > when I have to reboot them, one needs to be done before the other and
> > cannot before a specific port comes available.  That port is only
> > accessible from that second server, not the ansible server itself.
> > Does that make sense?
> >
> > Is there a way that I can create a playbook that will do what I'm
> > describing?
> >
> > ie
> >
> > Reboot server1
> >
> > Reboot server2 when tcp/3306 comes available on server1.  *tcp/3306 is
> only
> > open to server2.*
>
> Use the reboot module on server1, it will wait for the server to be
> available again.
> Then in the next task you can use the wait_for module on server2 to check
> the port 3306.
>
> Pseudo code for 2 play in one playbook.
>
> - hosts: server1
>   tasks:
> - reboot:
>
> - hosts: server2
>   tasks:
> - wait_for:
> host: server1
> port: 3306
> state: started
>
> - reboot:
>
> or in one play
>
> - hosts: server1,server2
>   tasks:
> - reboot:
>   when: inventory_hostname == "server1"
>
> - wait_for:
> host: server1
> port: 3306
> state: started
>   when: inventory_hostname == "server2"
>
> - reboot:
>   when: inventory_hostname == "server2"
>
>
>
> --
> Kai Stian Olstad
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/9185fb2a-c8e8-3174-bba2-93a89f2bc71f%40olstad.com
> .
>


-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c chris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cic%3DGcaxy4d6kXwZuNSeJfr2Uz4AiK%3DiiR0ML5Tvn_Bmw%40mail.gmail.com.

[ansible-project] Reboot wait for port to come available

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

So I know how to do this for the most part, but I've got two servers that
when I have to reboot them, one needs to be done before the other and
cannot before a specific port comes available.  That port is only
accessible from that second server, not the ansible server itself.
Does that make sense?

Is there a way that I can create a playbook that will do what I'm
describing?

ie

Reboot server1

Reboot server2 when tcp/3306 comes available on server1.  *tcp/3306 is only
open to server2.*

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8ChLx0pFZ9BmxWpe3QbNEr1B7KpAqCbX6EjKNkp0Y4dX1A%40mail.gmail.com.

[ansible-project] Running specific tasks depending on subnet

['Chris Bidwell - NOAA Federal' via Ansible Project]

Does anyone know how I can run a task based off the subnet I'm in?

For example,

We've got an internal network that needs to pull packages through yum, but
within that subnet, we need to go through a proxy to get out.

So something like if my IP is 192.168.223.x to use this task

and if I'm 192.168.224.x to use this task instead?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8ChQ3h3MV7_bS2TsZD4XYH_7rNBL0BDq6RQLFjSz4Mo0Vg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] yum install through proxy

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

Is there any way to install an rpm through the yum module and direct that
install through a proxy?

Thanks!
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg%3DfpRCP8g4utnpiciYEwrDhD80Uv3wjfgK-x3UOw2PvQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] jinja2 warnings

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

After the latest ansible upgrade, I've started seeing these alerts when
running playbooks:

[WARNING]: conditional statements should not include jinja2 templating
delimiters such as {{ }} or {% %}. Found: {{ rhel7stig_complexity_high or
rhel7stig_audit_complex }}

Running ansible 2.8.0

Is this something that should be changed in all my playbook code?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiEymRrHWxt1pPDrvdsQ5VJGOEbQ1Pxmzbt%3DjK6ymfVdA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] AWX Setup

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all, has anyone out there ever setup AWX?  How much different is it
than tower?  If you have set this up, do you have a good step-by-step
instructions?

Thx!
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiqGqRqXLqu9JoQ7hNN3BeW2kESHH2xo4s0R7kB9Gzs1g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible Playbook output to local file

['Chris Bidwell - NOAA Federal' via Ansible Project]

Thanks for that info!  That's helping quite a bit.  I added another field
to output and since adding that field, it's only giving me about 70 systems
instead of the full 93.  Any idea on that one?
Here's my new playbook after implementing your recommendations:

--
- hosts: ALL_RHEL
  become: yes
  vars_files:
- passwd.yml
- vars.yml

  vars:
- OUTPUT: "/home/chris.bidwell/ansible/roles/output.txt"

  tasks:
- name: cleanup
  shell: "rm -rf {{ OUTPUT }}"

- name: Workstation or Server?
  shell: cat /etc/redhat-release | awk '{print $5}'
  register: rh_type

- name: Output info to OUTPUT.txt
  lineinfile:
dest: "{{ OUTPUT }}"
line: "{{ hostvars[item].ansible_hostname }}, {{
hostvars[item].ansible_kernel }}, {{ hostvars[item].rh_type.stdout }},
{{ *hostvars[item].facter_virtual
}}*"
create: yes
  delegate_to: localhost
  run_once: yes
  with_items: "{{ ansible_play_hosts }}"

