Re: [ansible-project] JOB | Sysadmin with Python (Singapore/London)
On Tuesday 23 May 2023 at 14:37:14, James Tobin wrote: > Hello, I'm working with an employer that is looking to hire a > *sysadmin* in London or Singapore to take lead on the modernisation of > their on-premises environment. Python experience is *mandatory*. > Consequently, I had hoped that some members of this group may like to > discuss. I can be reached using "JamesBTobin (at) Gmail (dot) Com". > Kind regards, James 1. (To everyone except James) please keep replies to this off-list 2. (To James) you might get better results if you post a URL to a job vacancy page on the employer's website so people can access more details and see what the application process is 3. James, if you're on LinkedIn, I suggest posting there. Antony. -- I think broken pencils are pointless. Please reply to the list; please *don't* CC me.
Re: [ansible-project] JOB | Linux System Administrator (India, Singapore or UK)
On Tuesday 16 May 2023 at 10:46:40, James Tobin wrote: > Hello, I'm working with an employer that is looking to hire a Linux > system admin (for their office in India, Singapore or UK) that is > capable of bringing a modern devops mindset and experience to a team > that will be migrating a VMware environment. I had hoped that some > members of this list may like to discuss further. I can be reached > using "JamesBTobin (at) Gmail (dot) Com". Kind regards, James 1. (To everyone except James) please keep replies to this off-list 2. (To James) you might get better results if you post a URL to a job vacancy page on the employer's website so people can access more details and see what the application process is 3. If you're on LinkedIn, I suggest posting there. Antony. -- Don't procrastinate - put it off until tomorrow. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Upgrading Ansible Tower (3.8) to Ansible Automation Platform
On Friday 21 April 2023 at 16:14:12, Ume wrote: > Currently we have Ansible Tower 3.8 (RHEL 7) having Highly Available > PostgeSql DB. We are planning to upgrade Tower to AAP which doesn't support > PostgreSql HA. We wanted to upgrade tower without loosing existing data and > keeping postgresql HA? Is it possible? > > Or do we need break replication before upgrade and then enable replication, > is it right scenario This is a forum/list for the Community version of Ansible. Ansible Tower is covered by a paid-for support service which you should use instead to get advice and assistance with that product. Antony. -- There are 10 types of people in the world: those who understand binary notation, and those who don't. Please reply to the list; please *don't* CC me.
Re: [ansible-project] JOB | DevOps Automation Evangelist/Presenter (London/Singapore)
On Tuesday 04 April 2023 at 14:41:52, 'Rowe, Walter P. (Fed)' via Ansible Project wrote: > Does the rules of this group permit job recruiting? Seems like a perfectly reasonable question to ask the community, to me. Antony. > On Apr 4, 2023, at 5:45 AM, James Tobin wrote: > > Hello, I'm working with an employer that is looking to hire someone to > be the voice of their on-prem global devops team. You should be > articulate and confident in all things ansible and automation; capable > of taking center stage in meetings, presentations and tech > conferences. The position will be based in London and/or Singapore. > I had hoped that some members of this group may like to discuss > further. I can be reached using "JamesBTobin (at) Gmail (dot) Com". > Kind regards, James -- When you find yourself arguing with an idiot, you should first of all make sure that the other person isn't doing the same thing. Please reply to the list; please *don't* CC me.
Re: [ansible-project] How to wait for uptime of 2 minutes and then execute next task
On Monday 03 April 2023 at 16:28:31, vinayak sawant wrote: > @Antony Stone : "ansible_uptime_seconds >= '120'" is not working as shown > below. I did not mean you to add the " characters - those were simply to identify the string I think you should use in order to confirm to ansible syntax. Antony -- What do you call a dinosaur with only one eye? A Doyouthinkesaurus. Please reply to the list; please *don't* CC me.
Re: [ansible-project] How to wait for uptime of 2 minutes and then execute next task
On Monday 03 April 2023 at 15:21:34, vinayak sawant wrote: > anisble_uptime_seconds does not work for me. " == or => '120'" ??? Try simply "ansible_uptime_seconds >= '120'" Antony. -- Too many people spend money they haven't earned to buy things they don't want, to impress people they don't like. - Will Rogers Please reply to the list; please *don't* CC me.
Re: [ansible-project] version Issue
On Wednesday 29 March 2023 at 14:36:40, kankatala venkatapraveen wrote: > I got the below error while running the playbook for enabling port on AWS > server. could please provide the solution? > Python Module not found: firewalld and its python module are required for > this module,version 0.2.11 or newer required (0.3.9 or newer for offline > operations) The solution is to install firewalld and its python module at the appropriate version level. Antony. -- If you can't find an Open Source solution for it, then it isn't a real problem. Please reply to the list; please *don't* CC me.
Re: [ansible-project] read password from a variable
On Friday 10 March 2023 at 16:39:17, Veera wrote: > Its a problem with "pexpect" module requirement and it worked after "pip3 > install pexpect". > However , now "source ./myenv" is not working > > msg": "The command was not found or was not executable: source" > > Since source is a shell inbuilt command . Is there a way to overcome it ? > I tried multiple options .. "source" is a Bash built-in, but are you sure the remote machine is using Bash as its shell? If it's a modern Debian (ore derivative) machine and it's using /bin/sh, that's Dash, not Bash, and Dash does not have the "source" command. Antony. -- The Free Software Foundation Europe was formed on this day in 2001 https://fsfe.org Please reply to the list; please *don't* CC me.
Re: [ansible-project] JOB | Lead Linux Sysadmin (Edinburgh/London)
On Wednesday 08 March 2023 at 11:38:39, Sanjay Khatri wrote: > Hi James, > > Please share J.D. Please do keep follow-ups to this request off-list. Thanks, Antony. -- Someone has stolen all the toilets from New Scotland Yard. Police say they have absolutely nothing to go on. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Based on Variable defined template should behave
On Monday 06 March 2023 at 15:25:55, HAMIDOU OUARO wrote: > Please, I ask the last version of ansible If you are asking what the latest version of Ansible is (nothing to do with the topic you posted this question in) then this may help: -- Forwarded Message Starts -- Subject: [ansible-project] Ansible 7.3.0 has been Released! Date: Tuesday 28 February 2023 16:51:29 From: Anwesha Das To: ansible-de...@googlegroups.com, ansible-annou...@googlegroups.com, ansible-project@googlegroups.com Hello everyone, We're happy to announce that the Ansible 7.3.0 package has been released! Ansible 7.3.0 will include ansible-core 2.14 as well as a curated set of Ansible collections to provide a vast number of modules and plugins. -- Forwarded Message Starts -- If that was not your question then please re-phrase it so we may be able to help further. Antony. -- We all get the same amount of time - twenty-four hours per day. How you use it is up to you. Please reply to the list; please *don't* CC me.
Re: [ansible-project] error
On Saturday 11 February 2023 at 10:28:58, Antony Stone wrote: > On Saturday 11 February 2023 at 10:22:11, trupti kokare wrote: > > Permission denied (publickey) > > > > plz help me out Repeating with emphasis this time: > Make sure that *the ansible user on your master* can SSH to the node, before > you expect ansible to be able to do it on its own. > > Basically, you need to copy the public key from the master to the node. > > https://docs.ansible.com/ansible/latest/inventory_guide/connection_details. > html > > See "Setting up SSH keys". > > > Antony. -- René Descartes walks in to a bar. The barman asks him "Do you want a drink?" Descartes says "I think not," and disappears. Please reply to the list; please *don't* CC me.
Re: [ansible-project] error
On Saturday 11 February 2023 at 10:22:11, trupti kokare wrote: > Permission denied (publickey) > plz help me out Make sure that the ansible user on your master can SSH to the node, before you expect ansible to be able to do it on its own. Basically, you need to copy the public key from the master to the node. https://docs.ansible.com/ansible/latest/inventory_guide/connection_details.html See "Setting up SSH keys". Antony. -- +++ Divide By Cucumber Error. Please Reinstall Universe And Reboot +++ Please reply to the list; please *don't* CC me.
Re: [ansible-project] IPv4 / IPv6 issue with apt_repository
On Thursday 12 January 2023 at 16:15:59, Eli Taft wrote: > I have two Debian servers on EC2 instances in AWS. > One server is attempting to connect using IPv6 first, and only when all of > those time out does it try and succeed to download using an IPv4 address. > The other server doesn't do this... it just using IPv4 and downloads > instantaneously. > Both of these servers are using the same network / vpc settings too. The first thing I would test is whether both servers can resolve a hostname which has both IPv4 and IPv6 addresses, and whether they can both connect to each address. My suspicion is that one is (mis?)configured with an IPv6 address, and therfore tries to use IPv6, which then fails, and the other server doesn't even have an IPv6 address (or route?) and therefore just goes for IPv4 immediately. For example, this is what I get on one of my (not AWS) machines: $ ping4 -n google.com PING google.com (172.217.16.206) 56(84) bytes of data. 64 bytes from 172.217.16.206: icmp_seq=1 ttl=57 time=10.2 ms 64 bytes from 172.217.16.206: icmp_seq=2 ttl=57 time=10.3 ms 64 bytes from 172.217.16.206: icmp_seq=3 ttl=57 time=10.2 ms $ ping6 -n google.com PING google.com(2a00:1450:4001:806::200e) 56 data bytes 64 bytes from 2a00:1450:4001:806::200e: icmp_seq=1 ttl=57 time=10.3 ms 64 bytes from 2a00:1450:4001:806::200e: icmp_seq=2 ttl=57 time=10.3 ms 64 bytes from 2a00:1450:4001:806::200e: icmp_seq=3 ttl=57 time=10.3 ms Antony. -- 3 logicians walk into a bar. The bartender asks "Do you all want a drink?" The first logician says "I don't know." The second logician says "I don't know." The third logician says "Yes!" Please reply to the list; please *don't* CC me.
