Re: [ansible-project] Ansible templates. Joining item vars on one line with static text.

[Will McDonald]

There may be more elegant ways to achieve this, but I had a similar
requirement from some Eventstore config a while back and ended up with a
construct like:

# Construct each GossipSeed from ansible_play_hosts minus the inventory_host
{%- set seeds = [] %}
{%- for host in ansible_play_hosts %}
  {%- if host != inventory_hostname %}
{{ seeds.append(hostvars[host]['ansible_host'] ~ ':2113') }}
  {%- endif %}
{%- endfor %}

GossipSeed: {{ seeds | join(',') }}

In your case you could maybe do something like (untested):

# Construct list of LDAP server URIs
{%- set ldap_sever_list = [] %}
{%- for server in ldapservers %}
{{ ldap_sever_list.append('ldap://' ~ server ~ '/') }}
{%- endfor %}

URI: {{ ldap_server_list | join(',') }}


On Sun, 18 Aug 2024 at 14:45, Michael Starling 
wrote:

> Hello.
>
> Consider I have this variable list that can contain as little as 1 and up
> to 4 items.
>
> ldapservers:
> - server1
> - server2
>
>
> Consider this line in my ldap.conf template.
>
> URI ldap://{{ ldapservers(' ') }}/
>
>
> I would like the resulting file to look like this:
>
> URI ldap://server1/ ldap://server2/
>
> I know I can use "join" with something like this, but how do I keep the
> "URI" the " ldap://"; and the trailing "/" consistent without adding them to
> the variable.
>
> URI ldap://{{ ldap_srv_fqdn|join(' ') }}/
>
> Thanks in advance.
>
> Mike
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAD8F6EndrOwpvRuOYWXauBQQ4xUs7-piNzwzNT1867AtaZLXmg%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRtu2ODVg%3DzPrRQC-L%2BbGA5eBm9juapG732GtrkdoL-_Q%40mail.gmail.com.

Re: [ansible-project] Using Vault in microsoft.ad.ldap.yml

[Will McDonald]

From:
https://docs.ansible.com/ansible/latest/collections/microsoft/ad/ldap_inventory.html#parameter-username
And:
https://docs.ansible.com/ansible/latest/collections/microsoft/ad/ldap_inventory.html#parameter-password

If you set both:

MICROSOFT_AD_LDAP_USERNAME
MICROSOFT_AD_LDAP_PASSWORD

e.g.:
$ export MICROSOFT_AD_LDAP_USERNAME=read_only_user
$ export MICROSOFT_AD_LDAP_PASSWORD=Hugely_Complicated_Password

Then those should be consumed by the plugin. If your password has
metacharacters, you'll need to figure out the right combination of
quoting/escaping too to ensure they're ingested correctly?

If you read the examples in the plugin docs, they also show some lookups
being used to populate the config, you could potentially tweak that to pull
from an Ansible vault.


On Mon, 17 Jun 2024 at 14:59, 'Caroline Kiel' via Ansible Project <
ansible-project@googlegroups.com> wrote:

> Hi everyone,
> I searched this list but couldn't find a valid answer.
>
> I want to use the MS plugin microsoft.ad.ldap.yml inside a playbook.
> As long, as I enter the LDAP username and password as clear text in the
> yml, everything runs smooth.
> But, of course, this is not an option for production, so I'm looking for a
> way to store the password in a vault file.
> Unfortunately, I can't get it to work using variables at all.
> There is a hint that one can use environment variables, but I'm really
> struggling.
>
> Does anyone have a hint for me?
> Thank you very much in advance,
> Caroline
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/abf15b06-b028-4c33-a9ec-7a5e70ad5e2en%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTi%3D6ypTV5AtUF0eZsH81O_5ok1fGccpR2DuuyQ6bZN7Q%40mail.gmail.com.

Re: [ansible-project] How to access the playbook execution log file at run time?

[Will McDonald]

If you're running Job Templates in AWX you might want to look into
Notification Templates (
https://ansible.readthedocs.io/projects/awx/en/latest/userguide/notifications.html),
and specifically Email (
https://ansible.readthedocs.io/projects/awx/en/latest/userguide/notifications.html#email
)

You could also look into callback plugins (
https://docs.ansible.com/ansible/latest/plugins/callback.html#example-callback-plugins
)

On Sun, 16 Jun 2024 at 15:56, Luiz Gustavo  wrote:

> Hey guys,
>
> How to access the playbook execution log file at run time? I would need to
> email it after running the playbook.
>
> For example, a simple playbook:
>
> ---
> - hosts: localhost
>   tasks:
>   - name: "display message"
> debug:
>   msg: "Hello"
>
> I would need to email the execution output:
>
>
>
>
>
>
>
>
>
>
>
>
> *PLAY [localhost]
> *TASK
> [Gathering Facts]
> ***ok:
> [localhost]TASK [display message]
> ***ok:
> [localhost] => {"msg": "Hello"}PLAY RECAP
> ***localhost
>  : ok=2changed=0unreachable=0failed=0
>  skipped=0rescued=0ignored=0   *
>
> PS.:
> I cannot set the ANSIBLE_LOG_PATH environment variable before executing
> the playbook because the execution will be done through AWX and not through
> the command line.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL-Q%3DKvUjWhhAE5mmhpU8r8FSS0EzkzKH-zGivBLf3%2BjZqq65Q%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQPSyOmOQPN80nRTndRWARbuxBajJLoDdo8nSD45xQ_hQ%40mail.gmail.com.

Re: [ansible-project] Set variable based on a file's string search

[Will McDonald]

I suspect the broad notion that shell == bad and native statements == good
is probably just conflation/extrapolation. And human nature :)

The generally received wisdom when I was taught Ansible by Ansible folk was
native modules > command > shell.

Note this is not 'no shell at any costs', but rather, try and avoid shell
because it can be fragile with globbing, expansion, unexpected behaviour
with weird file names etc.

Second thought, on this topic is you could collapse the shell to command
here like so:

  - name: Collect server location command
ansible.builtin.command: /bin/awk '/{{ inventory_hostname }}/ { print
$3 }' {{ server_list_file}}
register: command_result
changed_when: ( command_result.rc != 0 )

And finally, while the general pattern probably fits your purposes Alex, it
kinda feels like getting stuff that might more naturally be considered
inventory information from flat/static files?  That's probably totally cool
for your current needs but I'd potentially think about exposing location as
a fact, either through inference from dynamic inventory/inventory plugins,
or baking into custom facts so the host can report its location (though you
might have some chicken-and-egg constraints guiding you down your current
path.)


On Thu, 7 Mar 2024 at 17:42, Alex Wanderley 
wrote:

> Thanks a lot for the insights, Tod. Very appreciated...
> And suggestions as well. I'll give them a try.
>
> I'm still in an Ansible learning process and  sometimes I also come upon
> that curiosity of yours...
> How come the notion of avoiding shell "at all cost" exists even for very
> specific situations, like this one.
> That's why I, based on the "no shell" assumption, tried to make my
> playbook better.
>
> Regards,
>
> Alex
>
> On Thu, Mar 7, 2024 at 9:54 AM Todd Lewis  wrote:
>
>> I'm curious how these notions caught on that very clearly expressed shell
>> expressions are inherently "bad", and that unfathomably complex jinja2
>> expressions are inherently "better".
>>
>> I seriously doubt you're going to find a more maintainable, all-Ansible
>> expression to accomplish what you're doing.
>>
>> However, I would suggest a couple alterations.
>> (A) I'd make that "changed_when:" into a "failed_when:", and
>> (B) I'd add "changed_when: false" (because it doesn't ever change
>> anything).
>> (C) I might also add a "vars:" to your set_fact task that maps
>> "location[XYZ]" to your smtp.conf expressions:
>>
>>   vars:
>> locmap:
>>   locationX: snmpd.conf-X
>>   locationY: snmpd.conf-Y
>>   locationZ: snmpd.conf-Z
>>
>> Then your set_fact becomes "snmpd_conf: '{{
>> locmap[grep_result.stdout_lines[0]] }}'
>> That way you don't have to change "code" to update your location map data.
>>
>> On 3/7/24 11:02 AM, Alex Wanderley wrote:
>>
>> Hello,
>>
>> (And apologies if this is something too trivial...)
>>
>> I have a working playbook that searches and collects a string from a file
>> and, based on that string, sets another variable.
>> But I'm retrieving the string using grep/awk:
>>
>> - name: Collect server location
>>   ansible.builtin.shell: "/bin/grep {{ inventory_hostname }} {{
>> server_list_file }} | /bin/awk '{print $3}'"
>>   register: grep_result
>>   changed_when: ( grep_result.rc != 0 )
>>
>> "{{ server_list_file }}" points to a file that looks like this:
>> serverAflavorlocationXowner
>> serverBflavorlocationYowner
>> serverCflavorlocationZowner
>>
>> For completeness, this is how I'm using "grep_result":
>> - name: Set snmpd config file
>>   ansible.builtin.set_fact:
>>   snmpd_conf: "{% if grep_result.stdout == 'locationX' %}snmpd.conf-X\
>>{% elif grep_result.stdout == 'locationY' %}snmpd.conf-Y\
>>{% else %}snmpd.conf-Z\
>>{% endif %}"
>>
>> How could I, as simply as using the command/shell modules, accomplish the
>> same results without resourcing to shell commands?
>>
>> Thanks a lot,
>>
>> Alex
>>
>> --
>>
>>
>>
>> [image: Edmonton_sig_RGB_S.jpg]
>>
>> Alex Wanderley
>>
>> Application and Infrastructure Analyst II Server Solutions & Automation
>>
>> Financial and Corporate Services | Open City and Technology
>>
>>
>>
>> 780-496-4156  Office
>>
>> 780-819-0273  Mobile
>>
>>
>>
>> City of Edmonton
>>
>> Century Place, 19th Floor
>>
>> 9803 102A Avenue NW
>>
>> Edmonton AB, T5J 3A3
>>
>>
>>
>> All information contained in this email post is proprietary to the City
>> of Edmonton, confidential and intended only for the addressed recipient. If
>> you have received this post in error, please disregard the contents, inform
>> the sender of the misdirection, and remove it from your system. The
>> copying, dissemination or distribution of this email, if misdirected, is
>> strictly prohibited.
>>
>> *The contents of this message and any attachment(s) are confidential,
>> proprietary to the City of Edmonton, and are intended only for the
>> addressed recipient. If you have received this in error, please disr

Re: [ansible-project] syntax error in crontab

[Will McDonald]

What Todd said. Worth mentioning that using ansible.builtin.cron might be
slightly cleaner, although you do still have the same quoting/escaping
concerns with the job specification.

Also worth mentioning that using {{ 59|random }} & {{ 23|random }} will
result in a CHANGED every time you run the play or role. You can still get
a pseudo-random variation in cronjob execution timing but consistency
across runs using something like:

{{ range(0,59) | random(seed=inventory_hostname) }}

On Tue, 23 Jan 2024 at 12:21, Todd Lewis  wrote:

> To get the literal backslashes in the crontab file, you need to escape the
> backslashes ("\\") in your double-quoted YAML string.
>
> Alternatively, you could change your double-quoted string to a
> single-quoted string, because backslashes aren't "special" in single-quoted
> strings. If you do that, you'll also need to double the single quotes to
> get literal single quotes — i.e. '*.gz' becomes ''*.gz'' etc.
> (Double-quoted strings and single-quoted strings have completely different
> rules.)
>
> Another alternative is to change your string to a "block scalar" (
> https://yaml-multiline.info/) where all quotes and backslashes are not
> "special":
>
>   line: |
> {{ 23|random }} * * * find /var/ossec/logs/ \( -name '*.gz' -o -name 
> '*.json' -o -name '*.log' \) -type f -mtime +2 -delete; find /var/ossec/logs 
> -type d -empty -delete
>
>
> On 1/23/24 6:10 AM, Kathy L wrote:
>
> Good morning. I am updating a cron job by replacing a line in the crontab
> file.  My error comes when I use the "\" (see below) to escape the "(".
> Using the escape character  works on the command line but Ansible keeps
> giving me a syntax error.  Here is my code:
>
> - name: Check for cron job to remove wazuh logs
>   lineinfile:
> path: "{{ cron_job_path[ansible_distribution] }}"
> regexp: "find /var/ossec/logs"
> line: "{{ 59|random }} {{ 23|random }} * * * find /var/ossec/logs/ \(
> -name '*.gz' -o -name '*.json' -o -name '*.log' \) -type f -mtime +2
> -delete; find /var/ossec/logs -type d -empty -delete"
>state: present
>
> With this code, Ansible states "this one looks like it might be an issue
> with missing quotes".
>
> I need to escape the "(" for it to work in crontab/bash command line.
> When I delete the "\" characters the Ansible error goes away, but of course
> it does not work in crontab/bash.
>
> I've tried using " around each of the commands but that doesn't work
> either.
>
> Does anyone see where I have gone wrong?
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f429e6ef-61e7-481a-90e1-69dd0504c63an%40googlegroups.com
> 
> .
>
>
> --
> Todd
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c00fb20a-2796-4e46-9b40-38645d9ba622%40gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRNAzd-a1BQtZUwzsJ7sqQ6xXffmRc%2BMescAn5DS9QBbw%40mail.gmail.com.

Re: [ansible-project] Print Data Based On Size In Given Server [need no_of_vols]

[Will McDonald]

p('combine')
>   }}
>
> - name: Create table storage_device
>   ansible.builtin.set_fact:
> storage_device: |
>{% set sd = [] %}
>{% for sn in server_names %}
>{%   set capacity = [] %}
>{%   for sc in   scu | selectattr('servername', 'eq', sn) 
> | map(attribute='scu') | sort | unique %}
>{%  set no_of_vols = scu | selectattr('servername', 'eq', sn) 
> | selectattr('scu', 'eq', sc) | length %}
>{%  set size   =(scu | selectattr('servername', 'eq', sn) 
> | selectattr('scu', 'eq', sc) | first)['size'] %}
>{%  set cap_unit   =(scu | selectattr('servername', 'eq', sn) 
> | selectattr('scu', 'eq', sc) | first)['cap_unit'] %}
>{%  set _ = capacity.append({"no_of_vols": no_of_vols,
> "size":   size,
> "cap_unit":   cap_unit}) %}
>{%   endfor %}
>{%   set _ = sd.append({"servername": sn, "capacity": capacity}) %}
>{% endfor %}{{ sd }}
>
>
>
> On 12/18/23 8:37 AM, javed khan Siddque wrote:
>
> I have a input
> "storage_details_test_capacity": [
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "10"
>   },
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "11"
>   },
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "11"
>   },
>   {
> "cap_unit": "GB",
> "servername": "server2",
> "size": "12"
>   },
>   {
> "cap_unit": "GB",
> "servername": "server2",
> "size": "13"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "15"
>   }
> ]
> 
>
>
>
>
>
> => I want generate ' storage_device' variable which give me below data
> [capacity of server with no_of_vols].
> -
> storage_device:
>   - servername: server1
> capacity:
>   - no_of_vols: 1   # how many 10 GB for  server1
> size: 10
> cap_unit: GB
>   - no_of_vols: 2
> size: 11
> cap_unit: GB
>   - server: server2
> capacity:
>   - no_of_vols: 1  # how many 12 GB for  server2
> size: 12
> cap_unit: GB
>   - no_of_vols: 1
> size: 13
> cap_unit: GB
>   - servername: ''   # how many 10 GB for  ''
> capacity:
>   - no_of_vols: 3
> size: 14
> cap_unit: GB
>   - no_of_vols: 1
> size: 15
> cap_unit: GB
>
> On Monday, December 18, 2023 at 6:56:29 PM UTC+5:30 Will McDonald wrote:
>
>> It's not 100% clear to me from your sample data exactly what you're
>> trying to achieve.
>>
>> Reading between the lines though, for each server, you want to calculate
>> the number of volumes?
>>
>> What do you want to count as a 'volume'? Each block device? Partition?
>> PV? LV? Filesystem? Something else?
>>
>> And do you need to do this using a statically defined var, or is that
>> just illustrative? It's highly likely that you can pull the data you need
>> from setup/facts and calculate the values you need based on that.
>>
>>
>> On Mon, 18 Dec 2023 at 12:56, javed khan Siddque 
>> wrote:
>>
&g

Re: [ansible-project] Print Data Based On Size In Given Server [need no_of_vols]

[Will McDonald]

It's not 100% clear to me from your sample data exactly what you're trying
to achieve.

Reading between the lines though, for each server, you want to calculate
the number of volumes?

What do you want to count as a 'volume'? Each block device? Partition? PV?
LV? Filesystem? Something else?

And do you need to do this using a statically defined var, or is that just
illustrative? It's highly likely that you can pull the data you need from
setup/facts and calculate the values you need based on that.


On Mon, 18 Dec 2023 at 12:56, javed khan Siddque <
javedkhansiddi...@gmail.com> wrote:

> i want to print Data Based On Size In Given Server and generate the
> 'no_of_vols'.
> storage_device:
>   - servername: server1
> capacity:
>   - no_of_vols: 1
> size: 10
> cap_unit: GB
>   - no_of_vols: 2
> size: 11
> cap_unit: GB
>   - server: server2
> capacity:
>   - no_of_vols: 1
> size: 12
> cap_unit: GB
>   - no_of_vols: 1
> size: 13
> cap_unit: GB
>   - servername: ''
> capacity:
>   - no_of_vols: 3
> size: 14
> cap_unit: GB
>   - no_of_vols: 1
> size: 15
> cap_unit: GB
>
>
> below is my code working till creating epecting list of dictionaries , but
> 'no_of_vols' i am facing issue.
>
> ---
> - name: "This Play To Print Data Based On Size In Given Server"
>   hosts: localhost
>   gather_facts: false
>   vars:
> storage_device:
>   - servername: server1
>   - servername: server2
> "storage_details_test_capacity": [
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "10"
>   },
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "11"
>   },
>   {
> "servername": "server1",
> "cap_unit": "GB",
> "size": "11"
>   },
>   {
> "cap_unit": "GB",
> "servername": "server2",
> "size": "12"
>   },
>   {
> "cap_unit": "GB",
> "servername": "server2",
> "size": "13"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "14"
>   },
>   {
> "cap_unit": "GB",
> "servername": "",
> "size": "15"
>   }
> ]
>   tasks:
> - name: Populate storage_device list
>   ansible.builtin.set_fact:
> storage_device: "{{ storage_device | default([]) + [{'servername':
> item.servername | default(''), 'capacity': [{'size': item.size | int,
> 'cap_unit': item.cap_unit}]}] }}"
>   loop: "{{ storage_details_test_capacity }}"
>
>
> - name: Debug storage_device list
>   ansible.builtin.debug:
> var: storage_device
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/fc1c5e4d-eb2e-4712-b2c1-9ac6f8d2c7aen%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSF0gsCU_tk%3DJg59Ts8yWe3cf7-p5r4rNqs2MKDrH9e1w%40mail.gmail.com.

Re: [ansible-project] Generate temaplate file when having with_items and array

[Will McDonald]

A loop with subelements

should give you the control you need to template out what you need based on
the number of files in the data structure:

- name: test jinja rendering
>   hosts: localhost
>   gather_facts: no
>
>   vars:
> users:
>   - username: user1
> action: GET
> files:
>   - file1
>   - username: user2
> action: GET
> files:
>   - file1
>   - file2
>
>   tasks:
> - name: debug the data structure
>   ansible.builtin.debug:
> msg:
>   - Item 0 is '{{ item.0 }}'
>   - Item 1 is '{{ item.1 }}'
>   loop: '{{ users | subelements("files") }}'
>

Sample debug output:

TASK [debug the data structure]

ok: [localhost] => (item=[{'username': 'user1', 'action': 'GET', 'files':
['file1']}, 'file1']) => {
"msg": [
"Item 0 is '{'username': 'user1', 'action': 'GET', 'files':
['file1']}'",
"Item 1 is 'file1'"
]
}
ok: [localhost] => (item=[{'username': 'user2', 'action': 'GET', 'files':
['file1', 'file2']}, 'file1']) => {
"msg": [
"Item 0 is '{'username': 'user2', 'action': 'GET', 'files':
['file1', 'file2']}'",
"Item 1 is 'file1'"
]
}
ok: [localhost] => (item=[{'username': 'user2', 'action': 'GET', 'files':
['file1', 'file2']}, 'file2']) => {
"msg": [
"Item 0 is '{'username': 'user2', 'action': 'GET', 'files':
['file1', 'file2']}'",
"Item 1 is 'file2'"
]
}



On Sat, 16 Dec 2023 at 10:24, dudu.c...@gmail.com 
wrote:

> I need to generate few files based on jinja template ,
>
> In the first run it is easy when I need to generate single file per user
>
>
>
> *Basic input:*
>
> user:
> - { username: user1, action: get , file: 1.txt }
> - { username: user2, action: get , file: 2.txt }
>
>
>
> *Jinja template:*
>
> User: {{ item.users }}
> Permission: {{ item.action}}
> File-access: {{ite.file}}
>
>
>  *Playbook:*
>
> - name: generate files
>   template:
> src: template.j2
> dest: "{{ folder }}/{{ item.username }}"
>   with_items: "{{ user }}"
>
>
>
>
>
> But now comes the twist, Single user can have multi files  (see user1) and
> , I need to create for this user 2 files
>
> File 1 – filename user1-1 , where file = to 1.txt
>
> File 2 – filename user1-2 , where file = to new.file
>
>
>
> *Advance input:*
>
> user:
> - { username: user1, action: get , file: [1.txt ,new.file] }
> - { username: user2, action: get , file: 2.txt }
>
>
>
> Any ideas ?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f4ece24c-9706-4ccb-89bf-1ae8b18d9d34n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRi4AcPkJPK7Q63fvgEtO-r05ri_b4Sb_Z2rK1emEyzaQ%40mail.gmail.com.

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

Awesome, glad it was helpful.


On Mon, 27 Nov 2023 at 20:42, Evan Hisey  wrote:

> Will-
>  This has been overall very helpful. I think I have a cleaner way to
> implement my idea now. A little reworking of the master ansible playbook
> and I think I can get things to work the way I will need them too.
>
> On Mon, Nov 27, 2023 at 12:01 PM Will McDonald 
> wrote:
>
>> Can you share the Vagrant file? And ideally playbook.yml?
>>
>> I have this working precisely as expected, you just need to ensure that
>> the if statement is nested at just the right point in the Vagrantfile.
>>
>> On Mon, 27 Nov 2023 at 17:44, Evan Hisey  wrote:
>>
>>> Will-
>>>  Looks like even with the cluster limit I still get 3 discrete runs,
>>> when using the cluster example. I did a very simple play book and you can
>>> see the gathering_facts stages gets run in triplicate:
>>> [image: image.png]
>>> Definitely changed the behavior but not quite were I need it to go.
>>> However, it has given me an interesting  ideas to try.
>>>
>>> On Sun, Nov 26, 2023 at 3:06 PM Evan Hisey  wrote:
>>>
>>>> Will-
>>>>  That was exactly the issue. I will give the bottom solution a go. I
>>>> think that will work, I will need to play with generating the group, but I
>>>> think t I can make it work. Thanks for the help, will update when I get
>>>> something working or fail :)
>>>>
>>>>
>>>> On Sun, Nov 26, 2023 at 11:25 AM Will McDonald 
>>>> wrote:
>>>>
>>>>> OK, after some experimentation, I think I see what your problem might
>>>>> be? If you do something like:
>>>>>
>>>>> BOX_IMAGE = "fedora/37-cloud-base"
>>>>> NODE_COUNT = 2
>>>>>
>>>>> Vagrant.configure("2") do |config|
>>>>>
>>>>>   (1..NODE_COUNT).each do |i|
>>>>> config.vm.define "node#{i}" do |subconfig|
>>>>>   subconfig.vm.box = BOX_IMAGE
>>>>>   subconfig.vm.hostname = "node#{i}"
>>>>>
>>>>>   if i == NODE_COUNT
>>>>> config.vm.provision :ansible do |ansible|
>>>>>   # Disable default limit to connect to all the machines
>>>>>   ansible.limit = "all"
>>>>>   ansible.playbook = "playbook.yml"
>>>>> end
>>>>>   end
>>>>>
>>>>> end
>>>>>   end
>>>>>
>>>>> end
>>>>>
>>>>> The Vagrant Ansible provisioner fires for every VM causing multiple
>>>>> discrete runs, you can control that to a degree with ansible.limit, the
>>>>> hosts statement in the playbook and/or delegate_to but it would be hard to
>>>>> do stateful cross-cluster config.
>>>>>
>>>>> If you do something like the following instead, this will provision
>>>>> all 3 Vagrant boxes and then fire the provisioner* once *triggering
>>>>> an Ansible run just for the final box:
>>>>>
>>>>> wmcdonald@fedora:~/working/vagrant/fedora-multi$ cat Vagrantfile
>>>>> Vagrant.configure(2) do |config|
>>>>>   #Define the number of nodes to spin up
>>>>>   N = 3
>>>>>
>>>>>   #Iterate over nodes
>>>>>   (1..N).each do |node_id|
>>>>> nid = (node_id - 1)
>>>>>
>>>>> config.vm.define "node#{nid}" do |node|
>>>>>   node.vm.box = "fedora/37-cloud-base"
>>>>>   node.vm.provider "virtualbox" do |vb|
>>>>> vb.memory = "1024"
>>>>>   end
>>>>>   node.vm.hostname = "node#{nid}"
>>>>>
>>>>>   if node_id == N
>>>>> node.vm.provision "ansible" do |ansible|
>>>>>   ansible.limit = "all"
>>>>>   ansible.groups = {
>>>>> "cluster-nodes" => [
>>>>>   "node0",
>>>>>   "node1",
>>>>>   "node2",
>>>>> ]
>>>>>   }
>>>>>   ansible.playbook = "playbook.yml"
>>>>> end
>>>>>

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

Can you share the Vagrant file? And ideally playbook.yml?

