[ansible-project] Re: delegate_to and winrm is broken

[Matt Davis]

I suspect you may have an inventory or command issue that's reassigning 
localhost's connection type to winrm (you're not adding -c winrm, are you?) 
- this sample works fine for me on both 2.1.1 and devel. The connection: 
local is not necessary, and works fine for me with either local_action or 
delegate_to: localhost. 

There are definitely some issues with cross-connection delegation with 
pseudo-connection-var rewriting when going the other way (delegating from 
Linux hosts to Windows), but this one looks like a busted inventory to me.


On Thursday, October 13, 2016 at 5:06:39 PM UTC-7, Stephen Bunn wrote:
>
> It seems that it is impossible to run a local task when talking to windows 
> hosts.  This is pretty much a show stopper for my current use case of 
> Ansbile.
>
> ansible version:  ansible 2.1.1.0
>
> using any of the following, all result in the same error
>
> - name: deploy some stuff
>   hosts: somewindowshosts
>   gather_facts: True
>   serial: 1
>   pre_tasks:
> - name: disable {{ inventory_hostname }} from LB
>   delegate_to: localhost
>   connection: local
>   command: /usr/bin/magic_lb_removal_script
>   #local_action: command foo
>   #delegate_to: 127.0.0.1
>   roles:
>  - { role: foo }
>  - { role: bar }
>
>
>  ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 
> 5985 TO localhost
> fatal: [172.28.18.158]: UNREACHABLE! => {"changed": false, "msg": 
> "plaintext: HTTPConnectionPool(host='localhost', port=5985): Max retries 
> exceeded with url: /wsman (Caused by 
> NewConnectionError(' object at 0x21aa610>: Failed to establish a new connection: [Errno 111] 
> Connection refused',))", "unreachable": true}
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/df145269-2819-4e44-b6d1-fd4f02ff2328%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Visibility of facts/variables when using "become"

[Brian Coca]

The only difference with become, is the user the facts are gathered as.
Without become, the login user gathers facts and if there are ones that
require privileges that user lacks, those won't be populated.

With become, you turn into another user and the same things apply, you can
gather the facts you have privileges to see.


--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7ewB%2B2rcXzYMx5%3Dp80u68j9Oiycpq5c2__JcmSHhBK4BQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] delegate_to and winrm is broken

[Stephen Bunn]

It seems that it is impossible to run a local task when talking to windows 
hosts.  This is pretty much a show stopper for my current use case of 
Ansbile.

ansible version:  ansible 2.1.1.0

using any of the following, all result in the same error

- name: deploy some stuff
  hosts: somewindowshosts
  gather_facts: True
  serial: 1
  pre_tasks:
- name: disable {{ inventory_hostname }} from LB
  delegate_to: localhost
  connection: local
  command: /usr/bin/magic_lb_removal_script
  #local_action: command foo
  #delegate_to: 127.0.0.1
  roles:
 - { role: foo }
 - { role: bar }


 ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 5985 
TO localhost
fatal: [172.28.18.158]: UNREACHABLE! => {"changed": false, "msg": 
"plaintext: HTTPConnectionPool(host='localhost', port=5985): Max retries 
exceeded with url: /wsman (Caused by 
NewConnectionError(': Failed to establish a new connection: [Errno 111] 
Connection refused',))", "unreachable": true}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2640b177-9b32-40fe-af2e-665d2cc639ad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: win_copy failing (timeout)

[Matt Davis]

Yeah, I never found a packaged Mac python that did the right thing. 
Recompiling Python against a compiled-by-me latest OpenSSL was the only way 
I got the issue to go away (I had also tweaked the default cipher list to 
"best practices" using IISCrypto, but that alone won't fix it with the 
Apple-supplied Xcode python). 

I added some diagnostic stuff to urllib3 to dump the actual cipher/proto 
that were negotiated to see if I could narrow it down to specific combos of 
working/failing between the different versions, but at least from my 
initial research, it didn't seem to matter (though it wasn't exactly what 
you'd call scientific or exhaustive).

This one is hairy- I wish there were something more we could do with it, 
but I'm not sure what that would be.

On Thursday, October 13, 2016 at 3:20:37 PM UTC-7, Peter Rebholz wrote:
>
> Thanks for the info, Matt.
>
> I've tried a number of versions of OpenSSL without any luck:
>
> macOS El Capitan (where I originally had this problem) has Python 2.7.10 
> with OpenSSL 0.9.8zh
> FreeBSD 11.0-RELEASE has Python 2.7.12 with OpenSSL 1.0.2j
> FreeBSD 11.0-RELEASE with manual build of Python 2.7 (latest) with manual 
> build of OpenSSL 1.1.0b
>
> Peter
>
> On Thursday, October 13, 2016 at 12:53:02 PM UTC-5, Matt Davis wrote:
>>
>> Every case I've seen of this issue has come down to a problem deep in an 
>> SSL/TLS implementation that causes the tunnel to get wedged. I've not dug 
>> in far enough with the packet sniffer/TLS debugging to be sure which side 
>> is the problem (Windows SChannel or OpenSSL), but on the machines I've seen 
>> it on, it's 100% reproducible. There's not really anything we can do about 
>> it at the Ansible level, as it's many dependencies away from us 
>> (Ansible->pywinrm->requests->urllib3->pyopenssl->OpenSSL). 
>>
>> The only way I've been able to correct the problem on machines I've seen 
>> it on is by recompiling Python against a newer OpenSSL build. Switching up 
>> allowed ciphers on the Windows or OpenSSL side generally seems to just move 
>> the problem around (ie, it fails in a different place but still quite 
>> predictably). Switching to HTTP instead of HTTPS also makes the problem go 
>> away, but, well, don't do that. Hoping to get some of the message-level 
>> HTTP encryption stuff going in pywinrm soon (at least for Kerberos, and 
>> jborean93 has done it for CredSSP), which could be another way to make this 
>> go away in the future.
>>
>> -Matt
>>
>>
>> On Thursday, October 13, 2016 at 8:10:34 AM UTC-7, Peter Rebholz wrote:
>>>
>>> I'm also running into this issue and spent some time troubleshooting. In 
>>> my case, the host I'm pushing the file to is on a separate network without 
>>> incoming access to where we host the files, thus the proposed workaround of 
>>> using `get_url` does not work.
>>>
>>> In my troubleshooting, I've found out the following details:
>>>
>>> 1. The timeout used by `pywinrm` is not relevant because the files are 
>>> transferred via many small requests. You can play with this setting by 
>>> defining the vars: `ansible_winrm_read_timeout_sec` and 
>>> `ansible_winrm_operation_timeout_sec`. While the timeout was reflected in 
>>> the error message, it had no effect.
>>> 2. The temp file created by the `win_copy` always tops out at the same 
>>> size: 110,840 KB
>>> 3. The `winrm` connector uses 250,000 byte chunks to transfer the file. 
>>> If you change the `buffer_size` parameter in 
>>> `ansible/plugins/connection/winrm.py` to something larger, then the temp 
>>> file on the windows size will be larger than the 110,840 KB mentioned 
>>> previously
>>> 4. If you bump that `buffer_size` up enough, you can successfully 
>>> transfer the whole file.
>>> 5. By running the following command, I've always received the result 
>>> "457" when the process fails, regardless of `buffer_size`. This seems to 
>>> indicate that there is some bound that is being exceeded but I have not 
>>> been able to figure out if it's a problem with ansible code or the WinRM 
>>> service configuration on the server.
>>>
>>> ansible-playbook -v -l windows -i inventory playbook.yml | grep 
>>> "WINRM PUT" | wc -l
>>>
>>> That's as far as I've gone... Hopefully someone more familiar with the 
>>> WinRM connector may have some ideas...
>>>
>>> Peter
>>>
>>> On Wednesday, August 31, 2016 at 9:21:36 AM UTC-5, Justin Dugan wrote:

 I am using this in the playbook:

 - name: copy {{eap_dir}}.0.zip
   win_copy: src="{{eap_dir}}.0.zip" dest="c:/temp/{{eap_dir}}.0.zip"


 And it's failing with:

 TASK [win_JBoss : copy jboss-eap-6.4.0.zip] 
 
  [WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent 
 call last):   File
 "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
 line 204, in _winrm_exec
 self._winrm_send_input(self.protocol, self.shell_id, command_id, data, 
 eof=is_last)  

[ansible-project] Re: win_copy failing (timeout)

[Peter Rebholz]

Thanks for the info, Matt.