Re: [ansible-project] no space left on remote_tmp
On Friday 11 November 2022 at 17:10:47, Dick Visser wrote: > It's total gibberish to me. > Post plain text and we might be able to help > But one thing that comes to mind and that is you've ran out of inodes. Indeed - as well as "df -h" it's always good to do "df -i" Antony. -- "Linux is going to be part of the future. It's going to be like Unix was." - Peter Moore, Asia-Pacific general manager, Microsoft Please reply to the list; please *don't* CC me.
Re: [ansible-project] looking for an ansible playbook
On Tuesday 04 October 2022 at 17:58:53, Tunji Jolaosho wrote: > Good day I am a newbie here and am trying to write my first ansible > playbook to push our group server to all windows servers in GCPany help > will be appreciated. It would be useful if you could tell us: 1. what documentation have you read and tried to follow so far in order to achieve this? 2. how far have you got and what specific problem/s are you running into? 3. which version/s of Windows and ansible are you working with (and what system are you running the playbook on)? Antony. -- The Free Software Foundation was formed on this day in 1985 https://www.fsf.org Please reply to the list; please *don't* CC me.
Re: [ansible-project] How can I distinguish completed jobs in Ansible Tower
On Tuesday 23 August 2022 at 22:16:32, Michael Burch wrote: > Good afternoon - > > We have a playbook that is used by multiple groups. What is a "group"? > This playbook is neutrally stored and run from a common area. So, some sort of network share? > How can we, for lack of a better term, label the job at run time so that we > can associate it to the PROJECT that is executing it. Well, how is that PROJECT defined? Is it part of the login credentials of the user running the playbook? Let's leave ansible aside for a moment - what's the simplest way you can think of in your login environment to identify the PROJECT under which *any* command gets run? PS: I also notice that you are asking about Ansible Tower, which has its own paid support mechanism, whereas you are here asking for help in the community ansible project, which is separate, and most people here are not going to be familiar with Ansible Tower, so unless your question is generic to both environments, this may not be the best way to get the support you require. Some of my questions above may easily fall into this category, since I have no clue myself about Ansible Tower. Antony. -- I think broken pencils are pointless. Please reply to the list; please *don't* CC me.
Re: [ansible-project] looking for support
On Sunday 24 July 2022 at 15:56:46, Shyju Krishnan wrote: > [image: image.png] Please: 1. Copy and paste text, don't post screenshots (especially in difficult-to-read colour combinations) 2. Show us the command you ran before getting the error 3. Show us the text of the error in as readable a format as possible 4. Show us your playbook (if it's small) or the relevent section of it (if it's big) 5. Consider using pastebin or similar if you want to show us more than arounnd 25 lines of playbook. Thanks, Antony. -- Schrödinger's rule of data integrity: the condition of any backup is unknown until a restore is attempted. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible playbook to monitor disk space utilization and generate alert
On Monday 18 July 2022 at 20:18:15, Amit Das wrote: > Dear All, > > I am relatively new to Ansible. Could someone please guide me on writing a > playbook which runs hourly to monitor the disk space and generates an email > alert if the threshold is breached? Why are you trying to use ansible for this? I would recommend https://icinga.com or possibly https://grafana.com for such a requirement. Antony -- Salad is what food eats. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Create VM with Operating System with Ansible
On Monday 18 July 2022 at 16:51:25, Abhijeet Kasurde wrote: > You want to check - > > https://medium.com/@AbhijeetKasurde/automating-centos-7-installation-using- > ansible-and-kickstart-483807a3774c > https://medium.com/8042/ansible-automating-windows-server-2012-r2-installa > tion-in-vcenter-227577f5917c Also see https://wiki.debian.org/DebianInstaller/Preseed and https://www.debian.org/releases/stable/amd64/apb.en.html if you happen to be installing Debian or Devuan. It probably works for Ubuntu as well (but I've not tried that). Antony. -- The Royal Society for the Prevention of Cruelty to Animals was formed in 1824. The National Society for the Prevention of Cruelty to Children was not formed until 1884. That says something about the British. Please reply to the list; please *don't* CC me.
Re: [ansible-project] keep getting error : "module_stderr": "Shared connection to host closed
On Thursday 14 July 2022 at 21:27:43, Tony Wong wrote: > any idea why? No. Give us more context, and we might have a clue. Antony. -- "Once you have a panic, things tend to become rather undefined." - murble Please reply to the list; please *don't* CC me.
Re: [ansible-project] RHCE exam question
On Monday 11 July 2022 at 10:59:09, Mahdi Idriss wrote: > Hi guys, > > I had this question on my last ex294 ansible exame, so I was not able to > solve it, anyone have the right playbook or can create one? How close did you get? I suggest the best way to get assistance on somethng like this from the volunteers on this list is to show us the best thing you managed to come up with on your own, and tell us which part of the requirements you weren't able to fulfil. Someone here may then be able to help you with the specific part you had trouble with. Asking for someone to come up with an entire solution to what is a pretty complex question is just not appropriate for this type of support list (in my opinion). Antony. -- I still maintain the point that designing a monolithic kernel in 1991 is a fundamental error. Be thankful you are not my student. You would not get a high grade for such a design :-) - Andrew Tanenbaum to Linus Torvalds Please reply to the list; please *don't* CC me.
[ansible-project] File date/time stamps
Hi. I have a generic question about ansible, and the way it manages files on target (managed) systems. They're all Linux systems. I'm working in an environment where a colleague is running ansible scripts to manage servers I work with, and I see that every time ansible runs, it updates date and time stamps on files it is managing, even when the content is already correct and isn't being changed. Is this a standard feature of ansible and the way it does configuration management, or does it suggest that there's something incorrect or at least inefficient about the way it's being used here? I'm really not familiar with ansible myself, but I have used puppet in the past, and that didn't do this - if a file was already correct it did not get touched. Thanks for any advice. Antony. -- Numerous psychological studies over the years have demonstrated that the majority of people genuinely believe they are not like the majority of people. Please reply to the list; please *don't* CC me. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/202206171056.14153.Antony.Stone%40ansible.open.source.it.
Re: [ansible-project] Using wsman in a proxy environment
On Wednesday 08 June 2022 at 19:16:42, Adam Barnett wrote: > Hi All, > > we are running ansible on our network and have just deployed a proxy as we > needed to cut off direct internet access. Please give some more details of your network setup - specifically, the routing between your ansible server and the machine/s you're deploying / managing with it. Please make it clear where the proxy server fits in to this routing. You say you needed to cut off direct Internet access, but you are trying to manage a machine with the address 10.22.0.109, so how does "direct Internet access" come into this? Are you trying to access this machine from a totally different network (across the Internet)? -- René Descartes walks in to a bar. The barman asks him "Do you want a drink?" Descartes says "I think not," and disappears. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible remove accent
On Tuesday 12 April 2022 at 17:59:09, Gabz Modz wrote: > Hello :) > > I have a playbook that generates the creation of an AD account, it works > very well. ... for a restricted input data set ... > Example: > The account of Toto PIERRE with the email address toto.pie...@labo.lab is > created correctly. > > The account of Médéric GOT with the email address médéric@labo.lab the > samacount is created with an accent "é", is there a method like CAPITALIZE > or UPPER ect... which allows to remove the accent of the "é" by "e"? I would suggest that it is not a good assumption that everybody's email address is firstname.lastn...@domain.tld I think you should be supplying two separate items of data to ansible for this process: 1. The person's name 2. The person's email address For example, what would your current system try to do with: a) Marcus du Sautoy b) Ed O'Brien c) Madonna d) John Smith (Sales) and John Smith (Development) e) Tony Leung Chiu-wai (whose surname is Leung) Antony. -- "It is easy to be blinded to the essential uselessness of them by the sense of achievement you get from getting them to work at all. In other words - and this is the rock solid principle on which the whole of the Corporation's Galaxy-wide success is founded - their fundamental design flaws are completely hidden by their superficial design flaws." - Douglas Noel Adams Please reply to the list; please *don't* CC me.
Re: [ansible-project] Can you please assist me with a role where I wish to gather mount details of ansible client and then compare it with expected value provided by client
On Tuesday 11 January 2022 at 18:52:24, Marian Saldhana wrote: > Hi All, > > I have a role to check the partition ( mount ) details of ansible client > and then compare its value with the values provided by the customer, > however the output of ansible_mounts is too huge What do you mean by "huge"? Can you give an example of at least some of the output you get, and explain in what way it is too large? I can only think of two ways in which the output is bigger than you want/expect: 1. More partitions are being reported than you expected 2. Each partition is reporting more detail than you expected Which is the problem? Antony. -- This is not a rehearsal. This is Real Life. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Execute an .sql script on mysql with secure installation
On Monday 20 December 2021 at 18:08:23, Tiago Oliveira wrote: > I am trying to use an sql script to create a database in mariadb on a > openbsd server with ansible. > > My playbook first create the script with the name of the database to create > and then uses expect to give the command "mysql -u root -p < script.sql" > and then responses the password with "" because theres no password. So, why don't you simply omit the "-p" to avoid being prompted for the non- existent password? Antony. -- I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies, and the other way is to make it so complicated that there are no _obvious_ deficiencies. - C A R Hoare Please reply to the list; please *don't* CC me.
