Re: [ansible-project] aws_s3 - not sure if I understand how to use

[David Rivera]

Hi I actually did edit my original post yesterday with everything I am
doing. it is basic stuff, but since I have never really used Ansible much
but for a few adhoc tasks, it is just all I know.

Anyways, I was able to figure out how to create a bucket. doing this: now
this is not using roles. Yes, I do not really understand the structure of
roles yet but I will deal with that later.

How I got it to work cor creating the bucket. Note I was also able to get
the creation to work using the aws_s3 module also , but when I wanted to
add a policy I noticed I had to use the s3_bucket module.


---
# Create an S3 bucket using a policy
#
#
- hosts: localhost
  gather_facts: no
  connection: local
  tasks:
   - s3_bucket:
   name: mybucket
   policy: "{{ lookup( 'file','test_policy.json' )}}"
   versioning: yes
   tags:
 Name: foo
 Environment: bar


The json policy in my same CWD.


What I am trying to honestly do is find additional ways to manage our AWS
environment,  I am curious if for a decent amount of day to day tasks we
can leverage Ansible.


On Mon, Feb 17, 2020 at 5:43 PM Angel Rengifo Cancino 
wrote:

> Hello:
>
> my role for learning is: s3-create.yml
>> - name: Create S3 Bucket
>>   aws_s3:
>> bucket: my-bucket
>> mode: create
>> permission: private-read
>> region: us-east-1
>>
>> This piece of code looks good.
>
>> my playbook:
>>   key_name: my-key
>>   vpc_subnet_id: subnet-02439
>>   roles:
>> - s3-create
>>   assign_public_ip: yes
>>   group:  my-group
>>
>> This short piece of code looks wrong. Is it part of the same playbook or
> role? Did you remove the previous line of the task? Based on these few
> lines and your indentation I can't guess what are you trying to do. What
> module are you using?
>
>
>
>>
> when I run it, I get this:
>>
>> EntePLAY [Test creating ec2 instance with Ansible]
>> ***
>>
>> TASK [Gathering Facts]
>> ***
>> ok: [localhost]
>>
>> TASK [Start New ec2 Instance]
>> 
>> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
>> parameters for (ec2) module: roles Supported parameters include:
>> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
>> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
>> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
>> instance_profile_name, instance_tags, instance_type, kernel, key_name,
>> monitoring, network_interfaces, placement_group, private_ip, profile,
>> ramdisk, region, security_token, source_dest_check, spot_launch_group,
>> spot_price, spot_type, spot_wait_timeout, state, tenancy,
>> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
>> wait, wait_timeout, zone"}
>>
>> PLAY RECAP
>> ***
>> localhost  : ok=1changed=0unreachable=0
>> failed=1skipped=0rescued=0ignored=0
>> r code here...
>>
>>
>> I guess you're trying to use the ec2_instance module, but we can see your
> hole code, so it's hard to help you
>
> Copy all your relevant lines from aws_s3 and ec2_instance modules here in
> your message so we can understand what's wrong.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAA3McK_Z29tq7uyXz99QZqWh5gPjMiv6nAvzT4SLPjSBuHCPDg%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAH6UtpbULQvPa1-Uz%2Bv-dCWr5dDvOrMSUz2WxiqVUoOzN_ZoQ%40mail.gmail.com.

Re: [ansible-project] Ansible-variable containing double quotes changed

[Angel Rengifo Cancino]

Hello:

On Mon, Feb 17, 2020 at 7:19 PM Barun kumar  wrote:

>
>  Hi Disk,
>
> More explanation about playbook, hope you did not chance to see that,
> please check once.
>
>
>
>
>
>  cat /tmp/volume.txt  #Has list of disk attached to server, which needs
> to excluded
>
> ["xvda", "xvdb", "xvdc", "xvdd", "xvde", "xvdf", "xvdg", "xvdh", "xvdi"]
>
>
>
>
>
> # disk.yml
>
> disk_count.stdout: 2 #number of disk need to add to server.
>
>
>
>  - name: Call devicecheck script
>
> shell: |
>
>   a1=( "xvda" "xvdb" "xvdc" "xvdd" "xvde" "xvdf" "xvdg" "xvdh" "xvdi"
> "xvdj" "xvdk" "xvdl" "xvdm" "xvdn" "xvdo" "xvdp" "xvdq" "xvdr" "xvds"
> "xvdt" "xvdu" "xvdv" "xvdw" "xvdx" "xvdy" "xvdz")
>
Do you need to do this by using a shell task? I'm not sure how you get the
list of disks which you pretend to filter, but let me know if this approach
works for you:

- name: Set the list of all disks
  set_fact:
a1: ["xvda", "xvdb", "xvdc", "xvdd", "xvde", "xvdf", "xvdg",
"xvdh", "xvdi", "xvdj", "xvdk", "xvdl"] #complete the list of all disks here

- name: Import the contents from file as a list
  set_fact:
excluded_disks: "{{ lookup('file', 'volume.txt') }}"

- name: Set the list of device names without considering excluded disks
  set_fact:
device_name: "{{ device_name | default([]) + [item] }}"
  when: item not in excluded_disks
  with_items: "{{ a1 }}"

- name: Show the final list of device names
  debug:
var: device_name

I assumed you disks to exclude are defined in a volume.txt file. As I don't
know how you get the list of all original disks (which you set in a1
variable within your shell script), I've just defined in an ansible
variable.
This way, there's no need to deal with quoting, because that might be a
little hard to solve, read and troubleshoot.

