[ansible-project] How to remove unused/old configuration automatically using Ansible?

[SK]

I am currently using Ansible to generate running configuration for the 
network devices.  Here is the simple scenario I have.

I have defined the interface type (routed, access, trunk) in the variables 
file and then created a jinja file that will generate the necessary 
configuration based on variables definition.

Below is the sample variable definition and jinja template configuration:

CONFIG:
   - { id: Ethernet1/1, type: routed }
   - { id: Ethernet1/2, type: access }
   - { id: Ethernet1/3, type: trunk }

Jinja:

{% if int.type == 'routed' %}
 no switchport
{% elif int.type == 'access' %}
 switchport mode access
 switchport access vlan 10
 spanning-tree portfast
{% elif int.type == 'trunk' %}
 switchport mode trunk
 {% endif %}

This works perfectly fine when I define the variables, generate the 
configuration and push it to the device.  So, below is how the interface 
config will look like on the device after pushing the config:

interface Ethernet1/1
 no switchport
interface Ethernet1/2
 switchport mode access
 switchport access vlan 10
 spanning-tree portfast
interface Ethernet1/3
 switchport mode trunk

Now, I want to change Ethernet1/2 to trunk and Ethernet1/3 to access.  What 
happens is that Ansible pushes "switchport mode trunk" to Ethernet1/2, but 
doesn't remove "switchport access vlan 10" and "spanning-tree portfast" 
which are not needed anymore.  The behavior is consistent for both 
ios_config and eos_config.  I already tried the diff_against running 
option, but it still doesn't seem to work.  Any suggestions on how to fix 
this would be truly appreciated?  If you need more details around this, 
please let me know.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c6d60a00-ca2c-41f9-b578-a2e7134e529d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible looping over register and multiple lists

[Jeremie Levy]

Thank you Jordan
Actually, I also tried without the "." as you suggested and it didn't work
Code:
- name: output
  debug:
var: qb_svc

- name: output
  debug:
var: qb_svc.results[item].exists
  with_sequence: count='{{nb_of_agents}}'




Here is my output with your suggestion:
task path: /ansible/scripts/playbooks/qb-agents-fw-multiple.yml:16
ok: [hasgappqba1102.DOMAIN] => {
*"qb_svc": {*
"changed": false,
"msg": "All items completed",
*"results": [*
{
"_ansible_ignore_errors": null,
"_ansible_item_result": true,
"_ansible_no_log": false,
"_ansible_parsed": true,
"changed": false,
*"exists": false,*
"failed": false,
"item": "1"
},
{
"_ansible_ignore_errors": null,
"_ansible_item_result": true,
"_ansible_no_log": false,
"_ansible_parsed": true,
"changed": false,
*"exists": false,*
"failed": false,
"item": "2"
}
]
}
}

TASK [output] 
**
task path: /ansible/scripts/playbooks/qb-agents-fw-multiple.yml:20
ok: [hasgappqba1102.DOMAIN] => (item=None) => {
"qb_svc.results[item].exists": "VARIABLE IS NOT DEFINED!: 'list object' 
has no attribute u'1'"
}
ok: [hasgappqba1102.DOMAIN] => (item=None) => {
"qb_svc.results[item].exists": "VARIABLE IS NOT DEFINED!: 'list object' 
has no attribute u'2'"
}

TASK [install Agent '{{ item }}'] 
**
task path: /ansible/scripts/playbooks/qb-agents-fw-multiple.yml:25
fatal: [hasgappqba1102.DOMAIN]: FAILED! => {
"msg": "The conditional check 'qb_svc.results[item].exists' failed. The 
error was: error while evaluating conditional 
(qb_svc.results[item].exists): 'list object' has no attribute u'1'\n\nThe 
error appears to have been in 
'/ansible/scripts/playbooks/qb-agents-fw-multiple.yml': line 25, column 7, 
but may\nbe elsewhere in the file depending on the exact syntax 
problem.\n\nThe offending line appears to be:\n\n\n- name: install 
Agent '{{ item }}'\n  ^ here\nWe could be wrong, but this one looks 
like it might be an issue with\nmissing quotes.  Always quote template 
expression brackets when they\nstart a value. For instance:\n\n
with_items:\n  - {{ foo }}\n\nShould be written as:\n\n
with_items:\n  - \"{{ foo }}\"\n"
}
to retry, use: --limit 
@/ansible/scripts/playbooks/qb-agents-fw-multiple.retry


Thank you!

On Tuesday, May 22, 2018 at 8:04:06 AM UTC+3, Jordan Borean wrote:
>
> You can't normally run in parallel with a loop, they are run sequentially. 
> You can hack around it by running with async and poll 0 and then poll that 
> status but it isn't a perfect "run all items in list in parallel" that you 
> are looking for.
>
> Your debug output
>
> - name: output
>   debug:
> var: svc.results.[item].exists
>   with_sequence: count='{{nb_of_agents}}'
>
> Won't work as you are trying to get key 0, 1, 2, 3, etc of the svc.results 
> var when it is actually a list. You want something like 'svc.results[item
> ].exists' instead. What this does is get's the list entry of item, bare 
> in mind that lists are a 0 based index, so the first entry is 0, 2nd is 1 
> and so on. You might have to do something like 'svc.results[item - 
> 1].exists' if you want to match up the entry to your agent index starting 
> at 1.
>
> I haven't used with_sequence a lot so can't tell if that syntax is ok, 
> apart from that what you have seems ok at a brief glance but having the 
> output from a run that failed would help us narrow down your issue.
>
> Thanks
>
> Jordan
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/de65d7db-4d31-43ef-ac9e-11e699e550eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible looping over register and multiple lists

[Jordan Borean]

You can't normally run in parallel with a loop, they are run sequentially. 
You can hack around it by running with async and poll 0 and then poll that 
status but it isn't a perfect "run all items in list in parallel" that you 
are looking for.

Your debug output

- name: output
  debug:
var: svc.results.[item].exists
  with_sequence: count='{{nb_of_agents}}'

Won't work as you are trying to get key 0, 1, 2, 3, etc of the svc.results 
var when it is actually a list. You want something like 'svc.results[item].
exists' instead. What this does is get's the list entry of item, bare in 
mind that lists are a 0 based index, so the first entry is 0, 2nd is 1 and 
so on. You might have to do something like 'svc.results[item - 1].exists' 
if you want to match up the entry to your agent index starting at 1.

I haven't used with_sequence a lot so can't tell if that syntax is ok, 
apart from that what you have seems ok at a brief glance but having the 
output from a run that failed would help us narrow down your issue.