I've tried a number of versions of OpenSSL without any luck:

macOS El Capitan (where I originally had this problem) has Python 2.7.10 
with OpenSSL 0.9.8zh
FreeBSD 11.0-RELEASE has Python 2.7.12 with OpenSSL 1.0.2j
FreeBSD 11.0-RELEASE with manual build of Python 2.7 (latest) with manual 
build of OpenSSL 1.1.0b

Peter

On Thursday, October 13, 2016 at 12:53:02 PM UTC-5, Matt Davis wrote:
>
> Every case I've seen of this issue has come down to a problem deep in an 
> SSL/TLS implementation that causes the tunnel to get wedged. I've not dug 
> in far enough with the packet sniffer/TLS debugging to be sure which side 
> is the problem (Windows SChannel or OpenSSL), but on the machines I've seen 
> it on, it's 100% reproducible. There's not really anything we can do about 
> it at the Ansible level, as it's many dependencies away from us 
> (Ansible->pywinrm->requests->urllib3->pyopenssl->OpenSSL). 
>
> The only way I've been able to correct the problem on machines I've seen 
> it on is by recompiling Python against a newer OpenSSL build. Switching up 
> allowed ciphers on the Windows or OpenSSL side generally seems to just move 
> the problem around (ie, it fails in a different place but still quite 
> predictably). Switching to HTTP instead of HTTPS also makes the problem go 
> away, but, well, don't do that. Hoping to get some of the message-level 
> HTTP encryption stuff going in pywinrm soon (at least for Kerberos, and 
> jborean93 has done it for CredSSP), which could be another way to make this 
> go away in the future.
>
> -Matt
>
>
> On Thursday, October 13, 2016 at 8:10:34 AM UTC-7, Peter Rebholz wrote:
>>
>> I'm also running into this issue and spent some time troubleshooting. In 
>> my case, the host I'm pushing the file to is on a separate network without 
>> incoming access to where we host the files, thus the proposed workaround of 
>> using `get_url` does not work.
>>
>> In my troubleshooting, I've found out the following details:
>>
>> 1. The timeout used by `pywinrm` is not relevant because the files are 
>> transferred via many small requests. You can play with this setting by 
>> defining the vars: `ansible_winrm_read_timeout_sec` and 
>> `ansible_winrm_operation_timeout_sec`. While the timeout was reflected in 
>> the error message, it had no effect.
>> 2. The temp file created by the `win_copy` always tops out at the same 
>> size: 110,840 KB
>> 3. The `winrm` connector uses 250,000 byte chunks to transfer the file. 
>> If you change the `buffer_size` parameter in 
>> `ansible/plugins/connection/winrm.py` to something larger, then the temp 
>> file on the windows size will be larger than the 110,840 KB mentioned 
>> previously
>> 4. If you bump that `buffer_size` up enough, you can successfully 
>> transfer the whole file.
>> 5. By running the following command, I've always received the result 
>> "457" when the process fails, regardless of `buffer_size`. This seems to 
>> indicate that there is some bound that is being exceeded but I have not 
>> been able to figure out if it's a problem with ansible code or the WinRM 
>> service configuration on the server.
>>
>> ansible-playbook -v -l windows -i inventory playbook.yml | grep 
>> "WINRM PUT" | wc -l
>>
>> That's as far as I've gone... Hopefully someone more familiar with the 
>> WinRM connector may have some ideas...
>>
>> Peter
>>
>> On Wednesday, August 31, 2016 at 9:21:36 AM UTC-5, Justin Dugan wrote:
>>>
>>> I am using this in the playbook:
>>>
>>> - name: copy {{eap_dir}}.0.zip
>>>   win_copy: src="{{eap_dir}}.0.zip" dest="c:/temp/{{eap_dir}}.0.zip"
>>>
>>>
>>> And it's failing with:
>>>
>>> TASK [win_JBoss : copy jboss-eap-6.4.0.zip] 
>>> 
>>>  [WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent 
>>> call last):   File
>>> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
>>> line 204, in _winrm_exec
>>> self._winrm_send_input(self.protocol, self.shell_id, command_id, data, 
>>> eof=is_last)   File
>>> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
>>> line 185, in
>>> _winrm_send_input rs = protocol.send_message(xmltodict.unparse(rq)) 
>>>   File "/usr/lib/python2.7
>>> /site-packages/winrm/protocol.py", line 207, in send_message return
>>> self.transport.send_message(message)   File 
>>> "/usr/lib/python2.7/site-packages/winrm/transport.py",
>>> line 173, in send_message response = 
>>> self.session.send(prepared_request,
>>> timeout=self.read_timeout_sec)   File 
>>> "/usr/lib/python2.7/site-packages/requests/sessions.py", line
>>> 596, in send r = adapter.send(request, **kwargs)   File 
>>> "/usr/lib/python2.7/site-
>>> packages/requests/adapters.py", line 499, in send raise 
>>> ReadTimeout(e, request=request)
>>> ReadTimeout: HTTPSConnectionPool(host='host', port=5986): Read timed
>>> out. (read timeout=30)
>>>
>>> fatal: [jcinstalltest]: FAILED! => {"failed": true, 

Re: [ansible-project] Module Paths for junos-eznc

[Peter Sprygada]

Are you attempting to run Ansible in a virtualenv?

On Tue, Oct 11, 2016 at 3:16 PM, Zod  wrote:

> Trying to setup Ansible on Mac OS X 10.10.3
> Have ansible 2.1.1.0 python 2.7.12
> installed junos-eznc
> Testing uploading a conf file to a juniper device and getting:
> fatal: [srx]: FAILED! => {"changed": false, "failed": true, "msg":
> "junos-eznc >= 1.2.2 is required for this module"}
>
> I did install that:
> Successfully installed MarkupSafe-0.23 PyYAML-3.12 cffi-1.8.3
> cryptography-1.5.2 enum34-1.1.6 idna-2.1 ipaddress-1.0.17 jinja2-2.8
> junos-eznc-2.0.1 lxml-3.6.4 ncclient-0.5.2 netaddr-0.7.18 paramiko-2.0.2
> pyasn1-0.1.9 pycparser-2.14 pyserial-3.1.1 scp-0.10.2 six-1.10.0
>
> Don't know how to tell it where to look for these modules and don't know
> where to go from here.
>
> Here is my simple yaml file:
> ---
> - name: "Prepare"
> connection: local
> hosts: juniper
> gather_facts: no
>
> tasks:
> - name: "Push Config"
> junos_install_config:
> host={{ inventory_hostname }}
> file=roles/srx.conf
> tags: -load
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/d71fdb6d-905e-475b-a16b-167346917ad2%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAEkdrMiaqiKhk5hGdkJs6hbpJBaUJ9hCyKLBAZDn-wDKnQXp5w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Handle Host Unreachable cases or Test SSH Connectivity in yml playbook

['Anas Theo' via Ansible Project]

Hello Kai,

Indeed, I can use ping to test the connectivity in all servers, hower the 
fatar error again can't be handled for example in a conditional form.

What I request is to be able to handle this result "fatal: [sles_11]: 
UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host 
via ssh.", "unreachable": true}" , in order to for example to be able to 
write a message in a local log file. 

This case is also describer in documentation of ansible:
"You can change this behavior with the --force-handlers command-line 
option, or by including force_handlers: True in a play, or force_handlers = 
True in ansible.cfg. When handlers are forced, they will run when notified 
even if a task fails on that host. (Note that certain errors could still 
prevent the handler from running, such as a host becoming unreachable.)"

Is there any option to overcome this problem?

Thank you very much.



Τη Πέμπτη, 13 Οκτωβρίου 2016 - 4:42:24 μ.μ. UTC+3, ο χρήστης Anas Theo 
έγραψε:
>
> Hello,
>
> Is there any easy way to handle "host unreachable" cases in order to debug 
> in a log file the problematic situation ? As an alternative it could also 
> be useful to test SSH connectivity through explicit commands in all remote 
> hosts before executing the rest of the .yml file. Thanks for your help. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7525283a-70f9-4583-87e0-c9e8fce375aa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Error: "ImportError: No module named grp" when running playbook against windows

[Matt Davis]

Running python modules on Windows isn't supported or tested (and in most 
cases just plain won't work)- would strongly suggest you find a win_ 
equivalent to whatever you're trying to do...

