[ansible-project] Ansible sometime could not get the output from the runner._low_level_exec_command,this would cause the task to fail.
Ansible version 1.5.3 Out playbook look like below: debug.ym: - hosts: - cnode463 tasks: - include: roles/conf/tasks/hadoop.yml hadoop.yml - name: copy hadoop conf sudo: yes template: src={{ TEMPLATE_DIR }}/hadoop/{{item}}.j2 dest=/etc/hadoop/conf/{{item}} with_items: - core-site.xml - hdfs-site.xml - hdfs-site.private.xml - log4j.properties - hadoop-env.sh when running the playbook, sometime we get failed. TASK: [copy hbase conf] *** ok: [cnode463] = (item=hbase-site.xml) ok: [cnode463] = (item=log4j.properties) failed: [cnode463] = (item=hbase-env.sh) = {failed: true, item: hbase-env.sh, parsed: false} FATAL: all hosts have already failed -- aborting PLAY RECAP cnode463 : ok=1changed=0unreachable=0failed=1 I debug the ansible code and add below code to print the result of running runner._low_level_exec_command print print cmd +str(cmd) print out +str(out) print err +str(err) print And last I found that _low_level_exec_command may not get the output of the cmd correctly. the debug log is below: cmd mkdir -p $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 echo $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 out /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 err cmd rc=0; [ -r /etc/hadoop/conf/yarn-site.private.xml ] || rc=2; [ -f /etc/hadoop/conf/yarn-site.private.xml ] || rc=1; [ -d /etc/hadoop/conf/yarn-site.private.xml ] echo 3 exit 0; (/usr/bin/md5sum /etc/hadoop/conf/yarn-site.private.xml ) || (/sbin/md5sum -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/digest -a md5 /etc/hadoop/conf/yarn-site.private.xml ) || (/sbin/md5 -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/md5 -n /etc/hadoop/conf/yarn-site.private.xml ) || (/bin/md5 -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/csum -h MD5 /etc/hadoop/conf/yarn-site.private.xml ) || (/bin/csum -h MD5 /etc/hadoop/conf/yarn-site.private.xml ) || (echo ${rc} /etc/hadoop/conf/yarn-site.private.xml) out err cmd /usr/bin/python /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534/copy; rm -rf /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534/ /dev/null 21 out err failed: [cnode463] = (item=yarn-site.private.xml) = {failed: true, item: yarn-site.private.xml, parsed: false} This problem appear more and more frequently.Is it possible to fix it ? -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ebfbbec6-d60c-4885-9cf9-912dc2edefd7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] How do I stage a configuration change?
Michael DeHaan mich...@ansible.com napisał: I would not recommend using a seperate branch unless there are seperate versions of the product, branching is great for versions, not great for environments. What do you think about having a staging branch that's followed by a production one? Then production would have an easy to see lag, and could even have custom hotfixes. I've seen this model work for web apps versioning, and I wonder if it's recommended for Ansible. It would still use the standard mechanisms (separate inventories, group/host vars) for differences between those environments in configuration, but not for difference in time when the configuration was deployed. Differences in environment should be modelled by differences in group_variables where possible -- and possibly in a slightly different top level playbook, all leveraging many common roles. Then it's just ansible-playbook site.yml -i production vs ansible-playbook site.yml -i stage On Tue, Apr 1, 2014 at 5:35 PM, Alex King a...@king.net.nz wrote: Hi, I'm new to ansible but liking what I see so far. I'm using it to configure a bunch of machines acting as routers across a region, and I like the model so far. Now I'm trying to set up a couple of machines as a staging environment so I can check out configuration changes before I push them to production machines. In http://docs.ansible.com/playbooks_best_practices.html a separate inventory file for stage and production is recommended. OK, but how do I actually apply a different configuration to the staging machines from production? I see further down it's recommended to keep the playbooks and inventory files in git. Am I supposed to branch the whole thing and use a test branch which gets applied to staging machines? Or is there an ansible feature to switch between staging and production? I have a simple file copy which I want to do different on staging vs. production. I could set up a template and choose different content depending on whether we're deploying to staging or production, but that seems the wrong way to do it. It's really just a different version of the same file, and I want to choose one version for staging servers and another for production. How do others do this? Cheers, Alex -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2423c0ad-5a15-4d32-be13-0535344fe7bd%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/2423c0ad-5a15-4d32-be13-0535344fe7bd%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Wysłane za pomocą K-9 Mail. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/9b731735-3c6c-4c85-be2d-cc9a8434e5be%40email.android.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Different group vars based on the inventory, aka staging vs prod
Hi Kalman, I have to deal with similar challange as well. IMHO design is good however with complex configuraiton is starting quite challanging. We have much more environment to setup for the same product and is not easy to do that with inventories and groups. (for example we have Dev on local machines / Dev-Test on ESXi / Pre-production / Dedicated servers / RackSpace cloud. And each of this evnrionment have something different - for example RackSpace cloud is behind NAT - so you can't use IP from fact to update nagios rules on remote server, you must map this to exterrnal IP - Dealing with apache vhosts configuration - different domains for internal testings and production environment. Challnages which we have at this moment: - Be sure which variable is used, Ansible documentation says that variable should be define only in one place, and with complex configuration this is not easy especially if environmentens are differnt. - Detecting whether variable is defined or not before run plays (is quite hard to find out whehre I should put variable if nasible complains in the middle of runing - 'variable' not defined' I am not saying that this is bad, etc. I am just saying that is challaning (at least for me) manage or variables in proper way (so far) to allow easy run playbook on all targets (producton / dev / test / etc). So, have hope that we will find the right way. PS. I am trying to find a way whether there is possible to force ansible to inform me about variable files which has been loaded. For example when you're using ''var_files'' with many files - search for first - ansible reports which file was readed: Loaded var file CentOS.yml, would be very nice to have option to see this as well for default variables like group_vars / hosts_vars, etc. We will see what is possible to achieve. Good luck. Best regards, Marcin Praczko -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/71f7a502-d99a-4488-98ed-e9be41f26474%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Different group vars based on the inventory, aka staging vs prod
