[ansible-project] Same playbook executed locally and remotely

2020-08-22 Thread Marcos Alano 

Hi fellows!

I'm trying to build a playbook for my infrastructure but I would like to be 
able to do something like this:
ansible-playbook -i hosts site.yml
This playbook is quite simple, just some lines like this:
- import_playbook: glados.yml
- import_playbook: skynet.yml
- import_playbook: brainiac.yml
No big deal until now. The problem is: I also want to use ansible-pull so 
the machines (glados, skynet, brainiac, and so on) also be able to git 
clone and execute their respective playbook by themselves.

The problem is all around what I should put on "hosts:" line. If I just put 
"localhost" or "127.0.0.1" just the ansible-pull will work. and if put the 
hostname just the ansible-playbook with the site.yml will work (because I 
have entries on the inventory file).

I quite resolved that creating a script to automate the installation (just 
execute the script into the machine and the magic happens) which generates 
a for-locally-use-only inventory:
echo "glados ansible_host=127.0.0.1 ansible_connection=local 
ansible_python_interpreter=/usr/bin/python3" | sudo tee /etc/ansible/hosts

This allows me to use this host-only inventory to execute the ansible-pull 
and a broder inventory with the correct IPs to execute site.yml.

THere is a better, more elegant solution available?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/36c1c392-cb9c-49fe-9b82-eee486ed4700n%40googlegroups.com.

Re: [ansible-project] Use shell/command to update text file with variable name

2018-08-23 Thread Marcos Alano 
You could use a template.

On Thu, Aug 23, 2018 at 4:37 PM MPb  wrote:

> I have a process that is exporting xml config from an application and the
> exported xml config contains the server name of the server it was exported
> from.
> A grep contains would contain a list of these:
> ./config_1.xml:  myservername.dom.com
> ./config_2.xml:  myservername.dom.com
>
> I want to make them via an ansible task:
> ./config_1.xml:  {{ gold_server_conf }}
> ./config_2.xml:  {{ gold_server_conf }}
>
> Something like this?? is wrong because Ansible will just think {{
> gold_server_conf }} is a variable.. but i want it to treat it just as text
>
>  - name: template out the server name
>shell:
>   sed -i 's/{{ ansible_hostname }}/{{ gold_server_conf }}/g' *
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4e83b900-8f4e-428f-b4e1-7fabef0dce3c%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>


-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3D%3DjmQaqz9ErWBOJet2rrAP2GtJ6GOFc3F9c%2Bfx9MZBk%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Why playbook take wrong values for group variables?

2018-05-04 Thread Marcos Alano 
Interesting. Could you show us what yours "hosts:" line on playbook.yml?
On Fri, May 4, 2018 at 10:43 AM Brian Coca  wrote:

> The `hosts:` keyword is only used to select which hosts get targeted,
> it has no influence on group membership, any host is ALWAYS a member
> of ALL the groups as defined in inventory, so the variables for a host
> always reflect ALL GROUPS.





> --
> --
> Brian Coca

> --
> You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CACVha7d8CM6kwVi0ESJdQMNb%3DgkdzQh0eGSg-FcA5p%3DNPOH3_A%40mail.gmail.com
.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3D%3DPodJnVgY5-L_1L4K3x%2BsLznOCHtH6si7k4dfV4-q1gA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible Tower

2018-03-29 Thread Marcos Alano 
What is the goal to change the default directory?

On Wed, Mar 28, 2018 at 4:26 AM, Binny  wrote:
> Hello,
>
> I am using Ansible Tower3. Is it mandatory to have all my playbooks under
> project directory?
>
> As while creating job template, i am only able to see those playbooks which
> are available on base project directory under Playbook selection dropdown.
>
> Can someone please shade some lights?
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3aa22085-f76e-4639-830f-de8dffeea7ea%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3D%3DKVGyiv5PO0Vtp7E7x%2Bji1O_BfL-F%3D%3D9rkbx0K%3D3xiqQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] BigIP timing out while running playbook

2018-03-27 Thread Marcos Alano 
Could you send more debug messages? I think you should delegate the
task to localhost instead of use "connection: local".