On Thursday, October 13, 2016 at 11:17:53 AM UTC-7, Sam Brelsfoard wrote:
>
> I've seen a couple of other folks have this issue, but I've not found any 
> answers/solutions. 
>
> I have a playbook that runs fine from an ansible server (CentOS) to a Mac 
> OSX node, however, when I run the same playbook against a Windows node I 
> get an ImportError. Any thoughts?
> example:
>
> ansible-playbook playbooks/getserverdb.yml -vvv
> Using /etc/ansible/ansible.cfg as config file
> PLAYBOOK: getserverdb.yml 
> **
> 1 plays in playbooks/getserverdb.yml
> PLAY [samtestwin] 
> **
> TASK [get server.db from devopscoms] 
> ***
> task path: /etc/ansible/playbooks/getserverdb.yml:5
>  ESTABLISH SSH CONNECTION FOR USER: izodev
>  SSH: EXEC sshpass -d12 ssh -C -q -o ControlMaster=no -o 
> User=izodev -o ConnectTimeout=10 sbrelsfoard-pc '/bin/sh -c 
> '"'"'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 
> C:/Python27/python.exe && sleep 0'"'"''
> An exception occurred during task execution. The full traceback is:
> Traceback (most recent call last):
>   File "c:\cygwin64\home\izodev\ansible_qajniv\ansible_module_command.py", 
> line 247, in 
> from ansible.module_utils.basic import *
>   File 
> "c:\cygwin64\home\izodev\ansible_qajniv\ansible_modlib.zip\ansible\module_utils\basic.py",
>  
> line 52, in 
> ImportError: No module named grp
> fatal: [sbrelsfoard-pc]: FAILED! => {"changed": false, "failed": true, 
> "invocation": {"module_name": "command"}, "module_stderr": "Traceback (most 
> recent call last):\r\r\n  File 
> \"c:\\cygwin64\\home\\izodev\\ansible_qajniv\\ansible_module_command.py\", 
> line 247, in \r\r\nfrom ansible.module_utils.basic import 
> *\r\r\n  File 
> \"c:\\cygwin64\\home\\izodev\\ansible_qajniv\\ansible_modlib.zip\\ansible\\module_utils\\basic.py\",
>  
> line 52, in \r\r\nImportError: No module named grp\r\r\n", 
> "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
> NO MORE HOSTS LEFT 
> *
> to retry, use: --limit @playbooks/getserverdb.retry
> PLAY RECAP 
> *
> sbrelsfoard-pc : ok=0changed=0unreachable=0failed=1
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5afe7fec-110e-4a48-ac74-1b2c2df64b68%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Using with_subelements, cannot reference dict item's key (v 2.2.0)

[Slavek Jurkowski]

Thanks for the quick response. I think i’m going to just hack the name into the 
dict like so as i want to preserve the dict structure and this least bad way i 
see of doing that. My dict var is auto populated from another tool so it 
shouldn’t be hard for me to keep these in sync.

Slavek


> vars:
>   users:
> bob:
>   name: bob
>   authorized_keys:
> - "ssh-rsa a..."
> - "ssh-rsa b..."
> alice:
>   name: alice
>   authorized_keys:
> - "ssh-rsa c..."
> 
> 
> tasks:
>   - authorized_key: user=item.0.name key="{{ item.1 }}"
> with_subelements:
>   - "{{ users }}"
>   - authorized_keys



> On Oct 13, 2016, at 1:14 PM, Joanna Delaporte  
> wrote:
> 
> Slavek,
> 
> I converted my dicts to lists. :P It didn't take too long with some snappy 
> regex in vim. 
> 
> Joanna
> 
> On Thu, Oct 13, 2016 at 9:06 AM, Slavek Jurkowski  > wrote:
> Joanna,
> 
> Did you find any solution to this? I'm facing the same issue and it sure 
> sucks!
> 
> Thanks!
> 
> 
> On Wednesday, June 29, 2016 at 1:43:39 PM UTC-5, Joanna Delaporte wrote:
> Here's my version: ansible 2.2.0 (devel 87928ff56b) last updated 2016/06/22 
> 13:32:23 (GMT -500)
> 
> I'm not sure if this is a bug, or misplaced syntax. When I attempt to use a 
> dictionary, referencing the key of the dictionary and a subelement, I get the 
> error
> FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'key'"}
> 
> Here is my task:
>   - name: Add users to groups
> shell: 'ipa group-add-member {{item.1}} --users={{item.0.key}}'
> with_subelements:
> - '{{staff|default([])}}'
> - 'extragroups'
> - skip_missing: yes
> 
> 
> If I use item.0 instead of item.0.key, it tries to pass in the entire 
> dictionary object rather than just the key, and the command spits back a "too 
> many arguments" error, which is expected. I need just the username, eg the 
> argument I want to pass is --users=user1. Is there a reason I cannot access 
> it with item.0.key?
> 
> My dict object looks like this:
> ---
> staff:
>   user1:
> uid: 
> firstname: 
> lastname:  
> comment: ""
> gid: 
> shell: /bin/bash
> passwordhash: ""
> primarygroup: 
> extragroups: ['code']
>   user2:
> uid: 
> firstname: 
> lastname: 
> comment: ""
> gid: 
> shell: /bin/bash
> passwordhash: ""
> primarygroup: 
> extragroups: ['dm', 'code']
> 
> 
> 
> -- 
> You received this message because you are subscribed to a topic in the Google 
> Groups "Ansible Project" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/ansible-project/4jqKl1v69mI/unsubscribe 
> .
> To unsubscribe from this group and all its topics, send an email to 
> ansible-project+unsubscr...@googlegroups.com 
> .
> To post to this group, send email to ansible-project@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/52bb457e-6b09-4c66-b619-4cc0074a8eef%40googlegroups.com
>  
> .
> 
> For more options, visit https://groups.google.com/d/optout 
> .
> 
> 
> 
> -- 
> 
> 
> Joanna Delaporte
> Linux Systems Administrator | Parkland College
> joannadelapo...@gmail.com 
> 
> -- 
> You received this message because you are subscribed to a topic in the Google 
> Groups "Ansible Project" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/ansible-project/4jqKl1v69mI/unsubscribe 
> .
> To unsubscribe from this group and all its topics, send an email to 
> ansible-project+unsubscr...@googlegroups.com 
> .
> To post to this group, send email to ansible-project@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/CAG5Enc%2Bev%2BJCMrJ964oy1Gdao%3DryBQ7Nywc06ppy4_%2Bx2Q0DVw%40mail.gmail.com
>  
> .
> For more options, visit https://groups.google.com/d/optout 
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this 

Re: [ansible-project] Access dict key when using with_subelements

[Slavek Jurkowski]

Thanks for the reply. i agree..I just converted my dict in the same way..Just 
wanted to check if there was something better out there that anyone has found :P

Slavek


> On Oct 13, 2016, at 11:24 AM, Peter Thorson  wrote:
> 
> I have been using a horrible hacky workaround, specifically, adding the key 
> as a field to the dict element:
> 
> vars:
>   users:
> bob:
>   name: bob
>   authorized_keys:
> - "ssh-rsa a..."
> - "ssh-rsa b..."
> alice:
>   name: alice
>   authorized_keys:
> - "ssh-rsa c..."
> 
> 
> tasks:
>   - authorized_key: user=item.0.name key="{{ item.1 }}"
> with_subelements:
>   - "{{ users }}"
>   - authorized_keys
> 
> This is difficult to maintain because the two names can get out of sync, it 
> is not intuitive at all that making a new user should include the name again 
> when its already used as the key. It is just the least worst solution I've 
> found.
> 
> I wish there was a sane, unified, flexible solution to looping in Ansible. As 
> it stands there appear to be a bunch of one-off non-interoperable looping 
> constructs designed for very narrow purposes. This is easily the most 
> frustrating aspect of using Ansible for anything non-trivial.
> 
> On Thursday, October 13, 2016 at 10:10:32 AM UTC-5, Slavek Jurkowski wrote:
> Hi Peter,
> 
> Did you find a solution to this? I'm facing the same issue and it sure sucks!
> 
> Thanks
> 
> 
> On Wednesday, April 6, 2016 at 5:47:01 PM UTC-5, Peter Thorson wrote:
> when using with_dict, item.key retrieves the dict key and item.value 
> retrieves the value.
> 
> however, when using with_subelements and having the first item being looped 
> over be a dict, item.0 seems to return only the value. Is there a way
> 
> concrete example:
> 
> vars:
>   users:
> bob:
>   authorized_keys:
> - "ssh-rsa a..."
> - "ssh-rsa b..."
> alice:
>   authorized_keys:
> - "ssh-rsa c..."
> 
> 
> tasks:
>   - authorized_key: user=??? key="{{ item.1 }}"
> with_subelements:
>   - "{{ users }}"
>   - authorized_keys
> 
> How do I retrieve the username? I understand that I could change users into a 
> list and add username as a property. I want to avoid that because this users 
> list is used for lots of different things where being able to look up 
> information about a user by username is required.
> 
> -- 
> You received this message because you are subscribed to a topic in the Google 
> Groups "Ansible Project" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/ansible-project/6J6Yg--7CvA/unsubscribe 
> .
> To unsubscribe from this group and all its topics, send an email to 
> ansible-project+unsubscr...@googlegroups.com 
> .
> To post to this group, send email to ansible-project@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/51dfa4f3-d582-4043-945b-0eb094495ec0%40googlegroups.com
>  
> .
> For more options, visit https://groups.google.com/d/optout 
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9B528261-F313-4137-BBD7-D382D8A54C52%40thejurks.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Error: "ImportError: No module named grp" when running playbook against windows

[Sam Brelsfoard]

I've seen a couple of other folks have this issue, but I've not found any 
answers/solutions. 