Hi, I can imagine that, with more and more environments it can be tricky, however it seems we can easily manage our development, staging and production environemnts, with Michael's latest advice. Currently we have the following directory layout (roughly) and our inventory files looking like I wrote in my previous message: . ├── inventory │ ├── group_vars │ │ ├── all.yml │ │ ├── development.yml │ │ ├── loadbalancers.yml │ │ ├── production.yml │ │ ├── staging.yml │ │ └── webservers.yml │ ├── development │ ├── production │ └── staging ├── roles │ ├── loadbalancer │ ├── webserver ├── loadbalancers.yml ├── site.yml └── webservers.yml ... and I can say that it's working very well for us. ;) According to your desire to find a way to get informed about loaded var files, maybe worth to take a look around Ansible callbacks, herehttp://www.ansible.com/blog/listen-to-your-servers-talkis a nice post about it, not sure if is there a callback for this, it's just an idea. ;) -- Kalman On Thursday, April 3, 2014 1:40:07 PM UTC+2, Marcin Prączko wrote: Hi Kalman, I have to deal with similar challange as well. IMHO design is good however with complex configuraiton is starting quite challanging. We have much more environment to setup for the same product and is not easy to do that with inventories and groups. (for example we have Dev on local machines / Dev-Test on ESXi / Pre-production / Dedicated servers / RackSpace cloud. And each of this evnrionment have something different - for example RackSpace cloud is behind NAT - so you can't use IP from fact to update nagios rules on remote server, you must map this to exterrnal IP - Dealing with apache vhosts configuration - different domains for internal testings and production environment. Challnages which we have at this moment: - Be sure which variable is used, Ansible documentation says that variable should be define only in one place, and with complex configuration this is not easy especially if environmentens are differnt. - Detecting whether variable is defined or not before run plays (is quite hard to find out whehre I should put variable if nasible complains in the middle of runing - 'variable' not defined' I am not saying that this is bad, etc. I am just saying that is challaning (at least for me) manage or variables in proper way (so far) to allow easy run playbook on all targets (producton / dev / test / etc). So, have hope that we will find the right way. PS. I am trying to find a way whether there is possible to force ansible to inform me about variable files which has been loaded. For example when you're using ''var_files'' with many files - search for first - ansible reports which file was readed: Loaded var file CentOS.yml, would be very nice to have option to see this as well for default variables like group_vars / hosts_vars, etc. We will see what is possible to achieve. Good luck. Best regards, Marcin Praczko -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/b85d7d9b-8ffc-4245-bd9e-66a2f0e15e9c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: Different group vars based on the inventory, aka staging vs prod
On 3 April 2014 15:51, Marcin Prączko marcin.prac...@gmail.com wrote: Or this is the same behaviour and ansible is just searching both of them? Yes. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEhzMJBQf3tsR8gHgiRY4HDk7sWy%3DriTdHWh6RKAsDLB4iCP5A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Run role based on local facts - if variable is not defined.
Hi, Can I have a bit of more light of this please? I checked what means short circuit evaluation (http://en.wikipedia.org/wiki/Short-circuit_evaluation) however my evaluation is not working. roles: - { role: test_roleversion, when: ansible_local.apache.version not defined or module.version ansible_local.apache.version } Return error: fatal: [IP-HERE] = error while evaluating conditional: ansible_local.apache.version not defined or module.version ansible_local.apache.version Thanks for help. Marcin P. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/96784c40-3924-4f87-9824-59cc93edf465%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Variables in defaults/main.yml of a role are accessible from other roles. What if we have same {{ VAR }} names in several roles? Just wanted to check if this case is intended.
Hi, I stumbled onto little mind game with ansible today : D . I have three roles that are tagged. - hosts: vagrant sudo: yes roles: - {role: ansible_users, tags: users} - {role: ansible_nginx, tags: nginx} - {role: ansible_mysql, tags: mysql} I have defaults/main.yml for ansible_users and ansible_mysql in their respective places. This is ansible_users defaults: --- users: - user: detlic webdir: - woodpecker - aligator - user: keder webdir: [] This is ansible_mysql defaults: --- users: - user: detlic db: - aligatordb - woodpeckerdb - user: jazavac db: - badgerdb - ddaybdb I have left NGINX role without defaults. How I understand things is that NGINX will inherit defaults vars from other roles and use them where it can. But in this case {{ VARS }} are named the same in both USER and MYSQL roles. NGINX role is before MYSQL from whoom it should inherit vars? In my test case it inherits it from the LAST role in the list. So in this case it is MYSQL. If I remove MYSQL role from a list then everything is fine. Another thing is if I leave MYSQL role present BUT use TAGS and play roles with jsut USERS and NGINX tags, still NGINX inherits defaults from MYSQL. Can someone comment on this. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/eb9bf810-d04e-4998-86e4-72e0ab8aa791%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Run role based on local facts - if variable is not defined.
Hi, Seems be working - that to be some TABS instead of spaces on the begining of line: roles: - { role: test_roleversion, when: ansible_local.apache.version is not defined or module.version ansible_local.apache.version}Best regards, Thanks for help. Marcin Praczko -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/6277d029-1988-4f8a-ad38-ab0594beab02%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Run role based on local facts - if variable is not defined.
Hi, Don't know why worked only once, no luck with this still. Givining up.: ( :( This syntax at a least run condition everytime and not reporting error: roles: - { role: test_roleversion, when: { ansible_local.apache.version is not defined or module.version ansible_local.apache.version } } Everything else which I tried after running command on remote node: rm -f /etc/ansible/facts/* failed with error: error while evaluating conditional: ansible_local.apache.version is not defined or module.version ansible_local.apache.version Marcin. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5fe22919-7085-48c8-a4f0-eeaff821801c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Run role based on local facts - if variable is not defined.
Hi, I think problem lies in multi level of variable: Checking if ansible_local is defined working as expected, however checking ansible_local.somevars - here automatically raise and error. This means that variable must be check from top level to bootom. If ansible_local is not defined and ansible_local.somevar is not define and if ansible_local.somevar.a is not defined Best regards, Marcin -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fb905a6e-7a08-42ff-beb6-38eaeeca3cf1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: Run role based on local facts - if variable is not defined.