On Fri, Mar 8, 2019 at 9:38 AM Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On 08.03.2019 17:03, 'Chris Bidwell - NOAA Federal' via Ansible Project
> wrote:
> > Hi all,
> >
> > So I've got this playbook that is getting information from all of my
> hosts
> > in my inventory and outputting that data to a local file.  However, it's
> > not outputting on EVERY inventory host.  It's going through the list like
> > it's supposed to be, but it's not putting everything in the file.  Any
> > ideas?  I've got over 80 systems in my ALL_RHEL group but only get about
> 40
> > line items in my output.txt file.
>
> All[1] the "hosts" is trying to write to the same file at the same the
> same time, and that is causing your problem.
>
>
> > Here's my playbook:
> >
> > ---
> > - hosts: ALL_RHEL
> >become: yes
> >vars_files:
> >  - passwd.yml
> >  - vars.yml
> >
> >tasks:
> >  - name: Workstation or Server?
> >shell: cat /etc/redhat-release | awk '{print $5}'
> >register: rh_type
> >tags: name
> >
> >  - name: Output info to output.txt
> >lineinfile:
> >  dest: /tmp/output.txt
> >  line: "{{ ansible_hostname }}, {{ ansible_kernel }}, {{
> > rh_type.stdout }}"
> >  create: yes
> >  insertafter: EOF
> >delegate_to: localhost
>
> This last task you need to run as loop with run_once so only one task is
> writing to the file.
> Something like this:
>
> - name: Output info to output.txt
>   lineinfile:
> dest: /tmp/output.txt
> line: "{{ hostvars[item].ansible_hostname }}, {{
> hostvars[item].ansible_kernel }}, {{ hostvars[item].rh_type.stdout }}"
> create: yes
> insertafter: EOF
>   delegate_to: localhost
>   run_once: yes
>   with_items: "{{ ansible_play_hosts }}"
>
>
> [1] How may host is actually determine by fork and serial. Default it
> would be 5 hosts at a time.
>
> --
> Kai Stian Olstad
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/64231d7a-9185-6cd2-4d74-a35049e64a98%40olstad.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgYScvypy3YV5%2BpBDi1b2aJW54%2BTvy-8B_UsS4bP%2BV8Tg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible Playbook output to local file

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

So I've got this playbook that is getting information from all of my hosts
in my inventory and outputting that data to a local file.  However, it's
not outputting on EVERY inventory host.  It's going through the list like
it's supposed to be, but it's not putting everything in the file.  Any
ideas?  I've got over 80 systems in my ALL_RHEL group but only get about 40
line items in my output.txt file.

Here's my playbook:

---
- hosts: ALL_RHEL
  become: yes
  vars_files:
- passwd.yml
- vars.yml

  tasks:
- name: Workstation or Server?
  shell: cat /etc/redhat-release | awk '{print $5}'
  register: rh_type
  tags: name

- name: Output info to output.txt
  lineinfile:
dest: /tmp/output.txt
line: "{{ ansible_hostname }}, {{ ansible_kernel }}, {{
rh_type.stdout }}"
create: yes
insertafter: EOF
  delegate_to: localhost

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CjdiWUwL8DAaq4_bG7%2By0zB7Hyo432NBMt-%2BXyRieM-RQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] authorized_keys module

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hi all,

I'm trying to add pubkeys to several users and I'm getting an error
message.  Here's the playbook:

---
- name: Add users and pubkeys
  hosts: server1
  become: yes
  vars_files:
- passwd.yml
- vars.yml

  tasks:
- name: "Add users to gong server"
  user:
name: "{{ item.name }}"
comment: "{{ item.comment }}"
shell: /bin/bash
  with_items:
- { name: "user1", comment: "user1" }
- { name: "user2", comment: "user2" }
- { name: "user3", comment: "user3" }
- { name: "user4", comment: "user4" }

- name: "Copy public keys"
  authorized_key:
user: "{{ item.user }}"
state: present
key: "{{ lookup('file', 'files/pubkey/{{ item.key }}') }}"
  with_items:
- { user: "user1", key: "user1.pub" }

Here's the error:
TASK [Copy public keys]
**
failed: [server1] (item={u'user': u'user1', u'key': u'user1.pub'}) =>
{"changed": false, "item": {"key": "user1.pub", "user": "user1"}, "msg":
"invalid key specified:
TIcN+b2YbI4EzQcthGikJIkR83spy4hr0JWklq89HHMYZ1XT8rj8bwRf33hQ91oleE4YvzzZh5YKuk+QgEAvXJeXQQxvhdbZ"}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CjXHBXykAL7dwrPsXQOvb3KwF6A%2BRbdkkN%3Dmy%3DDXHF5Pw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Logging into my local system w/ ansible

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

So I've got a playbook that runs and in my hosts list is the system running
the checks themselves...it can't seem to login to itself.  I get this
error:

fatal: [ansible-lx]: UNREACHABLE! => {"changed": false, "msg":
"Authentication or permission failure. In some cases, you may have been
able to authenticate and did not have permissions on the target directory.
Consider changing the remote tmp path in ansible.cfg to a path rooted in
\"/tmp\". Failed command was: ( umask 77 && mkdir -p \"` echo
~/.ansible/tmp/ansible-tmp-1548876106.33-89805454625 `\" && echo
ansible-tmp-1548876106.33-89805454625=\"` echo
~/.ansible/tmp/ansible-tmp-1548876106.33-89805454625 `\" ), exited with
result 1", "unreachable": true}

I've done what it suggests but didn't seem to make any difference.