I have a playbook that runs fine from an ansible server (CentOS) to a Mac 
OSX node, however, when I run the same playbook against a Windows node I 
get an ImportError. Any thoughts?
example:

ansible-playbook playbooks/getserverdb.yml -vvv
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: getserverdb.yml 
**
1 plays in playbooks/getserverdb.yml
PLAY [samtestwin] 
**
TASK [get server.db from devopscoms] 
***
task path: /etc/ansible/playbooks/getserverdb.yml:5
 ESTABLISH SSH CONNECTION FOR USER: izodev
 SSH: EXEC sshpass -d12 ssh -C -q -o ControlMaster=no -o 
User=izodev -o ConnectTimeout=10 sbrelsfoard-pc '/bin/sh -c 
'"'"'LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8 
C:/Python27/python.exe && sleep 0'"'"''
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
  File "c:\cygwin64\home\izodev\ansible_qajniv\ansible_module_command.py", 
line 247, in 
from ansible.module_utils.basic import *
  File 
"c:\cygwin64\home\izodev\ansible_qajniv\ansible_modlib.zip\ansible\module_utils\basic.py",
 
line 52, in 
ImportError: No module named grp
fatal: [sbrelsfoard-pc]: FAILED! => {"changed": false, "failed": true, 
"invocation": {"module_name": "command"}, "module_stderr": "Traceback (most 
recent call last):\r\r\n  File 
\"c:\\cygwin64\\home\\izodev\\ansible_qajniv\\ansible_module_command.py\", 
line 247, in \r\r\nfrom ansible.module_utils.basic import 
*\r\r\n  File 
\"c:\\cygwin64\\home\\izodev\\ansible_qajniv\\ansible_modlib.zip\\ansible\\module_utils\\basic.py\",
 
line 52, in \r\r\nImportError: No module named grp\r\r\n", 
"module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
NO MORE HOSTS LEFT 
*
to retry, use: --limit @playbooks/getserverdb.retry
PLAY RECAP 
*
sbrelsfoard-pc : ok=0changed=0unreachable=0failed=1


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cbb6a441-bcf0-4d4f-b777-860f60edc576%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Trying to delete a running app on Marathon by Ansible Playbook - Error

[Dick Davies]

Set a status_code: field to the value marathon returns, it looks like
you are getting a 200 and ansible is expecting a 201.

On 12 October 2016 at 17:00, Yogesh Darji
 wrote:
> Hi,
>
> I deployed an app on Marathon with POST using uri module. My inventory file
> has just localhost which I am using to execute my playbooks.
>
> I have written a playbook to delete that app, it will successfully delete
> the app, but the only problem which I am facing is that I am getting below
> error with successful response code.
>
> fatal: [localhost]: FAILED! => {"cache_control": "no-cache, no-store,
> must-revalidate", "changed": false, "connection": "close", "content":
> "{\"version\":\"2016-10-12T15:51:51.738Z\",\"deploymentId\":\"f200ffd5-095f-4dd5-865b-4958f0d0adfc\"}",
> "content_length": "92", "content_type": "application/json; qs=2", "date":
> "Wed, 12 Oct 2016 15:51:06 GMT", "expires": "0", "failed": true, "json":
> {"deploymentId": "f200ffd5-095f-4dd5-865b-4958f0d0adfc", "version":
> "2016-10-12T15:51:51.738Z"}, "msg": "Status code was not [201]: OK (92
> bytes)", "pragma": "no-cache", "redirected": false, "server":
> "openresty/1.7.10.2", "status": 200, "url":
> "http://jmontesvm07.verizon.com:19092/v2/apps/demoansible;,
> "x_marathon_leader": "http://10.200.161.1:31392"}
>
>
> I am concerned about the highlighted error and I want to get rid of it.
>
>
> The json response gives successful response with status 200. Can anyone help
> me with how to solve the highlighted error.
>
>
> Thanks in advance.
>
>
> -Yogesh Darji
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/b80ef440-2fd5-4f3c-8199-0f8147c5c09e%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAK5eLPRXAY9aaaCeoVUDN6jH0oLOg6W_O9xiPoK%3Dh3j7eo6Y%2Bw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Using with_subelements, cannot reference dict item's key (v 2.2.0)

[Joanna Delaporte]

Slavek,

I converted my dicts to lists. :P It didn't take too long with some snappy
regex in vim.

Joanna

On Thu, Oct 13, 2016 at 9:06 AM, Slavek Jurkowski 
wrote:

> Joanna,
>
> Did you find any solution to this? I'm facing the same issue and it sure
> sucks!
>
> Thanks!
>
>
> On Wednesday, June 29, 2016 at 1:43:39 PM UTC-5, Joanna Delaporte wrote:
>>
>> Here's my version: ansible 2.2.0 (devel 87928ff56b) last updated
>> 2016/06/22 13:32:23 (GMT -500)
>>
>> I'm not sure if this is a bug, or misplaced syntax. When I attempt to use
>> a dictionary, referencing the key of the dictionary and a subelement, I get
>> the error
>> FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'key'"
>> }
>>
>> Here is my task:
>>   - name: Add users to groups
>> shell: 'ipa group-add-member {{item.1}} --users={{item.0.key}}'
>> with_subelements:
>> - '{{staff|default([])}}'
>> - 'extragroups'
>> - skip_missing: yes
>>
>>
>> If I use item.0 instead of item.0.key, it tries to pass in the entire
>> dictionary object rather than just the key, and the command spits back a
>> "too many arguments" error, which is expected. I need just the username, eg
>> the argument I want to pass is --users=user1. Is there a reason I cannot
>> access it with item.0.key?
>>
>> My dict object looks like this:
>> ---
>> staff:
>>   user1:
>> uid:
>> firstname:
>> lastname:
>> comment: ""
>> gid:
>> shell: /bin/bash
>> passwordhash: ""
>> primarygroup:
>> extragroups: ['code']
>>   user2:
>> uid:
>> firstname:
>> lastname:
>> comment: ""
>> gid:
>> shell: /bin/bash
>> passwordhash: ""
>> primarygroup:
>> extragroups: ['dm', 'code']
>>
>>
>> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/ansible-project/4jqKl1v69mI/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/52bb457e-6b09-4c66-b619-4cc0074a8eef%40googlegroups.
> com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 


Joanna Delaporte
Linux Systems Administrator | Parkland College
joannadelapo...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAG5Enc%2Bev%2BJCMrJ964oy1Gdao%3DryBQ7Nywc06ppy4_%2Bx2Q0DVw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: win_copy failing (timeout)

[Matt Davis]

Every case I've seen of this issue has come down to a problem deep in an 
SSL/TLS implementation that causes the tunnel to get wedged. I've not dug 
in far enough with the packet sniffer/TLS debugging to be sure which side 
is the problem (Windows SChannel or OpenSSL), but on the machines I've seen 
it on, it's 100% reproducible. There's not really anything we can do about 
it at the Ansible level, as it's many dependencies away from us 
(Ansible->pywinrm->requests->urllib3->pyopenssl->OpenSSL). 

The only way I've been able to correct the problem on machines I've seen it 
on is by recompiling Python against a newer OpenSSL build. Switching up 
allowed ciphers on the Windows or OpenSSL side generally seems to just move 
the problem around (ie, it fails in a different place but still quite 
predictably). Switching to HTTP instead of HTTPS also makes the problem go 
away, but, well, don't do that. Hoping to get some of the message-level 
HTTP encryption stuff going in pywinrm soon (at least for Kerberos, and 
jborean93 has done it for CredSSP), which could be another way to make this 
go away in the future.

