[ansible-project] High CPU utilization by Ansible

[Mohan Viswanathan]

Hi Team,
This mail is regarding the CPU utilization of the Ansible 

I have a Centos (version 8) Machine where Ansible is installed ( 4CPU and 
16GB RAM) Executing 2 to 3 parallel calls takes up to 100% CPU
Help us to know if any optimization can be done here

Setup details 
*Machine where Ansible is installed*
Centos 8 
*Ansible version *
ansible [core 2.11.12]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', 
'/usr/share/ansible/plugins/modules']
  ansible python module location = 
/usr/local/lib/python3.7/site-packages/ansible
  ansible collection location = 
/root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.7.16 (default, May  3 2023, 10:58:47) [GCC 11.2.1 
20220219]
  jinja version = 3.1.2
  libyaml = False
pywinRM version 
pywinrm==0.4.3
*remote host details *
windows 2019 4CPU and 16 GB RAM

*Command used to Execute *
ansible-playbook -i /tmp/ansible_adapter/inventory/hostinventory 
 ./helloworld.yaml -vvv

*Play book *
- hosts: all
  tasks:
- name: Execute the executable
  win_command: helloworld.exe
  register: host_output
- set_fact:
result: "{{ host_output.stdout }}"
err_details: "{{ host_output.stderr }}"
cacheable: yes
- debug:
var: host_output.stdout_lines

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6d18054b-f9df-4524-9eca-adc9b4376e7dn%40googlegroups.com.

[ansible-project] CPU utilization

[Mohan Viswanathan]

Hi Team,

This mail is regarding the CPU utilization of the Ansible 

 

I have a Centos (version 8) Machine where Ansible is installed ( 4CPU and 
16GB RAM) Executing 2 to 3 parallel calls takes up to 100% CPU

Help us to know if any optimization can be done here

 

Setup details 

*Machine where Ansible is installed*

Centos 8 

Ansible version 

ansible [core 2.11.12]

  config file = None

  configured module search path = ['/root/.ansible/plugins/modules', 
'/usr/share/ansible/plugins/modules']

  ansible python module location = 
/usr/local/lib/python3.7/site-packages/ansible

  ansible collection location = 
/root/.ansible/collections:/usr/share/ansible/collections

  executable location = /usr/local/bin/ansible

  python version = 3.7.16 (default, May  3 2023, 10:58:47) [GCC 11.2.1 
20220219]

  jinja version = 3.1.2

  libyaml = False

*pywinRM version *

pywinrm==0.4.3

*remote host details *

windows 2019 4CPU and 16 GB RAM

 

*Command used to Execute *

ansible-playbook -i /tmp/ansible_adapter/inventory/hostinventory 
 ./helloworld.yaml -vvv

we use NTLM way of Authentication to Windows host

Play book is written like this

Play book is written like this
- hosts: all
  tasks:
- name: Execute the executable
  win_command: helloworld.exe
  register: host_output
- set_fact:
result: "{{ host_output.stdout }}"
err_details: "{{ host_output.stderr }}"
cacheable: yes
- debug:
var: host_output.stdout_lines

 Thanks

mohan

 

 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e1056fc9-0be4-4e0c-8025-0889c0876860n%40googlegroups.com.

Re: [ansible-project] Ansible module for VM workstation to PowerOn & PowerOff

[Mohan]

Okay. Thank you very much. I'll check it out.

On Mon, 25 Jul 2022, 5:40 pm Will McDonald,  wrote:

> https://github.com/qsypoq/Ansible-VMware-Workstation-Fusion-Pro-Modules
> looks like it wraps vmrest.exe which would allow you to control the power
> state of VMs.
>
> You could also, more crudely, just stop/start using vmrun.exe
> [stop|suspend|start]  and wrap that with
> command/shell/win_powershell.
>
>
> On Mon, 25 Jul 2022 at 12:59, Mohan  wrote:
>
>> Hello Community members,
>>
>> I’m using vmware workstation version 15.0.0 on Ubuntu-20.04-LTS machine.
>>
>> We have deployed VM workstation based Windows-10 machines in that. I
>> want to know which ansible module we can use to *PowerOn *and *PowerOff 
>> *windows-10
>> virtual machines from workstation?
>>
>> I was searching online to find ansible module for the same, However i
>> couldn’t find the ideal document. So please let me know module in ansible?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/adc99c80-db2e-4f06-ad1a-5db1a5dbfb5bn%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/adc99c80-db2e-4f06-ad1a-5db1a5dbfb5bn%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/JUarxotNpyY/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAKtKohSzTRcg6Xeptx84X-m0PgJJVoQLhkWCEpVAYK4Qc%3DAaGw%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAKtKohSzTRcg6Xeptx84X-m0PgJJVoQLhkWCEpVAYK4Qc%3DAaGw%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2B4Hw5ZRAjmXQ-URjFENszsPa-PqGR5HsFVWiGN1D0ffsz3CRA%40mail.gmail.com.

[ansible-project] Ansible module for VM workstation to PowerOn & PowerOff

[Mohan]

Hello Community members,

I’m using vmware workstation version 15.0.0 on Ubuntu-20.04-LTS machine.

We have deployed VM workstation based Windows-10 machines in that. I want 
to know which ansible module we can use to *PowerOn *and *PowerOff *windows-10 
virtual machines from workstation?

I was searching online to find ansible module for the same, However i 
couldn’t find the ideal document. So please let me know module in ansible?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/adc99c80-db2e-4f06-ad1a-5db1a5dbfb5bn%40googlegroups.com.

[ansible-project] Restricting Commands after privilege escalation using sudo in ansible.

[varun mohan]

Hi,
Currently ansible uses wrapper scripts(shell/python) for executing commands 
as privileged user suing sudo. Due to this its currently not possible to 
restrict what commands ansible fires on the remote machine after privilege 
escalation. Main reason being ansible required NO PASSWD:ALL or NO 
PASSwd:/bin/sh( which is equivalent to NO PASSWD:ALL). Is there any way to 
control this.

Regards
Varun

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/87ce2f5e-c7d6-4f50-b7c3-2b13beb63dd8%40googlegroups.com.

[ansible-project] Re: Building inventory from csv file

[Mohan L]

>
>
>
>   tasks:
>   - name: efine Values From CSV File
>   set_fact:
> tenant: "{{ lookup('csvfile', ' 
> file=/root/ansible/tasks/csv-file/example.csv delimiter=, col=1') }}
>  
>

Your error seems due to missing closing double quote in the above line.  

tenant: "{{ lookup('csvfile', ' 
file=/root/ansible/tasks/csv-file/example.csv delimiter=, col=1') }}"


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d19b0915-e77f-4aed-8468-240b98c22ed3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: unarchive a file is failing

[Mohan L]

I am not clear about what you are trying to achieve here. are you using XYZ 
in with_items? Please note you have to quote src and dest in XYZ otherwise 
Ansible will treat src/dest are variables.  

On Tuesday, November 13, 2018 at 2:28:55 PM UTC+5:30, Mohan L wrote:
>
>
> I am not clear about what you are trying to achieve here. are you using 
> XYZ in with_items? Please note you have to quote src and dest in XYZ other 
> Ansible will src/dest are variables.  
>
> On Tuesday, November 13, 2018 at 2:14:25 PM UTC+5:30, 
> anushake...@gmail.com wrote:
>>
>> Please find the files below.
>>
>>
>> *vars/main.yml*
>>
>> XYZ:
>> - { src: '/tmp/abc/ab.warr', dest: '/tmp/abc/' }
>>
>> TAR:
>> - { "src_tar": "/tmp/xx/sample.tar.gz", "dest_tar": "/tmp/sss/" }
>>
>> *tasks/main.yml*
>>
>> ---
>> - hosts: all
>>   vars_files:
>>   - /etc/ansible/xxx/xyz/vars/main.yml
>>   tasks:
>>   - name: test
>> unarchive:
>>   src: "{{ item.src_tar }}"
>>   dest: "{{ item.dest_tar }}"
>> with_items: "{{ TAR }}"
>>
>>
>> On Tuesday, November 13, 2018 at 2:06:40 PM UTC+5:30, Mohan L wrote:
>>>
>>>
>>> It looks like again you are not placing quotes around dictionary key. 
>>> Can you please show your code which through this error?
>>>
>>> On Tuesday, November 13, 2018 at 12:53:39 PM UTC+5:30, 
>>> anushake...@gmail.com wrote:
>>>>
>>>> It is unpacking a tar file successfully but at the same time I am 
>>>> getting below error. Could you please help.
>>>>
>>>>
>>>>  {"msg": "The task includes an option with an undefined variable. The 
>>>> error was: 'dict object' has no attribute 'dest_tar'\n\nThe error appears 
>>>> to have been in '/etc/ansible/xxx/xy/tasks/main.yml': line 26, column 5, 
>>>> but may\nbe elsewhere in the file depending on the exact syntax 
>>>> problem.\n\nThe offending line appears to be:\n\n\n  - name: test\n^ 
>>>> here\n"}
>>>>
>>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7afcb4b4-3602-4e51-bfc0-28a1cdcc4e41%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: unarchive a file is failing

[Mohan L]

I am not clear about what you are trying to achieve here. are you using XYZ 
in with_items? Please note you have to quote src and dest in XYZ other 
Ansible will src/dest are variables.  