Re: [ansible-project] Facing Issue Ansible Summary
On Monday 20 December 2021 at 15:34:02, 'Jitender J' via Ansible Project wrote: > Hi Team, > > Facing a very strange issue, my failed task output getting swapped with > another task, in summary, we have done some modification in the callback > module but never saw like this before, any suggestion My suggestion is to show us your playbook which can do this. Antony. -- What do you call a dinosaur with only one eye? A Doyouthinkesaurus. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Formatting date in Ansible
On Thursday 16 December 2021 at 15:20:46, lift...@gmail.com wrote:
> I get that, but I want to show it as 10/13/2021. How do I do that???
I would try strftime('%m/%d/%Y') provided you are happy with dates in the first
12 days of each month being highly ambiguous for an international audience.
Antony.
--
"There is no reason for any individual to have a computer in their home."
- Ken Olsen, President of Digital Equipment Corporation (DEC, later consumed
by Compaq, later merged with HP)
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Formatting date in Ansible
On Thursday 16 December 2021 at 14:48:02, lift...@gmail.com wrote:
> I'm getting this:
> "msg": "test.user1 / test.us...@example.com / 20210715141027Z /
> 1634097600"
> Any ideas?
So, you're starting from 15th July 2021 and adding 90 days, which comes to
13th October.
strftime('%s') will give you the Unix Epoch time, in this case 1634097600,
which is indeed the 13th October 2021.
Antony.
--
Anyone that's normal doesn't really achieve much.
- Mark Blair, Australian rocket engineer
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Run shell script that needs user input
On Wednesday 08 December 2021 at 23:23:10, Aleksandar Ilic wrote: > Hello everyone, > > I have been trying to find a solution to run a sh script via ansible but > the script requires users that run the script to enter username and > password. > > Is it possible to pass those vars via ansible? a) not unless the script supports it b) you might try using 'expect' to see if that can pretend to be a user at a keyboard. Antony. -- "In fact I wanted to be John Cleese and it took me some time to realise that the job was already taken." - Douglas Adams Please reply to the list; please *don't* CC me.
Re: [ansible-project] Want to add hidden password for url
On Friday 29 October 2021 at 15:47:09, vaishnavi kakad wrote: > Hi All, > > I don't want to use encryption and decryption . Whatever I typed in * > url_password *it will show in star(*) format. Is it possible to write ? Are you saying that you wish to put a visible password into the text of a playbook? If so, what do you mean by "hidden"? Alternatively, are you saying that you wish to put something into a playbook which cannot be read as a password (so, the password is "hidden"), but which Ansible can use in order to authenticate? If so, where do you expect to put the real password, so that Ansible knows what it is? Antony. -- What do you get when you cross a joke with a rhetorical question? Please reply to the list; please *don't* CC me.
Re: [ansible-project] installing postgres - error with initdb -D /path/to/pg_data
On Wednesday 27 October 2021 at 15:32:45, dulhaver via Ansible Project wrote: > * here is the entire playbook https://pastebin.com/edit/9Uvjdupe Just remove the word "edit/" from that first URL. Antony. -- Some mistakes are too much fun to make only once. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Shell command not working
On Wednesday 08 September 2021 at 15:09:15, aman kumar chagti wrote:
> I'm using the below playbook but it's giving me an error
> --data-binary "$(dpkg-query -W
> -f="\${binary:Package},\${db:Status-Abbrev},\${Version},\${Source},\${sourc
> e:Version}\n")" https://abc.com/vuls > /path/to/report.json
I would suggest you need to escape those inner quotation marks:
"$(dpkg-query -W -f=\"\${binary:Package
...
source:Version}\n\")"
Antony.
--
Software development can be quick, high quality, or low cost.
The customer gets to pick any two out of three.
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Permission Denied error
On Friday 03 September 2021 at 07:31:14, aman kumar chagti wrote: > After - option, this coming up. any idea, what's going on?? I know the output below is terribly formatted for reading, but if you do look through it, you can see that everywhere it is trying to fetch a public key, it is looking in /root/.ssh, and yet you say that your key is in /home/dfc/.ssh/qmx/idk Nowhere in the output below is the string "dfc". I suspect that is the cause of the problem. > "msg": "Failed to connect to the host via ssh: OpenSSH_7.6p1 > Ubuntu-4ubuntu0.5, OpenSSL 1.0.2n 7 Dec 2017\r\ndebug1: Reading > configuration data /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line > 19: Applying options for *\r\ndebug1: auto-mux: Trying existing > master\r\ndebug1: Control socket > \"/home/xyzadministrator/.ansible/cp/68474f4208\" does not exist\r\ndebug2: > resolving \"X.X.X.X\" port 22\r\ndebug2: ssh_connect_direct: needpriv > 0\r\ndebug1: Connecting to X.X.X.X [X.X.X.X] port 22.\r\ndebug2: fd 3 > setting O_NONBLOCK\r\ndebug1: fd 3 clearing O_NONBLOCK\r\ndebug1: > Connection established.\r\ndebug3: timeout: 9992 ms remain after > connect\r\ndebug1: permanently_set_uid: 0/0\r\ndebug1: key_load_public: No > such file or directory\r\ndebug1: identity file /root/.ssh/id_rsa type > -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: > identity file /root/.ssh/id_rsa-cert type -1\r\ndebug1: key_load_public: No > such file or directory\r\ndebug1: identity file /root/.ssh/id_dsa type > -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: > identity file /root/.ssh/id_dsa-cert type -1\r\ndebug1: key_load_public: No > such file or directory\r\ndebug1: identity file /root/.ssh/id_ecdsa type > -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: > identity file /root/.ssh/id_ecdsa-cert type -1\r\ndebug1: key_load_public: > No such file or directory\r\ndebug1: identity file /root/.ssh/id_ed25519 > type -1\r\ndebug1: key_load_public: No such file or directory\r\ndebug1: > identity file /root/.ssh/id_ed25519-cert type -1\r\ndebug1: Local version > string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.5\r\ndebug1: Remote protocol > version 2.0, remote software version OpenSSH_7.6p1 > Ubuntu-4ubuntu0.5\r\ndebug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.5 pat > OpenSSH* compat 0x0400\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug1: > Authenticating to X.X.X.X:22 as 'xyz'\r\ndebug3: hostkeys_foreach: reading > file \"/root/.ssh/known_hosts\"\r\ndebug3: record_hostkey: found key type > ECDSA in file /root/.ssh/known_hosts:4\r\ndebug3: load_hostkeys: loaded 1 > keys from X.X.X.X\r\ndebug3: order_hostkeyalgs: prefer hostkeyalgs: > ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-v01@opens > sh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-s > ha2-nistp384,ecdsa-sha2-nistp521\r\ndebug3: send packet: type 20\r\ndebug1: > SSH2_MSG_KEXINIT sent\r\ndebug3: receive packet: type 20\r\ndebug1: > SSH2_MSG_KEXINIT received\r\ndebug2: local client KEXINIT > proposal\r\ndebug2: KEX algorithms: > curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2 > -nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-he > llman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exc > hange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-in > fo-c\r\ndebug2: host key algorithms: > ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-v01@opens > sh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-s > ha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-...@openssh.com,ssh-rsa-c > ert-...@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa\r\ndebug2 > : ciphers ctos: > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@o > penssh.com,aes256-...@openssh.com\r\ndebug2: ciphers stoc: > chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@o > penssh.com,aes256-...@openssh.com\r\ndebug2: MACs ctos: > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-etm@openssh. > com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac-64@openssh > .com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: > MACs stoc: > umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-etm@openssh. > com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac-64@openssh > .com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1\r\ndebug2: > compression ctos: z...@openssh.com,zlib,none\r\ndebug2: compression stoc: > z...@openssh.com,zlib,none\r\ndebug2: languages ctos: \r\ndebug2: > languages stoc: \r\ndebug2: first_kex_follows 0 \r\ndebug2: reserved 0 > \r\ndebug2: peer server KEXINIT proposal\r\ndebug2: KEX algorithms: > curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2 > -nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-he > llman-group16-sha512,diffie-h
Re: [ansible-project] Permission Denied error
On Thursday 02 September 2021 at 13:55:09, aman kumar chagti wrote: > when I try to run the playbook on a remote VM using password-based > authentication, I'm getting the following error Which user are you running the playbook as, on the machine running ansible? Antony. -- Police have found a cartoonist dead in his house. They say that details are currently sketchy. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Permission Denied error
On Friday 03 September 2021 at 16:55:46, aman kumar chagti wrote: > this is my inventory file: > > X.X.X.X ansible_user=abc ansible_ssh_pass=xyz ansible_ssh_common_args='-o > StrictHostKeyChecking=no' > ansible_ssh_private_key_file=/home/dfc/.ssh/qmx/idk What are the ownership and permissions on that file? Make sure it's clear in your answer whether this means "user abc" or not. Antony. -- I don't know, maybe if we all waited then cosmic rays would write all our software for us. Of course it might take a while. - Ron Minnich, Los Alamos National Laboratory Please reply to the list; please *don't* CC me.
Re: [ansible-project] regex fails to match ^, $, \b in multiline mode
On Monday 30 August 2021 at 10:37:53, Dennis M wrote:
> Hi,
> I'm studying how to use regexp, and just follow documented examples,
> {{ 'foo\nBAR' | regex_search("^bar", multiline=True, ignorecase=True) }}
> expected result is: "bar".