I have this working precisely as expected, you just need to ensure that the
if statement is nested at just the right point in the Vagrantfile.

On Mon, 27 Nov 2023 at 17:44, Evan Hisey  wrote:

> Will-
>  Looks like even with the cluster limit I still get 3 discrete runs, when
> using the cluster example. I did a very simple play book and you can see
> the gathering_facts stages gets run in triplicate:
> [image: image.png]
> Definitely changed the behavior but not quite were I need it to go.
> However, it has given me an interesting  ideas to try.
>
> On Sun, Nov 26, 2023 at 3:06 PM Evan Hisey  wrote:
>
>> Will-
>>  That was exactly the issue. I will give the bottom solution a go. I
>> think that will work, I will need to play with generating the group, but I
>> think t I can make it work. Thanks for the help, will update when I get
>> something working or fail :)
>>
>>
>> On Sun, Nov 26, 2023 at 11:25 AM Will McDonald 
>> wrote:
>>
>>> OK, after some experimentation, I think I see what your problem might
>>> be? If you do something like:
>>>
>>> BOX_IMAGE = "fedora/37-cloud-base"
>>> NODE_COUNT = 2
>>>
>>> Vagrant.configure("2") do |config|
>>>
>>>   (1..NODE_COUNT).each do |i|
>>> config.vm.define "node#{i}" do |subconfig|
>>>   subconfig.vm.box = BOX_IMAGE
>>>   subconfig.vm.hostname = "node#{i}"
>>>
>>>   if i == NODE_COUNT
>>> config.vm.provision :ansible do |ansible|
>>>   # Disable default limit to connect to all the machines
>>>   ansible.limit = "all"
>>>   ansible.playbook = "playbook.yml"
>>> end
>>>   end
>>>
>>> end
>>>   end
>>>
>>> end
>>>
>>> The Vagrant Ansible provisioner fires for every VM causing multiple
>>> discrete runs, you can control that to a degree with ansible.limit, the
>>> hosts statement in the playbook and/or delegate_to but it would be hard to
>>> do stateful cross-cluster config.
>>>
>>> If you do something like the following instead, this will provision all
>>> 3 Vagrant boxes and then fire the provisioner* once *triggering an
>>> Ansible run just for the final box:
>>>
>>> wmcdonald@fedora:~/working/vagrant/fedora-multi$ cat Vagrantfile
>>> Vagrant.configure(2) do |config|
>>>   #Define the number of nodes to spin up
>>>   N = 3
>>>
>>>   #Iterate over nodes
>>>   (1..N).each do |node_id|
>>> nid = (node_id - 1)
>>>
>>> config.vm.define "node#{nid}" do |node|
>>>   node.vm.box = "fedora/37-cloud-base"
>>>   node.vm.provider "virtualbox" do |vb|
>>> vb.memory = "1024"
>>>   end
>>>   node.vm.hostname = "node#{nid}"
>>>
>>>   if node_id == N
>>> node.vm.provision "ansible" do |ansible|
>>>   ansible.limit = "all"
>>>   ansible.groups = {
>>> "cluster-nodes" => [
>>>   "node0",
>>>   "node1",
>>>   "node2",
>>> ]
>>>   }
>>>   ansible.playbook = "playbook.yml"
>>> end
>>>   end
>>>
>>> end
>>>   end
>>> end
>>>
>>> wmcdonald@fedora:~/working/vagrant/fedora-multi130$ cat playbook.yml
>>> - name: Vagrant post-provision
>>>   hosts: cluster_nodes
>>>
>>>   tasks:
>>> - name: Debug vars for hosts
>>>   debug:
>>> var: ansible_play_hosts
>>>
>>> Note that the provisioner will run once but still parallelise like a
>>> normal Ansible run would and hit each node because we're setting the hosts
>>> to the group members. You could further limit with delegate_to or have one
>>> cluster node in its own 'primary_node' group in addition to the
>>> cluster_nodes.
>>>
>>> See:
>>> https://everythingshouldbevirtual.com/automation/virtualization/vagrant-ansible-provisioning-multi-nodes/
>>> And another variant with per-box behaviour here:
>>> https://stackoverflow.com/questions/54468546/how-to-run-an-ansible-playbook-on-a-speci

Re: [ansible-project] jinja2 conditional help

[Will McDonald]

I haven't tested this but does something like:

  {{ hostvars[host]['result']['stdout']|default("None", true) }}

Give the output you need?

cf:
- https://support.sendwithus.com/jinja/default/
-
https://jinja.palletsprojects.com/en/3.1.x/templates/#jinja-filters.default


On Mon, 27 Nov 2023 at 14:10, Dimitri Yioulos 
wrote:

> Good day, all.
>
> I've created a simple package update playbook, which also creates a report
> of updated packages:
>
> - hosts: mytesthosts
>   gather_facts: false
>   become: yes
>
>   tasks:
> - name: install all updates
>   yum:
> name: '*'
> update_cache: yes
> state: latest
> - name: List updated packages
>   shell: rpm -qa --last | grep "$(date +%a\ %d\ %b\ %Y)" |cut -f 1 -d
> " "|sort -n
>   register: result
>   tags:
> - lsupdates
> - debug:
> msg: "{{ result.stdout_lines }}"
>   tags:
> - prupdates
>
> - local_action:
> module: copy
> content: |
>   {% set t1 = now().strftime("%m/%d/%Y") %}
>   {% for host in ansible_play_hosts %}
>   {{ host }}:
>
>   The following packages were updated on {{ t1 }}
>
>   {{ hostvars[host]['result']['stdout'] }}
>
>
>   {% endfor -%}
> dest: "/home/dyioulos/updates.txt"
>   run_once: yes
>   tags:
> - report
>
> This does almost exactly what I want it to. The report looks like this:
>
> test1:
>
> The following packages were updated on 11/27/2023
>
> alternatives-1.24-1.el9.x86_64
> apr-util-1.6.1-23.el9.x86_64
> apr-util-bdb-1.6.1-23.el9.x86_64
> ~
>
> test2:
>
> The following packages were updated on 11/27/2023
>
> Note that there were no updates applied to test2. I'd like that to be
> reflected in the report, so that after "The following packages ...", it
> says "None". I would guess this requires if-then language in the inline
> jinja2. My searche for, and attempts at, a solution have been unsuccessful.
>
> Your help, as always, would be appreciated.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/eed79255-29d0-49c5-88e5-9b06577933a2n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSaRJsXuGmuB3ewWo1O8DME6UvQ2Q-v6Uz7XhMUr0DEUg%40mail.gmail.com.

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

OK, after some experimentation, I think I see what your problem might be?
If you do something like:

BOX_IMAGE = "fedora/37-cloud-base"
NODE_COUNT = 2

Vagrant.configure("2") do |config|

  (1..NODE_COUNT).each do |i|
config.vm.define "node#{i}" do |subconfig|
  subconfig.vm.box = BOX_IMAGE
  subconfig.vm.hostname = "node#{i}"

  if i == NODE_COUNT
config.vm.provision :ansible do |ansible|
  # Disable default limit to connect to all the machines
  ansible.limit = "all"
  ansible.playbook = "playbook.yml"
end
  end

end
  end

end

The Vagrant Ansible provisioner fires for every VM causing multiple
discrete runs, you can control that to a degree with ansible.limit, the
hosts statement in the playbook and/or delegate_to but it would be hard to
do stateful cross-cluster config.

If you do something like the following instead, this will provision all 3
Vagrant boxes and then fire the provisioner* once *triggering an Ansible
run just for the final box:

wmcdonald@fedora:~/working/vagrant/fedora-multi$ cat Vagrantfile
Vagrant.configure(2) do |config|
  #Define the number of nodes to spin up
  N = 3

  #Iterate over nodes
  (1..N).each do |node_id|
nid = (node_id - 1)

config.vm.define "node#{nid}" do |node|
  node.vm.box = "fedora/37-cloud-base"
  node.vm.provider "virtualbox" do |vb|
vb.memory = "1024"
  end
  node.vm.hostname = "node#{nid}"

  if node_id == N
node.vm.provision "ansible" do |ansible|
  ansible.limit = "all"
  ansible.groups = {
"cluster-nodes" => [
  "node0",
  "node1",
  "node2",
]
  }
  ansible.playbook = "playbook.yml"
end
  end

end
  end
end

wmcdonald@fedora:~/working/vagrant/fedora-multi130$ cat playbook.yml
- name: Vagrant post-provision
  hosts: cluster_nodes

  tasks:
- name: Debug vars for hosts
  debug:
var: ansible_play_hosts

Note that the provisioner will run once but still parallelise like a normal
Ansible run would and hit each node because we're setting the hosts to the
group members. You could further limit with delegate_to or have one cluster
node in its own 'primary_node' group in addition to the cluster_nodes.

See:
https://everythingshouldbevirtual.com/automation/virtualization/vagrant-ansible-provisioning-multi-nodes/
And another variant with per-box behaviour here:
https://stackoverflow.com/questions/54468546/how-to-run-an-ansible-playbook-on-a-specific-vagrant-host



On Sun, 26 Nov 2023 at 00:22, Will McDonald  wrote:

> There are a couple of ways you could exercise "control over the process to
> pull data from host 1 to be used on host 2 and 3".
>
> If you look at
> https://manski.net/2016/09/vagrant-multi-machine-tutorial/#multi-machine.3A-the-clever-way
> 3 nodes are provisioned, one as primary, then two as secondary nodes and
> it'd be relatively trivial to use this to key off the 'primary' node to do
> what you needed, I imagine.
>
> Where I've had scenarios provisioning 3 nodes of something in a 2n+1
> cluster (basically anything like Mongo, Etcd, Zookeeper etc. etc.) and you
> need to at least temporarily choose a semi-deterministic primary I've used
> logic like:
>
>   pre_tasks:
>   - name: pre_tasks | cluster member role setup for multiple hosts
> block:
> - name: pre_tasks | set cluster role to primary when inventory_hostame
> matches random seed
>   set_fact:
> cluster_role: primary
>   when: inventory_hostname ==
> ansible_play_hosts|random(seed=ansible_play_hosts | join())
>
> - name: pre_tasks | set mongo replication role to secondary when
> inventory_hostame does not match random seed
>   set_fact:
> cluster_role: secondary
>   when: inventory_hostname !=
> ansible_play_hosts|random(seed=ansible_play_hosts | join())
>
> - name: pre_tasks | create a custom facts.d directory on the target
> host
>   file:
> state: directory
> recurse: true
> path: /etc/ansible/facts.d
>
> - name: pre_tasks | persist the cluster membership role as a custom
> fact
>   copy:
> content: |
>   {'cluster_role':'{{ cluster_role }}'}
> dest: /etc/ansible/facts.d/cluster.fact
> mode: 0644
> owner: root
> group: root
>
> *Warning! *This sets a *transient value* in facts.d. Which in my cases is
> fine for our purposes. If your cluster membership state changes post-setup,
> the fact would be misleading. (i.e. a node flaps a

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

There are a couple of ways you could exercise "control over the process to
pull data from host 1 to be used on host 2 and 3".

If you look at
https://manski.net/2016/09/vagrant-multi-machine-tutorial/#multi-machine.3A-the-clever-way
3 nodes are provisioned, one as primary, then two as secondary nodes and
it'd be relatively trivial to use this to key off the 'primary' node to do
what you needed, I imagine.

Where I've had scenarios provisioning 3 nodes of something in a 2n+1
cluster (basically anything like Mongo, Etcd, Zookeeper etc. etc.) and you
need to at least temporarily choose a semi-deterministic primary I've used
logic like:

  pre_tasks:
  - name: pre_tasks | cluster member role setup for multiple hosts
block:
- name: pre_tasks | set cluster role to primary when inventory_hostame
matches random seed
  set_fact:
cluster_role: primary
  when: inventory_hostname ==
ansible_play_hosts|random(seed=ansible_play_hosts | join())

- name: pre_tasks | set mongo replication role to secondary when
inventory_hostame does not match random seed
  set_fact:
cluster_role: secondary
  when: inventory_hostname !=
ansible_play_hosts|random(seed=ansible_play_hosts | join())

- name: pre_tasks | create a custom facts.d directory on the target host
  file:
state: directory
recurse: true
path: /etc/ansible/facts.d

- name: pre_tasks | persist the cluster membership role as a custom fact
  copy:
content: |
  {'cluster_role':'{{ cluster_role }}'}
dest: /etc/ansible/facts.d/cluster.fact
mode: 0644
owner: root
group: root

*Warning! *This sets a *transient value* in facts.d. Which in my cases is
fine for our purposes. If your cluster membership state changes post-setup,
the fact would be misleading. (i.e. a node flaps and another cluster member
assumes leader/primary.)

You would want to replace cluster.fact  with something that dynamically
pulls out the cluster role membership state of a node once the
cluster/replicaset/whatever topology is provisioned and configured.


On Sat, 25 Nov 2023 at 23:25, Evan Hisey  wrote:

> Definitely an edge case. Not an issue in my file atleast as written based
> on my understanding of the process, but possibly an issue in my
> understanding of how vagrant is executing ansible as it looks like vagrant
> runs on each vm as a separate job in either case, just in parallel on each
> the second time. I still need control over the process to pull data from
> host 1 to be used on host 2 and 3, which if it is running in parallel as
> multiple jobs would still be an issue. If it in fact runs a single ansible
> playbook across the inventory, then that could work, and be the opposite of
> how I am understanding vagrant ansible provider works. I would need to
> refactor a large chunk of the application code to support that, but that
> can be easily done.
>
> On Sat, Nov 25, 2023 at 4:44 PM Will McDonald  wrote:
>
>> I think you may be misunderstanding me, or I'm misunderstanding you.
>>
>> Just for clarity's sake, the flow you would like is:
>>
>>1. An Ansible control node runs a playbook (or role) on 
>>targeting a machine, 
>>2. The  is configured to run as a Vagrant host with a
>>virtualisation provider (Virtualbox, Libvirt or whatever) in order to
>>support Vagrant box creation
>>3. You then have a Vagrantfile which runs on  and
>>configures multiple Vagrant boxes , , 
>>4. Once , ,  are UP* and only then,* you want to run
>>some Ansible which needs the primary and 2 secondaries to be up
>>
>> That being the case, then that is the behaviour that
>> https://developer.hashicorp.com/vagrant/docs/provisioning/ansible#ansible-parallel-execution
>> describes. It's slightly poorly worded but to me:
>>
>> # Only execute once the Ansible provisioner,# when all the machines 
>> are up and ready.
>>
>> Is equivalent to:
>>
>> # Provision all Vagrant boxes in the multi-machine setup.
>> # Only once all the machines are up and ready, run the Ansible 
>> provisioner
>>
>> If that's not what's happening, that's likely a Vagrant configuration or
>> provisioner misbehaviour?
>>
>> That's why I'm saying this isn't necessarily an Ansible thing. That
>> wording, the boxes should all spin up before any Vagrant Ansible
>> provisioner runs, you're saying that's not the case. That sounds like
>> either your Vagrantfile is wrong, or your Vagrant VM provisioner or
>> something else isn't working as expected.
>>
>> I'm spinning this up on a test  but if you already

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

I think you may be misunderstanding me, or I'm misunderstanding you.

Just for clarity's sake, the flow you would like is:

   1. An Ansible control node runs a playbook (or role) on 
   targeting a machine, 
   2. The  is configured to run as a Vagrant host with a
   virtualisation provider (Virtualbox, Libvirt or whatever) in order to
   support Vagrant box creation
   3. You then have a Vagrantfile which runs on  and
   configures multiple Vagrant boxes , , 
   4. Once , ,  are UP* and only then,* you want to run some
   Ansible which needs the primary and 2 secondaries to be up

That being the case, then that is the behaviour that
https://developer.hashicorp.com/vagrant/docs/provisioning/ansible#ansible-parallel-execution
describes. It's slightly poorly worded but to me:

# Only execute once the Ansible provisioner,# when all the
machines are up and ready.

Is equivalent to:

# Provision all Vagrant boxes in the multi-machine setup.
# Only once all the machines are up and ready, run the Ansible provisioner

If that's not what's happening, that's likely a Vagrant configuration or
provisioner misbehaviour?

That's why I'm saying this isn't necessarily an Ansible thing. That
wording, the boxes should all spin up before any Vagrant Ansible
provisioner runs, you're saying that's not the case. That sounds like
either your Vagrantfile is wrong, or your Vagrant VM provisioner or
something else isn't working as expected.

I'm spinning this up on a test  but if you already have a test
case/reproducer, or can provide more info on your Vagrant setup then this
would collectively help people help you. If there's an obvious error in
your Vagrantfile it could be a simple fix rather than an edge case.

cf:
-
https://manski.net/2016/09/vagrant-multi-machine-tutorial/#multi-machine.3A-the-clever-way
-
https://developer.hashicorp.com/vagrant/docs/provisioning/ansible#ansible-parallel-execution


On Sat, 25 Nov 2023 at 21:55, Evan Hisey  wrote:

> Vagrant is behaving fine, so not a vagrant specific problem. It is a task
> problem. I need the vagrant hosts fully installed first because I have to
> collect data from all 3 at once before deploying the software, and during
> software deployment I have to install the master first, collect keys and
> then install the slaves. Vagrant provider provisions does provide this kind
> of control as it assumes the each provisioned VM is self contained. A more
> typical solution would be to directly remote in to the VM's for ansible to
> run after deployment from the remote controller, but that is not an
> available option. Only the vagrant host will have access to the vagrant
> vms, and really only as the vagrant user. The last limitation is not hard
> to deal with, as vagrant provides everything an ansible job would need if
> run from the vagrant host.
>
> That is why I need to trigger to a vagrant host ansible playbook, since it
> can't not run from the initial ansible controller. Yes it is a bit of an
> odd edge case, as the vagrant provider normally would be plenty.
>
> On Sat, Nov 25, 2023 at 2:08 PM Will McDonald  wrote:
>
>> It sounds like a Vagrant issue rather than an Ansible issue. Or possibly
>> a niche Vagrant provider problem.
>>
>> Can you share a sample Vagrantfile that's not behaving as it should and
>> details of the target OS of the Vagrant host, and the virtualisation
>> provider you're using?
>>
>>
>> On Sat, 25 Nov 2023 at 19:30, Evan Hisey  wrote:
>>
>>> Already tried it and it does not work, which was why I explicitly
>>> referenced that behavior as not working as not working in this
>>> scenario.While vagrant can run playbooks at provisioning time. it does not
>>> really proivde a way to to control when the provisioin runs. All 3 hosts
>>> need to be up be for the first host can be provisioned since it requires
>>> the ips of the later hosts. Second option does not work, as the remote
>>> control node does not have access to the VMs, as mentioned. Which is what
>>> lead to the need to trigger a second playbook.  otherwise could lust load
>>> the vagrant generated inventory with add_host module.
>>>
>>> IC ould do some ugly sequencing of the "vagrant up --provision" from a
>>> playbook to control the ansible provisioning sequence of the vms, but I am
>>> trying to avoid using ugly shell commands as much as I can. If I  uses a
>>> shell  command I could also just trigger an ansible playbook that way, but
>>> feels wrong.
>>>
>>>
>>> On Sat, Nov 25, 2023 at 12:40 PM Will McDonald 
>>> wrote:
>>>
>>>> Quickly skimming the Vagrant Ansible provisioner

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

It sounds like a Vagrant issue rather than an Ansible issue. Or possibly a
niche Vagrant provider problem.

Can you share a sample Vagrantfile that's not behaving as it should and
details of the target OS of the Vagrant host, and the virtualisation
provider you're using?


On Sat, 25 Nov 2023 at 19:30, Evan Hisey  wrote:

> Already tried it and it does not work, which was why I explicitly
> referenced that behavior as not working as not working in this
> scenario.While vagrant can run playbooks at provisioning time. it does not
> really proivde a way to to control when the provisioin runs. All 3 hosts
> need to be up be for the first host can be provisioned since it requires
> the ips of the later hosts. Second option does not work, as the remote
> control node does not have access to the VMs, as mentioned. Which is what
> lead to the need to trigger a second playbook.  otherwise could lust load
> the vagrant generated inventory with add_host module.
>
> IC ould do some ugly sequencing of the "vagrant up --provision" from a
> playbook to control the ansible provisioning sequence of the vms, but I am
> trying to avoid using ugly shell commands as much as I can. If I  uses a
> shell  command I could also just trigger an ansible playbook that way, but
> feels wrong.
>
>
> On Sat, Nov 25, 2023 at 12:40 PM Will McDonald 
> wrote:
>
>> Quickly skimming the Vagrant Ansible provisioner docs, isn't this
>> precisely the behaviour you're looking for:
>>
>>
>> https://developer.hashicorp.com/vagrant/docs/provisioning/ansible#ansible-parallel-execution
>>
>> # Only execute once the Ansible provisioner,# when all the machines 
>> are up and ready.
>>
>> So you would spin up all your Vagrant boxes from your control node, wait
>> for that to complete, template out a static inventory of your Vagrant boxes
>> then run your subsequent Vagrant Ansible provisioner automation?
>>
>>
>>
>> On Sat, 25 Nov 2023 at 18:20, Evan Hisey  wrote:
>>
>>> I am working on a scenario where the first playbook executes commands on
>>> a remote host to create a vagrant host and spins up multiple vms. Vagrant
>>> can triggers it's own ansible provisioning runs but they are only single
>>> host aware and run when the host is provisioned. That does not work in this
>>> case, as I need all VM's running BEFORE the deployment playbook can be
>>> triggered. Added wrinkle is the VMs are accessible at this time from
>>> outside the vagrant host. If they were, I could simply import the vagrant
>>> host list into the controller inventory and refresh.
>>>
>>> Right now I am looking at  the possibility of using
>>> ansible.builtin.shell to trigger the new ansible-playbook command on the
>>> vagrant host to run the vagrant VM application configuration. But while
>>> this works it is not exactly ansible clean. Suggestions on approaches?
>>>
>>> --
>>> Evan Hisey
>>> ehi...@gmail.com
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAEcFzYwsmYmvh%3DWJwSNmJWertkxFRDiKkumnwhzAFupggP58Vg%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/ansible-project/CAEcFzYwsmYmvh%3DWJwSNmJWertkxFRDiKkumnwhzAFupggP58Vg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAKtKohS2LdL4qtTyQF8VdV6pu2tjL3mx868TgvkwvAEUkRbF%3Dg%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAKtKohS2LdL4qtTyQF8VdV6pu2tjL3mx868TgvkwvAEUkRbF%3Dg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA

Re: [ansible-project] Execute new ansible-playbook command on remote host from a playbook

[Will McDonald]

Quickly skimming the Vagrant Ansible provisioner docs, isn't this precisely
the behaviour you're looking for:

https://developer.hashicorp.com/vagrant/docs/provisioning/ansible#ansible-parallel-execution

# Only execute once the Ansible provisioner,# when all the
machines are up and ready.

So you would spin up all your Vagrant boxes from your control node, wait
for that to complete, template out a static inventory of your Vagrant boxes
then run your subsequent Vagrant Ansible provisioner automation?



On Sat, 25 Nov 2023 at 18:20, Evan Hisey  wrote:

> I am working on a scenario where the first playbook executes commands on a
> remote host to create a vagrant host and spins up multiple vms. Vagrant can
> triggers it's own ansible provisioning runs but they are only single host
> aware and run when the host is provisioned. That does not work in this
> case, as I need all VM's running BEFORE the deployment playbook can be
> triggered. Added wrinkle is the VMs are accessible at this time from
> outside the vagrant host. If they were, I could simply import the vagrant
> host list into the controller inventory and refresh.
>
> Right now I am looking at  the possibility of using ansible.builtin.shell
> to trigger the new ansible-playbook command on the vagrant host to run the
> vagrant VM application configuration. But while this works it is not
> exactly ansible clean. Suggestions on approaches?
>
> --
> Evan Hisey
> ehi...@gmail.com
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAEcFzYwsmYmvh%3DWJwSNmJWertkxFRDiKkumnwhzAFupggP58Vg%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohS2LdL4qtTyQF8VdV6pu2tjL3mx868TgvkwvAEUkRbF%3Dg%40mail.gmail.com.

Re: [ansible-project] restart service, check if port is ready to accept and then move to next host

[Will McDonald]

I think you've misunderstood what I suggested. (Or I've explained it
poorly.)

If you use serial, you wouldn't need a block necessarily as you'd be
executing over the inventory hosts one-at-a-time.

