Re: [ansible-project] Ansible passwordless login not working

[Yehuda Pinhas]

*Hi,*
*Thank you for your answer. but its still not working*

*This is how my code looks like now:*
  ansible_ssh_common_args: 
-o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts 
  ansible_user: ansible
  ansible_password: ansible

*And here is my error now:*

[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml 
-v
ansible-playbook 2.9.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = 
[u'/home/ansible/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.5 (default, Aug  7 2019, 00:51:29) [GCC 4.8.5 
20150623 (Red Hat 4.8.5-39)]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
Parsed /etc/ansible/inventory/SNIF_AGGREGATOR.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/avaya.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/avaya.yml as it did not pass 
its verify_file() method
Skipping empty key (hosts) in group (avaya)
Parsed /etc/ansible/inventory/avaya.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/branch_switch.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/branch_switch.yml as it did 
not pass its verify_file() method
Parsed /etc/ansible/inventory/branch_switch.yml inventory source with yaml 
plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/nexus.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/nexus.yml as it did not pass 
its verify_file() method
Parsed /etc/ansible/inventory/nexus.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
Parsed /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml inventory 
source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
Parsed /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml inventory 
source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_10M)
Parsed /etc/ansible/inventory/snif_router_SoM_10M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_20M)
Parsed /etc/ansible/inventory/snif_router_SoM_20M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_40M)
Parsed /etc/ansible/inventory/snif_router_SoM_40M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_all.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_all.yml as it 
did not pass its verify_file() method
Parsed /etc/ansible/inventory/snif_router_all.yml inventory source with 
yaml plugin
Loading callback plugin default of type stdout, v2.0 from 
/usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc

PLAYBOOK: new_vlan_playbook.yml 

Re: [ansible-project] Ansible passwordless login not working

[Yehuda Pinhas]

*Hi,*
*Thank you for your answer. but its still not working*
*any idea why? *

*here is my error now:*

[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml 
-v
ansible-playbook 2.9.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = 
[u'/home/ansible/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.5 (default, Aug  7 2019, 00:51:29) [GCC 4.8.5 
20150623 (Red Hat 4.8.5-39)]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
Parsed /etc/ansible/inventory/SNIF_AGGREGATOR.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/avaya.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/avaya.yml as it did not pass 
its verify_file() method
Skipping empty key (hosts) in group (avaya)
Parsed /etc/ansible/inventory/avaya.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/branch_switch.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/branch_switch.yml as it did 
not pass its verify_file() method
Parsed /etc/ansible/inventory/branch_switch.yml inventory source with yaml 
plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/nexus.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/nexus.yml as it did not pass 
its verify_file() method
Parsed /etc/ansible/inventory/nexus.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
Parsed /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml inventory 
source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
Parsed /etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml inventory 
source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_10M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_10M)
Parsed /etc/ansible/inventory/snif_router_SoM_10M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_20M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_20M)
Parsed /etc/ansible/inventory/snif_router_SoM_20M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml 
as it did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_SoM_40M.yml as 
it did not pass its verify_file() method
Skipping empty key (hosts) in group (snif_router_SoM_40M)
Parsed /etc/ansible/inventory/snif_router_SoM_40M.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/snif_router_all.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/snif_router_all.yml as it 
did not pass its verify_file() method
Parsed /etc/ansible/inventory/snif_router_all.yml inventory source with 
yaml plugin
Loading callback plugin default of type stdout, v2.0 from 
/usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc

PLAYBOOK: new_vlan_playbook.yml 
***
Positional arguments: new_vlan_playbook.yml
become_method: sudo
inventory: 

Re: [ansible-project] Unable to print regex registered variable in Ansible

[Jean-Yves LENHOF]

Hi,

Perhaps you should better use slurp module to register the content of 
the file and do some regexp to print what you want on it...


https://docs.ansible.com/ansible/latest/modules/slurp_module.html#slurp-module

Regards,


Le 15/01/2020 à 06:34, Shifa Shaikh a écrit :
I wish to search for all entries of string starting with "SSLFile" or 
starting with"SSLFile" in a file(httpd.conf) and register 
it to a variable and print all the matches found.


The string is found as evident from the output and the file is not 
modified which is good; but I'm unable to print (debug) it. I get 
error as I try to print. Below is my playbook:


|
-name:Findentries
      lineinfile:
        path:"/tmp/httpd.conf"
        regexp:"\\sSSLFile.*"
        state:absent
      check_mode:yes
      changed_when:false
register:filedet

    - debug:
        msg: "{{ filedet }}"

-debug:
        msg:"{{ item.split()[1] }}"
      with_items:
-"{{ filedet.stdout_lines }}"
|

I get the below error when i run the playbook:


ok: [10.9.9.11] => {
"backup": "",
"changed": false,
"diff": [
{
"after": "",
"after_header": "/tmp/httpd.conf (content)",
"before": "",
"before_header": "/tmp/httpd.conf (content)"
},
{
"after_header": "/tmp/httpd.conf (file attributes)",
"before_header": "/tmp/httpd.conf (file attributes)"
}
],
"found": 1,
"invocation": {
"module_args": {
"attributes": null,
"backrefs": false,
"backup": false,
"content": null,
"create": false,
"delimiter": null,
"directory_mode": null,
"firstmatch": false,
"follow": false,
"force": null,
"group": null,
"insertafter": null,
"insertbefore": null,
"line": null,
"mode": null,
"owner": null,
"path": "/tmp/httpd.conf",
"regexp": "\\sSSLFile.*",
"remote_src": null,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "absent",
"unsafe_writes": null,
"validate": null
}
},
"msg": "1 line(s) removed"
} TASK [debug]
***
*task path: /app/test.yml:924
*ok: [10.9.9.11] => {
"msg": {
"backup": "",
"changed": false,
"diff": [
{
"after": "",
"after_header": "/tmp/httpd.conf (content)",
"before": "",
"before_header": "/tmp/httpd.conf (content)"
},
{
"after_header": "/tmp/httpd.conf (file attributes)",
"before_header": "/tmp/httpd.conf (file attributes)"
}
],
"failed": false,
"found": 1,
"msg": "1 line(s) removed"
}
} TASK [debug]
***
*task path: /app/test.yml:928
*fatal: [10.9.9.11]: FAILED! => {
"msg": "'dict object' has no attribute 'stdout_lines'"
}

Can you please suggest what is the correct way to print all the 
searched matched strings without modifying the file ? I wish to use 
the the registered variable to perform other actions later in the 
playbook.

--
You received this message because you are subscribed to the Google 
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to ansible-project+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/47deda2a-1a8c-4387-9a5b-d2ea548ad752%40googlegroups.com 
.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/82efc325-730b-bd86-9a11-8ead9a5d8713%40lenhof.eu.org.

[ansible-project] How to print all matched strings using Ansible regex

[Shifa Shaikh]

I wish to match all lines that begin with SSLFile or SSLFile in 
a file httpd.conf on a remote server and store the matched found strings in 
a variable for use later in the playbook.

Below is what i did.

- name: Find entries 
  shell: "cat /tmp/httpd.conf"
  register: filecontent

- name: Debug filecontentvar
  debug:
msg: "{{ filecontent  }}"

- name: Find certificate entries
  set_fact:
target: "{{ filecontent.stdout | regex_replace('\\sSSLFile.*, 
'\\1') }}"

Using debug verbose I was able to confirm that the filecontent variable 
gets the contents of the httpd.conf file of the remote host.

However, the variable called "target" does not get matched lines for 
searched string despite it being present and errors as below:

TASK [Find certificate entries] ***
>
> *task path: /app/test.yml:906*The full traceback is:
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", 
> line 144, in run
> res = self._execute()
> File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", 
> line 576, in _execute
> self._task.post_validate(templar=templar)
> File "/usr/lib/python2.7/site-packages/ansible/playbook/task.py", line 
> 268, in post_validate
> super(Task, self).post_validate(templar)
> File "/usr/lib/python2.7/site-packages/ansible/playbook/base.py", line 
> 384, in post_validate
> value = templar.template(getattr(self, name))
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 
> 584, in template
> disable_lookups=disable_lookups,
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 
> 539, in template
> disable_lookups=disable_lookups,
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 
> 773, in do_template
> data = _escape_backslashes(data, myenv)
> File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 
> 145, in _escape_backslashes
> for token in jinja_env.lex(d2):
> File "/usr/lib/python2.7/site-packages/jinja2/lexer.py", line 733, in 
> tokeniter
> name, filename)
> TemplateSyntaxError: unexpected char u'\\' at 64
> line 1 fatal: [10.9.9.11]: FAILED! => {
> "msg": "Unexpected failure during module execution.", 
> "stdout": ""
> }


I used https://regex101.com to confirm that my \sSSLFile.* condition is 
good and returns matches on my httpd.conf file.

