Hi Kai,
I was trying to write IPtable rules for database servers in ansible,
wherein every time an admin server is added into the environment it should
be allowed to ssh to the database server.
I tried to use Matt's idea of with_items and tried to call hosts listed in
the admin:children ( in the child group ) and unfortunately, it didn't work.
My question was that with_items can look for hosts listed in the child
groups in the inventory?
Regards
VK
On Thursday, 14 August 2014 22:16:32 UTC+1, Abe Voelker wrote:
>
> I have an inventory file like this:
>
> [webservers]
> 10.0.0.1
> 10.0.0.2
> 10.0.0.3
>
> [postgresservers]
> 10.0.0.4
>
> And I'm trying to run this playbook against my Postgres host:
>
> ---
> - name: Allow eth1 port 5432 access to Web servers
> ufw: rule=allow interface=eth1 direction=in port=5432 proto=tcp src={{
> item }}
> with_items:
> {% for host in groups['webservers'] %}
> - "{{ hostvars[host]['ansible_eth1']['ipv4']['address'] }}"
> {% endfor %}
>
> What I'm trying to accomplish is for the playbook to determine each Web
> host's eth1 IPv4 address (which is different from the eth0 IPv4 address
> listed in the inventory file) and add allowances for them in the Postgres
> host's firewall.
>
> However, my syntax is incorrect (sorry, I'm a Python noob):
>
> ERROR: Syntax Error while loading YAML script,
> /tmp/ansible/roles/postgres/tasks/firewall.yml
> Note: The error may actually appear before this position: line 5, column 6
>
>
> with_items:
> {% for host in groups['web_servers'] %}
> ^
>
> Am I taking the right approach here and just need to fix my syntax, or is
> there a better way?
>
> Thanks!
> Abe
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/390b9ff7-1b8e-47cd-a90e-0adeea64f169%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