If you insist on sticking with throttle, try it with a block in order to
group your service restart and service availability check.

I strongly going and taking the time to read the rolling update example
that's already documented, understand it and then think about how to apply
that to what you're trying to achieve.



On Fri, 3 Nov 2023 at 13:22, Sameer Modak 
wrote:

> Hello will,
>
>
>
> i tried to do it with block and serial no it does not work say's block
> cant have serial
>
> tasks:
>
>   - name: block check
>
> block:
>
>   - name: run this shell
>
> shell: 'systemctl restart "{{zookeeper_service_name}}"'
>
>
>   - name: debug
>
> debug:
>
>   msg: "running my task"
>
>
>   - name: now run this task
>
> shell: timeout -k 3 1m sh -c 'until nc -zv localhost
> {{hostvars[inventory_hostname].zk_port}}; do sleep 1; done'
>
>
> when:
>
> - not zkmode is search('leader')
>
> serial: 1
>
> ~
>
> On Wednesday, November 1, 2023 at 3:39:54 PM UTC+5:30 Sameer Modak wrote:
>
>> Let me try with block and serial and get back to you
>>
>> On Wednesday, November 1, 2023 at 5:33:14 AM UTC+5:30 Will McDonald wrote:
>>
>>> Edit: s/along with a failed_when/along with wait_for/
>>>
>>> On Tue, 31 Oct 2023 at 23:58, Will McDonald  wrote:
>>>
>>>> I don't entirely understand your approach, constraints or end-to-end
>>>> requirements here, but trying to read between the lines...
>>>>
>>>> 1. You have a cluster of zookeeper nodes (presumably 2n+1 so 3, 5 or
>>>> more nodes)
>>>> 2. You want to do a rolling restart of these nodes 1 at a time, wait
>>>> for the node to come back up, check it's functioning, and if that doesn't
>>>> work, fail the run
>>>> 3. With your existing approach you can limit the restart of a service
>>>> using throttle at the task level, but then don't know how to handle failure
>>>> in a subsequent task
>>>> 4. You don't think wait_for will work because you only throttle on the
>>>> restart task
>>>>
>>>> (Essentially you want your condition "has the service restarted
>>>> successfully" to be in the task itself.)
>>>>
>>>> Again some thoughts that might help you work through this...
>>>>
>>>> 1. Any reason you couldn't just use serial at a playbook level? If so,
>>>> what is that?
>>>> 2. If you must throttle rather than serial, consider using it in a
>>>> block along with a failed_when
>>>> 3. Try and avoid using shell and use builtin constructs like service,
>>>> it'll save you longer term pain
>>>>
>>>> Read through the links I posted earlier and explain what might stop you
>>>> using the documented approach.
>>>>
>>>> This post from Vladimir on Superuser might be useful too:
>>>> https://superuser.com/questions/1664197/ansible-keyword-throttle
>>>> (loads of other 2n+1 rolling update/restart examples out there too:
>>>> https://stackoverflow.com/questions/62378317/ansible-rolling-restart-multi-cluster-environment
>>>> )
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, 31 Oct 2023 at 17:54, Sameer Modak 
>>>> wrote:
>>>>
>>>>> Hello Will,
>>>>>
>>>>> I have used throttle so that part is sorted. But i dont think wait_for
>>>>> works here for example.
>>>>> task 1 restart. <--- now in this task already he has restarted all
>>>>> hosts one by one
>>>>> task 2 wait_for <-- this will fail if port does not come up but no use
>>>>> because restart is triggered.
>>>>>
>>>>> we just want to know if in one task it restarts and checks if fails
>>>>> aborts play thats it. Now we got the results but used shell module.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Tuesday, October 31, 2023 at 7:53:31 PM UTC+5:30 Will McDonald
>>>>> wrote:
>>>>>
>>>>>> I'd suggest reading up on rolling updates using ser

Re: [ansible-project] How to make sure that values for all keys with same name are strings?

[Will McDonald]

Do you need to do this natively handling the data structure in a playbook
or would a degree of preprocessing be OK?

You might be able set the style using yq as one option? Possibly in
combination with key matching?

https://mikefarah.gitbook.io/yq/operators/style#set-single-quote-style


On Fri, 3 Nov 2023 at 12:57, Dick Visser  wrote:

> Hii,
>
> I have a structure like this:
>
> ---
> state:
>   owner_id: 036001814778
>   environments:
> - name: prod
>   owner_id: 036001814778
>   foo:
> bar:
>   - name: xasdf
> owner_id: 036001814778
> - name: acc
>   owner_id: 036001814778
>   bar: baz
>   nest:
> ed:
>   struct:
> deeper:
>   too:
> owner_id: 036001814778
> foo: biz
> boz: bar
>
> I am looking for a way to have all values for owner_id (no matter what
> level) be strings rather than integers. So the dict would look like:
>
> ---
> state:
>   owner_id: '036001814778'
>   environments:
> - name: prod
>   owner_id: '036001814778'
>   foo:
> bar:
>   - name: xasdf
> owner_id: '036001814778'
> - name: acc
>   owner_id: '036001814778'
>   bar: baz
>   nest:
> ed:
>   struct:
> deeper:
>   too:
> owner_id: '036001814778'
> foo: biz
> boz: bar
>
> The complication here is that the owner_id keys can appear at any level.
>
> Tnx!
>
> Dick
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAF8BbLajtsiYTJtFDqV3-RMHxDrJ83pHdtVW%3Dy%3DkmJ1x%3DeV2SA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRs3XrgqY%3DPsk3e%3DsHwLcdHoqgxh7GMX%2B1U6NaPuTWRbA%40mail.gmail.com.

Re: [ansible-project] restart service, check if port is ready to accept and then move to next host

[Will McDonald]

Edit: s/along with a failed_when/along with wait_for/

On Tue, 31 Oct 2023 at 23:58, Will McDonald  wrote:

> I don't entirely understand your approach, constraints or end-to-end
> requirements here, but trying to read between the lines...
>
> 1. You have a cluster of zookeeper nodes (presumably 2n+1 so 3, 5 or more
> nodes)
> 2. You want to do a rolling restart of these nodes 1 at a time, wait for
> the node to come back up, check it's functioning, and if that doesn't work,
> fail the run
> 3. With your existing approach you can limit the restart of a service
> using throttle at the task level, but then don't know how to handle failure
> in a subsequent task
> 4. You don't think wait_for will work because you only throttle on the
> restart task
>
> (Essentially you want your condition "has the service restarted
> successfully" to be in the task itself.)
>
> Again some thoughts that might help you work through this...
>
> 1. Any reason you couldn't just use serial at a playbook level? If so,
> what is that?
> 2. If you must throttle rather than serial, consider using it in a block
> along with a failed_when
> 3. Try and avoid using shell and use builtin constructs like service,
> it'll save you longer term pain
>
> Read through the links I posted earlier and explain what might stop you
> using the documented approach.
>
> This post from Vladimir on Superuser might be useful too:
> https://superuser.com/questions/1664197/ansible-keyword-throttle (loads
> of other 2n+1 rolling update/restart examples out there too:
> https://stackoverflow.com/questions/62378317/ansible-rolling-restart-multi-cluster-environment
> )
>
>
>
>
> On Tue, 31 Oct 2023 at 17:54, Sameer Modak 
> wrote:
>
>> Hello Will,
>>
>> I have used throttle so that part is sorted. But i dont think wait_for
>> works here for example.
>> task 1 restart. <--- now in this task already he has restarted all hosts
>> one by one
>> task 2 wait_for <-- this will fail if port does not come up but no use
>> because restart is triggered.
>>
>> we just want to know if in one task it restarts and checks if fails
>> aborts play thats it. Now we got the results but used shell module.
>>
>>
>>
>>
>> On Tuesday, October 31, 2023 at 7:53:31 PM UTC+5:30 Will McDonald wrote:
>>
>>> I'd suggest reading up on rolling updates using serial:
>>>
>>>
>>> https://docs.ansible.com/ansible/latest/playbook_guide/guide_rolling_upgrade.html#the-rolling-upgrade
>>>
>>> https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_strategies.html#setting-the-batch-size-with-serial
>>>
>>> You can use wait_for or wait_for_connection to ensure service
>>> availability before continuing:
>>>
>>>
>>> https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_module.html
>>>
>>> https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_connection_module.html
>>>
>>>
>>>
>>>
>>>
>>> On Tue, 31 Oct 2023 at 14:08, Sameer Modak 
>>> wrote:
>>>
>>>> restart service, check if service is ready to accept connection because
>>>> it takes time to come up. Once we sure its listening on port then only move
>>>> to next host. unless dont move because we can only afford to have one
>>>> service down at a time.
>>>>
>>>> is there any to short hand or ansible native way to handle this using
>>>> ansible module.
>>>>
>>>>
>>>> code:
>>>>
>>>> name: Restart zookeeper followers
>>>>
>>>>   throttle: 1
>>>>
>>>>   any_errors_fatal: true
>>>>
>>>>   shell: |
>>>>
>>>>  systemctl restart {{zookeeper_service_name}}
>>>>
>>>>  timeout 22 sh -c 'until nc localhost {{zookeeper_server_port}}; do
>>>> sleep 1; done'
>>>>
>>>>   when: not zkmode.stdout_lines is search('leader')
>>>>
>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-proje...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/67ca5f13-855d-4d40-a47

Re: [ansible-project] restart service, check if port is ready to accept and then move to next host

[Will McDonald]

I don't entirely understand your approach, constraints or end-to-end
requirements here, but trying to read between the lines...

1. You have a cluster of zookeeper nodes (presumably 2n+1 so 3, 5 or more
nodes)
2. You want to do a rolling restart of these nodes 1 at a time, wait for
the node to come back up, check it's functioning, and if that doesn't work,
fail the run
3. With your existing approach you can limit the restart of a service using
throttle at the task level, but then don't know how to handle failure in a
subsequent task
4. You don't think wait_for will work because you only throttle on the
restart task

(Essentially you want your condition "has the service restarted
successfully" to be in the task itself.)

Again some thoughts that might help you work through this...

1. Any reason you couldn't just use serial at a playbook level? If so, what
is that?
2. If you must throttle rather than serial, consider using it in a block
along with a failed_when
3. Try and avoid using shell and use builtin constructs like service, it'll
save you longer term pain

Read through the links I posted earlier and explain what might stop you
using the documented approach.

This post from Vladimir on Superuser might be useful too:
https://superuser.com/questions/1664197/ansible-keyword-throttle (loads of
other 2n+1 rolling update/restart examples out there too:
https://stackoverflow.com/questions/62378317/ansible-rolling-restart-multi-cluster-environment
)




On Tue, 31 Oct 2023 at 17:54, Sameer Modak 
wrote:

> Hello Will,
>
> I have used throttle so that part is sorted. But i dont think wait_for
> works here for example.
> task 1 restart. <--- now in this task already he has restarted all hosts
> one by one
> task 2 wait_for <-- this will fail if port does not come up but no use
> because restart is triggered.
>
> we just want to know if in one task it restarts and checks if fails aborts
> play thats it. Now we got the results but used shell module.
>
>
>
>
> On Tuesday, October 31, 2023 at 7:53:31 PM UTC+5:30 Will McDonald wrote:
>
>> I'd suggest reading up on rolling updates using serial:
>>
>>
>> https://docs.ansible.com/ansible/latest/playbook_guide/guide_rolling_upgrade.html#the-rolling-upgrade
>>
>> https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_strategies.html#setting-the-batch-size-with-serial
>>
>> You can use wait_for or wait_for_connection to ensure service
>> availability before continuing:
>>
>>
>> https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_module.html
>>
>> https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_connection_module.html
>>
>>
>>
>>
>>
>> On Tue, 31 Oct 2023 at 14:08, Sameer Modak  wrote:
>>
>>> restart service, check if service is ready to accept connection because
>>> it takes time to come up. Once we sure its listening on port then only move
>>> to next host. unless dont move because we can only afford to have one
>>> service down at a time.
>>>
>>> is there any to short hand or ansible native way to handle this using
>>> ansible module.
>>>
>>>
>>> code:
>>>
>>> name: Restart zookeeper followers
>>>
>>>   throttle: 1
>>>
>>>   any_errors_fatal: true
>>>
>>>   shell: |
>>>
>>>  systemctl restart {{zookeeper_service_name}}
>>>
>>>  timeout 22 sh -c 'until nc localhost {{zookeeper_server_port}}; do
>>> sleep 1; done'
>>>
>>>   when: not zkmode.stdout_lines is search('leader')
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/67ca5f13-855d-4d40-a47a-c0fbe11ea3b5n%40googlegroups.com
>>> <https://groups.google.com/d/msgid/ansible-project/67ca5f13-855d-4d40-a47a-c0fbe11ea3b5n%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3370b143-050a-4a14-a858-f5abe60c2678n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/3370b143-050a-4a14-a858-f5abe60c2678n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQLFJNnUsAYmXHRG58SQdmPSC6%2BdAZn3SPqAnECf71nNQ%40mail.gmail.com.

Re: [ansible-project] restart service, check if port is ready to accept and then move to next host

[Will McDonald]

I'd suggest reading up on rolling updates using serial:

https://docs.ansible.com/ansible/latest/playbook_guide/guide_rolling_upgrade.html#the-rolling-upgrade
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_strategies.html#setting-the-batch-size-with-serial

You can use wait_for or wait_for_connection to ensure service availability
before continuing:

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_module.html
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_connection_module.html





On Tue, 31 Oct 2023 at 14:08, Sameer Modak 
wrote:

> restart service, check if service is ready to accept connection because it
> takes time to come up. Once we sure its listening on port then only move to
> next host. unless dont move because we can only afford to have one service
> down at a time.
>
> is there any to short hand or ansible native way to handle this using
> ansible module.
>
>
> code:
>
> name: Restart zookeeper followers
>
>   throttle: 1
>
>   any_errors_fatal: true
>
>   shell: |
>
>  systemctl restart {{zookeeper_service_name}}
>
>  timeout 22 sh -c 'until nc localhost {{zookeeper_server_port}}; do
> sleep 1; done'
>
>   when: not zkmode.stdout_lines is search('leader')
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/67ca5f13-855d-4d40-a47a-c0fbe11ea3b5n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQPh5bcHs8XNMkxYCk6q8J5xLxV8fejjy%2BU-hZ5mGCfoQ%40mail.gmail.com.

Re: [ansible-project] VMware module to change CD rom from iso to client

[Will McDonald]

This is pretty much what wait_for and wait_for_connection are designed to
handle.

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_connection_module.html
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/wait_for_module.html

If you can key off a condition that indicates the provisioning has complete
(i.e. we can SSH in, or validate from an API, or check a log entry), then
you could continue through to switch the connected device.


On Mon, 23 Oct 2023 at 14:46, Kris Smith  wrote:

> So we have a workiing deploment for our VM's using AAP.  What I am trying
> to do is as the last step after everything is done, is change the cd from
> the bootable iso file we use to kickstart everything, back to client
> device. I cannot figure out how..
>
> What I have attempted to do (since I really don't know scripting) is edit
> one of the existing yml files which turns the VM on after all the infoblox
> and firewall objects are created..
>
> Is there even a way using Ansible to just wait 30 min after the VM is
> powered on for it to do the full deploy, then set the CD-ROM back to client
> device?
>
> ---
> - name: Create a new Virtual Machine in VMware
>   hosts: localhost
>   gather_facts: false
>   vars:
> vcenter_hostname: '{{ lookup("env","VMWARE_HOST") }}'
> vcenter_username: '{{ lookup("env","VMWARE_USER") }}'
> vcenter_password: '{{ lookup("env","VMWARE_PASSWORD") }}'
>   tasks:
> - name: "Look up the VM called {{ vm_name }} in the inventory"
>   vmware.vmware_rest.vcenter_vm_info:
> filter_names:
> - "{{ vm_name }}"
>   register: search_result
>
> - name: Collect information about a specific VM
>   vmware.vmware_rest.vcenter_vm_info:
> vm: '{{ search_result.value[0].vm }}'
>   register: test_vm1_info
>
> # - name: Pause for 30 for build to complete
> #   ansible.builtin.pause:
> # minutes: 30
>
> - name: Set CD-ROM to Client Device
>   community.vmware.vmware_guest:
> cdrom:
>   type: client
> name: '{{ test_vm1_info.id }}'
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4b377d13-1200-403c-a786-1748d47a56a1n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQUP_kuO9fvM3v7x7J8GqhcPqD6o%2B9VHRWOEgwNazuL-A%40mail.gmail.com.

Re: [ansible-project] Multipathd is not enabling

[Will McDonald]

I'd recommend looking at having your role or playbook drop in a sensible,
templated configuration personally.

Baking a static file into an ISO will almost certainly cause future pain
unless you only ever deploy one hardware and storage combination with
absolutely zero variation?


On Mon, 23 Oct 2023 at 14:46, Prady A  wrote:

> Thank you so much for your kind reply.
>
> For temporary fix I copied the  /etc/multipath.conf from other machine but
> eventually we need to update our ISO image to include this file.
>
> Regards
> PD
>
>
> On Wed, Oct 18, 2023 at 18:11, Will McDonald  wrote:
>
>> This seems like a pretty glaring error:
>>
>>
>>> ConditionPathExists=/etc/multipath.conf was not met
>>
>>
>> This is likely nothing to do with Ansible. You're installing a multipath
>> package, enabling a service, the service is failing to start automatically
>> because it doesn't have any valid config. You should see the same problem
>> if you perform the same steps manually. Figure out your manual process
>> first, then automate it.
>>
>> Either:
>>
>> 1. Include a templated /etc/multipath.conf config before
>> enabling/starting the systemd service
>> 2. Run something like mpathconf --enable to create a default config
>> 3. Override/replace the Condition in the systemd unit file (probably a
>> bad idea).
>>
>>
>>
>> On Wed, 18 Oct 2023 at 07:25, Prady A  wrote:
>>
>>> Thank you . Due to some old iso image the multipath is not able to
>>> enable . We have to update the iso image it seems
>>>
>>> Thank you
>>>
>>> On Wed, Oct 18, 2023 at 14:08, dulhaver via Ansible Project <
>>> ansible-project@googlegroups.com> wrote:
>>>
>>>> hi,
>>>>
>>>> the syntax of your TASK sems not to match the docs for the service
>>>> module
>>>> <https://docs.ansible.com/ansible/latest/collections/ansible/builtin/service_module.html#ansible-collections-ansible-builtin-service-module>.
>>>> Would something like ...
>>>>
>>>>
>>>>- name: Enable service httpd, and not touch the state
>>>>  ansible.builtin.service:
>>>>name: multipathd
>>>>state: started
>>>>enabled: true
>>>>
>>>> ... work?
>>>>
>>>> On 10/18/2023 5:33 AM CEST Prady A  wrote:
>>>>
>>>>
>>>> Hi All..
>>>>
>>>> I ve a very 2 very basic task of enabling multipath.
>>>> The 2 task is failing since the first one is not enabling. But in
>>>> ansible job it is showing as changed but when I checked multipath service
>>>> in system it is showing as Below:
>>>>
>>>> Active: inactive(dead)
>>>> Condition: start condition failed
>>>>|- ConditionPathExists=/etc/multipath.conf was not
>>>> met
>>>>
>>>> *Tasks*
>>>> ———-
>>>> - name: confirm multipathd is enabled
>>>> service: multipathd
>>>> state: started
>>>> enable: yes
>>>>
>>>> - name: check default polling interval
>>>>  shell: multipathd list config | awk ‘/defaults {/,/}’|grep -w
>>>> polling_interval
>>>>   register: polling_interval
>>>>   changed_when: false
>>>>
>>>> Please suggest why ansible not able to enable multipath service
>>>> correctly..
>>>>
>>>> Regards
>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/1998953809.39642.1697605729025%40office.mailbox.org
>>>> <https://groups.google.com/d/msgid/ansible-project/1998953809.39642.1697605729025%40office.mailbox.org?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com

Re: [ansible-project] ansible-vault format

[Will McDonald]

I was just reading
https://docs.ansible.com/ansible/latest/vault_guide/vault_using_encrypted_content.html#ansible-vault-payload-format-1-1-1-2
trying to figure out quite how that resulted in numerals only... :)

On Mon, 23 Oct 2023 at 15:22, Matt Martz  wrote:

> The encryption used is AES256, but what you are seeing in the vault output
> is not the direct result of the encryption. The result currently goes
> through binascii.hexlify 2 times, resulting in only having numbers.  We are
> looking at removing the 2nd pass in the future.
>
> On Mon, Oct 23, 2023 at 7:52 AM Dick Visser  wrote:
>
>> Hii,
>>
>> I've always wondered what the format of the ansible vault is, more
>> specifically why it consists of only numbers, as that seems like an
>> insufficient way to represent data.
>> It is as if the content has to go through some medium that can only
>> understand digits?
>>
>> Dick
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAF8BbLaDnu_xyYYdE8ZbRAjp_i2iY9PJnsA8Eji99HKfNHb12w%40mail.gmail.com
>> 
>> .
>>
>
>
> --
> Matt Martz
> @sivel
> sivel.net
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAD8N0v9W9LrAwGf7rXNg4Ckt%3DxcaWsqwjOKvYAQSDGQPAiB%2Bng%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohT0PVUtZp7HE5kRUB1uLgrpzXe5kJWOdYfehFiAfD9LSA%40mail.gmail.com.

Re: [ansible-project] gcp_compute_instance randomly chooses boot device from multiple devices

[Will McDonald]

Without seeing any sample code it's impossible to be sure.

However, this is *probably *something to do with persistent disk
enumeration/Udev behaviour.

For GCP see:
https://cloud.google.com/compute/docs/disks/set-persistent-device-name-in-linux-vm
But this isn't specific to Google Cloud, other public clouds and
virtualisation platforms demonstrate the same behavior.

If 'pass a list of disks to "disks" property' includes paths like /dev/sda,
/dev/sdb, for example, then it's entirely possible that /dev/sda and
/dev/sdb would switch round after a VM restart. Udev endeavours to provide
rules to prevent this but it isn't 100% reliable.



On Mon, 23 Oct 2023 at 14:46, Libo Yu  wrote:

> We are using ansible 2.9 on red hat 9. We try to create a GCP instance
> with more than one persistent disks. We pass a list of disks to "disks"
> property. The first one is the boot drive and its bool flag is set to true.
> But we observe that in many cases, the second one drive or other drive is
> used as boot drive. When the same ansible script is used on red hat 7, it
> never has this issue. Anybody has any idea about this issue?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/85f425fd-cc2d-4717-ac29-c864debdf31an%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQCd%2BAtDs43mf2wKX9j_SVv2722sgy1v5RUDS2UpBP80g%40mail.gmail.com.

Re: [ansible-project] Multipathd is not enabling

[Will McDonald]

This seems like a pretty glaring error:


> ConditionPathExists=/etc/multipath.conf was not met


This is likely nothing to do with Ansible. You're installing a multipath
package, enabling a service, the service is failing to start automatically
because it doesn't have any valid config. You should see the same problem
if you perform the same steps manually. Figure out your manual process
first, then automate it.

Either:

1. Include a templated /etc/multipath.conf config before enabling/starting
the systemd service
2. Run something like mpathconf --enable to create a default config
3. Override/replace the Condition in the systemd unit file (probably a bad
idea).



On Wed, 18 Oct 2023 at 07:25, Prady A  wrote:

> Thank you . Due to some old iso image the multipath is not able to enable
> . We have to update the iso image it seems
>
> Thank you
>
> On Wed, Oct 18, 2023 at 14:08, dulhaver via Ansible Project <
> ansible-project@googlegroups.com> wrote:
>
>> hi,
>>
>> the syntax of your TASK sems not to match the docs for the service module
>> .
>> Would something like ...
>>
>>
>>- name: Enable service httpd, and not touch the state
>>  ansible.builtin.service:
>>name: multipathd
>>state: started
>>enabled: true
>>
>> ... work?
>>
>> On 10/18/2023 5:33 AM CEST Prady A  wrote:
>>
>>
>> Hi All..
>>
>> I ve a very 2 very basic task of enabling multipath.
>> The 2 task is failing since the first one is not enabling. But in ansible
>> job it is showing as changed but when I checked multipath service in system
>> it is showing as Below:
>>
>> Active: inactive(dead)
>> Condition: start condition failed
>>|- ConditionPathExists=/etc/multipath.conf was not
>> met
>>
>> *Tasks*
>> ———-
>> - name: confirm multipathd is enabled
>> service: multipathd
>> state: started
>> enable: yes
>>
>> - name: check default polling interval
>>  shell: multipathd list config | awk ‘/defaults {/,/}’|grep -w
>> polling_interval
>>   register: polling_interval
>>   changed_when: false
>>
>> Please suggest why ansible not able to enable multipath service
>> correctly..
>>
>> Regards
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/1998953809.39642.1697605729025%40office.mailbox.org
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAEuB3Aq7dH0AB%3DMrPXBZ%3DtMbTT-uY4tfE6BMPpQEkiVMKUhXOg%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQsrvv0O5eXWFyVWU%2B84T6SFukHoOQ8Fr4UMj50gokiCw%40mail.gmail.com.

