[ansible-project] lookup inside another dictionary
Hi,
I have this playbook:
---
- hosts: localhost
connection: local
gather_facts: False
vars_files:
- nsxanswer.yml
- "firewall-rules.yml"
tasks:
- name: Add multiple firewall rules
nsx_edge_firewall:
nsxmanager_spec: "{{ nsxmanager_spec }}"
mode: "create"
edge_id: '{{ edge_id }}'
global_config:
tcpPickOngoingConnections: true
dropInvalidTraffic: false
tcpTimeoutEstablished: 3600
enableSynFloodProtection: true
default_action: reject
rules: '{{ fwRules }}'
Also this is a my firewall-rules file:
fwRules:
-
name: "Allow windows updates"
ruleType: user
enabled: true
loggingEnabled: false
action: accept
source:
vnicGroupId: internal
destination:
groupingObjectId: "{{ lookup(vars,'mysource') }}"
service:
-
protocol: tcp
dstPort: 135
srcPort: any
-
protocol: udp
dstPort: "137-138"
srcPort: any
-
protocol: tcp
dstPort: 139
srcPort: any
-
protocol: tcp
dstPort: 445
srcPort: any
But i can't get this working as i get this error:
TASK [Add multiple firewall rules]
**
fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred
while templating '[{u'ruleType': u'user', u'name': u'Allow windows
updates', u'service': [{u'protocol': u'tcp', u'dstPort': 135, u'srcPort':
u'any'}, {u'protocol': u'udp', u'dstPort': u'137-138', u'srcPort': u'any'},
{u'protocol': u'tcp', u'dstPort': 139, u'srcPort': u'any'}, {u'protocol':
u'tcp', u'dstPort': 445, u'srcPort': u'any'}], u'loggingEnabled': False,
u'destination': {u'groupingObjectId': u\"{{ lookup(vars,'mysource') }}\"},
u'enabled': True, u'source': {u'vnicGroupId': u'internal'}, u'action':
u'accept'}]'. Error was a , original
message: 'dict' object has no attribute 'lower'"}
to retry, use: --limit @/etc/ansible/vcd/edg-fw.retry
What i need to do is lookup to go and find mysource variable form another
file but it doesn't work
Can anyone see what is the problem here/T
Thanks
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/bab0c6ed-e7d2-47d1-b069-bc7a0cf1b036%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Custom module to allocate_private_virtual_interface
Hi All,
I am creating Direct Connect Private Virtual Interface but as a hosted
interface. Currently, there are no ansible modules to
allocate_private_virtual_interface. This will create a private virtual
interface to be owned by specified AWS account.
This is the boto3 link for that
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/directconnect.html#DirectConnect.Client.allocate_private_virtual_interface
response = client.allocate_private_virtual_interface(
connectionId='string',
ownerAccount='string',
newPrivateVirtualInterfaceAllocation={
'virtualInterfaceName': 'string',
'vlan': 123,
'asn': 123,
'mtu': 123,
'authKey': 'string',
'amazonAddress': 'string',
'addressFamily': 'ipv4'|'ipv6',
'customerAddress': 'string'
})
The current ansible module does not have ownerAccount parameter. Can
someone help create one?
Current ansible module:
https://docs.ansible.com/ansible/2.6/modules/aws_direct_connect_virtual_interface_module.html
Thanks
Kishore
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/7558348e-d140-45a4-968e-4b813ec7a228%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] select one and two caracter of variable
On 2/13/19 3:26 AM, ryad9200...@gmail.com wrote:
Hi all,
I don't now why this task not works:
- set_fact:
my_variable: "{{ ansible_user[0 and 1] + 'gis' if
ansible_user!='wildfly' else 'wildfly' }}"
But *ansible_user[0] + ansible_user[1]* works but i want one syntaxe
shorter, exemple *ansible_user[0 and 1] *but this syntax not works !!
Why would you expect it to work? 'and' is a logical operator. Jinja2
(which is used for templating a in Ansible) uses python slicing and
substrings.