On Tue, Mar 27, 2018 at 9:36 AM, eric landers  wrote:
> I'm trying to run the below playbook. It gets to the modules task, does
> nothing for about a minutes, then i get the below error. The BigIP is
> reachable via SSH from the ansible server. This playbook is working for
> other BigIP's. I'm also able to run ad-hoc commands from the ansible server
> to this particular BigIP successfully.
>
> f5.sdk_exception.TimeoutError: Timed out waiting for response
>
> Any ideas? I have a packet capture from the bigip showing back and forth ssh
> traffic while running the playbook.
>
>
> - name: show clock
>
>   hosts: mygroup
>
>   connection: local
>
>
>
>   tasks:
>
>   - name: show clock
>
> bigip_command:
>
>   commands:
>
> - tmsh show sys clock
>
>   server: "{{ inventory_hostname }}"
>
>   password: "pass"
>
>   user: "root"
>
>   validate_certs: "no"
>
> delegate_to: localhost
>
> register: bigip_result
>
>
>
>   - name: debug
>
> debug:
>
>  var: bigip_result.stdout_lines
>
> Answer your Question
> 0
>  Rate this Quest
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f1d9e8db-af48-4d29-a58a-60324004d688%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3Dm_YLgaVGOWUwU4JkCuk20xiGrbqhjGLmYdUM-fBgUP9g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Variable gets registered even if when clause is false

2018-03-26 Thread Marcos Alano 
Nevermind. (:

On Mon, Mar 26, 2018, 1:04 PM Marcos Alano <marcoshal...@gmail.com> wrote:

> What the value of 'now' variable?
>
> On Mon, Mar 26, 2018, 1:01 PM MKPhil <phil.cool...@gmail.com> wrote:
>
>> In a playbook, a Variable gets registered even if "when" clause is
>> false...Is this a bug?
>>
>> Consider this playbook
>>
>> ---
>> - name: When test
>>   gather_facts: false
>>   hosts: all
>>   vars:
>> now: true
>>   tasks:
>> - name: Get hostname
>>   shell: hostname
>>   register: output
>>   when: now == true
>>
>>
>> - name: Get user
>>   shell: whoami
>>   register: output
>>   when: now != true
>>
>> - debug:
>> var: output
>>
>>
>> What should be the output?
>> Logically, I believe it should be the result of the first play:
>>
>>
>> PLAY [When test]
>> 
>>
>> TASK [Get hostname]
>> *
>> changed: [localhost]
>>
>> TASK [debug]
>> 
>> ok: [localhost] => {
>> "changed": false,
>> "output": {
>> "changed": true,
>> "cmd": "hostname",
>> "delta": "0:00:00.003747",
>> "end": "2018-03-26 16:55:48.727647",
>> "rc": 0,
>> "start": "2018-03-26 16:55:48.723900",
>> "stderr": "",
>> "stderr_lines": [],
>> "stdout": "server01",
>> "stdout_lines": [
>> "server01"
>> ]
>> }
>> }
>>
>> PLAY RECAP
>> 
>> localhost  : ok=2changed=1unreachable=0
>> failed=0
>>
>>
>>
>> What I actually get is:
>>
>> PLAY [When test]
>> ***
>>
>> TASK [Get hostname]
>> 
>> changed: [localhost]
>>
>> TASK [Get user]
>> 
>> skipping: [localhost]
>>
>> TASK [debug]
>> ***
>> ok: [localhost] => {
>> "changed": false,
>> "output": {
>> "changed": false,
>> "skip_reason": "Conditional result was False",
>> "skipped": true
>> }
>> }
>>
>> PLAY RECAP
>> ***
>> localhost  : ok=2changed=1unreachable=0
>> failed=0
>>
>>
>> Or am I misunderstanding something?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/139ab0b4-8371-403d-9ebb-5ee119c8ebdf%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/139ab0b4-8371-403d-9ebb-5ee119c8ebdf%40googlegroups.com?utm_medium=email_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3DmqmXm8j3rBgp8wdxE1z2M_iKDCgDbcx%3DgLxwFX069O8g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Variable gets registered even if when clause is false

2018-03-26 Thread Marcos Alano 
What the value of 'now' variable?