Can you please suggest ?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/34cd7e11-6830-4b19-81c3-7a2d4731a0db%40googlegroups.com.

[ansible-project] Unable to print regex registered variable in Ansible

[Shifa Shaikh]

I wish to search for all entries of string starting with "SSLFile" or 
starting with "SSLFile" in a file(httpd.conf) and register it 
to a variable and print all the matches found. 

The string is found as evident from the output and the file is not modified 
which is good; but I'm unable to print (debug) it. I get error as I try to 
print. Below is my playbook:

- name: Find entries
  lineinfile:
path: "/tmp/httpd.conf"
regexp: "\\sSSLFile.*"
state: absent
  check_mode: yes
  changed_when: false
  register: filedet

- debug:
msg: "{{ filedet }}"

- debug:
msg: "{{ item.split()[1] }}"
  with_items:
- "{{ filedet.stdout_lines }}"

I get the below error when i run the playbook:


ok: [10.9.9.11] => {
> "backup": "", 
> "changed": false, 
> "diff": [
> {
> "after": "", 
> "after_header": "/tmp/httpd.conf (content)", 
> "before": "", 
> "before_header": "/tmp/httpd.conf (content)"
> }, 
> {
> "after_header": "/tmp/httpd.conf (file attributes)", 
> "before_header": "/tmp/httpd.conf (file attributes)"
> }
> ], 
> "found": 1, 
> "invocation": {
> "module_args": {
> "attributes": null, 
> "backrefs": false, 
> "backup": false, 
> "content": null, 
> "create": false, 
> "delimiter": null, 
> "directory_mode": null, 
> "firstmatch": false, 
> "follow": false, 
> "force": null, 
> "group": null, 
> "insertafter": null, 
> "insertbefore": null, 
> "line": null, 
> "mode": null, 
> "owner": null, 
> "path": "/tmp/httpd.conf", 
> "regexp": "\\sSSLFile.*", 
> "remote_src": null, 
> "selevel": null, 
> "serole": null, 
> "setype": null, 
> "seuser": null, 
> "src": null, 
> "state": "absent", 
> "unsafe_writes": null, 
> "validate": null
> }
> }, 
> "msg": "1 line(s) removed"
> } TASK [debug] 
> ***
>
> *task path: /app/test.yml:924*ok: [10.9.9.11] => {
> "msg": {
> "backup": "", 
> "changed": false, 
> "diff": [
> {
> "after": "", 
> "after_header": "/tmp/httpd.conf (content)", 
> "before": "", 
> "before_header": "/tmp/httpd.conf (content)"
> }, 
> {
> "after_header": "/tmp/httpd.conf (file attributes)", 
> "before_header": "/tmp/httpd.conf (file attributes)"
> }
> ], 
> "failed": false, 
> "found": 1, 
> "msg": "1 line(s) removed"
> }
> } TASK [debug] 
> ***
>
> *task path: /app/test.yml:928*fatal: [10.9.9.11]: FAILED! => {
> "msg": "'dict object' has no attribute 'stdout_lines'"
> }


Can you please suggest what is the correct way to print all the searched 
matched strings without modifying the file ? I wish to use the the 
registered variable to perform other actions later in the playbook.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/47deda2a-1a8c-4387-9a5b-d2ea548ad752%40googlegroups.com.

[ansible-project] parameterized roles which can import 1 or multiple dashboards based on requirements

[anilkumar panditi]

I have following ansible playbook ,which will import few dashboards in an 
iteration, but i am trying to import dashboard based on input 
parameter(like kafka,kubernetes etc).

could anyone help please.

-Playbook:
-
--
- name: Import Grafana dashboard
  grafana_dashboard:
grafana_url: :3000
state: present
message: Updated by ansible
overwrite: yes
path: "{{ item }}"
  with_items:
  - /home/centos/1-12-dc-os-global-kafka-dashboard_rev4.json
  - 
/home/centos/1-kubernetes-deployment-statefulset-daemonset-metrics_rev1.json
  - 
/home/centos/Kubernetes-cluster-monitoring-via-Prometheus-DICE-test.json
 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f40186b8-667f-4ae0-b47a-3496a9077c48%40googlegroups.com.

Re: [ansible-project] Gathering Facts hangs when using become

[Chris Thro]

Thank you. I did the strace and it shows that it is just repeating the same 
two lines over and over again.
select(7, [4 6], [], [4 6], {1, 0}) = 0 (Timeout)
wait4(29548, 0x7fff6a145c84, WNOHANG, NULL) = 0

When I checked the details of the select I get the following:
lsof -p 10984 -ad 4,6
COMMAND PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME
python2.7 10984 root4r  FIFO0,7  0t0 819132068 pipe
python2.7 10984 root6r  FIFO0,7  0t0 819132069 pipe


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5c68bcd9-1bec-4a46-a988-73b9542a15ee%40googlegroups.com.

Re: [ansible-project] Does current Ansible support templates macro?

[Vladimir Botka]

On Tue, 14 Jan 2020 13:27:45 -0800 (PST)
Xinhuan Zheng  wrote:

> ... However, I don't understand what it is doing in line:
> {% from "templates/encoder/macros/ini_encode_macro.j2" import ini_encode 
> with context -%}

This link to the Jinja doc will help you
https://jinja.palletsprojects.com/en/2.10.x/templates/#import

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114234210.6490504c%40gmail.com.


pgpO2w3ohWCqq.pgp
Description: OpenPGP digital signature

[ansible-project] Re: Windows mapped drives – what the hell is going on?

['J Hawkesworth' via Ansible Project]

Having a file server mounted on lots of windows client pcs is a common 
pattern in windows shops but I decided to use a web server and make the 
windows client machines collect the apps they need using win_get_url 
module.  
Hope this helps,
Jon


On Tuesday, January 14, 2020 at 1:57:40 PM UTC, Pjotr Banas wrote:
>
> Hello experts, 
>
> I was trying to reach Jordan on his blog: 
> http://www.bloggingforlogging.com/2018/11/22/windows-mapped-drives-what-the-hell-is-going-on/#comment-178
>  ,but 
> I see that comments are closed, so maybe here someone can help me with my 
> issue:
>
>
> I've read article from the blog and I've tried to understand it, but I'm 
> still confued. Probably due to low level of win knowledge...
> Could you try to help me and try to answer to my questions in simple 
> words(?)
>
> My scenario: I've several dozen win VMs deployed for my team, we thought 
> that the good idea is to use Ansible to confiure and customize them for our 
> purposes inlcuding network drive mapping (later using it as a repo with 
> apps/scripts which we want to install/use on VMs using Ansible). VMs are 
> deployed by internal network team and what we get is a clean windows VM 
> with domain username and pass. Mapped drive should be visible for mentioned 
> domain user after logon to VM using RDP. Ansible has been instaled and 
> configure succesfully - connection with VMs working well. Due to some 
> 'probably' security policy and network configuration only one way of auth 
> option was to use NTLM.
>
> Of course, it's possible to map network drive on every VM using RDP with 
> mentioned domain user.
>
> --- Network drive ---
>
> \\bellagio.intra.vegas.net\how\the\hell\to\solve\this\issue
>
> --- Ansible hosts ---
>
> [winhost]
> 99.88.77.66
> 99.88.77.65
>
> [winhost:vars]
> ansible_user=el...@intra.vegas.net 
> ansible_password=elvis123
> ansible_connection=winrm
> ansible_winrm_transport=ntlm
> ansible_winrm_message_encryption=always
> ansible_winrm_server_cert_validation=ignore
>
> Is it possible:
> 1) to use Ansible to map this network drive automatically in all VMs for 
> the domain user (mapped drive should be visible after VM reboots, during 
> every RDP sessions using this credentials?
>
> 2) to use this mapped drive as a 'repo place' for future purposes - to 
> copy scrips, apps from this drive to VMs using Ansible?
>
> Best regards, Peter 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/69e98077-66e3-4cdd-9a52-9f464cdfeb59%40googlegroups.com.

[ansible-project] Re: ansible communication to windows

[Jordan Borean]

CredSSP send the user accounts password across the wire but it is 
definitely not in the clear. It is "wrapped" which means it's encrypted and 
the Windows host can decrypt the value. This is unlike other authentication 
formats where typically only a hash or shared secret known only to the 
client and server are exchanged. So in that sense, CredSSP is not as secure 
as say Kerberos but the advantage is now the remote process can use those 
credentials for further authentication and bypassing the double hop problem.