If you can share more lines from your code or what you pretend to achieve,
maybe we can suggest some better ideas.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAA3McK8Wq18%2Bv%2BgZkRREXD8JhXhfP_n8ON_0uWCh0bDvPMi5mw%40mail.gmail.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Angel Rengifo Cancino]

Hello:

On Mon, Feb 17, 2020 at 8:36 AM Bala Mutyam  wrote:

> Hi all,
>
> Anisble Version: ansible 2.7.7
>
>
> I'm  configuring auditd on centos7 but the auditd service is failing to
> restart.
>
> Handler:
>
> - name: centos7 restart auditd
>   become: yes
>   command: service auditd restart
>
> Error:
>
> FAILED! => {"changed": false, "msg": "Unable to restart service auditd:
> Failed to restart auditd.service: Operation refused, unit auditd.service
> may be requested by dependency only (it is configured to refuse manual
> start/stop).\nSee system logs and 'systemctl status auditd.service' for
> details.\n"}
>
> Have you tried to run "systemctl restart auditd" manually as root in your
shell? What's the ouput of that command?

Have you checked at /var/log/messages about any systemctl or auditd errors
after running such ansible task?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAA3McK-K_Bty3WEE_RJ2WpvS4vm6OBVmhQ0v5qR42LUhjzGkdA%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[Angel Rengifo Cancino]

Hello:

my role for learning is: s3-create.yml
> - name: Create S3 Bucket
>   aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
> This piece of code looks good.

> my playbook:
>   key_name: my-key
>   vpc_subnet_id: subnet-02439
>   roles:
> - s3-create
>   assign_public_ip: yes
>   group:  my-group
>
> This short piece of code looks wrong. Is it part of the same playbook or
role? Did you remove the previous line of the task? Based on these few
lines and your indentation I can't guess what are you trying to do. What
module are you using?



>
when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible]
> ***
>
> TASK [Gathering Facts]
> ***
> ok: [localhost]
>
> TASK [Start New ec2 Instance]
> 
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
> parameters for (ec2) module: roles Supported parameters include:
> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
> instance_profile_name, instance_tags, instance_type, kernel, key_name,
> monitoring, network_interfaces, placement_group, private_ip, profile,
> ramdisk, region, security_token, source_dest_check, spot_launch_group,
> spot_price, spot_type, spot_wait_timeout, state, tenancy,
> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
> wait, wait_timeout, zone"}
>
> PLAY RECAP
> ***
> localhost  : ok=1changed=0unreachable=0
> failed=1skipped=0rescued=0ignored=0
> r code here...
>
>
> I guess you're trying to use the ec2_instance module, but we can see your
hole code, so it's hard to help you

Copy all your relevant lines from aws_s3 and ec2_instance modules here in
your message so we can understand what's wrong.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAA3McK_Z29tq7uyXz99QZqWh5gPjMiv6nAvzT4SLPjSBuHCPDg%40mail.gmail.com.

Re: [ansible-project] Does anyone have an Interesting Ansible demo idea for a talk?

[Angel Rengifo Cancino]

Not sure what type of company you work for, but it might be useful to show
a demo of how you can automate some kind of process, which consists of
several individual steps, through ansible playbooks and Ansible Tower
workflows. You can focus on simple playbooks which do basic things and
exchange values between job templates, all seen from a single view which is
the workflow (maybe using approvals or conditionals).

It's just an idea, hope it helps

On Mon, Feb 17, 2020 at 6:05 PM Christopher Saunders 
wrote:

> I am doing a 45-minute talk on Ansible and Ansible Tower to a large group
> of infrastructure people at my company.  The audience is mixed, some know
> Ansible well, others may have only heard about it.  I would like to develop
> an Ansible demo that I could start sometime early during my talk.  Then
> wrap up my talk with a " TaDa! Look at all the cool stuff ansible did while
> I was talking!" moment.
>
> Has anyone done an Ansible demo that went over well with their audience?
> Does anyone have any ideas of what would be interesting to see as an
> audience member?
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f825d40f-c2a7-4139-baf4-163d9ac50bfc%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAA3McK-xuXkSqDLwrTniMEH3kJgnKRmX6Oub%3DbErY4EoXX__YQ%40mail.gmail.com.

Re: [ansible-project] Re: win_update to upgrade windows 10 version

[Ben Lagunilla]

I upgraded Ansible and can now list 'upgrades' entries.

Thanks!

On Mon, Feb 17, 2020 at 10:16 AM Jordan Borean  wrote:

> I believe since Ansible 2.8 the 'category_names' option is a free form
> field and you can specify whatever you want. Since that change it should
> also be reporting all the updates that were filtered (not selected) and the
> category names that apply for that update which you can then use.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8119a39c-e58f-42ad-9852-fe08d13618a0%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFrU83GpMsjYVQ3bA2g-pNTm-ryWHqkixRvWHVQ9i%3DZFGw3p0g%40mail.gmail.com.

Re: [ansible-project] Ansible-variable containing double quotes changed

[Barun kumar]

 Hi Disk,

More explanation about playbook, hope you did not chance to see that,
please check once.





 cat /tmp/volume.txt  #Has list of disk attached to server, which needs to
excluded

["xvda", "xvdb", "xvdc", "xvdd", "xvde", "xvdf", "xvdg", "xvdh", "xvdi"]





# disk.yml

disk_count.stdout: 2 #number of disk need to add to server.