Take a look here:
https://www.journaldev.com/23774/python-string-substring
The syntax you're looking for is slicing: variable[start:end]
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/0b9e91bf-4cfe-f17f-f9ea-d3bf81445004%40redhat.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Ansible plugin and Number of parallel processes
I'm using Jenkins with the ansible plugin. https://plugins.jenkins.io/ansible I'm trying to figure out why an ansible project run in Jenkins on 20 hosts is slower than running ansible on the command line. I tried the increasing the "Number of parallel processes" but the Jenkins node seems to run the tasks sequentially. Any help appreciated. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/210cdb24-de53-40b5-a9d0-928caa713f73%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] https://plugins.jenkins.io/ansible
I'm using Jenkins with the ansible plugin. https://plugins.jenkins.io/ansible I'm trying to figure out why an ansible project run in Jenkins on 20 hosts is slower than running ansible on the command line. I tried the increasing the "Number of parallel processes" but the Jenkins node seems to run the tasks sequentially. Any help appreciated. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/8343d397-d5a1-427c-8be4-97a09379b2ee%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
pyOpenSSL (python-openssl) is not used for standard SSL connections in
Python. It is a requirement of CredSSP auth in Ansible but that's unrelated
to the problem here.
I think you still have a mismatch of compatible TLS protocols just in the
opposite direction we initially thought. I believe your Debian host only
supports TLS 1.2 but your Windows 7 host only supports up to TLS 1.0. TLS
1.0 is old and potentially insecure which is why more and more
distributions are disabling TLS 1.0 and TLS 1.1 and older, see
https://lists.debian.org/debian-devel-announce/2017/08/msg4.html.
Luckily for you, Windows 7 does support TLS 1.2 just not by default. You
need to make sure you have installed the latest updates on your Windows
host then create the following registry keys, you can use the below script
to do so;
Function Enable-TLS12 {
param(
[ValidateSet("Server", "Client")]
[String]$Component = "Server"
)
$protocols_path =
"HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols"
New-Item -Path "$protocols_path\TLS 1.2\$Component" -Force
New-ItemProperty -Path "$protocols_path\TLS 1.2\$Component" -Name
Enabled -Value 1 -Type DWORD -Force
New-ItemProperty -Path "$protocols_path\TLS 1.2\$Component" -Name
DisabledByDefault -Value 0 -Type DWORD -Force
}
Enable-TLS12 -Component Server
# Not required but highly recommended to enable the Client side TLS 1.2
components
Enable-TLS12 -Component Client
You definitely need to enable the Server component but I also highly
recommend you enable the Client component as well. Once you've created the
registry keys you need to reboot the host and try again.
To verify independently what protocol is being negotiated by OpenSSL you
can run the comman below;
openssl s_client -connect :5986
Near the bottom of the output you can see something like the following;
SSL handshake has read 1884 bytes and written 293 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher: ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
E6144F2F2662F404CDCD3203CB6AE5F53C36B0129AF615A016D404F1C155
Session-ID-ctx:
Master-Key:
123F15364A949A03DD75E7841EDD395304A2568B32124206A5E36BDDD10AF7837E74746DED16356972D318169DD81B5E
Start Time: 1550089169
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
---
We can see that the Protocol negotiated was TLSv1.2 and it negotiated the
cipher suite 'ECDHE-RSA-AES256-GCM-SHA384'. Try running that before and
after you enable TLS 1.2 on your Windows host and reboot to check for
differences.
Thanks
Jordan
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/291eecbe-3385-4865-80ff-6a3196121eee%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: Ansible - write only specific output
Hello,
I've seen this use case before. It's easier to build the reporting
directly into the playbook. You can, for exmaple, create a template that
will print what you want for each managed host, and assemble the pieces
later:
On 2/13/19 11:55 AM, DM wrote:
The example below is a yaml file to gather data from a Juniper
Networks Switch device.
How would you do it this?
I've seen this exact same use case. It's better to build the reporting
directly into the playbook. You can, for exaple, create a template that
will print what you want for each managed host, and assemble the pieces
later:
- name: Get Facts
hosts: 192.168.1.1
roles:
- Juniper.junos
connection: local
gather_facts: no
vars_prompt:
- name: ADMUSER
prompt: Username
private: no
- name: ADMPASS
prompt: password
private: yes
tasks:
- name: Retrieve LLDP Neighbor Information Using PyEZ-included Table
juniper_junos_table:
file: "lldp.yml"
table: "RouteTable"
host: '{{ inventory_hostname }}'
user: '{{ ADMUSER }}'
passwd: '{{ ADMPASS }}'
port: 830
register: response
- name: Print response
debug:
var: response
- copy: content="{{ your_json_feed }}" dest=/etc/ansible/file-1
Something like adding a template file like:
|{{ inventory_hostname }} : {{ response }} |
Then templating it:
|- name: create part of the report for {{ inventory_hostname }}
template: src: my_template.j2 dest: "{{ inventory_hostname.report }}" |
Then you can use the fetch module to bring it over to the controller
and the assemble module to generate a full report.