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bd7a29e7-6c15-41a4-8754-49b6122c0012%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible looping over register and multiple lists

[Jeremie Levy]

Hi David
Here it is:

- name: check service '{{ item }}' is not already running
  win_service:
name: Build Agent Prod '{{ item }}'
  register: svc
  with_sequence: start=1 end='{{nb_of_agents}}'

- name: output
  debug:
var: svc

- name: output
  debug:
var: svc.results.[item].exists
  with_sequence: count='{{nb_of_agents}}'

- name: install Agent '{{ item }}'
  win_copy: 
src: \\some\share\buildagent_prod_template
dest: 'D:\buildagent_prod_{{ item }}'
force: no
remote_src: yes
  when: svc.results[item].exists == false
  register: agent
  with_sequence: count='{{nb_of_agents}}'
  
- name: modify Port
  win_lineinfile:
path: D:\buildagent_prod_{{ item }}\conf\node.properties
backrefs: yes
regexp: '(^port)=.*'
line: '$1={{ item2 }}'
  when: 'agent.results[item]'
  with_together: count=nb_of_agents
  with_items: start=qb_prod_agent_port count=nb_of_agents

Thanks

On Monday, May 21, 2018 at 5:05:57 PM UTC+3, David Villasmil wrote:
>
> Please paste the code WITHOUT any formatting. Font should be any 
> single-space so that spacing is correct.
>
> On Mon, May 21, 2018, 15:55 Jeremie Levy  
> wrote:
>
>> Hi
>> I'm trying to do the following (in windows but it's not important):
>>
>>
>>1. Need to deploy N number of build agents to a server (according to 
>>the inventory nb_of_agents)  - *iteration1*
>>2. Each agent should have a unique port starting from 8811 - 
>>*iteration2*
>>3. Check if the service is already present - store in register. - 
>> *REGISTER 
>>LIST*
>>4. Install according to the register.
>>
>> First question: Using a register list, how do i use : when: 
>> service.results.exists for specific index? 
>> Second question: how do i go in parrallel via multiple list:
>>
>>1. with_sequence: start=1 end='{{ nb_of_agents}}'' *and*
>>2. with_sequence: start=8811 count='{{ nb_of_agents}}'' *and*
>>3. when: service.result[index].exists
>>
>>
>> So the code looks like this:
>> - name: check service '{{ item }}' is not already running
>> win_service:
>> name: Build Agent Prod '{{ item }}'
>> register: svc
>> with_sequence: start=1 end='{{nb_of_agents}}'
>>
>> - name: output
>> debug:
>> var: svc
>> - name: output
>> debug:
>> var: svc.results.[item].exists
>> with_sequence: count='{{nb_of_agents}}'
>>
>> - name: install Agent '{{ item }}'
>> win_copy: 
>> src: \\some\share\buildagent_prod_template
>> dest: 'D:\buildagent_prod_{{ item }}'
>> force: no
>> remote_src: yes
>> when: svc.results[item].exists == false
>> register: agent
>> with_sequence: count='{{nb_of_agents}}'
>> - name: modify Port
>> win_lineinfile:
>> path: D:\buildagent_prod_{{ item }}\conf\node.properties
>> backrefs: yes
>> regexp: '(^port)=.*'
>> line: '$1={{ item2 }}'
>> when: 'agent.results[item]'
>> with_together: count=nb_of_agents
>> with_items: start=qb_prod_agent_port count=nb_of_agents
>>
>>
>> *Thanks!!*
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/babac43c-57f2-4091-b2ee-8fdc32291378%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/772fc9fb-4681-46e8-96eb-691998ebfb78%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages

[abhay srivastava]

Try:

- hosts: dpie_prod
  user: dpiesa
  become:  True
  tasks:
  - name: install telnet
yum: pkg=telnet state=installed update_cache=true
#command: sudo yum install telnet -y




On Sat, May 19, 2018 at 12:56 AM, 'Kallu Srikanth' via Ansible Project <
ansible-project@googlegroups.com> wrote:

> Hi,
>
> I highly appreciate if anybody can help, please
>
> ###  playbook  ##
>
> - hosts: dpie_prod
>   user: dpiesa
>   tasks:
>   - name: install telnet
> yum: pkg=telnet state=installed update_cache=true
> #command: sudo yum install telnet -y
> become: yes
> become_user: root
> become_method: sudo
>
> The above does not work and throws this error
>
> TASK [install telnet] **
> 
> **
>  [WARNING]: Module invocation had junk after the JSON data: usage: sudo -e
> [-S] [-p prompt] [-u username|#uid] file ...
>
> fatal: [lind01.corp.acxiom.net]: FAILED! => {"changed": false,
> "module_stderr": "Shared connection to lind01.corp.acxiom.net
> closed.\r\n", "module_stdout": "sudo: illegal option `-n'\r\nusage: sudo -h
> | -K | -k | -L | -l | -V | -v\r\nusage: sudo [-bEHPS] [-p prompt] [-u
> username|#uid] [VAR=value]\r\n{-i | -s | }\r\nusage:
> sudo -e [-S] [-p prompt] [-u username|#uid] file ...\r\n", "msg": "MODULE
> FAILURE", "rc": 1}
> to retry, use: --limit @/home/dpiesa/playbooks/
> install_telnet.retry
>
> 
> 
> ##
>
> But below works
>
> - hosts: dpie_prod
>   user: dpiesa
>   tasks:
>   - name: install telnet
> command: sudo yum install telnet -y
>
> 
> 
> 
>
> [dpiesa@cwypatch06 playbooks]$ ansible --version
> ansible 2.5.2
>   config file = /etc/ansible/ansible.cfg
>   configured module search path = [u'/home/dpiesa/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
>   ansible python module location = /usr/lib/python2.7/site-
> packages/ansible
>   executable location = /bin/ansible
>   python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5
> 20150623 (Red Hat 4.8.5-16)]
>
>
> I think I am not using become options correctly can somebody help ??
>
> Thank you.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/2de5f3d4-b9b8-45be-b0c2-8941e4c55c52%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Regards,
Abhay Srivastava
---
Mob-9160512000

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPKgz8WjUHardGxCm5inSdxQRMh6Yw6cBc_GWEVWhp%3DrfGnUkg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages

[David Villasmil]

I think if you set 'become' then you don't need to use sudo.
Also, why don't you use the module to install packages instead of executing
yum?
http://docs.ansible.com/ansible/latest/modules/yum_module.html

Example:

- name: install one specific version of Apache
  yum:
name: httpd-2.2.29-1.4.amzn1
state: present

On Tue, May 22, 2018, 05:35 Brian Coca  wrote:

> You seem to have a non standard/old sudo, change the default
> become_flags as they seem to be causing the problem, specifically,
> remove -n (default: '-H -S -n'
> )
>
> --
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7dTfoP38R2wh8itmi1OsyV9-8wrOO686FYjLbNZ%3DEFJ9Q%40mail.gmail.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFGRPVr5DsZP_NrSwR7rZ0EL3y1dLh4XdKQ6j9FgnQiH5wRjeQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Need help to find how to run root command with non-root user and escalated privilages

[Brian Coca]

You seem to have a non standard/old sudo, change the default
become_flags as they seem to be causing the problem, specifically,
remove -n (default: '-H -S -n'
)

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7dTfoP38R2wh8itmi1OsyV9-8wrOO686FYjLbNZ%3DEFJ9Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Quick way for testing new Ansible roles

[BIJAY PARIDA]

Host example is not a valid host name.

