Re: [ansible-project] Placement of vars_promt

On Tuesday, September 9, 2014 3:17:29 PM UTC-4, Michael DeHaan wrote: > > Ansible plays are hashes, they are a collection of attributes. > > Tasks are an ordered list. > > Thus including "vars_prompt" ahead or behind "tasks" makes no difference. > > vars_prompt happens before the current play run

Re: [ansible-project] Ansible 1.7.1 RPM?

Thanks for the quick fix! On Tuesday, September 9, 2014 7:34:36 PM UTC-7, Kevin Fenzi wrote: > > Oops. I built them, but somehow the updates didn't get submitted. ;( > > I've submitted them now: > -- You received this message because you are subscribed to the Google Groups "Ansible Project"

Re: [ansible-project] Ansible 1.7.1 RPM?

On Tue, 9 Sep 2014 19:17:03 -0700 (PDT) Jacob Weber wrote: > Is there a place to download an ansible 1.7.1 RPM? I can only find > version 1.7 on epel and epel-testing, and that has a bad bug with > commands that have a lot of output. I can no longer find 1.6.x in > epel either, so I'm kind of stu

[ansible-project] Ansible 1.7.1 RPM?

Is there a place to download an ansible 1.7.1 RPM? I can only find version 1.7 on epel and epel-testing, and that has a bad bug with commands that have a lot of output. I can no longer find 1.6.x in epel either, so I'm kind of stuck. I tried to build a 1.6.6 RPM myself, but ran into an error: e

[ansible-project] Temporarily setting umask

Hi, We are running a system where the default umask is 0077. When installing a system-wide rubygem (as root), for example, the installed files and executables are installed with rights for the root user only. I would like to avoid trying to manually find and set the mode on all the files in

Re: [ansible-project] Using sudosh instead of just sudo

So I separated out the sudosh from the sudo. Having sudosh as a login shell works and records like it should, so I don't think you need to have another setting. This works: ansible myserver -a "ls /tmp" and so does this: ansible myserver -a "sudo ls /tmp" This doesn't: ansible myserver -a

[ansible-project] Re: Info: ec2_lb with access_key/secret_key specified but could not perform elasticloadbalancing:DescribeLoadBalancers

A new interesting development. I remove aws_access_key and aws_secret_key from the task ec2_elb and create ~/.boto and tried again. This type things work. [Credentials] aws_access_key_id=... aws_secret_access_key=... Hmmm On Tuesday, September 9, 2014 1:37:11 PM UTC-7, Steven Truong w

Re: [ansible-project] Guidance on deploying with Ansible

Awesome, this is a great start. 2 questions off the top of my head: 1) Because I am using ansible-playbook, where do I put these steps such that they run before the roles do so that all the machines are created, running, and in the hosts for the play? Would I have them in the playbook file be

Re: [ansible-project] Guidance on deploying with Ansible

Take a look at "exact_count" in the Ec2 module for #2, as combined with the add_host module. This is a pretty common pattern. With add_host you can throw the machine into a group, and the group_vars files will pick up and be applied. Any specific questions? On Tue, Sep 9, 2014 at 4:34 PM, Jer

[ansible-project] Info: ec2_lb with access_key/secret_key specified but could not perform elasticloadbalancing:DescribeLoadBalancers

Hi all, I have a play book that just simply go and add instances to my ELB but apparently the user's keys specified were not authorized to do the "DescribeLoadBalancers". This user has a policy attached to it that allows to have full access to this ELB. Task: - name: Instance re-register

[ansible-project] Guidance on deploying with Ansible

I think I have an idea about how to do this, but I wanted some guidance from the Ansible community: What I would like to do is the following: 1) Run ansible-playbook 2) Ensure that there are X nodes in EC2 matching some criteria (an instance tag would be best), and create additional instances a

[ansible-project] Re: Retaining information about hosts after add_hosts

I just did some more testing with this. The behavior is: Ansible writes sometimes two, sometimes three entries to the file. To me, this indicates that file access is not exclusive. So the parallel Ansible processes are all opening and closing the file, and last-one-in wins. I also tried with bo

[ansible-project] Retaining information about hosts after add_hosts

Hi list, I posted a while back about a way to parallelize Openstack node creation. To recap, I have a role with the following task: - name: Set up API connections for all Openstack nodes add_host: name: "os_api_{{ item }}" ansible_ssh_host: 127.0.0.1 groups: os_api ansible_conn