Hope that helps,
Hugo
On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote:
How do you write to a file the output of a yaml?
If possible, how do you only write to a file specific info if?
Thanks
--
You received this message because you are subscribed to the Google
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to ansible-project+unsubscr...@googlegroups.com
.
To post to this group, send email to ansible-project@googlegroups.com
.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a61598d0-736e-43e2-9b10-a07981c9e3cc%40googlegroups.com
.
For more options, visit https://groups.google.com/d/optout.
--
Hugo F. gonzalez
Senior Consultant
Red Hat LATAM
--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/51742d2b-5715-eb6f-c4cd-e63439534b62%40redhat.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Ansible - write only specific output
Thanks to all who responded.
The example below is a yaml file to gather data from a Juniper Networks
Switch device.
How would you do it this?
- name: Get Facts
hosts: 192.168.1.1
roles:
- Juniper.junos
connection: local
gather_facts: no
vars_prompt:
- name: ADMUSER
prompt: Username
private: no
- name: ADMPASS
prompt: password
private: yes
tasks:
- name: Retrieve LLDP Neighbor Information Using PyEZ-included Table
juniper_junos_table:
file: "lldp.yml"
table: "RouteTable"
host: '{{ inventory_hostname }}'
user: '{{ ADMUSER }}'
passwd: '{{ ADMPASS }}'
port: 830
register: response
- name: Print response
debug:
var: response
- copy: content="{{ your_json_feed }}" dest=/etc/ansible/file-1
On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote:
>
> How do you write to a file the output of a yaml?
>
> If possible, how do you only write to a file specific info if?
>
> Thanks
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a61598d0-736e-43e2-9b10-a07981c9e3cc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: using json_query against integers?
NM all ... turns out i need the illustrious backtick (`) and not a single
quote to denote a integer ...
On Wednesday, February 13, 2019 at 9:34:11 AM UTC-8, Justin DynamicD wrote:
>
> Ill let a fast sample bit of code do the talking:
>
>
> ---
> - name: query test
> hosts: "localhost"
> gather_facts: no
> tasks:
> - set_fact:
> drives:
> - lun: 0
> size: "25gb"
> - lun: 1
> size: "100gb"
>
> - vars:
> json_query: "[?lun=='0']"
> set_fact:
> output: "{{ drives | json_query(json_query) }}"
>
> - debug:
> var: output
>
>
>
> So in the above example, output = [], because json_query looks for a
> string and not an integer. If I were to change the dictionary to use only
> strings I'd have no issues.
>
> So ... does anyone know how to use json_query against integers?
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/3c124337-fac1-44a3-b1d8-c5d5a4746aa0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] using json_query against integers?
Change your `json_query` var to use backticks (``) instead of quotes ('')
around the 0
- vars:
json_query: "[?lun==`0`]"
On Wed, Feb 13, 2019 at 11:34 AM Justin DynamicD
wrote:
> Ill let a fast sample bit of code do the talking:
>
>
> ---
> - name: query test
> hosts: "localhost"
> gather_facts: no
> tasks:
> - set_fact:
> drives:
> - lun: 0
> size: "25gb"
> - lun: 1
> size: "100gb"
>
> - vars:
> json_query: "[?lun=='0']"
> set_fact:
> output: "{{ drives | json_query(json_query) }}"
>
> - debug:
> var: output
>
>
>
> So in the above example, output = [], because json_query looks for a
> string and not an integer. If I were to change the dictionary to use only
> strings I'd have no issues.
>
> So ... does anyone know how to use json_query against integers?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/cfdf4b9a-bf0b-43fc-acfd-1ac94c9cfe05%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Matt Martz
@sivel
sivel.net
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAD8N0v8tMSCUPdiOGX7OYoo6MFMVnm0hRHoWhKcktB3RCn4%2BUg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Re: [ansible-project] Re: Ansible - write only specific output
There's nothing in the ansible CLI that supports explicitly dumping the
output to a file. You could just use a simple shell redirect.