Ideas?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiuZS4rDstHFqd3uHuwAD2dKGdpXUcomB2AGkQOAXS%2BUA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Running yum updates with ansible

['Chris Bidwell - NOAA Federal' via Ansible Project]

Well if I run it manually, I don't have any issues.  I'll look into it
further.  Thanks again.

On Tue, Jan 29, 2019 at 10:48 AM Jonathan Lozada De La Matta <
jloza...@redhat.com> wrote:

> well like mentioned this is not ansible specific so i suggest you research
> more into the OS side.
>
> On Tue, Jan 29, 2019 at 12:25 PM 'Chris Bidwell - NOAA Federal' via
> Ansible Project  wrote:
>
>> So does anyone have any recommendations on how to alleviate
>> this problem?  Perhaps some sort of delay before exiting or something?
>>
>> On Tue, Jan 29, 2019 at 8:54 AM Jonathan Lozada De La Matta <
>> jloza...@redhat.com> wrote:
>>
>>> I had a similar issue before with centos but, it was more like a limit (
>>> for example 4 ) of kernels that could be install at the moment but, the
>>> current running kernel was uninstalled and the new one did not install
>>> correctly so the system hanged during booting.
>>>
>>> On Tue, Jan 29, 2019 at 10:50 AM S C Rigler  wrote:
>>>
>>>> I've seen this also.  When the new kernel installs there is a post
>>>> transaction scriplet to build the initrd.  In some cases it doesn't
>>>> build correctly (I see it fail maybe 1-5% of the time) and you'll get
>>>> a panic when the system reboots.  I don't know that I've seen enough
>>>> to blame it on Ansible, though.
>>>>
>>>> --Steve
>>>>
>>>> On Mon, Jan 28, 2019 at 5:02 PM 'Chris Bidwell - NOAA Federal' via
>>>> Ansible Project  wrote:
>>>> >
>>>> > Hey all,
>>>> >
>>>> > So I've done a lot of yum updates with ansible and several times I
>>>> get issues where partial updates are run and it says it's been completed,
>>>> however, I reboot and I'm in a kernel panic because the new kernel didn't
>>>> update properly so I have to revert to the previous kernel and remove the
>>>> newest and reinstall it again.  I also often wind up with transactions that
>>>> haven't been completed.Has anyone experienced this before?
>>>> >
>>>> > Thanks!
>>>> > Chris
>>>> >
>>>> > --
>>>> > You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> > To unsubscribe from this group and stop receiving emails from it,
>>>> send an email to ansible-project+unsubscr...@googlegroups.com.
>>>> > To post to this group, send email to ansible-project@googlegroups.com
>>>> .
>>>> > To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/CAHKi8CgQ87cs0toXZ4pqefZjoA_Yv0mc89DcMLYih7j6nVHgew%40mail.gmail.com
>>>> .
>>>> > For more options, visit https://groups.google.com/d/optout.
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>>> To post to this group, send email to ansible-project@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/CAFbiokfshO7ytXf3RxojLac34PvgMTA%3DDdz3M_igQ7zLakFJxA%40mail.gmail.com
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>
>>>
>>> --
>>>
>>> Jonathan lozada de la matta
>>>
>>> AUTOMATION PRACTICE
>>>
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To post to this group, send email to ansible-project@googlegroups.com.
>>>
>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BJkQ-rEp86OHruqn40Tfi-C3jSkbEjkiHJzK7c-ACmt1w%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BJkQ-rEp86OHruqn40Tfi-C3jSkbEjkiHJzK7c-ACmt1w%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>> For more options, visit https://gro

Re: [ansible-project] Running yum updates with ansible

['Chris Bidwell - NOAA Federal' via Ansible Project]

So does anyone have any recommendations on how to alleviate this problem?
Perhaps some sort of delay before exiting or something?

On Tue, Jan 29, 2019 at 8:54 AM Jonathan Lozada De La Matta <
jloza...@redhat.com> wrote:

> I had a similar issue before with centos but, it was more like a limit (
> for example 4 ) of kernels that could be install at the moment but, the
> current running kernel was uninstalled and the new one did not install
> correctly so the system hanged during booting.
>
> On Tue, Jan 29, 2019 at 10:50 AM S C Rigler  wrote:
>
>> I've seen this also.  When the new kernel installs there is a post
>> transaction scriplet to build the initrd.  In some cases it doesn't
>> build correctly (I see it fail maybe 1-5% of the time) and you'll get
>> a panic when the system reboots.  I don't know that I've seen enough
>> to blame it on Ansible, though.
>>
>> --Steve
>>
>> On Mon, Jan 28, 2019 at 5:02 PM 'Chris Bidwell - NOAA Federal' via
>> Ansible Project  wrote:
>> >
>> > Hey all,
>> >
>> > So I've done a lot of yum updates with ansible and several times I get
>> issues where partial updates are run and it says it's been completed,
>> however, I reboot and I'm in a kernel panic because the new kernel didn't
>> update properly so I have to revert to the previous kernel and remove the
>> newest and reinstall it again.  I also often wind up with transactions that
>> haven't been completed.Has anyone experienced this before?
>> >
>> > Thanks!
>> > Chris
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible-project+unsubscr...@googlegroups.com.
>> > To post to this group, send email to ansible-project@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAHKi8CgQ87cs0toXZ4pqefZjoA_Yv0mc89DcMLYih7j6nVHgew%40mail.gmail.com
>> .
>> > For more options, visit https://groups.google.com/d/optout.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAFbiokfshO7ytXf3RxojLac34PvgMTA%3DDdz3M_igQ7zLakFJxA%40mail.gmail.com
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
> --
>
> Jonathan lozada de la matta
>
> AUTOMATION PRACTICE
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BJkQ-rEp86OHruqn40Tfi-C3jSkbEjkiHJzK7c-ACmt1w%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BJkQ-rEp86OHruqn40Tfi-C3jSkbEjkiHJzK7c-ACmt1w%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cipf75nDoKznxkO%2Bz1stTMZMDOPSk%3DdsP6XaN9niH7wtQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Running yum updates with ansible

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

So I've done a lot of yum updates with ansible and several times I get
issues where partial updates are run and it says it's been completed,
however, I reboot and I'm in a kernel panic because the new kernel didn't
update properly so I have to revert to the previous kernel and remove the
newest and reinstall it again.  I also often wind up with transactions that
haven't been completed.Has anyone experienced this before?

Thanks!
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgQ87cs0toXZ4pqefZjoA_Yv0mc89DcMLYih7j6nVHgew%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Adding rhn channels via ansible

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

How's it going?

So I'm trying to create a playbook that will add rhn-channels to servers
based on both Server/Workstation.

Here's my pb:

---
- name: Register RHN Channel
  hosts: GONG
  become: yes

  vars_files:
- passwd.yml
- vars.yml

  vars:
ansible: "{{ ansible_distribution }}"

  tasks:
- name: Workstation or Server?
  shell: cat /etc/redhat-release | awk '{print $5}'
  register: rh_type
  tags: name

- name: "Check if {{ ansible_hostname }} is already registered and
given server"
  rhn_channel:
name: rhel-x86_64-server-optional-7
sysname: ansible_hostname
user: rh_user
password: rh_pass
url: http://server.name.com/XMLRPC
  when: rh_type.stdout == 'Server'

- name: "Check if {{ ansible_hostname }} is already registered and
given workstation"
  rhn_channel:
name: rhel-x86_64-workstation-optional-7
sysname: ansible_hostname
user: rh_user
password: rh_pass
url: http://server.name.com/XMLRPC
  when: rh_type.stdout == 'Workstation'

- debug:
var: ansible_hostname
  tags: name

Erroring out with this:
fatal: [dev-gong-proc1-lx]: FAILED! => {"changed": false, "module_stderr":
"Shared connection to dev-gong-proc1-lx closed.\r\n", "module_stdout":
"\r\nTraceback (most recent call last):\r\n  File
\"/home/tsg/.ansible/tmp/ansible-tmp-1545238985.06-63865196201679/AnsiballZ_rhn_channel.py\",
line 113, in \r\n_ansiballz_main()\r\n  File
\"/home/tsg/.ansible/tmp/ansible-tmp-1545238985.06-63865196201679/AnsiballZ_rhn_channel.py\",
line 105, in _ansiballz_main\r\ninvoke_module(zipped_mod, temp_path,
ANSIBALLZ_PARAMS)\r\n  File
\"/home/tsg/.ansible/tmp/ansible-tmp-1545238985.06-63865196201679/AnsiballZ_rhn_channel.py\",
line 48, in invoke_module\r\nimp.load_module('__main__', mod, module,
MOD_DESC)\r\n  File
\"/tmp/ansible_rhn_channel_payload_3Kfo9x/__main__.py\", line 145, in
\r\n  File \"/tmp/ansible_rhn_channel_payload_3Kfo9x/__main__.py\",
line 118, in main\r\n  File \"/usr/lib64/python2.7/xmlrpclib.py\", line
1233, in __call__\r\nreturn self.__send(self.__name, args)\r\n  File
\"/usr/lib64/python2.7/xmlrpclib.py\", line 1591, in __request\r\n
verbose=self.__verbose\r\n  File \"/usr/lib64/python2.7/xmlrpclib.py\",
line 1273, in request\r\nreturn self.single_request(host, handler,
request_body, verbose)\r\n  File \"/usr/lib64/python2.7/xmlrpclib.py\",
line 1306, in single_request\r\nreturn
self.parse_response(response)\r\n  File
\"/usr/lib64/python2.7/xmlrpclib.py\", line 1482, in parse_response\r\n
return u.close()\r\n  File \"/usr/lib64/python2.7/xmlrpclib.py\", line 794,
in close\r\nraise Fault(**self._stack[0])\r\nxmlrpclib.Fault:  : Invalid request received
(class xmlrpc.auth is not defined (function = login)).\\n\">\r\n", "msg":
"MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

I'm pretty sure it's got something to do with the:  url:
http://server.name.com/XMLRPC piece.  How do I know what that URL is really
supposed to be?