The YAML parser may be reading the '' as the line continuation character, so you may need to wrap that in quotes: - { role: test_roleversion, when: ansible_local.apache.version is not defined or module.version ansible_local.apache.version } On Thu, Apr 3, 2014 at 9:29 AM, Marcin Prączko marcin.prac...@gmail.comwrote: Hi, Don't know why worked only once, no luck with this still. Givining up.: ( :( This syntax at a least run condition everytime and not reporting error: roles: - { role: test_roleversion, when: { ansible_local.apache.version is not defined or module.version ansible_local.apache.version } } Everything else which I tried after running command on remote node: rm -f /etc/ansible/facts/* failed with error: error while evaluating conditional: ansible_local.apache.version is not defined or module.version ansible_local.apache.version Marcin. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/5fe22919-7085-48c8-a4f0-eeaff821801c%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/5fe22919-7085-48c8-a4f0-eeaff821801c%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAFg%2Bn8QWms0nEAitGYMiOqZ9a5MqeY_tWOx8pYhMLf22m%3DgMhg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Deleting files based on a name pattern
Thanks. I kind of came to that same conclusion about shelling it out, but hoping I was missing something. James On Wednesday, April 2, 2014 4:33:19 PM UTC-4, Michael DeHaan wrote: Nope, the file module doesn't accept shell wildcards, it needs real filenames. I'd shell out to rm in this case, though you won't be able to use the deletes= keyword to the shell module to override the changed value so it will register as a change every time. On Wed, Apr 2, 2014 at 1:05 PM, James Carroll james@idmworks.comjavascript: wrote: I'm trying to clear a directory with certain file names based on a pattern and it doesn't seem to work: - name: Remove any extant jars file: name={{app_home}}/server/deploy/{{item}} state=absent with_items: - *token*.jar - *opm*.jar - *pf-sm*.jar This isn't working; the existing jars stay there even though Ansible reports CHANGED on all three. I need this since these jars have their versions in their names and I need to make sure that they are deleted prior to pushing the updated files. Thanks, __ The information contained in this email message and any attachment may be privileged, confidential, proprietary or otherwise protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copying or use of this message and any attachment is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and permanently delete it from your computer and destroy any printout thereof. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com javascript:. To post to this group, send email to ansible...@googlegroups.comjavascript: . To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/192f125e-8d10-4b6e-8887-1b71e7c67db4%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/192f125e-8d10-4b6e-8887-1b71e7c67db4%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- __ The information contained in this email message and any attachment may be privileged, confidential, proprietary or otherwise protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copying or use of this message and any attachment is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and permanently delete it from your computer and destroy any printout thereof. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/801753f7-4a69-4f7f-b4b5-2607380c40e6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] What is the best way to run a playbook after provisioning?
Hi Michael, I think the way you'd want to do this is to provision your machines, then use the add_hosts (or the group_by) module to dynamically create groups of servers based on variable data . Then, create playbooks that target each group. So, for example, you create a series of web servers, add them to a group called *web* with add_hosthttp://docs.ansible.com/add_host_module.htmlor group_by http://docs.ansible.com/group_by_module.html, then target the group *'web'* in a playbook using include statements. If there are hosts in the web group, the playbook will run. For included playbooks that have no hosts for groups that are targeted, the playbook will be skipped. I do something like this, albeit on a very small scale, in a sample playbook I wrote to spin up a cloud instance, wait for it to come online, then install Docker on it. https://github.com/angstwad/ansible-docker-rackspace/blob/master/playbooks/rax-servers.yml If you look at that play, the second task is adding the server created in the first task to a group called dockergroup. I can then later do work on that group by creating a play that targets hosts: dockergroup. Hope that helps. On Wed, Apr 2, 2014 at 6:59 PM, Michael Lieberman mlieberma...@gmail.comwrote: I have a provision playbook: https://gist.github.com/mlieberman85/c144fcc384cfcdc992d8 and the last line of it doesn't work because roles can't be variables I guess. Also there's no way to conditionally include playbooks only task files. What is the best practice to have a single provision set of tasks that runs locally to provision an instance and then based off of variables runs a role on the spun up instance(s)? -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c6698e6c-eb73-4f7a-862f-06e52ef12d82%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/c6698e6c-eb73-4f7a-862f-06e52ef12d82%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAK6JQEH%3DShq1N2rZKLJ0A%2Bu8OU%2BR-2RPi-tgjT5ZeXBqEPBYrA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Deleting files based on a name pattern
You could shell out to collect the filenames if you still want to use the Ansible objects to do the deletions (this code assumes your shell is bash): - shell: ls {{app_home}}/server/deploy/*{token,opm,pf-sm}*.jar register: jars_to_cleanup ignore_errors: yes - file: name={{item}} state=absent with_items: jars_to_cleanup.stdout_lines Not sure if that's better or worse than just shelling out for the rm statement, but it's an option. Perhaps Ansible needs a glob-expansion function/operator to handle such a case? On Thu, Apr 3, 2014 at 10:37 AM, James Carroll james.carr...