$ ansible -i inventories/aws -m setup all > host-facts.yaml
It's worth noting that the CLI's output doesn't make a distinction between
failed plays or tasks in terms of shell standard in/standard out, all the
output goes to standard out (unless it's something to do with command line
parsing or something lower-level than play execution).
So for example if I remove a pubkey on a host and run the setup module to
gather facts, all the output goes to STDOUT:
xx.xx.xx.xx | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: ec2-u...@xx.xx.xx.xx:
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n",
"unreachable": true
}
yy.yy.yy.yy | SUCCESS => {
"ansible_facts": {
"ansible_all_ipv4_addresses": [
"aa.aa.aa.aa"
],
On Wed, 13 Feb 2019 at 16:46, DM wrote:
> Thanks I do have the "---" at the top
> When I run t he ansible-playbook how do get all that info to write to a
> file?
> It only shows up on the cli which I know I can copy and paste to a file,
> but would like to output to a file
>
> Thanks
>
>
>
> On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote:
>>
>> How do you write to a file the output of a yaml?
>>
>> If possible, how do you only write to a file specific info if?
>>
>> Thanks
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/35a3b1fc-da7b-4f4b-a2be-ebd9bf89c49b%40googlegroups.com
>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAKtKohTxSeFysALDr%3DjoKRHP_wmiowzB0Kty2oxhoD4%3DDZ%3DOSg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] using json_query against integers?
Ill let a fast sample bit of code do the talking:
---
- name: query test
hosts: "localhost"
gather_facts: no
tasks:
- set_fact:
drives:
- lun: 0
size: "25gb"
- lun: 1
size: "100gb"
- vars:
json_query: "[?lun=='0']"
set_fact:
output: "{{ drives | json_query(json_query) }}"
- debug:
var: output
So in the above example, output = [], because json_query looks for a string
and not an integer. If I were to change the dictionary to use only strings
I'd have no issues.
So ... does anyone know how to use json_query against integers?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/cfdf4b9a-bf0b-43fc-acfd-1ac94c9cfe05%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Ansible - write only specific output
Hi, If you want include task in your playbook, you must only do it : *- include_task: /my_path/.../.../my_file_externe.yml* This answer answers your question ? Thanks Le mercredi 13 février 2019 17:46:48 UTC+1, DM a écrit : > > Thanks I do have the "---" at the top > When I run t he ansible-playbook how do get all that info to write to a > file? > It only shows up on the cli which I know I can copy and paste to a file, > but would like to output to a file > > Thanks > > > > On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote: >> >> How do you write to a file the output of a yaml? >> >> If possible, how do you only write to a file specific info if? >> >> Thanks >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e3568429-5e57-4f6d-993e-33aad1330940%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Ansible - write only specific output
Thanks I do have the "---" at the top When I run t he ansible-playbook how do get all that info to write to a file? It only shows up on the cli which I know I can copy and paste to a file, but would like to output to a file Thanks On Wednesday, February 13, 2019 at 8:45:06 AM UTC-5, DM wrote: > > How do you write to a file the output of a yaml? > > If possible, how do you only write to a file specific info if? > > Thanks > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/35a3b1fc-da7b-4f4b-a2be-ebd9bf89c49b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] date module is not working as expected
HI team,
I have a below playbook, where it works fine if I enter dates manually in
vars. but it fails when passing through register. tried max possibilities.