On Mon, Mar 26, 2018, 1:01 PM MKPhil  wrote:

> In a playbook, a Variable gets registered even if "when" clause is
> false...Is this a bug?
>
> Consider this playbook
>
> ---
> - name: When test
>   gather_facts: false
>   hosts: all
>   vars:
> now: true
>   tasks:
> - name: Get hostname
>   shell: hostname
>   register: output
>   when: now == true
>
>
> - name: Get user
>   shell: whoami
>   register: output
>   when: now != true
>
> - debug:
> var: output
>
>
> What should be the output?
> Logically, I believe it should be the result of the first play:
>
>
> PLAY [When test]
> 
>
> TASK [Get hostname]
> *
> changed: [localhost]
>
> TASK [debug]
> 
> ok: [localhost] => {
> "changed": false,
> "output": {
> "changed": true,
> "cmd": "hostname",
> "delta": "0:00:00.003747",
> "end": "2018-03-26 16:55:48.727647",
> "rc": 0,
> "start": "2018-03-26 16:55:48.723900",
> "stderr": "",
> "stderr_lines": [],
> "stdout": "server01",
> "stdout_lines": [
> "server01"
> ]
> }
> }
>
> PLAY RECAP
> 
> localhost  : ok=2changed=1unreachable=0failed=0
>
>
>
> What I actually get is:
>
> PLAY [When test]
> ***
>
> TASK [Get hostname]
> 
> changed: [localhost]
>
> TASK [Get user]
> 
> skipping: [localhost]
>
> TASK [debug]
> ***
> ok: [localhost] => {
> "changed": false,
> "output": {
> "changed": false,
> "skip_reason": "Conditional result was False",
> "skipped": true
> }
> }
>
> PLAY RECAP
> ***
> localhost  : ok=2changed=1unreachable=0failed=0
>
>
> Or am I misunderstanding something?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/139ab0b4-8371-403d-9ebb-5ee119c8ebdf%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3Dkccc4G-nDmRBAWk0k_6PvB8SFnrQMzHqbf3%2BRJZda%3D9Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Architecture of a complex ansible project

2018-03-23 Thread Marcos Alano 
You can use the option --roles-path .

On Fri, Mar 23, 2018 at 10:36 AM,   wrote:
> Is the folder where galaxy upload the roles locally on your machine part of
> the path that ansible-playbook will look for to find a role ?
>
> On Friday, March 23, 2018 at 11:52:20 AM UTC+1, cmou...@redhat.com wrote:
>>
>> Hi
>>
>> Is there a document describing the best practices to organise a complex
>> Ansible project ?
>>
>> Here is the project that I'm thinking about :
>>
>> - Project has been designed as a collection of reusable modules (= role)
>> which are living under by example this folder "complexproject/roles" fo the
>> modules part of the main project
>> - Project could include roles created and managed by external teams and
>> git cloned locally under "complexproject/imported/projectA/roles,
>> complexproject/imported/projectB/roles"
>> - Users access the main playbooks using this command "ansible-playbook -i
>> inventory complexproject/playbooks/main.yml
>> - main.yml file contains roles tagged to be called
>>
>> E.g.
>> ---
>> - hosts: "{{ openshift_node }}"
>>   gather_facts: "{{ gathering_host_info | bool == true }}"
>>
>>   roles:
>> - { role: 'enable_cluster_admin', tags: 'enable_cluster_admin', when:
>> target_platform == 'cloud' }
>> - { role: 'create_projects',  tags: 'create_projects'}
>> - { role: 'persistence',  tags: 'persistence',  when:
>> target_platform == 'cloud' }
>>
>> Questions
>> - Is this approach coherent/consistent ?
>> - Can we set up a var to tell to Ansible where all the roles are located:
>> complexproject/roles:complexproject/imported/projectA/roles:complexproject/imported/projectB/roles
>> - Should we adopt a different approach where different projects which
>> contain roles are imported using "import_playbook" --> see
>> `openshift-ansible` project - https://goo.gl/KXDWXN ?
>>
>> Regards
>>
>> Charles
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/182d1fde-121b-4f13-89cb-a9be324526cc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3Dm7cTDF_4HHsFv4sKpmRZQ9YATNvbBn0VrJ1FUHt79uYA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Use role defined under another filesystem path