Thanks!
Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgxsEdAmvhfZujVJSR2Y9Wxw_xVa63Sxao9DW3MBnzkqw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Determine which network a host is on

['Chris Bidwell - NOAA Federal' via Ansible Project]

So I've got a playbook I've written where the config is different depending
on the network it resides on.

How can I determine this and be able to save the network as a variable?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cg2FG7HuSAQWt86-eCu-X2jZ-uk6GzR5%2BfLV0TqPssvMQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible 2.6.6 is available

['Chris Bidwell - NOAA Federal' via Ansible Project]

Um, isn't 2.7 out?

On Friday, October 19, 2018, Matt Clay  wrote:

> Hi all -- we're happy to announce that the general release of Ansible
> 2.6.6 is now available!
>
>
> How do you get it?
> --
>
> $ pip install ansible==2.6.6 --user
>
> The tar.gz of the release can be found here:
>
> https://releases.ansible.com/ansible/ansible-2.6.6.tar.gz
> SHA256: 15ffb3447ed9fa072288d0fdeaa0086ed25d65d683441fa777d95cfddeacb108
>
>
> What's new in 2.6.6?
> --
>
> The 2.6.6 release is a maintenance release containing numerous bug fixes.
> The full changelog is at:
>
> https://github.com/ansible/ansible/blob/v2.6.6/
> changelogs/CHANGELOG-v2.6.rst
>
>
> What's the schedule for future 2.6 maintenance releases?
> --
>
> Future 2.6 maintenance releases will occur approximately every 2-3 weeks.
>
>
> We've published a porting guide at https://docs.ansible.com/
> ansible/2.6/porting_guides/porting_guide_2.6.html to help migrate your
> content to 2.6. If you discover any errors, or if you see any regressions
> from playbooks which work on 2.5.x and prior, please open a GitHub issue,
> and be sure to mention you're using 2.6.6.
>
>
> Thanks!
>
> Matt Clay (@mattclay)
> Ansible Core Engineering / 2.6 Release Manager
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/5bac919a-144b-4a50-bfe5-6978539b36f8%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>


-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Cis%2B6agmbsFc9W-53SwQ_b4Fqt76Tk16NAW_RXQQLRY1A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible 2.7 yum module issues

['Chris Bidwell - NOAA Federal' via Ansible Project]

Anyone notice weirdness with ansible 2.7?  I'm running 2.7.0 and the yum
module doesn't seem to be working as it's supposed to.  Previous ran
ansible 2.6.x with success.  Same module under 2.7.0:
fatal: [172.23.10.2]: FAILED! => {"changed": false, "msg": "Error from
repoquery: ['/usr/bin/repoquery', '--show-duplicates', '--plugins',
'--quiet', '-c', None, '--disablerepo', '', '--enablerepo', '', '--qf',
'%{epoch}:%{name}-%{version}-%{release}.%{arch}', 'glusterfs']: Error
accessing file for config file:///home/tsg/--disablerepo\nError accessing
file for config file:///home/tsg/--disablerepo\n"}

I have no reference to file:///home/tsg/--disablerepo.  I don't know where
it's pulling this from.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci4PkV8zETki%3Dm%3DTYv87%2Bb%3D7L2HhVpLJgBA-%2B7GbTUPWw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Trying to copy script from local to remote and run

['Chris Bidwell - NOAA Federal' via Ansible Project]

So I found that by putting the file in question within the local ansible
roles directory, it worked.  It somehow didn't have access to the directory
it resided in (Which is actually the users home directory!)   Anyway, very
strange!  Thanks so much for your help in narrowing down the culprits.
On Wed, Oct 17, 2018 at 5:41 AM Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On 17.10.2018 13:26, 'Chris Bidwell - NOAA Federal' via Ansible Project
> wrote:
> > I've tried that with the same results.  Hmm
>
> The best is probably starting with basic.
>
> src: in copy module is where the file is on the machine ansible-playbook
> is executed aka Ansible controller, dest: is where to copy the file on
> remote host.
> The file need to be accessible by the user executing ansible-playbook.
>
>
> Since you have turned off SELinux that should not cause any problem, so
> if you still have problem after checking the above it would run
>strace -o strace.log ansible-playbook ..
> And check the strace.log to see if that has some clues.
>
>
> --
> Kai Stian Olstad
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/60557ae06200b67eaef10046b4c1eb7a%40olstad.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgeNfprg401ShdY4g6NmYaBFqyyHZG%3DY%3DnttJ6r1hcT3g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Trying to copy script from local to remote and run

['Chris Bidwell - NOAA Federal' via Ansible Project]