> Instead of "bar" it gets an empty string.
> Is it a bug, or do I miss an important setting?
See https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html
#searching-strings-with-regular-expressions
and pay careful attention to details such as punctuation and case:
1. The example is:
{{ 'foo\nBAR' | regex_search('^bar', multiline=True, ignorecase=True) }}
instead, you used:
{{ 'foo\nBAR' | regex_search("^bar", multiline=True, ignorecase=True) }}
2. The expected result is:
# => 'BAR'
whereas you say:
expected result is: "bar".
Try exactly what the example shows, and let us know if it does not produce
what the example should produce.
Antony.
--
What is this talk of "software release"?
Our software evolves and matures until it is capable of escape, leaving a
bloody trail of designers and quality assurance people in its wake.
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Re: create NFS share on AWS storage gateway with ansible
On Saturday 28 August 2021 at 14:20:40, Tony Wong wrote: > is ansible not able to create NFS share on aws storage gateway?? Do you know how to do this manually? If there is a command you can run to achieve what you want, then ansible can do it. Antony. -- Programming is a Dark Art, and it will always be. The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity. They're not things you can always overcome with a "methodology" or on a schedule. - Damian Conway, Perl God Please reply to the list; please *don't* CC me.
Re: [ansible-project] installing ansible 2.11 on debian 11
On Monday 16 August 2021 at 13:00:52, f.floimai...@gmail.com wrote: > Debian always uses somewhat "old" versions, they just take whatever is > stable as soon as feature-freeze date comes. > What they do though is backport security fixes to those versions should > they come up, but they will never ever upgrade to a more recent release > until the next version of the distro. That may be true of Debian, but isn't part of the whole point of Ubuntu (which these repositories are for) that it has a 6-monthly release cycle, allowing it to keep far more up-to-date with package releases than Debian does? > alex@gmail.com schrieb am Sonntag, 8. August 2021 um 23:26:14 UTC+2: > > > > https://launchpad.net/~ansible/+archive/ubuntu/ansible-4 > > http://ppa.launchpad.net/ansible/ansible-4/ubuntu/pool/main/a/ansible- > > core/ > > > > it seems to be the same signing key with the "old" (pre 2.11) ansible > > repository; tomorrow is testing day :-P Antony. -- If you ask a Yorkshireman whether he knows the German word for "egg", don't be surprised if he just smiles and says "Aye". Please reply to the list; please *don't* CC me.
Re: [ansible-project] managing software via ansible
On Saturday 14 August 2021 at 19:50:54, Sakshi Jain wrote: > Please help to resolve this error I think you need to correct the spelling of "yumdownlaoder". It won't help to solve the error message you have now, but it will make things work better in future. > [ec2-user@ansible-engine sw]$ cat lab_setup_repo.yaml > --- > - name: install FTP to export repo > hosts: all > become: true > tasks: > - name: install FTP server > yum: > name: vsftpd > state: latest > - name: start FTP server > service: > name: vsftpd > state: started > enabled: yes > - name: open firewall for ftp > firewalld: > service: ftp > state: enabled > permanenet: yes > > - name: setup the repo directory > hosts: localhost > tasks: > - name: make directory > file: > path: /var/ftp/repo > state: directory > - name: install dnf utils > yum: > name: > - dnf-utils > - createrepo > state: latest > - name: download sample package > command: yumdownlaoder nmap --destdir /var/ftp/repo > - name: createrepo > command: createrepo /var/ftp/repo > ... Antony. -- Is it venison for dinner again? Oh deer. Please reply to the list; please *don't* CC me.
Re: [ansible-project] installing ansible 2.11 on debian 11
On Sunday 08 August 2021 at 11:24:53, Alex Cernat wrote: > Hello > > The official documentation seems to be really outdated (ubuntu trusty is > veery old, should be at least focal as repository). You may find http://ppa.launchpad.net/ansible/ansible/ubuntu/dists/ helpful. > I could not find any 2.11 deb package (latest is 2.10.x), but also I couldn't > find any official statement that from 2.11 onward the only/recommended way to > install ansible-core is with pip, and there will be no more official deb > packages for ansible/ansible-core (other than the ones from debian > distribution, which already are outdated - a version behind). I notice you're also trying to install on Debian 11, which is still classified as "testing" and does not yet have a planned stable release date. > Could anyone clarify this issue ? (maybe with official statements / links) I'm not aware of any decision not to continue providing .deb packages, but it's unlikely you're going to find a statement to that effect anywhere, since it's simply the absence of a decision to change anything. Antony. -- Never automate fully anything that does not have a manual override capability. Never design anything that cannot work under degraded conditions in emergency. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Infrastructure as Code vs Self-Service
On Thursday 05 August 2021 at 14:27:00, 'Andreas Hubert' via Ansible Project wrote: > Dear Ansible Community, > > having your Infrastructure in Code, means you manage the code with a > version control system (e.g. git). I have a case where I also configure the > application we deploy with Ansible with various XML configuration files. > > Parts of this application configuration should not be touched by others, > only by my code. But other parts of it should also be configured by others > as well, outside of my code, to provide them with Self-Service. I understand so far. > So parameters should come from an outside source and not be under > version control. I don't get this bit - just because things are external, why would they not be version-controlled? > In Ansible this could come from a dynamic inventory. It could, yes, but why not simply give these "others" who need Self-Service write access to selected parts of the git repository, and then get ansible to pull everything in from a version-controlled and documented source? I would in fact suggest that it is *more* important to have these Self-Service inputs under a version control system, because sooner or later someone is going to say "why is this machine doing that?" and you can point to the update they made to the configuration which made it do it. If ansible just pulls in non-versioned XML files from somewhere, you have no way of telling when a certain change got made, by whom (or why), nor even what it was changed from. Regards, Antony. -- "Life is just a lot better if you feel you're having 10 [small] wins a day rather than a [big] win every 10 years or so." - Chris Hadfield, former skiing (and ski racing) instructor Please reply to the list; please *don't* CC me.
Re: [ansible-project] jinja 2 template
On Saturday 31 July 2021 at 20:40:24, Sakshi Jain wrote: > Please help to resolve this error > > ansible-playbook: error: unrecognized arguments: --snyntax-check You mis-spelled "syntax"? Antony. -- Warum können Seeräuber nicht den Umfang eines Kreises berechnen? Weil sie Piraten... Please reply to the list; please *don't* CC me.
Re: [ansible-project] cli_command | help
On Thursday 29 July 2021 at 15:26:20, rajthecomputerguy wrote: > I am logging to Radware Alteon device. When I tried logging in I get below > prompt: > > - > Confirm seeing above note [y]: > > How to handle above situation using cli_command, task fails Show us the playbook section you're trying to do this with, and quote the error message, not just "task fails" ? Please give us details, otherwise we're just guessing. Antony. -- https://tools.ietf.org/html/rfc6890 - providing 16 million IPv4 addresses for talking to yourself. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Unable to reuse ssh connections in Ansible despite PIPELINING = True
On Friday 23 July 2021 at 10:25:41, Stefan Hornburg (Racke) wrote: > On 23/07/2021 10:19, Mohtashim S wrote: > > My corporate firewall policy allows only 20 connections per minute 60 > > seconds between the same source and destinations. > > Sounds to me like a ridiculous policy. Ask for an exception instead of > trying to throttle Ansible. I agree. This would cause problems just for a large number of standard websites, unless your IT networking people are relying on browsers using persistent connections, and even then, static content, images, and dynamic content are often going to be supplied by different parts of a CDN. Antony. -- "Good health" is merely the slowest rate at which you can die. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Winrm configuration issue
On Thursday 22 July 2021 at 10:43:35, Thanh Nguyen Duc wrote: > Hi experts, > > I have an ansible server managing a lot of windows servers. Recently I > encountered an issue with a few client with the error below. Your photographs are very difficult to read. Please copy and paste text instead. Antony. -- Tinned food was developed for the British Navy in 1813. The tin opener was not invented until 1858. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible network module ios_config dont work on my fs S3260switch
On Monday 19 July 2021 at 19:13:21, Tiago Oliveira wrote: > I actually dont have anything of the module done. So, how are you getting the error "this operation requires privilege escalation"? > I wanted to see the ios_config module and how it was done so i could have > an ideia of what to do.. but i cant find the documentation and the how to > do that module. There may only be source code. Not everyone documents the development of things like this in sufficient detail that other developers can understand the design process. > About the fs.com switches, the one i am trying to use is a lot similar to > cisco ios, with small diferences. for example Sorry, but phrases like "small differences" and "for example" are not enough to write software. You need specifications - you need definite documentation about _exactly_ how things need to be done. > you do enable and then config and not config terminal, and i dont know if that > changes something for the module not working, because if i use ios_command > module and write all the commands: enable,config i can use this commands > inside fs switch config without problems.. Start with something simple. Make sure you can do one specific, simple command manually, and then get an ansible module to do it for you. If you need escalated privileges, well, put that in (I assume you already know how to do that in ansible). Then, once you have something simple working, build up to the real goal of the full configuration you are trying to achieve. If you need further help from the list, though, I really think you need to provide some details about what you are doing, what the errors are, and what the fs.com documentation says needs to be done to make something work. Antony. -- You can tell that the day just isn't going right when you find yourself using the telephone before the toilet. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible network module ios_config dont work on my fs S3260switch
On Monday 19 July 2021 at 18:52:32, Mythicale wrote: > my boss ask me to try to "create" a module like ios_config but that fs.com > accept it. > > Right now when i try to use it on fs switch, it says that this operation > requires privilege escalation, if i use ios_command the operations works. Perhaps you could show us what you currently have for this new module, so we have an understanding of what commands you are trying to run which require special privileges. Also, any documentation you can point us to, for those of us not intimately familiar with fs.com switches and their remote management capabilities, would probably help. Antony. -- The difference between theory and practice is that in theory there is no difference, whereas in practice there is. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Help, How can i multi factor authentication for login..?