 - name: Call devicecheck script

shell: |

  a1=( "xvda" "xvdb" "xvdc" "xvdd" "xvde" "xvdf" "xvdg" "xvdh" "xvdi"
"xvdj" "xvdk" "xvdl" "xvdm" "xvdn" "xvdo" "xvdp" "xvdq" "xvdr" "xvds"
"xvdt" "xvdu" "xvdv" "xvdw" "xvdx" "xvdy" "xvdz")

  for i in `cat /tmp/volume.txt | sed -e 's/\[//' | sed -e 's/\]//' |
sed -e 's/\"//g' | sed -e 's/,/ /g'`

  do

  a2+=("$i")

  done

  a3=()

  for i in "${a1[@]}"; do

  skip=

  for j in "${a2[@]}"; do

[[ $i == $j ]] && { skip=1; break; }

  done

[[ -n $skip ]] || a3+=("$i")

  done

  joined=$(printf ","\""dev/"%s"\"" "${a3[@]:0:{{disk_count.stdout}}}")

  echo "["${joined:1}"]"

register: device_name

when: inventory_hostname in groups['dbserver']



  - name: Register linux jump host with variable |device_name

add_host:

  name: "10.0.0.20"

  PLAY1VAR_NEW01: "{{ device_name.stdout }}"

register: PLAY1VAR_NEW01

when: inventory_hostname in groups['dbserver']



  - debug: var=PLAY1VAR_NEW01

when: inventory_hostname in groups['dbserver']



  - name: terraform variable store tasks |device_name

shell: |

  echo {{ hostvars["10.0.0.20"]["PLAY1VAR_NEW01"] }} > /tmp/device_name

when: inventory_hostname in groups['controller_servers']

register: terraform_disk



#

=Debug
Value==

*#ansible-playbook –I inventory disk.yml –vvv*



TASK [asm_pdb_disk_mapping : debug]


task path:
/infra/infracode/automation_deployment/ansible/dynamic_tags/asm_pdb_disk_mapping/tasks/asm_pdb_disk_mapping.yml:219

ok: [10.0.0.10] => {

"device_name": {

"changed": true,

"cmd": "a1=( \"xvda\" \"xvdb\" \"xvdc\" \"xvdd\" \"xvde\" \"xvdf\"
\"xvdg\" \"xvdh\" \"xvdi\" \"xvdj\" \"xvdk\" \"xvdl\" \"xvdm\" \"xvdn\"
\"xvdo\" \"xvdp\" \"xvdq\" \"xvdr\" \"xvds\" \"xvdt\" \"xvdu\" \"xvdv\"
\"xvdw\" \"xvdx\" \"xvdy\" \"xvdz\")\nfor i in `cat /tmp/volume.txt | sed
-e 's/\\[//' | sed -e 's/\\]//' | sed -e 's/\\\"//g' | sed -e 's/,/
/g'`\ndo\na2+=(\"$i\")\ndone\na3=()\nfor i in \"${a1[@]}\"; do\nskip=\nfor
j in \"${a2[@]}\"; do\n  [[ $i == $j ]] && { skip=1; break; }\ndone\n  [[
-n $skip ]] || a3+=(\"$i\")\ndone\njoined=$(printf
\",\"\\\"\"dev/\"%s\"\\\"\" \"${a3[@]:0:2}\") \necho
\"[\"${joined:1}\"]\"\n",

"delta": "0:00:00.089253",

"end": "2020-02-18 10:28:59.483863",

"failed": false,

"rc": 0,

"start": "2020-02-18 10:28:59.394610",

"stderr": "",

"stderr_lines": [],

"stdout": "[\"dev/xvdj\",\"dev/xvdk\"]",  #This output we want
to capture in subsequent tasks

"stdout_lines": [

"[\"dev/xvdj\",\"dev/xvdk\"]"

]

}

}





TASK [asm_pdb_disk_mapping : debug]


task path:
/infra/infracode/automation_deployment/ansible/dynamic_tags/asm_pdb_disk_mapping/tasks/asm_pdb_disk_mapping.yml:230

ok: [10.0.0.10] => {

"PLAY1VAR_NEW01": {

"add_host": {

"groups": [],

"host_name": "10.0.0.20",

"host_vars": {

"PLAY1VAR_NEW01": [

"dev/xvdj",

"dev/xvdk"

]

}

},

"changed": true,

"failed": false

}

}





TASK [asm_pdb_disk_mapping : debug]


task path:
/infra/infracode/automation_deployment/ansible/dynamic_tags/asm_pdb_disk_mapping/tasks/asm_pdb_disk_mapping.yml:243

ok: [10.0.0.10] => {

"terraform_disk": {

"changed": false,

"skip_reason": "Conditional result was False",

"skipped": true

}

}

ok: [10.0.0.20] => {

"terraform_disk": {

"changed": true,

"cmd": "echo [u'dev/xvdj', u'dev/xvdk'] > /tmp/device_name\n",
#Expected Value  >> "[\"dev/xvdj\",\"dev/xvdk\"]",

"delta": "0:00:00.004322",

"end": "2020-02-17 23:29:15.619772",

"failed": false,

"rc": 0,

"start": "2020-02-17 23:29:15.615450",

"stderr": "",

"stderr_lines": [],

"stdout": "",

"stdout_lines": []

}

}

*Regards,*Barun Kumar
Mobile: +91 8297380006, India
Will get you.

[ansible-project] Does anyone have an Interesting Ansible demo idea for a talk?

[Christopher Saunders]

I am doing a 45-minute talk on Ansible and Ansible Tower to a large group 
of infrastructure people at my company.  The audience is mixed, some know 
Ansible well, others may have only heard about it.  I would like to develop 
an Ansible demo that I could start sometime early during my talk.  Then 
wrap up my talk with a " TaDa! Look at all the cool stuff ansible did while 
I was talking!" moment.