2018-03-23 Thread Marcos Alano 
You could use Ansible Galaxy to import your roles. I think this is the
sane approach.

On Thu, Mar 22, 2018 at 2:48 PM,   wrote:
> Hi
>
> My playbook is executed from this directory /home/projectA/playbook and it
> contains roles directory.
> One of the task defined within a role of this playbook would like to call
> another role which is not defined under  /home/projectA/playbook/roles
> but within a different directory
>
> /home/projectB
> istio/
>   defaults/
>   meta/
>   tasks/
>   vars/
> main.yml
>
> Main file
> ###
> ---
> - hosts: localhost
>   gather_facts: true
>   roles:
> - istio
>
> How can I within a /home/projectA/playbook/roles/roleA/tasks/main.yml calls
> the role "istio" ?
>
> Regards
>
> Charles
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/7672467b-cc78-47f8-a870-87c99dc270c2%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3Dkeow0FoCtMhUfaxDXpwhzLTbx1CpAbF0%3Dttr9D%3DPqvgg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] playbook works but hangs

2018-03-23 Thread Marcos Alano 
May be you search for some module to deal with Juniper devices. I
don't have any so I can't be more precisely.

On Fri, Mar 23, 2018 at 7:55 AM, 'Daley Okuwa' via Ansible Project
 wrote:
> Hello,
>
> I have a playbook here which seems to do what it needs to do but hangs
> It actually copies the file using ftp  but cannot find a way to exit out of
> the program
>
> ---
> - name: backup of juniper using expect
>   hosts: juniper
>   connection: local
>   tasks:
>- name: copy running config to ftp server
>  expect:
>   command: ssh admin@10.101.250.41
>   responses:
> Password: x#
> admin@POD1_SRX210>: file copy /config/juniper.conf.49.gz
> ftp://ansible:xx@10.241.11.237/juniper.conf.49.gz
> ftp://ansible:test123@10.241.11.237/juniper.co100% of 1024  B   84
> kBps\nadmin@POD1_SRX210>: exit
>
> OUTPUT
>
>
> ansible@ansible-new:/etc/ansible$ ansible-playbook -i hosts
> backup-juniper-expect.yml  -vvv
> ansible-playbook 2.4.2.0
>   config file = /etc/ansible/ansible.cfg
>   configured module search path =
> [u'/home/ansible/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
>   ansible python module location = /usr/lib/python2.7/dist-packages/ansible
>   executable location = /usr/bin/ansible-playbook
>   python version = 2.7.12 (default, Dec  4 2017, 14:50:18) [GCC 5.4.0
> 20160609]
> Using /etc/ansible/ansible.cfg as config file
> Parsed /etc/ansible/hosts inventory source with ini plugin
> PLAYBOOK: backup-juniper-expect.yml
> 
> 1 plays in backup-juniper-expect.yml
> PLAY [backup of juniper using expect]
> **
> TASK [Gathering Facts]
> *
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
> <10.201.250.41> ESTABLISH LOCAL CONNECTION FOR USER: ansible
> <10.201.250.41> EXEC /bin/sh -c 'echo ~ && sleep 0'
> <10.201.250.41> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676 `" &&
> echo ansible-tmp-1521801893.62-242955740702676="` echo
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676 `" ) &&
> sleep 0'
> <10.201.250.41> PUT /tmp/tmpc6YMbQ TO
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676/setup.py
> <10.201.250.41> EXEC /bin/sh -c 'chmod u+x
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676/
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676/setup.py
> && sleep 0'
> <10.201.250.41> EXEC /bin/sh -c '/usr/bin/python
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676/setup.py;
> rm -rf
> "/home/ansible/.ansible/tmp/ansible-tmp-1521801893.62-242955740702676/" >
> /dev/null 2>&1 && sleep 0'
> ok: [10.201.250.41]
> META: ran handlers
> TASK [copy running config to ftp server]
> ***
> task path: /etc/ansible/backup-juniper-expect.yml:7
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/commands/expect.py
> <10.201.250.41> ESTABLISH LOCAL CONNECTION FOR USER: ansible
> <10.201.250.41> EXEC /bin/sh -c 'echo ~ && sleep 0'
> <10.201.250.41> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765 `" &&