-Matt


On Thursday, October 13, 2016 at 8:10:34 AM UTC-7, Peter Rebholz wrote:
>
> I'm also running into this issue and spent some time troubleshooting. In 
> my case, the host I'm pushing the file to is on a separate network without 
> incoming access to where we host the files, thus the proposed workaround of 
> using `get_url` does not work.
>
> In my troubleshooting, I've found out the following details:
>
> 1. The timeout used by `pywinrm` is not relevant because the files are 
> transferred via many small requests. You can play with this setting by 
> defining the vars: `ansible_winrm_read_timeout_sec` and 
> `ansible_winrm_operation_timeout_sec`. While the timeout was reflected in 
> the error message, it had no effect.
> 2. The temp file created by the `win_copy` always tops out at the same 
> size: 110,840 KB
> 3. The `winrm` connector uses 250,000 byte chunks to transfer the file. If 
> you change the `buffer_size` parameter in 
> `ansible/plugins/connection/winrm.py` to something larger, then the temp 
> file on the windows size will be larger than the 110,840 KB mentioned 
> previously
> 4. If you bump that `buffer_size` up enough, you can successfully transfer 
> the whole file.
> 5. By running the following command, I've always received the result "457" 
> when the process fails, regardless of `buffer_size`. This seems to indicate 
> that there is some bound that is being exceeded but I have not been able to 
> figure out if it's a problem with ansible code or the WinRM service 
> configuration on the server.
>
> ansible-playbook -v -l windows -i inventory playbook.yml | grep 
> "WINRM PUT" | wc -l
>
> That's as far as I've gone... Hopefully someone more familiar with the 
> WinRM connector may have some ideas...
>
> Peter
>
> On Wednesday, August 31, 2016 at 9:21:36 AM UTC-5, Justin Dugan wrote:
>>
>> I am using this in the playbook:
>>
>> - name: copy {{eap_dir}}.0.zip
>>   win_copy: src="{{eap_dir}}.0.zip" dest="c:/temp/{{eap_dir}}.0.zip"
>>
>>
>> And it's failing with:
>>
>> TASK [win_JBoss : copy jboss-eap-6.4.0.zip] 
>> 
>>  [WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent call 
>> last):   File
>> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
>> line 204, in _winrm_exec
>> self._winrm_send_input(self.protocol, self.shell_id, command_id, data, 
>> eof=is_last)   File
>> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
>> line 185, in
>> _winrm_send_input rs = protocol.send_message(xmltodict.unparse(rq))   
>> File "/usr/lib/python2.7
>> /site-packages/winrm/protocol.py", line 207, in send_message return
>> self.transport.send_message(message)   File 
>> "/usr/lib/python2.7/site-packages/winrm/transport.py",
>> line 173, in send_message response = 
>> self.session.send(prepared_request,
>> timeout=self.read_timeout_sec)   File 
>> "/usr/lib/python2.7/site-packages/requests/sessions.py", line
>> 596, in send r = adapter.send(request, **kwargs)   File 
>> "/usr/lib/python2.7/site-
>> packages/requests/adapters.py", line 499, in send raise 
>> ReadTimeout(e, request=request)
>> ReadTimeout: HTTPSConnectionPool(host='host', port=5986): Read timed
>> out. (read timeout=30)
>>
>> fatal: [jcinstalltest]: FAILED! => {"failed": true, "msg": "winrm 
>> send_input failed"}
>>
>> Is there any way to adjust the timeout? This file is ~200Mb. I also have 
>> a patch to copy which is ~400Mb so 30 seconds is probably too short.
>>
>> Thanks,
>>
>> Justin
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view 

[ansible-project] Re: java.lang.OutOfMemoryError: Metaspace error installing Atlassian JIRA using Ansible

[Matt Davis]

WinRM enforces a job memory quota (documented here 
) that 
you'll probably need to adjust upward for a heavyweight installer like 
Jira. Also, if you're running Powershell 3.0, there's a hotfix that fixes 
that setting on some OSs, though I'd recommend just upgrading to PS4 or 5 
instead of messing with the hotfix.

-Matt

On Thursday, October 13, 2016 at 8:10:44 AM UTC-7, Jim Reprogle wrote:
>
> Greetings. I realize that much of this is going to sound crazy and a 
> little noob-ish, but...
> I'm playing with Ansible for the first time, and I'm trying to automate 
> the installation of a JIRA server (on Windows, mind you). I went through 
> all the rigmarole of enabling WinRM with a self-signed certificate, and 
> Ansible is now communicating with hosts in the inventory.
>
> The JIRA installer uses an install4j executable with a response.varfile 
> for unattended installations. So I built a quick and dirty jira.yaml file 
> that runs the JIRA installer with arguments "-q -varfile response.varfile" 
> using the 'raw' module. I have successfully gotten it to download the JIRA 
> installer from Atlassian using the win_get_url module. I have successfully 
> gotten Ansible to copy the response.varfile to the destination server. 
> However, when I call the 'raw' module to run the install I get 
> java.lang.OutOfMemoryError: Metaspace and the installer quits. Any ideas? 
> Running the installer from the command line with the same arguments works 
> without the out of memory errors.
>
> Thank you in advance.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/53699cdd-b7e9-4540-8fd0-b7d94f778d18%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Access dict key when using with_subelements

[Peter Thorson]

I have been using a horrible hacky workaround, specifically, adding the key 
as a field to the dict element:

vars:
  users:
bob:
  name: bob
  authorized_keys:
- "ssh-rsa a..."
- "ssh-rsa b..."
alice:
  name: alice
  authorized_keys:
- "ssh-rsa c..."


tasks:
  - authorized_key: user=item.0.name key="{{ item.1 }}"
with_subelements:
  - "{{ users }}"
  - authorized_keys

This is difficult to maintain because the two names can get out of sync, it 
is not intuitive at all that making a new user should include the name 
again when its already used as the key. It is just the least worst solution 
I've found.

I wish there was a sane, unified, flexible solution to looping in Ansible. 
As it stands there appear to be a bunch of one-off non-interoperable 
looping constructs designed for very narrow purposes. This is easily the 
most frustrating aspect of using Ansible for anything non-trivial.

On Thursday, October 13, 2016 at 10:10:32 AM UTC-5, Slavek Jurkowski wrote:
>
> Hi Peter,
>
> Did you find a solution to this? I'm facing the same issue and it sure 
> sucks!
>
> Thanks
>
>
> On Wednesday, April 6, 2016 at 5:47:01 PM UTC-5, Peter Thorson wrote:
>>
>> when using with_dict, item.key retrieves the dict key and item.value 
>> retrieves the value.
>>
>> however, when using with_subelements and having the first item being 
>> looped over be a dict, item.0 seems to return only the value. Is there a way
>>
>> concrete example:
>>
>> vars:
>>   users:
>> bob:
>>   authorized_keys:
>> - "ssh-rsa a..."
>> - "ssh-rsa b..."
>> alice:
>>   authorized_keys:
>> - "ssh-rsa c..."
>>
>>
>> tasks:
>>   - authorized_key: user=??? key="{{ item.1 }}"
>> with_subelements:
>>   - "{{ users }}"
>>   - authorized_keys
>>
>> How do I retrieve the username? I understand that I could change users 
>> into a list and add username as a property. I want to avoid that because 
>> this users list is used for lots of different things where being able to 
>> look up information about a user by username is required.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/51dfa4f3-d582-4043-945b-0eb094495ec0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible unable to ping to windows host error Failed command was: PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand

[Matt Davis]

Usually when I've seen that error, it's because Powershell is not on the 
system path (ie, C:\Windows\System32\WindowsPowerShell\v1.0). Unfortunately 
the error message comes from a much higher level (a failure creating the 
tempdir), so the error message isn't specific to failures that might occur 
on Windows (hence the somewhat misleading text). 

On Thursday, October 13, 2016 at 8:10:33 AM UTC-7, arnabs...@gmail.com 
wrote:
>
>
> Hi
>
> When run this ansible command " ansible windows  -m win_ping"  I am  
> getting the below error , please can anyone help to fix this issue
>
> 10.51.239.192 | UNREACHABLE! => {
> "changed": false,
> "msg": "Authentication or permission failure. In some cases, you may 
> have been able to authenticate and did not have permissions on the remote 
> directory. Consider changing the remote temp path in ansible.cfg to a path 
> rooted in \"/tmp\". Failed command was: PowerShell -NoProfile 
> -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand 
> UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAoAE4AZQB3AC0ASQB0AGUAbQAgAC0AVAB5AHAAZQAgAEQAaQByAGUAYwB0AG8AcgB5ACAALQBQAGEAdABoACAAJABlAG4AdgA6AHQAZQBtAHAAIAAtAE4AYQBtAGUAIAAiAGEAbgBzAGkAYgBsAGUALQB0AG0AcAAtADEANAA3ADYAMwA2ADYANgAwADEALgA1ADgALQAyADAANwA1ADgANgA1ADMANAA4ADQANgA3ADEAMgAiACkALgBGAHUAbABsAE4AYQBtAGUAIAB8ACAAVwByAGkAdABlAC0ASABvAHMAdAAgAC0AUwBlAHAAYQByAGEAdABvAHIAIAAnACcAOwA=,
>  
> exited with result 1",
> "unreachable": true
> }
>
> I am trying to connect to windows (windows 2012 R2) host ip  10.51.239.192
>
> I have created a windows.yml  under /etc/ansible/group_vars  , below is 
> the connect of the yml file , in my inventory file I have added the ip of 
> this windows host 10.51.239.192
>
> ansible_user: Administrator
> ansible_password: P@ssw0rd
> ansible_port: 5986
> ansible_connection: winrm
> # The following is necessary for Python 2.7.9+ when using default WinRM 
> self-signed certificates:
> ansible_winrm_server_cert_validation: ignore
> #ansible_winrm_transport: ssl
>
> using this same setting I am able to ping to another windows machine which 
> is also windows server 2012
>
> Thanks
> Arnab Chowdhury
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/23d9b691-9c3c-4f7b-9d98-497fac51ac6b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Slow Performance in setup of SLES 11 SP3 Remote Virtual Machines (100sec)

[Kai Stian Olstad]

On 13. okt. 2016 15:47, 'Anas Theo' via Ansible Project wrote:

As I have described in the previous comment, the problem was due to DNS
searching for a DNS server that has not been accessible from the hosts. For
that reason, I have tried to setup for these hosts, only the variable that
I was going to use, using filter options like "filter=ansible_hostname" .
However, it seems that the search time is the same. Is there any option to
get the facts I want independently from the rest of them, in order to boost
the performance of setup. Thanks for your help.