@idmworks.comwrote: Thanks. I kind of came to that same conclusion about shelling it out, but hoping I was missing something. James On Wednesday, April 2, 2014 4:33:19 PM UTC-4, Michael DeHaan wrote: Nope, the file module doesn't accept shell wildcards, it needs real filenames. I'd shell out to rm in this case, though you won't be able to use the deletes= keyword to the shell module to override the changed value so it will register as a change every time. On Wed, Apr 2, 2014 at 1:05 PM, James Carroll james@idmworks.comwrote: I'm trying to clear a directory with certain file names based on a pattern and it doesn't seem to work: - name: Remove any extant jars file: name={{app_home}}/server/deploy/{{item}} state=absent with_items: - *token*.jar - *opm*.jar - *pf-sm*.jar This isn't working; the existing jars stay there even though Ansible reports CHANGED on all three. I need this since these jars have their versions in their names and I need to make sure that they are deleted prior to pushing the updated files. Thanks, __ The information contained in this email message and any attachment may be privileged, confidential, proprietary or otherwise protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copying or use of this message and any attachment is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and permanently delete it from your computer and destroy any printout thereof. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com. To post to this group, send email to ansible...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/ansible-project/192f125e-8d10-4b6e-8887- 1b71e7c67db4%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/192f125e-8d10-4b6e-8887-1b71e7c67db4%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. __ The information contained in this email message and any attachment may be privileged, confidential, proprietary or otherwise protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, copying or use of this message and any attachment is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and permanently delete it from your computer and destroy any printout thereof. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/801753f7-4a69-4f7f-b4b5-2607380c40e6%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/801753f7-4a69-4f7f-b4b5-2607380c40e6%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAN3s8zZ_q4gKOzNyjAtfVUnzd0FN%2BSdBWpktZ_j89ggy_uYX3w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] provisioning attempts on VPS and VirtualBox (vagrant) Ubuntu distros leads to different results
I think this is a side effect of the many package managers out there, and unfortunately, is the nature of the beast. Your VPS has chosen to image a version of Ubuntu that has fewer packages installed than your Vagrant VM. Yes, this is confirmed by at least one respondent to my question about this on Digital Ocean: www.digitalocean.com/community/questions/why-are-my-virtualbox-ubuntu-images-different-from-the-same-do-distros Since my post, I've been encountering this difference between Digital Ocean Ubuntu VMs and my local VirtualBox development VMs routinely. Thanks, G -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/241fe9e5-f739-4418-a4db-0ddb7a6ca2e3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Authentication or permission failure
Please file a bug on this one with steps to reproduce, including a playbook if you can share and we can take a look. I'd consider SSH pipelining if it works for you though, as it's mostly as fast as accelerate mode, and also nicer. We may also want to consider toning down the accelerate mode logging, that's a little verbose -- though maybe helpful in this case. Thanks! On Wed, Apr 2, 2014 at 6:13 PM, Nicolas Rodriguez nrodrig...@jbox-web.comwrote: Hi! I've updated Ansible from 1.4.4 to 1.5.4 and now I've got this new error : fatal: [xxx.xxx.xxx] = Authentication or permission failure. In some cases, you may have been able to authenticate and did not have permissions on the remote directory. Consider changing the remote temp path in ansible.cfg to a path rooted in /tmp. Failed command was: mkdir -p /tmp/ansible-tmp-1396476553.37-249366537253256 echo /tmp/ansible-tmp-1396476553.37-249366537253256, exited with result 2 FATAL: all hosts have already failed -- aborting in syslog : Apr 3 00:09:13 qualif ansible-accelerate: waiting for data Apr 3 00:09:13 qualif ansible-accelerate: in recv_data(), waiting forthe header Apr 3 00:09:13 qualif ansible-accelerate: in recv_data(), got the header,unpacking Apr 3 00:09:13 qualif ansible-accelerate: data received so far (expecting 89): 0 Apr 3 00:09:13 qualif ansible-accelerate: data received so far (expecting 89): 89 Apr 3 00:09:13 qualif ansible-accelerate: received all of the data,returning Apr 3 00:09:13 qualif ansible-accelerate: got data, decrypting Apr 3 00:09:13 qualif ansible-accelerate: decryption done Apr 3 00:09:13 qualif ansible-accelerate: loading json from the data Apr 3 00:09:13 qualif ansible-accelerate: received a request to validate the user id Apr 3 00:09:13 qualif ansible-accelerate: validating we're running as root Apr 3 00:09:13 qualif ansible-accelerate: response result is {'rc': 0} Apr 3 00:09:13 qualif ansible-accelerate: sending the response back to the controller Apr 3 00:09:13 qualif ansible-accelerate: done sending the response Apr 3 00:09:13 qualif ansible-accelerate: waiting for data Apr 3 00:09:13 qualif ansible-accelerate: in recv_data(), waiting for the header Apr 3 00:09:13 qualif ansible-accelerate: in recv_data(), got the header, unpacking Apr 3 00:09:13 qualif ansible-accelerate: data received so far (expecting 233): 0 Apr 3 00:09:13 qualif ansible-accelerate: data received so far (expecting 233): 233 Apr 3 00:09:13 qualif ansible-accelerate: received all of the data, returning Apr 3 00:09:13 qualif ansible-accelerate: got data, decrypting Apr 3 00:09:13 qualif ansible-accelerate: decryption done Apr 3 00:09:13 qualif ansible-accelerate: loading json from the data Apr 3 00:09:13 qualif ansible-accelerate: received a command request, running it Apr 3 00:09:13 qualif ansible-accelerate: executing: mkdir -p /tmp/ansible-tmp-1396476553.37-249366537253256 echo /tmp/ansible-tmp-1396476553.37-249366537253256 Apr 3 00:09:13 qualif ansible-accelerate: got stdout: Apr 3 00:09:13 qualif ansible-accelerate: got stderr: mkdir: 0: Illegal option -p Apr 3 00:09:13 qualif ansible-accelerate: thread is done, response from join was {'stdout': '', 'stderr': 'mkdir: 0: Illegal option -p\n', 'rc': 2} Apr 3 00:09:13 qualif ansible-accelerate: response result is {'stdout': '', 'stderr': 'mkdir: 0: Illegal option -p\n', 'rc': 2} Apr 3 00:09:13 qualif ansible-accelerate: sending the response back to the controller Apr 3 00:09:13 qualif ansible-accelerate: done sending the response Apr 3 00:09:13 qualif ansible-accelerate: waiting for data Apr 3 00:09:13 qualif ansible-accelerate: in recv_data(), waiting for the header Apr 3 00:09:13 qualif ansible-accelerate: received nothing, bailing out Apr 3 00:09:13 qualif ansible-accelerate: received nothing back from recv_data(), breaking out rolling back to 1.5.0 solves the issue... -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4457110c-992e-4c9e-9a4d-0119dc46a6a2%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/4457110c-992e-4c9e-9a4d-0119dc46a6a2%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit
Re: [ansible-project] Re: Facts Broken EC2 hostname Changed Format
We've already replied to this one with a workaround for those that need it. (The development branch also does not have this problem anymore) On Wed, Apr 2, 2014 at 8:12 PM, Demetri Mouratis dmour...@gmail.com wrote: Bug report: https://github.com/ansible/ansible/issues/6832 -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/860bb215-871c-475f-8309-86da899c7e99%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/860bb215-871c-475f-8309-86da899c7e99%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QM969JkSgcmC0X1LPnOeAA_-4O%3D8ZR2ipzkRt_3ec72YA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Running remote playbooks within a play
Yeah I'm not seeing where you need this yet. Depends on the scale of your infrastructure, but plenty of very very large setups are not doing this -- and really, if you are in that area, treating cloud like cloud and using Ansible to build images is often a great option. On Wed, Apr 2, 2014 at 8:49 PM, herby.gil...@gmail.com wrote: So let's say you have the following situation: - You have some sizable number of hosts, with some particular software that contains its own set of playbooks. - There may be differences in the software versions, and thus playbooks can differ between sets of these remote hosts. - You also have inventory and playbooks outside of these hosts, in your local environment. - You want to run both the local and remote playbooks using the same (local) inventory. In the situation where you don't care about local inventory or context, I guess kicking off a remote execution of Ansible using the shell module or SSH would be an option. But if you _did_ care about the current operating context, it would be interesting if Ansible were able to start a remote slave runner that would then run the remote playbooks/roles using the inventory and context delivered from your current local Ansible running instance (the parent/master). The remote runner would run the remote plays with the host/inventory_hostname set to the remote host's, but at least you'd be able to share context such as facts, variables and inventory and be able to run plays/roles that exist on the remote side. (Just an idea.) On Wednesday, April 2, 2014 4:22:44 PM UTC-4, Michael DeHaan wrote: Calling Ansible with Ansible? There is no suggested course of action, but I suspect you would do exactly that. I'd really want to understand the *why* though. On Wed, Apr 2, 2014 at 1:32 PM, herby@gmail.com wrote: Purely out of curiosity, what is the suggested course of action to run playbooks present on a remote host within a current run of a local Ansible play? The worst case being to use the shell module to actually exec Ansible remotely with the remote playbook, are there more elegant approaches? -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com. To post to this group, send email to ansible...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/ansible-project/5bb90b4c-d9a8-4b9a-9667- d19664504dbe%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/5bb90b4c-d9a8-4b9a-9667-d19664504dbe%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7a17c3e8-b323-4ab3-9694-b3b06d1ba837%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/7a17c3e8-b323-4ab3-9694-b3b06d1ba837%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QNO8mv9GLBB3JL8cgoGSQPbXaEFYG208Tj2cQzi_Ea-aQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Ansible sometime could not get the output from the runner._low_level_exec_command,this would cause the task to fail.
Haven't seen this. If you can set up a minimal example that can reproduce this one and file a ticket we can help take a look. On Thu, Apr 3, 2014 at 3:28 AM, qiu jiawei qus.jia...@gmail.com wrote: Ansible version 1.5.3 Out playbook look like below: debug.ym: - hosts: - cnode463 tasks: - include: roles/conf/tasks/hadoop.yml hadoop.yml - name: copy hadoop conf sudo: yes template: src={{ TEMPLATE_DIR }}/hadoop/{{item}}.j2 dest=/etc/hadoop/conf/{{item}} with_items: - core-site.xml - hdfs-site.xml - hdfs-site.private.xml - log4j.properties - hadoop-env.sh when running the playbook, sometime we get failed. TASK: [copy hbase conf] *** ok: [cnode463] = (item=hbase-site.xml) ok: [cnode463] = (item=log4j.properties) failed: [cnode463] = (item=hbase-env.sh) = {failed: true, item: hbase-env.sh, parsed: false} FATAL: all hosts have already failed -- aborting PLAY RECAP cnode463 : ok=1changed=0unreachable=0failed=1 I debug the ansible code and add below code to print the result of running runner._low_level_exec_command print print cmd +str(cmd) print out +str(out) print err +str(err) print And last I found that _low_level_exec_command may not get the output of the cmd correctly. the debug log is below: cmd mkdir -p $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 echo $HOME/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 out /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534 err cmd rc=0; [ -r /etc/hadoop/conf/yarn-site.private.xml ] || rc=2; [ -f /etc/hadoop/conf/yarn-site.private.xml ] || rc=1; [ -d /etc/hadoop/conf/yarn-site.private.xml ] echo 3 exit 0; (/usr/bin/md5sum /etc/hadoop/conf/yarn-site.private.xml ) || (/sbin/md5sum -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/digest -a md5 /etc/hadoop/conf/yarn-site.private.xml ) || (/sbin/md5 -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/md5 -n /etc/hadoop/conf/yarn-site.private.xml ) || (/bin/md5 -q /etc/hadoop/conf/yarn-site.private.xml ) || (/usr/bin/csum -h MD5 /etc/hadoop/conf/yarn-site.private.xml ) || (/bin/csum -h MD5 /etc/hadoop/conf/yarn-site.private.xml ) || (echo ${rc} /etc/hadoop/conf/yarn-site.private.xml) out err cmd /usr/bin/python /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534/copy; rm -rf /home/hadoop/.ansible/tmp/ansible-tmp-1396508595.41-255928955172534/ /dev/null 21 out err failed: [cnode463] = (item=yarn-site.private.xml) = {failed: true, item: yarn-site.private.xml, parsed: false} This problem appear more and more frequently.Is it possible to fix it ? -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ebfbbec6-d60c-4885-9cf9-912dc2edefd7%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/ebfbbec6-d60c-4885-9cf9-912dc2edefd7%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QP0Kw4tcqpWaCOjD%2B5vKQ1UL6wN%2BmXMVK0SNwWd0OT%2BPw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] How do I stage a configuration change?