need your help
- hosts: one
become: true
tasks:
- shell: " dsmc query filespace / | tail -n 1 | awk '{print$2}'"
register: backup
- shell: "date +'%Y-%m-%d'"
register: today
- shell: "date -d '{{backup.stdout}}' +'%Y-%m-%d'"
register: test
- set_fact:
date1: "{{test.stdout}}"
date2: "{{today.stdout}}"
- debug:
msg: "{{date1}} and {{date2}}"
- template:
src: /home/viraj4/ansible/date.j2
dest: /tmp/date.txt
- shell: "cat /tmp/date.txt"
register: date
- debug:
msg: "{{ date.stdout }}"
- shell: "> /tmp/date.txt"
[viraj4@* ansible]$ cat /home/viraj4/ansible/date.j2
{{ (date1 - date2).days }}
output:
TASK [debug]
***
ok: [ => {
"msg": "2019-02-13 and 2019-02-13"
}
Perform task: TASK: template (N)o/(y)es/(c)ontinue: y
Perform task: TASK: template (N)o/(y)es/(c)ontinue:
TASK [template]
fatal: [***]: FAILED! => {"changed": false, "msg":
"AnsibleError: Unexpected templating type error occurred on ({{ (date1 -
date2).days }}\n): unsupported operand type(s) for -: 'AnsibleUnsafeText'
and 'AnsibleUnsafeText'"}
to retry, use: --limit @/home/viraj4/ansible/time.retry
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e7de6afb-5349-4c11-814a-1ac382581e87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] ASG Volume tags
Hi, Does anybody know how to get tags applied to volumes associated with instances created as part of an ASG? Instances tags are propagated fine, just no way to tag the volumes that I can see Many thanks James -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/e1025a40-95ce-47f8-bc74-c885f188f00f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: ansible loop iteration on result
Hi,
I think that you must use gather_fact in your playbook.
If this answer not answers your question, you can use option in ansible.
for example : ansible --help for get ip of someone computer.
Or : ansible my_name_computer -m . --help
Regards
Le mardi 12 février 2019 12:28:03 UTC+1, Ankur Gupta a écrit :
>
> Hello All,
>
> I am trying to get ip address from ec2_fact.
>
> So I have lists of tags. on the basis of tags, i am searching the ec2
> using the ec2_fact module and storing the result in the register variable.
>
> I am trying to get the ip address which from the register variable, I am
> not able to get. Can you please help me which i am doing wrong ?
>
> here is code
> Enter code here...
> - name: Task | get ec2 remote facts of instances
> ec2_remote_facts:
> aws_secret_key: "{{ session_secret_key }}"
> aws_access_key: "{{ session_access_key }}"
> security_token: "{{ session_security_token }}"
> region: "{{ aws_region }}"
> filters:
> instance-state-name: running
> "tag:Name": "{{ site_id }}*-{{ item.0 }}"
> "tag:teradata:type": "{{ item.1 }}"
> register: stack_metadata
> ignore_errors: yes
> with_together:
> - "{{ inventory_search_tag }}"
> - "{{ inventory_search_tag_type }}"
>
> - debug: var="{{ item.instances[0].private_ip_address }}"
> with_items: "{{ stack_metadata.results }}"
>
>
> here is the result
> ok: [localhost] => {
> "stack_metadata": {
> "changed": false,
> "msg": "All items completed",
> "results": [
> {
> "_ansible_ignore_errors": true,
> "_ansible_item_result": true,
> "_ansible_no_log": false,
> "_ansible_parsed": true,
> "changed": false,
> "failed": false,
> "instances": [
> {
> "ami_launch_index": "0",
> "architecture": "x86_64",
> "block_device_mapping": [
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbx",
> "status": "attached",
> "volume_id": "vol-003a86fc21a79d6de"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbs",
> "status": "attached",
> "volume_id": "vol-03d179813b791f975"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbr",
> "status": "attached",
> "volume_id": "vol-0ba220c9c6b283445"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbq",
> "status": "attached",
> "volume_id": "vol-0bb0c210af73393fd"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbp",
> "status": "attached",
> "volume_id": "vol-0c22ddab4d0f9e8b9"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbw",
> "status": "attached",
> "volume_id": "vol-01f2572a1c5b36bf7"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
> "device_name": "/dev/xvdbv",
> "status": "attached",
> "volume_id": "vol-09106be4cf4e4e5ca"
> },
> {
> "attach_time": "2019-02-11T15:33:45.000Z",
> "delete_on_termination": true,
>
[ansible-project] Re: Ansible - write only specific output
Hi, You must create file with extension .yml and beginning this file with "---" at the top. It's simply. And launch file with line command "ansible-playbook my_file.yml" This answer answers your question ? Thanks Le mercredi 13 février 2019 14:45:06 UTC+1, DM a écrit : > > How do you write to a file the output of a yaml? > > If possible, how do you only write to a file specific info if? > > Thanks > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/abf9f222-d5fe-4239-8f42-db0197c78d0c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] How to pass variable of in memory inventory to next plays using hostvars
How to pass variable of in memory inventory to following next plays using
hostvars.
"nfs_server" variable to be passed from play 2 to play 3 and these plays
are using in-memory inventories.