Ultimately it's a trade off with what you need, if you are in a domain 
environment you should be using Kerberos. If it's local accounts then you 
should be using HTTPS at least then either NTLM or CredSSP depending on 
your needs.

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bcdfd059-0b36-4549-ae7a-34bb14385596%40googlegroups.com.

[ansible-project] ansible communication to windows

[Olivier SECRET]

Hello,

I discovered ansible recently.

I would like to use the ansible for the deployment of software on a fleet 
under Windows 7 and 10.

I plan to use CredSSP authentication in order to use a local account on the 
target machines.

On the server hosting ansible, I installed via pip3 the request-credssp 
packages as well as pywinrm.
On the client computer I run the script 
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

I have made several attempts to configure with more or less success.

I came across an article which signals that credssp poses security risks 
because the password is sent in the clear over the network.

I am seeking the help of the community in order to successfully configure a 
secure way to communicate between Windows and ansible clients.

Thanks in advance for the help

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8b225603-9abf-43c4-a584-cfa47215abed%40googlegroups.com.

[ansible-project] ansible communication to windows

[Olivier SECRET]

Hello,

I discovered ansible recently.

I would like to use the ansible for the deployment of software on a fleet
under Windows 7 and 10.

I plan to use CredSSP authentication in order to use a local account on the
target machines.

On the server hosting ansible, I installed via pip3 the request-credssp
packages as well as pywinrm.
On the client computer I run the script
https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

I have made several attempts to configure with more or less success.

I came across an article which signals that credssp poses security risks
because the password is sent in the clear over the network.

I am seeking the help of the community in order to successfully configure a
secure way to communicate between Windows and ansible clients.

Thanks in advance for the help

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAOZ_JydBzXK_%2Bor5tomXxx04%2BMjPzODhtVmS71%3DOjF%3DUmA4JqQ%40mail.gmail.com.

[ansible-project] Does current Ansible support templates macro?

[Xinhuan Zheng]

Hello,

I'm working on a role for system SSSD daemon. I found this piece of code 
online:
https://github.com/picotrading/ansible-sssd/blob/master/templates/sssd.conf.j2

I have defined my own sssd_config variable in my role's defaults directory, 
so I'd like to use that piece of code. That code is neat. However, I don't 
understand what it is doing in line:
{% from "templates/encoder/macros/ini_encode_macro.j2" import ini_encode 
with context -%}

Also does current Ansible support templates macro like above?

If it doesn't, then sssd_config variable is a large dictionary map, with 
INI-style different sections. What really needs to happen is based on that 
variable, change it to use = symbol as delimiter for each INI section. For 
example:

sssd_config:
  sssd:
debug_level: 1
config_file_version: 2
...

Then the produced sssd.conf file would look like below:

[sssd]
debug_level=1
config_file_version=2

Thank you,

Xinhuan Zheng


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8604b2d6-8af5-476a-a9be-74439659f806%40googlegroups.com.

Re: [ansible-project] debug msg ignore other results.

[alicia]

For more details, see the section on “Adding controls to loops” here:

https://docs.ansible.com/ansible/devel/user_guide/playbooks_loops.html 




> On Jan 14, 2020, at 6:36 AM, Jegan A  wrote:
> 
> Thanks a lot. It is working for me.
> 
> On Tuesday, January 14, 2020 at 3:03:12 PM UTC+5:30, James Cassell wrote:
> 
> On Tue, Jan 14, 2020, at 12:48 AM, Jegan A wrote: 
> > Hello Team, 
> > 
> >  I am iterating register result using debug and loop but it prints 
> > other variable result as well how to ignore that one while printing 
> > value which I want Below is the sample results. Cloud you please help 
> > me on this issues. I just want to print value of 
> > "item.invocation.module_args.volume_id" and ignore other results. 
> > 
> > 
> > 
> > - debug: 
> >  msg: "{{ item.invocation.module_args.volume_id }}" 
> >  register: unused_block 
> >  with_items: "{{result_1.results}}" 
> >  when: item.volume_attachments | length == 0 
> > 
> > 
> > debug result 
> > 
> > TASK [debug] 
> > *
> >  
> > skipping: [localhost] => (item={'failed': False, 'ansible_loop_var': 
> > u'item', u'volume_attachments': [{u'chap_username': None, 
> > u'time_created': u'2019-12-26T09:38:51.785000+00:00', u'is_read_only': 
> > False, u'volume_id': u'', u'device': None, u'xxx', 
> > u'lifecycle_state': u'ATTACHED', u'availability_domain': u'xx', 
> > u'display_name': u'volumeattachment20191226093851', u'compartment_id': 
> > u'', u'port': 3260, u'instance_id': 
> > u'x', u'iqn': u'x', 
> > u'is_pv_encryption_in_transit_enabled': False, u'attachment_type': 
> > u'iscsi', u'chap_secret': None, u'ipv4': u'169.254.2.2'}], 'item': 
> > u'xxx', u'invocation': {u'module_args': 
> > {u'auth_type': u'api_key', u'api_user_key_pass_phrase': None, 
> > u'availability_domain': None, u'display_name': None, 
> > u'config_profile_name': u'root', u'compartment_id': u'xxx', 
> > u'region': None, u'volume_id': u'xxx', 
> > u'instance_id': None, u'tenancy': None, u'api_user_key_file': None, 
> > u'api_user_fingerprint': None, u'api_user': None, 
> > u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> > None}}, 'changed': False, 'ansible_facts': 
> > {u'discovered_interpreter_python': u'/usr/bin/python'}}) 
> > 
> > ok: [localhost] => (item={'failed': False, 'ansible_loop_var': u'item', 
> > u'volume_attachments': [], 'item': u'', 
> > u'invocation': {u'module_args': {u'auth_type': u'api_key', 
> > u'api_user_key_pass_phrase': None, u'availability_domain': None, 
> > u'display_name': None, u'config_profile_name': u'root', 
> > u'compartment_id': u'xx', u'region': None, 
> > u'volume_id': u'xxx', u'instance_id': 
> > None, u'tenancy': None, u'api_user_key_file': None, 
> > u'api_user_fingerprint': None, u'api_user': None, 
> > u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> > None}}, 'changed': False}) => { 
> >  "msg": "xx" 
> > } 
> > 
> > 
> 
> loop_control: 
>   label: "{{ item.invocation.module_args.volume_id }}" 
> 
> Or similar. 
> 
> V/r, 
> James Cassell 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/f46e6744-4e77-4f23-a5a0-51997c98932e%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5A36343B-253E-4D64-8273-B456C5261CDD%40redhat.com.

Re: [ansible-project] ansible ignore_errors: yes

[alicia]

For more information on controlling what Ansible sees as a failure and how it 
responds, see 

https://docs.ansible.com/ansible/devel/user_guide/playbooks_error_handling.html 


Hope this helps,
Alicia

> On Jan 14, 2020, at 10:57 AM, Vladimir Botka  wrote:
> 
> On Tue, 14 Jan 2020 08:30:49 -0800 (PST)
> Karther  wrote:
> 
>> I would like to know if possible there is a parameter same ignore_errors 
>> but not display on screen message error in red …
> 
> Use 'rescue' section. See "Blocks error handling"
> https://docs.ansible.com/ansible/latest/user_guide/playbooks_blocks.html#blocks-error-handling
> 
> It's possible to 'clear_host_errors' and 'end host' gracefully. See "meta"
> https://docs.ansible.com/ansible/latest/modules/meta_module.html#meta-execute-ansible-actions
> 
> HTH
> 
>   -vlado
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/20200114175744.0fa9ea83%40gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/E3647189-3F45-47CE-9FAA-61ED90893160%40redhat.com.

[ansible-project] Re: Windows mapped drives – what the hell is going on?

[Jordan Borean]

Hi, the blog is still accepting comments, I just need to approve them so it 
doesn't get spammed.

As for your issue at hand.

1) to use Ansible to map this network drive automatically in all VMs for 
> the domain user (mapped drive should be visible after VM reboots, during 
> every RDP sessions using this credentials?
>

You should be using the win_mapped_drive  to create the mapping for the 
user you want. This should be as simple as

- win_mapped_drive:
name: Z
path: \\bellagio.infra.vegas.net\how\the\hell\to\solve\this\issue
state: present
  become: yes
  become_method: runas
  vars:
ansible_become_user: '{{ ansible_user }}'
ansible_become_pass: '{{ ansible_password }}'

Because you are using NTLM authentication, the task will not be able to 
access the network path so become is being used to bypass that limitation. 
If you are connecting with Ansible to one account but want the mapped drive 
for another, change the become user/pass vars to the account in question. 
What this task will do is create the mapped drive Z for the become user and 
that drive will appear when they log on locally. When they try and access 
it locally it will use their logon credentials to access the UNC path.