Re: [ansible-project] Need help

[Will McDonald]

It might help if you can describe what you're trying to achieve more
broadly.

Typically, if you're trying to do something complicated, and propagate
state from task to task with loads of ansible.builtin.shell, you are likely
to be approaching the task from the wrong angle.

What Dick's tried to explain is that the environment keyword

used in the way you've used it in your example, sets the environment *for
the task at the level it's running*. Not for future tasks, which seems to
be what you want/expect.

You presumably want to use disk_count.stdout in a subsequent task. So you
would set disk_count.stdout in the *environment clause for a subsequent
task*. (And you'd need to format it for use as an environment variable.
Read the docs.)

Ultimately though, if you're jumping through a bunch of hoops like this you
probably want to step back from shell and environment variables and think
about 1) what you're trying to achieve end-to-end and 2) how you might do
that using native modules rather than shell/command.?


On Sun, 15 Oct 2023 at 18:37, Y.G Kumar  wrote:

> So, you mean to say that we can't achieve this in ansible ?
>
> On Sunday, October 15, 2023 at 4:21:42 PM UTC+5:30 Dick Visser wrote:
>
>> On Sun, 15 Oct 2023 at 08:24, Y.G Kumar  wrote:
>>
>>> Hi All,
>>>
>>> Thanks for the responses. I am facing another issue with env variables.
>>>
>>> I want to register a variable to capture the output of a shell command
>>> as shown below. So far its fine..
>>> But I also want to save that command result in a remote environment
>>> variable and that is not working. My playbook is as follows:
>>>
>>> 
>>> hosts: localhost
>>>   tasks:
>>> - name: "subtask"
>>>   shell: lsblk --nodeps  | grep disk | wc -l
>>>   register: disk_count
>>>   environment: "{{ disk_count.stdout }}"
>>> --
>>>
>>> --
>>> fatal: [localhost]: FAILED! => {"msg": "The field 'environment' has an
>>> invalid value, which includes an undefined variable. The error was:
>>> 'disk_count' is undefined\n\nThe error appears to be in '/root/test.yaml'
>>>
>>
>> This is because the expression in the environment parameter is evaluated
>> before the task, and at that time it is not yet known.
>> In general, if you need the output of a command to actually run the
>> command, that seems like a circular dependency to me.
>> Ansible will not help you fix that.
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/795c8547-c6ca-44a5-beb0-59c50e483e42n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTT8%2BNU3FqsRULRYHLsbg0y5aE4sVO0BYLNu8UAN3C1fA%40mail.gmail.com.

Re: [ansible-project] Formatting the dict items with debug

[Will McDonald]

Is there any reason you can't just use result.stdout.access_token?

$ cat debug-token.yml
- name: debug vars
  hosts: localhost
  gather_facts: no

  vars:
result:
  stdout:
access_token: xx
expires_in: 4320
token_type: yy

  tasks:
- name: debug the result
  ansible.builtin.debug:
var: result

- name: extract the token
  ansible.builtin.debug:
msg: "{{ result.stdout.access_token }}"


$ ansible-playbook debug-token.yml

PLAY [debug vars]
**

TASK [debug the result]

ok: [localhost] => {
"result": {
"stdout": {
"access_token": "xx",
"expires_in": 4320,
"token_type": "yy"
}
}
}

TASK [extract the token]
***
ok: [localhost] => {
"msg": "xx"
}


On Sat, 14 Oct 2023 at 13:43, Veera  wrote:

> I need only the output or the value of the below(trying to set_fact the
> access_token)
> access_token": "xx"
>
>
>
>
> On Saturday, October 14, 2023 at 6:01:54 PM UTC+5:30 Dick Visser wrote:
>
>> What is your desired output then??
>>
>> Sent from Gmail Mobile
>>
>>
>> On Sat, 14 Oct 2023 at 10:01, Veera  wrote:
>>
>>> Hi,
>>>
>>> I have the below output  from my playbook using
>>> - debug:
>>> msg: "{{ result.stdout }}"
>>>
>>> TASK [debug]
>>> **
>>> ok: [localhost] => {
>>> "msg": {
>>> "access_token": "xx",
>>> "expires_in": 43200,
>>> "token_type": "xx"
>>> }
>>> }
>>>
>>>
>>>  and  when I tried to filter the access token alone  , with map   by
>>> "{{ result.stdout | map('extract', access_token) }}" ., it errors as
>>> below
>>>
>>> The task includes an option with an undefined variable. The error was:
>>> 'access_token' is  undefined\n\n
>>>
>>> and  when I tried to filter the access token alone  , with map   by
>>>  msg: "{{ result.stdout | map(attribute='access_token') }}" ., it
>>> errors as below
>>>
>>> What I am missing here  to get the desired output  here?
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/6a7a5ed1-6c6b-4660-8da9-1388898923fen%40googlegroups.com
>>> 
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f1f16814-e47b-4251-8bea-9e9660ead1fcn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohT3Py2bdQDZUow4o325SZnp0E4gZf1Aqnz2tv%3D3jD%2BL-w%40mail.gmail.com.

Re: [ansible-project] Using multiple variables with Assert

[Will McDonald]

I think you want "in" rather than "==" to verify if your OS release is in
the corresponding list.

On Tue, 10 Oct 2023, 17:51 Veera,  wrote:

> Hi,
>
> I am trying with the first task of the playbook with assert module to
> validate the supported versions. If Assert is success, then only the next
> tasks will be executed .
>
> - name: Playbook to test the conditional
>   hosts: localhost
>   vars:
>  rhel_ver:
>- 9
>- 8
>- 7
> centos_ver:
> - 8
> - 7
>   tasks:
>   - name: Check the OS version and proceed based on the OS
> ansible.builtin.assert:
> that:
> - ansible_distribution == "CentOS" and
> ansible_distribution_major_version == "{{ centos_ver }}"
> - ansible_distribution == "RedHat" and
> ansible_distribution_major_version == "{{ rhel_ver }}"
>fail_msg: "Unsupported OS version. Exiting . "
>success_msg: "Supported OS version and proceeding to next task"
>
>- debug:
>  msg: "Completed"
>
> The Asset have to be Success with multiple conditions .. If either the
> distribution is RedHat or CentOS(not both conditions need to be true)  and
> the major version is atleast one of the value from the variables(of its OS
> distro).
>
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c2457c47-2460-47d4-86d0-4e872f7c5dd9n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQJ%2BfnUXVr8B7Ou9qjSAPa9w4ULbTCkixXauYXaAbh0HQ%40mail.gmail.com.

Re: [ansible-project] Question of howto use external variables in the nmap plugin

[Will McDonald]

Could you use the environment variable ANSIBLE_NMAP_ADDRESS as documented
below as an alternative?

https://docs.ansible.com/ansible/latest/collections/community/general/nmap_inventory.html#parameter-address
https://docs.ansible.com/ansible/latest/collections/environment_variables.html#envvar-ANSIBLE_NMAP_ADDRESS


On Thu, 28 Sept 2023 at 16:56, J M  wrote:

> Hi,
>
> I have a question of howto use external variables in the nmap plugin.
>
> I have a simple yml:
> plugin: nmap
> address: 192.168.10.0/24
> ...
>
> But I need to pass the network range as a external variable, as example:
> plugin: nmap
> address: '{{ mynetrange }}'
> # I tested this argument also:
> use_extra_vars: true
> ...
>
> And launch as:
> ansible-inventory -i nmap.yml --list -e "mynetrange=192.168.10.0/24"
>
> but I can't get it to work, someone could help me?
>
>
> Regards
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/5b1c9c10-08cb-4cc3-a8eb-747cedbac6d1n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohREUxLB4BEnNeBQHs_q7%3Dm2eYbRdgtLU4e%2BuzYc6X3Mrw%40mail.gmail.com.

Re: [ansible-project] Specific question or doubt about identification of hardware machines

[Will McDonald]

Check to see if there's anything you can key off in the facts gathered with
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/setup_module.html
?

For example (and this isn't complete):

"ansible_architecture": "x86_64",
"ansible_bios_date": "NA",
"ansible_bios_vendor": "NA",
"ansible_bios_version": "NA",
"ansible_board_asset_tag": "NA",
"ansible_board_name": "NA",
"ansible_board_serial": "NA",
"ansible_board_vendor": "NA",
"ansible_board_version": "NA",
"ansible_chassis_asset_tag": "NA",
"ansible_chassis_serial": "NA",
"ansible_chassis_vendor": "NA",
"ansible_chassis_version": "NA",

If that doesn't expose something you can use, then look to see if dmidecode
might?


On Wed, 13 Sept 2023 at 15:33, J M  wrote:

> Hi,
>
> I have a doubt about how can Ansible the indentification of hardware
> machines.
>
> The specific question is how you can uniquely identify whether you are on
> an Nvidia Jetson device type host or not.
>
> Specifically, I need to program something like:
> if I'm on a Nvidia Jetson device then...
>
> Regards,
> Cesar Jorge
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/d93dc1bf-c56d-4ceb-8251-bb7d038ede72n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQ%2BCOnqkm5LQpnBRWCr%3DiuqD2Gbi6a5FLG_2gzFK5W6gw%40mail.gmail.com.

Re: [ansible-project] Running a script from cron -> nothing; running same script from command line => SUCCESS ???

[Will McDonald]

OK, that's some useful extra info. I've just had a very quick basic play (I
haven't touched cron in earnest for a long time).

Have you tried echo-ing $z4 and appended to a tmp file to see if there's
anything in it at run time?

I've tried a few variations in a standard user's crontab:

root@DESKTOP-9HGJE25:~# crontab -u wmcdonald -l | grep -v ^#
* * * * * ansible -m setup localhost
* * * * * ~/ansible-test

root@DESKTOP-9HGJE25:~# cat /home/wmcdonald/ansible-test
#!/bin/sh

ansible -m setup localhost

BASIC_VAR=`ansible -m setup localhost`
echo $BASIC_VAR

VERBOSE_VAR=`ansible -vvv -m ping localhost`
echo $VERBOSE_VAR

FILE_OUTPUT=`ansible -m ping localhost`
echo $FILE_OUTPUT >> /tmp/ansible.out

The output from the last set of steps shows:

root@DESKTOP-9HGJE25:~# cat /tmp/ansible.out
localhost | SUCCESS => { "changed": false, "ping": "pong" }
localhost | SUCCESS => { "changed": false, "ping": "pong" }

I did notice from syslog that without an MTA, cron (on Ubuntu, at least) is
throwing away output:

/var/log/syslog:Aug 31 20:09:02 DESKTOP-9HGJE25 CRON[2361]: (CRON) info (No
MTA installed, discarding output)




On Thu, 31 Aug 2023 at 18:57, mu...@parsetree.com 
wrote:

> See below.
>
> On Thursday, August 31, 2023 at 8:59:57 AM UTC-6 Will McDonald wrote:
>
> This isn't really an Ansible problem per se unless it's *only* ansible in
> a subshell that doesn't run from cron? Have you tested basic cron
> functionality using something simple like this (or something even more
> basic):
>
> #!/bin/sh
> z4=`date +%Y%m%d%H%M`
> touch /tmp/${z4}
>
> And then check to see if that file is created every 30 minutes *does*
> work?
>
>
> Yes, it does. I know the script is running, because it is much elaborate
> than this, creating files, logging, etc.
> It's run is annotated in /var/log/cron. If there was an obvious error,
> like no execute permission, I'd see something in a CMDOUT () message.
> No errors.
> I look at the /var/log/ansible.log, and I see the output I'd like to have,
> in the ansible.log. They are just not being returned
> to the script. It's as if it's a "term" sort of problem. So, in the
> ansible.log, I see something like:
>
> 2023-08-29 17:38:18,067 p=84629 u=root n=ansible | mainmachine | CHANGED |
> rc=0 >>
>  10.10.11.0##255.255.255.0
>  101.133.145.94##255.255.255.255
> .
> .
> .
> and mayhaps a hundred or so more entries.
>
>
>
> First questions that spring to mind are:
>
> - is there anything in the cron log, syslog or journal for the crond
> service?
>
> yes. /var/log/cron records it run.  ansible.log shows that ansible is
> called and generates the desired data. It's not being echoed to the stdout
> of the ansible process, it appears.
>
> - is anything else running successfully out of /etc/cron.d / cron.daily
> etc?
>
> Yep. All else seems well with the cron.d stuff.
>
>
> - is crond enabled in whatever init system you're using? (You haven't
> stated which distro?)
>
> I'm running this cron on a AlmaLinux release 8.8 (Sapphire Caracal) OS.
>
>
>
>
>
> On Thu, 31 Aug 2023 at 15:24, Steve Murphy  wrote:
>
> As the subject line says, I can't get this script to run correctly from
> cron.
>
>   My cron entry (in a file in /etc/cron.d):
>
> ==
>
> # Run the 30-minly job
>
> SHELL=/bin/bash
>
> PATH=/sbin:/bin/:/usr/sbin:/usr/bin:/root
>
> MAILTO=ROOT
>
> */30 * * * * root /root/getlist
>
> ==
>
>
> /root/getlist   perms a+r, a+x, u+w:
>
> =
>
> #!/bin/bash
>
> z4=`ansible mainmachine -m shell -a "psql -t -Upiquah -c
> \"subnet.ipaddress || '##' || subnet.netmask from subnet  order by
> subnet.ipaddress asc;\"" 2>&1  | grep '^ [0-9]'`
>
> echo $z4
>
> =
>
> from which, if you run this "by hand", you'll get some output that looks
> like this:
>
> 19.20.21.22##255.255.255.255 23.24.25.26##255.255.255.255
> 130.140.150.160##255.255.255.254
>
> ... and so forth.
>
> BUT, if executed from cron, $z4 will be empty.
>
>
> What do I need to do to in the cron.d file to make this work well?
>
>
>
> --
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To

Re: [ansible-project] Running a script from cron -> nothing; running same script from command line => SUCCESS ???

[Will McDonald]

This isn't really an Ansible problem per se unless it's *only* ansible in a
subshell that doesn't run from cron? Have you tested basic cron
functionality using something simple like this (or something even more
basic):

#!/bin/sh
z4=`date +%Y%m%d%H%M`
touch /tmp/${z4}

And then check to see if that file is created every 30 minutes *does* work?

First questions that spring to mind are:

- is there anything in the cron log, syslog or journal for the crond
service?
- is anything else running successfully out of /etc/cron.d / cron.daily
etc?
- is crond enabled in whatever init system you're using? (You haven't
stated which distro?)



On Thu, 31 Aug 2023 at 15:24, Steve Murphy  wrote:

> As the subject line says, I can't get this script to run correctly from
> cron.
>
>   My cron entry (in a file in /etc/cron.d):
>
> ==
>
> # Run the 30-minly job
>
> SHELL=/bin/bash
>
> PATH=/sbin:/bin/:/usr/sbin:/usr/bin:/root
>
> MAILTO=ROOT
>
> */30 * * * * root /root/getlist
>
> ==
>
>
> /root/getlist   perms a+r, a+x, u+w:
>
> =
>
> #!/bin/bash
>
> z4=`ansible mainmachine -m shell -a "psql -t -Upiquah -c
> \"subnet.ipaddress || '##' || subnet.netmask from subnet  order by
> subnet.ipaddress asc;\"" 2>&1  | grep '^ [0-9]'`
>
> echo $z4
>
> =
>
> from which, if you run this "by hand", you'll get some output that looks
> like this:
>
> 19.20.21.22##255.255.255.255 23.24.25.26##255.255.255.255
> 130.140.150.160##255.255.255.254
>
> ... and so forth.
>
> BUT, if executed from cron, $z4 will be empty.
>
>
> What do I need to do to in the cron.d file to make this work well?
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b11a6bc2-2938-2bdd-db40-b91ec77e7299%40parsetree.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQLWPQ-c1KsdNuxmHYz0pPMpap8A0CQcm3%3DQeSts_mEbA%40mail.gmail.com.

Re: [ansible-project] Need to validate the Service Now Change Request through Ansible tower while deploying any production deployment through Ansible

[Will McDonald]

You could start by watching
https://www.youtube.com/watch?v=ngzP3HCSDnM&t=31s

And then review some of the ServiceNow examples here:
https://github.com/shadowman-lab/Ansible-SNOW

Beyond that, as Walter says you should probably try to do some legwork,
through to a point where you need specific help, then request it providing
as much details as possible about what you've done, the problems you're
seeing, and include as much relevant code as possible.



On Mon, 28 Aug 2023 at 14:34, srinu talari  wrote:

> Hi,
>
> I need a help to validate the SNOW change request with Ansible which are
> deploying through Ansible template.
>
>
>
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/d5002b68-66c0-4db9-9f19-34d2b8261e34n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohS%2BDxto71rmYhM0hJefs6D%3DVakKWqDUQ98x5xopt1WOMA%40mail.gmail.com.

Re: [ansible-project] Question on the multiple loop structure in my playbook

[Will McDonald]

You haven't described the actual overarching thing you're trying to do with
this, sometimes describing the larger task can be useful in terms of
providing better guidance.

But reading between the lines, is there any reason you can't place your
intended delegation hosts into an inventory group and address them
directly? For example if they're getting special treatment as intended
jumphosts or similar. Group them accordingly and run the bits of automation
that's unique to that intended system role against those group members.

I'd also tend to prefer a Jinja template over lineinfile for config if
possible especially if you need to accommodate different conditional
scenarios. It's potentially a little more effort to start, but will save
you pain in the long run.

That said, I think you can probably achieve what you're trying to do with a
product filter? (There's probably easier ways to get the outcome you want
too.)

https://www.packetswitch.co.uk/how-to-use-ansible-loops-with-examples/
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_loops.html#iterating-over-nested-lists

Here's a simplified example, you'd need to modify slightly to pull out the
specific elements:

- name: debug vars
  hosts: localhost
  gather_facts: no

  vars:
delegates:
  - host1
  - host2
regexes:
  - regex: AllowTcpForwarding
line: AllowTcpForwarding yes
  - regex: AllowAgentForwarding
line: AllowAgentForwarding yes

  tasks:
- name: Do some stuff
  debug:
msg: "Doing {{ item.1 }} on {{ item.0 }}"
  delegate_to: "{{ item.0 }}"
  loop: "{{ delegates | product(regexes) | list }}"

Which would do:

(ansible)$ ansible-playbook test/debug.yml

PLAY [debug vars]
**

TASK [Do some stuff]
***
ok: [localhost -> host1] => (item=['host1', {'regex': 'AllowTcpForwarding',
'line': 'AllowTcpForwarding yes'}]) => {
"msg": "Doing {'regex': 'AllowTcpForwarding', 'line':
'AllowTcpForwarding yes'} on host1"
}
ok: [localhost -> host1] => (item=['host1', {'regex':
'AllowAgentForwarding', 'line': 'AllowAgentForwarding yes'}]) => {
"msg": "Doing {'regex': 'AllowAgentForwarding', 'line':
'AllowAgentForwarding yes'} on host1"
}
ok: [localhost -> host2] => (item=['host2', {'regex': 'AllowTcpForwarding',
'line': 'AllowTcpForwarding yes'}]) => {
"msg": "Doing {'regex': 'AllowTcpForwarding', 'line':
'AllowTcpForwarding yes'} on host2"
}
ok: [localhost -> host2] => (item=['host2', {'regex':
'AllowAgentForwarding', 'line': 'AllowAgentForwarding yes'}]) => {
"msg": "Doing {'regex': 'AllowAgentForwarding', 'line':
'AllowAgentForwarding yes'} on host2"
}

PLAY RECAP
*
localhost  : ok=1changed=0unreachable=0failed=0
   skipped=0rescued=0ignored=0


On Thu, 24 Aug 2023 at 11:52, Deepak B K  wrote:

> Hi All ,
>
> I trying to modify the sshd_config  parameter using the lineinfile
> ansible module . I would like to delegate this to multiple host . As we
> have used the loop twice its unable to resolve the loop structure.
>
> vars:
> ssh_delegate_hosts:
>   - "192.50.26.248"
>   - "192.50.27.248"
>
> - name: Change configuration in sshd_config
>   ansible.builtin.lineinfile:
> path: /etc/ssh/sshd_config
> regexp: "{{ item.regexp }}"
> line: "{{ item.line }}"
>   loop:
> - { regexp: '^AllowTcpForwarding', line: 'AllowTcpForwarding yes' }
> - { regexp: '^AllowAgentForwarding', line: 'AllowAgentForwarding yes' }
>   loop: "{{ ssh_delegate_hosts }}"
>   delegate_to: "{{ item }}"
>
> Need your valuable  feedback  of how  to loop both  the lines and loop the
> hosts .
>
> Thanks and Regards,
> Deepak Kumar
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/5cd5230e-f36e-4990-b0ae-2820be5e2d0dn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohR7T%3DvYOwPptmUgjKdUHMuSqZe04XbHA0A-z6PhrJuZug%40mail.gmail.com.

Re: [ansible-project] Vmware VM is created with a default template sometime the drive letter parameter gets drifted.

[Will McDonald]

This isn't necessarily an Ansible problem, but more likely to just be
consistent device enumeration.

Some starter reading that might help
:
- https://kb.vmware.com/s/article/2048497
- https://kb.vmware.com/s/article/2091560
-
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/storage_administration_guide/persistent_naming
- https://wiki.debian.org/Persistent_disk_names
- https://wiki.debian.org/udev



On Wed, 23 Aug 2023 at 11:41, Deepak B K  wrote:

> Hi Team,
>
> I have a strange issue while add disk to my vm image and I using the
> community vmware_guest_disk . when vm is created with a default template
> sometime the drive letter parameter is drifted.
> example /dev/sdb is created instead /dev/sda.
>
> Please find my code below.
>
>  name: "Add disk for VM: {{ vm_name }}"
>   community.vmware.vmware_guest_disk:
> hostname: "{{ vmware.hostname }}"
> username: "{{ vmware.username }}"
> password: "{{ vmware.password }}"
> validate_certs: "{{ vmware.validate_certs }}"
> datacenter: "{{ vmware_env.datacenter }}"
> moid: '{{ vm_info.id }}'
> disk:
>   - size_kb: "{{ (vm_disk.disk_capacity / 1024)|int }}"
> type: "{{ vmware.storage_provisioning | default('thick') }}"
> datastore: "{{ vmware_env.datastore }}"
> state: present
> controller_type: "{{ vm_disk.disk_type | lower }}"
> controller_number: 0
> unit_number: 1
>   delegate_to: "{{ delegation_host }}"
>
> I appreciate your suggestion on this issue.
>
>
> Thanks
> Deepak Kumar
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/d778487a-3c0a-4b7d-99a4-5bfc65ec7f9en%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSGok7fmB4xowo5guNE%2BwF2yti3khqLANEomUFFe8nLWA%40mail.gmail.com.

Re: [ansible-project] what determines which version of ansible is invoked when running ansible

[Will McDonald]

I don't have a Mac handy but your default shell is probably zsh. Outside of
Vscode, zsh will setup the PATH based on the following startup files:
https://zsh.sourceforge.io/Intro/intro_3.html

Check which of those files exist in /Users/xx/ and contains logic to
set your PATH. If you add something like:

export PATH=/Users/x/Library/Python/3.11/bin:$PATH

... toward the end of one of the right one of those init files (almost
certainly one of $ZDOTDIR/.zshenv, $ZDOTDIR/.zprofile, $ZDOTDIR/.zshrc)
that'll prepend /Users/x/Library/Python/3.11/bin to the front of your
PATH. VScode will probably then pick that up if you close and restart the
integrated terminal.

You may need to figure out the order of execution in order to get your PATH
set correctly. No guarantees this won't break other Python-related things
and as stated previously, you should really be using the system Python in
an unadulterated state, then using Python venvs to localise stuff and then
you just activate the venv you need, when you need it.

Personally I would recommend getting this working in an isolated
environment (a VM or Mac ec2 instance, whatever else you can rustle up)
first. Understand the moving parts, then configure your environment for
your needs cleanly.