> echo ansible-tmp-1521801893.94-111637507774765="` echo
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765 `" ) &&
> sleep 0'
> <10.201.250.41> PUT /tmp/tmpamRP0L TO
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765/expect.py
> <10.201.250.41> EXEC /bin/sh -c 'chmod u+x
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765/
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765/expect.py
> && sleep 0'
> <10.201.250.41> EXEC /bin/sh -c '/usr/bin/python
> /home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765/expect.py;
> rm -rf
> "/home/ansible/.ansible/tmp/ansible-tmp-1521801893.94-111637507774765/" >
> /dev/null 2>&1 && sleep 0'
> ^CProcess WorkerProcess-2:
> Traceback (most recent call last):
>   File "/usr/lib/python2.7/multiprocessing/process.py", line 258, in
> _bootstrap
> self.run()
>   File
> "/usr/lib/python2.7/dist-packages/ansible/executor/process/worker.py", line
> 118, in run
> self._rslt_q
>   File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py",
> line 130, in run
> res = self._execute()
>   File "/usr/lib/python2.7/dist-packages/ansible/executor/task_executor.py",
> line 528, in _execute
> result = self._handler.run(task_vars=variables)
>   File "/usr/lib/python2.7/dist-packages/ansible/plugins/action/normal.py",
> line 45, in run
> results = merge_hash(results, self._execute_module(tmp=tmp,
> task_vars=task_vars, wrap_async=wrap_async))
>   File
> "/usr/lib/python2.7/dist-packages/ansible/plugins/action/__init__.py", line
>

Re: [ansible-project] Architecture of a complex ansible project

2018-03-23 Thread Marcos Alano 
On Youtube you has this amazing video about best practices:
https://www.youtube.com/watch?v=5BhAJ4mEfZ8
I think you should standardize your roles and export to it's own
repository. After that you can use Ansible Galaxy to install that.
You should think "I don't want to publish my roles!" but Ansible
Galaxy you can download roles from a Git repo (even a private one) and
not just the website galaxy.ansible.com.

Cheers!

On Fri, Mar 23, 2018 at 7:52 AM,   wrote:
> Hi
>
> Is there a document describing the best practices to organise a complex
> Ansible project ?
>
> Here is the project that I'm thinking about :
>
> - Project has been designed as a collection of reusable modules (= role)
> which are living under by example this folder "complexproject/roles" fo the
> modules part of the main project
> - Project could include roles created and managed by external teams and git
> cloned locally under "complexproject/imported/projectA/roles,
> complexproject/imported/projectB/roles"
> - Users access the main playbooks using this command "ansible-playbook -i
> inventory complexproject/playbooks/main.yml
> - main.yml file contains roles tagged to be called
>
> E.g.
> ---
> - hosts: "{{ openshift_node }}"
>   gather_facts: "{{ gathering_host_info | bool == true }}"
>
>   roles:
> - { role: 'enable_cluster_admin', tags: 'enable_cluster_admin', when:
> target_platform == 'cloud' }
> - { role: 'create_projects',  tags: 'create_projects'}
> - { role: 'persistence',  tags: 'persistence',  when:
> target_platform == 'cloud' }
>
> Questions
> - Is this approach coherent/consistent ?
> - Can we set up a var to tell to Ansible where all the roles are located:
> complexproject/roles:complexproject/imported/projectA/roles:complexproject/imported/projectB/roles
> - Should we adopt a different approach where different projects which
> contain roles are imported using "import_playbook" --> see
> `openshift-ansible` project - https://goo.gl/KXDWXN ?
>
> Regards
>
> Charles
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c9e936ce-5c2f-4956-a196-9babf84d6802%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3DmMhXQoxgwsZW4wXHcoq8Dnor9FZUHQPTUrs5MrE3tJzg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Playbook ignores attributes auth_pass\authorize and wont enter privilege mode.