If you need to connect to the UNC path with custom credentials you can add 
the following task *before* the win_mapped_drive one.

- win_credential:
name: bellagio.infra.vegas.net
type: domain_password
username: custom user
secret: password
state: present
  become: yes
  become_method: runas
  vars:
ansible_become_user: '{{ ansible_user }}'
ansible_become_pass: '{{ ansible_password }}'

This task creates a credential for that host in the become user's 
credential manager and it is used for any outbound authentication attempts 
on that particular host. This enables you to save a credential for a 
network host and then use that credential for the mapped drive. Once again 
become is important for this task to work as the credential manager can 
only be accessed through become when using WinRM. The win_credential module 
is pretty much a wrapper for the same functionality that cmdkey.exe offers 
[1].

2) to use this mapped drive as a 'repo place' for future purposes - to copy 
> scrips, apps from this drive to VMs using Ansible?
>

This is not possible, ultimately it is next to impossible to do. A network 
logon like WinRM will not mount the network mounts for you so even with 
become it won't appear in Ansible. Technically it is possible to create a 
"global" mapped drive which always appears but credential management in 
this scenario is not ideal. I would highly recommend you don't create a 
global mount at all, the blog post does mention how it can be possible 
though.

For your problem, you should always use the full UNC path in your Ansible 
scripts. This is beneficial for a few reasons

   1. You are not relying on the host to be setup in a particular method 
   for your Ansible scripts to work
   2. The Ansible playbook is self documenting as to where it is 
   referencing a file rather than something trying to figure out 'M:\path' 
   refers to this network host
   3. Mapped drives are a pain and are really only designed for interactive 
   setups, which Ansible is not

If you just don't want to type out the full path for each task, use an 
Ansible fact/variable that references the UNC path for you. If you are 
having trouble trying to connect to a UNC path that's probably due to the 
double hop problem with WinRM. See our documentation for more info on how 
to overcome the double hop problem [2].

[1] - 
https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/cmdkey
[2] - 
https://docs.ansible.com/ansible/latest/user_guide/windows_winrm.html#limitations

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bffc2e28-919f-45c2-95b3-2df192450579%40googlegroups.com.

Re: [ansible-project] ansible ignore_errors: yes

[Vladimir Botka]

On Tue, 14 Jan 2020 08:30:49 -0800 (PST)
Karther  wrote:

> I would like to know if possible there is a parameter same ignore_errors 
> but not display on screen message error in red ...

Use 'rescue' section. See "Blocks error handling"
https://docs.ansible.com/ansible/latest/user_guide/playbooks_blocks.html#blocks-error-handling

It's possible to 'clear_host_errors' and 'end host' gracefully. See "meta"
https://docs.ansible.com/ansible/latest/modules/meta_module.html#meta-execute-ansible-actions

HTH

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114175744.0fa9ea83%40gmail.com.


pgpMox9pexEGa.pgp
Description: OpenPGP digital signature

Re: [ansible-project] Ansible passwordless login not working

[Vladimir Botka]

On Tue, 14 Jan 2020 06:38:34 -0800 (PST)
Yehuda Pinhas  wrote:

> *Here is my code on my /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml 
> file:*
>   ansible_ssh_common_args: 
> -o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts 
>   ansible_user: ansible
>   ansible_pass: ansible

`ansible_password` is the correct name of the variable. See "Common inventory
variables"
https://docs.ansible.com/ansible/latest/network/user_guide/network_best_practices_2.5.html?highlight=password#common-inventory-variables

HTH,

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114173346.784e61e1%40gmail.com.


pgp4qMCL8wjid.pgp
Description: OpenPGP digital signature

[ansible-project] ansible ignore_errors: yes

[Karther]

Hey community Ansible !! :)


I would like to know if possible there is a parameter same ignore_errors 
but not display on screen message error in red ...

The problem with *ignore_errors: yes*   is that when there is one error in 
this task, the message error is display in red ...

Can you help me please !!! ^_^

Thanks you very much community Ansible !! :)

Best regards,

Karther

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/03de4f5a-5f22-415f-bbfe-56f07e230485%40googlegroups.com.

[ansible-project] Re: Ansible ios_command: copy tftp: flash: keeps sending IOS file data until timeout

[Gerry Maddock]

Below is the playbook to enable scp on switches/routers:

 tasks:
- name: IOS CONFIG 1a
  ios_config:
lines:
  - ip scp server enable


On Tuesday, January 14, 2020 at 11:14:59 AM UTC-5, Gerry Maddock wrote:
>
> I had the same issue, I ended up using scp:
> - name: COPY OVER IOS IMAGE
> command: "firmwarename.bin 
> {{inventory_hostname}}:flash:/firmwarename.bin"
>
> I ran a separate playbook 1st to enable scp on the switches.
>
>
> On Sunday, June 16, 2019 at 11:02:24 AM UTC-4, Frankie Soto wrote:
>>
>> Hi!
>>
>> I am trying to automate the process of upgrading IOS on Cisco devices.
>>
>> Everything seems to be working fine until the process of copying the file 
>> begins.
>>
>> The issue I am encountering is that ansible keeps sending data (I assume 
>> it keeps sending the same file a couple of times in a stream) to the IOS 
>> device.
>>
>> I noticed this issue when I logged in to one of the switches to which I 
>> am trying to upgrade and saw how the file keeps growing and growing, to up 
>> to four times its size (i.e. filesize is ~ 21k but it was growing already 
>> on th 80k+).
>>
>> Process ends when the "timeout" time is reached.  Subsequently, the file 
>> gets deleted from the switch, as the switches interprets that the file 
>> transfer was interrupted.
>>
>>
>> Here is y core.  Any help will be much appreciated:
>>
>> ---
>> - hosts: [HOSTS]
>>   gather_facts: yes
>>   connection: local
>>
>>   vars:
>> compliant_ios_version: 15.2(4)E8
>> new_ios_bin: c3560cx-universalk9-mz.152-4.E8.bin
>> new_ios_md5: bf2f1960b1fe0a05bdc69e17d82fcfed
>> should_reboot: YES
>>
>>   vars_prompt:
>>   - name: username
>> prompt: "Enter username: "
>> private: no
>>
>>   - name: password
>> prompt: "Enter password: "
>> private: yes
>>
>>   - name: auth_pass
>> prompt: "Enter enable secret: "
>> private: yes
>>
>>   tasks:
>>
>>   - name: gathering HOSTS facts
>> ios_facts:
>>   username: "{{ username }}"
>>   password: "{{ password }}"
>>   authorize: yes
>>   auth_pass: "{{ auth_pass }}"
>>   timeout: 30
>> register: all_facts
>>
>>   - name:  Verifying if file exists in flash
>> ios_command:
>>   commands:
>> - command: dir | include "{{ new_ios_bin }}"
>>   username: "{{ username }}"
>>   password: "{{ password }}"
>>   authorize: yes
>>   auth_pass: "{{ auth_pass }}"
>>   timeout: 30
>> register: new_ios_on_flash
>>
>>   - name:  Debugging new_ios_on_flash
>> debug:
>>   msg: new ios is flash is "{{ new_ios_on_flash }}"
>>
>>   - name: Starting IOS upgrade process
>> block:
>>
>> - name: Upgrade IOS images if not compliant
>>   block:
>>   - name:  Download new IOS image if it is not already on flash
>> ios_command:
>>   commands:
>> - command: 'copy tftp://
>> 55.44.246.96/c3560cx-universalk9-mz.152-4.E8.bin flash:'
>>   prompt: 'c3560cx-universalk9-mz.152-4.E8.bin'
>>   answer: "\r"
>>   username: "{{ username }}"
>>   password: "{{ password }}"
>>   authorize: yes
>>   auth_pass: "{{ auth_pass }}"
>>   timeout: 600
>>   when: new_ios_on_flash.stdout[0] == ""
>>
>> - name: Checking MD5 hash
>>   ios_command:
>> commands:
>> - command: "verify /md5 flash:/{{ new_ios_bin }}"
>> username: "{{ username }}"
>> password: "{{ password }}"
>> authorize: yes
>> auth_pass: "{{ auth_pass }}"
>> timeout: 3000
>>   register: md5_result
>>
>> - name:  Set boot var if MD5 matches
>>   block:
>>   - name:  Changing boot var
>> ios_config:
>>   lines:
>> - default boot system
>> - boot system flash:/"{{ new_ios_bin }}"
>>   username: "{{ username }}"
>>   password: "{{ password }}"
>>   authorize: yes
>>   auth_pass: "{{ auth_pass }}"
>>   save_when: always
>>   timeout: 150
>> register: new_ios_on_flash
>>
>>   - name:  Setting boot var
>> ios_command:
>>   commands:
>>   - command: "reload at 23:00\ny"
>>   username: "{{ username }}"
>>   password: "{{ password }}"
>>   authorize: yes
>>   auth_pass: "{{ auth_pass }}"
>>   timeout: 30
>>
>>   when: md5_result.stdout[0][-32:] == new_ios_md5
>>
>> when: ansible_net_version != compliant_ios_version
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ee7b349f-a194-4ede-9709-60a20737b0df%40googlegroups.com.