On Tue, 15 Aug 2023 at 18:57, dmastrop  wrote:

> Thanks Will
>
>
> I found the binary for the pip installed latest version of ansible.
> It seems to finally work fine
>
>
>
> It is located here:
>
> */Users/x/Library/Python/3.11/bin*
>
>
>
> % ./ansible --version
> ansible [core 2.15.2]
>   config file = None
>   configured module search path =
> ['/Users/xx/.ansible/plugins/modules',
> '/usr/share/ansible/plugins/modules']
>   ansible python module location =
> /Users/xx/Library/Python/3.11/lib/python/site-packages/ansible
>   ansible collection location =
> /Users/xx/.ansible/collections:/usr/share/ansible/collections
>   executable location = ./ansible
>   python version = 3.11.4 (v3.11.4:d2340ef257, Jun  6 2023, 19:15:51)
> [Clang 13.0.0 (clang-1300.0.29.30)]
> (/Library/Frameworks/Python.framework/Versions/3.11/bin/python3)
>   jinja version = 3.1.2
>   libyaml = True
>
>
>
>
> My PATH is missing this directory
>
>
> *For VSCode terminal how can I add this to the beginning of my PATH. I can
> leave the older version on ansible in the PATH if I prepend
> this /Users/x/Library/Python/3.11/bin path to the beginning so that I
> don't need to make a lot of modifications.*
>
>
> I ask because I don't understand the docs explaining how to add to the
> PATH in VSCode. (they modify the JSON config file)
>
> As you can see I have a lot of repetition in the PATH as well. I don't
> know how that happened.
>
>
>
> Here is my current PATH
>
>
>
> /Users/x/google-cloud-sdk/bin:/Library/Frameworks/Python.framework/Versions/3.11/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Library/Frameworks/Python.framework/Versions/3.7/bin/:/Users/x/google-cloud-sdk/bin:/Library/Frameworks/Python.framework/Versions/3.11/bin:/usr/local/sbin
>
>
> warm regards
>
> Dave
>
> On Wednesday, August 9, 2023 at 4:01:03 PM UTC-7 Will McDonald wrote:
>
>> It'll be whichever installed ansible is first in your PATH and is
>> executable.
>>
>> Here's a simple example:
>>
>> $ echo $PATH
>> /usr/local/bin:/usr/bin
>>
>> $ ll /usr/local/bin/wtf /usr/bin/wtf
>> -rwxr-xr-x 1 root root 35 Aug  9 23:48 /usr/bin/wtf*
>> -rwxr-xr-x 1 root root 41 Aug  9 23:48 /usr/local/bin/wtf*
>>
>> $ cat /usr/local/bin/wtf /usr/bin/wtf
>> #!/bin/sh
>> echo We are in: /usr/local/bin
>> $ cat /usr/bin/wtf
>> #!/bin/sh
>> echo We are in: /usr/bin
>>
>> $ wtf
>> We are in: /usr/local/bin
>>
>> Swap the order in the PATH:
>>
>> $ export PATH=/usr/bin:/usr/local/bin
>> $ wtf
>> We are in: /usr/bin
>>
>> Make the closest script non-executable:
>>
>> $ sudo chmod -x /usr/bin/wtf
>> $ wtf
>> We are in: /usr/local/bin
>>
>> If you're pip-installing things ideally you want to do that in a Python
>> virtual environment (venv) so you don't trample over system Python modules.
>> Bonus of using venv is then when you toggle that venv 'on' the version
>> executed is largely taken care of for you.
>>
>> See https://www.redhat.com/sysadmin/python-venv-ansible,
>> https://www.cbtnuggets.com/blog/technology/devops/how-to-install-ansible-in-a-python-virtual-environment
>> or many of the other how-tos for references.
>>
>>
>> On Wed, 9 Aug 2023 at 

Re: [ansible-project] Formatting Issue with YAML Code in Visual Studio Text Editor

[Will McDonald]

I presume this is a 'Vscode being weird with ALL YAML' rather than Vscode
being weird specifically with Ansible YAML. You might want to check
something like a Vscode Stackoverflow and/or playing with your Vscode
plugins and config? If you take a completely clean portable mode vscode,
does is display the same problem? If not, it's your config, plugs or some
lingering settings _somewhere_.

I can take some dummy YAML and paste into a completely vanilla Vscode
install and it doesn't mess with the indentation at all:

---
- hosts: all
  become: yes

  tasks:
  - name: do some things
dnf:
  name: packagename
  state: present

Can you run Vscode with all its plugins disabled and a completely default
config just in case you have plugins and config trampling on one another's
behaviours? (See:
https://code.visualstudio.com/docs/editor/extension-marketplace#_disable-an-extension
)

https://stackoverflow.com/questions/61978428/yaml-file-formatting-in-vscode
and/or
https://stackoverflow.com/questions/41790069/settings-to-copy-paste-with-correct-indentation-in-visual-studio-code
might be worth a read.


On Sat, 12 Aug 2023 at 15:45, Leon Khan  wrote:

> Greetings everyone,
>
> I hope you're doing well. I'm encountering an issue with formatting YAML
> source code in the Visual Studio text editor, and I'm seeking some
> assistance from the community.
>
> I have installed the YAML extension in Visual Studio, and while it's
> expected to automatically correct the formatting of YAML code upon pasting,
> I'm finding that this feature isn't working as intended. Despite having the
> YAML extension installed, the automatic formatting does not kick in when I
> paste YAML source code into the text editor.
>
> I've followed the recommended steps which include selecting the entire
> YAML file, right-clicking, and then choosing the "Format Document" option
> provided by the YAML extension. However, even after performing this action,
> the code formatting remains unchanged.
>
> I'm eager to streamline my workflow and ensure consistent formatting
> within my YAML files, so this issue is causing a bit of a hurdle for me. I
> would greatly appreciate any insights, suggestions, or solutions that the
> community might be able to provide regarding this matter. Perhaps there's a
> configuration step or an additional setting that I'm missing?
>
> Here is the screenshot of the YAML file in my VS code editor :
> [image: Screenshot from 2023-08-12 11-43-58.png]
>
>
>
> --
> Leon
> Fedora Open Source Volunteer
> IRC Handle : leonkhan
> "Contributing to open source, one line of code at a time."
> infrastructure mailing list -- infrastruct...@lists.fedoraproject.org
> To unsubscribe send an email to
> infrastructure-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/infrastruct...@lists.fedoraproject.org
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAFUWKdXPdY7dCxm7EiRrLKySwgOi7S19grzFajD60aAJw3w8gQ%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohS9Y4xNk157gAtUOTujWFmmE%2BrCbrmwcfWxxLJwO9oXuw%40mail.gmail.com.

Re: [ansible-project] what determines which version of ansible is invoked when running ansible

[Will McDonald]

It'll be whichever installed ansible is first in your PATH and is
executable.

Here's a simple example:

$ echo $PATH
/usr/local/bin:/usr/bin

$ ll /usr/local/bin/wtf /usr/bin/wtf
-rwxr-xr-x 1 root root 35 Aug  9 23:48 /usr/bin/wtf*
-rwxr-xr-x 1 root root 41 Aug  9 23:48 /usr/local/bin/wtf*

$ cat /usr/local/bin/wtf /usr/bin/wtf
#!/bin/sh
echo We are in: /usr/local/bin
$ cat /usr/bin/wtf
#!/bin/sh
echo We are in: /usr/bin

$ wtf
We are in: /usr/local/bin

Swap the order in the PATH:

$ export PATH=/usr/bin:/usr/local/bin
$ wtf
We are in: /usr/bin

Make the closest script non-executable:

$ sudo chmod -x /usr/bin/wtf
$ wtf
We are in: /usr/local/bin

If you're pip-installing things ideally you want to do that in a Python
virtual environment (venv) so you don't trample over system Python modules.
Bonus of using venv is then when you toggle that venv 'on' the version
executed is largely taken care of for you.

See https://www.redhat.com/sysadmin/python-venv-ansible,
https://www.cbtnuggets.com/blog/technology/devops/how-to-install-ansible-in-a-python-virtual-environment
or many of the other how-tos for references.


On Wed, 9 Aug 2023 at 23:16, dmastrop  wrote:

> hi
>
> I have 2 versions of ansible installed on my Mac.(it was not intentional)
>
> One version was not installed through pip and the other version was
> installed through pip.
>
> I had to manually fix some permissions issues and now that those are
> addressed my terminal (VSCode) invokes the older version rather than the
> newer version.
>
> *What determines which version is run when there are multiple versions on
> a computer?*
> (from what I have read, pip does not install an ansible.cfg file and I
> don't know if that is where the setting is)
>
>
> I thought it might be the $PATH in the terminal but the path includes both
> versions.
>
>
> this is the version ansible 3.7.9(core 2.11.12). This was not installed
> through pip
>
>
>  % ansible --version
>
> [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the
> controller starting with Ansible 2.12. Current
>
> *version: 3.7.9 *(v3.7.9:13c94747c7, Aug 15 2020, 01:31:08) [Clang 6.0
> (clang-600.0.57)]. This feature will be removed
>
> from ansible-core in version 2.12. Deprecation warnings can be disabled by
> setting deprecation_warnings=False in
>
> ansible.cfg.
>
> *ansible [core 2.11.12] *
>
>   config file = None
>
>   configured module search path =
> ['/Users/davemastropolo/.ansible/plugins/modules',
> '/usr/share/ansible/plugins/modules']
>
>   ansible python module location =
> /Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/ansible
>
>   ansible collection location =
> /Users/davemastropolo/.ansible/collections:/usr/share/ansible/collections
>
>   executable location =
> /Library/Frameworks/Python.framework/Versions/3.7/bin//ansible
>
>   python version = 3.7.9 (v3.7.9:13c94747c7, Aug 15 2020, 01:31:08) [Clang
> 6.0 (clang-600.0.57)]
>
>   jinja version = 3.1.2
>
>   libyaml = True
>
>
>
>
> this (below) is the newer version installed through pip:
>
> this *was* invoked through the terminal prior to fixing the permission
> issue on one of the directories (it was invoked but failing  due to the
> permission issue)
>
>
> Once the permission issue was addressed, ansible now invokes the older
> version (above)
>
>
>
>  % python3 -m pip list
> Package  Version
>  
>
> *ansible  8.2.0ansible-core 2.15.2*
> certifi  2023.5.7
> cffi 1.15.1
> cryptography 41.0.3
> Jinja2   3.1.2
> MarkupSafe   2.1.3
> packaging23.1
> pip  23.1.2
> pycparser2.21
> PyYAML   6.0.1
> resolvelib   1.0.1
> setuptools   65.5.0
>
>
>
> warm regards
>
> Dave
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/158f2e5f-0a55-4a18-98e5-cbadde94a98fn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQnznVbABiLsq4Qsco%2BfyRUEyb9Cvf_X7qahy7iOEoB_Q%40mail.gmail.com.

Re: [ansible-project] yum/dnf/package modules hanging on whole system update

[Will McDonald]

Looking at your verbose output, it looks like your ansible runs are
tunneled through a bastion/jumphost/proxy?

When you run your "yum update" directly on a host, are you doing:

[user@*control-node* ~]$ ssh user@target
[user@*target-node* ~] sudo yum -y update

Or are you doing:

[user@*control-node* ~]$ ssh user@*target-node* sudo yum -y update

I'm just wondering if there's something unusual in the bastion connection
handling, or the shell environment of a full interactive shell with a TTY
vs. an ansible run?

Similarly, you have your -vvv output of a *failing *run. If you do -vvv for
a *working *run, does that cast any light, indicate any differences in
behaviour in connection, privilege escalation or command invocation?

Do you have any proxies defined that may be being picked up from the
environment in an interactive session which aren't in an ansible run?


On Wed, 9 Aug 2023 at 23:15, Nicolas Goudry  wrote:

> Thanks for stepping in to help.
>
> I did run sudo yum update -y directly in one of my hosts, and everything
> went well.
>
> Also, I created the following playbook and surprisingly it works:
>
> - hosts: all
> gather_facts: no
> tasks:
> - name: YUM | Get available package updates
> yum:
> list: updates
> register: yum_available_package_updates
> - name: YUM | Update packages
> yum:
> name: "{{ yum_available_package_updates.results | map(attribute='name') |
> list }}"
> state: 'latest'
> register: yum_upgrade
> - name: YUM | Reboot after packages updates
> when:
> - yum_upgrade.changed
> reboot:
>
> However, if I use it as an ansible role, like so:
>
> ---
> - name: YUM | Get available package updates
> yum:
> list: updates
> register: yum_available_package_updates
> - name: YUM | Update packages
> yum:
> name: "{{ yum_available_package_updates.results | map(attribute='name') |
> list }}"
> state: 'latest'
> register: yum_upgrade
> - name: YUM | Reboot after packages updates
> when:
> - yum_upgrade.changed or system_upgrade_reboot == 'always'
> - system_upgrade_reboot != 'never'
> reboot:
>
> It doesn’t work (well, the system does get updated but the yum module
> hangs and the role ends up in error).
>
> For sake of completeness, this started as an issue with a new role added
> to Kubespray .
> There are other details in the latest pull request comments that could help
> to get the full picture. But in the end, even with a “raw” ansible command,
> the issue persist, so I don’t think this is specifically related to
> Kubespray.
>
> Le mercredi 9 août 2023 à 22:23:36 UTC+2, Evan Hisey a écrit :
>
> Check the host and see what happens on a full manual update. I have had
> issues with ansible when the yum command was hanging on a host do to a
> local issue with updating. Single packages were fine, but a full host
> update failed. I had to resolve the full update issue on the host.
>
> On Wed, Aug 9, 2023 at 3:14 PM Nicolas Goudry  wrote:
>
> I’m trying to perform a full system update with the `yum` module but
> ansible just hangs for a little bit more than an hour before failing.
>
> Here is the command I’m using:
>
> ansible all -u node-user -b --become-user=root -i exec/inventory -m yum -a
> 'name=* state=latest' - --limit=worker1
>
> Here is the output (redacted):
>
> ansible [core 2.12.5]
>   config file = /home/nicolas/test-upgrade-os/ansible.cfg
>   configured module search path =
> ['/home/nicolas/.ansible/plugins/modules',
> '/usr/share/ansible/plugins/modules']
>   ansible python module location =
> /home/nicolas/test-upgrade-os/config/venv/lib64/python3.8/site-packages/ansible
>   ansible collection location =
> /home/nicolas/.ansible/collections:/usr/share/ansible/collections
>   executable location = ./config/venv/bin/ansible
>   python version = 3.8.16 (default, Jun 25 2023, 05:53:51) [GCC 8.5.0
> 20210514 (Red Hat 8.5.0-18)]
>   jinja version = 3.1.2
>   libyaml = True
> Using /home/nicolas/test-upgrade-os/ansible.cfg as config file
> setting up inventory plugins
> host_list declined parsing /home/nicolas/test-upgrade-os/exec/inventory as
> it did not pass its verify_file() method
> script declined parsing /home/nicolas/test-upgrade-os/exec/inventory as it
> did not pass its verify_file() method
> auto declined parsing /home/nicolas/test-upgrade-os/exec/inventory as it
> did not pass its verify_file() method
> Parsed /home/nicolas/test-upgrade-os/exec/inventory inventory source with
> ini plugin
> Loading callback plugin minimal of type stdout, v2.0 from
> /home/nicolas/test-upgrade-os/config/venv/lib64/python3.8/site-packages/ansible/plugins/callback/minimal.py
> Skipping callback 'default', as we already have a stdout callback.
> Skipping callback 'minimal', as we already have a stdout callback.
> Skipping callback 'oneline', as we already have a stdout callback.
> META: ran handlers
> <10.10.0.101> ESTABLISH SSH CONNECTION FOR USER: node-user
> <10.10.0.101> SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o
> ControlPersi

Re: [ansible-project] set facts from items in a loop

[Will McDonald]

I don't 100% understand your ultimate aim here. It might be easier to
understand if you break it down into smaller steps and include some sample
inputs and desired output?

A sanitised version of what's in my_instance, item_list , and what you
would like out at the end might help?

IF I understand what you're trying to do, using your loop item as the key
for your set_fact. For me, with appropriate quoting this seems to work...

$ cat wtf.yml
- hosts: localhost
  become: no
  gather_facts: no

  vars:
varlist:
  - value1
  - value2
  - valueC

  tasks:
- name: Use item as the fact key for set_fact in a loop
  set_fact:
"{{ item }}": value
  loop: "{{ varlist }}"

- name: Check the values assigned to the facts
  debug:
var: "{{ item }}"
  loop: "{{ varlist }}"

$ ansible-playbook wtf.yml
PLAY [localhost]
*
TASK [Use item as the fact key for set_fact in a loop]
***
ok: [localhost] => (item=value1)
ok: [localhost] => (item=value2)
ok: [localhost] => (item=valueC)

TASK [Check the values assigned to the facts]

ok: [localhost] => (item=value1) => {
"ansible_loop_var": "item",
"item": "value1",
"value1": "value"
}
ok: [localhost] => (item=value2) => {
"ansible_loop_var": "item",
"item": "value2",
"value2": "value"
}
ok: [localhost] => (item=valueC) => {
"ansible_loop_var": "item",
"item": "valueC",
"valueC": "value"
}

PLAY RECAP
***
localhost  : ok=2changed=0unreachable=0failed=0
   skipped=0rescued=0ignored=0

On Thu, 3 Aug 2023 at 23:02, solarflow 99  wrote:

> I wonder if something like this can be done, the problem i'm seeing is
> that the fact name has to be static, and could not use {{ item }}:
>
>- name: Set each tag to facts
>  set_fact:
>list_of_vars: "{{ my_instance.instances |
> map(attribute='tags.list_of_vars') | list | join('\n') }}"
>
>- name: Split "list_of_vars" variable into a comma separated list
>  set_fact:
>item_list: "{{ list_of_vars.split(',') }}"
>
>- name: lookup SSM Parameter Store secrets
>  set_fact:
>   * {{ item }}:* "{{ lookup('amazon.aws.ssm_parameter',
> puppet_env+'_'+env+'_{{ item }}', region=ansible_ec2_placement_region) }}"
>  with_items: "{{ item_list }}"
>
>
> This would give me a fact for each comma separated var I put in the tag,
> if only it worked.  Is there a better way to do something like this?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b3642db8-15e2-406b-96ba-e49e0d4d50d8n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSoMGpjthtzU3afiKUOwo%3DZ9wxavQUTmvS1zXN4W_3kNw%40mail.gmail.com.

Re: [ansible-project] escalation problem with 'copy' TASK

[Will McDonald]

 become and become_user: postgresis are at the wrong indentation level in
the task?

On Wed, 26 Jul 2023 at 15:53, dulhaver via Ansible Project <
ansible-project@googlegroups.com> wrote:

> I have a copy TASK
>
>
> ###
> - name: copy archive to "{{ postgres_install }}"
>   ansible.builtin.copy:
> src: "../temp/{{ item }}"
> dest: "/opt/db/postgres/install/{{ item }}"
> become: true
> become_user: postgres
> mode: 0644
> owner: postgres
> group: postgres
>   loop:
> - "postgresql-{{ pg_version }}-postgis-{{ gis_version
> }}-el8-ina1.tar.gz"
>
> ###
>
>
> but am getting a 'Failed to get information on remote file ... permission
> denied' from my remotes
>
>
> ###
>
> TASK [copy archive to "/opt/db/postgres/install"]
> ***
> task path:
> /home/gwagner/repos/automation_postgres/playbooks/pg_copy_archive_to_server.yml:38
>  ESTABLISH SSH CONNECTION FOR USER: None
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"'
> dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
>  ESTABLISH SSH CONNECTION FOR USER: None
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"'
> dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
>  (0, b'/home/gwagner\n', b'')
>  ESTABLISH SSH CONNECTION FOR USER: None
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"'
> dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "`
> echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo
> /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963
> `" && echo ansible-tmp-1690382167.2929223-3916028-198146789170963="` echo
> /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963
> `" ) && sleep 0'"'"''
>  (0, b'/home/gwagner\n', b'')
>  ESTABLISH SSH CONNECTION FOR USER: None
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'ControlPath="/home/gwagner/.ansible/cp/fabb7bb55e"'
> dvzsn-rd5097.portal.cn-mv.de '/bin/sh -c '"'"'( umask 77 && mkdir -p "`
> echo /home/gwagner/.ansible/tmp `"&& mkdir "` echo
> /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344
> `" && echo ansible-tmp-1690382167.3025672-3916029-195671938319344="` echo
> /home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344
> `" ) && sleep 0'"'"''
>  (0,
> b'ansible-tmp-1690382167.3025672-3916029-195671938319344=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.3025672-3916029-195671938319344\n',
> b'')
>  (0,
> b'ansible-tmp-1690382167.2929223-3916028-198146789170963=/home/gwagner/.ansible/tmp/ansible-tmp-1690382167.2929223-3916028-198146789170963\n',
> b'')
> Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
> Pipelining is enabled.
>  ESTABLISH SSH CONNECTION FOR USER: None
> Using module file /usr/lib/python3.9/site-packages/ansible/modules/stat.py
> Pipelining is enabled.
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'ControlPath="/home/gwagner/.ansible/cp/9e44e07a70"'
> dvzsn-rd5095.portal.cn-mv.de '/bin/sh -c
> '"'"'/usr/libexec/platform-python && sleep 0'"'"''
>  ESTABLISH SSH CONNECTION FOR USER: None
>  SSH: EXEC ssh -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o ConnectTimeout=10 -o
> 'C

Re: [ansible-project] inventory works ad-hoc but not for playbooks

[Will McDonald]

I think the following error: Expecting ',' delimiter: line 1 column 27
(char 26)

Is pointing you towards your extra vars:
'{"postgresversion":"12.12"*;*"targets":"vm-414001-0315"}'


You have a semi-colon ';' at position 28, that should be a comma. ','

On Wed, 26 Jul 2023 at 09:29, dulhaver via Ansible Project <
ansible-project@googlegroups.com> wrote:

> sorry, the command I am calling this with was not correct (copy'n'paste
> error):
>
> ansible-playbook -i ../temp/vm-414001-0315.ini pg_install.yml -e
> '{"postgresversion":"12.12";"targets":"vm-414001-0315"}' --list-hosts
>
>
>
> > On 07/26/2023 10:19 AM CEST dulhaver via Ansible Project <
> ansible-project@googlegroups.com> wrote:
> >
> >
> > i have an inventory vm-414001-0315.ini that looks like this
> >
> >[vm-414001-0315]
> >vm-414001-0315.step.zrz.dvz.cn-mv.de
> >
> > this works wit ad-hoc commands but throws an error with ansible-playbook
> >
> >
> >
> >
> #anplay
> -i ../temp/vm-414001-0315.ini pg_install.yml -e
> '{"postgresversion":"12.12";"targets":"vm-414001-0315"}' --list-hosts
> >
> > [WARNING]:  * Failed to parse
> /home/gwagner/repos/automation_postgres/temp/vm-414001-0315.ini with ini
> plugin: We were unable to read either
> > as JSON nor YAML, these are the errors we got from each: JSON: Expecting
> ',' delimiter: line 1 column 27 (char 26)  Syntax Error while
> > loading YAML.   found unexpected ':'  The error appears to be in
> '': line 1, column 37, but may be elsewhere in the file depending
> > on the exact syntax problem.
> > [WARNING]: Unable to parse
> /home/gwagner/repos/automation_postgres/temp/vm-414001-0315.ini as an
> inventory source
> > [WARNING]: No inventory was parsed, only implicit localhost is available
> > ERROR! We were unable to read either as JSON nor YAML, these are the
> errors we got from each:
> > JSON: Expecting ',' delimiter: line 1 column 27 (char 26)
> >
> > Syntax Error while loading YAML.
> >   found unexpected ':'
> >
> > The error appears to be in '': line 1, column 37, but may
> > be elsewhere in the file depending on the exact syntax problem.
> > #
> >
> > Where is this going wrong? Neither the playbook, nor the inventory has
> 26/27 columns in line 1
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/542832406.222004.1690359566602%40office.mailbox.org
> .
>
> ---
> gunnar wagner | fichtestr. 1, 19386 lübz | fon: 0176 7808 9090
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/67657481.222782.1690360145141%40office.mailbox.org
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSUuqrtDKOMzRLzH5j8b1V78fiWi2d8-KA_Hi1n_bWszA%40mail.gmail.com.

[ansible-project] Re: azure.azcollection azure_rm.yml inventory plugin failing to use az login credentials in execution environment

[Will McDonald]

Just in case it's of any use to someone Googling or trawling the archives,
switching from prepend_final to append_final in additional_build_steps in
the EE definition seems to resolve /whatever/ the issue is:

https://github.com/wmcdonald404/ee-sandbox/blob/main/.github/workflows/ee-deploy.yml#L83

additional_build_steps:
  append_final: |
RUN rpm --import
https://packages.microsoft.com/keys/microsoft.asc
RUN dnf install -y
https://packages.microsoft.com/config/fedora/38/packages-microsoft-prod.rpm
RUN dnf -y install azure-cli

It seems like the azure-cli RPM-based install pulls in all its packaged
dependencies correctly and shoves them into
/usr/lib//site-packages.

And the pip install ansible-builder calls populates
/usr/local/lib//site-packages.

So I'm not sure *quite* what's happening in the sequencing of package/build
that would be significantly different but switching prepend to append seems
to do the trick. 


