[ansible-project] ansible and grep

[Dimitar Hristov]

Hi Guys,

I'm working on a playbook, which sets up sftp accounts and changes some 
rules in iptables. What I need is to check whether an IP address is added 
in the firewall. My tasks, when I use "grep", fail. Here are the tasks:

###################
#   # doesn't work
# - name: Test
#   shell: grep {{ owner }} /etc/ssh/sshd_config
#   register: test_output
#
# - debug: msg={{ test_output.stdout }}
##################


   # this doesn't work for some reason
# - name: Check if the ip address exists in /etc/fw
#   shell: grep "{{ ip_address }}" /etc/fw
#   register: shell_output

   # doesn't work too
 - name: Check if ip address is in the firewall
   shell: iptables -L -n | grep "{{ ip_address }}"
   register: iptables_output

 - debug: msg={{ iptables_output.stdout }}

# - debug: msg={{ shell_output.stdout }}


Here's the error (run against 2 hosts), with -vvvv:

TASK: [create-sftp | Check if ip address is in the firewall] 
****************** 
<bgva-cos7-test1> ESTABLISH CONNECTION FOR USER: dimitar
<bgva-cos7-test2> ESTABLISH CONNECTION FOR USER: dimitar
<bgva-cos7-test1> REMOTE_MODULE command iptables -L -n | grep 
"200.100.50.1" #USE_SHELL
<bgva-cos7-test2> REMOTE_MODULE command iptables -L -n | grep 
"200.100.50.1" #USE_SHELL
<bgva-cos7-test1> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/dimitar/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 bgva-cos7-test1 /bin/sh 
-c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319 && 
chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319 && 
echo $HOME/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319'
<bgva-cos7-test2> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/dimitar/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 bgva-cos7-test2 /bin/sh 
-c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004 && 
chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004 && 
echo $HOME/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004'
<bgva-cos7-test1> PUT /tmp/tmpTzNNO9 TO 
/home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319/command
<bgva-cos7-test2> PUT /tmp/tmpqOc14s TO 
/home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004/command
<bgva-cos7-test1> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/dimitar/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 bgva-cos7-test1 /bin/sh 
-c 'sudo -k && sudo -H -S -p "[sudo via ansible, 
key=frjrmedozkhjgxxuonfotcxzpdkytwbu] password: " -u root /bin/sh -c 
'"'"'echo BECOME-SUCCESS-frjrmedozkhjgxxuonfotcxzpdkytwbu; LANG=C 
LC_CTYPE=C /usr/bin/python 
/home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319/command; 
rm -rf /home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-64676685734319/ 
>/dev/null 2>&1'"'"''
<bgva-cos7-test2> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o 
ControlPersist=60s -o 
ControlPath="/home/dimitar/.ansible/cp/ansible-ssh-%h-%p-%r" -o 
KbdInteractiveAuthentication=no -o 
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey 
-o PasswordAuthentication=no -o ConnectTimeout=10 bgva-cos7-test2 /bin/sh 
-c 'sudo -k && sudo -H -S -p "[sudo via ansible, 
key=ezmydxmmvjdksoohxzupfpnyfuhqnnou] password: " -u root /bin/sh -c 
'"'"'echo BECOME-SUCCESS-ezmydxmmvjdksoohxzupfpnyfuhqnnou; LANG=C 
LC_CTYPE=C /usr/bin/python 
/home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004/command; 
rm -rf /home/dimitar/.ansible/tmp/ansible-tmp-1440594213.1-88397253344004/ 
>/dev/null 2>&1'"'"''
failed: [bgva-cos7-test1] => {"changed": true, "cmd": "iptables -L -n | 
grep \"200.100.50.1\"", "delta": "0:00:00.005236", "end": "2015-08-26 
16:03:34.189480", "rc": 1, "start": "2015-08-26 16:03:34.184244", 
"warnings": []}
failed: [bgva-cos7-test2] => {"changed": true, "cmd": "iptables -L -n | 
grep \"200.100.50.1\"", "delta": "0:00:00.005521", "end": "2015-08-26 
16:03:34.143277", "rc": 1, "start": "2015-08-26 16:03:34.137756", 
"warnings": []}

FATAL: all hosts have already failed -- aborting

Any idea what's wrong with the playbook?

Regards,
DH

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9ecb8179-1acc-41f1-92c5-44261b387deb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.