2018-03-22 Thread Marcos Alano 
Options like "host" and "username" are part of provider option. You
should check the options and also the indentation.

On Wed, Mar 21, 2018 at 7:54 PM,   wrote:
> Hi Everyone!
>
> I am new to "Ansible". I've created a playbook that backups cisco running
> config. My problem is that i get an error Invalid input detector "^" i did
> some digging and its alerting due to the command not running in privileged
> mode. I've tried using authorize and auth_pass and it gives me an error
> saying :
>
>[WARNING]: Ignoring invalid attribute: username
>
>  [WARNING]: Ignoring invalid attribute: authorize
>
>  [WARNING]: Ignoring invalid attribute: auth_pass
>
>  [WARNING]: Ignoring invalid attribute: host
>
> here is playbook:
>
> ---
> - hosts: myswitches
>   gather_facts: true
>   connection: local
>
>   tasks:
>- name: show run
>  ios_command:
>commands:
>- show run
>  host: "{{ inventory_hostname }}"
>  auth_pass: cisco
>  username: cisco
>  password: cisco
>  authorize: yes
>  #provider:
>  #  authorize: yes
>  #  auth_pass: cisco
>  #register: config
>
>- name: save output to /etc/ansible/backups
>  copy:
>content: "{{ config.stdout[0] }}"
>dest: "/etc/ansible/backups/show_run_{{ inventory_hostname }}.txt"
>
>
> here is - outcome:
>
>
> ansible-playbook backups_test.yml -
> ansible-playbook 2.4.3.0
>   config file = /etc/ansible/ansible.cfg
>   configured module search path =
> [u'/home/techops/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
>   ansible python module location = /usr/lib/python2.7/dist-packages/ansible
>   executable location = /usr/bin/ansible-playbook
>   python version = 2.7.12 (default, Nov 20 2017, 18:23:56) [GCC 5.4.0
> 20160609]
> Using /etc/ansible/ansible.cfg as config file
> setting up inventory plugins
> Set default localhost to 127.0.0.1
> Parsed /etc/ansible/hosts inventory source with ini plugin
>  [WARNING]: Ignoring invalid attribute: username
>
>  [WARNING]: Ignoring invalid attribute: authorize
>
>  [WARNING]: Ignoring invalid attribute: auth_pass
>
>  [WARNING]: Ignoring invalid attribute: host
>
> Loading callback plugin default of type stdout, v2.0 from
> /usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc
>
> PLAYBOOK: backups_test.yml
> **
> 1 plays in backups_test.yml
>
> PLAY [myswitches]
> ***
>
> TASK [Gathering Facts]
> **
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
> <10.175.0.238> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.175.0.238> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
> <10.175.0.234> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.175.0.234> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
> ok: [10.175.0.234]
> ok: [10.175.0.238]
> META: ran handlers
>
> TASK [show run]
> *
> task path: /etc/ansible/playbooks/backups_test.yml:7
> <10.175.0.238> using connection plugin network_cli
> <10.175.0.234> using connection plugin network_cli
> <10.175.0.238> socket_path: /home/techops/.ansible/pc/3b9c1a1e70
> <10.175.0.234> socket_path: /home/techops/.ansible/pc/606d5c5780
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_command.py
> Using module file
> /usr/lib/python2.7/dist-packages/ansible/modules/network/ios/ios_command.py
> <10.175.0.238> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.175.0.238> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
> <10.175.0.234> ESTABLISH LOCAL CONNECTION FOR USER: root
> <10.175.0.234> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
> failed: [10.175.0.238] (item=OVuq7syghNs824LrXc7d) => {
> "changed": false,
> "invocation": {
> "module_args": {
> "auth_pass": null,
> "authorize": null,
> "commands": [
> "show run"
> ],
> "host": null,
> "interval": 1,
> "match": "all",
> "password": null,
> "port": null,
> "provider": null,
> "retries": 10,
> "ssh_keyfile": null,
> "timeout": null,
> "username": null,
> "wait_for": null
> }
> },
> "item":