Re: [ansible-project] error on change notify

Hi Thanks yep I think I got notify and register a bit mixed up Thanks Mark Mark Olliver Head of IT Operations InfectiousMedia On 9 Sep 2014 20:20, "Michael DeHaan" wrote: > Hi Mark, > > It looks like you're not quite up to speed on how conditionals work yet, > and that's ok. > > What you have

Re: [ansible-project] error on change notify

For completeness: - name: configure supervisor copy: src=supervisord.conf dest=/etc/supervisor/supervisord.conf notify: restart supervisor - name: configure supervisor defaults copy: src=supervisor.default dest=/etc/default/supervisor notify: restart supervisor - name: copy over file c

Re: [ansible-project] error on change notify

Hi Mark, It looks like you're not quite up to speed on how conditionals work yet, and that's ok. What you have registered in the first call is the result of the operation, which is a hash (or a dictionary, as Python calls it). Each time you are then storing a *different* result in it, as you hav

Re: [ansible-project] error on change notify

You want "when: restart_supervisor|changed". See: http://docs.ansible.com/playbooks_variables.html#filters-often-used-with-conditionals However, by registering the variable each time, you're not going to get the behavior you're after. If the first task changes, but the second two do not, I don't

Re: [ansible-project] Placement of vars_promt

Ansible plays are hashes, they are a collection of attributes. Tasks are an ordered list. Thus including "vars_prompt" ahead or behind "tasks" makes no difference. vars_prompt happens before the current play runs, every time. You can solve this problem by stopping the current play, starting a n

Re: [ansible-project] ec2_facts hung

Nah, it's ok. I'm wondering if the EC2 metadata service had a glitch and was just giving you a very long timeout? On Tue, Sep 9, 2014 at 1:22 PM, Steven Truong wrote: > Hi Michael, > > I am using 1.7.1 and gather_facts was enabled by default. > > And just this morning, I tried again then thin

Re: [ansible-project] copy fails for group ownership

As a general rule, I don't crack open tarballs attached to the list - and I would request that since there are thousands of users on this list we don't start using it for attachments. (I'm not sure I can turn it off). A gist or github repo would be welcome, or even pastebin for smaller things. I

Re: [ansible-project] Re: copy fails for group ownership

On Tue, Sep 9, 2014 at 12:16 PM, Abubakr-Sadik Nii Nai Davis < dwa2...@gmail.com> wrote: > Hello Stein, which distro are you running? I usually run into this > permission issues with SELINUX on CentOS. > Shouldn't be related and I want to discourage casting such impressions of SELinux :) SELinux

Re: [ansible-project] --check shows changes that won't actually happen

Ok please file a ticket and we can investigate. Thanks! On Tue, Sep 9, 2014 at 12:54 PM, Romain Richard < romain.richard.it.engin...@gmail.com> wrote: > Here's a summary: > > | with --diff | without --diff > -- > with --check| cha

[ansible-project] error on change notify

Hi, I am getting the following error one the second run of my play book but i am not sure why or what I should be doing to correct it. fatal: [idb-13] => error while evaluating conditional: {u'changed': False, u'group': u'root', u'uid': 0, 'dest': u'/usr/local/bin/im_supervisor', 'md5sum': 'a5d74

[ansible-project] Placement of vars_promt

My test playbook for the flow I want is shown below: I want some work done, then prompt the user, then more work, a pause, and the end. The thing is that the prompt comes up even before gathering facts, not as suggested by its placement in the playbook. Can the prompting be done be

Re: [ansible-project] Adding lines with variables

In the with_items list, instead of this: "virtual_mailbox_base = {{vmail_dir}}" Try changing it to this: "virtual_mailbox_base = {{vmail_dir.stdout_lines[0]}}" Shaunak On Tue, Sep 9, 2014 at 11:01 AM, John Oliver wrote: > ansible 1.6.10 > > > - name: Get vmail home directory > shell: "/bi

Re: [ansible-project] ec2_facts hung

Hi Michael, I am using 1.7.1 and gather_facts was enabled by default. And just this morning, I tried again then things are working just fine. At this point, it is not an issue but it did happen for me. Sorry for wasting your times, Michael. Thanks for your helps, Steven. On Tuesday, Septembe

[ansible-project] Re: copy fails for group ownership

Can you please tar up the httpd role as you have it and attach it to a reply? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@go