- hosts: localhost

On Tuesday, 22 May 2018 07:31:24 UTC+5:30, Behrang wrote:
>
> Hi,
>
> In the docs , it is written 
> that:
>
> Test It
>
> The actual work to be performed gets added as playbook tasks to 
> *tasks/main.yml*. Once you've added some tasks, create a playbook to test 
> the role and insure it works. Here's a simple playbook to execute your new 
> role:
>
>
> # test.yml
> # test playbook
> - hosts: example
>   roles:
>   - { role: acme }
>  
>
> $ ansible-playbook test.yml
>
> However, this won't work as the test playbook directory doesn't have 
> access to the role.
>
>
> $ ansible-galaxy init sample-role
> - sample-role was created successfully
>
> $ cd sample-role/tests/
>
> $ ansible-playbook test.yml
>  [WARNING]: Unable to parse /etc/ansible/hosts as an inventory source
>
>  [WARNING]: No inventory was parsed, only implicit localhost is available
>
>  [WARNING]: provided hosts list is empty, only localhost is available. Note 
> that the implicit localhost does not match 'all'
>
> ERROR! the role 'sample-role' was not found in 
> /Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests/roles:/Users/grey.behrangs/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests
>
> The error appears to have been in 
> '/Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests/test.yml':
>  line 5, column 7, but may
> be elsewhere in the file depending on the exact syntax problem.
>
> The offending line appears to be:
>
>   roles:
> - sample-role
>   ^ here
>
>
> Is there a quick way to test newly created roles?
>
> Cheers,
> Behrang
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/85159d16-fc76-4c08-bce7-13df7ee8ef5d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Quick way for testing new Ansible roles

[Behrang]

Hi,

In the docs , it is written 
that:

Test It

The actual work to be performed gets added as playbook tasks to 
*tasks/main.yml*. Once you've added some tasks, create a playbook to test 
the role and insure it works. Here's a simple playbook to execute your new 
role:


# test.yml
# test playbook
- hosts: example
  roles:
  - { role: acme }
 

$ ansible-playbook test.yml

However, this won't work as the test playbook directory doesn't have access 
to the role.


$ ansible-galaxy init sample-role
- sample-role was created successfully

$ cd sample-role/tests/

$ ansible-playbook test.yml
 [WARNING]: Unable to parse /etc/ansible/hosts as an inventory source

 [WARNING]: No inventory was parsed, only implicit localhost is available

 [WARNING]: provided hosts list is empty, only localhost is available. Note 
that the implicit localhost does not match 'all'

ERROR! the role 'sample-role' was not found in 
/Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests/roles:/Users/grey.behrangs/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests

The error appears to have been in 
'/Users/grey.behrangs/Documents/Projects/ansible-roles/sample-role/tests/test.yml':
 line 5, column 7, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  roles:
- sample-role
  ^ here


Is there a quick way to test newly created roles?

Cheers,
Behrang

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d625aeca-e703-49a3-95de-f6ca6cbc4e4a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] control of network flows and ports between servers

[Diego Lagos]

Currently I have a small problem, but that takes a lot of time.

This is the control of network flows. Specifically, check that every time I 
have a new machine, flows and ports have also been opened to other machines.

The problem therefore is not only to verify that the flow is present, but 
also to simulate it. For example, if server A needs to talk to server B via 
port 9191, I need to be able to test this flow without the need to actually 
install the application.

I know that there is nc that can simulate listening to a port, but I would 
like to know if it exists in ansible, or if you have used a tool that 
allows you to check and test these flows.
Also because the problem is to define all the relationships between the 
servers and their ports.


I thank you for the time you want to dedicate to me


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/da355637-9d7a-4e22-80fb-0f6dc67d0933%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to use group_vars when managed host is in multiple groups?

[bob]

Maybe the question I should be asking is how do people manage what packages 
get installed on what computers?

My approach might be wrong?


I'm trying to figure out how to use group_vars for chocolatey packages to 
install when the managed host is in multiple groups.

I'd like to append package named, identified by the managed host's group 
membership, to the group_var "chocolatey_packages" and use 1 task to 
install all the packages.


The 1 ansible tasks:

- name: Install programs (choco)
  win_chocolatey:
name: "{{ item }}"
state: "present"
  when:
- chocolatey_packages is defined
  with_items:
  - "{{ chocolatey_packages }}"

Here is the tree of how I have group_vars and the associated package names 
for that group

CORP/
├── company-wide-package1
├── company-wide-package2
├── company-wide-package3
├── company-wide-package4
├── company-wide-package5
└── sales
├── all-sales-people-package1
├── all-sales-people-package2
├── all-sales-people-package3
├── inside
│   └── all-inside-sales-people-package1
└── outside
└── all-outside-sales-people-package1

Every computer is part of the CORP group.

Some computers are part of the Sales group.

Even less computers are part of the inside or outside sales group.


All computers get the "company-wide" packages installed.

All sales computers get the "all-sales-people" packages installed.

All inside sales people get the "all-inside-sales-people" packages 
installed.

All outside sales people get the "all-outside-sales-people" packages 
installed.


I've tried to append list of packages to the chocolatey_packages variable 
but that seems fragile and tightly coupled to my group_vars layout.

Variable definition inside CORP/win_chocolatey.yml

chocolatey_corp_pkgs:
  - cleanup
  - firefox
  - git
  - googlechrome
  - veeam-agent
  - virtualclonedrive
  - winscp

chocolatey_packages: "{{ chocolatey_corp_pkgs }}"


Variable definition inside sales/win_chocolatey.yml

chocolatey_sales_pkgs:
  - crystalreports2010runtime

chocolatey_packages: "{{ chocolatey_corp_pkgs + chocolatey_sales_pkgs }}"


Variable definitions inside the sales/inside/win_chocolatey.yml

chocolatey_inside_sales_pkgs:
  - winscp

chocolatey_packages: "{{ chocolatey_corp_pkgs + chocolatey_sales_pkgs + 
chocolatey_inside_sales_pkgs  }}"

And things do not work properly if a computer is part of the inside and 
outside sales groups (yes, there's 2 computers).