Has anyone done an Ansible demo that went over well with their audience?  
Does anyone have any ideas of what would be interesting to see as an 
audience member?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f825d40f-c2a7-4139-baf4-163d9ac50bfc%40googlegroups.com.

Re: [ansible-project] Doubt regarding loops and conditionals

[Vladimir Botka]

On Mon, 17 Feb 2020 20:11:07 +
Nuno Jordão  wrote:

> - name: "test loop"
>   debug:
> msg: "test"
>   loop: "{{nulo}}"
>   when: nulo is defined
> 
> where "nulo" is an undefined variable. Here the task skips instead of
> failing.

Instead of testing whether the variable is defined or not, use the "default"
filter. For example

 - name: "test loop"
   debug:
 msg: "test"
   loop: "{{ nulo|default([]) }}"

The loop will be skipped if "nulo" is undefined. Test "nulo" separately if
you want the playbook to fail. For example

 - name: Fail when nulo undefined
   fail:
 msg: "Variable nulo undefined"
   when: nulo if undefined

HTH,

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200217220957.7d57397e%40gmail.com.


pgpRQyYbXP7hV.pgp
Description: OpenPGP digital signature

Re: [ansible-project] Doubt regarding loops and conditionals

[Mauricio Tavares]

On Mon, Feb 17, 2020 at 3:11 PM Nuno Jordão  wrote:
>
> Hello,
>
> I have a doubt regarding loops and conditionals that maybe someone can make 
> it clear to me.
> In the documentation is stated that:
>
> "When combining Conditionals with a loop, the when: statement is processed 
> separately for each item."
>
  I am not sure since in your example the when is applied to the
debug, i.e. if when is false the debug task is not run.

> But if I do this:
>
> - name: "test loop"
>   debug:
> msg: "test"
>   loop: "{{nulo}}"
>   when: nulo is defined
>
  That is an interesting way to loop.

> where "nulo" is an undefined variable. Here the task skips instead of 
> failing. If I read the documentation to the letter it should fail as it would 
> only do the test inside the loop.
> Also, this issue:
> https://github.com/ansible/ansible/issues/45976
>
> has a slightly different variation of my loop which fails instead of skipping.
>
  The differences are more than slightly.  having "null_var" as
the when test is not the same as "null_var is defined."

when: null_var is defined

is testing whether null_var is defined, returning true or false; it
could not care less about its contents though. So, it does not break
when it is not defined.

when: null_var | default(False)

would also work since it also gives an option for when null_var is not
defined. I believe

when: null_var

would work if (1) it is always defined and (2) you set it to true or
false or something. Someone more knowledgeable can check my claims.

> My observed behaviour is of course the better one as allows to test the list 
> before running loop, but should I trust it? It is the same in all versions of 
> Ansible?
>
> Thank you for your help. Regards,
>
> Nuno Jordão
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/CAEAA%3Dts5OMuUg535jFC0xwx2V6YiJ%3DoHAuW-XGKneejDC4QfkA%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHEKYV44r_sFj3CWEcanZ1L_yiDFtKw-Om81syVb26LWWBC8WA%40mail.gmail.com.

[ansible-project] Doubt regarding loops and conditionals

[Nuno Jordão]

Hello,

I have a doubt regarding loops and conditionals that maybe someone can make
it clear to me.
In the documentation is stated that:

"When combining Conditionals

with
a loop, the when: statement is processed separately for each item."

But if I do this:

- name: "test loop"
  debug:
msg: "test"
  loop: "{{nulo}}"
  when: nulo is defined

where "nulo" is an undefined variable. Here the task skips instead of
failing. If I read the documentation to the letter it should fail as it
would only do the test inside the loop.
Also, this issue:
https://github.com/ansible/ansible/issues/45976

has a slightly different variation of my loop which fails instead of
skipping.

My observed behaviour is of course the better one as allows to test the
list before running loop, but should I trust it? It is the same in all
versions of Ansible?

Thank you for your help. Regards,

Nuno Jordão

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAEAA%3Dts5OMuUg535jFC0xwx2V6YiJ%3DoHAuW-XGKneejDC4QfkA%40mail.gmail.com.

Re: [ansible-project] Ansible Create vSphere Virtual Machine

[David Foley]

Ok I'm using just / as the folder seems to be bypassing that now 

but not sure what could be causing the following:: fatal: [localhost -> 
localhost]: FAILED! => {"changed": false, "msg": "Failed to create a 
virtual machine : Unable to access the virtual machine configuration: 
Unable to access file [vsanDatastore] /win10-template.vmtx"}


On Monday, February 17, 2020 at 4:06:39 PM UTC, Dick Visser wrote:
>
> On Mon, 17 Feb 2020 at 16:53, Jorge Rúa > 
> wrote: 
> > 
> > Try with : 
> > folder: "{{ yourfolder | d ('/') }}" 
>
> For everyone else that is wondering what the 'd' filter is, it's an 
> alias for 'default'  :) 
>
>
> -- 
> Dick Visser 
> Trust & Identity Service Operations Manager 
> GÉANT 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/589fb946-7419-404d-a01d-b39e2eb79fde%40googlegroups.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[David Rivera]

I’m sorry,

I get it since you are just trying to help.