On Tuesday, November 13, 2018 at 2:14:25 PM UTC+5:30, anushake...@gmail.com 
wrote:
>
> Please find the files below.
>
>
> *vars/main.yml*
>
> XYZ:
> - { src: '/tmp/abc/ab.warr', dest: '/tmp/abc/' }
>
> TAR:
> - { "src_tar": "/tmp/xx/sample.tar.gz", "dest_tar": "/tmp/sss/" }
>
> *tasks/main.yml*
>
> ---
> - hosts: all
>   vars_files:
>   - /etc/ansible/xxx/xyz/vars/main.yml
>   tasks:
>   - name: test
> unarchive:
>   src: "{{ item.src_tar }}"
>   dest: "{{ item.dest_tar }}"
> with_items: "{{ TAR }}"
>
>
> On Tuesday, November 13, 2018 at 2:06:40 PM UTC+5:30, Mohan L wrote:
>>
>>
>> It looks like again you are not placing quotes around dictionary key. Can 
>> you please show your code which through this error?
>>
>> On Tuesday, November 13, 2018 at 12:53:39 PM UTC+5:30, 
>> anushake...@gmail.com wrote:
>>>
>>> It is unpacking a tar file successfully but at the same time I am 
>>> getting below error. Could you please help.
>>>
>>>
>>>  {"msg": "The task includes an option with an undefined variable. The 
>>> error was: 'dict object' has no attribute 'dest_tar'\n\nThe error appears 
>>> to have been in '/etc/ansible/xxx/xy/tasks/main.yml': line 26, column 5, 
>>> but may\nbe elsewhere in the file depending on the exact syntax 
>>> problem.\n\nThe offending line appears to be:\n\n\n  - name: test\n^ 
>>> here\n"}
>>>
>>>
>>> On Tuesday, November 13, 2018 at 12:46:58 PM UTC+5:30, Keshipeddy Anusha 
>>> wrote:
>>>>
>>>> Thank you Mohan that worked for me, but may I know why we need to place 
>>>> them in double quotes??
>>>>
>>>> On Tue, Nov 13, 2018, 11:56 AM Mohan L >>>
>>>>>
>>>>>
>>>>> You have to quote the dictionary key as well. 
>>>>>
>>>>> FROM
>>>>>
>>>>> - { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' } 
>>>>>
>>>>> TO
>>>>>
>>>>> - { 'src_tar': '/home/virtual/xx/sample.tar.gz', 'dest_tar': 
>>>>> '/tmp/sss/' }
>>>>>
>>>>>
>>>>> Here is the working example. If you write a role and call that role 
>>>>> from playbook then you no need to use var_files section. vars/main.yml is 
>>>>> one of the default ansible search path. 
>>>>>
>>>>> See how my tasks/main.yml :
>>>>>
>>>>> # cat roles/xyz/tasks/main.yml 
>>>>>
>>>>> ---
>>>>>
>>>>> # tasks file for xyz
>>>>>
>>>>> - name: Extract /tmp/xx/sample.tar.gz into /tmp/sss
>>>>>
>>>>>   unarchive:
>>>>>
>>>>> src: "{{ item.src_path }}"
>>>>>
>>>>> dest: "{{ item.dest_path }}"
>>>>>
>>>>>   with_items: "{{ TAR }}"
>>>>>
>>>>>
>>>>>
>>>>> #See the vars/main.yml
>>>>>
>>>>> # cat roles/xyz/vars/main.yml 
>>>>>
>>>>> ---
>>>>>
>>>>> # vars file for xyz
>>>>>
>>>>> TAR:
>>>>>
>>>>>  - { "src_path": "/tmp/xx/sample.tar.gz", "dest_path": "/tmp/sss/" }
>>>>>
>>>>>
>>>>>
>>>>> # See the Ansible playbook
>>>>>
>>>>> # cat /etc/asnible/site.yml 
>>>>>
>>>>> ---
>>>>>
>>>>> - hosts: all
>>>>>
>>>>>   
>>>>>
>>>>>   roles:
>>>>>
>>>>> - xyz 
>>>>>
>>>>>
>>>>> # ansible-playbook site.yml
>>>>>
>>>>>
>>>>> TASK [xyz : Extract /tmp/xx/sample.tar.gz into /tmp/sss] 
>>>>> ***
>>>>>
>>>>> ok: [localhost] =

Re: [ansible-project] Re: unarchive a file is failing

[Mohan L]

It looks like again you are not placing quotes around dictionary key. Can 
you please show your code which through this error?

On Tuesday, November 13, 2018 at 12:53:39 PM UTC+5:30, 
anushake...@gmail.com wrote:
>
> It is unpacking a tar file successfully but at the same time I am getting 
> below error. Could you please help.
>
>
>  {"msg": "The task includes an option with an undefined variable. The 
> error was: 'dict object' has no attribute 'dest_tar'\n\nThe error appears 
> to have been in '/etc/ansible/xxx/xy/tasks/main.yml': line 26, column 5, 
> but may\nbe elsewhere in the file depending on the exact syntax 
> problem.\n\nThe offending line appears to be:\n\n\n  - name: test\n^ 
> here\n"}
>
>
> On Tuesday, November 13, 2018 at 12:46:58 PM UTC+5:30, Keshipeddy Anusha 
> wrote:
>>
>> Thank you Mohan that worked for me, but may I know why we need to place 
>> them in double quotes??
>>
>> On Tue, Nov 13, 2018, 11:56 AM Mohan L  
>> wrote:
>>
>>>
>>>
>>> You have to quote the dictionary key as well. 
>>>
>>> FROM
>>>
>>> - { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' } 
>>>
>>> TO
>>>
>>> - { 'src_tar': '/home/virtual/xx/sample.tar.gz', 'dest_tar': '/tmp/sss/' 
>>> }
>>>
>>>
>>> Here is the working example. If you write a role and call that role from 
>>> playbook then you no need to use var_files section. vars/main.yml is one of 
>>> the default ansible search path. 
>>>
>>> See how my tasks/main.yml :
>>>
>>> # cat roles/xyz/tasks/main.yml 
>>>
>>> ---
>>>
>>> # tasks file for xyz
>>>
>>> - name: Extract /tmp/xx/sample.tar.gz into /tmp/sss
>>>
>>>   unarchive:
>>>
>>> src: "{{ item.src_path }}"
>>>
>>> dest: "{{ item.dest_path }}"
>>>
>>>   with_items: "{{ TAR }}"
>>>
>>>
>>>
>>> #See the vars/main.yml
>>>
>>> # cat roles/xyz/vars/main.yml 
>>>
>>> ---
>>>
>>> # vars file for xyz
>>>
>>> TAR:
>>>
>>>  - { "src_path": "/tmp/xx/sample.tar.gz", "dest_path": "/tmp/sss/" }
>>>
>>>
>>>
>>> # See the Ansible playbook
>>>
>>> # cat /etc/asnible/site.yml 
>>>
>>> ---
>>>
>>> - hosts: all
>>>
>>>   
>>>
>>>   roles:
>>>
>>> - xyz 
>>>
>>>
>>> # ansible-playbook site.yml
>>>
>>>
>>> TASK [xyz : Extract /tmp/xx/sample.tar.gz into /tmp/sss] 
>>> ***
>>>
>>> ok: [localhost] => (item={u'src_path': u'/tmp/xx/sample.tar.gz', 
>>> u'dest_path': u'/tmp/sss/'})
>>>
>>>
>>> PLAY RECAP 
>>> *
>>>
>>> localhost  : ok=2changed=0unreachable=0
>>> failed=0   
>>>
>>>
>>> # ls /tmp/xx/sample.tar.gz 
>>>
>>> /tmp/xx/sample.tar.gz
>>>
>>>
>>> # ls /tmp/sss/
>>>
>>> sample
>>>
>>>
>>>
>>>
>>> On Monday, November 12, 2018 at 11:09:08 PM UTC+5:30, 
>>> anushake...@gmail.com wrote:
>>>>
>>>> Hi Team,
>>>>
>>>> I am trying to unarchive a file is failing with below errors. Could 
>>>> someone please look into it.
>>>>
>>>> *Playbook:*
>>>>
>>>> ---
>>>>
>>>> - hosts: all
>>>>
>>>>   vars_files:
>>>>
>>>>   - /etc/ansible/xx/xyz/vars/main.yml
>>>>
>>>>   tasks:
>>>>
>>>>   - name: test
>>>>
>>>> unarchive:
>>>>
>>>>   src: "{{ item.src_tar }}"
>>>>
>>>>   dest: “{{ item.dest_tar }}”
>>>>
>>>> with_items: "{{ TAR }}"
>>>>
>>>>
>>>> *vars_files:*
>>>>
>>>>
>>>> TAR:
>>>>
>>>> - { src_tar: '/home/virtual/xx/sa

Re: [ansible-project] Re: unarchive a file is failing

[Mohan L]

Ansible think src_tar as variable If you don't place quotes so through 
error saying undefined variable.   

On Tuesday, November 13, 2018 at 12:46:58 PM UTC+5:30, Keshipeddy Anusha 
wrote:
>
> Thank you Mohan that worked for me, but may I know why we need to place 
> them in double quotes??
>
> On Tue, Nov 13, 2018, 11:56 AM Mohan L  
> wrote:
>
>>
>>
>> You have to quote the dictionary key as well. 
>>
>> FROM
>>
>> - { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' } 
>>
>> TO
>>
>> - { 'src_tar': '/home/virtual/xx/sample.tar.gz', 'dest_tar': '/tmp/sss/' }
>>
>>
>> Here is the working example. If you write a role and call that role from 
>> playbook then you no need to use var_files section. vars/main.yml is one of 
>> the default ansible search path. 
>>
>> See how my tasks/main.yml :
>>
>> # cat roles/xyz/tasks/main.yml 
>>
>> ---
>>
>> # tasks file for xyz
>>
>> - name: Extract /tmp/xx/sample.tar.gz into /tmp/sss
>>
>>   unarchive:
>>
>> src: "{{ item.src_path }}"
>>
>> dest: "{{ item.dest_path }}"
>>
>>   with_items: "{{ TAR }}"
>>
>>
>>
>> #See the vars/main.yml
>>
>> # cat roles/xyz/vars/main.yml 
>>
>> ---
>>
>> # vars file for xyz
>>
>> TAR:
>>
>>  - { "src_path": "/tmp/xx/sample.tar.gz", "dest_path": "/tmp/sss/" }
>>
>>
>>
>> # See the Ansible playbook
>>
>> # cat /etc/asnible/site.yml 
>>
>> ---
>>
>> - hosts: all
>>
>>   
>>
>>   roles:
>>
>> - xyz 
>>
>>
>> # ansible-playbook site.yml
>>
>>
>> TASK [xyz : Extract /tmp/xx/sample.tar.gz into /tmp/sss] 
>> ***
>>
>> ok: [localhost] => (item={u'src_path': u'/tmp/xx/sample.tar.gz', 
>> u'dest_path': u'/tmp/sss/'})
>>
>>
>> PLAY RECAP 
>> *
>>
>> localhost  : ok=2changed=0unreachable=0
>> failed=0   
>>
>>
>> # ls /tmp/xx/sample.tar.gz 
>>
>> /tmp/xx/sample.tar.gz
>>
>>
>> # ls /tmp/sss/
>>
>> sample
>>
>>
>>
>>
>> On Monday, November 12, 2018 at 11:09:08 PM UTC+5:30, 
>> anushake...@gmail.com wrote:
>>>
>>> Hi Team,
>>>
>>> I am trying to unarchive a file is failing with below errors. Could 
>>> someone please look into it.
>>>
>>> *Playbook:*
>>>
>>> ---
>>>
>>> - hosts: all
>>>
>>>   vars_files:
>>>
>>>   - /etc/ansible/xx/xyz/vars/main.yml
>>>
>>>   tasks:
>>>
>>>   - name: test
>>>
>>> unarchive:
>>>
>>>   src: "{{ item.src_tar }}"
>>>
>>>   dest: “{{ item.dest_tar }}”
>>>
>>> with_items: "{{ TAR }}"
>>>
>>>
>>> *vars_files:*
>>>
>>>
>>> TAR:
>>>
>>> - { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' }
>>>
>>>
>>> *Error:*
>>>
>>> "msg": "The task includes an option with an undefined variable. The 
>>> error was: 'dict object' has no attribute 'dest_tar'\n\nThe error appears 
>>> to have been in '/etc/ansible/xx/xyz/tasks/main.yml': line 23, column 5, 
>>> but may\nbe elsewhere in the file depending on the exact syntax 
>>> problem.\n\nThe offending line appears to be:\n\nwith_items: \"{{ TAR 
>>> }}\"\n  - name: test\n^ here\n"}
>>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/95a45bc1-676f-496b-8e03-709c10a845eb%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/95a45bc1-676f-496b-8e03-709c10a845eb%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c3d97692-e2c0-4221-9722-d223f01c7646%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: unarchive a file is failing