On Mon, 24 Jul 2023 at 12:27, Will McDonald  wrote:

> Oh, and one more potentially useful data point, if I switch auth_source to
> explicitly 'cli' in the inventory plugin config I see the following:
>
> [root@3209917451f4 runner]# cat inventory/azure_rm.yml
> plugin: azure.azcollection.azure_rm
> auth_source: cli
> [root@3209917451f4 runner]# ansible-inventory -vvv -i
> inventory/azure_rm.yml --graph
> ansible-inventory [core 2.15.2]
>   config file = /runner/project/ansible.cfg
>   configured module search path = ['/root/.ansible/plugins/modules',
> '/usr/share/ansible/plugins/modules']
>   ansible python module location =
> /usr/local/lib/python3.11/site-packages/ansible
>   ansible collection location =
> /root/.ansible/collections:/usr/share/ansible/collections
>   executable location = /usr/local/bin/ansible-inventory
>   python version = 3.11.4 (main, Jun  7 2023, 00:00:00) [GCC 13.1.1
> 20230511 (Red Hat 13.1.1-2)] (/usr/bin/python3)
>   jinja version = 3.1.2
>   libyaml = True
> Using /runner/project/ansible.cfg as config file
> Using inventory plugin
> 'ansible_collections.azure.azcollection.plugins.inventory.azure_rm' to
> process inventory source '/runner/inventory/azure_rm.yml'
>
> *[WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with auto
> plugin: Failed to import the required Python library (azure-cli) on
> 3209917451f4's Python /usr/bin/python3. This is required for `cli`
> auth_source. Please read the module documentation and install it in
> theappropriate location. If the required library is installed, but Ansible
> is using the wrong Python interpreter, please consult the documentation on
> ansible_python_interpreter*
>   File
> "/usr/local/lib/python3.11/site-packages/ansible/inventory/manager.py",
> line 293, in parse_source
> plugin.parse(self._inventory, self._loader, source, cache=cache)
>   File
> "/usr/local/lib/python3.11/site-packages/ansible/plugins/inventory/auto.py",
> line 59, in parse
> plugin.parse(inventory, loader, path, cache=cache)
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py",
> line 221, in parse
> self._credential_setup()
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py",
> line 242, in _credential_setup
> self.azure_auth = AzureRMAuth(**auth_options)
>   ^^^
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
> line 1493, in __init__
> self.credentials = self._get_credentials(
>^^
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
> line 1759, in _get_credentials
> self.fail(msg=missing_required_lib('azure-cli', reason='for `cli`
> auth_source'),
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
> line 1640, in fail
> self._fail_impl(msg)
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
> line 1643, in _default_fail_impl
> raise AzureRMAuthException(msg)
> [WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with ini
> plugin: Invalid host pattern 'plugin:' supplied, ending in ':' is not
> allowed, this character is reserved to provide a port.
>   File
> "/usr/local/lib/python3.11/site-packages/ansible/inventory

Re: [ansible-project] builtin.expect question

[Will McDonald]

If you're just trying to find a way to ALWAYS say "yes, install" then
looking at
https://github.com/ohmyzsh/ohmyzsh/blob/master/tools/install.sh#L37C31-L37C31
you could just pass in --unattended?

On Mon, 24 Jul 2023 at 20:11, Rodrigo Reis  wrote:

> Hello Everyone!
>
> I trying to install ohmyzsh using ansible inside of a bigger yml file with
> a bunch of other sutff.
> in hte ansible.builtin.expect block the goal is to anwser one
> installation question but it waits for the timeou and display a huge error
> message.
> Basically sucessfully install ohmyzsh but not awnser the installation
> question.
>
> What you guys think, I'm doing wrong or have a better way to do it?
>
> - name: Check if Oh My Zsh is installed
> stat:
> path: /home/rreis/.oh-my-zsh
> register: ohmyzsh_installed
>
> - name: Install Oh My Zsh
> ansible.builtin.expect:
> command: sh /home/rreis/install.sh
> responses:
> 'Do you want to change your default shell to zsh? \[Y/n\]:': "Y\n"
> timeout: 30
> when: ohmyzsh_installed.stat.exists == false
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3708b636-7b93-48e0-b119-65d24863bab7n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTzRpx2FJFwtdSemDN4ocrW01HPti3_B8yQQ7zNOToe0w%40mail.gmail.com.

[ansible-project] Re: azure.azcollection azure_rm.yml inventory plugin failing to use az login credentials in execution environment

[Will McDonald]

_cached__', '__doc__', '__file__', '__loader__',
'__name__', '__package__', '__path__', '__spec__', '__version__',
'_configure_knack', 'extract_args_from_signature',
'extract_full_summary_from_signature', 'get_default_cli', 'get_logger',
'local_context', 'logger', 'os', 'sys', 'timeit']
>>> dir(azure.cli.core.AzCli)
['__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__',
'__format__', '__ge__', '__getattribute__', '__getstate__', '__gt__',
'__hash__', '__init__', '__init_subclass__', '__le__', '__lt__',
'__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__',
'__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__',
'__weakref__', '_configure_style', '_print_init_log',
'_should_enable_color', '_should_show_version', 'exception_handler',
'get_cli_version', 'get_progress_controller', 'get_runtime_version',
'invoke', 'raise_event', 'refresh_request_id', 'register_event',
'save_local_context', 'show_version', 'unregister_event']


On Mon, 24 Jul 2023 at 12:21, Will McDonald  wrote:

> Hi all,
>
> I was looking for some help debugging an unusual issue I'm seeing
> with azure.azcollection and the azure-cli in an Ansible execution
> environment.
>
> TL;DR, if I manually build a container, pip install ansible-core,
> ansible-galaxy install the azure.azcollection, then pip install its
> requirements, install azure-cli, setup a dynamic inventory plugin, az login
> and then run ansible-inventory, everything works.
>
> If I use ansible-builder to accomplish the same end result,
> ansible-inventory fails with the following stack trace:
>
> [root@3209917451f4 runner]# ansible-inventory -i inventory/azure_rm.yml
> --graph
> [WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with auto
> plugin: Failed to get credentials. Either pass as parameters, set
> environment variables, define a profile in ~/.azure/credentials, or install
> Azure CLI and log in (`az login`).
> [WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with ini
> plugin: Invalid host pattern 'plugin:' supplied, ending in ':' is not
> allowed, this character is reserved to provide a port.
> [WARNING]: Unable to parse /runner/inventory/azure_rm.yml as an inventory
> source
> [WARNING]: No inventory was parsed, only implicit localhost is available
> @all:
>   |--@ungrouped:
> [root@3209917451f4 runner]# ansible-inventory -vvv -i
> inventory/azure_rm.yml --graph
> ansible-inventory [core 2.15.2]
>   config file = /runner/project/ansible.cfg
>   configured module search path = ['/root/.ansible/plugins/modules',
> '/usr/share/ansible/plugins/modules']
>   ansible python module location =
> /usr/local/lib/python3.11/site-packages/ansible
>   ansible collection location =
> /root/.ansible/collections:/usr/share/ansible/collections
>   executable location = /usr/local/bin/ansible-inventory
>   python version = 3.11.4 (main, Jun  7 2023, 00:00:00) [GCC 13.1.1
> 20230511 (Red Hat 13.1.1-2)] (/usr/bin/python3)
>   jinja version = 3.1.2
>   libyaml = True
> Using /runner/project/ansible.cfg as config file
> Using inventory plugin
> 'ansible_collections.azure.azcollection.plugins.inventory.azure_rm' to
> process inventory source '/runner/inventory/azure_rm.yml'
> [WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with auto
> plugin: Failed to get credentials. Either pass as parameters, set
> environment variables, define a profile in ~/.azure/credentials, or install
> Azure CLI and log in (`az login`).
>   File
> "/usr/local/lib/python3.11/site-packages/ansible/inventory/manager.py",
> line 293, in parse_source
> plugin.parse(self._inventory, self._loader, source, cache=cache)
>   File
> "/usr/local/lib/python3.11/site-packages/ansible/plugins/inventory/auto.py",
> line 59, in parse
> plugin.parse(inventory, loader, path, cache=cache)
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py",
> line 221, in parse
> self._credential_setup()
>   File
> "/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py&q

[ansible-project] azure.azcollection azure_rm.yml inventory plugin failing to use az login credentials in execution environment

[Will McDonald]

Hi all,

I was looking for some help debugging an unusual issue I'm seeing
with azure.azcollection and the azure-cli in an Ansible execution
environment.

TL;DR, if I manually build a container, pip install ansible-core,
ansible-galaxy install the azure.azcollection, then pip install its
requirements, install azure-cli, setup a dynamic inventory plugin, az login
and then run ansible-inventory, everything works.

If I use ansible-builder to accomplish the same end result,
ansible-inventory fails with the following stack trace:

[root@3209917451f4 runner]# ansible-inventory -i inventory/azure_rm.yml
--graph
[WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with auto
plugin: Failed to get credentials. Either pass as parameters, set
environment variables, define a profile in ~/.azure/credentials, or install
Azure CLI and log in (`az login`).
[WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with ini
plugin: Invalid host pattern 'plugin:' supplied, ending in ':' is not
allowed, this character is reserved to provide a port.
[WARNING]: Unable to parse /runner/inventory/azure_rm.yml as an inventory
source
[WARNING]: No inventory was parsed, only implicit localhost is available
@all:
  |--@ungrouped:
[root@3209917451f4 runner]# ansible-inventory -vvv -i
inventory/azure_rm.yml --graph
ansible-inventory [core 2.15.2]
  config file = /runner/project/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules',
'/usr/share/ansible/plugins/modules']
  ansible python module location =
/usr/local/lib/python3.11/site-packages/ansible
  ansible collection location =
/root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible-inventory
  python version = 3.11.4 (main, Jun  7 2023, 00:00:00) [GCC 13.1.1
20230511 (Red Hat 13.1.1-2)] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True
Using /runner/project/ansible.cfg as config file
Using inventory plugin
'ansible_collections.azure.azcollection.plugins.inventory.azure_rm' to
process inventory source '/runner/inventory/azure_rm.yml'
[WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with auto
plugin: Failed to get credentials. Either pass as parameters, set
environment variables, define a profile in ~/.azure/credentials, or install
Azure CLI and log in (`az login`).
  File
"/usr/local/lib/python3.11/site-packages/ansible/inventory/manager.py",
line 293, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
  File
"/usr/local/lib/python3.11/site-packages/ansible/plugins/inventory/auto.py",
line 59, in parse
plugin.parse(inventory, loader, path, cache=cache)
  File
"/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py",
line 221, in parse
self._credential_setup()
  File
"/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py",
line 242, in _credential_setup
self.azure_auth = AzureRMAuth(**auth_options)
  ^^^
  File
"/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
line 1514, in __init__
self.fail("Failed to get credentials. Either pass as parameters, set
environment variables, "
  File
"/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
line 1640, in fail
self._fail_impl(msg)
  File
"/usr/share/ansible/collections/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py",
line 1643, in _default_fail_impl
raise AzureRMAuthException(msg)
[WARNING]:  * Failed to parse /runner/inventory/azure_rm.yml with ini
plugin: Invalid host pattern 'plugin:' supplied, ending in ':' is not
allowed, this character is reserved to provide a port.
  File
"/usr/local/lib/python3.11/site-packages/ansible/inventory/manager.py",
line 293, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
  File
"/usr/local/lib/python3.11/site-packages/ansible/plugins/inventory/ini.py",
line 137, in parse
raise AnsibleParserError(e)
[WARNING]: Unable to parse /runner/inventory/azure_rm.yml as an inventory
source
[WARNING]: No inventory was parsed, only implicit localhost is available
@all:
  |--@ungrouped:

This is in a running instance of the ansible-builder built container, az
login has successfully run, I can az account show/az vm list and see the
subscription, tennant ID, resources etc.

I've done all the usual Googling and as much RTFMing as I can but haven't
found anything that would explain the difference in behaviour. More debug
info below from the non-working ansible-builder container in case it helps.
The behaviour persists whether podman or docker is used for the build. The
only thing that seems obviously different between the two scenarios is that
ansible-builder is building the EE with dumb-init?

Any suggestions are greatly appreciated.

Re: [ansible-project] TASK [Check DB connection] ********************************************************************************************************************************************* fatal: [l

[Will McDonald]

Is {{ mssql_server }} pointing at:

1. your local machine localhost running SQL Server on Linux directly
2. or a remote machine running SQL Server on Linux
3. or a remote machine running SQL Server on Windows?

If your scenario is #2, have you installed pymssql on the target machine as
well as your Ansible control node? (See:
https://docs.ansible.com/ansible/latest/collections/community/general/mssql_script_module.html#notes
)

If your scenarios is #3, see:
https://github.com/ansible/ansible/issues/39612#issuecomment-597451375
(This is a different Ansible module but it's using the same Python under
the covers.)

You might get more help if you can provide proper output (with passwords
redacted) of an actual run with -v[vv], the inventory and as much more
information as you possibly can.

On Thu, 6 Jul 2023 at 19:40, Narmada Karthika  wrote:

> can some one shower some light here
>
> On Wednesday, July 5, 2023 at 9:30:23 AM UTC-7 Narmada Karthika wrote:
>
>> any other details needed?
>>
>> On Monday, July 3, 2023 at 1:56:09 PM UTC-7 Narmada Karthika wrote:
>>
>>> pymssql-2.2.7
>>> I am just trying to make a sql connection by checking the connectivity
>>> to sql server, if this is successfully I have to get some select and update
>>> statements working
>>> this is my playbook
>>> ---
>>>  - name: Execute sql commands
>>>hosts: localhost
>>>gather_facts: false
>>>become: true
>>>user: root
>>>vars_files:
>>>  - group_vars/mssqlpass.yml
>>>tasks:
>>>  - name: Check DB connection
>>>community.general.mssql_script:
>>>  login_user: "{{ mssql_login_user }}"
>>>  login_password: "{{ mssql_login_password }}"
>>>  login_host: "{{ mssql_server }}"
>>>  login_port: "{{ mssql_port }}"
>>>  db: dbname
>>>  script: "SELECT *"
>>>
>>> On Monday, July 3, 2023 at 1:18:28 PM UTC-7 Abhijeet Kasurde wrote:
>>>
 Hi Narmada,

 Could you please provide more context like playbooks used, collections
 used, modules used, ultimate aim to achieve etc? Without this information,
 it is really difficult to debug.

 On Mon, Jul 3, 2023 at 1:07 PM Narmada Karthika 
 wrote:

> Any idea about this error, the username and password are correct those
> are dbo creds. I am able to connect through ssms with the same creds but
> not working through ansible
> also I don't see @sysconfdir@/freetds.conf / ${HOME}/.freetds.conf"
> on my linux node...
>
>
> TASK [Check DB connection]
> *
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "unable to
> connect, check login_user and login_password are correct, or alternatively
> check your @sysconfdir@/freetds.conf / ${HOME}/.freetds.conf"}
>
> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/450d5ff6-1aba-45e3-ab89-555225d3db46n%40googlegroups.com
> 
> .
>


 --
 Thanks,
 Abhijeet Kasurde

>>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/5d81367f-380c-41c1-ae4d-092e27fd820cn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQDDJNqm3Up5Mnrq8cnRXr94sNYdKQ1ftD-joW6HucwSA%40mail.gmail.com.

Re: [ansible-project] Where is the vSphere customization specification documentation?

[Will McDonald]

I haven't done any vmware provisioning with ansible for a while but this
looks like it might help get you started in terms of what can go into a
customisation spec.

https://developer.vmware.com/apis/vsphere-automation/latest/vcenter/data-structures/Vm/Guest/Customization/SetSpec/

If you skim a few of the 'how do I do customisation specification' how-tos
most people create them via the UI but you can then export/import/view in
the datastore.

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-EB5F090E-723C-4470-B640-50B35D1EC016.html
https://www.bdrsuite.com/blog/what-is-vmware-vm-customization-specification-and-how-to-use-it/
https://www.virtualizationhowto.com/2017/10/using-vmware-vsphere-vm-customization-specification/
https://www.vladan.fr/what-is-vmware-vm-customization-specification-and-how-to-use-it/

In your shoes, I'd try to grab an ESX  & vCenter trial (or VMUG Advantage
Sub), build a nested environment and work through the steps .

On Wed, 5 Jul 2023 at 18:22, 'Terry Lemons' via Ansible Project <
ansible-project@googlegroups.com> wrote:

> Hi
>
> Several Ansible modules, as well as govc (
> https://github.com/vmware/govmomi/blob/main/govc/USAGE.md#vmcustomize)
> use vSphere customization specifications. I've searched but I haven't found
> vSphere (or other) documentation on the key:value pairs that are available
> for use in the customization specification files consumed by govc and
> others.
>
> Where can I find this documentation? I particularly want to figure out how
> to set the Windows 'administrator' password as I deploy a vSphere VM.
>
> Thanks!
> tl
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/95da103a-0ab5-4eaa-9b0e-a698942dfdden%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTybH53ihXSyedVUjQpGNQFC5zbg2t7QfTB_%3DmKUMyhYQ%40mail.gmail.com.

Re: [ansible-project] reboot host based on ansible output

[Will McDonald]

You probably need a handler with a changed_when condition.

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_handlers.html#handlers
https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_error_handling.html#defining-changed

See this discussion:

https://unix.stackexchange.com/a/707238


On Fri, 16 Jun 2023 at 14:47, Tony Wong  wrote:

> I got pb that based on output will say:
>
> reboot required: True
> or reboot required: False
>
> if its false how do i skip the reboot on the following task?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/de46990a-8d98-4dd9-82a8-54299a1e32adn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQe5TSq%3DNW0BH1Vm3mdO0dhd7NqmJWpcB-WCF7D9OQW5Q%40mail.gmail.com.

Re: [ansible-project] Loop files that will be used as variables

[Will McDonald]

I think this answer might give you a pointer in the right direction:
https://stackoverflow.com/a/52237675

It should work, but there could be a better/simpler way to do this. Do you
control the generation of the files that provide your source variables?

What's the *actual *problem you need to solve? (Obviously dynamically
generating and presumably running some SQL but can you step back a level or
two and describe the actual goal?)


On Wed, 14 Jun 2023 at 12:07, dudu.c...@gmail.com 
wrote:

> Hi ,
>
>
> I’m using the template module that takes a J2 template and update the
> relevant fields.
>
> My problem is When I want to create a file per file input should be used
> as variable – I’m actually need to understand how to loop file that should
> be used as var files
>
>
> *My J2 file*
>
> select * from {{ item.id}} where {{ item.color}}
>
>
>
> *My input files*
>
> *File-1.yml :*
>
> Id: 1
> color: blue
>
>
>
>  *File-2**.yml** :*
>
> Id: 2
> color: red
>
>
>
> *My Playbook – that is not working. *
>
>
>
> - hosts: localhost
>   become: true
>   gather_facts: yes
>   tasks:
> - name:
>   template:
> src: /opt/input.sql.j2
> dest: /opt//{{item.id}}.sql
>   with_items:
> - file-1.yaml
>
> - file-2.yaml
>
>
>
>
>
> *The output files I wish to have *
>
> 1.sql
>
> select * from 1 where blue
>
>
>
> 2.sql
>
> select * from 2 where red
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/50d4e830-9330-43be-95dc-68795a311d9an%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRFy9yojZ5X9v9ja0V7WVUYU%2BKP5FuYkA1ZxXRd1KRSqQ%40mail.gmail.com.

Re: [ansible-project] Formatting with set_fact

[Will McDonald]

 This should do the trick:

"{{myhost}}.{{mydns | trim('.')}}"

On Tue, 13 Jun 2023 at 11:52, Veera  wrote:

> Hi,
>
> While using set_facts , I am combining a hostname and dns name .
> myhost = linuxhost1
> mydns = example.com.
>
> while  combining them  with set_fact
>
> ansible.builtin.set_fact:
>my_fqdn:  "{{myhost}}.{{mydns}}"
>
> This gives the desired output of "linuxhost1.example.com."
> The last dot can be cut with [:-1] with debug , however I want to set this
> in set_fact itself as I am trying to write the FQDN without a dot to the
> inventory file.
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ebdb13fe-035d-473a-9904-277a11d8e285n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQ%2BOx%3DikVNL8sxXBXqLmRO0BW8ZTj6Wev5gy_-0dcyTaQ%40mail.gmail.com.

Re: [ansible-project] terminate the whole play if any fatal errors on any host occurs

[Will McDonald]

Hey Edvinas,

As Kosala mentions, this should do what you want, however I think the
specific piece of documentation to note is "Ansible *finishes the fatal
task on all hosts in the current batch*". With 2 hosts, and the default of
5 forks, your batch size will be 5 so your play will carry on across both
hosts. If you set "serial: 1" it'll probably behave the way you want.

Cheers,

Will.

On Tue, 6 Jun 2023 at 08:05, "Kosala Atapattu (කෝසල අතපත්තු)" <
kosala.atapa...@gmail.com> wrote:

> The doc says it should do what you’re after.
>
> If you set any_errors_fatal and a task returns an error, Ansible finishes
> the fatal task on all hosts in the current batch, then stops executing the
> play on all hosts. Subsequent tasks and plays are not executed. You can
> recover from fatal errors by adding a rescue section
> 
>  to
> the block. You can set any_errors_fatal at the play or block level.
>
>
>  I never have used it personally, but are you setting
> any_errors_fatal:true at the task level or playbook level?
>
>
>
> Sent from my iPhone
>
> On 6/06/2023, at 6:51 PM, Edvinas Kairys  wrote:
>
> Hello, thanks for reply.
>
> I've two hosts in the play, and one of the hosts assert module doesnt
> validate to true and fails. With any_errors_fatal command I expect the
> playbook to stop on all hosts within the play. But in my case, the play
> stops only on failed host, it continues with other host where assertions
> passed.
>
> Is this expected behaviour ?
>
> On Tuesday, June 6, 2023, Kosala Atapattu 
> wrote:
>
>> Yes any_errors_fatal is what you need:
>> https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_error_handling.html#aborting-on-the-first-error-any-errors-fatal
>>
>> When you say it doesn't seem to work, what does not seem to work?
>>
>> *Kosala*
>>
>>
>>
>>
>> On Tue, Jun 6, 2023 at 2:07 AM edvina...@gmail.com <
>> edvinas.em...@gmail.com> wrote:
>>
>>> Hello,
>>>
>>> My playbook has several hosts, and I have some tasks with *assert *and *fail
>>> *modules. How to do that if the task gets any fatal error in the play
>>> within particular host - the whole play should is terminated ?
>>>
>>> I thought that playbook command *any_errors_fatal *would work, but
>>> seems not.
>>>
>>> Is there any other way to make playbook stop if any of the hosts
>>> experiences errors ?
>>>
>>> I see ansible has meta modules - there are some kind like end_play
>>> module, maybe this one would work..
>>>
>>> Thank you.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/87c9f759-872f-40b7-b80c-73f61817fb82n%40googlegroups.com
>>> 
>>> .
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/VjdgAcJWJzc/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAP7S5HawfBqkb4L1DjmZumHmJFw-Rtm8Fuh4t2JCuKmr_AE_-A%40mail.gmail.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAOrc2M9XhNiSe5ieGYMoonMU0gnScrp1fUv2YtzZdm4gy8sW_g%40mail.gmail.com
> 
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/66611F66-7964-4D3F-8CB8-2018FEBAB763%40gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups

Re: [ansible-project] ansible.builtin.cron

[Will McDonald]

It works as expected for me on a test Fedora machine.

As a test user, create a debug playbook and test it runs.

[test-user@fedora ~]$ id
uid=1001(test-user) gid=1001(test-user) groups=1001(test-user)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[test-user@fedora ~]$ cat debug.yaml
---
- name: touch a timestamped file
  hosts: localhost
  tasks:
- name: touch a file
  ansible.builtin.command: touch /tmp/ansible-cron

[test-user@fedora ~]$ ansible-playbook debug.yaml
PLAY RECAP
*
localhost  : ok=2changed=1unreachable=0failed=0
   skipped=0rescued=0ignored=0

[test-user@fedora ~]$ ll /tmp/ansible-cron
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:36 /tmp/ansible-cron
[test-user@fedora ~]$ rm /tmp/ansible-cron

As a real user, schedule the previously tested playbook via cron.

[real-user@fedora ansible-cron]$ cat add-cron.yaml
---
- name: Create a test cronjob to touch a file
  hosts: localhost
  become: true
  tasks:
- name: add crontab entry
  ansible.builtin.cron:
name: This cronjob is scheduled by Ansible
minute: "*"
hour: "*"
day: "*"
month: "*"
weekday: "*"
user: test-user
job: "ansible-playbook -i localhost /home/test-user/debug.yaml"
state: present

[real-user@fedora ansible-cron]$ ansible-playbook add-cron.yaml

PLAY RECAP
*
localhost  : ok=2changed=1unreachable=0failed=0
   skipped=0rescued=0ignored=0

[root@fedora ~]# crontab -l -u test-user
#Ansible: This cronjob is scheduled by Ansible
* * * * * ansible-playbook -i localhost /home/test-user/debug.yaml

[root@fedora ~]# systemctl start crond.service

[root@fedora ~]# ll /tmp/ans*
-rw-r--r--. 1 test-user test-user 0 Apr 19 17:42 /tmp/ansible-cron

For me the level of log info sent to the journal wasn't terribly helpful,
so you might want to try stopping the service and running in the foreground
with debug for more detail (YMMV depending on distro/config and
customisation):

# systemctl stop crond.service
# crond -n -s -x ext,sch,proc,pars,load,misc


On Wed, 19 Apr 2023 at 17:38, John Welby  wrote:

> Yes, there are copy/paste errors as I am transcribing and scrubbing info
> from a high-side environment.
>
>
> On Wednesday, April 19, 2023 at 12:21:47 PM UTC-4 Dick Visser wrote:
>
>> Also the file name extensions are different (yml vs yaml). Are we looking
>> at some copy paste errors?
>>
>> On Wed, 19 Apr 2023 at 18:18, 'Rowe, Walter P. (Fed)' via Ansible Project
>>  wrote:
>>
>>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i
>>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>>>
>>>
>>>
>>>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>>>
>>>
>>> These don't match. cron isn't running ansible-playbook. It is trying to
>>> run the YAML file itself.
>>>
>>> Walter
>>> --
>>> Walter Rowe, Division Chief
>>> Infrastructure Services, OISM
>>> Mobile: 202.355.4123 <(202)%20355-4123>
>>>
>>> On Apr 19, 2023, at 12:08 PM, John Welby  wrote:
>>>
>>> ---
>>> - name: Create a cronjob to patch dev instances
>>>   hosts: controller
>>>   tasks:
>>> - name: Schedule cron
>>>   ansible.builtin.cron:
>>> name: This cronjob is scheduled by Ansible
>>> minute: "15"
>>> hour: "12"
>>> day: "*"
>>>     month: "*"
>>> weekday: "3"
>>> user: ec2-user
>>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i
>>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>>> state: present
>>>
>>> crontab -l
>>>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>>>
>>> crond.service is active and running
>>>
>>>
>>> Thanks!
>>>
>>> John
>>> On Wednesday, April 19, 2023 at 10:56:07 AM UTC-4 Will McDonald wrote:
>>> More information would be helpful here.
>>>
>>> 1. Can you share your usage of ansible.builtin.cron?
>>> 2. Can you share the output of crontab -l for the user you're creating
>>> the cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
>>> 3. What's in your cronlog or systemd journal?
>>> 4. Obv

Re: [ansible-project] ansible.builtin.cron

[Will McDonald]

There's a discrepancy between your job as defined in your playbook and your
output as listed from crontab -l. I suspect that's just transcription but
worth double-checking? (Walter and Dick have also spotted that.)