I've tried that with the same results.  Hmm

On Wednesday, October 17, 2018, Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On 17.10.2018 01:09, 'Chris Bidwell - NOAA Federal' via Ansible Project
> wrote:
>
>> So I simplified my playbook a bit.  I disabled selinux on both servers and
>> I'm still getting an error.
>>
>> ---
>> - name: Check for reboot
>>   hosts: baseserver-lx
>>   become: yes
>>
>>   vars_files:
>> - passwd.yml
>> - vars.yml
>>
>>   vars:
>> script_dir: "~/"
>> script: "~/needs-restarting.py"
>>
>
> Tilde for home directory is a concept for the shell not Ansible, you need
> to use relative or absolute path.
>
>
> --
> Kai Stian Olstad
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/ms
> gid/ansible-project/37e8d06cf2ea27fee5845d9be21eb5d9%40olstad.com.
> For more options, visit https://groups.google.com/d/optout.
>


-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8Ci9tBK27T%2BAbqmfO5po6dufeATUVub9yqtK_h7Yh4LE4g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Trying to copy script from local to remote and run

['Chris Bidwell - NOAA Federal' via Ansible Project]

So I simplified my playbook a bit.  I disabled selinux on both servers and
I'm still getting an error.

---
- name: Check for reboot
  hosts: baseserver-lx
  become: yes

  vars_files:
- passwd.yml
- vars.yml

  vars:
script_dir: "~/"
script: "~/needs-restarting.py"

  tasks:
- name: Copy script
  copy:
src: "{{ script }}"
dest: "{{ script }}"
owner: root
group: root
mode: 0700

- name: Check for reboot
  command: "{{ script }}"
  register: reboot_reqd
  ignore_errors: true
  changed_when: false

- name: "Rebooting {{ ansible_hostname }}"
  shell: sleep 1 && reboot
  async: 30
  poll: 1
  ignore_errors: true
  when:
- reboot_reqd.rc == 1

- name: Wait for ssh to come back available
  wait_for:
host: "{{
(ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}"
port: 22
search_regex: OpenSSH
delay: 10
timeout: 240
  vars:
ansible_connection: local
  when: reboot_reqd.rc == 1

ERROR:
TASK [Copy script]
***
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: If you are using a module and expect the file to exist
on the remote, see the remote_src option
fatal: [baseserver-lx]: FAILED! => {"changed": false, "msg": "Could not
find or access '~/needs-restarting.py' on the Ansible Controller.\nIf you
are using a module and expect the file to exist on the remote, see the
remote_src option"}


On Mon, Oct 15, 2018 at 10:45 AM Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On Thursday, 11 October 2018 22.30.13 CEST 'Chris Bidwell - NOAA Federal'
> via Ansible Project wrote:
> > cat check_for_reboot.yml
> > ---
> > - name: Check for reboot
> >   hosts: testserver
> >   become: yes
> >
> >   vars_files:
> > - passwd.yml
> > - vars.yml
> >
> >   vars:
> > script_dir: "/home/tsg/scripts"
> >
> >   tasks:
> > - name: Does script directory exist?
> >   stat:
> > path: "{{ script_dir }}"
> >   register: dir_exists
>
> You don't need to do this, the file module will check if the directory
> exist and create if it doesn't exist.
>
>
> >
> > - name: Does script exist?
> >   stat:
> > path: "{{ script_dir }}/needs-restarting.py"
> >   register: fic
>
> You don't need to do this, the copy module will check if the file exist
> and create/copy if it doesn't exist.
>
>
> > - name: Create scripts dir
> >   file:
> > state: directory
> > path: "{{ script_dir }}"
> > owner: tsg
> > group: tsg
> > mode: 0755
> >   when: dir_exists.stat.exists == false
> >
> > - name: Copy script
> >   copy:
> > src: "{{ script_dir }}/needs-restarting.py"
> > dest: "{{ script_dir }}/needs-restarting.py"
> > owner: tsg
> > group: tsg
> > mode: 0755
> >   when: fic.stat.exists == false
> >
> > - name: Check for reboot
> >   command: "{{ script_dir }}/needs-restarting.py -r"
> >   register: reboot_reqd
> >   ignore_errors: true
> >   changed_when: false
> >
> > - name: "Rebooting {{ ansible_hostname }}"
> >   shell: sleep 1 && reboot
> >   async: 30
> >   poll: 1
> >   ignore_errors: true
> >   when: reboot_reqd.rc == 1
>
> If you are using Ansible 2.7 I recommend using the reboot module.
>
> https://docs.ansible.com/ansible/2.7/modules/reboot_module.html#reboot-module
>
> If not you should change it to this to avoid errors.
>
>   - name: "Rebooting {{ ansible_hostname }}"
> shell: sleep 2 && reboot
> async: 1
> poll: 0
> when: reboot_reqd.rc == 1
>
>
> > - name: Wait for ssh to come back available
> >   wait_for:
> > host: "{{
> > (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}"
> > port: 22
> > search_regex: OpenSSH
> > delay: 10
> > timeout: 240
> >   vars:
> > ansible_connection: local
> >   when: reboot_reqd.rc == 1
>
> 

[ansible-project] Ending summary of a playbook

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

Is there any way to write out where I would get a summary of a playbook,
other than what is already given with the passes, fails, changed, etc.
Let's say I write a playbook listing all servers/workstations that need to
be rebooted after a kernel patch.