[Mohan L]

You have to quote the dictionary key as well. 

FROM

- { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' } 

TO

- { 'src_tar': '/home/virtual/xx/sample.tar.gz', 'dest_tar': '/tmp/sss/' }


Here is the working example. If you write a role and call that role from 
playbook then you no need to use var_files section. vars/main.yml is one of 
the default ansible search path. 

See how my tasks/main.yml :

# cat roles/xyz/tasks/main.yml 

---

# tasks file for xyz

- name: Extract /tmp/xx/sample.tar.gz into /tmp/sss

  unarchive:

src: "{{ item.src_path }}"

dest: "{{ item.dest_path }}"

  with_items: "{{ TAR }}"



#See the vars/main.yml

# cat roles/xyz/vars/main.yml 

---

# vars file for xyz

TAR:

 - { "src_path": "/tmp/xx/sample.tar.gz", "dest_path": "/tmp/sss/" }



# See the Ansible playbook

# cat /etc/asnible/site.yml 

---

- hosts: all

  

  roles:

- xyz 


# ansible-playbook site.yml


TASK [xyz : Extract /tmp/xx/sample.tar.gz into /tmp/sss] 
***

ok: [localhost] => (item={u'src_path': u'/tmp/xx/sample.tar.gz', 
u'dest_path': u'/tmp/sss/'})


PLAY RECAP 
*

localhost  : ok=2changed=0unreachable=0failed=0  
 


# ls /tmp/xx/sample.tar.gz 

/tmp/xx/sample.tar.gz


# ls /tmp/sss/

sample




On Monday, November 12, 2018 at 11:09:08 PM UTC+5:30, anushake...@gmail.com 
wrote:
>
> Hi Team,
>
> I am trying to unarchive a file is failing with below errors. Could 
> someone please look into it.
>
> *Playbook:*
>
> ---
>
> - hosts: all
>
>   vars_files:
>
>   - /etc/ansible/xx/xyz/vars/main.yml
>
>   tasks:
>
>   - name: test
>
> unarchive:
>
>   src: "{{ item.src_tar }}"
>
>   dest: “{{ item.dest_tar }}”
>
> with_items: "{{ TAR }}"
>
>
> *vars_files:*
>
>
> TAR:
>
> - { src_tar: '/home/virtual/xx/sample.tar.gz', dest_tar: '/tmp/sss/' }
>
>
> *Error:*
>
> "msg": "The task includes an option with an undefined variable. The error 
> was: 'dict object' has no attribute 'dest_tar'\n\nThe error appears to have 
> been in '/etc/ansible/xx/xyz/tasks/main.yml': line 23, column 5, but 
> may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe 
> offending line appears to be:\n\nwith_items: \"{{ TAR }}\"\n  - name: 
> test\n^ here\n"}
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/95a45bc1-676f-496b-8e03-709c10a845eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

Oh! yeah. I missed that part. 

On Friday, November 2, 2018 at 3:55:23 PM UTC+5:30, Frank Thommen wrote:
>
> This is not the same: 
>
>* copy module copies from the controller (where you run the 
>  ansible-playbook command) to the client 
>* cp -f copies a file locally from client to itself 
>
> frank 
>
>
>
> On 11/02/2018 10:25 AM, Mohan L wrote: 
> > Try with command or shell module with cp -f. 
> > 
> > On Friday, November 2, 2018 at 2:21:33 PM UTC+5:30, Keshipeddy Anusha 
> wrote: 
> > 
> > No change Mohan 
> >     It is not replacing the file 
> > 
> > On Fri, Nov 2, 2018, 2:20 PM Mohan L  >  wrote: 
> > 
> > copy module with force yes automatically replace it. Otherwise 
> > you may need to delete it before copy task. 
> > 
> > On Thursday, November 1, 2018 at 8:11:53 PM UTC+5:30, Keshipeddy 
> > Anusha wrote: 
> > 
> > Okay got it. Is there any specific module that we can use to 
> > replace a complete file in remote server? 
> > 
> > Thank you for your help. 
> > 
> > Thanks, 
> > Anusha 
> > 
> > On Thu, Nov 1, 2018, 8:07 PM Mohan L  wrote: 
> > 
> > 
> > What is happening when you try to use force: yes? 
> > 
> > *force* 
> > bool 
> >  
> > 
> >   * *Choices:*no 
> >   * 
> > *yes* ← 
> > 
> >  
> > the default is |yes|, which will replace the remote file 
> > when contents are different than the source. If |no|, 
> > the file will only be transferred if the destination 
> > does not exist. 
> > 
> > aliases: thirsty 
> > 
> > 
> > On Thursday, November 1, 2018 at 9:48:27 AM UTC+5:30, 
> > Keshipeddy Anusha wrote: 
> > 
> >     How to replace the existing file on remote server 
> > should we use any specific module for that? I 
> > tried using force=yes but it didn't work for me. 
> > 
> > On Tue, Oct 30, 2018, 5:30 PM  > wrote: 
> > 
> > Thank you Mohan that worked for me 
> > 
> > -- 
> > You received this message because you are 
> > subscribed to the Google Groups "Ansible 
> > Project" group. 
> > To unsubscribe from this group and stop 
> > receiving emails from it, send an email to 
> > ansible-proje...@googlegroups.com. 
> > To post to this group, send email to 
> > ansible...@googlegroups.com. 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/4950ba71-0f0d-4630-8c1c-475fc93f8fc2%40googlegroups.com
>  
> > <
> https://groups.google.com/d/msgid/ansible-project/4950ba71-0f0d-4630-8c1c-475fc93f8fc2%40googlegroups.com>.
>  
>
> > For more options, visit 
> > https://groups.google.com/d/optout 
> > <https://groups.google.com/d/optout>. 
> > 
> > -- 
> > You received this message because you are subscribed to 
> > the Google Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails 
> > from it, send an email to 
> ansible-proje...@googlegroups.com. 
> > To post to this group, send email to 
> > ansible...@googlegroups.com. 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com
>  
> > <
> https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com?utm_medium=email&utm_source=footer>.
>  
>
> > For more options, visit 
> > https://groups.google.com/d/optout 
> > &

Re: [ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

Try with command or shell module with cp -f.

On Friday, November 2, 2018 at 2:21:33 PM UTC+5:30, Keshipeddy Anusha wrote:
>
> No change Mohan
> It is not replacing the file
>
> On Fri, Nov 2, 2018, 2:20 PM Mohan L  
> wrote:
>
>> copy module with force yes automatically replace it. Otherwise you may 
>> need to delete it before copy task. 
>>
>> On Thursday, November 1, 2018 at 8:11:53 PM UTC+5:30, Keshipeddy Anusha 
>> wrote:
>>>
>>> Okay got it. Is there any specific module that we can use to replace a 
>>> complete file in remote server? 
>>>
>>> Thank you for your help.
>>>
>>> Thanks,
>>> Anusha
>>>
>>> On Thu, Nov 1, 2018, 8:07 PM Mohan L >>
>>>>
>>>> What is happening when you try to use force: yes? 
>>>>
>>>> *force* 
>>>> bool
>>>>
>>>>*Choices:*
>>>>- no
>>>>- *yes* ←
>>>>
>>>> the default is yes, which will replace the remote file when contents 
>>>> are different than the source. If no, the file will only be 
>>>> transferred if the destination does not exist.
>>>>
>>>> aliases: thirsty
>>>>
>>>> On Thursday, November 1, 2018 at 9:48:27 AM UTC+5:30, Keshipeddy Anusha 
>>>> wrote:
>>>>>
>>>>> How to replace the existing file on remote server should we use 
>>>>> any specific module for that? I tried using force=yes but it didn't work 
>>>>> for me.
>>>>>
>>>>> On Tue, Oct 30, 2018, 5:30 PM >>>>
>>>>>> Thank you Mohan that worked for me
>>>>>>
>>>>>> -- 
>>>>>> You received this message because you are subscribed to the Google 
>>>>>> Groups "Ansible Project" group.
>>>>>> To unsubscribe from this group and stop receiving emails from it, 
>>>>>> send an email to ansible-proje...@googlegroups.com.
>>>>>> To post to this group, send email to ansible...@googlegroups.com.
>>>>>> To view this discussion on the web visit 
>>>>>> https://groups.google.com/d/msgid/ansible-project/4950ba71-0f0d-4630-8c1c-475fc93f8fc2%40googlegroups.com
>>>>>> .
>>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>>>
>>>>> -- 
>>>> You received this message because you are subscribed to the Google 
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send 
>>>> an email to ansible-proje...@googlegroups.com.
>>>> To post to this group, send email to ansible...@googlegroups.com.
>>>> To view this discussion on the web visit 
>>>> https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com
>>>>  
>>>> <https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/b6898b5a-9204-4c27-bded-506194a56cfd%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/b6898b5a-9204-4c27-bded-506194a56cfd%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f963a9e3-56c8-4ebb-a3c7-8b7cbe5b812d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

copy module with force yes automatically replace it. Otherwise you may need 
to delete it before copy task. 