[ansible-project] Adding lines with variables

ansible 1.6.10 - name: Get vmail home directory shell: "/bin/grep vmail /etc/passwd | cut -d':' -f6" register: vmail_dir - name: Modify postfix config lineinfile: dest=/etc/postfix/main.cf line="{{item}}" insertafter='^mydestination\ =\ \$myhostname,\ localhost

Re: [ansible-project] Re: copy fails for group ownership

Og. Sorry. - copy: src=httpd.conf dest="/etc/httpd/conf" 9. sep. 2014 18:54 skrev "Abubakr-Sadik Nii Nai Davis" følgende: > Your attachment does not include the httpd role. Mind sharing it? I have > setup what I feel is similar to your playbook and run it successfully. > I think sharing the http

Re: [ansible-project] --check shows changes that won't actually happen

Here's a summary: | with --diff | without --diff -- with --check| changes | changes -- without --check | no changes | no changes On Tuesday, September 9, 2014 9:42:05 AM UTC-7, Michae

Re: [ansible-project] Re: copy fails for group ownership

Your attachment does not include the httpd role. Mind sharing it? I have setup what I feel is similar to your playbook and run it successfully. I think sharing the httpd role may help in reproducing your problem. -- You received this message because you are subscribed to the Google Groups "Ansi

Re: [ansible-project] How do you store login info only once?

Yeah I prefer groupvars for that reason too. I just put it in the 'all' group for now, felt less cumbersome than dealing with static group relations. Thanks for the reply :-) On Sep 9, 2014 7:46 PM, "Michael DeHaan" wrote: > The larger group could work. vars_files could be a good thing too. > >

Re: [ansible-project] How do you store login info only once?

The larger group could work. vars_files could be a good thing too. vars_files: - rabbit_login_info.yml etc I tend to use group_vars pretty heavily, because they are automatically loaded. On Tue, Sep 9, 2014 at 6:55 AM, Hagai Kariti wrote: > Hi all > I have a pattern question. Let's s

Re: [ansible-project] su_exe feature

excellent! On Tue, Sep 9, 2014 at 3:06 AM, Edgars wrote: > Well, sesu supports "-" flag and "-c" flag just like su. Those two are > most important I guess. The main difference is that su requires root > password when you switch to root while sesu requires user password, just > like sudo. But I

Re: [ansible-project] How to get variables from python to Ansible?

This seems to be a different question. Since this is about writing modules, would you mind asking on ansible-devel? Apologies on being the list cop but this is a very active list, and I also want to encourage the devel list a bit. Thanks! On Mon, Sep 8, 2014 at 6:15 PM, Tiglath wrote: > > I u

Re: [ansible-project] Advanced Control over Role Requirements Files (git clone ssh)

Thanks, I commented on it - I would use https:// for anonymous checkouts on GitHub but we can investigate. On Tue, Sep 9, 2014 at 5:46 AM, Patrick Schirch < patrick.schi...@googlemail.com> wrote: > Created an issue on > Github ... > > Am Sonntag,

Re: [ansible-project] Ansible's docker module volumes option is a mystery (to me)

Ok can you please file a ticket on this one so we can investigate? Thanks! On Mon, Sep 8, 2014 at 5:44 PM, Matt Hughes wrote: > [clduser@docker-registry ~]$ sudo docker -v > Docker version 1.1.2, build d84a070/1.1.2 > > [clduser@docker-registry ~]$ pip list | grep docker > docker-py (0.4.0) > >

Re: [ansible-project] ec2_facts hung

Hmm, that's interesting. This may not help, but what version of Ansible are you on and is this the first task in your playbook? (Also, is gather_facts enabled? If it gathers facts, this is the 2nd task and my question is not relevant). On Mon, Sep 8, 2014 at 8:35 PM, Steven Truong wrote: >

Re: [ansible-project] --check shows changes that won't actually happen

I'm wondering if this may be because it doesn't have permission to read them and the --diff flag has a buglet in it. check should be generally fine, I would suspect the diff logic could be throwing it. Does it report a change w/o --diff ? On Tue, Sep 9, 2014 at 12:32 PM, Romain Richard < romai

Re: [ansible-project] --check shows changes that won't actually happen

Installed Ansible 1.7.1 from the ppa: $ ansible --version ansible 1.7.1 And I am seeing the exact same output as with the 1.6.3, the --check still reports the the authorized_keys files on the remote host are empty (the diff is still the same). On Tuesday, September 9, 2014 8:47:06 AM UTC-7, Mi