Play:1
- add_host:
name: "{{ group1_host }}"
groups: group1
Play 2:
- name:
hosts: group1
become: yes
tasks:
- name:
set_fact:
nfs_server: "{{ nfs_server }}"
- shell: /usr/sbin/exportfs -av 2> /dev/null | awk {'print $2'} | cut
-d ':' -f1 | grep -v '*'
register: nfs_clients_out
- add_host:
name: "{{ item }}"
group: "group 2"
with_items: "{{ nfs_clients_out.stdout_lines }}"
Play 3:
- name:
hosts: group2
become: yes
tasks:
- name: Fetch Variable from Previous Play
set_fact:
nfs_server: "{{ hostvars['item']['nfs_server'] }}"
with_items: "{{ groups['group1'] }}"
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/dcb03a73-afcf-4bb3-bd55-e9b68e185c3f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: select one and two caracter of variable
upp please !!
Someone have an idea please guy !!!
If my var = "jesuisla"
How get only "jesuis"
Thanks
Le mercredi 13 février 2019 10:26:22 UTC+1, ryad9...@gmail.com a écrit :
>
> Hi all,
>
> I don't now why this task not works:
>
> - set_fact:
> my_variable: "{{ ansible_user[0 and 1] + 'gis' if
> ansible_user!='wildfly' else 'wildfly' }}"
>
> But *ansible_user[0] + ansible_user[1]* works but i want one syntaxe
> shorter, exemple *ansible_user[0 and 1] *but this syntax not works !!
>
> Someone have an idea please guy !!
>
> Thank you very much
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/54c75584-be0b-4ef9-915b-cc987bea77fa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Ansible - write only specific output
How do you write to a file the output of a yaml? If possible, how do you only write to a file specific info if? Thanks -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/99b8f87d-3522-4643-8fd3-6a296f7cfbc6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
I think I found the solution, but maybe you can confirm: the python-openssl package on Debian is only for python2, and I am currently missing the python3-openssl package. I will install it and and let you know as soon as possible. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/857446e2-fc6f-4f0c-a119-19e6799fa7c5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
I suppose I will need to check on the Windows side the supported protocols/cyphers. Do you think running the following command would be sufficient (I can not do it today but maybe tomorrow) ? $ nmap --script ssl-enum-ciphers -p 5986 my-host -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ccd39a04-a188-4b9e-8b3b-fa6693a0569c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
Other information which might be useful (or not): Packages versions: openssl 1.1.1a-1, python-openssl 19.0.0-1 $ openssl ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM -SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA- CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256: DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384: DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE- RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256 -SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK- AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE- PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK- AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK- AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256: AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA- AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256 -CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK- AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK- AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128- CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128- CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA Regards, Yvan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1766df6c-6676-42ea-9855-58c3c36586a1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
Thanks for this very informative answer! But it seems the SSL library is not very old: $ python3 -c "import ssl; print(ssl.OPENSSL_VERSION)" OpenSSL 1.1.1a 20 Nov 2018 Maybe it is the contrary (SSL is too new on my side and does not accept old protocol/cypher)? -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d207-6198-481d-8fc0-eda439e4ac72%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[ansible-project] select one and two caracter of variable
Hi all,
I don't now why this task not works:
- set_fact:
my_variable: "{{ ansible_user[0 and 1] + 'gis' if
ansible_user!='wildfly' else 'wildfly' }}"
But *ansible_user[0] + ansible_user[1]* works but i want one syntaxe
shorter, exemple *ansible_user[0 and 1] *but this syntax not works !!
Someone have an idea please guy !!
Thank you very much
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/463f2487-1459-4bb5-a496-96dc265a173c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[ansible-project] Re: Does not run against windows targets anymore
That sounds like your Windows host has been updated recently and it's list of supported cipher suites or TLS protocols has changed. Unfortunately there's now no common cipher suites and TLS protocol versions between your linux and Windows host hence the message unsupported protocol. Ansible or pywinrm has no control over this as this all happens down deep in the Python layers and really even further into the OpenSSL provider. It sounds like your Python 3 has been compiled against an old OpenSSL version which doesn't support the protocol or cipher suites that is required. Are you able to run python3 -c "import ssl; print(ssl.OPENSSL_VERSION)" and post back the results here. Thanks Jordan -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/db608b18-f343-44f3-abf7-570f8556d693%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