The setup module have gather_subset.
Set gather_facts to false and run the setup module with a subset in the 
playbook.


- setup: gather_subset=!all

This will give very few facts, maybe this one is faster?

Or you could disable gather_facts and just run the same command as 
ansible do the find hostname.


- command: python -c "import platform; print platform.node().split('.')[0]"
  register: hostname

If you have the same name in ansible inventory file you could just use 
inventory_hostname, then you would not need to gather facts at all.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/49af722a-fda2-2d8f-5c31-99a2b8b8200b%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: [Windows] Is there a way to install a single Windows Update by KB article ID?

[Matt Davis]

This functionality isn't currently implemented on win_updates. I've had a 
few people ask for it, and I might have time to implement it for 2.3, as 
it's not terribly difficult so long as we stick to "limit the update 
search/install to these KBs" and not "force install exactly these KBs". 

Unfortunately I believe KB2842230 is a hotfix, and thus not available on 
Windows Update- we don't yet have a supported method to install hotfixes 
under WinRM. wusa.exe is the only supported method, and it fails under 
WinRM (likely for the same reason that makes the win_updates module so 
complex). If you have to touch the box anyway, you might do better to just 
upgrade to Powershell 4 or 5.

-Matt

On Wednesday, October 12, 2016 at 11:15:42 AM UTC-7, Brian Jackson wrote:
>
> I don't see this functionality in the `win_updates` module, but I wanted 
> to ask. I have a prerequisite on Windows 7 to install KB2999226 and 
> KB2842230. I'd prefer to not install every available update to preserve 
> consistency, portability, reproducibility, etc. Is there an easy way to do 
> this?
>
> P.S. I need those KBs so Ansible itself can install/upgrade Chocolatey 
> properly. I've installed them manually on a test box to verify they fix my 
> Ansible/Chocolatey issues.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/eedef7e2-d85b-48a2-a19f-9b21079276fd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] ansible jinja template how can I get ip varible of aws instances

[marcs345]

I have 3 nodes neo4j databases ( all in AWS). I need to create config with 
jinja templates (neo4j-server.properties.j2) with diferent ip addr in 
option "elasticsearch.host_name="
How can I  add to this config ip varible of 3 different internal ip  from 
 elastic search nodes which also in AWS , 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6ac5027b-5a0c-4ec9-a7bb-7bb0766969f2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Module Paths for junos-eznc

[Zod]

Trying to setup Ansible on Mac OS X 10.10.3
Have ansible 2.1.1.0 python 2.7.12
installed junos-eznc
Testing uploading a conf file to a juniper device and getting:
fatal: [srx]: FAILED! => {"changed": false, "failed": true, "msg": 
"junos-eznc >= 1.2.2 is required for this module"}

I did install that:
Successfully installed MarkupSafe-0.23 PyYAML-3.12 cffi-1.8.3 
cryptography-1.5.2 enum34-1.1.6 idna-2.1 ipaddress-1.0.17 jinja2-2.8 
junos-eznc-2.0.1 lxml-3.6.4 ncclient-0.5.2 netaddr-0.7.18 paramiko-2.0.2 
pyasn1-0.1.9 pycparser-2.14 pyserial-3.1.1 scp-0.10.2 six-1.10.0

Don't know how to tell it where to look for these modules and don't know 
where to go from here.

Here is my simple yaml file:
---
- name: "Prepare"
connection: local
hosts: juniper
gather_facts: no

tasks:
- name: "Push Config"
junos_install_config:
host={{ inventory_hostname }}
file=roles/srx.conf
tags: -load

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d71fdb6d-905e-475b-a16b-167346917ad2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Using with_subelements, cannot reference dict item's key (v 2.2.0)

[Slavek Jurkowski]

Joanna,

Did you find any solution to this? I'm facing the same issue and it sure 
sucks!

Thanks!

On Wednesday, June 29, 2016 at 1:43:39 PM UTC-5, Joanna Delaporte wrote:
>
> Here's my version: ansible 2.2.0 (devel 87928ff56b) last updated 
> 2016/06/22 13:32:23 (GMT -500)
>
> I'm not sure if this is a bug, or misplaced syntax. When I attempt to use 
> a dictionary, referencing the key of the dictionary and a subelement, I get 
> the error
> FAILED! => {"failed": true, "msg": "'dict object' has no attribute 'key'"}
>
> Here is my task:
>   - name: Add users to groups
> shell: 'ipa group-add-member {{item.1}} --users={{item.0.key}}'
> with_subelements:
> - '{{staff|default([])}}'
> - 'extragroups'
> - skip_missing: yes
>
>
> If I use item.0 instead of item.0.key, it tries to pass in the entire 
> dictionary object rather than just the key, and the command spits back a 
> "too many arguments" error, which is expected. I need just the username, eg 
> the argument I want to pass is --users=user1. Is there a reason I cannot 
> access it with item.0.key?
>
> My dict object looks like this:
> ---
> staff:
>   user1:
> uid: 
> firstname: 
> lastname:  
> comment: ""
> gid: 
> shell: /bin/bash
> passwordhash: ""
> primarygroup: 
> extragroups: ['code']
>   user2:
> uid: 
> firstname: 
> lastname: 
> comment: ""
> gid: 
> shell: /bin/bash
> passwordhash: ""
> primarygroup: 
> extragroups: ['dm', 'code']
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/52bb457e-6b09-4c66-b619-4cc0074a8eef%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] using ansible on aws, then get the IP address of the aws instances.

['John Smith' via Ansible Project]

I have an ansible playbook that starts up some aws instances.  once they 
are up I can see the instances have
public ip and private ip.  

is there a way I can programmatically get the ip addresses from outside aws 
cliud instead of of having to look at the aws console ?

I want my application (teamcity, run on linux) outside of aws to call 
the ansible playbook, start up the instances, then when
they are up I need a way to go get the ip addresses of the instances that 
have been brought up in aws.

has anyone done anything like this ? 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3d48dc95-0e7a-4075-adcc-a9fe9c50134e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] RDS instance snapshot and restore

[Tony]

Hi All,
I am trying to create a playbook intend to create an RDS MySQL snapshot and 
then create a restore form the snapshot. I used the aws cli locally and it 
works but don't know how to translate the commands in a ansible playbook. 
In my understanding Ansiblee use ssh but I can't ssh the rds instance. 
Anybody can help me?

Thanks

Tony

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/61ca5bc4-b2b0-4f49-94f1-4fbf945abaa8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Visibility of facts/variables when using "become"

[thokari81]

Hi, 
I ran into the issue that I wanted to include a role based on a fact.
Specifically, I wanted the firewall role (configuring iptables) to not be 
included when the playbook is run locally against a Vagrant VM.

I noticed that the facts are not available (= empty string) when I do it 
like that, i.e. using become. Is this by design?

Closely related question: The variable ansible_hostname is available. In 
which way is it different from the other facts?

Thanks and regards, 
Thomas

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f826332b-11a6-40e5-88fa-160a89c590ec%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Dependencies between plays

[Nikita Gubenko]

Hello, folks

Is there any possible way to make plays depend on each other? E.g. in the 
example below do not start play2 if any of the hosts in play1 failed?

 --- 
  # play 1
  - hosts: rabbitmq
gather_facts: no
sudo: yes
serial: 1
roles:
  - rabbitmq

  # play 2
  - hosts: webservers
gather_facts: no
sudo: yes
strategy: free
roles:
  - webservers


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7ae5c629-0cc8-48e0-8315-3b102015462f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: win_copy failing (timeout)

[Peter Rebholz]

I'm also running into this issue and spent some time troubleshooting. In my 
case, the host I'm pushing the file to is on a separate network without 
incoming access to where we host the files, thus the proposed workaround of 
using `get_url` does not work.