On Thursday, November 1, 2018 at 8:11:53 PM UTC+5:30, Keshipeddy Anusha 
wrote:
>
> Okay got it. Is there any specific module that we can use to replace a 
> complete file in remote server? 
>
> Thank you for your help.
>
> Thanks,
> Anusha
>
> On Thu, Nov 1, 2018, 8:07 PM Mohan L  
> wrote:
>
>>
>> What is happening when you try to use force: yes? 
>>
>> *force* 
>> bool
>>
>>*Choices:*
>>- no
>>- *yes* ←
>>
>> the default is yes, which will replace the remote file when contents are 
>> different than the source. If no, the file will only be transferred if 
>> the destination does not exist.
>>
>> aliases: thirsty
>>
>> On Thursday, November 1, 2018 at 9:48:27 AM UTC+5:30, Keshipeddy Anusha 
>> wrote:
>>>
>>> How to replace the existing file on remote server ....should we use any 
>>> specific module for that? I tried using force=yes but it didn't work for me.
>>>
>>> On Tue, Oct 30, 2018, 5:30 PM >>
>>>> Thank you Mohan that worked for me
>>>>
>>>> -- 
>>>> You received this message because you are subscribed to the Google 
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send 
>>>> an email to ansible-proje...@googlegroups.com.
>>>> To post to this group, send email to ansible...@googlegroups.com.
>>>> To view this discussion on the web visit 
>>>> https://groups.google.com/d/msgid/ansible-project/4950ba71-0f0d-4630-8c1c-475fc93f8fc2%40googlegroups.com
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b6898b5a-9204-4c27-bded-506194a56cfd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: File with variables (template)

[Mohan L]

Did you get any chance to read this template module doc? 
https://docs.ansible.com/ansible/latest/modules/template_module.html

Just read a very basic usage of template 
module: http://www.mydailytutorials.com/ansible-template-module-examples/


If I have a file and the user wants to pass variables for this file 
> (example: http.conf)
>
> should I convert the file to http.conf.j2 ? when copied to the server it 
> will be read as http.conf or http.conf.j2 ?
> where should be the location of this file ? under template folder in 
> ansible project ?
>
> How can i convert my file to .j2 ?
>

Here is example:

- name: Install http configuration file
  template:
src: /path/to/httpd.conf.j2
dest: /etc/httpd/conf/httpd.conf


The template files will usually have the .j2 extension, which denotes the 
Jinja2 templating engine used. You can keep the .j2 file either under your 
role's template directory or template directory under your playbook 
directory. You no need to do any conversion. During the playbook execution, 
the variables in .j2 file will be replaced with the relevant values as long 
as the variables are defined.







-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7016f6cc-9e47-4457-9f68-af7ed16fd211%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

What is happening when you try to use force: yes? 

*force* 
bool

   *Choices:*
   - no
   - *yes* ←
   
the default is yes, which will replace the remote file when contents are 
different than the source. If no, the file will only be transferred if the 
destination does not exist.

aliases: thirsty

On Thursday, November 1, 2018 at 9:48:27 AM UTC+5:30, Keshipeddy Anusha 
wrote:
>
> How to replace the existing file on remote server should we use any 
> specific module for that? I tried using force=yes but it didn't work for me.
>
> On Tue, Oct 30, 2018, 5:30 PM  wrote:
>
>> Thank you Mohan that worked for me
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/4950ba71-0f0d-4630-8c1c-475fc93f8fc2%40googlegroups.com
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/01ef6833-b052-43ff-881e-70ad14e427e6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: WinRM - running ansible on widnows returning error

[Mohan L]

I have not done it manually. 

My be take a look at below article: 
https://www.virtualtothecore.com/en/configuring-windows-machines-for-ansible/

It looks like he was using SolarWinds Remote Execution Enabler for 
PowerShell: 
https://www.solarwinds.com/free-tools/remote-execution-enabler-for-powershell




On Thursday, November 1, 2018 at 4:15:12 PM UTC+5:30, nadim mansour wrote:
>
> is thier another way like doing manual steps or rules.
> The client will not allow us to run the script on his amchines 
> could you please help or advice ?
>
> On Thu, Nov 1, 2018 at 12:38 PM Mohan L > 
> wrote:
>
>>
>> Run this PowerShell script on your windows machine: 
>> https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1
>>
>> That will configure the necessary changes to allow Ansible to connect to 
>> windows. 
>>
>> On Thursday, November 1, 2018 at 3:50:19 PM UTC+5:30, nadim mansour wrote:
>>>
>>> How can I let ansible run on windows node(windows server 2012 machine) ??
>>> I ran the belwo commands on power shell before running the ansible 
>>> script :
>>>
>>>
>>> *netsh advfirewall firewall add rule name="Allow WinRM (Http)" dir=in 
>>> localport=5985 protocol=tcp action=allow enable=yes*
>>> *netsh advfirewall firewall add rule name="Allow WinRM (Https)" dir=in 
>>> localport=5986 protocol=tcp action=allow enable=yes*
>>>
>>>
>>>
>>> I am recieving the below error 
>>>
>>>
>>> fatal: [uat_cdxdb]: UNREACHABLE! => {
>>>
>>> "changed": false, 
>>>
>>> "msg": "ssl: HTTPSConnectionPool(host='10.1.116.151', port=5986): 
>>> Max retries exceeded with url: /wsman (Caused by 
>>> NewConnectionError('>> 0x108cfd450>: Failed to establish a new connection: [Errno 61] Connection 
>>> refused',))", 
>>>
>>> "unreachable": true
>>>
>>> }
>>>
>>>
>>>
>>>
>>>
>>>
>>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/4dde28a7-b35a-4d73-9275-2e249de4b0e1%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/4dde28a7-b35a-4d73-9275-2e249de4b0e1%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/406cae38-7436-4bd9-a2c8-ed45bc94dc21%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: WinRM - running ansible on widnows returning error

[Mohan L]

Run this PowerShell script on your windows machine: 
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

That will configure the necessary changes to allow Ansible to connect to 
windows. 

On Thursday, November 1, 2018 at 3:50:19 PM UTC+5:30, nadim mansour wrote:
>
> How can I let ansible run on windows node(windows server 2012 machine) ??
> I ran the belwo commands on power shell before running the ansible script :
>
>
> *netsh advfirewall firewall add rule name="Allow WinRM (Http)" dir=in 
> localport=5985 protocol=tcp action=allow enable=yes*
> *netsh advfirewall firewall add rule name="Allow WinRM (Https)" dir=in 
> localport=5986 protocol=tcp action=allow enable=yes*
>
>
>
> I am recieving the below error 
>
>
> fatal: [uat_cdxdb]: UNREACHABLE! => {
>
> "changed": false, 
>
> "msg": "ssl: HTTPSConnectionPool(host='10.1.116.151', port=5986): Max 
> retries exceeded with url: /wsman (Caused by 
> NewConnectionError(' 0x108cfd450>: Failed to establish a new connection: [Errno 61] Connection 
> refused',))", 
>
> "unreachable": true
>
> }
>
>
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4dde28a7-b35a-4d73-9275-2e249de4b0e1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Use a loop with_items into a body command of uri ansible module

[Mohan L]

It works to me.  

---

- hosts: all

  tasks:

- name: Generate responce with given status code

  uri: 

url: "https://httpbin.org/post";

method: POST

body_format: json

body: "{ \"codes\": {{ item }} }"

return_content: yes

  with_items:

- 100

- 200

  register: apiresponce




On Monday, October 29, 2018 at 1:06:28 PM UTC+5:30, Alberto Jimenez Lozano 
wrote:
>
> I use a loop with_items, but I want to put the variable into a body of a 
> json and it doesn´t works.
>
>
> - name: Associate subscriptions ak-{{tenant}}-RHEL_7 
> uri:
>url: "
> https:///katello/api/activation_keys/{{ak_id[0]}}/add_subscriptions
> "
>user: "{{user}}"
>password: "{{password}}"
>method: PUT
>return_content: yes
>force_basic_auth: yes
>validate_certs: no
>body_format: json
>body: '{"subscription_id":  "{{item}}" }'
>with_items:
>- 340
>- 343
>status_code: [200,201,202,204,301,401]
>
>
> What is it wrong? -->body: '{"subscription_id":  "{{item}}" }'
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cef2d8bd-d16c-4c07-b090-47175de100c7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Passing variables to a template / jinja2 ??

[Mohan L]

1). Send all your user input to ansible playbook command using —extra-vars. 
You can also pass as json and yaml file. 


Example:  # ansible-playbook  site.yml —extra-vars 
“http_server_root=/var/www/html  http_listen=8080 http_user=apache 
http_group=apache”


https://docs.ansible.com/ansible/2.7/user_guide/playbooks_variables.html#passing-variables-on-the-command-line


2). Create a template for your http.conf file with variable which you are 
passing via —extra-vars. 


http.conf.j2


ServerRoot {{ http_server_root }}

Listen {{ http_listen }}


User {{ http_user }}

Group {{ http_group }}


3). Use template module to copy the config to target. 