Again sorry

Thanks
David


On Mon, Feb 17, 2020 at 10:24 AM David Rivera 
wrote:

> Hi,
>
> I do have AWS cli and boto3 installed as I use those almost on a daily
> basis.
>
> Yes,
> Thank you for the heads up on the s3 bucket, I just changed it in my post..
>
> Thanks,
> David
>
>
>
> On Mon, Feb 17, 2020 at 10:15 AM Amit Kulkarni 
> wrote:
>
>> Ansible supports S3 and all the operations supported by S3 API. You have
>> to make sure that you have access to AWS CLI and also install python boto.
>>  This is the framework used for calling AWS API via ansible.
>>
>> Also make sure that name you have giving to bucket should be unique when
>> you are writing the playbook.
>>
>> Regards
>> Amit
>>
>>
>> On Mon, Feb 17, 2020, 12:56 AM David Rivera 
>> wrote:
>>
>>>
>>>
>>> So I wondering if ansible supports s3, from what I see it does but I
>>> just might not understand how to do it. Im a novice at Ansible, esp in the
>>> realm of using it in conjunction  with AWS.
>>>
>>> So I *think* I have to create a role and call it in my playbook?
>>>
>>> my role for learning is: s3-create.yml
>>> - name: Create S3 Bucket
>>>   aws_s3:
>>> bucket: my-bucket
>>> mode: create
>>> permission: private-read
>>> region: us-east-1
>>>
>>>
>>> my playbook:
>>>   key_name: my-key
>>>   vpc_subnet_id: subnet-02439
>>>   roles:
>>> - s3-create
>>>   assign_public_ip: yes
>>>   group:  my-group
>>>
>>>
>>> when I run it, I get this:
>>>
>>> EntePLAY [Test creating ec2 instance with Ansible]
>>> ***
>>>
>>> TASK [Gathering Facts]
>>> ***
>>> ok: [localhost]
>>>
>>> TASK [Start New ec2 Instance]
>>> 
>>> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
>>> parameters for (ec2) module: roles Supported parameters include:
>>> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
>>> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
>>> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
>>> instance_profile_name, instance_tags, instance_type, kernel, key_name,
>>> monitoring, network_interfaces, placement_group, private_ip, profile,
>>> ramdisk, region, security_token, source_dest_check, spot_launch_group,
>>> spot_price, spot_type, spot_wait_timeout, state, tenancy,
>>> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
>>> wait, wait_timeout, zone"}
>>>
>>> PLAY RECAP
>>> ***
>>> localhost  : ok=1changed=0unreachable=0
>>> failed=1skipped=0rescued=0ignored=0
>>> r code here...
>>>
>>>
>>> From what I read, you cant do it, but that contradicts ansible's docs so
>>> I think I just dont know what I am doing..
>>>
>>>
>>> any help would be appreciated..
>>>
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com
>>> 
>>> .
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAON3ZR0wnyJ0H5ocOvz-cHFZnR3Bksegi26wk6qzx_eiiyE0iA%40mail.gmail.com
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAH6UtpeXcpz3g2gR0R7ZkricKYZctW5ch7DiPqGT2POwUFo6Q%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[David Rivera]

Hi,

I do have AWS cli and boto3 installed as I use those almost on a daily
basis.

Yes,
Thank you for the heads up on the s3 bucket, I just changed it in my post..

Thanks,
David



On Mon, Feb 17, 2020 at 10:15 AM Amit Kulkarni 
wrote:

> Ansible supports S3 and all the operations supported by S3 API. You have
> to make sure that you have access to AWS CLI and also install python boto.
>  This is the framework used for calling AWS API via ansible.
>
> Also make sure that name you have giving to bucket should be unique when
> you are writing the playbook.
>
> Regards
> Amit
>
>
> On Mon, Feb 17, 2020, 12:56 AM David Rivera 
> wrote:
>
>>
>>
>> So I wondering if ansible supports s3, from what I see it does but I just
>> might not understand how to do it. Im a novice at Ansible, esp in the realm
>> of using it in conjunction  with AWS.
>>
>> So I *think* I have to create a role and call it in my playbook?
>>
>> my role for learning is: s3-create.yml
>> - name: Create S3 Bucket
>>   aws_s3:
>> bucket: my-bucket
>> mode: create
>> permission: private-read
>> region: us-east-1
>>
>>
>> my playbook:
>>   key_name: my-key
>>   vpc_subnet_id: subnet-02439
>>   roles:
>> - s3-create
>>   assign_public_ip: yes
>>   group:  my-group
>>
>>
>> when I run it, I get this:
>>
>> EntePLAY [Test creating ec2 instance with Ansible]
>> ***
>>
>> TASK [Gathering Facts]
>> ***
>> ok: [localhost]
>>
>> TASK [Start New ec2 Instance]
>> 
>> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
>> parameters for (ec2) module: roles Supported parameters include:
>> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
>> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
>> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
>> instance_profile_name, instance_tags, instance_type, kernel, key_name,
>> monitoring, network_interfaces, placement_group, private_ip, profile,
>> ramdisk, region, security_token, source_dest_check, spot_launch_group,
>> spot_price, spot_type, spot_wait_timeout, state, tenancy,
>> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
>> wait, wait_timeout, zone"}
>>
>> PLAY RECAP
>> ***
>> localhost  : ok=1changed=0unreachable=0
>> failed=1skipped=0rescued=0ignored=0
>> r code here...
>>
>>
>> From what I read, you cant do it, but that contradicts ansible's docs so
>> I think I just dont know what I am doing..
>>
>>
>> any help would be appreciated..
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com
>> 
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAON3ZR0wnyJ0H5ocOvz-cHFZnR3Bksegi26wk6qzx_eiiyE0iA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAH6UtrLMXWbV7P16Ky4JBNyQX1_w%3D4z289JpP4-UUTdp_M%3D9g%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[Dick Visser]

I now see that the error you’re getting isn’t from the aws_s3 taks that you
posted.
Instead it’s from an ec2 task - that you did NOT provide. This is quite
frustrating -
next time provide ALL the information and not leave people in the dark
please...