I'm generally not a fan of keeping production/stage variance differed by branch. The reason for this is merging is a fun exercise and then diff across branches is complicated. I'd look towards branches as you do in software projects and use them for different versions of things, but think of prod vs stage as two different models, rather than branches. So what is a stage webserver vs a production webserver is not really different from the question (to a degree) of how a stage webserver is different from a production webserver -- they are both machines built out of the same repo, using slightly different parameters. --Michael On Thu, Apr 3, 2014 at 5:24 AM, Tomasz Kontusz tomasz.kont...@gmail.comwrote: Michael DeHaan mich...@ansible.com napisał: I would not recommend using a seperate branch unless there are seperate versions of the product, branching is great for versions, not great for environments. What do you think about having a staging branch that's followed by a production one? Then production would have an easy to see lag, and could even have custom hotfixes. I've seen this model work for web apps versioning, and I wonder if it's recommended for Ansible. It would still use the standard mechanisms (separate inventories, group/host vars) for differences between those environments in configuration, but not for difference in time when the configuration was deployed. Differences in environment should be modelled by differences in group_variables where possible -- and possibly in a slightly different top level playbook, all leveraging many common roles. Then it's just ansible-playbook site.yml -i production vs ansible-playbook site.yml -i stage On Tue, Apr 1, 2014 at 5:35 PM, Alex King a...@king.net.nz wrote: Hi, I'm new to ansible but liking what I see so far. I'm using it to configure a bunch of machines acting as routers across a region, and I like the model so far. Now I'm trying to set up a couple of machines as a staging environment so I can check out configuration changes before I push them to production machines. In http://docs.ansible.com/playbooks_best_practices.html a separate inventory file for stage and production is recommended. OK, but how do I actually apply a different configuration to the staging machines from production? I see further down it's recommended to keep the playbooks and inventory files in git. Am I supposed to branch the whole thing and use a test branch which gets applied to staging machines? Or is there an ansible feature to switch between staging and production? I have a simple file copy which I want to do different on staging vs. production. I could set up a template and choose different content depending on whether we're deploying to staging or production, but that seems the wrong way to do it. It's really just a different version of the same file, and I want to choose one version for staging servers and another for production. How do others do this? Cheers, Alex -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2423c0ad-5a15-4d32-be13-0535344fe7bd%40googlegroups.com https://groups.google.com/d/msgid/ansible-project/2423c0ad-5a15-4d32-be13-0535344fe7bd%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- Wysłane za pomocą K-9 Mail. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/9b731735-3c6c-4c85-be2d-cc9a8434e5be%40email.android.com . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QOWVEGUqJt9fF7Zo8Qg9JH9%3DMob-WpJ86qZEzBffUFXKQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Variables in defaults/main.yml of a role are accessible from other roles. What if we have same {{ VAR }} names in several roles? Just wanted to check if this case is intended.
It's entirely intended. For instance, you might have a role that applies a particular configuration to machines that live in a particular datacenter, and one of the things that sets might be the port to use for the database server. That port variable would then be available to other roles. While this sounds scary at first, Ansible contains safeguards to make sure the variables used in one role are absolutely used there and not clobbered by another. Thus they have guaranteed scope to that role. As such, if you define a variable port in two places, each role is guaranteed to be able to read the local value. On Thu, Apr 3, 2014 at 10:09 AM, Marko Lisica titelskib...@gmail.comwrote: Hi, I stumbled onto little mind game with ansible today : D . I have three roles that are tagged. - hosts: vagrant sudo: yes roles: - {role: ansible_users, tags: users} - {role: ansible_nginx, tags: nginx} - {role: ansible_mysql, tags: mysql} I have defaults/main.yml for ansible_users and ansible_mysql in their respective places. This is ansible_users defaults: --- users: - user: detlic webdir: - woodpecker - aligator - user: keder webdir: [] This is ansible_mysql defaults: --- users: - user: detlic db: - aligatordb - woodpeckerdb - user: jazavac db: - badgerdb - ddaybdb I have left NGINX role without defaults. How I understand things is that NGINX will inherit defaults vars from other roles and use them where it can. But in this case {{ VARS }} are named the same in both USER and MYSQL roles. NGINX role is before MYSQL from whoom it should inherit vars? In my test case it inherits it from the LAST role in the list. So in this case it is MYSQL. If I remove MYSQL role from a list then everything is fine. Another thing is if I leave MYSQL role present BUT use TAGS and play roles with jsut USERS and NGINX tags, still NGINX inherits defaults from MYSQL. Can someone comment on this. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/eb9bf810-d04e-4998-86e4-72e0ab8aa791%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/eb9bf810-d04e-4998-86e4-72e0ab8aa791%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAEVJ8QPg4RQo6Ae-K0pLUAkyA6J2W7R53-nxGNmZPR%3DGKKM7iA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Ansible conditions and logics
I've never seen this syntax used with when: - name: Moving on debug: msg=doing something with {{ item.item }} when: - item.stat.exists == true - item.stat.islnk != true with_items: st.results Is that a valid conditional? Is it equivalent to 'and' ? On Wednesday, April 2, 2014 5:53:52 AM UTC-5, Maxim Odinintsev wrote: Hello, I'm tried make it over ansible, but in final, i think much easiest way is using script module. If someone interesting, when i tried it, i'm used this construction for getting files attributes and states: - name: Getting files stats stat: path={{ item }} register: st with_items: - /etc/asterisk - /etc/bind - /etc/GeoIP.conf - /etc/iptables - /etc/jabber - /etc/monit - /etc/mysql - /etc/nginx - /etc/postfix - /etc/ppp - /etc/snmp - /etc/sphinx - /etc/xl2tpd - name: Moving on debug: msg=doing something with {{ item.item }} when: - item.stat.exists == true - item.stat.islnk != true with_items: st.results Thank you Hello, Yes, you understand correctly. How can I synchronize files on remote node (not from local host to remote) ? Thank you. If I understand correctly, you're copying the contents of several directories to a central location, removing the old path, and then creating a symlink to the new location? To do that with ansible you'd just need to call the synchronize module to copy the files (or use command/shell to do the rsync), and then use the file module to create the symlink. On Mon, Mar 31, 2014 at 6:56 AM, Maxim Odinintsev gwyn...@gmail.comwrote: Hello, I'm trying migrate out my infrastructure under ansible control, but stopped on simple things realization with ansible. I would be very grateful if some one can explain, best way for moving on this simple shell script under ansible. May be simplest way is running external shell, and not try to push it all under ansible logic ? pushd / for i in \ /etc/ipsec* \ /home \ /root \ do [[ -r $i ]] || continue [[ -L $i ]] continue dst_dir=$(readlink -m /protected$(dirname $i)) dst_name=${dst_dir}/$(basename $i) mkdir -p $dst_dir rsync -a $i $dst_dir rm -rf $i ln -s $dst_name $i ls -ld $i done popd Thank you -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com. To post to this group, send email to ansible...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a29d1d41-ffd3-40e9-8cc4-a4a891e443c6%40googlegroups.comhttps://groups.google.com/d/msgid/ansible-project/a29d1d41-ffd3-40e9-8cc4-a4a891e443c6%40googlegroups.com?utm_medium=emailutm_source=footer . For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/bbf07a56-63bb-41d5-9c4a-d5185b123603%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Can ansible do dshbak-like output?