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/130317c6-cb9f-40e2-8222-e3d5448f6503%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to use the cache plugins for example the "yaml - YAML formatted files" plugin

[Matt Martz]

Start with the more generic docs for caching plugins, which can be found at
https://docs.ansible.com/ansible/2.5/plugins/cache.html

The above link describes how to enable the plugins.

On Mon, May 21, 2018 at 3:42 PM, Ibrahim Mohamed  wrote:

> How to use the cache plugins for example the "yaml - YAML formatted files"
> plugin
> There is no documentation or examples
> https://docs.ansible.com/ansible/2.5/plugins/cache/yaml.html
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/69b807f0-8ad7-4e30-b6c8-7fe0dff6f6d2%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9yxQVxzNoRN9ez19a2qm_Dm652LkoLGudggdcyAGSCOg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to use the cache plugins for example the "yaml - YAML formatted files" plugin

[Ibrahim Mohamed]

How to use the cache plugins for example the "yaml - YAML formatted files" 
plugin
There is no documentation or examples 
https://docs.ansible.com/ansible/2.5/plugins/cache/yaml.html

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/69b807f0-8ad7-4e30-b6c8-7fe0dff6f6d2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible ping to Windows fails with credssp , “Session' object has no attribute 'merge_environment_settings”

[Harshit Srivastava]

I have configured Ansible on my ubuntu 14.04 and my target machine is a 
windows server 2016, but it fails when using credssp or plain text:

I tried: *ansible -m win_ping all --ask-pass -vvv*

Below is the output I see:


ansible 2.5.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.6 (default, Nov 23 2017, 15:49:48) [GCC 4.8.4]
Using /etc/ansible/ansible.cfg as config file
SSH password:
setting up inventory plugins
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin minimal of type stdout, v2.0 from 
/usr/lib/python2.7/dist-packages/ansible/plugins/callback/minimal.pyc
META: ran handlers
Using module file 
/usr/lib/python2.7/dist-packages/ansible/modules/windows/win_ping.ps1
 ESTABLISH WINRM CONNECTION FOR USER: GAR\ad_harshtsr 
on PORT 5985 TO HARSHTSR-domain.com
checking if winrm_host HARSHTSR-domain.com is an IPv6 address
 WINRM CONNECT: transport=credssp 
endpoint=http://HARSHTSR-domain.com:5985/wsman
 WINRM CONNECTION ERROR: 'Session' object has no 
attribute 'merge_environment_settings'
Traceback (most recent call last):
  File 
"/usr/lib/python2.7/dist-packages/ansible/plugins/connection/winrm.py", 
line 356, in _winrm_connect
self.shell_id = protocol.open_shell(codepage=65001)  # UTF-8
  File "/usr/local/lib/python2.7/dist-packages/winrm/protocol.py", line 
157, in open_shell
res = self.send_message(xmltodict.unparse(req))
  File "/usr/local/lib/python2.7/dist-packages/winrm/protocol.py", line 
234, in send_message
resp = self.transport.send_message(message)
  File "/usr/local/lib/python2.7/dist-packages/winrm/transport.py", line 
243, in send_message
self.build_session()
  File "/usr/local/lib/python2.7/dist-packages/winrm/transport.py", line 
156, in build_session
settings = session.merge_environment_settings(url=self.endpoint, 
proxies={}, stream=None,
AttributeError: 'Session' object has no attribute 
'merge_environment_settings'


(changed actual domain name to domain.com above).

I have all the necessary modules installed:

pywinrm requests requests-credssp.

Can someone please help here?


my requests version is 2.9.1

pywinrm version is 0.3.0

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7fb421e8-3bdc-4645-a50e-af70797f63f8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] manage linux system policy routing?

[cavamagie]

Yes.. Ther is other modulo or file ti manage So Linux similar ti win_route?

Il lun 21 mag 2018, 20:32 Peter Sprygada  ha scritto:

> net_static_route is designed to be used with traditional routers and
> switches and will not work with Linux hosts
>
> On Mon, May 21, 2018 at 6:08 AM, cava cavamagie 
> wrote:
>
>> i'm aunable to use the module net_static_route
>> other ways?
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To post to this group, send email to ansible-project@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/8b6bd35f-af68-49de-ad9c-a6429d199b1e%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAKEs6acfCPkt%2BAYmZ0EXwkKDpUXqMt%3DhoPcu8zb0U6gJQA5krQ%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAJ%3DxKPY_%2BPx4AoC7ckRzLpae%3Dn_-Rxkbd9mqApFNRkUMN%3D6rCA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] manage linux system policy routing?

[Peter Sprygada]

net_static_route is designed to be used with traditional routers and
switches and will not work with Linux hosts

On Mon, May 21, 2018 at 6:08 AM, cava cavamagie  wrote:

> i'm aunable to use the module net_static_route
> other ways?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/8b6bd35f-af68-49de-ad9c-a6429d199b1e%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAKEs6acfCPkt%2BAYmZ0EXwkKDpUXqMt%3DhoPcu8zb0U6gJQA5krQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible unable to except any other body format except raw and jason in the uri module and upload a zip or a jar via POST method

[Apu Mondal]

Zip file not getting POST to the server with the uri module in Ansible.

These are the codes I am trying to execute

   - name: Transfering the Proxies
   uri:
   headers:
   Authorization: '{{API_USER_PASS_BASE64_ENCRYPT}}'
   Content-Type: "application/octet-stream"
   url: 
   
https://api.enterprise.apigee.com/v1/organizations/{{API_ORG}}/apis?action=import={{proxy_name
 
   }}-{{API_ENVIRONMENT}}
   #body: "{{ lookup('file','{{ path 
   }}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip') 
   }}" --> doesn't work
   src: /{{ path 
   }}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip
   body_format: raw
   status_code: 201, 200
   method: POST
   register: version

It gives the following error:
"json": {
"code": "messaging.config.beans.InvalidBundle",
"contexts": [],
"message": "Bundle is invalid. Empty bundle"
},

Also it sets the "content_type": "application/json", at the top of the 
message like this:

The full traceback is:
File "/tmp/ansible_NyKoMf/ansible_module_uri.py", line 468, in main
uresp['location'] = absolute_location(url, uresp['location'])

fatal: [localhost]: FAILED! => {
"changed": false,
"connection": "Close",
"content": "{\n "code" : "messaging.config.beans.InvalidBundle",\n 
"message" : "Bundle is invalid. Empty bundle",\n "contexts" : [ ]\n}",
"content_length": "122",
"content_type": "application/json",
"date": "Mon, 14 May 2018 19:03:48 GMT",
"invocation": {
"module_args": {
"attributes": null,
"backup": null,
"body": null,
"body_format": "raw",
"client_cert": null,
"client_key": null,
"content": null,
"creates": null,
"delimiter": null,
"dest": null,
"directory_mode": null,
"follow": false,
"follow_redirects": "safe",
"force": false,
"force_basic_auth": false,
"group": null,
"headers": {
"Authorization": "Basic YXBvb3J2YS5tb25kYWxAaHVnaGVzLmNvbTphcG9vcnZhNw==",
"Content-Type": "application/octet-stream"
},
"http_agent": "ansible-httpget",
"method": "POST",
"mode": null,
"owner": null,
"regexp": null,
"remote_src": null,
"removes": null,
"return_content": false,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": 
"/var/tmp/APIGEE_COM_R001_B-001_P-001/apigee/proxies/FapProxy--hughes-dev-test-dev.zip",
"status_code": [
"201",
" 200"
],
"timeout": 30,
"unsafe_writes": null,
"url": "
https://api.enterprise.apigee.com/v1/organizations/hughes-dev/apis?action=import=FapProxy-sa-dev
",
"url_password": null,
"url_username": null,
"use_proxy": true,
"validate_certs": true
}
},
"json": {
"code": "messaging.config.beans.InvalidBundle",
"contexts": [],
"message": "Bundle is invalid. Empty bundle"
},
"msg": "Status code was not [201, 200]: HTTP Error 400: Bad Request",
"redirected": false,
"server": "Apigee LB",
"status": 400,
"url": "
https://api.enterprise.apigee.com/v1/organizations/hughes-dev/apis?action=import=FapProxy-sa-dev
"
}


2) - name: Transfering the Proxies

  uri:
headers:
 Authorization: '{{API_USER_PASS_BASE64_ENCRYPT}}'
 Content-Type: "application/zip"
url: 
https://api.enterprise.apigee.com/v1/organizations/{{API_ORG}}/apis?action=import={{
 proxy_name }}-{{API_ENVIRONMENT}}
body: "{{ lookup('file','{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip') }}"
#src: '{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip'
#body_format: raw
status_code: 201, 200
method: POST
  register: version


Please check and provide information on how to properly POST a zip file.
ISSUE TYPE
   
   - Bug Report
   - Feature Idea
   - Documentation Report

COMPONENT NAME

URI Module
ANSIBLE VERSION

ansible 2.4.2.0

CONFIGURATIONOS / ENVIRONMENT

Red Hat Enterprise Linux Server 7.3 (Maipo)
STEPS TO REPRODUCE

- name: Transfering the Proxies
  uri:
headers:
 Authorization: '{{API_USER_PASS_BASE64_ENCRYPT}}'
 Content-Type: "application/zip"
url: 
https://api.enterprise.apigee.com/v1/organizations/{{API_ORG}}/apis?action=import={{
 proxy_name }}-{{API_ENVIRONMENT}}
body: "{{ lookup('file','{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip') }}"
#src: '{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip'
#body_format: raw
status_code: 201, 200
method: POST
  register: version

---
- name: Transfering the Proxies
  uri:
headers:
 Authorization: '{{API_USER_PASS_BASE64_ENCRYPT}}'
 Content-Type: "multipart/form-data"
url: 
https://api.enterprise.apigee.com/v1/organizations/{{API_ORG}}/apis?action=import={{
 proxy_name }}-{{API_ENVIRONMENT}}
#body: "{{ lookup('file','{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip') }}"
src: '{{ path 
}}/{{bundle_name}}/apigee/proxies/{{proxy_name}}--hughes-dev-test-dev.zip'
#body_format: raw
status_code: 201, 200
method: POST
  register: version

- name: Transfering the Proxies
  uri:
headers:
 Authorization: 

Re: [ansible-project] procedure to run the previleages command in ansible 2.5

[Matt Martz]

You have shown /etc/passwd, /etc/group, and /etc/sudoers from the machine
you are running ansible from.

However, those configs will also be required on the `iaf` machine as well.
That is where `/usr/sbin/shutdown` will be run, and where the sudo
configuration matters.

On Mon, May 21, 2018 at 12:34 PM, Kannappan M  wrote:

> Hi  Team,
>
> Am  facing  problem in running  elevated  commands these  are  my  tries
>  kindly  suggest  a  best  solution to fix this problem. I dont  have
> problem in running the  normal ping  command when i  ran the elevated
> command  am  facing problem.
>
> [tester@ansi ~]$ ansible iaf -m command -a "/usr/sbin/shutdown -h now"
> --become -K
> SUDO password:
> iaf | FAILED! => {
> "changed": false,
> "module_stderr": "Shared connection to iaf closed.\r\n",
> "module_stdout": "\r\ntester is not in the sudoers file.  This
> incident will be reported.\r\n",
> "msg": "MODULE FAILURE",
> "rc": 1
> }
> [tester@ansi ~]$ sudo  cat /etc/passwd |grep tester
> tester:x:1001:1001::/home/tester:/bin/bash
>
> [tester@ansi ~]$ sudo cat /etc/group |grep tester
> wheel:x:10:tester
> tester:x:1001:
>
> [tester@ansi ~]$ ansible iaf -m ping
> iaf | SUCCESS => {
> "changed": false,
> "ping": "pong"
> }
>
> [tester@ansi ~]$ sudo grep -v '#' /etc/sudoers |grep tester
> tester ALL=NOPASSWD: ALL
>
> [tester@ansi ~]$ ansible --version
> ansible 2.5.2
>   config file = /etc/ansible/ansible.cfg
>   configured module search path = [u'/home/tester/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
>   ansible python module location = /usr/lib/python2.7/site-
> packages/ansible
>   executable location = /usr/bin/ansible
>   python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5
> 20150623 (Red Hat 4.8.5-28)]
>
>
> Regards
> Kannappan M
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/CABxrqnG2e4i%2BwBsf2ObYN69sBBOzbvA0%
> 3DTWWv76h_8CnT-YD%2Bw%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v8A_xT-7j%2BgT0RyrtrokEkgvsTw2fd%2B1Q3VvVVFpBXnNw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] procedure to run the previleages command in ansible 2.5

[Kannappan M]

Hi  Team,

Am  facing  problem in running  elevated  commands these  are  my  tries
 kindly  suggest  a  best  solution to fix this problem. I dont  have
problem in running the  normal ping  command when i  ran the elevated
command  am  facing problem.