Is there a way to do this?  I've got a playbook already in place that where
it says:

- debug:
msg: "{{ inventory_hostname}} {{ reboot_required.stdout }}"
  when: reboot_required.stdout == "reboot"
  tags: reboot

That goes as the playbook runs.  I'd like to get a listing of all that
match this at the end.  Any ideas?

Thanks!

Chris

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CghcEX8EKBw4P6tXuzoGGuUqNqDToXmvNqZsTTjC4mjxw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Trying to copy script from local to remote and run

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all, me again!  So I've got this playbook that *should* run fine but it
dies at trying to copy.  Now I don't know if it's because it can't find it
locally having the problem copying it remotely.  Here it is:

cat check_for_reboot.yml
---
- name: Check for reboot
  hosts: testserver
  become: yes

  vars_files:
- passwd.yml
- vars.yml

  vars:
script_dir: "/home/tsg/scripts"

  tasks:
- name: Does script directory exist?
  stat:
path: "{{ script_dir }}"
  register: dir_exists

- name: Does script exist?
  stat:
path: "{{ script_dir }}/needs-restarting.py"
  register: fic

- name: Create scripts dir
  file:
state: directory
path: "{{ script_dir }}"
owner: tsg
group: tsg
mode: 0755
  when: dir_exists.stat.exists == false

- name: Copy script
  copy:
src: "{{ script_dir }}/needs-restarting.py"
dest: "{{ script_dir }}/needs-restarting.py"
owner: tsg
group: tsg
mode: 0755
  when: fic.stat.exists == false

- name: Check for reboot
  command: "{{ script_dir }}/needs-restarting.py -r"
  register: reboot_reqd
  ignore_errors: true
  changed_when: false

- name: "Rebooting {{ ansible_hostname }}"
  shell: sleep 1 && reboot
  async: 30
  poll: 1
  ignore_errors: true
  when: reboot_reqd.rc == 1

- name: Wait for ssh to come back available
  wait_for:
host: "{{
(ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}"
port: 22
search_regex: OpenSSH
delay: 10
timeout: 240
  vars:
ansible_connection: local
  when: reboot_reqd.rc == 1

Output:
TASK [Create scripts dir]
*
changed: [testserver]

TASK [Copy script]

An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: If you are using a module and expect the file to exist
on the remote, see the remote_src option
fatal: [testserver]: FAILED! => {"changed": false, "msg": "Could not find
or access '/home/tsg/scripts/needs-restarting.py' on the Ansible
Controller.\nIf you are using a module and expect the file to exist on the
remote, see the remote_src option"}

Okay, so I know that file is on the src server (ansible server).

[tsg@server]$ pwd
/home/tsg/scripts
[tsg@server scripts]$ll
-rwxr-x---. 1 root tsg 8432 Aug 23 17:57 needs-restarting.py

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CgQVVSu%3DgHFeH1oVg_t6jpsZ4W3dpfCUo-Eym-XEcHTJQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible Reboot Check

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

take a look at this and lemme know where I'm hosed at.  The errors are a
bit misleading:

---
- name: Check who needs reboots
  hosts: ALL_RHEL
  become: yes

  vars_files:
- passwd.yml
- vars.yml

  tasks:
- name: check packages for updates
  shell: yum list updates | awk 'f;/Updated Packages/{f=1;}' | awk '{
print $1 }'
  changed_when: updates.stdout > "0"
  args:
warn: false
  register: updates

- name: display count
  debug:
msg: "Found {{ updates.stdout_lines | length }} packages to be
updated:\n\n{{ updates.stdout }}"

- when: updates.stdout > "0"
  block:
- name: install updates using yum
  yum:
name: "*"
state: latest
  async: 45
  poll: 0

- name: install yum-utils
  package:
name: yum-utils

- name: check if reboot is required RHEL7
  shell: needs-restarting -r
  failed_when: false
  register: reboot_required
  changed_when: false
  when:
- ansible_os_family == 'RedHat'
- ansible_distribution_major_version | version_compare('7', '=')

- name: check if reboot is reqd RHEL6
  shell: LAST_KERNEL=$(rpm -q --last kernel | awk
'NR==1{sub(/kernel-/,""); print $1}'); CURRENT_KERNEL=$(uname -r); if [
$LAST_KERNEL != $CURRENT_KERNEL ]; then echo 'reboot'; else echo 'no'; fi
  failed_when: false
  register: reboot_required
  changed_when: false
  when:
- ansible_os_family == 'RedHat'
- ansible_distribution_major_version | version_compare('6', '=')


- when: #(updates.stdout_lines | length > 0 and reboot_required.rc !=
0) or
- reboot_required.stdout == "reboot"
  block:
- name: reboot the server if required
  shell: sleep 3; reboot
  ignore_errors: true
  changed_when: false
  async: 1
  poll: 0

- name: wait for server to come back after reboot
  wait_for_connection:
timeout: 600
delay: 20
  register: reboot_result

- name: reboot time
  debug:
msg: "The system rebooted in {{ reboot_result.elapsed }}
seconds."