Re: [ansible-project] Create file who is in my csv file

[Vladimir Botka]

On Tue, 14 Jan 2020 06:57:06 -0800 (PST)
Karther  wrote:

> Maybe 2.8.0.dev0 is not good version ? It's not same that version 2.8.0 ?

This looks suspicious. Upgrade to the latest stable version in your distro.
Probably 2.9.0 ? See "Release and maintenance"
https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114171443.14e8c087%40gmail.com.


pgpNjcamQVUWn.pgp
Description: OpenPGP digital signature

[ansible-project] Re: Ansible ios_command: copy tftp: flash: keeps sending IOS file data until timeout

[Gerry Maddock]

I had the same issue, I ended up using scp:
- name: COPY OVER IOS IMAGE
command: "firmwarename.bin 
{{inventory_hostname}}:flash:/firmwarename.bin"

I ran a separate playbook 1st to enable scp on the switches.


On Sunday, June 16, 2019 at 11:02:24 AM UTC-4, Frankie Soto wrote:
>
> Hi!
>
> I am trying to automate the process of upgrading IOS on Cisco devices.
>
> Everything seems to be working fine until the process of copying the file 
> begins.
>
> The issue I am encountering is that ansible keeps sending data (I assume 
> it keeps sending the same file a couple of times in a stream) to the IOS 
> device.
>
> I noticed this issue when I logged in to one of the switches to which I am 
> trying to upgrade and saw how the file keeps growing and growing, to up to 
> four times its size (i.e. filesize is ~ 21k but it was growing already on 
> th 80k+).
>
> Process ends when the "timeout" time is reached.  Subsequently, the file 
> gets deleted from the switch, as the switches interprets that the file 
> transfer was interrupted.
>
>
> Here is y core.  Any help will be much appreciated:
>
> ---
> - hosts: [HOSTS]
>   gather_facts: yes
>   connection: local
>
>   vars:
> compliant_ios_version: 15.2(4)E8
> new_ios_bin: c3560cx-universalk9-mz.152-4.E8.bin
> new_ios_md5: bf2f1960b1fe0a05bdc69e17d82fcfed
> should_reboot: YES
>
>   vars_prompt:
>   - name: username
> prompt: "Enter username: "
> private: no
>
>   - name: password
> prompt: "Enter password: "
> private: yes
>
>   - name: auth_pass
> prompt: "Enter enable secret: "
> private: yes
>
>   tasks:
>
>   - name: gathering HOSTS facts
> ios_facts:
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
> register: all_facts
>
>   - name:  Verifying if file exists in flash
> ios_command:
>   commands:
> - command: dir | include "{{ new_ios_bin }}"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
> register: new_ios_on_flash
>
>   - name:  Debugging new_ios_on_flash
> debug:
>   msg: new ios is flash is "{{ new_ios_on_flash }}"
>
>   - name: Starting IOS upgrade process
> block:
>
> - name: Upgrade IOS images if not compliant
>   block:
>   - name:  Download new IOS image if it is not already on flash
> ios_command:
>   commands:
> - command: 'copy tftp://
> 55.44.246.96/c3560cx-universalk9-mz.152-4.E8.bin flash:'
>   prompt: 'c3560cx-universalk9-mz.152-4.E8.bin'
>   answer: "\r"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 600
>   when: new_ios_on_flash.stdout[0] == ""
>
> - name: Checking MD5 hash
>   ios_command:
> commands:
> - command: "verify /md5 flash:/{{ new_ios_bin }}"
> username: "{{ username }}"
> password: "{{ password }}"
> authorize: yes
> auth_pass: "{{ auth_pass }}"
> timeout: 3000
>   register: md5_result
>
> - name:  Set boot var if MD5 matches
>   block:
>   - name:  Changing boot var
> ios_config:
>   lines:
> - default boot system
> - boot system flash:/"{{ new_ios_bin }}"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   save_when: always
>   timeout: 150
> register: new_ios_on_flash
>
>   - name:  Setting boot var
> ios_command:
>   commands:
>   - command: "reload at 23:00\ny"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
>
>   when: md5_result.stdout[0][-32:] == new_ios_md5
>
> when: ansible_net_version != compliant_ios_version
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7e34999e-75d9-4681-93f8-db53f7dbb19b%40googlegroups.com.

[ansible-project] win_robocopy using remote windows share as src

[Gerry Maddock]

I'm trying to get the following to run:

--

- name:  backup
  hosts: prod-2016
  gather_facts: false
  tasks:
- name: Backup share
  win_robocopy:
src: "\\10.5.1.248\\Data"
dest: "Z:\\stuff\\IT_Backup\\CIF\\Data"
remote_src: yes
recurse: yes
purge: yes

I get the following error:

fatal: [prod-2016]: FAILED! => {"changed": false, "dest": 
"Z:\\stuff\\IT_Backup\\CIF\\Data", "msg": "\\10.5.1.248\\Data does not 
exist!", "purge": true, "recurse": true, "src": "\\10.5.1.248\\Data"}

I added remote_src: yes as suggested in searches, but still no luck. The 
src is is an actual CIF server running directly on a NetAPP SAN (SVM), so I 
don't have root access or anything to it...Just CIFS access.



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/96757e08-d70c-4a3d-920c-c0830409a869%40googlegroups.com.

Re: [ansible-project] Create file who is in my csv file

[Karther]

Hello Visser,

My version is :

*ansible 2.8.0.dev0*
*  config file = /etc/ansible/ansible.cfg*
*  configured module search path = [u'/usr/share/ansible']*
*  ansible python module location = 
/usr/local/lib/python2.7/dist-packages/ansible*
*  executable location = /var/ansible/bin/ansible*
*  python version = 2.7.9 (default, Sep 14 2019, 20:00:08) [GCC 4.9.2]*

Maybe 2.8.0.dev0 is not good version ? It's not same that version 2.8.0 ?

Thanks for your answers !! :)

Best regards,

Karther


Le mardi 14 janvier 2020 15:33:03 UTC+1, Dick Visser a écrit :
>
> Ansible too old? 
> read_csv is available from 2.8 
>
> On Tue, 14 Jan 2020 at 15:30, Karther > 
> wrote: 
> > 
> > And, 
> > 
> > I have this problem only with module read_csv it's very strange ... 
> > all parameters are well indented 
> > 
> > Can you help me please ... 
> > 
> > Best regards, 
> > 
> > Karther 
> > 
> > Le mardi 14 janvier 2020 15:07:11 UTC+1, Karther a écrit : 
> >> 
> >> Hey Vladimir, 
> >> 
> >> The error is : 
> >> 
> >> ERROR! no action detected in task. This often indicates a misspelled 
> module name, or incorrect module path. 
> >> 
> >> The error appears to have been in 
> '/home/ansible/mssql_query/roles/tasks/main.yml': line 36, column 3, but 
> may 
> >> be elsewhere in the file depending on the exact syntax problem. 
> >> 
> >> The offending line appears to be: 
> >> 
> >> - name: "Read users from CSV file and return a list" 
> >>   ^ here 
> >> 
> >> Thanks for your help !! :) 
> >> 
> >> Best regards, 
> >> 
> >> Karther 
> >> 
> >> 
> >> Le mardi 14 janvier 2020 14:12:28 UTC+1, Vladimir Botka a écrit : 
> >>> 
> >>> On Tue, 14 Jan 2020 05:00:35 -0800 (PST) 
> >>> Karther  wrote: 
> >>> 
> >>> > My problem is that there is problem of syntax with module read_csv: 
> >>> > 
> >>> > *- name: "Read users from CSV file and return a list"* 
> >>> > *  read_csv:* 
> >>> > * path: /home/ansible/mssql_query/roles/files/csv_file.csv* 
> >>> > * delimiter: ','* 
> >>> > *  register: file_csv* 
> >>> > *  delegate_to: localhost* 
> >>> 
> >>> The syntax seems to be OK. Could you disclose the details of the error 
> >>> message? 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/4e41628c-9acf-41cb-a283-aac57832d976%40googlegroups.com.
>  
>
>
>
>
> -- 
> Dick Visser 
> Trust & Identity Service Operations Manager 
> GÉANT 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/79719df2-c7e9-4a71-833a-17c59d89a4e4%40googlegroups.com.