[tester@ansi ~]$ ansible iaf -m command -a "/usr/sbin/shutdown -h now"
--become -K
SUDO password:
iaf | FAILED! => {
"changed": false,
"module_stderr": "Shared connection to iaf closed.\r\n",
"module_stdout": "\r\ntester is not in the sudoers file.  This incident
will be reported.\r\n",
"msg": "MODULE FAILURE",
"rc": 1
}
[tester@ansi ~]$ sudo  cat /etc/passwd |grep tester
tester:x:1001:1001::/home/tester:/bin/bash

[tester@ansi ~]$ sudo cat /etc/group |grep tester
wheel:x:10:tester
tester:x:1001:

[tester@ansi ~]$ ansible iaf -m ping
iaf | SUCCESS => {
"changed": false,
"ping": "pong"
}

[tester@ansi ~]$ sudo grep -v '#' /etc/sudoers |grep tester
tester ALL=NOPASSWD: ALL

[tester@ansi ~]$ ansible --version
ansible 2.5.2
  config file = /etc/ansible/ansible.cfg
  configured module search path =
[u'/home/tester/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Apr 11 2018, 07:36:10) [GCC 4.8.5
20150623 (Red Hat 4.8.5-28)]


Regards
Kannappan M

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CABxrqnG2e4i%2BwBsf2ObYN69sBBOzbvA0%3DTWWv76h_8CnT-YD%2Bw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] executing the previleage adhoc command

[Kannappan M]

Hi Kai,

Please  find the o/p  below


[tester@ansi root]$ ansible iaf -a "sudo /usr/sbin/shutdown -h now" ^C
[tester@ansi root]$ sudo lvdisplay
  --- Logical volume ---
  LV Path/dev/centos/swap
  LV Nameswap
  VG Namecentos
  LV UUIDRkK5xV-p9HC-Em5C-8Ryx-8dVU-Pp9i-Uj1WvB
  LV Write Accessread/write
  LV Creation host, time localhost, 2018-05-18 02:03:44 +0530
  LV Status  available
  # open 2
  LV Size2.00 GiB
  Current LE 512
  Segments   1
  Allocation inherit
  Read ahead sectors auto
  - currently set to 8192
  Block device   253:1

  --- Logical volume ---
  LV Path/dev/centos/root
  LV Nameroot
  VG Namecentos
  LV UUID1KyJY9-BLjP-HvbH-GjgH-UTNA-9qvS-deTXGq
  LV Write Accessread/write
  LV Creation host, time localhost, 2018-05-18 02:03:44 +0530
  LV Status  available
  # open 1
  LV Size<17.47 GiB
  Current LE 4472
  Segments   1
  Allocation inherit
  Read ahead sectors auto
  - currently set to 8192
  Block device   253:0


Regards
Kannappan M
+91-9894921536


On Mon, May 21, 2018 at 9:21 PM, Kannappan M  wrote:

> Hi Team,
>
> When i  try  to shutdown the connected  node  using  ansible  am  getting
> the  below  error  kindly   assist
>
> 128  ansible iaf -m shell "/usr/sbin/shutdown -h now" -b
>   129  ansible iaf -m shell "/usr/sbin/shutdown -h now" --become
>   130  ansible iaf -m shell '/usr/sbin/shutdown -h now' --become
>  154  ansible iaf -a "/usr/sbin/shutdown -h now" --become
>   155  ansible iaf -a "sudo /usr/sbin/shutdown -h now"
>
>
> for the  155  command  am  getting  message  as  user  is  not in the
> sudoers  list
>
> but  i  have  already  made  an  entry  in sudoers  file  and  also
> added  to  wheel  group
>
> cat /etc/group |grep wheel
> wheel:x:10:tester
>
> tester ALL=NOPASSWD: ALL
>
>
>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/ansible-project/CdO9kvdvTIg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/eca14ede-e0e4-44bd-819f-8825991953ea%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CABxrqnGJkDecoa5mD16XwuBfi03e3M-L_F7zEy5w6GmR-PS%2B2g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible GUI Tools

[Tony Chia]

Hi Carlton,
You can use either the commerical Ansible Tower or the opensource version 
called AWX at github.com/ansible/awx if you need a GUI interface.

On Sunday, May 20, 2018 at 12:37:25 PM UTC-7, Carlton Patterson wrote:
>
> Hello community,
>
> I am learning Ansible and I am getting familiar with Ansible's commands.
>
> However, can someone let me know if there are any GUI applications that 
> will allow the building of Playbooks and inventories etc?
>
> I have been using an application called PlayAble which is a great tool 
> developed by an Ansible expert called Mumshad, see the following link for a 
> demo http://www.ansible-playable.com/
>
> Its a great tool, but I was wondering if there are any other tools on the 
> market?
>
> Cheers
>
> Carlton
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ab8b3686-9265-4dce-b8b1-73a6cfa25ef2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] executing the previleage adhoc command

[Kai Stian Olstad]

On 21.05.2018 17:51, Kannappan M wrote:
When i  try  to shutdown the connected  node  using  ansible  am  
getting

the  below  error  kindly   assist

128  ansible iaf -m shell "/usr/sbin/shutdown -h now" -b
  129  ansible iaf -m shell "/usr/sbin/shutdown -h now" --become
  130  ansible iaf -m shell '/usr/sbin/shutdown -h now' --become


None of these are valid, they are missing -a, and Ansible should write 
an error message.




 154  ansible iaf -a "/usr/sbin/shutdown -h now" --become


This one has the correct syntax.



  155  ansible iaf -a "sudo /usr/sbin/shutdown -h now"


This should work, but I would recommend the previous one.



for the  155  command  am  getting  message  as  user  is  not in the
sudoers  list

but  i  have  already  made  an  entry  in sudoers  file  and  also  
added

to  wheel  group

cat /etc/group |grep wheel
wheel:x:10:tester

tester ALL=NOPASSWD: ALL


Does sudo work when you login manually and test?
Are you sure you are using the user tester in Ansible?