On Thursday 08 July 2021 at 15:19:15, kelly wrote: > I want to use multi factor authentication for login. > like.. use OTP after ldap login. > > is it possible ?? Help me Sorry, but login to what? Antony. -- Neurotics build castles in the sky; Psychotics live in them; Psychiatrists collect the rent. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: [Errno 110] Connection timed out with multiple ssh in router
On Tuesday 06 July 2021 at 16:02:12, Vincent Nambatac wrote: > Yes, I got 30 routers and I've done having SSH all of them, all are > accessible via manual SSH . > a. to these specific routers > -- yes all routers are accessible via manual ssh > b. to anywhere else at all > -- the error is not only consistent with 1 system it is anywhere else at > all as long the system reach 8th it will fail . for example router1 fails > at first run , and then the second run router 3 will fail but router 2 is > ok . it is not consistent . So, if I understand you correctly, you can only make 7 simultaneous SSH connections from the ansible server to anything at all (these routers, or to other systems), and the 8th attempt will fail. Please can you tell us more about the machine you are running ansible on? What operating system and version? How much memory? Is it running any other significant applications (apache, exim, icinga, etc)? Anything else you think might be helpful for us to know about it? Antony. -- Atheism is a non-prophet-making organisation. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: [Errno 110] Connection timed out with multiple ssh in router
On Tuesday 06 July 2021 at 15:46:16, Vincent Nambatac wrote: > The order that doesn't matter at all . and yeah the 8th system will ALWAYS > time out no matter what system it is . Are you able to create 8 simultaneous SSH sessions _manually_ (so, just using the standard command-line SSH client, not ansible) from the machine you are running ansible on: a) to these specific routers b) to anywhere else at all? Antony. -- How does an Israeli man make tea? Hebrews it. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Need to create a windows proxy servers
On Thursday 01 July 2021 at 22:53:22, Gaurav Dhyani wrote: > I have my windows terminal server which i want to use as a proxy server to > connect our DMZ network. Sorry, but your problem description is not clear. What are you trying to achieve and what problem are you having with ansible? Quoting any specific error messages / reports would be helpful. Antony. -- Don't procrastinate - put it off until tomorrow. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible best practices: idempotance
On Saturday 19 June 2021 at 00:01:02, jane p wrote: > On Fri, Jun 18, 2021 at 4:26 PM Antony Stone wrote: > > > > If you install a second time (with the same playbook) you want no further > > changes to be made, because what needed to be installed has already been > > installed. > > > > If you update, you want the system to be updated (again, pretty obvious). > > It is not trivial to distinguish between 'install a second time' and > 'update'. When the playbook starts, it is not known whether there are any > changes, and which specific changes have been made. No, but it is obvious what the desired outcome is. If the machine is already in that state, you do not want anything to change. If the machine is not in that state, you want ansible to bring it into that state. > > If you update a second time (with the same playbook) you want no further > > changes to be made, because the system has already been updated, nothing > > further needs updating; the system should be left as it is. > > Installing for the first time and updating-in-place may not be identical. > Consider a system that involves a web server. On initial install the > server is started at the end, after all the apps are installed. > On subsequent update the server is already running. Should the web > server be reloaded? If apps are updated, then yes, if not, then not > necessarily. Reloading a web server is (in my opinion) not a state change. Reconfiguring it would be. > Encoding the dependency for each app update to web server reload is > complexity of the system expressed in Ansible. > Not encoding the dependency for each update, and reloading the web > server in all cases is breaking the 'no state changes if nothing got > updated' requirement at least some of the time. What's your definition of a state change? > > What you would like to see, or what example can you give, as a "simple > > implementation" which does not leave the target system in the same state > > after every run? > > I think leaving the target system in the same state after every run is > essential. Agreed. > The question is about whether state changes within the run are allowed. Let's talk about what a "state change" is then :) ...although not with me further for now - it's now midnight in my personal timezone... Antony. -- "640 kilobytes (of RAM) should be enough for anybody." - Bill Gates Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:57:57, nitesh shet wrote: > /var/log$ ls > alarm.log > apps.log.4.gz > dpkg.log > lastlog > private > sysstat > ztp.log > alternatives.log > apt > drift > linecard.log > restconf-command.log > tl1-command.log > apps.log > btmp > event.log > messages.log > security.log > user.log > apps.log.1.gz > cli-command.log > extclient.log > netconf-command.log > shell-command.log > watchdog > apps.log.2.gz > configuration.log > faillog > nginx > sim > wtmp > apps.log.3.gz > crashlogs > kernel.log > pcp > sysinfo.log > xmm4_fdr I'm sorry - I am out of my depth here - this is unlike any Debian machine I have ever worked on - so many expected things are missing and so many unexpected things exist. I have no idea how this machine has been set up. I hope someone else may be able to chip in and suggest how to debug this further. Antony. -- "The future is already here. It's just not evenly distributed yet." - William Gibson Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:56:53, nitesh shet wrote: > there is no such file on the debian machine Please paste the output of: ls /var/log Antony. -- I bought a book on memory techniques, but I've forgotten where I put it. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:55:52, nitesh shet wrote: > now i made it to temproot, now also i am facing the same issue Please show us what appears in the log files on the Debian machine for the timestamps when you run the ansible command. Antony. -- There are two possible outcomes: If the result confirms the hypothesis, then you've made a measurement. If the result is contrary to the hypothesis, then you've made a discovery. - Enrico Fermi Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:53:02, nitesh shet wrote: > i did change the file owner to temproot :- > total 24 > drwxrwxrwx 3 temproot osgroup 4096 Jun 18 22:37 . Okay. 1. Has that made any difference to the output from running your ansible commands? 2. What do the log files such as /var/log/auth.log and /var/log/syslog on the Debian machine you are targetting tell you is happening when you run the commands on the Centos ansible server? Antony. -- The next sentence is untrue. The previous sentence is true. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:51:34, nitesh shet wrote: > grep 1001 /etc/group > osgroup:x:1001: So, there are no other members of the group "osgroup". I still fail to understand why the home directory for "temproot" is not owned by temproot. Antony. -- Police have found a cartoonist dead in his house. They say that details are currently sketchy. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:45:03, nitesh shet wrote: > ls -al /home/shared > total 24 > drwxrwxrwx 3 root root4096 Jun 18 22:37 . This directory is owned by root. Is there any good reason why you do not do "chown temproot: /home/shared" on this machine? > grep temproot /etc/passwd > temproot:x:1000:1001::/home/shared:/bin/bash Hm, what does "grep 1001 /etc/group" show? Antony. -- René Descartes walks in to a bar. The barman asks him "Do you want a drink?" Descartes says "I think not," and disappears. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:39:13, nitesh shet wrote: > /home/shared is the directory on my target or remote machine which has 777 > permission as well as temproot also has sudo permission Please log on to the Debian machine and paste here the results of the commands: ls -al /home/shared grep temproot /etc/passwd Antony. -- +++ Divide By Cucumber Error. Please Reinstall Universe And Reboot +++ Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:38:32, nitesh shet wrote: > no it is not getting creating on my remote machine which is debian Sorry, I do not understand that answer. What do you see in the log files on your Debian machine at the time you run the ansible command on your Centos machine? I would expect to find entries in /var/log/syslog and/or /var/log/auth.log on the Debian machine when a remote user connects by SSH and runs a command. Antony. -- I don't know, maybe if we all waited then cosmic rays would write all our software for us. Of course it might take a while. - Ron Minnich, Los Alamos National Laboratory Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:31:52, nitesh shet wrote: > i just moved my config file to some unknow directory but after doing that > also i am getting the same error What do the log files such as /var/log/auth.log and /var/log/syslog on the Debian machine you are targetting tell you is happening when you run these commands on the Centos ansible server? Antony. -- People who use Microsoft software should be certified. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 23:25:20, nitesh shet wrote: > i just pasted the config file which i got during the ansible installation > and made modification on that, can you please specify which entry exactly > do i need to change in that config file? Er, have you uncommented (ie: removed the leading '#') the lines which you have altered? If not, they are still comments, and are ignored. Antony. -- Tinned food was developed for the British Navy in 1813. The tin opener was not invented until 1858. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible best practices: idempotance