Re: [ansible-project] Using serial strategy for playbook imported in a toplevel playbook causes entire play termination if some host is unreachable

2018-03-20 Thread Marcos Alano 
I ran a playbook on batches and one host failed but just that batch stopped.

On Tue, Mar 20, 2018 at 12:55 PM, Andrey Agenosov
 wrote:
> Hello all.
> Here is a simplified example:
> - import_playbook: test_unavailable_node_different_strategy.yml
>
> - hosts: 127.0.0.1
>   connection: local
>
> # The question is would we end up here in case of imported playbook (above)
> touches unavailable host
>   tasks:
> - debug: msg="Playbook finished"Введите код...
>
>
> And the code for imported playbook:
> - hosts: all
>   # Comment the line below and everything would be fine
>   serial: 1
>
>   tasks:
> - debug: msg="{{ inventory_hostname }}"Введите код...
>
> So when I'm launching something like this
> ansible-playbook -i '127.0.0.1,10.0.0.1' use_unavailable_nodes.yml
> --ask-pass -u andreyВведите код...
> when the 10.0.0.1 host is unreachable, the entire play aborts before
> reaching the task to be performed locally (see main playbook).
>
> If you comment 'serial: 1' then the local action in the main playbook also
> would be performed.
> Why there is such behaviour? Is this a bug or I'm missing something?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3c31fa30-7b75-4fbc-9e3b-ece572980f06%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.



-- 
Marcos H. Alano
Linux System Administrator
marcoshal...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAO3Us%3DkcnKHqUsi7KKy4rySngqMozdxZBtY%3DYDkjhMGCJD_nMA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Absurd run_once behavior, skipping entirely if first node fails a when test

2018-03-19 Thread Marcos Alano 
You mean the tasks should run in the first node available? If host1 is
unavailable the tasks should run in the host2, but if host2 is also
unavailable should run in host3 and so on?
I think is a valid concern. Even delegate_to could be set to a host
which may be is unavailable. The idea here is the tasks must run,
don't care which host, but must run anyway. May be an option?