I'd also check that the ec2-user which is who you're creating the crontab
as has appropriate permissions and ownership of /home/jwelby/ and can
descend into that tree and "do stuff".

And finally, check your logs/journal. As Dick mentioned, the cron execution
environment is restrictive, so it's likely whatever's happening will be
logged under _COMM = crontab or UNIT crontab.service.

I'd get it working with a simple debug job firing every 5 minutes with a
playbook which just runs a debug or touches a file, check for its execution
successfully in the journal logs then increase the complexity in stages.



On Wed, 19 Apr 2023 at 17:08, John Welby  wrote:

> ---
> - name: Create a cronjob to patch dev instances
>   hosts: controller
>   tasks:
> - name: Schedule cron
>   ansible.builtin.cron:
> name: This cronjob is scheduled by Ansible
> minute: "15"
> hour: "12"
> day: "*"
> month: "*"
> weekday: "3"
> user: ec2-user
> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i
> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
> state: present
>
> crontab -l
>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>
> crond.service is active and running
>
>
> Thanks!
>
> John
> On Wednesday, April 19, 2023 at 10:56:07 AM UTC-4 Will McDonald wrote:
>
>> More information would be helpful here.
>>
>> 1. Can you share your usage of ansible.builtin.cron?
>> 2. Can you share the output of crontab -l for the user you're creating
>> the cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
>> 3. What's in your cronlog or systemd journal?
>> 4. Obvious question but you do have a vixie cron variant installed and
>> the appropriate services started?
>>
>>
>> On Wed, 19 Apr 2023 at 15:26, John Welby  wrote:
>>
>>> All,
>>>
>>> Can a playbook be run by 'job', i.e. instead of a script.
>>>
>>> I created a playbook that creates an entry in crontab, which it does
>>> successfully, but it does not execute the playbook I specified in job:
>>>
>>> Thanks!
>>>
>>> John
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com
>>> <https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQNf8vN4fh4m0vUtNisnNNZC8Aa79Q07bsqNgQUB6kMtg%40mail.gmail.com.

Re: [ansible-project] ansible.builtin.cron

[Will McDonald]

More information would be helpful here.

1. Can you share your usage of ansible.builtin.cron?
2. Can you share the output of crontab -l for the user you're creating the
cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
3. What's in your cronlog or systemd journal?
4. Obvious question but you do have a vixie cron variant installed and the
appropriate services started?


On Wed, 19 Apr 2023 at 15:26, John Welby  wrote:

> All,
>
> Can a playbook be run by 'job', i.e. instead of a script.
>
> I created a playbook that creates an entry in crontab, which it does
> successfully, but it does not execute the playbook I specified in job:
>
> Thanks!
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohQSAxu-%3DipcKm-kFPCybv63DgwyKTHPUHPYrQ2oJfp-UQ%40mail.gmail.com.

Re: [ansible-project] Not able to fetch RDS instance using rds_instance_info module

[Will McDonald]

1. What do you have in /etc/os-release ?

2. What version of Ansible do you have installed (and from where, packaged
with the OS, pip installed?)

3. What version(s) of Python do you have installed?

4. Have you installed the requirements for whatever version of
rds_instance_info_module you are using? (python3, boto3, botocore)

https://docs.ansible.com/ansible/latest/collections/amazon/aws/rds_instance_info_module.html#requirements
https://galaxy.ansible.com/amazon/aws?extIdCarryOver=true&sc_cid=701f201OH7YAAW

On Fri, 7 Apr 2023 at 08:49, Anirban Das  wrote:

> Hi Team,
>
> I was trying to fetch my existing RDS instance using rds_instance_info
> module, but while I execute the playbook, I got below error. Can you please
> look into this and guide me what to do
>
> *Error*: fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed
> to import the required Python library (botocore or boto3) on
> ansible-controller's Python /usr/bin/python2. Please read module
> documentation and install in the appropriate location. If the required
> library is installed, but Ansible is using the wrong Python interpreter,
> please consult the documentation on ansible_python_interpreter"}
>
> *Playbook:*
>
> ---
> - name: RDS Info
>   hosts: localhost
>   tasks:
>   vars:
> region: "us-east-1"
> db_instance_identifier: "database-instance-1"
>   tasks:
> - name: Get RDS Endpoint
>   rds_instance_info:
> region: "{{ region }}"
> db_instance_identifier: "{{ db_instance_identifier }}"
>   register: info
>
> - debug:
> msg: "{{ info }}"
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b958302f-a188-42fa-9562-a470dff6cc5cn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRrbF%2BGLyAouHjUuC8QTrToRhGHLTKiiTWgdPgRLs57vg%40mail.gmail.com.

Re: [ansible-project] Need to automate task via bastion host

[Will McDonald]

https://www.jeffgeerling.com/blog/2022/using-ansible-playbook-ssh-bastion-jump-host


On Sun, 2 Apr 2023 at 16:35, Monica  wrote:

> Hi All,
>
> I have requirement to automate some tasks via ansible playbook, the
> problem is I cannot go to the serves directly I need to go to remote nodes
> via bastion node. Could anyone pls help how can I write the same inside
> inventory. Below is the example how I am connecting to the remote host via
> bastion host.
>
> ssh user@@ -p 8022
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/19f0148f-01d4-4a4f-82e3-c1270fdbf8f1n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRQex33d8xUaBKu1%3DhELWE%3D19vZ%2BzehfxmDfeH_GyAMtA%40mail.gmail.com.

Re: [ansible-project] Issue with a shell command

[Will McDonald]

I suspect your problem is simply that your shell command's incorrectly
quoted and something like:

ansible.builtin.shell: |
set -o pipefail && awk -F':' '($3<500 && $1!="root" && $1!="sync" &&
$1!="shutdown" && $1!="sync" && $1!="shutdown" && $1!="halt" &&
$7!="/sbin/nologin") { print $1 } ' /etc/passwd

Note the additional quotes.

https://github.com/major/ansible-role-cis/blob/master/tasks/section_07_level1.yml
mostly matches your snippet but uses simpler formatting/quoting as an
example.

https://github.com/major/ansible-role-cis appears to be deprecated, as does
https://github.com/major/cis-rhel-ansible

It might also be worth including:

1. What target operating system release(s) you're targeting and
2. What versions of upstream CIS roles you're using.




On Tue, 21 Mar 2023 at 11:52, lift...@gmail.com  wrote:

> We have a role that implements the CIS benchmarks on our systems.  When we
> get to the following play, we get the error described below:
>
> - name: Disable System Accounts - preparation
>   ansible.builtin.shell: |
> set -o pipefail && awk -F':' \|
> ($3<500 && $1!="root" && $1!="sync" && $1!="shutdown" && $1!="sync" &&
> $1!="shutdown" && $1!="halt" && $7!="/sbin/nologin") { print $1 }
> /etc/passwd
>   register: enabled_system_accounts
>   changed_when: false
>
> Error:
>
> awk: cmd. line:1: |
> awk: cmd. line:1: ^ syntax error
> /bin/sh: -c: line 1: syntax error near unexpected token `{'
> /bin/sh: -c: line 1: `($3<500 && $1!="root" && $1!="sync" &&
> $1!="shutdown" && $1!="sync" && $1!="shutdown" && $1!="halt" &&
> $7!="/sbin/nologin") { print $1 } /etc/passwd'
>
> Any ideas?
>
> Thanks,
> Harry
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/eeb341e7-e45a-4a3e-b1dd-77471c4d9706n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTcYy-8V2nxXrVOkF03Ts772MDZPCVHCxgmj95JxE9tdg%40mail.gmail.com.

Re: [ansible-project] community.vmware.vmware_host_facts - vcenter username/pass

[Will McDonald]

https://www.digitalocean.com/community/tutorials/how-to-use-vault-to-protect-sensitive-ansible-data
walks you through the basics with some good practices.

For example:

$ mkdir -p ./inventories/group_vars/all/{vars,vault}

$ ansible-vault create ./inventories/group_vars/all/vault/all.yml

$ ansible-vault edit ./inventories/group_vars/all/vault/all.yml
vaulted_vcenter_username: 
vaulted_vcenter_password: 

$ vim ./inventories/group_vars/all/vars/all.yml
vcenter_username: "{{ vaulted_vcenter_username }}"
vcenter_password: "{{ vaulted_vcenter_password }}"

Then use vcenter_username & vcenter_password in your roles or plays (with a
.vault_pass or --ask-vault-pass as required).


On Tue, 14 Mar 2023 at 17:26, Tony Wong  wrote:

> can i get help on how to put my vcenter credentials
>
> vcenter_username
> vcenter_password
>
> into a vault file and then run playbook using vault file. I dont want to
> put the info into the pb
>
> thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f64d4585-0e60-46ca-92db-15be933d9162n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSyKHnU-0Ain55FesVbdEeeGJSFNVX8Jp%3DqayVawT8Ztg%40mail.gmail.com.

Re: [ansible-project] install vmware tools via ansible playbook (winrm)

[Will McDonald]

It's hard to tell from the mail formatted commands but thoughts off the top
of my head:

1. /S /v"/qn looks like it might need an additional space: /v "/qn
2. Have you tried to register the output of the task and then subsequently
inspect that? If so... what's the output?
3. Have you tried using the argv

parameter to see if that helps C:\VMware-tools-12.1.5-20735119-x86_64.exe
parse its arguments more cleanly?
4. If you drop that heavily quoted command line into a powershell or
batch/command instead and copy then call it... what happens? (Purely from a
debug/problem reduction perspective?


On Fri, 10 Mar 2023 at 23:11, Shay Cohen  wrote:

>
> .I am trying to install a vmare tools on windows machine but noting happen
> I manage to copy the file but when I am trying to install I don't see any
> error or installation running in the background.
>
> ---
> - hosts: all
>   tasks:
> - name: Copy a single file vmare-tools
>   ansible.windows.win_copy:
> src:
> /etc/ansible/roles/vmware_tools/files/VMware-tools-12.1.5-20735119-x86_64.exe
> dest: C:\VMware-tools-12.1.5-20735119-x86_64.exe
> - name: Install vmware tools
>   ansible.windows.win_command:
> '"C:\VMware-tools-12.1.5-20735119-x86_64.exe" /S /v"/qn REBOOT=R
> ADDLOCAL=ALL REMOVE=AppDefense,FileIntrospection,NetworkIntrospection,Hgfs"
> /ru SYSTEM /rl HIGHEST /l C:\VMwareToolsInstall.log'
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/38f6a909-538a-4848-997d-163b94c238aan%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRHFtszNSkE5i5frMkP8z1yhD_qyD9ZU_fOatzbjuAoNg%40mail.gmail.com.

Re: [ansible-project] updating grub via Ansible without presenting a dialog box

[Will McDonald]

The core problem here is a  grub / Debian issue rather than Ansible and it
looks like you've already tried a few places for help. (
https://unix.stackexchange.com/questions/735375/update-grub-on-debian-11-fails
and https://forums.debian.net/viewtopic.php?t=154015)

1, Is it ALL Debian 11 machines or just one/a few?
2. How was(/were) the VM(s) installed/created? If you create a new, clean
VM, and just do a grub-update do you have the same problem?
3. Try reviewing and feeding back on the questions/advice on either or both
of SO and the Debian forum.
4. Try spinning up an AWS Debian 11 instance and compare/contrast to your
broken instance(s). This is one I've just spun up moments ago:

root@ip-172-31-31-103:~# ls -l /etc/grub.d/
total 84
-rwxr-xr-x 1 root root 10046 Nov  8 17:29 00_header
-rwxr-xr-x 1 root root  6260 Nov  8 17:29 05_debian_theme
-rwxr-xr-x 1 root root 14123 Nov  8 17:29 10_linux
-rwxr-xr-x 1 root root 14180 Nov  8 17:29 20_linux_xen
-rwxr-xr-x 1 root root 12910 Nov  8 17:29 30_os-prober
-rwxr-xr-x 1 root root  1372 Nov  8 17:29 30_uefi-firmware
-rwxr-xr-x 1 root root   214 Nov  8 17:29 40_custom
-rwxr-xr-x 1 root root   215 Nov  8 17:29 41_custom
-rw-r--r-- 1 root root   483 Nov  8 17:29 README
-rw-r--r-- 1 root root 0 Jan 24 04:24 enable_cloud
root@ip-172-31-31-103:~# ls -l /etc/default/grub.d/
total 8
-rw-r--r-- 1 root root  15 Jan 24 04:27 15_timeout.cfg
-rw-r--r-- 1 root root 274 Aug  3  2022 init-select.cfg
root@ip-172-31-31-103:~# update-grub
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.10.0-21-cloud-amd64
Found initrd image: /boot/initrd.img-5.10.0-21-cloud-amd64
done

Something's borked your grub build config, you need to find and fix that.

On Mon, 27 Feb 2023 at 17:00, Kathy L  wrote:

> If we do an apt-mark hold grub first, we are left with the dilemma of how
> to update grub without presenting a dialog.  This is only happening on
> Debian 11 boxes.  We have tried using the :
>
>   environment:
>  DEBIAN_FRONTEND:  noninteractive
>
> option, but it is not working.
>
> On Thursday, February 23, 2023 at 1:56:48 PM UTC-5 Todd Lewis wrote:
>
>> Sounds like you'll need to `apt-mark hold grub` first, and handle
>> updates to grub separately from the others.
>> Also sounds like a bug in the grub package.
>>
>> On Thursday, February 23, 2023 at 8:03:00 AM UTC-5 Kathy L wrote:
>>
>>> That's what we started to look at, but the issue becomes during a
>>> general package update, you don't always know if grub will need to be
>>> updated.  I'm not even sure how you'd tell this in an apt-get update.
>>>
>>>
>>> On Thursday, February 23, 2023 at 7:46:45 AM UTC-5 Rowe, Walter P. (Fed)
>>> wrote:
>>>
 Is there a way to specify the install device on the command line / in
 the module so it doesn't prompt?

 Walter
 --
 Walter Rowe, Division Chief
 Infrastructure Services, OISM
 Mobile: 202.355.4123 <(202)%20355-4123>

 On Feb 23, 2023, at 7:34 AM, Kathy L  wrote:

 We are updating packages via Ansible, and when grub needs to be run
 after the update, it fails on Debian 11.  When I run the update command
 manually, grub displays a dialog box asking the user to select the grub
 install device (/dev/vda, /dev/vda2, /dev/vda3, etc.).

 We have our playbook running with an environment variable
 DEBIAN_FRONTEND: noninteractive.

 How do we fix this error in Ansible?

 --
 You received this message because you are subscribed to the Google
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to ansible-proje...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/4eed2847-8053-4381-854d-6d0cff5b8c6cn%40googlegroups.com
 
 .


 --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/938acaff-c7de-47b5-bb56-7a59036df301n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are 

Re: [ansible-project] slow inventory build

[Will McDonald]

You can strace the ansible-inventory execution to check what libraries and
syscalls are used:

$ strace ansible-inventory -i inventory/hosts --list 2>&1 | grep libya
openat(AT_FDCWD, "/lib64/libyaml-0.so.2", O_RDONLY|O_CLOEXEC) = 3

$ rpm -qf /lib64/libyaml-0.so.2
libyaml-0.2.5-8.fc37.x86_64



On Tue, 3 Jan 2023 at 15:36, Michael DiDomenico 
wrote:

> it is installed.  is there a way for me to confirm that ansible is
> actually using it?
>
> $ rpm -qa | grep -i yaml
> perl-CPAN-Meta-YAML-0.018-397.el8.noarch
> python3-pyyaml-3.12-12.el8.x86_64
> libyaml-0.1.7-5.el8.x86_64
>
>
> On Sat, Dec 31, 2022 at 6:49 PM Brian Coca  wrote:
> >
> > Do you have libyaml installed? it is the C version of the YAML
> > tokenizer, if not the processing will be done in python, which is much
> > slower. The difference is not noticeable with small files, but it
> > really becomes visible with large ones.
> >
> >
> > --
> > --
> > Brian Coca
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7fT33czos32m%3DTVxzMpWMdg5M7EAnvf44oUuOwHV0VLUQ%40mail.gmail.com
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CABOsP2MUpfN_KoVqfTLr-hmTPTba%2BvLvR%3DwBJ6hVxcNgTNyAKw%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohR%2BBLLeJ8OoQk9gvJn-O%3D_JHJ9u%3DvtDi8wkedfLLHTmGg%40mail.gmail.com.

Re: [ansible-project] To extract information from all hosts.

[Will McDonald]

The Ansible setup module will give you facts about target systems including
memory usage, uptime,swap space, it would be fairly simple to extend this
with a custom fact to also grab the contents of /proc/loadavg

See
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/setup_module.html
or run '$ ansible-doc setup'

Reading between the lines though, it sounds like you have been tasked to
use ansible as an ersatz monitoring solution? Scheduling ansible runs
against a number of hosts to grab runtime stats might not be the most
efficient use case, you may want to investigate dedicated tooling like
Sensu, Nagios, Zabbix or similar.

On Fri, 23 Dec 2022 at 09:48, 'Shivakumar Venkataswamy' via Ansible Project
 wrote:

> Hi All,
>
> I'm looking for extract information like Load, memory usage, uptime,swap
> space from all linux servers in csv farmat. could please anyone suggest
> playbook for the same.
>
> Regards,
> Shivu
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/bc9141d5-447e-4114-80b1-5a5b81f846bbn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRwR%3Dq1fT-79sO1Yo%2B8nmuiJ_92wRmExYn6N127LhbX6A%40mail.gmail.com.

Re: [ansible-project] Re: Overriding detected file kind 'yaml' with 'playbook' for given positional argument

[Will McDonald]

There's a little more info on why this behaviour occurs here:
https://github.com/ansible/ansible-lint/issues/1398

The shell return value is accurate regardless:

[wmcdonald@fedora tests]$ ll
total 4
-rw-r--r--. 1 wmcdonald wmcdonald 143 Dec 22 12:55 test1.yaml
[wmcdonald@fedora tests]$ cat test1.yaml
---

- hosts: localhost
  gather_facts: yes

  tasks:
  - name: printing some debuggery
debug:
  msg: "O HAI!"

# vim:sw=2:ts=2:et:ai

[wmcdonald@fedora tests]$ ansible-lint
[wmcdonald@fedora tests]$ echo $?
0
[wmcdonald@fedora tests]$ ansible-lint test1.yaml
WARNING  Overriding detected file kind 'yaml' with 'playbook' for given
positional argument: test1.yaml
[wmcdonald@fedora tests]$ echo $?
0

On Thu, 22 Dec 2022 at 12:40, Todd Lewis  wrote:

> Not possible to omit generating those messages, although you could say
>
> $ ansible-lint […] 2>/dev/null
>
> If the positional argument were, say, a group_vars file and it was being
> linted as if it were a playbook, then "WARNING …" would clearly make sense.
> Or if you didn't intend "my_test.yml" to be linted as a playbook, then
> you'd be glad for the warning.
>
> As it is, since you can't pick which lintable schema to use on a given
> file (at least not from --help's output, or the missing man page), I'll
> stand by my original statement: it's an informational message that happens
> to begin with the text "WARNING". That's just my opinion, but ansible-lint
> is extremely opinionated after all.
>
> On Thursday, December 22, 2022 at 7:16:08 AM UTC-5 rajthecomputerguy wrote:
>
>> It is a warning , can you please tell me how to avoid this?
>>
>> *WARNING  Overriding detected file kind 'yaml' with 'playbook' for given
>> positional argument: my_test.yml*
>>
>> On Thursday, December 22, 2022 at 5:22:50 PM UTC+5:30 uto...@gmail.com
>> wrote:
>>
>>> That isn't an error. It's just information: the yaml file is being
>>> treated as a playbook.
>>>
>>> On Thursday, December 22, 2022 at 5:40:02 AM UTC-5 rajthecomputerguy
>>> wrote:
>>>
 Hi Team,

 I am facing below error while doing ansible-lint, Any help would be
 appreciated

 command: *ansible-lint test.yaml*

 *Overriding detected file kind 'yaml' with 'playbook' for given
 positional argument*

 Thanks,
 Raj

>>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/1cbbe42b-5756-4f11-8337-ef8d315a8250n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRo5FdWfb07Xi9Q4PQ%2BuGViL6rYExw%2Bak4DGHVLe4%3DB3Q%40mail.gmail.com.

Re: [ansible-project] Physical servers prechecks playbook

[Will McDonald]

You get a useful subset of DMI info already parsed into facts

by the setup module, for example running `ansible -m setup localhost` could
give you:

"ansible_bios_vendor": "LENOVO",
"ansible_bios_version": "x.y.z",
"ansible_board_asset_tag": "Not Available",
"ansible_board_name": "xx",
"ansible_board_serial": "xx",
"ansible_board_vendor": "LENOVO",
"ansible_board_version": "Not Defined",
"ansible_chassis_asset_tag": "No Asset Information",
"ansible_chassis_serial": "xx",
"ansible_chassis_vendor": "LENOVO",
"ansible_chassis_version": "None",

You could use a custom fact or two set based on dmidecode or the included
setup facts to toggle the hardware vendor and then use their appropriate
LOM tooling CLIs or any REST API interfaces provided if you needed to dig
deeper. (As Klaas has mentioned Dell iDRAC, Lenovo LOM or CMM)

Look at what others have done in this space, for example
https://newrelic.com/blog/best-practices/ansible-auditing-tool (or
https://github.com/redhat-cop/canary, which was used for application
fingerprinting but again could prove useful examples.)

Finally, the dmidecode binary directly will give you much of the info
you're looking for although it's not going to be the easiest thing to parse.




On Wed, 16 Nov 2022 at 19:26, Klaas Demter  wrote:

> For dell you can get these types of information from the idrac if it's
> configured.
>
>
> https://docs.ansible.com/ansible/latest/collections/dellemc/openmanage/index.html
>
> the idrac* modules.
>
>
> On 11/16/22 18:38, Linux Study wrote:
>
> I mean . If there is lenovo or dell servers.how can we get details like
> bios version, mac address, firm version etc . Via ansible playbook?
>
>
> Regards,
> Abhi
>
>
>
>
> On Tue, 15 Nov 2022, 17:55 'Rowe, Walter P. (Fed)' via Ansible Project, <
> ansible-project@googlegroups.com> wrote:
>
>> Ansible needs to have SSH access to the Linux machine with an ID that can
>> sudo to root.
>>
>> Walter
>> --
>> Walter Rowe, Division Chief
>> Infrastructure Services, OISM
>> Mobile: 202.355.4123
>>
>> On Nov 15, 2022, at 1:00 AM, Dick Visser  wrote:
>>
>> What do you mean with pre-checks?
>> Ansible is an automation tool, so how do you currently get those
>> pre-checks?
>>
>>
>> On Mon, 14 Nov 2022 at 19:20, Linux Study  wrote:
>>
>>> Hi All,
>>>
>>> Can someone please help me to get pre-checks from Lenovo physical
>>> servers via ansible-playbook? Someone has a sample playbook that can help
>>> me...
>>>
>>>
>>> Regards,
>>> Abhi
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAEcjLFzfXs5FnsWyMr1cLmXAeG8_RQ0s5yQyHMzy1hzGdu_sRQ%40mail.gmail.com
>>> 
>>> .
>>>
>> --
>> Sent from Gmail Mobile
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAF8BbLbi8%2BdX1364A8PshFzxq_hdjSePs_rq%3DMCafDMNfnLQzg%40mail.gmail.com
>> 
>> .
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups

Re: [ansible-project] vi editor for Ansible playbook

[Will McDonald]

There are a number of different variants or flavours of Linux. (
https://en.wikipedia.org/wiki/List_of_Linux_distributions)

If the variant you're using is based on Red Hat (e.g. Fedora, CentOS or
similar) then you may need the additional vim-enhanced RPM installed.
(Check with a local administrator if you're unsure.)