And you need to run ansible with - to get some more verbose output 
about what is happing.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/973a1ec9baf8c00359a72ea62db54639%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] executing the previleage adhoc command

[Kannappan M]

Hi Team, 

When i  try  to shutdown the connected  node  using  ansible  am  getting 
the  below  error  kindly   assist

128  ansible iaf -m shell "/usr/sbin/shutdown -h now" -b
  129  ansible iaf -m shell "/usr/sbin/shutdown -h now" --become
  130  ansible iaf -m shell '/usr/sbin/shutdown -h now' --become
 154  ansible iaf -a "/usr/sbin/shutdown -h now" --become
  155  ansible iaf -a "sudo /usr/sbin/shutdown -h now"


for the  155  command  am  getting  message  as  user  is  not in the 
sudoers  list

but  i  have  already  made  an  entry  in sudoers  file  and  also  added  
to  wheel  group

cat /etc/group |grep wheel
wheel:x:10:tester

tester ALL=NOPASSWD: ALL




-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/eca14ede-e0e4-44bd-819f-8825991953ea%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Issues connecting when using the ios_facts module

[Matt Hickok]

Hey Peter, was this what you mean by the asa_facts module? 
https://github.com/ansible/ansible/pull/37298

It looks like it's not included yet

On Saturday, May 19, 2018 at 12:59:02 AM UTC-5, Matt Hickok wrote:
>
> Yea, I figured out point 1 eventually. 
>
> As for ansible_network_os, I couldn't find that documentation anywhere as 
> to the different options. I eventually guessed asa and it worked, but is it 
> documented?
>
> And where is the information on asa_facts? I could only find ios_facts. 
> There were 3 different asa modules listed but none of them are _facts
>
> Thank you!
>
> On Friday, May 18, 2018 at 9:25:51 PM UTC-5, Peter Sprygada wrote:
>>
>> Few things that need to be corrected here
>>
>> 1) use connection=network_cli
>>
>> 2) set the ansible_network_os=asa
>>
>> 3) use the asa_facts module, not ios_facts
>>
>> http://docs.ansible.com/ansible/latest/network/index.html
>>
>>
>>
>> On Fri, May 18, 2018 at 4:18 PM, Matt Hickok  
>> wrote:
>>
>>> Also, I just turned on debug and this is what I see: 
>>>
>>>   1492 1526674321.92274: stderr chunk (state=3):
>>> >>>debug3: receive packet: type 91
>>> debug2: callback start
>>> debug2: client_session2_setup: id 2
>>> debug1: Sending environment.
>>> debug1: Sending env LANG = en_US.UTF-8
>>> debug2: channel 2: request env confirm 0
>>> debug3: send packet: type 98
>>> debug1: Sending command: /bin/sh -c 'echo ~ && sleep 0'
>>> debug2: channel 2: request exec confirm 1
>>> debug3: send packet: type 98
>>> debug3: mux_session_confirm: sending success reply
>>> debug2: callback done
>>> debug2: channel 2: open confirm rwindow 1024 rmax 4096
>>> debug1: mux_client_request_session: master session id: 2
>>> <<<
>>>
>>>   1492 1526674321.95154: stderr chunk (state=3):
>>> >>>debug3: receive packet: type 99
>>> debug2: channel_input_status_confirm: type 99 id 2
>>> debug2: exec request accepted on channel 2
>>> <<<
>>>
>>>   1492 1526674321.95220: stdout chunk (state=3):
>>> >>>Type help or '?' for a list of available commands.
>>> ciscoasa> /b<<<
>>>
>>>   1492 1526674321.95442: stdout chunk (state=3):
>>> >>>in/sh -c 'echo ~ &&<<<
>>>
>>>   1492 1526674321.97577: stdout chunk (state=3):
>>> >>> sleep 0'<<<
>>>
>>>   1492 1526674366.99164: stderr chunk (state=3):
>>> >>>debug3: send packet: type 1
>>> <<<
>>>
>>>   1492 1526674366.99776: stderr chunk (state=3):
>>> >>>debug1: channel 0: free: /root/.ansible/cp/a0709b0bd0, nchannels 3
>>> debug3: channel 0: status: The following connections are open:
>>>   #1 mux-control (t16 r2 i0/0 o0/0 fd 5/5 cc -1)
>>>   #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1)
>>>
>>> debug1: channel 1: free: mux-control, nchannels 2
>>> debug3: channel 1: status: The following connections are open:
>>>   #1 mux-control (t16 r2 i0/0 o0/0 fd 5/5 cc -1)
>>>   #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1)
>>>
>>> debug1: channel 2: free: client-session, nchannels 1
>>> debug3: channel 2: status: The following connections are open:
>>>   #2 client-session (t4 r3 i0/0 o0/0 fd 6/7 cc 1)
>>>
>>> debug3: fd 0 is not O_NONBLOCK
>>> debug3: fd 1 is not O_NONBLOCK
>>> debug1: fd 2 clearing O_NONBLOCK
>>> Connection to 10.0.2.5 closed by remote host.
>>> Transferred: sent 2072, received 1984 bytes, in 45.1 seconds
>>> Bytes per second: sent 45.9, received 44.0
>>> debug1: Exit status -1
>>> debug3: mux_client_read_packet: read header failed: Broken pipe
>>> debug2: Control master terminated unexpectedly
>>> <<<
>>>
>>>   1492 1526674367.01129: stderr chunk (state=3):
>>> >>><<<
>>>
>>>   1492 1526674367.01299: stdout chunk (state=3):
>>> >>><<<
>>>
>>>
>>>
>>> On Friday, May 18, 2018 at 3:11:07 PM UTC-5, Matt Hickok wrote:

 Hey folks, I'm trying to gather some facts from a Cisco ASA. The ASA is 
 configured as simply as possible and here are the relevant settings for 
 the 
 ASA

 ASA Software Version: 9.2(2)
 Hardware: ASA5515
 Management IP: 10.0.2.5
 SSH DH Key Exchange: Group 1 (diffie-hellman-group1-sha1)

 I made sure that I can SSH into the device directly from the Ansible VM 
 before anything, and this was sucessful. 

 Ansible version is 2.5.2 (being run using the official ansible awx 
 docker images)

 Here is my inventory: 

 [cisco]
 10.0.2.5

 [cisco:vars]
 ansible_user=myuseraccount
 ansible_ssh_pass=mypass
 ansible_ssh_common_args: '-o KexAlgorithms=diffie-hellman-group1-sha1'

 Here is my playbook: 
 ---
 - hosts: cisco
   tasks:
 - name: "ssh facts"
   ios_facts:

 So it is incredibly basic. Now the error I am getting is that the 
 device is unreachable, but it looks like some sot of ssh multiplexing 
 error. I don't really know how to read these logs. 

 fatal: [10.0.2.5]: UNREACHABLE! => {
 "changed": false,
 "msg": "Failed to connect to the host via ssh: OpenSSH_7.4p1, 
 OpenSSL 1.0.2k-fips  26 Jan 

[ansible-project] How I write If syntax inside for syntax in template

[Jatinder Jawanda]

{% for item, value in 

{% if source == "cde" %} 
abc.iteritems() 
{% else %} 
def.iteritems() 
{% endif %} %}

item

{% endfor %}


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/785e926a-4ba2-48ee-903a-f4705faffc1a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible looping over register and multiple lists

[David Villasmil]

Please paste the code WITHOUT any formatting. Font should be any
single-space so that spacing is correct.