On Friday 18 June 2021 at 23:10:46, jane p wrote: > Would you mind addressing the scenarios and implementation options of > installing/updating the system? If you install, you want ansible to make changes (obviously, I think) If you install a second time (with the same playbook) you want no further changes to be made, because what needed to be installed has already been instealled. If you update, you want the system to be updated (again, pretty obvious). If you update a second time (with the same playbook) you want no further changes to be made, because the system has already been updated, nothing further needs updating; the system should be left as it is. > I think there is a conflict between the virtue of avoiding state > changes on consecutive runs, and simplicity in implementation. What do you think that conflict is? What you would like to see, or what example can you give, as a "simple implementation" which does not leave the target system in the same state after every run? Antony. -- "Have you been drinking brake fluid again? I think you're addicted to the stuff." "No, no, it's alright - I can stop any time I want to." Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 22:53:26, nitesh shet wrote: 'i haven't written any playbook , i am just trying to run "ansible all -m ping" from shell.' Okay. > [root@in-6centos50-dt ansible]# ssh temproot@172.16.12.215 -p 8022 > temproot@172.16.12.215's password: On Friday 18 June 2021 at 21:41:25, nitesh shet wrote: > Below are how my > inventory file is looks like:- > [servers] > x.y.z > > [servers:vars] > ansible_user=dummy > ansible_ssh_pass=dummy > ansible_python_interpreter=/usr/bin/python > ansible_port=22 > ansible_become=yes Your manual SSH was to port 8022; your configuration files says port 22. Your manual SSH was as user temproot, your configuration file says dummy. Try modifying these things to be consistent and let us know the outcome. Antony. -- There are 10 types of people in the world: those who understand binary notation, and those who don't. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 22:42:28, nitesh shet wrote: > temproot is the user to which I manually did the ssh and /home/shared is > also belongs to the temproot user and even in my inventory also I specially > mentioned user as temproot. Please show us a playbook which exhibits this problem (the shortest example you can provide which shows it would be good). Also please copy and paste a short example of a manual SSH session where you connect to the remote server as the same user that ansible is using and run the same command you have in the playbook. Antony. -- Roses are red, Bacon is too, Poetry's hard, Bacon. with thanks to Claire Davison Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: failed to create directory in windows remote machine
On Friday 18 June 2021 at 22:38:31, nitesh shet wrote: > No, Don't get confused with this thread because I used this thread so that > I can get reply asap and the subject is also similar to what I have been > to. So my controller node is running on centos and the host is on debian 1. Please do not ask the same question in multiple threads. 2. Please do not hijack threads and ask a question which is not the same as what the thread was originally about. 3. Please abandon this thread and continue your question in the thread "Failed to create temporary directory". Antony. -- APL [is a language], in which you can write a program to simulate shuffling a deck of cards and then dealing them out to several players, in four characters, none of which appear on a standard keyboard. - David Given Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 22:33:55, nitesh shet wrote: > My remote user has sudo permission and I tried changing remote_tmp to > absolute path in remote host as /home/shared/.ansible/tmp > Nothing is working, if I do ssh manually to the remote will work. Which user do you manually SSH to the remote machine as? Which user is ansible configured to connect as? Is "/home/shared" the home directory for either of these users? What's the definition of your tmp path in ansible.cfg? Antony. -- I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies, and the other way is to make it so complicated that there are no _obvious_ deficiencies. - C A R Hoare Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: failed to create directory in windows remote machine
On Friday 18 June 2021 at 22:29:24, nitesh shet wrote: > Yes my controller node is of centos 7 But your remote / target machine is not running Windows. Antony.. -- Douglas was one of those writers who honourably failed to get anywhere with 'weekending'. It put a premium on people who could write things that lasted thirty seconds, and Douglas was incapable of writing a single sentence that lasted less than thirty seconds. - Geoffrey Perkins, about Douglas Adams Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible best practices: idempotance
On Friday 18 June 2021 at 22:17:30, Jane Prusakova wrote: > I am new to Ansible, and am trying to understand its best practices. My > team uses Ansible for system setup and product deployment. > > I am reading that idempotance is the foundational virtue, where playbook > idempotence is defined as not doing any state changes on consecutive runs. > I am not sure I understand why. For me, the reason is simple - you want to be able to run ansible multiple times on a given machine and be confident that the state it is left in afterwards is the same every time. Suppose you have a machine which does not have a web server installed on it, and you have an ansible playbook which installs and configures the web server. You want to be able to run that playbook once, and end up with a working web server. You want to be able to run that smae playbook again (with no changes) and have the same working web server (with no changes) on the target machine. This is partly because playbooks are often nested, so that you might have one for a web server and another for a mail server; you modify the one for the mail server but then run both of them; you want the modification you made to the mail server playbook to take effect but you want the web server on the target machine to stay just the way it was after the first run of the playbook. > Appreciate any thoughts on why avoiding state changes on consecutive > playbook runs is preferred over simplicity and robustness in > implementation. Is that a quote from somewhere? Is there anywhere in either the ansible documentation or any tutorials / online guidelines you have read which say that "avoiding state changes on consecutive playbook runs is preferred over simplicity and robustness in implementation"? Idempotence (avoiding state changes on consecutive runs) is essential. Simplicity, and robustness in implementation, are highly desirable. Is there a conflict between the two? Antony. -- Archaeologists have found a previously-unknown dinosaur which seems to have had a very large vocabulary. They've named it The Saurus. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: failed to create directory in windows remote machine
On Friday 18 June 2021 at 21:49:10, nitesh shet wrote: > Hi experts, > i am also facing the same problem, The same problem? The subject of this thread is "failed to create directory in windows remote machine", whereas you just wrote in another thread that "my controller node is of centos7 and remote is debian", so I don't think you are working with a Windows remote system? Antony. -- "Reports that say that something hasn't happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns - the ones we don't know we don't know." - Donald Rumsfeld, US Secretary of Defence Please reply to the list; please *don't* CC me.
Re: [ansible-project] Failed to create temporary directory
On Friday 18 June 2021 at 21:41:25, nitesh shet wrote: > Hi experts, > I am unable to ping to my remote servers via ansible. Do other ansible commands on the same target machine work okay? > "msg": "Failed to create temporary directory.In some cases, you may > have been able to authenticate and did not have permissions on the target > directory. Consider changing the remote tmp path in ansible.cfg to a path > rooted in \"/tmp\", for more error information use -vvv. What's the definition of your tmp path in ansible.cfg? > Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp `\"&& > mkdir \"` echo ~/.ansible/tmp/ansible-tmp-1624045005.71-29459-71519195524962 > `\" && echo ansible-tmp-1624045005.71-29459-71519195524962=\"` echo > ~/.ansible/tmp/ansible-tmp-1624045005.71-29459-71519195524962 `\" ), exited > with result 1", > the method that i followed to overcome this (but not able to):- > 1. i had created the .ansible/tmp directory and given 777 permission (not > worked) > 2.given 777 permission to default directory of remote(not worked) Which is the "default directory"? > 3.changing the remote_tmp path in ansible.cfg file(not worked) What did you try changing it to? > 4.changing log file path which also has 777 permission in ansible.cfg(not > worked) I don't believe logging is a problem here. > 5.prmitted root login from sshd Which user are you connecting to the remote machine as? Antony. -- I think broken pencils are pointless. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ping Host from Ansible Server
On Wednesday 16 June 2021 at 17:21:33, R.B. Kumar wrote: > Hello All - I am trying to do a ping test of all the hosts in > /etc/ansible/hosts, from the Ansible server. > > So the requirement is, the ansible server should do a ping test to all the > host and return the output. I would say https://fping.org/ is the tool you want for this. Antony. -- Python is executable pseudocode. Perl is executable line noise. Please reply to the list; please *don't* CC me.
Re: [ansible-project] How to change password
On Wednesday 16 June 2021 at 15:05:50, Komal Suthar wrote: > Hello, > Any approach to change the existing users password on 200 plus machines in > a safe way. What type of machines (ie: what operating system), and what do you mean by "safe"? Antony. -- Warum können Seeräuber nicht den Umfang eines Kreises berechnen? Weil sie Piraten... Please reply to the list; please *don't* CC me.
Re: [ansible-project] Massive network infra management
On Tuesday 15 June 2021 at 14:03:18, Parth Patel wrote: > Me referring this as a generalized network devices management with ansible > same as video description. My question was generalized if we have 10k > network device what should be configuration management strategy evolved. Oh, sorry, I thought we were talking about a backup mechanism for whatever these network devices were. On Monday 14 June 2021 at 20:45:10, Parth Patel wrote: > What solution you would prefer for taking backups of network devices ? Since you're asking about a large-scale configuration management strategy, I'll let someone else with that sort of experience answer. I've only used ansible on much smaller numbers of machines, and generally ones which are very similar to each other. Antony. -- "Linux is going to be part of the future. It's going to be like Unix was." - Peter Moore, Asia-Pacific general manager, Microsoft Please reply to the list; please *don't* CC me.
Re: [ansible-project] Massive network infra management
On Tuesday 15 June 2021 at 13:52:38, Parth Patel wrote: > I am obviously talking about network devices here What is a "network device"? Do you mean routers, switches, SANs, firewalls, web servers, mail servers, DSL modems...? I ask simply because the term "network device" is (to me, at least) very non- specific, and can basically mean anything which is connected to a network or forms part of a network. Antony. -- Numerous psychological studies over the years have demonstrated that the majority of people genuinely believe they are not like the majority of people. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Massive network infra management
On Monday 14 June 2021 at 20:45:10, Parth Patel wrote: > Thanks Antony. I assumed 500 devices as an example. I saw a vedio from > redhat about 1 devices management using ansible it can be considered as > massive and makes sense 🙃 > > What solution you would prefer for taking backups of network devices ? Please define "devices" :) Until we know that - what O/S are they running, what can be installed on them, what network connectivity & bandwidth do they have... there is no simple answer. Even once we do know that, there's probably no simple answer, but at least people can start to make potentially useful suggestions :) Antony. -- "Remember: the S in IoT stands for Security." - Jan-Piet Mens Please reply to the list; please *don't* CC me.