- name: Install main configuration file

  template:

src: httpd.conf.j2

dest: /etc/httpd/conf/httpd.conf




On Wednesday, October 31, 2018 at 4:33:37 PM UTC+5:30, nadim mansour wrote:
>
> I have an http.conf where some values will be variables passed by the user 
>
> where should I put the variables and how the file should look can someone 
> advice ?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b3f1ada9--49b1-8d97-9b81304f3b44%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to add a particular module to Ansible than merely doing an Ansible upgrade totally

[Mohan L]

Hi Ranga,

If you can then upgrade to 2.6 version so you get other 2.6 new features.  
If you have any restriction to upgrade from 2.4 to 2.6 then may be you can 
use that specific module as custom module in your playbook library 
directory or role library directory. 

https://docs.ansible.com/ansible/2.5/user_guide/playbooks_best_practices.html#content-organization

https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html#bundling-ansible-modules-with-playbooks

Thanks
Mohan L


On Wednesday, October 31, 2018 at 12:16:21 PM UTC+5:30, rang...@gmail.com 
wrote:
>
> Hi,
> My current version of Ansible is 2.4.3.0
>
> I need the module "gcp_compute_instance" which is introduced in Ansible 
> 2.6 as per documents.
>
> Is there a way I can just only add this package to my current Ansible 
> version or is the only way is to upgrade Ansible totally to 2.6 version.
>
> Regards
>
> Ranga
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/669ac45a-18a8-4019-bcff-6c7eaff44b1a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: ansible vault with ad hoc command line

[Mohan L]

You can create a directory called 'all' under your playbook group_vars 
directory and use 'all' in your ad hoc command. This way the variables 
applied to all the host defined in myhostfile in my example. 

# tree -L 3 /etc/ansible/group_vars

/etc/ansible/group_vars

`-- all

`-- secrets.yml


# ansible -i /etc/ansible/myhostfile all -m file -a "dest=/tmp/hello 
mode=755 state=directory" -u root --ask-vault-pass

Vault password: 

localhost | SUCCESS => {

"changed": false, 

"gid": 0, 

"group": "root", 

"mode": "0755", 

"owner": "root", 

"path": "/tmp/hello", 

"secontext": "unconfined_u:object_r:user_tmp_t:s0", 

"size": 6, 

"state": "directory", 

"uid": 0

}


Have a look at ansible inventory:

https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html

*https://www.digitalocean.com/community/tutorials/how-to-manage-multistage-environments-with-ansible#ansible-recommended-strategy-using-groups-and-multiple-inventories*



On Wednesday, October 31, 2018 at 11:52:29 AM UTC+5:30, Rajendra Rawat 
wrote:
>
> It is working for me now. thanks for the explaining it in detailed.
> it is working for for me after creating the group into 
> /etc/ansible/group_var
>
> I have a doubt, can we achieve the same functionality without creating 
> vault file with same group name which we given in inventory file into  
> /etc/ansible/group_var/?
>   
>
> Thanks & Regards
>
> Rajendra Rawat
>
>
> On Tue, 30 Oct 2018 at 17:06, Mohan L > 
> wrote:
>
>>
>>
>> I have already given you example. You can see If you closely read my 
>> first replay to this thread. Ansible vault works the same way for both 
>> ansible-playbook and ansible command. What ever documented for 
>> ansible-playbook also work with ansible ad hoc if you use vault. You have 
>> spend some time to learn it. Every thing documented well.
>>
>> Here is the step by step example:
>>
>> 1). Create a directory group_vars
>>
>>
>> # mkdir -p /etc/ansible/group_vars
>>
>>
>> 2). Create a variable file with your server user name and password. 
>> Please note this is the username and password which your ansible ad hoc 
>> command going to use to login to your target machine.
>>
>>
>> # vim /etc/ansible/group_vars/myservers.yml
>>
>>
>> ---
>> ansible_user: root 
>> ansible_ssh_pass: toor
>>
>>
>> Save the file with above two variables. You have to change your target 
>> machine username and password.
>>
>>
>> 3). My sample file looks like below after step 2.
>>
>>
>> # cat /etc/ansible/group_vars/myservers.yml 
>> --- 
>> ansible_user: root 
>> ansible_ssh_pass: toor 
>>
>>
>>
>>
>> 4).  *Encrypt the */etc/ansible/group_vars/myservers.yml  file. 
>> The ansible-vault command will prompt you for a password twice (a second 
>> time to confirm the first). Once that's done, the file will be encrypted! 
>> If you edit the file directly, you'll just see encrypted text.
>>
>>
>> # ansible-vault encrypt /etc/ansible/group_vars/myservers.yml 
>>
>> New Vault password:  
>> Confirm New Vault password:  
>> Encryption successful
>>
>>
>>
>> NOTE: You have to use this password with ansible ad hoc command. In my 
>> case I used ‘test123’ as password.
>>
>>
>> 5). You will need to make inventory files for Ansible. An inventory file 
>> lists hosts which you would like to manage and the groups they belong to. 
>> I’ve created inventory file called ‘myhostfile’
>>
>>
>> # vim /etc/ansible/myhostfile
>> [myserver] 
>> localhost
>>
>>
>>
>> NOTE: Here ‘myserver’ is group name and I have only one host which is my 
>> local machine. You need to change localhost to your target machine hostname 
>> or IP address. If you closely notice my group name is ‘myserver’ and vault 
>> file under group_vars directory also same. 
>>
>>
>> 6). Now run your ansible ad hoc command. Here is one ad hoc command which 
>> will create a file /tmp/hello on the target machine.
>>
>>
>>
>> # ansible -i /etc/ansible/myhostfile myservers -m file -a 
>> "dest=/tmp/hello mode=755 state=directory" -u root --ask-vault-pass
>>
>> Vault password:  
>>
>> localhost | SUCCESS => { 
>>
>> "changed": false,  
>>
>> 

[ansible-project] Re: Determine which network a host is on

[Mohan L]

Did you get any chance to through setup module? 

https://docs.ansible.com/ansible/latest/modules/setup_module.html

Synopsis 
 

   
   - This module is automatically called by playbooks to gather useful 
   variables about remote hosts that can be used in playbooks. It can also be 
   executed directly by /usr/bin/ansible to check what variables are 
   available to a host. Ansible provides many *facts* about the system, 
   automatically.






On Tuesday, October 30, 2018 at 11:11:50 PM UTC+5:30, Chris Bidwell wrote:
>
> So I've got a playbook I've written where the config is different 
> depending on the network it resides on.  
>
> How can I determine this and be able to save the network as a variable?  
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6dda0114-1e2c-4034-bf71-f8ac9730970a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: ansible vault with ad hoc command line

[Mohan L]

I have already given you example. You can see If you closely read my first 
replay to this thread. Ansible vault works the same way for both 
ansible-playbook and ansible command. What ever documented for 
ansible-playbook also work with ansible ad hoc if you use vault. You have 
spend some time to learn it. Every thing documented well.

Here is the step by step example:

1). Create a directory group_vars


# mkdir -p /etc/ansible/group_vars


2). Create a variable file with your server user name and password. Please 
note this is the username and password which your ansible ad hoc command 
going to use to login to your target machine.


# vim /etc/ansible/group_vars/myservers.yml


---
ansible_user: root 
ansible_ssh_pass: toor


Save the file with above two variables. You have to change your target 
machine username and password.


3). My sample file looks like below after step 2.


# cat /etc/ansible/group_vars/myservers.yml 
--- 
ansible_user: root 
ansible_ssh_pass: toor 




4).  *Encrypt the */etc/ansible/group_vars/myservers.yml  file. 
The ansible-vault command will prompt you for a password twice (a second 
time to confirm the first). Once that's done, the file will be encrypted! 
If you edit the file directly, you'll just see encrypted text.


# ansible-vault encrypt /etc/ansible/group_vars/myservers.yml 

New Vault password:  
Confirm New Vault password:  
Encryption successful



NOTE: You have to use this password with ansible ad hoc command. In my case 
I used ‘test123’ as password.


5). You will need to make inventory files for Ansible. An inventory file 
lists hosts which you would like to manage and the groups they belong to. 
I’ve created inventory file called ‘myhostfile’


# vim /etc/ansible/myhostfile
[myserver] 
localhost



NOTE: Here ‘myserver’ is group name and I have only one host which is my 
local machine. You need to change localhost to your target machine hostname 
or IP address. If you closely notice my group name is ‘myserver’ and vault 
file under group_vars directory also same. 


6). Now run your ansible ad hoc command. Here is one ad hoc command which 
will create a file /tmp/hello on the target machine.



# ansible -i /etc/ansible/myhostfile myservers -m file -a "dest=/tmp/hello 
mode=755 state=directory" -u root --ask-vault-pass

Vault password:  

localhost | SUCCESS => { 

"changed": false,  

"gid": 0,  

"group": "root",  

"mode": "0755",  

"owner": "root",  

"path": "/tmp/hello",  

"secontext": "unconfined_u:object_r:user_tmp_t:s0",  

"size": 6,  

"state": "directory",  

"uid": 0 

}



NOTE: I used —ask-vault-pass which will prompt you vault password. In my 
case it is ‘test123’ which I used to decrypt the file. Please refer step 4.


You can also save the password in file and pass with --vault-password-file




Hope it help you. If you still have problem then you have to send more 
details about what exactly you are doing.



On Tuesday, October 30, 2018 at 11:39:52 AM UTC+5:30, Rajendra Rawat wrote:
>
> I have gone through the link shared by you but there is no where is it 
> using the vault for ad hoc command. It is using it for playbook.
>
> Request you to please share a example of ping module as I did in 
> my previous email that would be helpful understanding it.
>
> ad-hoc command:
>
> ansible  -m ping 
>
> Please note sshkey is not setup on target host.
>
>
> Thanks & Regards
>
> Rajendra Rawat
>
>
> On Tue, 30 Oct 2018 at 08:21, Mohan L > 
> wrote:
>
>>
>> You have to pass vault password to ansible command not vault file itself. 
>> Vault file stores your secrets/variables in encrypted format and vault 
>> password is used decrypt it. Pass vault password to ansible command.
>>
>>
>> You have read this doc: 
>> https://docs.ansible.com/ansible/2.7/user_guide/vault.html
>>
>> Take a look at the below link as well:
>>
>> https://serversforhackers.com/c/how-ansible-vault-works
>>
>>
>> https://zaiste.net/ansible_vault_storing_sensitive_data_as_encrypted_variables/
>>
>>
>> If your roles or playbooks reference encrypted variables, you need to 
>> have give Ansible the password to decrypt them. Prior Ansible 2.4, You can 
>> do this in two ways:
>>
>>
>> 1). Using the --ask-vault-pass flag will instruct Ansible to ask for the 
>> vault password so it can decrypt the variable files correctly.
>>
>>
>> 2). Using —vault-password-file flag will instruct Ansible to reference 
>> vault password from file. Ansible playbook use the password with in the 
>> reference file to decrypt  vault 

Re: [ansible-project] Re: ansible vault with ad hoc command line

[Mohan L]

You have to pass vault password to ansible command not vault file itself. 
Vault file stores your secrets/variables in encrypted format and vault 
password is used decrypt it. Pass vault password to ansible command.