FWIW I would second having such a feature builtin, e.g. even just having something like a --collate option would be really nice. --diff could be also very neat to not just collate common output as a whole into one, but rather visualize where output is the same (across all hosts) and where differs. Both modes would be useful not only for -m shell but others (e.g. setup) as well, so not really module dependent. Cheers! On Thursday, November 21, 2013 10:23:44 PM UTC-5, ja...@jrib.net wrote: Hello, I use ansible -m shell quite a bit. I would like ansible to not show me the output multiple times if it is identical on several machines. The dshbak tool for pdsh [0] and clush -b from clustershell [1] are examples of similar tools that behave in the desired way. I wrote a simple proof of concept for ansible at https://github.com/jrib/ansbak . -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/716fb155-c603-404f-b0e7-a67fec024317%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Delegated cronjobs with time vars per target host
Hi, I want to dynamically every new host to the backup server with rsnapshot. I have no problems putting SSH keys on backup target hosts and putting a template and exclude config for the target host into /etc/rsnapshot.d on backup host. The problem is when I try to add the rsnapshot cronjob for the new host. And here's the trick - I'm trying to add different times for each host because I don't want them to all hit the backup disk at the same time. So I figured I could put several cron time vars for each host in host_vars/ directory. Here's an example of what I'm trying to pull-off with cron module: FILE: roles/common/backup.yml - - name: weekly rsnapshot cron cron: name=rsnap {{ ansible_fqdn }} (upravlja Ansible) weekday={{ rsnap_weekly_day }} hour={{ rsnap_weekly_hour }} minute={{ rsnap_weekly_min }} user=root job=rsnapshot -c /etc/rsnapshot.d/{{ ansible_fqdn }}.conf weekly cron_file=rsnap-{{ ansible_fqdn }} delegate_to: backuphost FILE: host_vars/newhost rsnap_hourly_min: 12 rsnap_daily_min: 45 rsnap_daily_hour: 1 rsnap_weekly_min: 30 rsnap_weekly_hour: 21 rsnap_weekly_day: 3 What happens is that backuphost picks up the var of newhost and then cries foul: fatal: [backuphost] = One or more undefined variables: 'rsnap_daily_hour' is undefined I'm running out of ideas how I could do it. I've looked into several loops but I'm still a beginner with Ansible and YAML syntax, so if anyone has any idea how this delegation could work I'd really appreciate it! Regards, Martin -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/20140402232909.GA12514%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] variable isn't expanded correctly?
Hi, I have a variable set up like this: ansible_ssh_user: {{ lookup('env', 'USER') }} all the commands execute fine, until I get to the point where I want to use the synchronize module, where it fails with: failed: [vmArServer] = {failed: true, item: } msg: this module requires key=value arguments (['src=../../frontEnd/*', 'private_key=/home/dario/.vagrant.d/insecure_private_key', 'dest_port=22', 'recursive=yes', 'dest={{lookup(env,', 'USER)}}@10.0.46.164:/var/www/nginx', 'delete=yes', 'archive=yes', 'rsync_path=sudo rsync']) If I change ansible_ssh_user, hardcoding it with my user, it works fine... but {{lookup(env,', 'USER)}} seems really weird: it almost looks like there would be some extra quotes around my lookup, but I reckon that would trigger an error much earlier Has anyone seen something like this? Thanks -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/eca438f8-7245-4786-8c33-3eccb9c4f85d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Running python command on when statement
Hi all, I was trying to update ansible from 1.2 to 1.5 and noticed that I can no longer use only_if which has been replaced by when. But when I try to run a shell task with this condition: when: len(filter(lambda m: m['mount'] == '/var/lib/myMount', '{{ansible_mounts}}')) == 0 I get the following error: error while evaluating conditional: len(filter(lambda m: m['mount'] == '/var/lib/myMount', '[{u'size_total': 8455118848, u'mount': u'/', u'size_available': 6891151360, u'fstype': u'ext4', u'device': u'/dev/xvda1', u'options': u'rw'}, {u'size_total': 16122802176, u'mount': u'/mnt', u'size_available': 15129432064, u'fstype': u'ext3', u'device': u'/dev/xvdb', u'options': u'rw,_netdev'}, {u'size_total': 107321753600, u'mount': u'/var/lib/myMount', u'size_available': 107250851840, u'fstype': u'xfs', u'device': u'/dev/xvdf', u'options': u'rw,noatime'}]')) == 0 The ansible_mounts variable is being correctly returned as you can see in the error message. I've tryed different combinations of positioning the quote marks but no luck. Any help? Regards, Douglas -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/112db0a1-c88e-4bc5-a896-a9f738909391%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Delegated cronjobs with time vars per target host