Check the contents of /etc/os-release, that should give some indication of
OS flavour (type) for most common distros.



On Mon, 3 Oct 2022 at 13:39, Aharonu  wrote:

> It is in Linux server
>
> On Mon, 3 Oct 2022, 18:05 Will McDonald,  wrote:
>
>> What distro/environment are you using? Typically with Red Hat-based
>> distros you need the vim-enhanced package installed for colour syntax
>> highlighting.
>>
>> On Mon, 3 Oct 2022 at 12:32, Aharonu  wrote:
>>
>>> Thank you for your assistance. I have just applied what you suggested
>>> but I still see there is no coloring format for my anisble playbooks.
>>> Please see attached file and request to suggest if something I'm missing.
>>>
>>> Thank you again for your time.
>>>
>>> On Mon, 3 Oct 2022, 16:43 'Rowe, Walter P. (Fed)' via Ansible Project, <
>>> ansible-project@googlegroups.com> wrote:
>>>
>>>> Attached is my vimrc file. Place it in ~/.vimrc. This also maps F7 to
>>>> toggle syntax highlighting. VIM has syntax aware code. You just need to
>>>> enable it.
>>>>
>>>> Walter
>>>> --
>>>> Walter Rowe, Division Chief
>>>> Infrastructure Services, OISM
>>>> Mobile: 202.355.4123
>>>>
>>>> On Oct 1, 2022, at 10:16 AM, Aharonu  wrote:
>>>>
>>>> Hi All,
>>>>
>>>> Could anyone please direct me what options i need to use/enable  for
>>>> while writing playbooks in vi editor colour indication lines as mentioned
>>>> attached  example.
>>>>
>>>> Thank you in advance.
>>>>
>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/CANGEjuW1whch3WYr7AVT_jstQ3pqrT2t-967xndht0FyFH6Xag%40mail.gmail.com
>>>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgroups.google.com%2Fd%2Fmsgid%2Fansible-project%2FCANGEjuW1whch3WYr7AVT_jstQ3pqrT2t-967xndht0FyFH6Xag%2540mail.gmail.com%3Futm_medium%3Demail%26utm_source%3Dfooter&data=05%7C01%7Cwalter.rowe%40nist.gov%7C37bad48c2e4645f3d26f08daa3b7c6e7%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C0%7C638002306966604358%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=KNxuYKeQR4Vcl3%2BT7y9Ssd%2FBSOCbWa1DYJph8xKS2N0%3D&reserved=0>
>>>> .
>>>> 
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/42D1AC16-DB1E-413C-8FB8-88DF49C14793%40nist.gov
>>>> <https://groups.google.com/d/msgid/ansible-project/42D1AC16-DB1E-413C-8FB8-88DF49C14793%40nist.gov?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CANGEjuV2a%2Bb7vxzcfb7T5SwuR%2BMKZGf8%2Bce9myNoM8sLZVT7hw%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/ansible-project/CANGEjuV2a%2Bb7vxzcfb7T5SwuR%2BMKZGf8%2Bce9myNoM8sLZVT7hw%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansibl

Re: [ansible-project] vi editor for Ansible playbook

[Will McDonald]

What distro/environment are you using? Typically with Red Hat-based distros
you need the vim-enhanced package installed for colour syntax highlighting.

On Mon, 3 Oct 2022 at 12:32, Aharonu  wrote:

> Thank you for your assistance. I have just applied what you suggested but
> I still see there is no coloring format for my anisble playbooks.  Please
> see attached file and request to suggest if something I'm missing.
>
> Thank you again for your time.
>
> On Mon, 3 Oct 2022, 16:43 'Rowe, Walter P. (Fed)' via Ansible Project, <
> ansible-project@googlegroups.com> wrote:
>
>> Attached is my vimrc file. Place it in ~/.vimrc. This also maps F7 to
>> toggle syntax highlighting. VIM has syntax aware code. You just need to
>> enable it.
>>
>> Walter
>> --
>> Walter Rowe, Division Chief
>> Infrastructure Services, OISM
>> Mobile: 202.355.4123
>>
>> On Oct 1, 2022, at 10:16 AM, Aharonu  wrote:
>>
>> Hi All,
>>
>> Could anyone please direct me what options i need to use/enable  for
>> while writing playbooks in vi editor colour indication lines as mentioned
>> attached  example.
>>
>> Thank you in advance.
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CANGEjuW1whch3WYr7AVT_jstQ3pqrT2t-967xndht0FyFH6Xag%40mail.gmail.com
>> 
>> .
>> 
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/42D1AC16-DB1E-413C-8FB8-88DF49C14793%40nist.gov
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CANGEjuV2a%2Bb7vxzcfb7T5SwuR%2BMKZGf8%2Bce9myNoM8sLZVT7hw%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRtWS%2BnEhzkgNg1xB3FnrFHGO02RSyjGbsotixjSvtXvA%40mail.gmail.com.

Re: [ansible-project] Updating CentOS Linux release 7.9.2009 (Core) using yum module

[Will McDonald]

Did you spot this in the error message and think about why it might be
happening:

""warning:
/var/cache/yum/x86_64/7/mysql80-community/packages/mysql-community-common-8.0.30-1.el7.x86_64.rpm:
Header V4 RSA/SHA256 Signature, key ID 3a79bd29: *NOKEY*\n\n\n*GPG key
retrieval failed: [Errno 14]* curl#37 - \*"Couldn't open file
/etc/pki/rpm-gpg/RPM-GPG-KEY-mysql-2022*\"\n""

https://www.google.com/search?q=ansible+yum+GPG+key+retrieval+failed

- Check if you can download/install that GPG key manually from the mirror
used on a test system
- Look at
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/rpm_key_module.html
to manage RPM GPG keys using automation


On Sun, 21 Aug 2022 at 08:10, kaushal...@gmail.com 
wrote:

> Hi,
>
> I am facing the below issue while updating CentOS Linux release 7.9.2009
> (Core)
>
> ➜  ~ cat /Users/kaushal/hosts
> [yum]
> 192.168.0.112 ansible_ssh_user=root
> ➜  ~ cat pkg_update.yml
> ---
> - hosts: yum
>   become: yes
>   become_user: root
>   tasks:
>   - name: Update all installed packages using YUM module
> yum:
>   name: '*'
>   state: latest
>   update_cache: yes
>   update_only: yes
> register: yum_update_status
>
>   - name: Remove packages not needed anymore
> yum:
>   autoremove: yes
>
>   - name: Reboot when packages were updated
> reboot:
> when: yum_update_status.changed
>
>   - name: checking updates
> yum:
>security: yes
>state: latest
> check_mode: yes
> register: yum_output
> become: true
>
>   - name: show that yum output
> debug:
>var: yum_output
>
> ➜  ~
>
> $ansible-playbook -i /Users/kaushal/hosts pkg_update.yml
>
> PLAY [yum]
> ***
>
> TASK [Gathering Facts]
> ***
> ok: [192.168.0.112]
>
> TASK [Update all installed packages using YUM module]
> 
> fatal: [192.168.0.112]: FAILED! => {"changed": true, "changes":
> {"installed": [], "updated": [["kernel", "3.10.0-1160.76.1.el7.x86_64 from
> updates"], ["mysql-community-common", "8.0.30-1.el7.x86_64 from
> mysql80-community"], ["kernel-tools-libs", "3.10.0-1160.76.1.el7.x86_64
> from updates"], ["mysql-community-client", "8.0.30-1.el7.x86_64 from
> mysql80-community"], ["java-1.8.0-openjdk-headless",
> "1:1.8.0.342.b07-1.el7_9.x86_64 from updates"], ["python-perf",
> "3.10.0-1160.76.1.el7.x86_64 from updates"],
> ["mysql-community-client-plugins", "8.0.30-1.el7.x86_64 from
> mysql80-community"], ["mysql-community-libs", "8.0.30-1.el7.x86_64 from
> mysql80-community"], ["microcode_ctl", "2:2.1-73.14.el7_9.x86_64 from
> updates"], ["mysql-community-libs-compat", "8.0.30-1.el7.x86_64 from
> mysql80-community"], ["kernel-tools", "3.10.0-1160.76.1.el7.x86_64 from
> updates"], ["java-1.8.0-openjdk", "1:1.8.0.342.b07-1.el7_9.x86_64 from
> updates"]]}, "msg": "warning:
> /var/cache/yum/x86_64/7/mysql80-community/packages/mysql-community-common-8.0.30-1.el7.x86_64.rpm:
> Header V4 RSA/SHA256 Signature, key ID 3a79bd29: NOKEY\n\n\nGPG key
> retrieval failed: [Errno 14] curl#37 - \"Couldn't open file
> /etc/pki/rpm-gpg/RPM-GPG-KEY-mysql-2022\"\n", "rc": 1, "results": ["Loaded
> plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n *
> base: centos.excellmedia.net\n * epel: mirror.sjtu.edu.cn\n * extras:
> centos.excellmedia.net\n * updates: centos.excellmedia.net\nResolving
> Dependencies\n--> Running transaction check\n---> Package
> java-1.8.0-openjdk.x86_64 1:1.8.0.332.b09-1.el7_9 will be updated\n--->
> Package java-1.8.0-openjdk.x86_64 1:1.8.0.342.b07-1.el7_9 will be an
> update\n---> Package java-1.8.0-openjdk-headless.x86_64
> 1:1.8.0.332.b09-1.el7_9 will be updated\n---> Package
> java-1.8.0-openjdk-headless.x86_64 1:1.8.0.342.b07-1.el7_9 will be an
> update\n---> Package kernel.x86_64 0:3.10.0-1160.76.1.el7 will be
> installed\n---> Package kernel-tools.x86_64 0:3.10.0-1160.71.1.el7 will be
> updated\n---> Package kernel-tools.x86_64 0:3.10.0-1160.76.1.el7 will be an
> update\n---> Package kernel-tools-libs.x86_64 0:3.10.0-1160.71.1.el7 will
> be updated\n---> Package kernel-tools-libs.x86_64 0:3.10.0-1160.76.1.el7
> will be an update\n---> Package microcode_ctl.x86_64 2:2.1-73.13.el7_9 will
> be updated\n---> Package microcode_ctl.x86_64 2:2.1-73.14.el7_9 will be an
> update\n---> Package mysql-community-client.x86_64 0:8.0.29-1.el7 will be
> updated\n---> Package mysql-community-client.x86_64 0:8.0.30-1.el7 will be
> an update\n---> Package mysql-community-client-plugins.x86_64
> 0:8.0.29-1.el7 will be updated\n---> Package
> mysql-community-client-plugins.x86_64 0:8.0.30-1.el7 will be an
> update\n---> Package mysql-community

Re: [ansible-project] Ansible module for VM workstation to PowerOn & PowerOff

[Will McDonald]

https://github.com/qsypoq/Ansible-VMware-Workstation-Fusion-Pro-Modules
looks like it wraps vmrest.exe which would allow you to control the power
state of VMs.

You could also, more crudely, just stop/start using vmrun.exe
[stop|suspend|start]  and wrap that with
command/shell/win_powershell.


On Mon, 25 Jul 2022 at 12:59, Mohan  wrote:

> Hello Community members,
>
> I’m using vmware workstation version 15.0.0 on Ubuntu-20.04-LTS machine.
>
> We have deployed VM workstation based Windows-10 machines in that. I want
> to know which ansible module we can use to *PowerOn *and *PowerOff *windows-10
> virtual machines from workstation?
>
> I was searching online to find ansible module for the same, However i
> couldn’t find the ideal document. So please let me know module in ansible?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/adc99c80-db2e-4f06-ad1a-5db1a5dbfb5bn%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSzTRcg6Xeptx84X-m0PgJJVoQLhkWCEpVAYK4Qc%3DAaGw%40mail.gmail.com.

Re: [ansible-project] Ansible Loops and Filters sample for practise

[Will McDonald]

Have a look through Ansible Lightbulb and its replacement, Ansible
Workshops?

- https://github.com/ansible/lightbulb
- https://ansible.github.io/workshops


On Thu, 1 Oct 2020 at 09:11, Amit Chettri  wrote:

> Hello All,
>
> I am looking for some good blogs or GitHub link which basically helps to
> practice in details with different types of ansible loops, filter and
> filter manipulation with sample variable or files.
>
> I have been following up below link for this topic from 
> *https://docs.ansible.com/
> *, though it have the syntax of its usage but
> it does not contain any sample example over which this exercise is getting
> looped or filter is applied.
>
> it will be really a great help if someone can guide me on this.
>
>
> *https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
> *
>
> *https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters.html
> *
> *https://docs.ansible.com/ansible/2.3/playbooks_filters.html
> *
>
> Regards
> Amit
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/81ef0ce5-05e7-4f9f-af51-08a3f685cea2n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSp5--Gi7vYgxuJO36R%3D3NXPDxfWrONqxSKdB0ycyhzjg%40mail.gmail.com.

Re: [ansible-project] Re: Ansible - write only specific output

[Will McDonald]

There's nothing in the ansible CLI that supports explicitly dumping the
output to a file. You could just use a simple shell redirect.

$ ansible -i inventories/aws -m setup all > host-facts.yaml

It's worth noting that the CLI's output doesn't make a distinction between
failed plays or tasks in terms of shell standard in/standard out, all the
output goes to standard out (unless it's something to do with command line
parsing or something lower-level than play execution).

So for example if I remove a pubkey on a host and run the setup module to
gather facts, all the output goes to STDOUT:

xx.xx.xx.xx | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ec2-u...@xx.xx.xx.xx:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
"unreachable": true
}
yy.yy.yy.yy | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"aa.aa.aa.aa"
],







On Wed, 13 Feb 2019 at 16:46, DM  wrote:

> Thanks I do have the "---" at the top
> When I run t he ansible-playbook how do get all that info to write to a
> file?
> It only shows up on  the cli which I know I can copy and paste to a file,
> but would like to output to a file
>
> Thanks
>
>
>
> On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote:
>>
>> How do you write to a file the output of a yaml?
>>
>> If possible, how do you only write to a file specific info if?
>>
>> Thanks
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/35a3b1fc-da7b-4f4b-a2be-ebd9bf89c49b%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTxSeFysALDr%3DjoKRHP_wmiowzB0Kty2oxhoD4%3DDZ%3DOSg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Oracle 12C hangs with while doing unattended installation

[Will McDonald]

In addition to Jordan's recommendations, have you created an oraInventory?
I haven't automated the OUI on Windows but generally, on *nix platforms you
need to manually create an empty OUI inventory with the appropriate
ownerships and permissions. (You can work this out from a successful
install but on a Linux-based host it would be similar to:

# Make an ORACLE_BASE
mkdir -p /u01/app/oracle/
chown -R oracle:oinstall /u01

# Create the Oracle Inventory
cat > /etc/oraInst.loc  It's very hard for us to help you in this situation but basically it boils
> down to you running these checks and finding out what is causing the
> program to hang;
>
> * Use something like procexp to see if the setup.exe process is spawning
> any child processes that are running in the background
> * Ensure your quoting is not screwing up the install process, in your
> first example you have quoted the responseFile path arg but you don't need
> this quoted.
> * Try and replicate this through another WinRM session like PowerShell's
> Invoke-Command or Enter-PSSession
> * Use Ansible become on the task to escape the boundary of the WinRM logon
> and run through a psuedo-interactive process
> * See if there is any logging you can enable on the Oracle installer, this
> could tell you the stage it is up to and what it may be waiting on
>
> As for why you cannot see it when running through Ansible, Ansible uses a
> completely separate session to run your processes as any normal interactive
> logon. This is not unique to Ansible but how Windows treats things like
> network logons such as WinRM.
>
> Thanks
>
> Jordan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e2e0f876-862d-4b74-a045-93f0f74355fd%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohRUDDqAnhXcD8JowZ4Sp8DuKS-dA3zwSW%3DQnPGwJfghsA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to launch multiple EC2 hosts using ansible

[Will McDonald]

Your ec2_instance_tag 'name:webserver' is being evaluated as a string
because there's no space, it needs to be a YAML dictionary.

If you read the docs on the module (ansible-doc ec2), they state:

- instance_tags
> *a hash/dictionary of tags* to add to the new instance or for
> starting/stopping instance by tag; '{"key":"value"}' and
> '{"key":"value","key":"value"}'
> [Default: None]
> version_added: 1.0
>

And if you pay attention to:
http://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html

* A dictionary is represented in a simple key: value form (the colon must
> be followed by a space): *
>

You have:

ec2_instance_tag:
 name:webserver

This should be:

ec2_instance_tag:
 name: webserver
  ^




On 23 April 2018 at 05:09, Saikrishna  wrote:

> Hi Will,
>
> Updated changes but see an error, could you please let me know what is
> missing? Inserted code for your reference.
>
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "argument
> instance_tags is of type  and we were unable to convert to
> dict: dictionary requested, could not parse JSON or key=value"}
>
>
>
> ---
>
> - name: Create a sandbox instance
>
>   hosts: localhost
>
>   connection: local
>
>   gather_facts: True
>
>   vars:
>
> aws_access_key: aabbccdd
>
> aws_secret_key: aabbccddeeffgghhiijjkk
>
> key_name: mykeypair
>
> ec2_instance_count: 5
>
> ec2_instance_tag:
>
>  name:webserver
>
> instance_type: 't2.micro'
>
> #instance_type: 'c4.2xlarge'
>
> security_group: my_securitygroup
>
> group: default
>
> image: ami-
>
> #region: us-west-2a
>
> ec2_url: https://ec2.us-west-2.amazonaws.com
>
>   tasks:
>
> - name: Launch instance
>
>   ec2:
>
>  aws_access_key: "{{ aws_access_key }}"
>
>  aws_secret_key: "{{ aws_secret_key }}"
>
>  count_tag: "{{ ec2_instance_tag }}"
>
>  ec2_url: "{{ ec2_url }}"
>
>  exact_count: "{{ ec2_instance_count }}"
>
>  group: "{{ security_group }}"
>
>  key_name: "{{ key_name }}"
>
>  image: "{{ image }}"
>
>  instance_type: "{{ instance_type }}"
>
>  instance_tags: "{{ ec2_instance_tag }}"
>
>  wait: true
>
> # region: "{{ region }}"
>
>  vpc_subnet_id: subnet-buiuuyyt
>
> # vpc_id: vpc-iuuytgfxds
>
>  assign_public_ip: yes
>
>   register: ec2
>
>
> - name: Add new instance to host group
>
>   add_host:
>
> hostname: "{{ item.public_ip }}"
>
> groupname: launched
>
>   with_items: "{{ ec2.instances }}"
>
>
> - name: Wait for SSH to come up
>
>   wait_for:
>
> host: "{{ item.public_dns_name }}"
>
> port: 22
>
> delay: 60
>
> timeout: 320
>
> state: started
>
>   with_items: "{{ ec2.instances }}"
>
>
>
> On Sun, Apr 22, 2018 at 9:26 AM, Will McDonald 
> wrote:
>
>> I think this is because you've defined the desired count in your vars but
>> not actually in the invocation of the ec2 module.
>>
>> Something like this should work as you expect:
>>
>> - name: create webserver instances
>>   hosts: localhost
>>   connection: local
>>   gather_facts: false
>>
>>   vars:
>> ec2_instance_count: 2
>> ec2_instance_tag:
>>   name: webserver
>>
>>   tasks:
>> - name: provision ec2 webserver instances
>>   ec2:
>> aws_access_key: "{{ aws_access_key }}"
>> aws_secret_key: "{{ aws_secret_key }}"
>> count_tag: "{{ ec2_instance_tag }}"
>> ec2_url: "{{ ec2_url }}"
>> exact_count: "{{ ec2_instance_count }}"
>> groups: "{{ ec2_security_group }}"
>> key_name: "{{ ec2_key_name }}"
>> image: "{{ ec2_image }}"
>> instance_tags: "{{ ec2_instance_tag }}"
>> instance_type: "{{ ec2_instance_type }}"
>> region: "{{ ec2_region }}"
>> wait: true
>>   register: ec2
>>
>> Cheers,
>&g

Re: [ansible-project] How to launch multiple EC2 hosts using ansible

[Will McDonald]

I think this is because you've defined the desired count in your vars but
not actually in the invocation of the ec2 module.

Something like this should work as you expect:

- name: create webserver instances
  hosts: localhost
  connection: local
  gather_facts: false

  vars:
ec2_instance_count: 2
ec2_instance_tag:
  name: webserver

  tasks:
- name: provision ec2 webserver instances
  ec2:
aws_access_key: "{{ aws_access_key }}"
aws_secret_key: "{{ aws_secret_key }}"
count_tag: "{{ ec2_instance_tag }}"
ec2_url: "{{ ec2_url }}"
exact_count: "{{ ec2_instance_count }}"
groups: "{{ ec2_security_group }}"
key_name: "{{ ec2_key_name }}"
image: "{{ ec2_image }}"
instance_tags: "{{ ec2_instance_tag }}"
instance_type: "{{ ec2_instance_type }}"
region: "{{ ec2_region }}"
wait: true
  register: ec2

Cheers,

Will.



On 22 April 2018 at 16:12, Love  wrote:

> Dear Experts,
>
>
>
> How to launch multiple EC2 instances using ansible?
>
> I want to create an environment in AWS using below playbook but I see only
> one instance is being created when I execute below playbook.
>
>
> Could you please help with missing code/syntax here?
>
>
> Note: I'm using free account with AWS.
>
>
>
>
> ---
>
> - name: Create sandbox instances
>
>   hosts: localhost
>
>   gather_facts: True
>
>   vars:
>
> aws_access_key: aabbccddeeffgghh
>
> aws_secret_key: aabbccddeeffgghhiijjkkllmmnnoopp
>
> key_name: mykeypair
>
> count: 5
>
> exact_count: 'count_tag'
>
> instance_type: 't2.micro'
>
> security_group: my_securitygroup
>
> group: default
>
> image: ami-00125160
>
> ec2_url: https://ec2.us-west-2.amazonaws.com
>
>   tasks:
>
> - name: Launch instance
>
>   ec2:
>
>  aws_access_key: "{{ aws_access_key }}"
>
>  aws_secret_key: "{{ aws_secret_key }}"
>
>  key_name: "{{ key_name }}"
>
>  group: "{{ security_group }}"
>
>  instance_type: "{{ instance_type }}"
>
>  count_tag: "{{ exact_count }}"
>
>  image: "{{ image }}"
>
>  wait: true
>
>  ec2_url: "{{ ec2_url }}"
>
>  vpc_subnet_id: subnet-edcf00db
>
>  assign_public_ip: yes
>
>   register: ec2
>
>
> - name: Add new instance to host group
>
>   add_host:
>
> hostname: "{{ item.public_ip }}"
>
> groupname: launched
>
>   with_items: "{{ ec2.instances }}"
>
>
> - name: Wait for SSH to come up
>
>   wait_for:
>
> host: "{{ item.public_dns_name }}"
>
> port: 22
>
> delay: 60
>
>timeout: 320
>
> state: started
>
>   with_items: "{{ ec2.instances }}"
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/51b431bb-e0dd-4765-9051-cf5dbc8d624c%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohSbX8%2B-1b0HmpUFkW-BksE4teRnSyvBbKCcoeu%3D4zUEzg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Need some help

[Will McDonald]

Have a look at ansible_python_interpreter:

http://docs.ansible.com/ansible/intro_inventory.html#list-of-behavioral-inventory-parameters
On 14 Jul 2016 5:50 p.m., "niraj pandey"  wrote:

> Hi,
>
> I have just started to learn Ansible and facing some issue while executing
> a simple ping command:
>
> ansible webserver -m ping
>
> wllog | FAILED! => {
> "changed": false,
> "failed": true,
> "module_stderr": "",
> "module_stdout": "Traceback (most recent call last):\r\n  File
> \"/home/niraj/.ansible/tmp/ansible-tmp-1468471044.71-226020658252160/ping.py\",
> line 120, in ?\r\nexitcode = invoke_module(module, zipped_mod,
> ZIPLOADER_PARAMS)\r\n  File
> \"/home/niraj/.ansible/tmp/ansible-tmp-1468471044.71-226020658252160/ping.py\",
> line 29, in invoke_module\r\n(stdout, stderr) =
> p.communicate(json_params)\r\n  File
> \"/usr/lib64/python2.4/subprocess.py\", line 1064, in communicate\r\n
>  bytes_written = os.write(self.stdin.fileno(), input[:512])\r\nOSError:
> [Errno 32] Broken pipe\r\n",
> "msg": "MODULE FAILURE",
> "parsed": false
> }
>
> Little bit googling hints that I need to install simplejason module on the
> client machine.
>
> Is there any way that ansible use the python from alternate location on
> client machine to pass information back instead of it's default location
> (/usr/bin/python).
>
> As I have a python installed centrally and accessible from all the hosts.
> This python carrying most of the modules. So I want client should use that
> python to pass information back to ansible.
>
> Thanks
> ~Niraj
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/cb8574ab-345f-46d2-986e-2ac2c1353776%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKtKohTYx%2BpnZOrn_vnOcOz-ZcNFpSbGtrgogMgFBbg6r8y_Dg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.