Re: [ansible-project] Massive network infra management
On Monday 14 June 2021 at 20:31:53, Parth Patel wrote: > Hi All, > > Let's say we have 500 network devices I'm sure there are people here who would not describe that as "massive" :) > and we use ansible or nornir. > If we deploy it from let's say single configuration management server that > single would be single point of failure Keep a mirror of your ansible server and its configuration. Either machine can then perform updates and installations. There's no reason ansible and its configuration needs to exist on only one machine. > or let's say single point of security hit ? Your ansible server should not be exposed to access from the Internet. Your ansible server needs to connect to your managed servers, but it does not need to be reachable by any external system. > What are other strategy to manage such scenario such as doing regular > backup of devices and storing running config in some sort of storage ? Taking backups of devices which are managed / installed by ansible is probably a good idea, but is entirely outside the scope of what ansible needs to do (other than perhaps install the backup system). As for "storing running config", that depends very much on what your managed servers are doing, and how you would intend to recover if one went down, got corrupted, caught fire, or became unreachable. Ansible is a configuration management system. Backups and high availability are separate topics with separate tools. Antony. -- In Heaven, the beer is Belgian, the chefs are Italian, the supermarkets are British, the mechanics are German, the lovers are French, the entertainment is American, and everything is organised by the Swiss. In Hell, the beer is American, the chefs are British, the supermarkets are German, the mechanics are French, the lovers are Swiss, the entertainment is Belgian, and everything is organised by the Italians. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Opportunity to use signed playbook.
On Monday 07 June 2021 at 12:44:23, Vladimir Botka wrote:
> shell> cat test-003.yml
> - hosts: all
> gather_facts: false
> vars:
> my_filename: test-003.yml
> my_path: "{{ playbook_dir }}/{{ my_filename }}"
> my_hash_path: "{{ my_path }}.sha1"
> my_hash: "{{ (lookup('file', my_hash_path).split()).0 }}"
> tasks:
> - name: Test integrity of the playbook
> block:
> - stat:
> path: "{{ my_path }}"
> checksum_algorithm: sha1
> register: result
> - assert:
> that: result.stat.checksum == my_hash
> delegate_to: localhost
> run_once: true
That's a good enough way of checking that the hash of the playbook in question
does match the stored hash, but...
> shell> sha1sum test-003.yml > test-003.yml.sha1
> shell> cat test-003.yml.sha1
> 9762fde5aa52f72dfcf064fa3062fd41540573af test-003.yml
...means that it's trivial for someone to take a playbook, modify it, and
create a new hash file.
I interpret "signed" in the original question to mean something that cannot be
falsified by someone who is running the ansible commands.
Antony.
--
The more 'success' you get, the easier it is to be disappointed by not getting
things.
The only difference is that now no-one feels sorry for you.
- Matt Haig
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Need assistance in using 'AND' and 'OR' condition together
On Wednesday 02 June 2021 at 21:31:21, Vikram S wrote:
> I have written below script that will end the playbook if IOS version
> running on router satisfies below conditions:
>
>1. Version is greater than or is 16.12.02 AND
>2. Version is NOT certain versions like 16.12.05 OR 16.09.06 OR
>17.03.02', etc as mentioned below.
>
> But script does not work. When i run this for a device with version
> 16.12.05, script fails though it shouldn't be as per the condition.
I think you have = and != mixed up.
> But when i test the 'AND' and 'OR' condition separately, they work. It's
> just that when i combine them, it doesn't seem to. What should i change?
Let's work through your conditions when version = 16.12.05...
> tasks:
>
> - name: GATHER DEVICE FACTS
> ios_facts:
> - name: END THIS PLAYBOOK IF DEVICE IS ALREADY RUNNING NEW IMAGE OR
> HIGHER VERSION THAN THAT
> fail:
So, you want it to fail when something below becomes true
> msg: DEVICE IS ALREADY RUNNING NEW IMAGE OR HIGHER VERSION THAN
> THAT. HENCE UPGRADE IS NOT NECESSARY
> when:
> - ansible_net_version is version('16.12.06', '>=')
Not true - version = 16.12.05
> - "ansible_net_version is version('16.12.05', '!=') or
Not true - version = 16.12.05, so "version != 16.12.05" is false
> ansible_net_version is version('16.09.06', '!=') or
True - version = 16.12.05, therefore != 16.09.06
> ansible_net_version is version('17.03.02', '!=') or
> ansible_net_version is version('17.03.03', '!=') or
> ansible_net_version is version('17.05.01', '!=') or
> ansible_net_version is version('17.07.01', '!=')"
One of the conditions is true, therefore script fails.
I *think* you want to replace "!=" with "=" so that failure occurs only if the
version does match one of the strings you have listed.
I might be wrong, and you want to keep "!=" but change "or" to "and" so that
failure occurs only if version is not equal to any of the listed strings.
Either way, I think what you have written will always end up being "true".
Antony.
--
There are two possible outcomes:
If the result confirms the hypothesis, then you've made a measurement.
If the result is contrary to the hypothesis, then you've made a discovery.
- Enrico Fermi
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] "VARIABLE IS NOT DEFINED!" when use {{ item }}
I would suggest there is a meaningful difference between "gigabitEthernet0/0/0" and "Gigabitethernet 0/0/0". Antony. -- It is also possible that putting the birds in a laboratory setting inadvertently renders them relatively incompetent. - Daniel C Dennett Please reply to the list; please *don't* CC me.
Re: [ansible-project] Regardin MSSQL
On Monday 17 May 2021 at 17:55:03, karthik kumar wrote: > Hello Team, > Can Someone help me how to automate this? Ansible to take MSSQL database > backup(windows). Why? This sounds like the wrong tool for the job to me. I would suggest using the task scheduler. Antony. -- I love deadlines. I love the whooshing noise they make as they go by. - Douglas Noel Adams Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible License Requirements
On Wednesday 12 May 2021 at 17:57:19, Vladimir Botka wrote: > On Wed, 12 May 2021 15:24:45 +0200 > > Antony Stone wrote: > > ... fair amount of searching, ... it is licensed under GPL 3+. I took > > that information from wikipedia. > > GitHub is the primary reference. This is where the code is published. > Simply google "github ansible" or "github awx" I can't help feeling that most people who might want to know the licence under which Ansible is published are going to start with a Google search for "ansible licence" (or perhaps "ansible license") or else "ansible licensing". How are they supposed to know that "github" is the magic word? Antony. -- I know I always wanted to be somebody, but I guess I should have been more specific. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible License Requirements
On Wednesday 12 May 2021 at 14:09:06, Luca 'remix_tj' Lorenzetto wrote: > Hello Jatin, > > ansible and awx are opensource projects, so you can use for free. More specifically, Ansible is licensed under GPL 3+ and AWX is licensed under Apache 2.0. Finding the AWX licence is not so hard, however I am somewhat amazed that even with a fair amount of searching, I couldn't find any clear statement on the ansible website itself that it is licensed under GPL 3+. I took that information from wikipedia. https://www.ansible.com/products/awx-project/faq Antony. -- I wasn't sure about having a beard at first, but then it grew on me. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Pfsense install via ansible playbook
On Friday 07 May 2021 at 21:47:18, rebecca acheampong wrote: > I mean to do it with ansible. I cannot find any playbook that has been used > to install pfsense already and I don't know how to do that. No, the reason why Dick asked "how would you do this without ansible" is because creating a playbook to do it for you is nearly always based on "what commands *would* I run if I were to do this myself, but in fact I want ansible to run them for me?" Ansible is an automation tool. The first step to automating something is to know how to do it manually. Antony. -- I thought I had type A blood, but it turned out to be a typo. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Re: ansible ssh connections
On Monday 26 April 2021 at 16:28:08, NAVEEN wrote: > Hi > Anyone available for job support on ansible ..if any pls email me on > naveenkr...@gmail.com Please do not hijack conversation threads for new topics - start a new thread with an appropriate subject of its own. Thank you, Antony. -- https://tools.ietf.org/html/rfc6890 - providing 16 million IPv4 addresses for talking to yourself. Please reply to the list; please *don't* CC me.
Re: [ansible-project] Inventory custom script
On Monday 19 April 2021 at 11:20:27, Jaime Jaca wrote: > I am trying to import an inventory in json from a url with a script but it > gives me errors and does not copy it Please at least tell us exactly what the errors are. Antony. -- These clients are often infected by viruses or other malware and need to be fixed. If not, the user at that client needs to be fixed... - Henrik Nordstrom, on Squid users' mailing list Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible Query
On Wednesday 14 April 2021 at 17:17:20, Monica D wrote: > What are the different ways other than SSH by which Ansible can connect to > remote hosts? https://docs.ansible.com/ansible/latest/plugins/connection.html may well answer your question. Antony. -- There's no such thing as bad weather - only the wrong clothes. - Billy Connolly Please reply to the list; please *don't* CC me.
Re: [ansible-project] Ansible: Error msg
On Monday 12 April 2021 at 17:57:05, vahini reddy wrote: > Hi Team, > > Need your help. > > I am facing the error. Please do the needfull What command are you running to get that output? Also, please copy and paste text messages instead of attaching a screenshot - it's much easier to comment on in a reply. Is it true that /proc is on a read-only file system? Antony. -- "How I managed so long without this book baffles the mind." - Richard Stoakley, Group Program Manager, Microsoft Corporation, referring to "The Art of Project Management", O'Reilly press Please reply to the list; please *don't* CC me.