Re: [ansible-project] Re: copy fails for group ownership

$ sestatus SELinux status: disabled $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 6.5 (Santiago) 2014-09-09 18:16 GMT+02:00 Abubakr-Sadik Nii Nai Davis : > Hello Stein, which distro are you running? I usually run into this > permission issues with SELINUX on C

Re: [ansible-project] copy fails for group ownership

I have attached the whole shebang to reproduce it. Requirements is: - the same username on the server set up with an authorized key and belonging to a group. - A file: /etc/httpd/conf/httpd.conf owned by a different user, but writable for the group the first user belongs to. 2014-09-09 17:45 GM

[ansible-project] Re: copy fails for group ownership

Hello Stein, which distro are you running? I usually run into this permission issues with SELINUX on CentOS. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [ansible-project] Register module output as host variables

Wonderful! Thank you. ". The above obviously failed because register can not be associated with the host on which the module run." For the above, say I run a command in a task on every host in a play. I was thinking it wil be nice to register the output of the command such that the output of the

Re: [ansible-project] Support for SHA256/SHA512 checksumming

Basically referring to the logic to decide if a file needs to be transferred or not? A GitHub issue doesn't really do us a lot of good - Open Source is about itch scratching and the likelihood of someone else wanting to scratch your particular itch might be low - but a pull request would be intere

Re: [ansible-project] --check shows changes that won't actually happen

Ansible 1.6.3 is no longer the active released version of Ansible, and since 1.6.3 there have been many updates, many security related. When reporting issues, it's helpful to have tested at least the latest release, which is 1.7.1. If you see diff issues there, let us know, but seeing you reporte

Re: [ansible-project] copy fails for group ownership

Can you show more of the playbook in context? I'm missing task names and such and wanted to be clear about something. I may have some other questions after that. On Mon, Sep 8, 2014 at 5:51 PM, Stein Inge Morisbak wrote: > Yup. It is non-sudo and non-root. > > $ ansible --version > ansible 1

Re: [ansible-project] Register module output as host variables

". The above obviously failed because register can not be associated with the host on which the module run." I'm not understanding this part entirely, but I'd recommend authorizing keys for specific users and setting up sudo in general in that case. For our own ansible infrastructure, this involv

[ansible-project] Support for SHA256/SHA512 checksumming

I'm running into an issue using Ansible and MD5 checksumming on a FIPS compliant CentOS KVM system (ValueError: error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips). Unfortunately FIPS-compliant systems/software typically disallow use of MD5 due to collision attack vul

[ansible-project] Are there any function to find duplication of file transfer destination in "copy" and "template" tasks

Hi all, I'm using Ansible for configuration management. Does Ansible have any function to detect overlaping of file modification in "copy" / "template" tasks? I want to get some messages or warnings to know overlaping in the following situation. Example -- The main playbook uses ro

[ansible-project] Register module output as host variables

Hello gentle people, I think being able to register the output of commands/modules as host variables will be very useful. I got this idea writing a playbook to do; 1. create a root user key pair for a couple hosts 2. authorizing the root user public key of all hosts to connect to all other hos

Re: [ansible-project] Merge the roles of two plays into one

Am Sonntag, 7. September 2014 14:33:48 UTC+2 schrieb Michael DeHaan: > > "So problem with that is now that shared-dependencies between the two > plays are not detected as shared dependencies: If the project specific > playbook lamp depends on role PHP and the vagrant playbook contains another >

[ansible-project] Minimum IAM permissions required for S3 module

Hi there, In the s3 module documentation would it be possible to include the minimum IAM permissions required? Many thanks -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, se

[ansible-project] How do you store login info only once?

Hi all I have a pattern question. Let's say I use ansible to both provision a server (RabbitMQ in my case) and to deploy an application that will connect to that server. Of course I save the login info in a vaulted group_vars file. However, since the server and the application run on different s

Re: [ansible-project] Advanced Control over Role Requirements Files (git clone ssh)

Created an issue on Github ... Am Sonntag, 7. September 2014 19:50:45 UTC+2 schrieb Patrick Schirch: > > Ansible >> ansible 1.8 (devel 8cc3543918) last updated 2014/09/07 11:14:49 > (GMT +200) > Git >> 1.9.1 > > ssh://git@ourgitlabhost:examp

Re: [ansible-project] su_exe feature

Well, sesu supports "-" flag and "-c" flag just like su. Those two are most important I guess. The main difference is that su requires root password when you switch to root while sesu requires user password, just like sudo. But I don't think that this should be problem. Edgars pirmdiena, 2014.