[ansible-project] Ansible passwordless login not working

[Yehuda Pinhas]

*Hi!!*
*Here is my code on my /etc/ansible/roles/new_vlan/vars/new_vlan_vars.yml 
file:*
  ansible_ssh_common_args: 
-o StrictHostKeyChecking=no -o UserKnownHostsFile=~/.ssh/known_hosts 
  ansible_user: ansible
  ansible_pass: ansible

*I want to disable the SSH authenticity of host check, and I dont want to 
use public and private keys for ssh.. I want to specify the username and 
password as modules/variables w/e...*

*Its not working I think ansible doesn't use the username and password 
ansible for some reason.*





*This is my error:*

[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml

PLAY [---   1. Applying Layer 2 Configuration  
 ---] 
**

TASK [Gathering Facts] 

ok: [R-TEST-SNIF]

TASK [include_vars] 
***
ok: [R-TEST-SNIF]

TASK [include_role : new_vlan] 


TASK [new_vlan : ---   1. Show VLAN   --] 
*
fatal: [R-TEST-SNIF]: FAILED! => {"changed": false, "msg": "command timeout 
triggered, timeout value is 10 secs.\nSee the timeout setting options in 
the Network Debug and Troubleshooting Guide."}

PLAY RECAP 

R-TEST-SNIF: ok=2changed=0unreachable=0
failed=1skipped=0rescued=0ignored=0   

[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ 
[ansible@Netauto-Dev new_vlan]$ ansible-playbook new_vlan_playbook.yml 
-v
ansible-playbook 2.9.1
  config file = /etc/ansible/ansible.cfg
  configured module search path = 
[u'/home/ansible/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.5 (default, Aug  7 2019, 00:51:29) [GCC 4.8.5 
20150623 (Red Hat 4.8.5-39)]
Using /etc/ansible/ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/POC_ENV.yml as it did not 
pass its verify_file() method
Parsed /etc/ansible/inventory/POC_ENV.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/SNIF_AGGREGATOR.yml as it 
did not pass its verify_file() method
Parsed /etc/ansible/inventory/SNIF_AGGREGATOR.yml inventory source with 
yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/avaya.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/avaya.yml as it did not pass 
its verify_file() method
Skipping empty key (hosts) in group (avaya)
Parsed /etc/ansible/inventory/avaya.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/branch_switch.yml as it 
did not pass its verify_file() method
script declined parsing /etc/ansible/inventory/branch_switch.yml as it did 
not pass its verify_file() method
Parsed /etc/ansible/inventory/branch_switch.yml inventory source with yaml 
plugin
setting up inventory plugins
host_list declined parsing /etc/ansible/inventory/nexus.yml as it did not 
pass its verify_file() method
script declined parsing /etc/ansible/inventory/nexus.yml as it did not pass 
its verify_file() method
Parsed /etc/ansible/inventory/nexus.yml inventory source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml as it did not pass its 
verify_file() method
Parsed /etc/ansible/inventory/snif_router_IPVPN_20M_50M.yml inventory 
source with yaml plugin
setting up inventory plugins
host_list declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
script declined parsing 
/etc/ansible/inventory/snif_router_IPVPN_8M_10M_200M.yml as it did not pass 
its verify_file() method
Parsed 

Re: [ansible-project] Create file who is in my csv file

[Karther]

And,

I have this problem only with module read_csv it's very strange ...
all parameters are well indented

Can you help me please ...

Best regards,

Karther

Le mardi 14 janvier 2020 15:07:11 UTC+1, Karther a écrit :
>
> Hey Vladimir,
>
> The error is :
>
> *ERROR! no action detected in task. This often indicates a misspelled 
> module name, or incorrect module path.*
>
> *The error appears to have been in 
> '/home/ansible/mssql_query/roles/tasks/main.yml': line 36, column 3, but 
> may*
> *be elsewhere in the file depending on the exact syntax problem.*
>
> *The offending line appears to be:*
>
> *- name: "Read users from CSV file and return a list"*
> *  ^ here*
>
> Thanks for your help !! :)
>
> Best regards,
>
> Karther
>
>
> Le mardi 14 janvier 2020 14:12:28 UTC+1, Vladimir Botka a écrit :
>>
>> On Tue, 14 Jan 2020 05:00:35 -0800 (PST) 
>> Karther  wrote: 
>>
>> > My problem is that there is problem of syntax with module read_csv: 
>> > 
>> > *- name: "Read users from CSV file and return a list"* 
>> > *  read_csv:* 
>> > * path: /home/ansible/mssql_query/roles/files/csv_file.csv* 
>> > * delimiter: ','* 
>> > *  register: file_csv* 
>> > *  delegate_to: localhost* 
>>
>> The syntax seems to be OK. Could you disclose the details of the error 
>> message? 
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4e41628c-9acf-41cb-a283-aac57832d976%40googlegroups.com.

Re: [ansible-project] Create file who is in my csv file

[Karther]

Hey Vladimir,

The error is :

*ERROR! no action detected in task. This often indicates a misspelled 
module name, or incorrect module path.*

*The error appears to have been in 
'/home/ansible/mssql_query/roles/tasks/main.yml': line 36, column 3, but 
may*
*be elsewhere in the file depending on the exact syntax problem.*

*The offending line appears to be:*

*- name: "Read users from CSV file and return a list"*
*  ^ here*

Thanks for your help !! :)

Best regards,

Karther


Le mardi 14 janvier 2020 14:12:28 UTC+1, Vladimir Botka a écrit :
>
> On Tue, 14 Jan 2020 05:00:35 -0800 (PST) 
> Karther > wrote: 
>
> > My problem is that there is problem of syntax with module read_csv: 
> > 
> > *- name: "Read users from CSV file and return a list"* 
> > *  read_csv:* 
> > * path: /home/ansible/mssql_query/roles/files/csv_file.csv* 
> > * delimiter: ','* 
> > *  register: file_csv* 
> > *  delegate_to: localhost* 
>
> The syntax seems to be OK. Could you disclose the details of the error 
> message? 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2b32df6b-d071-4964-8f09-592026a4628c%40googlegroups.com.

[ansible-project] Windows mapped drives – what the hell is going on?

[Pjotr Banas]

Hello experts, 

I was trying to reach Jordan on his blog: 
http://www.bloggingforlogging.com/2018/11/22/windows-mapped-drives-what-the-hell-is-going-on/#comment-178
 ,but 
I see that comments are closed, so maybe here someone can help me with my 
issue:


I've read article from the blog and I've tried to understand it, but I'm 
still confued. Probably due to low level of win knowledge...
Could you try to help me and try to answer to my questions in simple 
words(?)

My scenario: I've several dozen win VMs deployed for my team, we thought 
that the good idea is to use Ansible to confiure and customize them for our 
purposes inlcuding network drive mapping (later using it as a repo with 
apps/scripts which we want to install/use on VMs using Ansible). VMs are 
deployed by internal network team and what we get is a clean windows VM 
with domain username and pass. Mapped drive should be visible for mentioned 
domain user after logon to VM using RDP. Ansible has been instaled and 
configure succesfully - connection with VMs working well. Due to some 
'probably' security policy and network configuration only one way of auth 
option was to use NTLM.

Of course, it's possible to map network drive on every VM using RDP with 
mentioned domain user.

--- Network drive ---

\\bellagio.intra.vegas.net\how\the\hell\to\solve\this\issue

--- Ansible hosts ---

[winhost]
99.88.77.66
99.88.77.65

[winhost:vars]
ansible_user=el...@intra.vegas.net
ansible_password=elvis123
ansible_connection=winrm
ansible_winrm_transport=ntlm
ansible_winrm_message_encryption=always
ansible_winrm_server_cert_validation=ignore

Is it possible:
1) to use Ansible to map this network drive automatically in all VMs for 
the domain user (mapped drive should be visible after VM reboots, during 
every RDP sessions using this credentials?

2) to use this mapped drive as a 'repo place' for future purposes - to copy 
scrips, apps from this drive to VMs using Ansible?

Best regards, Peter 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/32d271cd-1f22-4bee-9e90-4744db31ee94%40googlegroups.com.

Re: [ansible-project] Question: How to use the same host for multiple groups?