Re: [ansible-project] Why is ansible so buggy?
On Thursday 25 March 2021 at 11:31:50, Vikram S wrote: > Ansible sometimes behaves differently when i execute the same script > multiple times. Examples: > > 1. Once, name for TASKS were not shown when script was run 1st time. Name > was shown the 2nd time. > > 2. It showed command timeoput of 10 secs reached and script failed but same > script executed earlier ran till the end. > > 3. For below TASK, ansible kept saying that '-' was missing under when > statement even though it was there. Then i removed the entire line and > retyped everything and ansible didn't find anything. > > assert: > that: > - "'f148fc860a1d4d08532bc616724e632d' in md5_flash3.stdout[0]" > fail_msg: "MD5 VERIFICATION FAILED FOR FLASH2. PLAYBOOK IS > ENDING" success_msg: "MD5 VERIFICATION IS SUCCESSFUL FOR FLASH2" when: > - "'Switch 03' in print_showversion.stdout[0]" > > - "'c2960x-universalk9-mz.152-7.E3.bin' in image_flash3.stdout[0]" > > I run ansible 2.9 on linux VM and GNS3 and network connection was stable > when i got above errors. Have you experienced these issues? Any way to > make ansible more stable? For the example you have shown us, I would very carefully check your indentation, and especially whether some lines have spaces and some have tabs. For the examples you have not shown us, I have no idea. Give us more detail and we might be able to help. Antony. -- Too many people spend money they haven't earned to buy things they don't want, to impress people they don't like. - Will Rogers Please reply to the list; please *don't* CC me.
Re: [ansible-project] ansible playbook/role to check system health
On Saturday 20 March 2021 at 13:58:23, Emiliano Vazquez wrote: > > El 19 mar. 2021, a la(s) 13:49, Eric Herberholz escribió: > > > > Does anyone have an ansible playbook/role to check system health? > > We use Zabbix it kept trends and have alerts. > > I think ansible is not made for this purpose I completely agree, although I prefer Icinga to Zabbix. There are many choices of monitoring system; Ansible is not one of them Antony. -- I wasn't sure about having a beard at first, but then it grew on me. Please reply to the list; please *don't* CC me.
Re: [ansible-project] When conditional not working when i use 'OR' for multiple confitions
On Friday 19 March 2021 at 17:56:38, Vikram S wrote: > Hi Antony, > > Yes, i want to end the playbook if every member switch in a stack is in > some state state other than ready. I am writing script for IOS upgrade and > every switch needs to be in READY state to proceed otherwise it's going to > cause problem. Now I am even more confused. First you say: "I want to end the playbook if every member switch in a stack is in some state state other than ready." So, every switch must be in a state other than ready, for the playbook to end. One switch in ready state means this is not true, so the playbook continues. Then you say instead: "every switch needs to be in READY state to proceed otherwise it's going to cause problem" So, now every switch must be in ready state for the playbook to proceed. Any switch which is not in ready state causes the playbook to fail. The two statements do not match, and it's important that you are clear about what logic you are trying to implement in order to get the syntax right. I *think* you probably intend the second state - all switches must be ready, otherwise you stop, but they're not my switches :) Antony. -- This email was created using 100% recycled electrons. Please reply to the list; please *don't* CC me.
Re: [ansible-project] When conditional not working when i use 'OR' for multiple confitions
On Friday 19 March 2021 at 11:53:59, Vikram S wrote: > - name: END THIS PLAYBOOK IF ALL MEMBER SWITCHES ARE NOT IN READY STATE I find this ambiguous. Does it mean that you want to end the playbook if every switch is in some state state other than ready (so, any switch being ready means the playbook goes ahead), or does it mean that you want to end the playbook if not all switches are ready (some are, but not all)? Antony. -- "How I managed so long without this book baffles the mind." - Richard Stoakley, Group Program Manager, Microsoft Corporation, referring to "The Art of Project Management", O'Reilly press Please reply to the list; please *don't* CC me.
Re: [ansible-project] Error reading config file (/etc/ansible/ansible.cfg): Source contains parsing errors: '' [line 4]: ' 3 \n' #601
On Tuesday 16 March 2021 at 12:06:35, Mohamed Rahiman wrote: > ok guys did a bit of rtfm and my format for the hosts file was in no format > so i did the yaml format with colons and begnnining with all: > however no i get this Instead of creating your own playbooks in a format you're not familiar with, have you tried starting from a worked-example tutorial which guides you through creating simple playbooks and getting used to ansible commands and YAML formatting? For example: https://docs.ansible.com/ansible/latest/network/getting_started/first_playbook.html https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html https://www.ansible.com/resources/get-started Antony. -- "640 kilobytes (of RAM) should be enough for anybody." - Bill Gates Please reply to the list; please *don't* CC me.
Re: [ansible-project] Error reading config file (/etc/ansible/ansible.cfg): Source contains parsing errors: '' [line 4]: ' 3 \n' #601
On Monday 15 March 2021 at 20:53:13, Mohamed Rahiman wrote: > Error reading config file (/etc/ansible/ansible.cfg): Source contains > parsing errors: '' [line 4]: ' 3 \n' #601 Do you really have line numbers in your config file? You should watch out for line endings, as well - make sure you create these files using Linux, don't do it on a Windows machine and copy them across... Antony. -- "It is easy to be blinded to the essential uselessness of them by the sense of achievement you get from getting them to work at all. In other words - and this is the rock solid principle on which the whole of the Corporation's Galaxy-wide success is founded - their fundamental design flaws are completely hidden by their superficial design flaws." - Douglas Noel Adams Please reply to the list; please *don't* CC me.
Re: [ansible-project] Need - Java-Cloud Engineer Professional in Atlanta, GA
On Friday 12 March 2021 at 19:39:47, Santhosh K wrote: > Hi, > > Please check the below position and reply back with the below details and > updated resume if you are comfortable. Please do not post such things here which have nothing to do with Ansible. Antony.
Re: [ansible-project] ansible remote host to remote synchronize.py error
On Sunday 07 March 2021 at 15:52:20, Raj wrote:
> Hi all,
>
> Below is my playbook for copy from server A to server B. Could you please
> help me on this issue.
> ---
> - name: copy remote to remote host
> synchronize:
> src: "{{ src_path }}"
> dest: "{{ dest_path }}"
> delegate_to: Server B
>
> while running through AWX hang with below error
> /usr/bin/python
> /home/ansible-dav/.ansible/tmp/ansible-tmp-1615128261.3756096-28-1747884227
> 1265/AnsiballZ_synchronize.py && sleep 0'"'"''
I see no error message in what you have posted.
Antony.
--
Late in 1972 President Richard Nixon announced that the rate of increase of
inflation was decreasing. This was the first time a sitting president used a
third derivative to advance his case for re-election.
- Hugo Rossi, Notices of the American Mathematical Society
Please reply to the list;
please *don't* CC me.
Re: [ansible-project] Re: Ansible - User Create Module - Not working with Vault
On Tuesday 09 February 2021 at 23:43:41, Jeremey Wise wrote: > Correction: > > This was an error where I was trying too many things and did not re-test > with all correct variables set. > > This does work: > Co-worker pointed out to dump password out as variable and I saw it was > read that in wrong as I changed several times to test things > For the benefit of future visitors to this forum / archive, please could you make clear what you did need to do differently so that things worked as expected / required. That way, at least some people will not have to ask the same question again :) Thanks, Antony. -- I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies, and the other way is to make it so complicated that there are no _obvious_ deficiencies. - C A R Hoare Please reply to the list; please *don't* CC me.
Re: [ansible-project] ssh error from ad-hoc command
On Wednesday 03 February 2021 at 20:05:52, Ken Cheng wrote: > hi Antony, > > i changed the permissions of my ssh config file with *chmod 600 > ~/.ssh/config *but it didnt help. Try changing the permissions on the file mentioned in the error message. Antony. > > On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote: > > > > > Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open. > > > It is required that your private key files are NOT accessible by > > > others. This private key will be ignored. > > > > So, change that mode 644 to 600 and all should be fine. > > > > > > Antony. -- "Linux is going to be part of the future. It's going to be like Unix was." - Peter Moore, Asia-Pacific general manager, Microsoft Please reply to the list; please *don't* CC me.
Re: [ansible-project] ssh error from ad-hoc command
On Wednesday 03 February 2021 at 19:48:44, nagaraju balusa wrote: > please *don't* CC me. Who did? > On Wed, Feb 3, 2021 at 10:47 AM Antony Stone wrote: > > On Wednesday 03 February 2021 at 19:21:03, Ken Cheng wrote: > > > i'm sorry if this was already covered but why does ansible's ping > > > module giving me an ssh error? > > > > > > i installed ansible version 2.9.17 on a centos vm. that vm can ping & > > > ssh to my test destination router from the command line. for some > > > reason "ansible lab -m ping" gives me an ssh error. my > > > /etc/ansible/hosts file looks ok (i just started with ansible this > > > monday). what am i missing? > > > > Not to put too fine a point on it, I think what you are missing is > > reading the error message: > > > Permissions 0644 for '/home/xyz/.ssh/known_hosts' are too open. > > > It is required that your private key files are NOT accessible by > > > others. This private key will be ignored. > > > > So, change that mode 644 to 600 and all should be fine. > > > > > > Antony. -- "If I've told you once, I've told you a million times - stop exaggerating!" Please reply to the list; please *don't* CC me.