You have read this doc: 
https://docs.ansible.com/ansible/2.7/user_guide/vault.html

Take a look at the below link as well:

https://serversforhackers.com/c/how-ansible-vault-works

https://zaiste.net/ansible_vault_storing_sensitive_data_as_encrypted_variables/


If your roles or playbooks reference encrypted variables, you need to have 
give Ansible the password to decrypt them. Prior Ansible 2.4, You can do 
this in two ways:


1). Using the --ask-vault-pass flag will instruct Ansible to ask for the 
vault password so it can decrypt the variable files correctly.


2). Using —vault-password-file flag will instruct Ansible to reference 
vault password from file. Ansible playbook use the password with in the 
reference file to decrypt  vault file.


Since Ansible 2.4, there is way to provide a vault password is to use 
the --vault-id option as well.  This allow vault files or vars that are 
encrypted with different passwords can be used at the same time. If your 
roles or playbooks reference encrypted variables, you need to have give 
Ansible the password to decrypt them. Prior Ansible 2.4, You can do this in 
two ways:


1). Using the --ask-vault-pass flag will instruct Ansible to ask for the 
vault password so it can decrypt the variable files correctly.


2). Using —vault-password-file flag will instruct Ansible to reference 
vault password from file. Ansible playbook use the password with in the 
reference file to decrypt  vault file.


Since Ansible 2.4, there is way to provide a vault password is to use 
the --vault-id option as well.  This allow vault files or vars that are 
encrypted with different passwords can be used at the same time.  That what 
Andrew was mentioned on his post. 


 


On Tuesday, October 30, 2018 at 1:04:03 AM UTC+5:30, Rajendra Rawat wrote:
>
> Hi Mohan,
>
> I tried running ad-hoc command as you suggested but it is not working
>
> ansible  -m ping -u   
> --vault-password-file 
>
> where "secret_file" was created with password of 
> ansible-vault create secret_file
> cat secret_file
> 
>
> Output:
>  [WARNING]: Error in vault password file loading (default): A vault 
> password must be specified to decrypt data
> ERROR! A vault password must be specified to decrypt data
>
> Am i doing something wrong?
>
>
> Thanks & Regards
>
> Rajendra Rawat
>
>
> On Mon, 29 Oct 2018 at 21:19, Mohan L > 
> wrote:
>
>> Do you have any problem using vault with ad-hoc??
>>
>> Here is a example of how it works.
>>
>> I have a vault secret file under group_vars like below. You have to use 
>> ansible-vault create.
>>
>> # ansible-vault view group_vars/myserver.yml 
>>
>> Vault password: 
>>
>> ---
>>
>> ansible_user: root
>>
>> ansible_ssh_pass: password1
>>
>>
>> I have my vault password stored in file which look like below:
>>
>> # cat vault_key 
>>
>> myvault@pass
>>
>>
>> I am using ad-hoc command like below and it works. What is your problem?
>>
>> # ansible myserver -m file -a "dest=/tmp/hello mode=755 state=directory" 
>> -u root --vault-password-file vault_key 
>>
>> localhost | SUCCESS => {
>>
>> "changed": false, 
>>
>> "gid": 0, 
>>
>> "group": "root", 
>>
>> "mode": "0755", 
>>
>> "owner": "root", 
>>
>> "path": "/tmp/hello", 
>>
>> "secontext": "unconfined_u:object_r:user_tmp_t:s0", 
>>
>> "size": 6, 
>>
>> "state": "directory", 
>>
>> "uid": 0
>>
>> }
>>
>>
>> Thanks
>> Mohan L
>>
>>
>>
>> On Monday, October 29, 2018 at 6:30:56 PM UTC+5:30, Rajendra Rawat wrote:
>>>
>>> Hi All,
>>>
>>> Is it possible to use ansible-vault with ad-hoc commands.
>>> Use case: I have not setup ssh key and I want to use ping module on 
>>> target machine.
>>>
>>> normal way if we have setup sshkey or pass the text password
>>> 1: ansible  -m ping [if ssh key configured]
>>> 2: ansible  -m ping --extra-vars 
>>> "ansible_user= ansible_password="
>>>
>>> But I want to do this with ansible-vault.
>>> Is it possible ? any help would be appreciated.
>>>
>>> Thanks & Reg

[ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

do you want to copy multiple target like this?

# cat site.yml 

---

- hosts: all

  vars:

file_list:

  - { src: '/tmp/myfiles/file1.txt', dst: '/tmp/target1/file1.txt' }

  - { src: '/tmp/myfiles/file2.txt', dst: '/tmp/target2/file2.txt' }

  - { src: '/tmp/myfiles/file3.txt', dst: '/tmp/target3/file3.txt' }


  tasks:

- name: Copy file to target node

  copy:

src: "{{ item.src }}"

dest: "{{ item.dst }}"

  with_items: "{{ file_list }}"




# ansible-playbook -i hosts site.yml -u root



PLAY [all] 
**


TASK [Gathering Facts] 
**

ok: [localhost]


TASK [Copy file to target node] 
*

ok: [localhost] => (item={u'src': u'/tmp/myfiles/file1.txt', u'dst': 
u'/tmp/target1/file1.txt'})

ok: [localhost] => (item={u'src': u'/tmp/myfiles/file2.txt', u'dst': 
u'/tmp/target2/file2.txt'})

ok: [localhost] => (item={u'src': u'/tmp/myfiles/file3.txt', u'dst': 
u'/tmp/target3/file3.txt'})


PLAY RECAP 
**

localhost  : ok=2changed=0unreachable=0failed=0  
 


On Monday, October 29, 2018 at 10:25:37 PM UTC+5:30, anushake...@gmail.com 
wrote:
>
> Hi,
>
> I am trying to copy multiple files to different locations using 
> with_items. Could someone please help me with this
>
> *vars: main.yml*
>
> wars:
> file1.war
> file2.war
> file3.war
> file4.war
>
> dest_path:
> /tmp/{wars}
>
>
> *tasks- main.yml*
> ---
> - hosts: all
>   name: copy file
> copy: src={{ item.src }} dest={{ item.dest }}
> with_items:
>   - { src: '{{ wars }}', dest: '{{ dest_path }}' }
>
> My idea is file1.war should go to /tmp/file1 folder etc
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/db3a58e4-a982-47a0-8a33-5f9291ff6dcd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Copy multiple files to different locations on remote server

[Mohan L]

Try like this:



# cat site.yml 

---

- hosts: all

  vars:

file_list:

 - file1.txt 

 - file2.txt 

 - file3.txt 

 - file4.txt 


  tasks:

- name: Copy file to target node

  copy:

src: "/tmp/myfiles/{{ item }}"

dest: "/tmp/target/{{ item }}"

  with_items: "{{ file_list }}"



# ls -1 /tmp/myfiles/

file1.txt

file2.txt

file3.txt

file4.txt



# ls -1 /tmp/target/

file1.txt

file2.txt

file3.txt

file4.txt



# ansible-playbook -i hosts site.yml -u root



PLAY [all] 
**


TASK [Gathering Facts] 
**

ok: [localhost]


TASK [Copy file to target node] 
*

ok: [localhost] => (item=file1.txt)

ok: [localhost] => (item=file2.txt)

ok: [localhost] => (item=file3.txt)

ok: [localhost] => (item=file4.txt)


PLAY RECAP 
**

localhost  : ok=2changed=0    unreachable=0failed=0  
 




Thanks
Mohan L

On Monday, October 29, 2018 at 10:25:37 PM UTC+5:30, anushake...@gmail.com 
wrote:
>
> Hi,
>
> I am trying to copy multiple files to different locations using 
> with_items. Could someone please help me with this
>
> *vars: main.yml*
>
> wars:
> file1.war
> file2.war
> file3.war
> file4.war
>
> dest_path:
> /tmp/{wars}
>
>
> *tasks- main.yml*
> ---
> - hosts: all
>   name: copy file
> copy: src={{ item.src }} dest={{ item.dest }}
> with_items:
>   - { src: '{{ wars }}', dest: '{{ dest_path }}' }
>
> My idea is file1.war should go to /tmp/file1 folder etc
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fc4560de-0532-4cd5-8c8e-b9a116557565%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: ansible vault with ad hoc command line

[Mohan L]

Do you have any problem using vault with ad-hoc??

Here is a example of how it works.

I have a vault secret file under group_vars like below. You have to use 
ansible-vault create.

# ansible-vault view group_vars/myserver.yml 

Vault password: 

---

ansible_user: root

ansible_ssh_pass: password1


I have my vault password stored in file which look like below:

# cat vault_key 

myvault@pass


I am using ad-hoc command like below and it works. What is your problem?

# ansible myserver -m file -a "dest=/tmp/hello mode=755 state=directory" -u 
root --vault-password-file vault_key 

localhost | SUCCESS => {

"changed": false, 

"gid": 0, 

"group": "root", 

"mode": "0755", 

"owner": "root", 

"path": "/tmp/hello", 

"secontext": "unconfined_u:object_r:user_tmp_t:s0", 

"size": 6, 

"state": "directory", 

"uid": 0

}


Thanks
Mohan L



On Monday, October 29, 2018 at 6:30:56 PM UTC+5:30, Rajendra Rawat wrote:
>
> Hi All,
>
> Is it possible to use ansible-vault with ad-hoc commands.
> Use case: I have not setup ssh key and I want to use ping module on target 
> machine.
>
> normal way if we have setup sshkey or pass the text password
> 1: ansible  -m ping [if ssh key configured]
> 2: ansible  -m ping --extra-vars "ansible_user= 
> ansible_password="
>
> But I want to do this with ansible-vault.
> Is it possible ? any help would be appreciated.
>
> Thanks & Regards
>
> Rajendra Rawat
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7f859c16-ee20-42fc-9ec4-fa57befbff92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] YAML code to list yum repositories and yum history using yum module.?