On Mon, Mar 19, 2018 at 6:18 PM, Alex Hunt  wrote:
> The issue has nothing to do with delegate_to. The issue has to do with
> whether it decides to run at all, which delegate_to has no effect on. I
> don't care which host it runs on, and if I did, I could use delegate_to as
> you have noted. The delegate_to directive works properly.
>
> It is totally fine for it to execute on the first host in the inventory, as
> long as it runs when that host is skipped for the included task book. I
> apologize if I'm not being clear about what the issue is.
>
> Here's the same example, updated with a delegate_to, since everyone seems to
> think that matters.
>
> Inventory
> [all]
> host1
> host2
> host3
>
> Playbook
> - name: Test Play
>   hosts: all
>   tasks:
> - include: outer-task.yml
>
> outer-task.yml
> - name: Outer task
>   include: inner-task.yml
>   when: inventory_hostname != 'host1'
>
> inner-task.yml
> - name: Inner task
>   command: do_something
>   run_once: True
>   delegate_to: 'host2'
>
> In this example, it should run on host2, but it does not, since host1 skips
> the entire inner-task.yml. This is the problem.
>
> In my original example, I didn't care if it ran on host1, as long as it ran,
> but it doesn't run at all.
>
> On Monday, March 19, 2018 at 1:54:06 PM UTC-7, Matt Martz wrote:
>>
>> The behavior is documented via that information provided above. `run_once`
>> in it's current form is designed to be consistent and predictable in which
>> host is picked to execute the task against.
>>
>> > When “run_once” is not used with “delegate_to” it will execute on the
>> > first host, as defined by inventory, in the group(s) of hosts targeted by
>> > the play
>>
>> If the first host is failed, it is removed from the play list, and
>> run_once will therefore be skipped.
>>
>> Using `delegate_to` allows you to define what you believe is consistent or
>> predictable. If you don't care what host it executes on, using `delegate_to`
>> can be made to do what you want:
>>
>> - command: whoami
>>   run_once: true
>>   delegate_to: "{{ ansible_play_hosts|first }}"
>>
>> `ansible_play_hosts` is updated as hosts fail.
>>
>> So if it started as:
>>
>> "ansible_play_hosts": [
>> "host0",
>> "host1",
>> "host2",
>> "host3",
>> "host4"
>> ]
>>
>> and `host0` failed, that `delegate_to` above will utilize `host1`.
>> Instead of first, something like `random` could be used too.
>>
>> If you wish to add further, constructive, clarification to the docs, and
>> potentially examples such as the one I provide above, feel free to submit a
>> documentation pull request.
>>
>> On Mon, Mar 19, 2018 at 3:33 PM, Alex Hunt  wrote:
>>>
>>> I think you're confused by what the issue is. Whether I use delegate_to
>>> or not is irrelevant. I don't care which host it runs on, and if I did, I
>>> would use the delegate_to. Even if I use delegate_to, it will still be
>>> skipped, since it evaluates whether to run the task at all based on the
>>> first host. I'm sorry I didn't include a delegate_to in my example, which
>>> lead to this confusion.
>>>
>>> http://docs.ansible.com/ansible/latest/playbooks_delegation.html#run-once
>>> makes no mention of the fact that even with delegate_to it decides whether
>>> to run at all based on the first host. The mention of delegate_to actually
>>> makes this more confusing, since that The delegate_to should control where
>>> the execution happens (something irrelevant to this issue), not whether it
>>> runs at all. That part is at least consistent, since delegate_to does not
>>> control whether to run it.
>>>
>>> The issue is that run_once is not actually running once. It is "run only
>>> if the first node in the play says to run it", not "run one time if it
>>> should run for any host in the play". The latter is intuitive behavior. You
>>> talk of predictable results, and it is not predictable to have behavior that
>>> changes based on the order of hosts in your inventory file (the current
>>> behavior).
>>>
>>> Please note that in my example, the when clause is NOT on the task with
>>> run_once. If we make reusable code, we may be including that piece in many
>>> places, with or without the when clause.
>>>
>>>
>>> On Monday, March 19, 2018 at 12:15:13 PM UTC-7, flowerysong wrote:

 On Monday, March 19, 2018 at 2:49:12 PM UTC-4, Alex Hunt wrote:
>
> When running a task with run_once, if the first node is skipped, the
> entire task is skipped, rather than running on the first host that is not
> skipped.
>
> This

[ansible-project] Implementation question

2016-04-05 Thread Marcos Alano 
Hi fellows!

I'm a relatively new on Ansible. I can write some code, but I don't know 
how to do some things in the best possible way. So what's why I'm asking 
for help.
First, a little of contextualization: I'm working in my college on a 
project about personal health records. The idea is create a system on a 
private cloud to store this records. This cloud is based on OpenStack but 
for tests I would like use KVM (but I can use LXC as well).
There will be just one virtual machine image for all types of machines 
(databases, message queues, load balancers, etc.) and each type of machine 
will receive specific customizations (like package installation) from 
Ansible.
So after boot up a minimum machine it will become different for each task.
 My problem is: How  could I deploy this machines? I would like each 
machine has a identifier (to specific the type of machine and instance 
number) and inventory was feeded by OpenStack.

Thanks and if you have any question I would love to answer.

Cheers.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/82f81edf-ba5a-4d4e-a805-598ee842b845%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.