Here's the part where it dies:  The RHEL6 check doesn't seem to be running
like it's supposed to.
Thanks!

TASK [install yum-utils]
**
skipping: [baseserver-lx]

TASK [check if reboot is required RHEL7]
**
skipping: [baseserver-lx]

*TASK [check if reboot is reqd RHEL6] *
**
skipping: [baseserver-lx]

TASK [reboot the server if required]
**
fatal: [baseserver-lx.swpc.noaa.gov]: FAILED! => {"msg": "The conditional
check 'reboot_required.stdout == \"reboot\"' failed. The error was: error
while evaluating conditional (reboot_required.stdout == \"reboot\"): 'dict
object' has no attribute 'stdout'\n\nThe error appears to have been in
'/etc/ansible/roles/needs-reboot.yml': line 57, column 11, but may\nbe
elsewhere in the file depending on the exact syntax problem.\n\nThe
offending line appears to be:\n\n  block:\n- name: reboot the
server if required\n  ^ here\n"}
...ignoring

TASK [wait for server to come back after reboot]
**
fatal: [baseserver-lx]: FAILED! => {"msg": "The conditional check
'reboot_required.stdout == \"reboot\"' failed. The error was: error while
evaluating conditional (reboot_required.stdout == \"reboot\"): 'dict
object' has no attribute 'stdout'\n\nThe error appears to have been in
'/etc/ansible/roles/needs-reboot.yml': line 64, column 11, but may\nbe
elsewhere in the file depending on the exact syntax problem.\n\nThe
offending line appears to be:\n\n\n- name: wait for server to come
back after reboot\n  ^ here\n"}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CiZWJk8tdGx8u-HC%2Bk-EFgOrXRqPrWGduuJrgeA62CwoA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Conditional when based on grep results

['Chris Bidwell - NOAA Federal' via Ansible Project]

Hey all,

So I'm trying to do a check to see if a string exists in a file and to add
if it does not.

This is what I have:

- name: exists in file
  command: "grep string /var/log/file"
  register: string_not_exist

- name: run_if_exists
  command: "touch /tmp/add"
  when: string_not_exist.stdout == 1

This doesn't work.  :(  Any help would be appreciated!!
--

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CjmJsLUz2Nkf3sjhLLGQ_RCR-Ud6GGNaH70vPG_b5Hx8A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Warnings during ansible playbook run

['Chris Bidwell - NOAA Federal' via Ansible Project]

I think it is because my ansible.cfg is set to:  *stdout_callback = unixy*

I was trying to get my ansible output to show a more human readable format
instead of all this mess in the same line.

ansible 2.6.2
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5
20150623 (Red Hat 4.8.5-28)]

On Wed, Aug 15, 2018 at 10:48 AM, Jonathan Lozada De La Matta <
jloza...@redhat.com> wrote:

> Chris,
>
> what ansible version and what are you trying to do ? I haven't seen it
> before.
>
> On Wed, Aug 15, 2018 at 12:42 PM 'Chris Bidwell - NOAA Federal' via
> Ansible Project  wrote:
>
>> Have you guys seen this before?  What is causing this:
>>
>> Warning: Due to potential bad behaviour with rhnplugin and certificates,
>> used slower repoquery calls instead of Yum API.
>>
>> Thanks!
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit https://groups.google.com/d/
>> msgid/ansible-project/CAHKi8CifJ_h2uTbkf888MZpHcRKnQ%2B4t_Ard_
>> w_PoCkW5AowJw%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAHKi8CifJ_h2uTbkf888MZpHcRKnQ%2B4t_Ard_w_PoCkW5AowJw%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
> --
>
> Jonathan lozada de la matta
>
> AUTOMATION CONSULTANT - AUTOMATION PRACTICE
>
> Red Hat Consulting Services <https://www.redhat.com/>
>
> jloza...@redhat.com
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/CAFYJA%2BKAojodsAVT4HkZg2UFzcG9xzNckq
> 8Q6WYpC4tOEatj-A%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAFYJA%2BKAojodsAVT4HkZg2UFzcG9xzNckq8Q6WYpC4tOEatj-A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 

Chris Bidwell, CISSP
Space Weather Prediction Center
National Oceanic Atmospheric Administration
email: c hris.bidw...@noaa.gov
office: 303-497-3204
mobile: 720-496-3126

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CjmMJNjs_vRPdE_agWzCt8-nisMJaVHkgCJdALgeZqd5A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Warnings during ansible playbook run

['Chris Bidwell - NOAA Federal' via Ansible Project]

Have you guys seen this before?  What is causing this:

Warning: Due to potential bad behaviour with rhnplugin and certificates,
used slower repoquery calls instead of Yum API.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHKi8CifJ_h2uTbkf888MZpHcRKnQ%2B4t_Ard_w_PoCkW5AowJw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.