Thx


On Mon, 17 Feb 2020 at 06:56, David Rivera  wrote:

>
>
> So I wondering if ansible supports s3, from what I see it does but I just
> might not understand how to do it. Im a novice at Ansible, esp in the realm
> of using it in conjunction  with AWS.
>
> So I *think* I have to create a role and call it in my playbook?
>
> my role for learning is: s3-create.yml
> - name: Create S3 Bucket
>   aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
>
> my playbook:
>   key_name: my-key
>   vpc_subnet_id: subnet-02439
>   roles:
> - s3-create
>   assign_public_ip: yes
>   group:  my-group
>
>
> when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible]
> ***
>
> TASK [Gathering Facts]
> ***
> ok: [localhost]
>
> TASK [Start New ec2 Instance]
> 
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
> parameters for (ec2) module: roles Supported parameters include:
> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
> instance_profile_name, instance_tags, instance_type, kernel, key_name,
> monitoring, network_interfaces, placement_group, private_ip, profile,
> ramdisk, region, security_token, source_dest_check, spot_launch_group,
> spot_price, spot_type, spot_wait_timeout, state, tenancy,
> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
> wait, wait_timeout, zone"}
>
> PLAY RECAP
> ***
> localhost  : ok=1changed=0unreachable=0
> failed=1skipped=0rescued=0ignored=0
> r code here...
>
>
> From what I read, you cant do it, but that contradicts ansible's docs so I
> think I just dont know what I am doing..
>
>
> any help would be appreciated..
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com
> 
> .
>
-- 
Sent from a mobile device - please excuse the brevity, spelling and
punctuation.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwPvWLWj3_EzwLfF8QFcPphy9NEOD%3Dg2v7udEFyOSArDFw%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[Amit Kulkarni]

Ansible supports S3 and all the operations supported by S3 API. You have to
make sure that you have access to AWS CLI and also install python boto.
 This is the framework used for calling AWS API via ansible.

Also make sure that name you have giving to bucket should be unique when
you are writing the playbook.

Regards
Amit


On Mon, Feb 17, 2020, 12:56 AM David Rivera 
wrote:

>
>
> So I wondering if ansible supports s3, from what I see it does but I just
> might not understand how to do it. Im a novice at Ansible, esp in the realm
> of using it in conjunction  with AWS.
>
> So I *think* I have to create a role and call it in my playbook?
>
> my role for learning is: s3-create.yml
> - name: Create S3 Bucket
>   aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
>
> my playbook:
>   key_name: my-key
>   vpc_subnet_id: subnet-02439
>   roles:
> - s3-create
>   assign_public_ip: yes
>   group:  my-group
>
>
> when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible]
> ***
>
> TASK [Gathering Facts]
> ***
> ok: [localhost]
>
> TASK [Start New ec2 Instance]
> 
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
> parameters for (ec2) module: roles Supported parameters include:
> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
> instance_profile_name, instance_tags, instance_type, kernel, key_name,
> monitoring, network_interfaces, placement_group, private_ip, profile,
> ramdisk, region, security_token, source_dest_check, spot_launch_group,
> spot_price, spot_type, spot_wait_timeout, state, tenancy,
> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
> wait, wait_timeout, zone"}
>
> PLAY RECAP
> ***
> localhost  : ok=1changed=0unreachable=0
> failed=1skipped=0rescued=0ignored=0
> r code here...
>
>
> From what I read, you cant do it, but that contradicts ansible's docs so I
> think I just dont know what I am doing..
>
>
> any help would be appreciated..
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAON3ZR0wnyJ0H5ocOvz-cHFZnR3Bksegi26wk6qzx_eiiyE0iA%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[David Rivera]

Hi,

That was the weird thing.  When I run it it gives me this error.

ERROR!  aws_s3 is not a valid attribute for a Play.

This is the only reason why I started to try a different avenue..

Oh well..

Thanks
David

On Mon, Feb 17, 2020 at 2:33 AM Dick Visser  wrote:

> As you are beginning with ansible, start with the simplest option,
> which is just a single playbook file, and don't bother with roles yet.
> Something like this should already work to create a bucket:
>
>
> - hosts: localhost
>   gather_facts: False
>
>   tasks:
> - name: Create S3 Bucket
>   aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
> Provided your environment contains AWS_SECRET_ACCESS_KEY and
> AWS_ACCESS_KEY_ID. Read
> https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html
> on how that works.
>
> Please note that 'private-read' isn't a valid option for the
> permission, see
>
> https://docs.ansible.com/ansible/latest/modules/aws_s3_module.html#parameter-permission
> for the supported values.
>
> Dick
>
>
> On Mon, 17 Feb 2020 at 06:56, David Rivera 
> wrote:
> >
> >
> >
> > So I wondering if ansible supports s3, from what I see it does but I
> just might not understand how to do it. Im a novice at Ansible, esp in the
> realm of using it in conjunction  with AWS.
> >
> > So I *think* I have to create a role and call it in my playbook?
> >
> > my role for learning is: s3-create.yml
> > - name: Create S3 Bucket
> >   aws_s3:
> > bucket: my-bucket
> > mode: create
> > permission: private-read
> > region: us-east-1
> >
> >
> > my playbook:
> >   key_name: my-key
> >   vpc_subnet_id: subnet-02439
> >   roles:
> > - s3-create
> >   assign_public_ip: yes
> >   group:  my-group
> >
> >
> > when I run it, I get this:
> >
> > EntePLAY [Test creating ec2 instance with Ansible]
> ***
> >
> > TASK [Gathering Facts]
> ***
> > ok: [localhost]
> >
> > TASK [Start New ec2 Instance]
> 
> > fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported
> parameters for (ec2) module: roles Supported parameters include:
> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag,
> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group,
> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior,
> instance_profile_name, instance_tags, instance_type, kernel, key_name,
> monitoring, network_interfaces, placement_group, private_ip, profile,
> ramdisk, region, security_token, source_dest_check, spot_launch_group,
> spot_price, spot_type, spot_wait_timeout, state, tenancy,
> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id,
> wait, wait_timeout, zone"}
> >
> > PLAY RECAP
> ***
> > localhost  : ok=1changed=0unreachable=0
> failed=1skipped=0rescued=0ignored=0
> > r code here...
> >
> >
> > From what I read, you cant do it, but that contradicts ansible's docs so
> I think I just dont know what I am doing..
> >
> >
> > any help would be appreciated..
> >
> >
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com
> .
>
>
>
> --
> Dick Visser
> Trust & Identity Service Operations Manager
> GÉANT
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwO%3DgOdeAi8wZ0Ggk%2BoNRMYQyH8tpt1D%3DBa_0xxtsKP9aw%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAH6UtrXbfFRqsiYX29e4J%3DGaum-f2omEdsYkRWc1RFX7UVg4g%40mail.gmail.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Cyril Stoll]

Hi

For the handler you have to explicitly state to use the "service" instead 
of "systemctl" command. For me it worked with a notify and a handler 
definition like so:

- name: restart auditd
  systemd:
name: auditd
state: restarted
use: service

With that handler you can use "notify: restart auditd" in your task and 
that should work. I'm working with RHEL 7 but that should not be different 
from centOS 7 in that regard.

Best,
Cyril


On Monday, 17 February 2020 15:54:00 UTC+1, Bala Mutyam wrote:
>
> Service module is also failing with the same error.
>
> fatal: [192.168.69.33]: FAILED! => {"changed": false, "msg": "Unable to 
> restart service auditd: Failed to restart auditd.service: Operation 
> refused, unit auditd.service may be requested by dependency only (it is 
> configured to refuse manual start/stop).\nSee system logs and 'systemctl 
> status auditd.service' for details.\n"}
>
>
> On Monday, February 17, 2020 at 1:42:37 PM UTC, Stefan Hornburg (Racke) 
> wrote:
>>
>> On 2/17/20 2:36 PM, Bala Mutyam wrote: 
>> > Hi all, 
>> > 
>> > Anisble Version: ansible 2.7.7 
>> > 
>> > 
>> > I'm  configuring auditd on centos7 but the auditd service is failing to 
>> restart. 
>> > 
>> > Handler: 
>> > 
>> > - name: centos7 restart auditd 
>> >   become: yes 
>> >   command: service auditd restart 
>> > 
>> > Error: 
>> > 
>> > FAILED! => {"changed": false, "msg": "Unable to restart service auditd: 
>> Failed to restart auditd.service: Operation 
>> > refused, unit auditd.service may be requested by dependency only (it is 
>> configured to refuse manual start/stop).\nSee 
>> > system logs and 'systemctl status auditd.service' for details.\n"} 
>> > 
>> > I can restart the service via commandline on the host using "service 
>> auditd restart" 
>> > 
>> > I'm running playbook as root user 
>> > 
>> > Could someone help me please? 
>>
>> It might not solve your problem, but you should certainly use the 
>> "service" module instead of "command". If it still 
>> fails, please provide corresponding log messages as instructed in the 
>> error message. 
>>
>> Regards 
>> Racke 
>>
>> > 
>> > -- 
>> > You received this message because you are subscribed to the Google 
>> Groups "Ansible Project" group. 
>> > To unsubscribe from this group and stop receiving emails from it, send 
>> an email to 
>> > ansible...@googlegroups.com > ansible-project+unsubscr...@googlegroups.com>. 
>> > To view this discussion on the web visit 
>> > 
>> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com
>>  
>> > <
>> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com?utm_medium=email_source=footer>.
>>  
>>
>>
>>
>> -- 
>> Ecommerce and Linux consulting + Perl and web application programming. 
>> Debian and Sympa administration. Provisioning with Ansible. 
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9c7710cf-fa92-4434-95fd-eddd8bb8b4a7%40googlegroups.com.

[ansible-project] Re: Ansible Create vSphere Virtual Machine

[David Foley]

>
> When i Enter the virtualMachine Name _ Folder I'm getting the following 
>

 No Folder /TESTMACHINE match in search path.. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/475056ee-60ad-4a4f-ab88-6bb6cf0b4d27%40googlegroups.com.

[ansible-project] Connecting Radware cli

[rajthecomputerguy]

Hi,

Has anyone connected Cli of Radware(Loadbalancer device)  using Ansible?

Thanks,
Raj

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/486eded0-c024-48c7-8fb7-fcd3432d0e70%40googlegroups.com.

Re: [ansible-project] Ansible Create vSphere Virtual Machine

[Dick Visser]

On Mon, 17 Feb 2020 at 16:53, Jorge Rúa  wrote:
>
> Try with :
> folder: "{{ yourfolder | d ('/') }}"

For everyone else that is wondering what the 'd' filter is, it's an
alias for 'default'  :)


-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwO2AgVMM_fothDzZc_X_L3_vusomFB33Sqr6BRkWW4ARw%40mail.gmail.com.