[Konstantinos Tzevelekidis]

Hello,

Finally we made it work using the following approach:

Inventory file:
Host1 mygroups='["groupA","groupB"]'

Created two playbook files one with the tasks (PlaybookTasks.yml) and one that 
does an iteration (Playbook.yml)
Playbook.yml:
---
- hosts: all
  tasks:
- include: PlaybookTasks.yml mygroup="{{ item }}"
  with_items: "{{ mygroups}}"

PlaybookTasks.yml:
- name: Include vars
  include: "group_vars/{{ group}}/vars.yml"
- name: Download application
 .

The structure of the host_vars and group_vars remained as I initially explained.

Thank you all for the support and your prompt answers.

Best Regards,
Konstantinos

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9837e3b6-5cc7-4189-9491-a5789133a7aa%40googlegroups.com.

[ansible-project] Re: Ansible ios_command: copy tftp: flash: keeps sending IOS file data until timeout

['Mysimpia' via Ansible Project]

Ansible version : 2.9
Python version : 3.7.5

I also tried many times with sftp or scp with ios_command module but no 
luck. Instead, as shown below, net_put successfully copied the file over to 
the Cisco switch. The ansible_ssh_user and ansible_ssh_pass needs to be set 
in inventory file. 

One issue I'm facing with the net_put module is that next task using 
ios_command after the copying fails to be executed. It gave error message 
"ConnectionError(to_text(msg, errors='surrogate_then_replace'), code=code)".
 
- name: Upgrade NM switch Firmware
  hosts: nm_switch
  connection: network_cli
  remote_user: cisco

- name: Copy over ios image
  net_put:
src: "{{ nm_sw_image_file }}" # Need ansible_ssh_user and 
ansible_ssh_pass set up.
  vars:
ansible_command_timeout: 3600 # default time out is 30 sec. Image copy 
takes about 30 min


On Sunday, June 16, 2019 at 11:02:24 AM UTC-4, Frankie Soto wrote:
>
> Hi!
>
> I am trying to automate the process of upgrading IOS on Cisco devices.
>
> Everything seems to be working fine until the process of copying the file 
> begins.
>
> The issue I am encountering is that ansible keeps sending data (I assume 
> it keeps sending the same file a couple of times in a stream) to the IOS 
> device.
>
> I noticed this issue when I logged in to one of the switches to which I am 
> trying to upgrade and saw how the file keeps growing and growing, to up to 
> four times its size (i.e. filesize is ~ 21k but it was growing already on 
> th 80k+).
>
> Process ends when the "timeout" time is reached.  Subsequently, the file 
> gets deleted from the switch, as the switches interprets that the file 
> transfer was interrupted.
>
>
> Here is y core.  Any help will be much appreciated:
>
> ---
> - hosts: [HOSTS]
>   gather_facts: yes
>   connection: local
>
>   vars:
> compliant_ios_version: 15.2(4)E8
> new_ios_bin: c3560cx-universalk9-mz.152-4.E8.bin
> new_ios_md5: bf2f1960b1fe0a05bdc69e17d82fcfed
> should_reboot: YES
>
>   vars_prompt:
>   - name: username
> prompt: "Enter username: "
> private: no
>
>   - name: password
> prompt: "Enter password: "
> private: yes
>
>   - name: auth_pass
> prompt: "Enter enable secret: "
> private: yes
>
>   tasks:
>
>   - name: gathering HOSTS facts
> ios_facts:
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
> register: all_facts
>
>   - name:  Verifying if file exists in flash
> ios_command:
>   commands:
> - command: dir | include "{{ new_ios_bin }}"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
> register: new_ios_on_flash
>
>   - name:  Debugging new_ios_on_flash
> debug:
>   msg: new ios is flash is "{{ new_ios_on_flash }}"
>
>   - name: Starting IOS upgrade process
> block:
>
> - name: Upgrade IOS images if not compliant
>   block:
>   - name:  Download new IOS image if it is not already on flash
> ios_command:
>   commands:
> - command: 'copy tftp://
> 55.44.246.96/c3560cx-universalk9-mz.152-4.E8.bin flash:'
>   prompt: 'c3560cx-universalk9-mz.152-4.E8.bin'
>   answer: "\r"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 600
>   when: new_ios_on_flash.stdout[0] == ""
>
> - name: Checking MD5 hash
>   ios_command:
> commands:
> - command: "verify /md5 flash:/{{ new_ios_bin }}"
> username: "{{ username }}"
> password: "{{ password }}"
> authorize: yes
> auth_pass: "{{ auth_pass }}"
> timeout: 3000
>   register: md5_result
>
> - name:  Set boot var if MD5 matches
>   block:
>   - name:  Changing boot var
> ios_config:
>   lines:
> - default boot system
> - boot system flash:/"{{ new_ios_bin }}"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   save_when: always
>   timeout: 150
> register: new_ios_on_flash
>
>   - name:  Setting boot var
> ios_command:
>   commands:
>   - command: "reload at 23:00\ny"
>   username: "{{ username }}"
>   password: "{{ password }}"
>   authorize: yes
>   auth_pass: "{{ auth_pass }}"
>   timeout: 30
>
>   when: md5_result.stdout[0][-32:] == new_ios_md5
>
> when: ansible_net_version != compliant_ios_version
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 

Re: [ansible-project] Create file who is in my csv file

[Vladimir Botka]

On Tue, 14 Jan 2020 05:00:35 -0800 (PST)
Karther  wrote:

> My problem is that there is problem of syntax with module read_csv:
> 
> *- name: "Read users from CSV file and return a list"*
> *  read_csv:*
> * path: /home/ansible/mssql_query/roles/files/csv_file.csv*
> * delimiter: ','*
> *  register: file_csv*
> *  delegate_to: localhost*

The syntax seems to be OK. Could you disclose the details of the error
message?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114141214.41446a18%40gmail.com.


pgpQq8zwjYNiY.pgp
Description: OpenPGP digital signature

Re: [ansible-project] Create file who is in my csv file

[Karther]

Hey Vladimir !! :)

Thanks for your answer,

My problem is that there is problem of syntax with module read_csv:

My task is :

*- name: "Read users from CSV file and return a list"*
*  read_csv:*
* path: /home/ansible/mssql_query/roles/files/csv_file.csv*
* delimiter: ','*
*  register: file_csv*
*  delegate_to: localhost*


Best Regards,

Karther

Le lundi 13 janvier 2020 17:35:07 UTC+1, Vladimir Botka a écrit :
>
> On Mon, 13 Jan 2020 08:10:14 -0800 (PST) 
> Karther > wrote: 
>
> > filename,state,note,temps 
> > file1,0,my fisrt note,52 
> > file2,0,my second note,34 
> > file3,0,my thirst note,71 
> > 
> > ... my goal is that create all file sucessively (file1, file2, 
> > file3, ...) 
>
> You might be better off with the 'read_csv' module 
>
> https://docs.ansible.com/ansible/latest/modules/read_csv_module.html#read-csv-read-a-csv-file
>  
>
> For example 
>
> - hosts: localhost 
>   tasks: 
> - read_csv: 
> path: csv_file.csv 
>   register: my_files 
> - debug: 
> var: my_files.list 
>
> gives 
>
> "my_files.list": [ 
> { 
> "filename": "file1", 
> "note": "my fisrt note", 
> "state": "0", 
> "temps": "52" 
> }, 
> { 
> "filename": "file2", 
> "note": "my second note", 
> "state": "0", 
> "temps": "34" 
> }, 
> { 
> "filename": "file3", 
> "note": "my thirst note", 
> "state": "0", 
> "temps": "71" 
> } 
> ] 
>
> The loop the list and create files. For example 
>
> - copy: 
> dest: "{{ item.filename }}" 
> content: "{{ item.note }}" 
>   loop: "{{ my_files.list }}" 
>
> HTH, 
>
> -vlado 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0af2ae9f-8dc1-4908-aaf6-d247f13a67e2%40googlegroups.com.

Re: [ansible-project] debug msg ignore other results.

[Jegan A]

Thanks a lot. It is working for me.