On Mon, May 21, 2018, 15:55 Jeremie Levy  wrote:

> Hi
> I'm trying to do the following (in windows but it's not important):
>
>
>1. Need to deploy N number of build agents to a server (according to
>the inventory nb_of_agents)  - *iteration1*
>2. Each agent should have a unique port starting from 8811 -
>*iteration2*
>3. Check if the service is already present - store in register. - *REGISTER
>LIST*
>4. Install according to the register.
>
> First question: Using a register list, how do i use : when:
> service.results.exists for specific index?
> Second question: how do i go in parrallel via multiple list:
>
>1. with_sequence: start=1 end='{{ nb_of_agents}}'' *and*
>2. with_sequence: start=8811 count='{{ nb_of_agents}}'' *and*
>3. when: service.result[index].exists
>
>
> So the code looks like this:
> - name: check service '{{ item }}' is not already running
> win_service:
> name: Build Agent Prod '{{ item }}'
> register: svc
> with_sequence: start=1 end='{{nb_of_agents}}'
>
> - name: output
> debug:
> var: svc
> - name: output
> debug:
> var: svc.results.[item].exists
> with_sequence: count='{{nb_of_agents}}'
>
> - name: install Agent '{{ item }}'
> win_copy:
> src: \\some\share\buildagent_prod_template
> dest: 'D:\buildagent_prod_{{ item }}'
> force: no
> remote_src: yes
> when: svc.results[item].exists == false
> register: agent
> with_sequence: count='{{nb_of_agents}}'
> - name: modify Port
> win_lineinfile:
> path: D:\buildagent_prod_{{ item }}\conf\node.properties
> backrefs: yes
> regexp: '(^port)=.*'
> line: '$1={{ item2 }}'
> when: 'agent.results[item]'
> with_together: count=nb_of_agents
> with_items: start=qb_prod_agent_port count=nb_of_agents
>
>
> *Thanks!!*
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/babac43c-57f2-4091-b2ee-8fdc32291378%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFGRPVrLQX7xq70MqrT33zd_ML9vO3JakAuu4iikceJFBvZFZg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible looping over register and multiple lists

[Jeremie Levy]

Hi
I'm trying to do the following (in windows but it's not important):


   1. Need to deploy N number of build agents to a server (according to the 
   inventory nb_of_agents)  - *iteration1*
   2. Each agent should have a unique port starting from 8811 - *iteration2*
   3. Check if the service is already present - store in register. - *REGISTER 
   LIST*
   4. Install according to the register.

First question: Using a register list, how do i use : when: 
service.results.exists for specific index? 
Second question: how do i go in parrallel via multiple list:

   1. with_sequence: start=1 end='{{ nb_of_agents}}'' *and*
   2. with_sequence: start=8811 count='{{ nb_of_agents}}'' *and*
   3. when: service.result[index].exists


So the code looks like this:
- name: check service '{{ item }}' is not already running
win_service:
name: Build Agent Prod '{{ item }}'
register: svc
with_sequence: start=1 end='{{nb_of_agents}}'

- name: output
debug:
var: svc
- name: output
debug:
var: svc.results.[item].exists
with_sequence: count='{{nb_of_agents}}'

- name: install Agent '{{ item }}'
win_copy: 
src: \\some\share\buildagent_prod_template
dest: 'D:\buildagent_prod_{{ item }}'
force: no
remote_src: yes
when: svc.results[item].exists == false
register: agent
with_sequence: count='{{nb_of_agents}}'
- name: modify Port
win_lineinfile:
path: D:\buildagent_prod_{{ item }}\conf\node.properties
backrefs: yes
regexp: '(^port)=.*'
line: '$1={{ item2 }}'
when: 'agent.results[item]'
with_together: count=nb_of_agents
with_items: start=qb_prod_agent_port count=nb_of_agents


*Thanks!!*

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/babac43c-57f2-4091-b2ee-8fdc32291378%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Unable to run Jenkins in docker container using Ansible

[Bishwajit Samanta]

Dear All,

I am not able to run jenkins inside docker container using ansible 
playbook. Jenkins is getting started but unable to run it 


- name: Download Jenkins Container
  docker_container: 
name: Jenkins_server 
image: jenkins 
state: started 
ports: 
  - "8080:8080"
  - "5:5"
command: sleep 1d 
volumes: 
  - /data 

This is starting the container but not able to run jenkins due to which i 
am not able to login to jenkins host.

Can anyone guide me what do to ?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/babad340-11ba-4932-b885-0f2d36553a92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] manage linux system policy routing?

[cava cavamagie]

i'm aunable to use the module net_static_route
other ways?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8b6bd35f-af68-49de-ad9c-a6429d199b1e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] paper ansible

[Prasad Mukhedkar]

You can get lots of details about ansible and ansible tower at :
https://www.ansible.com/resources

Regards,
Prasad Mukhedkar

On Mon, May 21, 2018 at 1:33 PM, Raxeon  wrote:

> hey guys, i get assignment from my teacher,
> do you know where i can get paper or journal about ansible?
>
> thanks..
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/74461ed6-df53-44ea-829e-1bd85321b2db%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CADQ7wzAkmURPfO5RataQQUh9kd4wtaOq7d52nzTuNsT89P71hQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] paper ansible

[Raxeon]

hey guys, i get assignment from my teacher, 
do you know where i can get paper or journal about ansible?

thanks..

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/74461ed6-df53-44ea-829e-1bd85321b2db%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] merge two sets of AWS tags?

[Kai Stian Olstad]

On 21.05.2018 05:27, Karl Auer wrote:
So I will generally have some standard tags set up in a variable like 
this:


standard_tags:
   Name: AServer
   CostCentre: Operations

Then I generate some extra tags, so I have another variable somewhere 
like

this:

extra_tags:
   fred: wilma
   barney: betty

How can I get one variable that looks like this:

all_tags:
   Name: AServer
   CostCentre: Operations
   fred: wilma
   barney: betty


I assume fred: is just indented incorrectly so you are looking for the 
combine filter.


  - set_fact:
  all_tags: '{{ standard_tags | combine(extra_tags) }}'

--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9e876bf921617ac5bb119bc56a0a679b%40olstad.com.
For more options, visit https://groups.google.com/d/optout.