In my troubleshooting, I've found out the following details:

1. The timeout used by `pywinrm` is not relevant because the files are 
transferred via many small requests. You can play with this setting by 
defining the vars: `ansible_winrm_read_timeout_sec` and 
`ansible_winrm_operation_timeout_sec`. While the timeout was reflected in 
the error message, it had no effect.
2. The temp file created by the `win_copy` always tops out at the same 
size: 110,840 KB
3. The `winrm` connector uses 250,000 byte chunks to transfer the file. If 
you change the `buffer_size` parameter in 
`ansible/plugins/connection/winrm.py` to something larger, then the temp 
file on the windows size will be larger than the 110,840 KB mentioned 
previously
4. If you bump that `buffer_size` up enough, you can successfully transfer 
the whole file.
5. By running the following command, I've always received the result "457" 
when the process fails, regardless of `buffer_size`. This seems to indicate 
that there is some bound that is being exceeded but I have not been able to 
figure out if it's a problem with ansible code or the WinRM service 
configuration on the server.

ansible-playbook -v -l windows -i inventory playbook.yml | grep 
"WINRM PUT" | wc -l

That's as far as I've gone... Hopefully someone more familiar with the 
WinRM connector may have some ideas...

Peter

On Wednesday, August 31, 2016 at 9:21:36 AM UTC-5, Justin Dugan wrote:
>
> I am using this in the playbook:
>
> - name: copy {{eap_dir}}.0.zip
>   win_copy: src="{{eap_dir}}.0.zip" dest="c:/temp/{{eap_dir}}.0.zip"
>
>
> And it's failing with:
>
> TASK [win_JBoss : copy jboss-eap-6.4.0.zip] 
> 
>  [WARNING]: FATAL ERROR DURING FILE TRANSFER: Traceback (most recent call 
> last):   File
> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
> line 204, in _winrm_exec
> self._winrm_send_input(self.protocol, self.shell_id, command_id, data, 
> eof=is_last)   File
> "/usr/lib/python2.7/site-packages/ansible/plugins/connection/winrm.py", 
> line 185, in
> _winrm_send_input rs = protocol.send_message(xmltodict.unparse(rq))   
> File "/usr/lib/python2.7
> /site-packages/winrm/protocol.py", line 207, in send_message return
> self.transport.send_message(message)   File 
> "/usr/lib/python2.7/site-packages/winrm/transport.py",
> line 173, in send_message response = 
> self.session.send(prepared_request,
> timeout=self.read_timeout_sec)   File 
> "/usr/lib/python2.7/site-packages/requests/sessions.py", line
> 596, in send r = adapter.send(request, **kwargs)   File 
> "/usr/lib/python2.7/site-
> packages/requests/adapters.py", line 499, in send raise ReadTimeout(e, 
> request=request)
> ReadTimeout: HTTPSConnectionPool(host='host', port=5986): Read timed
> out. (read timeout=30)
>
> fatal: [jcinstalltest]: FAILED! => {"failed": true, "msg": "winrm 
> send_input failed"}
>
> Is there any way to adjust the timeout? This file is ~200Mb. I also have a 
> patch to copy which is ~400Mb so 30 seconds is probably too short.
>
> Thanks,
>
> Justin
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/16c28ee7-293d-4e01-a307-4e322e39c936%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: setting up new control from source - getting 'FAILED => winrm is not installed' targeting existing Win clients

[kavincts]

Hi Damon,

Exactly i am facing the same issue; Could you please let me know how to 
copy the below package to which location?

Regards,
Kavin

On Friday, August 29, 2014 at 1:58:31 AM UTC+5:30, Damon Overboe wrote:
>
> OK it is a python problem on my new host, I just don't know / remember 
> what I did the first time around (if anything) to get winrm.
>
> Python still pukes when I tell it to install it, but on my current host, I 
> ran:
>
> find / -name "winrm"
> # /usr/local/lib/python2.7/dist-packages/winrm
>
> Checking on my new host, that directory is missing, so... I'm obviously 
> missing a dependency.
>
> For now, I'm going to try copying that directory over and see how much 
> havoc I can wreak on that server.
>
>
> On Thursday, August 28, 2014 3:24:57 PM UTC-5, Damon Overboe wrote:
>>
>> I have a current Linux control machine that can talk to many Windows 
>> clients.
>>
>> I'm running from source on it (calling `. hacking/env-setup`).
>>
>> I'm now trying to bring a new Linux control host (Ubuntu 12.04) online, 
>> calling the same Windows clients and it's failing.
>>
>> Both control hosts have Python 2.7.3.
>>
>> I took the same steps setting up this control machine; the pip installs 
>> of the dependencies went fine.
>>
>> But, I'm attempting to win_ping any of the existing clients on the new 
>> control, and getting the error:
>>
>> FAILED => winrm is not installed
>>
>> This control machine is in the same domain as the other control machine, 
>> and the firewall rules on the Win clients are set to allow Domain (and I 
>> can ping them successfully).
>>
>>
>>
>> So, that makes me think, my new Linux control machine must be missing 
>> winrm;
>>
>> But, on both control machines:
>>
>> 1. `which winrm` returns nothing
>> 2. `pip install winrm` fails to find the package
>> 3. `easy_install winrm` also fails ".."
>> 4. `apt-get install winrm`: E: Unable to locate package winrm
>> 5. `find -name "winrm"` returns nothing
>>
>>
>> And `ansible windows -m win_ping -` doesn't provide any additional 
>> errors or info.
>>
>> So that makes me think it's complaining about the Win clients, but, I 
>> have them working correctly with the old control already, which is why I 
>> was looking at the control machine.
>>
>>
>> So next, just in case it is an issue where the clients were caching their 
>> hosts credentials, I set up a new Win client, and tried connecting to it 
>> from the new host first.
>>
>> I still get the winrm is not installed error.
>>
>>
>> So... I tested adding a new Win client, and tried connecting to it 
>> from the new host; no luck, same error. 
>> I then attempted to connect to it from my old host, and it succeeded; 
>> ping pong.
>>
>> That tells me that there is something wrong with my new control host, but 
>> I have no idea what else to test or try to install... Any thoughts?
>>
>> Here's the code I ran:
>>
>> # Copy configs, host files, group_vars from current host to new host;
>> # /etc/ansible has been created on new host, with appropriate permissions 
>> for my user
>> cd /etc/ansible
>> scp -r * newhost:/etc/ansible
>> ssh newhost
>>
>>
>> # On new host, prep the tools, pull & launch the source
>>
>> sudo pip install paramiko PyYAML jinja2 httplib2
>>
>> git clone git://github.com/ansible/ansible.git
>> cd ./ansible
>> source ./hacking/env-setup
>>
>>
>> # test it, with the error on the next comment
>> ansible windows -m win_ping
>> # clone1 | FAILED => winrm is not installed
>>
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/be681470-45fc-4a5a-a2a3-398c7e8f1a93%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Trying to delete a running app on Marathon by Ansible Playbook - Error

[Yogesh Darji]

Hi, 

I deployed an app on Marathon with POST using uri module. My inventory file 
has just localhost which I am using to execute my playbooks. 

I have written a playbook to delete that app, it will successfully delete 
the app, but the only problem which I am facing is that I am getting below 
error with successful response code.

fatal: [localhost]: FAILED! => {"cache_control": "no-cache, no-store, 
must-revalidate", "changed": false, "connection": "close", "content": 
"{\"version\":\"2016-10-12T15:51:51.738Z\",\"deploymentId\":\"f200ffd5-095f-4dd5-865b-4958f0d0adfc\"}",
 
"content_length": "92", "content_type": "application/json; qs=2", "date": 
"Wed, 12 Oct 2016 15:51:06 GMT", "expires": "0", "failed": true, "json": 
{"deploymentId": "f200ffd5-095f-4dd5-865b-4958f0d0adfc", "version": 
"2016-10-12T15:51:51.738Z"}, "msg": "Status code was not [201]: OK (92 
bytes)", "pragma": "no-cache", "redirected": false, "server": 
"openresty/1.7.10.2", "status": 200, "url": 
"http://jmontesvm07.verizon.com:19092/v2/apps/demoansible;, 
"x_marathon_leader": "http://10.200.161.1:31392"}


I am concerned about the highlighted error and I want to get rid of it. 


The json response gives successful response with status 200. Can anyone 
help me with how to solve the highlighted error.


Thanks in advance.