I did this a while back, thinking I'd replace it with something more elegant when I have time... honestly, it's been working so well, I haven't thought about it again, until you reminded me. I have a script saved in my ansible git repo: $GIT/ansible/bin/cron_scheduler.sh #!/bin/bash PATH=/bin:/usr/bin helptext() { echo Usage: $0 -i ip_address -f frequency 2 echo Example: $0 -i 10.10.5.160 -f 15 # run once every 15 minutes 2 exit 1 } if [ $# -ne 4 ] || [ $1 = -h ] || [ $1 = --help ]; then helptext fi while getopts i:f: option do case ${option} in i) ip_address=${OPTARG};; f) frequency=${OPTARG};; *) helptext;; esac done decimal=$(echo $ip_address | sed 's/\./+/g' | bc) ip_rand=$(expr $decimal % $frequency) x=$ip_rand declare -a minutes=$ip_rand count=0 while [ $x -lt 60 ] do next=$(expr ${minutes[$count]} + $frequency) if [ $next -lt 60 ] ; then minutes=(${minutes[@]} $next) fi (( count++ )) x=$next done echo -n ${minutes[@]} | tr , So running this: cron_scheduler.sh -i 10.10.5.160 -f 15 results in this output: 5,20,35,50 (every 15 minutes) So just decide how frequently you want to schedule the task, and pass in the IP address. voila. - name: pick a minute to run example script: bin/cron_scheduler.sh -i {{ ansible_default_ipv4.address }} -f 10 register: cron_minutes - name: configure example template: src=example/example.cron dest=/etc/cron.d/example.cron owner=root group=root mode=0644 and the template would have something like this: {{cron_minutes.stdout}} * * * * root /usr/local/bin/example Brent On Wed, Apr 2, 2014 at 7:29 PM, Martin Božič martin.bo...@gmail.com wrote: Hi, I want to dynamically every new host to the backup server with rsnapshot. I have no problems putting SSH keys on backup target hosts and putting a template and exclude config for the target host into /etc/rsnapshot.d on backup host. The problem is when I try to add the rsnapshot cronjob for the new host. And here's the trick - I'm trying to add different times for each host because I don't want them to all hit the backup disk at the same time. So I figured I could put several cron time vars for each host in host_vars/ directory. Here's an example of what I'm trying to pull-off with cron module: FILE: roles/common/backup.yml - - name: weekly rsnapshot cron cron: name=rsnap {{ ansible_fqdn }} (upravlja Ansible) weekday={{ rsnap_weekly_day }} hour={{ rsnap_weekly_hour }} minute={{ rsnap_weekly_min }} user=root job=rsnapshot -c /etc/rsnapshot.d/{{ ansible_fqdn }}.conf weekly cron_file=rsnap-{{ ansible_fqdn }} delegate_to: backuphost FILE: host_vars/newhost rsnap_hourly_min: 12 rsnap_daily_min: 45 rsnap_daily_hour: 1 rsnap_weekly_min: 30 rsnap_weekly_hour: 21 rsnap_weekly_day: 3 What happens is that backuphost picks up the var of newhost and then cries foul: fatal: [backuphost] = One or more undefined variables: 'rsnap_daily_hour' is undefined I'm running out of ideas how I could do it. I've looked into several loops but I'm still a beginner with Ansible and YAML syntax, so if anyone has any idea how this delegation could work I'd really appreciate it! Regards, Martin -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/ msgid/ansible-project/20140402232909.GA12514%40gmail.com. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CABta7G39kjuPe7AVYohaAG9qopwHKg%2B89vAqtDUnnMs9w8A7-w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Delegated cronjobs with time vars per target host
Where are you using the rsnap_daily_hour variable? The task you pasted doesn't have it included. The vars file you included is host specific for 'newhost', if you are trying to use those variables in a play involving the backuphost (not a delegated_to task), you'll either need to use hostvars or restructure your variables in a different manner. So, using hostvars, accessing rsnap_daily_hour in a play on backuphost would be {{ hostvars['newhost']['rsnap_daily_hour'] }}. If it was me, I'd use group_vars with separate groups for each time slot, and then make the backuphost a member of each time slot group. That may or may not scale well, but I try to avoid using hostvars if at all possible. I'd change my mind if I was in an environment absolutely destined to remain small stable of course. Brian On Wednesday, April 2, 2014 6:29:09 PM UTC-5, Martin Božič wrote: Hi, I want to dynamically every new host to the backup server with rsnapshot. I have no problems putting SSH keys on backup target hosts and putting a template and exclude config for the target host into /etc/rsnapshot.d on backup host. The problem is when I try to add the rsnapshot cronjob for the new host. And here's the trick - I'm trying to add different times for each host because I don't want them to all hit the backup disk at the same time. So I figured I could put several cron time vars for each host in host_vars/ directory. Here's an example of what I'm trying to pull-off with cron module: FILE: roles/common/backup.yml - - name: weekly rsnapshot cron cron: name=rsnap {{ ansible_fqdn }} (upravlja Ansible) weekday={{ rsnap_weekly_day }} hour={{ rsnap_weekly_hour }} minute={{ rsnap_weekly_min }} user=root job=rsnapshot -c /etc/rsnapshot.d/{{ ansible_fqdn }}.conf weekly cron_file=rsnap-{{ ansible_fqdn }} delegate_to: backuphost FILE: host_vars/newhost rsnap_hourly_min: 12 rsnap_daily_min: 45 rsnap_daily_hour: 1 rsnap_weekly_min: 30 rsnap_weekly_hour: 21 rsnap_weekly_day: 3 What happens is that backuphost picks up the var of newhost and then cries foul: fatal: [backuphost] = One or more undefined variables: 'rsnap_daily_hour' is undefined I'm running out of ideas how I could do it. I've looked into several loops but I'm still a beginner with Ansible and YAML syntax, so if anyone has any idea how this delegation could work I'd really appreciate it! Regards, Martin -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/a6e47e28-59ff-428c-9407-e8d38b1fb96e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] variable isn't expanded correctly?
i don't think the connection module templates that value, also USER would already be the default if you don't specify anything. -- You received this message because you are subscribed to the Google Groups Ansible Project group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CADn%2BHsxoSdBAu8Nyp8Fr4o5c%3D3zBe94PaZOjpQpbpDzrL%3D4%3DjA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.