[Mohan Ganesan]

I would like to explore yum module in my yaml code.
I am looking for a YAML code to list yum repositories and yum history using 
yum module.
Are the commands yum repolist & yum history built on the yum module?
Please let me know.
Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5f6796a4-23b3-4d79-9bbe-537d1c0ff51f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Learning Ansible

[Mohan Musti]

Hi ,

I am sure this question is already asked . but i couldn`t find the post . I 
wanted to learn from others how they approached to learn and master 
Ansible. any insight is helpful .

As of now i started with resources on ansible site .

Regards ,
Mohan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/49a78567-2ff1-4688-8c3a-060796eb208c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Service Module ERROR : No JSON Could be decoded

[mohan . kaimal]

ansible --version
ansible 2.1.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides


While running the below playbook , i'm getting JSON object error at the 
service stop level . 

---
- hosts: all
  become: yes
  gather_facts: yes

  tasks: 
  
  - name: start conn drain 
command: /etc/init.d/egw drain
ignore_errors: True 

  - uri:
  url: http://{{ ansible_hostname }}:/stats
  return_content: yes  
  register: stats_page
  until: ( "/io/tcp/listening::active = 1"  in stats_page.content ) 
  retries: 60 
  delay: 3 

  - name: Stop the  service 
service: name=egw state=stopped 
ignore_errors: True

===

TASK [Stop the EGW service] **
**
fatal: [xxx.com]: FAILED! => {"changed": false, "failed": true, 
"module_stderr": "", "module_stdout": "\r\nTraceback (most recent call 
last):\r\n  File \"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 
1518, in \r\nmain()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 1480, in 
main\r\n(rc, out, err) = service.modify_service_state()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 311, in 
modify_service_state\r\nreturn self.service_control()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 894, in 
service_control\r\nrc_state, stdout, stderr = self.execute_command(\"%s 
%s %s\" % (svc_cmd, self.action, arguments), daemonize=True)\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 256, in 
execute_command\r\nreturn json.loads(data)\r\n  File 
\"/usr/lib64/python2.6/json/__init__.py\", line 307, in loads\r\nreturn 
_default_decoder.decode(s)\r\n  File 
\"/usr/lib64/python2.6/json/decoder.py\", line 319, in decode\r\nobj, 
end = self.raw_decode(s, idx=_w(s, 0).end())\r\n  File 
\"/usr/lib64/python2.6/json/decoder.py\", line 338, in raw_decode\r\n
raise ValueError(\"No JSON object could be decoded\")\r\nValueError: No 
JSON object could be decoded\r\n", "msg": "MODULE FAILURE", "parsed": false}

Anyone got the same error ? Need help on this

Thank you

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b92aceb5-fb6b-4378-b19c-e4d855e486b2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Service module error : NO JSON object could be decoded

[mohan . kaimal]

ansible --version
ansible 2.1.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides


While running the below playbook , i'm getting JSON object error at the 
service stop level . 

---
- hosts: all
  become: yes
  gather_facts: yes

  tasks: 
  
  - name: start conn drain 
command: /etc/init.d/egw drain
ignore_errors: True 

  - uri:
  url: http://{{ ansible_hostname }}:/stats
  return_content: yes  
  register: stats_page
  until: ( "/io/tcp/listening::active = 1"  in stats_page.content ) 
  retries: 60 
  delay: 3 

  - name: Stop the EGW service 
service: name=egw state=stopped 
ignore_errors: True

===

TASK [Stop the EGW service] 

fatal: [g2axpilotegw1.sba.expertcity.com]: FAILED! => {"changed": false, 
"failed": true, "module_stderr": "", "module_stdout": "\r\nTraceback (most 
recent call last):\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 1518, in 
\r\nmain()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 1480, in 
main\r\n(rc, out, err) = service.modify_service_state()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 311, in 
modify_service_state\r\nreturn self.service_control()\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 894, in 
service_control\r\nrc_state, stdout, stderr = self.execute_command(\"%s 
%s %s\" % (svc_cmd, self.action, arguments), daemonize=True)\r\n  File 
\"/tmp/ansible_Hg86yp/ansible_module_service.py\", line 256, in 
execute_command\r\nreturn json.loads(data)\r\n  File 
\"/usr/lib64/python2.6/json/__init__.py\", line 307, in loads\r\nreturn 
_default_decoder.decode(s)\r\n  File 
\"/usr/lib64/python2.6/json/decoder.py\", line 319, in decode\r\nobj, 
end = self.raw_decode(s, idx=_w(s, 0).end())\r\n  File 
\"/usr/lib64/python2.6/json/decoder.py\", line 338, in raw_decode\r\n
raise ValueError(\"No JSON object could be decoded\")\r\nValueError: No 
JSON object could be decoded\r\n", "msg": "MODULE FAILURE", "parsed": false}


Any pointer's on the same ? 

Thank you







-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/dbd04e6d-5980-4f36-b95e-21a62a77c968%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] local_action calling python script in ansible 2.1

[Mohan L]

Hi All,

I am using the below code with Ansible 1.9 and works well:

- name: Gether Info 
  local_action: Infos.py host={{ hostname }} user={{ username }} 
password={{ mypassword }} vm_name={{ myhostname }}

All the above variables coming from Ansible Vault file.  I upgraded my 
Ansible version to 2.1 and it is not working.  Can some one through light 
on the issue?

Thanks
Mohan L

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c810a020-9d76-44b4-8cc0-d1a99a9464e9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Register command output with_items

[Srividhya Mohan]

Hi John

Do you mind sharing your playbook with me? So that I can take a look at the 
code.

Thanks
Sri

On Sunday, May 1, 2016 at 4:57:22 AM UTC-4, John Buxton wrote:
>
> Sri,
> It would help if the your output matched the playbook you are running.
> Your problem task isn't even in your test playbook!
>  
>
>> TASK: [debug msg="{{ 
>> echo_output.results|map(attribute='stdout_lines')|list}}"] ***
>> ok: [127.0.0.1] => {
>> "msg": "[Undefined, Undefined]"
>> }
>>
>
> Anyway, this works for me on stable-2.0.0.1 on centos 7.
> I get the output below, which is probably what you are expecting:
>
> ok: [t1] => {
> "msg": [
> [
> "hi"
> ], 
> [
> "hello"
> ]
> ]
> }
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8c8ab6f0-f797-4d9c-98e1-c8668eba7614%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Register command output with_items

[Srividhya Mohan]

Hi

I have the following in my playbook

- hosts: localhost
  tasks:
- name: echo output
  command: echo {{item}}
  register: echo_output
  with_items:
 - hi
 - hello


- debug: msg="{{ echo_output.results}}"

 
When I run this playbook, I am getting the following

RES1SMOHANAS-M1:ansible-portal_platform smohanasundaram$ ansible-playbook 
-i inventory/sriDev.ini -c local 
portal_platform_liferay_patches_prestage.yml
 [WARNING]: The `prettytable` python module is not installed. Disabling the
HipChat callback plugin.

 [WARNING]: HipChat token could not be loaded. The HipChat token can be
provided using the `HIPCHAT_TOKEN` environment variable.


PLAY [localhost] 
**

GATHERING FACTS 
***
ok: [127.0.0.1]

TASK: [echo output] 
***
changed: [127.0.0.1] => (item=hi)
changed: [127.0.0.1] => (item=hello)

TASK: [debug msg="{{ echo_output.results}}"] 
**
ok: [127.0.0.1] => {
"msg": "[{u'stdout': u'hi', u'changed': True, u'end': u'2016-04-28 
10:14:19.487867', u'start': u'2016-04-28 10:14:19.465853', u'cmd': 
[u'echo', u'hi'], u'rc': 0, 'item': 'hi', u'stderr': u'', u'delta': 
u'0:00:00.022014', 'invocation': {'module_name': u'command', 'module_args': 
u'echo hi'}, u'warnings': []}, {u'stdout': u'hello', u'changed': True, 
u'end': u'2016-04-28 10:14:19.710345', u'start': u'2016-04-28 
10:14:19.688217', u'cmd': [u'echo', u'hello'], u'rc': 0, 'item': 'hello', 
u'stderr': u'', u'delta': u'0:00:00.022128', 'invocation': {'module_name': 
u'command', 'module_args': u'echo hello'}, u'warnings': []}]"
}

TASK: [debug msg="{{ echo_output.results|map(attribute='stdout')|list}}"] 
*
ok: [127.0.0.1] => {
"msg": "[u'hi', u'hello']"
}

TASK: [debug msg="{{ 
echo_output.results|map(attribute='stdout_lines')|list}}"] ***
ok: [127.0.0.1] => {
"msg": "[Undefined, Undefined]"
}

PLAY RECAP 

127.0.0.1  : ok=5changed=1unreachable=0failed=0
'

Looks like stdout_lines is not present in the "echo_output.results". Please 
let me know what could be wrong here.

Thanks
Sri

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5bd07783-4300-4dcf-8d26-041e94cc2508%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Roles with tags not respecting the tag, Instead playing all the tast defined

[Vijay Mohan]

Here is my play book:

- name: Install MySQL with replication
  hosts: mysql-master:mysql-slave
  user: root
  sudo: false
  roles:
- common
- admin-users
- generic-directories
- { role: iptables, tags: [ 'mysql-iptables'] }
- mysql


I have ip tables tasks for different ports, I want to run the task depending on 
the group of servers. I have tagged the iptables task based on the group. 

When i ran the play book instead of playing the tagged task, its run through 
all the tasks defined in iptables role.

Please let me know if am doing anything wrong here.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/12942fe7-f5af-4459-a459-2bcffa49f097%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] What is the proper way to check for required variables?