-Yogesh Darji

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b80ef440-2fd5-4f3c-8199-0f8147c5c09e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible unable to ping to windows host error Failed command was: PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand

[arnabsc74]

Hi

When run this ansible command " ansible windows  -m win_ping"  I am  
getting the below error , please can anyone help to fix this issue

10.51.239.192 | UNREACHABLE! => {
"changed": false,
"msg": "Authentication or permission failure. In some cases, you may 
have been able to authenticate and did not have permissions on the remote 
directory. Consider changing the remote temp path in ansible.cfg to a path 
rooted in \"/tmp\". Failed command was: PowerShell -NoProfile 
-NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand 
UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAoAE4AZQB3AC0ASQB0AGUAbQAgAC0AVAB5AHAAZQAgAEQAaQByAGUAYwB0AG8AcgB5ACAALQBQAGEAdABoACAAJABlAG4AdgA6AHQAZQBtAHAAIAAtAE4AYQBtAGUAIAAiAGEAbgBzAGkAYgBsAGUALQB0AG0AcAAtADEANAA3ADYAMwA2ADYANgAwADEALgA1ADgALQAyADAANwA1ADgANgA1ADMANAA4ADQANgA3ADEAMgAiACkALgBGAHUAbABsAE4AYQBtAGUAIAB8ACAAVwByAGkAdABlAC0ASABvAHMAdAAgAC0AUwBlAHAAYQByAGEAdABvAHIAIAAnACcAOwA=,
 
exited with result 1",
"unreachable": true
}

I am trying to connect to windows (windows 2012 R2) host ip  10.51.239.192

I have created a windows.yml  under /etc/ansible/group_vars  , below is the 
connect of the yml file , in my inventory file I have added the ip of this 
windows host 10.51.239.192

ansible_user: Administrator
ansible_password: P@ssw0rd
ansible_port: 5986
ansible_connection: winrm
# The following is necessary for Python 2.7.9+ when using default WinRM 
self-signed certificates:
ansible_winrm_server_cert_validation: ignore
#ansible_winrm_transport: ssl

using this same setting I am able to ping to another windows machine which 
is also windows server 2012

Thanks
Arnab Chowdhury

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e08ea49f-d7ac-4273-9700-3dcb87b389e4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] List tasks for a play in a callback plugin

[Daniel Matsson]

Hi!

I'm trying to create a callback plugin where I would like to get a list 
with all tasks that will be running before they are actually executed. I'm 
able to get a list with all plays using playbook.get_plays() but if I try 
to get tasks for each play (play.get_tasks()) it just returns an empty 
list. Could it be that all data have not been loaded yet 
(v2_playbook_on_start()) or am I doing something wrong? 

Thanks,
Daniel

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/14ca0e65-506e-4484-bc6d-4061e626ebac%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Updateing a password in Grub.conf file using Ansible and Replace

[Kai Stian Olstad]

On 13. okt. 2016 14:04, Alan Harkleroad wrote:

Yes the hash starts with a $ and includes / as well. I dont follow what you
mean by escaping them.


Escaping is also documented here
https://docs.python.org/2/library/re.html#regular-expression-syntax

But it's a back slash (\) in front of a regexp special character so you 
can match on them.




Here is an example hash. So how would I have it read that as one character
string and swap it with the new hash

 $1$adjkielw$B./Hu9VCs96Zxc3mkVQ35.


Here you should escape $ and . like so.

\$1\$adjkielw\$B\./Hu9VCs96Zxc3mkVQ35\.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/75390695-2688-c50b-948a-04fe93e731d4%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Slow Performance in setup of SLES 11 SP3 Remote Virtual Machines (100sec)

['Anas Theo' via Ansible Project]

As I have described in the previous comment, the problem was due to DNS 
searching for a DNS server that has not been accessible from the hosts. For 
that reason, I have tried to setup for these hosts, only the variable that 
I was going to use, using filter options like "filter=ansible_hostname" . 
However, it seems that the search time is the same. Is there any option to 
get the facts I want independently from the rest of them, in order to boost 
the performance of setup. Thanks for your help.

Τη Δευτέρα, 10 Οκτωβρίου 2016 - 6:23:41 μ.μ. UTC+3, ο χρήστης Anas Theo 
έγραψε:
>
> Hello everyone,
>
> I have installed  Ansible in Centos 7 minimal environment , using the 
> latest version in EPEL (ansible-2.1.1.0-1.el7.noarch). I have to deal with 
> a very strange phenomenon where the execution of a .yml configuration goes 
> very slow, when I have to execute it for some remote SLES 11 SP3 virtual 
> machines. It seems that for these remote virtual machines, 100sec have to 
> be completed before the setup goes forward. I have tested the same .yml for 
> Centos 7 remote machines, and works fine, and I have also tested in another 
> environenment with Centos6 and SLES11 SP2 virtual machines, and they work 
> just fine. I have tested the execution as root or non-privileged user 
> without differences. In cases that I'm going to stop the execution in the 
> middle, an indication like this may be written. 
>
>   File "/usr/lib64/python2.7/multiprocessing/process.py", line 258, in 
> _bootstrap
>   File "/usr/lib64/python2.7/multiprocessing/process.py", line 258, in 
> _bootstrap
> self.run()
>   File 
> "/usr/lib/python2.7/site-packages/ansible/executor/process/worker.py", line 
> 117, in run
> self.run()
>   File 
> "/usr/lib/python2.7/site-packages/ansible/executor/process/worker.py", line 
> 117, in run
> self._rslt_q
> self._rslt_q
>   File 
> "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 
> 124, in run
>   File 
> "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 
> 124, in run
>
> I have captured also some traces through tcpdump where the connection 
> between two nodes is being seen and 100seconds where the remote nodes, are 
> waiting to respond are evident. Is there any idea ?!!! 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e1735f41-eaa9-432f-b6ed-c059ffeb17b5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Variable substitution while file lookup

[ankur . cool]

Ok i found an answer.
 {{ lookup('template', 'cluster_policies.j2') }}
this works fine

On Thursday, October 13, 2016 at 6:33:41 PM UTC+5:30, ankur...@gmail.com 
wrote:
>
> Hi,
>
> I am loading a file using lookup eg "{{ lookup('file', 
> 'cluster_policies.json') | from_json }}"
>
> Now my file cluster_policies.json contains some ansible variables that I 
> need to substitute. Any idea how can it be done?
>
> Thanks
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ad179099-2571-455c-8c20-75d5c5de8ce3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Variable substitution while file lookup

[ankur . cool]

Hi,

I am loading a file using lookup eg "{{ lookup('file', 
'cluster_policies.json') | from_json }}"

Now my file cluster_policies.json contains some ansible variables that I 
need to substitute. Any idea how can it be done?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2369d53c-e4de-46b7-9b5a-185f9c828b92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Connecting to Windows host fails

[JayB]

What configuration does it need for PowerShell?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7adb379a-b328-462d-875b-0b78b76a4fda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Updateing a password in Grub.conf file using Ansible and Replace

[Alan Harkleroad]

Yes the hash starts with a $ and includes / as well. I dont follow what you 
mean by escaping them. 

Here is an example hash. So how would I have it read that as one character 
string and swap it with the new hash

 $1$adjkielw$B./Hu9VCs96Zxc3mkVQ35.



On Wednesday, October 12, 2016 at 3:58:25 PM UTC-4, Kai Stian Olstad wrote:
>
> On 12. okt. 2016 21:36, Alan Harkleroad wrote: 
> > So I wrote a short playbook to update our VMs to update the 
> > /boot/grub/grub.conf file to use a new hashed password but the playbook 
> > comes back green with no changes. Not sure what I am doing wrong, any 
> help 
> > is appreciated. 
> > 
> > --- 
> > - host: myhosts 
> >   become: true 
> >   become_method: sudo 
> >   tasks: 
> > 
> >   - name: Update grub.conf file with new passwd hash 
> > replace: 
> >  dest=/boot/grub/grub.conf 
> >  regexp='password --encrypted currenthash!@#$$$' 
> >  replace='password --encrypted newhash12345667' 
>
> Hard to say without knowing how the current hash looks like, but if the 
> hash contain any regexp special character they need to be escaped. 
> List of them you'll find here 
> https://docs.python.org/2/library/re.html#regular-expression-syntax 
>
> -- 
> Kai Stian Olstad 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/df7e636f-d37a-4f19-8501-fa6b86a9b46b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Connecting to Windows host fails

[JayB]

No, It didn't work. I already tried that last week. Any other option?

On Monday, 10 October 2016 12:53:05 UTC+5:30, J Hawkesworth wrote:
>
> Did adding
>
> ansible_winrm_server_cert_validation: ignore
>
> Fix this for you?
>
> Jon
> On Friday, October 7, 2016 at 4:27:23 PM UTC+1, Aidan Gustard wrote:
>>
>> Try adding these into your group_vars/windows.yml file.
>>
>> ansible_connection: winrm
>> ansible_ssh_port: 5986
>> ansible_winrm_transport: ssl
>> validate_certs: false
>> ansible_winrm_server_cert_validation: ignore
>>
>>
>> On Friday, 7 October 2016 11:01:49 UTC+1, JayB wrote:
>>>
>>> Guys, can I get any help on this?
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1e6dfac7-37c0-4080-94c5-da39af86973a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.