On Tuesday, January 14, 2020 at 3:03:12 PM UTC+5:30, James Cassell wrote:
>
>
> On Tue, Jan 14, 2020, at 12:48 AM, Jegan A wrote: 
> > Hello Team, 
> > 
> >  I am iterating register result using debug and loop but it prints 
> > other variable result as well how to ignore that one while printing 
> > value which I want Below is the sample results. Cloud you please help 
> > me on this issues. I just want to print value of 
> > "item.invocation.module_args.volume_id" and ignore other results. 
> > 
> > 
> > 
> > - debug: 
> >  msg: "{{ item.invocation.module_args.volume_id }}" 
> >  register: unused_block 
> >  with_items: "{{result_1.results}}" 
> >  when: item.volume_attachments | length == 0 
> > 
> > 
> > debug result 
> > 
> > TASK [debug] 
> > 
> *
>  
>
> > skipping: [localhost] => (item={'failed': False, 'ansible_loop_var': 
> > u'item', u'volume_attachments': [{u'chap_username': None, 
> > u'time_created': u'2019-12-26T09:38:51.785000+00:00', u'is_read_only': 
> > False, u'volume_id': u'', u'device': None, u'xxx', 
> > u'lifecycle_state': u'ATTACHED', u'availability_domain': u'xx', 
> > u'display_name': u'volumeattachment20191226093851', u'compartment_id': 
> > u'', u'port': 3260, u'instance_id': 
> > u'x', u'iqn': u'x', 
> > u'is_pv_encryption_in_transit_enabled': False, u'attachment_type': 
> > u'iscsi', u'chap_secret': None, u'ipv4': u'169.254.2.2'}], 'item': 
> > u'xxx', u'invocation': {u'module_args': 
> > {u'auth_type': u'api_key', u'api_user_key_pass_phrase': None, 
> > u'availability_domain': None, u'display_name': None, 
> > u'config_profile_name': u'root', u'compartment_id': u'xxx', 
> > u'region': None, u'volume_id': u'xxx', 
> > u'instance_id': None, u'tenancy': None, u'api_user_key_file': None, 
> > u'api_user_fingerprint': None, u'api_user': None, 
> > u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> > None}}, 'changed': False, 'ansible_facts': 
> > {u'discovered_interpreter_python': u'/usr/bin/python'}}) 
> > 
> > ok: [localhost] => (item={'failed': False, 'ansible_loop_var': u'item', 
> > u'volume_attachments': [], 'item': u'', 
> > u'invocation': {u'module_args': {u'auth_type': u'api_key', 
> > u'api_user_key_pass_phrase': None, u'availability_domain': None, 
> > u'display_name': None, u'config_profile_name': u'root', 
> > u'compartment_id': u'xx', u'region': None, 
> > u'volume_id': u'xxx', u'instance_id': 
> > None, u'tenancy': None, u'api_user_key_file': None, 
> > u'api_user_fingerprint': None, u'api_user': None, 
> > u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> > None}}, 'changed': False}) => { 
> >  "msg": "xx" 
> > } 
> > 
> > 
>
> loop_control: 
>   label: "{{ item.invocation.module_args.volume_id }}" 
>
> Or similar. 
>
> V/r, 
> James Cassell 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f46e6744-4e77-4f23-a5a0-51997c98932e%40googlegroups.com.

Re: [ansible-project] Re: How to configure prompt with 2 inputs

[Srinivas Naram]

Thanks, that helped.

On Mon, Jan 13, 2020 at 9:55 PM Uriel  wrote:

> I think the only thing missing from @Phil's answer is check_all: True
>
> On Monday, January 13, 2020 at 2:51:48 AM UTC-6, Srinivas Naram wrote:
>>
>> Thanks for our reply Phil. It did not work though.
>>
>> Any other suggestions ?
>>
>> On Fri, Jan 10, 2020 at 10:25 PM Phil Griffiths 
>> wrote:
>>
>>> try this?
>>>
>>>  name: reboot ios device
>>>   cli_command:
>>> command: reload
>>> prompt:
>>>   - Save?
>>>   - confirm
>>> answer:
>>>  - y
>>>  - y
>>>
>>>
>>>
>>> On Friday, 10 January 2020 14:28:23 UTC, Srinivas Naram wrote:

 Hello Gurus

 I am working on ios_command module. This modules facilitates in execute
 commands on Cisco IOS devices.

 While running 'reload' command it is prompting for 2 inputs,

 "System configuration has been modified. Save? [yes/no]" > yes
 "Proceed with reload? [confirm]   > return character here

 I tried using prompts, but looks like it does not support providing
 answers for 2 questions in 1 command. Tried expect module (could not get
 this working)

 Any suggestions?

 My code snippet:

 ios_command:
commands:
- command: 'reload'
  prompt:
  -  "System configuration has been modified. Save?
 [yes/no]"
  -  "Proceed with reload? [confirm]
 answer:
- "\r"
- 'yes'




 --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/5f7e1ebb-3cd3-4fa4-9d15-7814a9597e23%40googlegroups.com
>>> 
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/58df3013-6a9a-4aff-8ff2-233d0fcca48b%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAG-N3P6nA0PFeAUQSo1w3GiD6gTz30sAh8eRFE3e%2BF7qVEKZZg%40mail.gmail.com.

Re: [ansible-project] Running a dynamically generated playbook.

[Vladimir Botka]

On Mon, 13 Jan 2020 23:55:25 -0800 (PST)
Anurag Negi  wrote:

> Hi, I have a requirement to run a dynamically generated playbook from a 
> main playbook. The idea is to run only a main playbook which would be 
> generating a sub-playbook and it would be run from one of the tasks in the 
> main playbook. How do I achieve this ?

It's not possible for 2 reasons. 1) A playbook can't be "run from one of the
tasks". 'import_playbook' is not a task. 2) The file that should be imported
by 'import_playbook' must be ready then the playbook started. Therefor it
can't be "dynamically generated playbook from a main playbook".

HTH,

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200114112404.32220be0%40gmail.com.


pgpltF7Qb0lo2.pgp
Description: OpenPGP digital signature

Re: [ansible-project] debug msg ignore other results.

[James Cassell]

On Tue, Jan 14, 2020, at 12:48 AM, Jegan A wrote:
> Hello Team,
> 
>  I am iterating register result using debug and loop but it prints 
> other variable result as well how to ignore that one while printing 
> value which I want Below is the sample results. Cloud you please help 
> me on this issues. I just want to print value of 
> "item.invocation.module_args.volume_id" and ignore other results.
> 
> 
> 
> - debug:
>  msg: "{{ item.invocation.module_args.volume_id }}"
>  register: unused_block
>  with_items: "{{result_1.results}}"
>  when: item.volume_attachments | length == 0
> 
> 
> debug result
> 
> TASK [debug] 
> *
> skipping: [localhost] => (item={'failed': False, 'ansible_loop_var': 
> u'item', u'volume_attachments': [{u'chap_username': None, 
> u'time_created': u'2019-12-26T09:38:51.785000+00:00', u'is_read_only': 
> False, u'volume_id': u'', u'device': None, u'xxx', 
> u'lifecycle_state': u'ATTACHED', u'availability_domain': u'xx', 
> u'display_name': u'volumeattachment20191226093851', u'compartment_id': 
> u'', u'port': 3260, u'instance_id': 
> u'x', u'iqn': u'x', 
> u'is_pv_encryption_in_transit_enabled': False, u'attachment_type': 
> u'iscsi', u'chap_secret': None, u'ipv4': u'169.254.2.2'}], 'item': 
> u'xxx', u'invocation': {u'module_args': 
> {u'auth_type': u'api_key', u'api_user_key_pass_phrase': None, 
> u'availability_domain': None, u'display_name': None, 
> u'config_profile_name': u'root', u'compartment_id': u'xxx', 
> u'region': None, u'volume_id': u'xxx', 
> u'instance_id': None, u'tenancy': None, u'api_user_key_file': None, 
> u'api_user_fingerprint': None, u'api_user': None, 
> u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> None}}, 'changed': False, 'ansible_facts': 
> {u'discovered_interpreter_python': u'/usr/bin/python'}})
> 
> ok: [localhost] => (item={'failed': False, 'ansible_loop_var': u'item', 
> u'volume_attachments': [], 'item': u'', 
> u'invocation': {u'module_args': {u'auth_type': u'api_key', 
> u'api_user_key_pass_phrase': None, u'availability_domain': None, 
> u'display_name': None, u'config_profile_name': u'root', 
> u'compartment_id': u'xx', u'region': None, 
> u'volume_id': u'xxx', u'instance_id': 
> None, u'tenancy': None, u'api_user_key_file': None, 
> u'api_user_fingerprint': None, u'api_user': None, 
> u'config_file_location': u'~/.oci/config', u'volume_attachment_id': 
> None}}, 'changed': False}) => {
>  "msg": "xx"
> }
> 
> 

loop_control:
  label: "{{ item.invocation.module_args.volume_id }}"

Or similar.

V/r,
James Cassell

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6f8a4a0c-df9d-4b31-88e4-cf26b18c5a24%40www.fastmail.com.