[Vijay Mohan]

Hi Guys,

I am trying to force the ansible play to check againt the command line 
variable, here is my "check-requirement.yml" and required_var:

- fail: msg="Bailing out this play requires '{{ item }}'"
  when: item is not defined
  with_items: required_vars

I have set default/main.yml with following line:

required_vars:
  - env

Now when i run the play book without env, its skipping rather than failing: 
Please help me to fix this..

Here is the message:

root@test-server-s01:~/ranker-orchestration/roles# ansible-playbook 
 tomcat-role-test.yml

PLAY [localhost] 
**

GATHERING FACTS 
***
ok: [localhost]

TASK: [tomcat | fail msg="Bailing out this play requires '{{ item }}'"] 
***
skipping: [localhost] => (item=env)

TASK: [tomcat | Update apt cache] 
*
ok: [localhost]

TASK: [tomcat | Install Tomcat 7] 
*
ok: [localhost]

TASK: [tomcat | Configure tomcat memory/java_home configuration] 
**
ok: [localhost]

TASK: [tomcat | Configure tomcat server configuration, port, connections 
ssl etc] ***
ok: [localhost]

PLAY RECAP 

localhost  : ok=6changed=0unreachable=0failed=0


On Wednesday, May 21, 2014 at 3:11:13 PM UTC-7, Michael DeHaan wrote:
>
> error_on_undefined_variables is the default in ansible.cfg
>
> I *STRONGLY* recommend leaving that setting on.
>
> Then the whole "|mandatory" thing is also not required.
>
> It's there because very old ansible didn't require variables to be defined 
> by default, now it does, so many upgraders may just wish to change the 
> setting.
>
>
>
>
> On Wed, May 21, 2014 at 5:10 AM, 'Petros Moisiadis' via Ansible Project <
> ansible...@googlegroups.com > wrote:
>
>>  On 05/21/2014 11:37 AM, Andrew Pashkin wrote:
>>  
>> Thanks for the tips, didnt know about both!
>>
>> What if I want to "declare" variables somewhere, to tell user about what 
>> he can use, but leave that variables "undefined" so they will fail is 
>> defined test? What people usually do in this situations?
>> I want to make file like required_vars.yml and put all required 
>> variables there, and then do something like this:
>>  
>> - name: check required variables
>>   fail: msg="Variable '{{ item }}' is not defined" 
>>   when: item is defined 
>>   with_items: 
>> - include: required_vars.yml
>>
>> Is there way to do this?
>>
>>
>> You can put in the required_vars.yml file:
>> ---
>> required_vars:
>>   - myvar1
>>   - myvar2
>>
>> Then, in the playbook:
>> ---
>> - hosts: myhosts
>>   vars_files:
>> - /path/to/required_vars.yml
>>   tasks:
>> - fail: msg="Variable '{{ item }}' is not defined"
>>   when: item not in hostvars[inventory_hostname]
>>   with_items: required_vars
>>
>> Normally, you would also want to document the structure of your vars, so 
>> I would suggest you to write a 'readme' file with example definitions of 
>> the all possible variables, both mandatory and non-mandatory.
>>
>>
>>  On 21.05.2014 11:02, 'Petros Moisiadis' via Ansible Project wrote:
>>  
>> On 05/21/2014 08:24 AM, Andrew Pashkin wrote:
>>
>>  I want to make my playbook in a way where process will fail with an
>> error if user was not provided required parameters, what is the way to
>> do that in Ansible?
>>
>>
>>  The default behavior is to fail if using a variable that is not defined.
>> There is also a configuration option that disables this, and then you
>> can use "{{ myvar | mandatory }}" to explicitly have the same effect.
>> Keep in mind, though, that the failure occurs when reaching a task that
>> uses an undefined variable. If you want to fail before any task is
>> executed, you could add another task at the top of your tasks that fails
>> if a mandatory variable is not defined. For example:
>>
>> tasks:
>>- fail: msg="Variable '{{ item }}' is not defined"
>>  when: item not in hostvars[inventory_hostname]
>>  with_items:
>>- myvariable1
>>- myvariable2
>>
>>
>>  
>> -- 
>> With kind regards, Andrew Pashkin.
>> cell phone - +7 (985) 898 57 59
>> Skype - waves_in_fluids
>> e-mail - andrew@gmx.co.uk 
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/537C65DE.3070404%40gmx.co.uk
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>>
>>  -- 
>> You 

Re: [ansible-project] Bug - RDS ansible module cannot change security_group if rds instance within VPC

[Mohan Krishnan]

Don't mean to bug (pun intended) - but I am pretty keen on getting a fix 
for this in. 

What do you think would be the best way forward ? If you feel the concern I 
raise is not really valid, I am fine creating a pull request for a diff 
that solely supresses any subnet value when doing a command="modify"

Thanks!

Mohan

On Thursday, 26 December 2013 10:47:49 UTC+8, Mohan Krishnan wrote:
>
> Although that would work, it might lead to folks setting the subnet 
> argument and expecting to actually have an effect, but if we are just 
> dropping it off - you would have successful runs without the expected 
> result. We could probably add a warning message, but this also changes how 
> invalid arguments are dealt with in all other cases (It errors out). 
>
> Having said that, I am keen on getting this fixed soon, so if we are ok 
> with the above concerns, I'll make the necessary changes to the pull 
> request and resubmit.
>
>
> On Tuesday, 24 December 2013 00:58:18 UTC+8, Michael DeHaan wrote:
>>
>> Seems like the solution is to not send the "subnet" parameter when it's 
>> going to be invalid?
>>
>>
>>
>>
>> On Sun, Dec 22, 2013 at 7:53 AM, Mohan Krishnan  wrote:
>>
>>> Hello,
>>>
>>> The code relies on the "subnet" argument  being set to determine if the 
>>> RDS instance is within a VPC. If it is, it switches the "security_groups" 
>>> argument (when provided) from security_groups to vpc_security_groups in 
>>> the underlying boto call. This works fine for the command=create case.
>>>
>>> However in the command=modify case, the "subnet" argument is considered 
>>> invalid (As the AWS API  does not allow for subnet modification of a  
>>> provisioned 
>>> instance). This results in the security_groups parameter always being 
>>> treated 
>>> as  a non-VPC security group, even when it is.
>>>
>>> The underlying boto library uses two separate  arguments for when the 
>>> security group is part of a vpc (vpc_security_groups) and for when it 
>>> is not (security_groups). I feel replicating this separation is probably 
>>> the simplest and most  explicit way of solving this issue.
>>>
>>> This pull request implements the separation - 
>>> https://github.com/ansible/ansible/pull/5389
>>>
>>> The downside is it does introduce a backward incompatible change to the 
>>> arguments if you use a VPC based rds. Instead of using security_groups you 
>>> will now need to use vpc_security_groups. 
>>>
>>> What do you guys think ?
>>>
>>> Mohan
>>>  
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>
>>
>>
>> -- 
>> Michael DeHaan 
>> CTO, AnsibleWorks, Inc.
>> http://www.ansibleworks.com/
>>
>>  

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [ansible-project] Bug - RDS ansible module cannot change security_group if rds instance within VPC

[Mohan Krishnan]

Although that would work, it might lead to folks setting the subnet 
argument and expecting to actually have an effect, but if we are just 
dropping it off - you would have successful runs without the expected 
result. We could probably add a warning message, but this also changes how 
invalid arguments are dealt with in all other cases (It errors out). 

Having said that, I am keen on getting this fixed soon, so if we are ok 
with the above concerns, I'll make the necessary changes to the pull 
request and resubmit.


On Tuesday, 24 December 2013 00:58:18 UTC+8, Michael DeHaan wrote:
>
> Seems like the solution is to not send the "subnet" parameter when it's 
> going to be invalid?
>
>
>
>
> On Sun, Dec 22, 2013 at 7:53 AM, Mohan Krishnan 
> > wrote:
>
>> Hello,
>>
>> The code relies on the "subnet" argument  being set to determine if the 
>> RDS instance is within a VPC. If it is, it switches the "security_groups" 
>> argument (when provided) from security_groups to vpc_security_groups in 
>> the underlying boto call. This works fine for the command=create case.
>>
>> However in the command=modify case, the "subnet" argument is considered 
>> invalid (As the AWS API  does not allow for subnet modification of a  
>> provisioned 
>> instance). This results in the security_groups parameter always being 
>> treated 
>> as  a non-VPC security group, even when it is.
>>
>> The underlying boto library uses two separate  arguments for when the 
>> security group is part of a vpc (vpc_security_groups) and for when it is 
>> not (security_groups). I feel replicating this separation is probably the 
>> simplest and most  explicit way of solving this issue.
>>
>> This pull request implements the separation - 
>> https://github.com/ansible/ansible/pull/5389
>>
>> The downside is it does introduce a backward incompatible change to the 
>> arguments if you use a VPC based rds. Instead of using security_groups you 
>> will now need to use vpc_security_groups. 
>>
>> What do you guys think ?
>>
>> Mohan
>>  
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com
>> .
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>
>
>
> -- 
> Michael DeHaan >
> CTO, AnsibleWorks, Inc.
> http://www.ansibleworks.com/
>
>  

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[ansible-project] Bug - RDS ansible module cannot change security_group if rds instance within VPC

[Mohan Krishnan]

Hello,

The code relies on the "subnet" argument  being set to determine if the RDS 
instance is within a VPC. If it is, it switches the "security_groups" 
argument (when provided) from security_groups to vpc_security_groups in the 
underlying boto call. This works fine for the command=create case.

However in the command=modify case, the "subnet" argument is considered 
invalid (As the AWS API  does not allow for subnet modification of a  
provisioned 
instance). This results in the security_groups parameter always being treated 
as  a non-VPC security group, even when it is.

The underlying boto library uses two separate  arguments for when the 
security group is part of a vpc (vpc_security_groups) and for when it is 
not (security_groups). I feel replicating this separation is probably the 
simplest and most  explicit way of solving this issue.

This pull request implements the separation - 
https://github.com/ansible/ansible/pull/5389

The downside is it does introduce a backward incompatible change to the 
arguments if you use a VPC based rds. Instead of using security_groups you 
will now need to use vpc_security_groups. 

What do you guys think ?

Mohan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.