[ansible-project] Re: Ansible Create vSphere Virtual Machine

[João Santos]

Hi David

It's a good pratice that you are able to identify uniqueness of the virtual 
machine and folder will help you to achieve that.

You already have an answer before that might help you out to achieve what 
you're requesting (no folders).
Nevertheless check here https://github.com/js-max/ansible-vmware-new-vm, 
might help you to speed up things if need to.


Cheers

On Monday, 17 February 2020 15:48:30 UTC, David Foley wrote:
>
> Ansible playbook fails to deploy Virtual Machine: Can't Find Folder 
> How can I deploy a Virtual machine without any Folders within the Cluster 
> ? 
>
> ---
> - name: Running Create Virtual Machine Playbook
>   hosts: localhost
>   gather_facts: false
>   connection: local
>   tasks:
> - name: Virtual Machine customization
>   vmware_guest:
> validate_certs: no
> folder:  "{{ }}"
> hostname: "{{ }}"
> username:  "{{ }}"
> password:  "{{ }}"
> cluster :  "{{ }}"
> customization_spec:  "{{ }}"
> name:  "{{ }}"
> template: "{{ }}"
> state: poweredon
> disk:
>   - datastore:  "{{ }}"
> networks:
> - name:  "{{ }}"
>   device_type: e1000e
> customization:
>   autologon: yes
> hardware:
>   memory_mb: 2048
>   num_cpus: 1
>   delegate_to: localhost
># wait_for_ip_address: True
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2682812c-8955-497b-bd09-e72ecdbec200%40googlegroups.com.

Re: [ansible-project] Ansible Create vSphere Virtual Machine

[Jorge Rúa]

Try with :
folder: "{{ yourfolder | d ('/') }}"

El lun., 17 feb. 2020 a las 15:48, David Foley ()
escribió:

> Ansible playbook fails to deploy Virtual Machine: Can't Find Folder
> How can I deploy a Virtual machine without any Folders within the Cluster
> ?
>
> ---
> - name: Running Create Virtual Machine Playbook
>   hosts: localhost
>   gather_facts: false
>   connection: local
>   tasks:
> - name: Virtual Machine customization
>   vmware_guest:
> validate_certs: no
> folder:  "{{ }}"
> hostname: "{{ }}"
> username:  "{{ }}"
> password:  "{{ }}"
> cluster :  "{{ }}"
> customization_spec:  "{{ }}"
> name:  "{{ }}"
> template: "{{ }}"
> state: poweredon
> disk:
>   - datastore:  "{{ }}"
> networks:
> - name:  "{{ }}"
>   device_type: e1000e
> customization:
>   autologon: yes
> hardware:
>   memory_mb: 2048
>   num_cpus: 1
>   delegate_to: localhost
># wait_for_ip_address: True
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/fed0cb7e-644a-4344-a18c-01cf3a87beef%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFtje5PK3pMsO%2BTnUr4t6WYv_Bp4TMWA%3DvwrMpZTccFjD%2BbvtA%40mail.gmail.com.

[ansible-project] Ansible Create vSphere Virtual Machine

[David Foley]

Ansible playbook fails to deploy Virtual Machine: Can't Find Folder 
How can I deploy a Virtual machine without any Folders within the Cluster ? 

---
- name: Running Create Virtual Machine Playbook
  hosts: localhost
  gather_facts: false
  connection: local
  tasks:
- name: Virtual Machine customization
  vmware_guest:
validate_certs: no
folder:  "{{ }}"
hostname: "{{ }}"
username:  "{{ }}"
password:  "{{ }}"
cluster :  "{{ }}"
customization_spec:  "{{ }}"
name:  "{{ }}"
template: "{{ }}"
state: poweredon
disk:
  - datastore:  "{{ }}"
networks:
- name:  "{{ }}"
  device_type: e1000e
customization:
  autologon: yes
hardware:
  memory_mb: 2048
  num_cpus: 1
  delegate_to: localhost
   # wait_for_ip_address: True

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fed0cb7e-644a-4344-a18c-01cf3a87beef%40googlegroups.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Dick Visser]

Then you should follow the advice given, i.e:

See system logs and 'systemctl status auditd.service' for details.


On Mon, 17 Feb 2020 at 15:54, Bala Mutyam  wrote:
>
> Service module is also failing with the same error.
>
> fatal: [192.168.69.33]: FAILED! => {"changed": false, "msg": "Unable to 
> restart service auditd: Failed to restart auditd.service: Operation refused, 
> unit auditd.service may be requested by dependency only (it is configured to 
> refuse manual start/stop).\nSee system logs and 'systemctl status 
> auditd.service' for details.\n"}
>
>
> On Monday, February 17, 2020 at 1:42:37 PM UTC, Stefan Hornburg (Racke) wrote:
>>
>> On 2/17/20 2:36 PM, Bala Mutyam wrote:
>> > Hi all,
>> >
>> > Anisble Version: ansible 2.7.7
>> >
>> >
>> > I'm  configuring auditd on centos7 but the auditd service is failing to 
>> > restart.
>> >
>> > Handler:
>> >
>> > - name: centos7 restart auditd
>> >   become: yes
>> >   command: service auditd restart
>> >
>> > Error:
>> >
>> > FAILED! => {"changed": false, "msg": "Unable to restart service auditd: 
>> > Failed to restart auditd.service: Operation
>> > refused, unit auditd.service may be requested by dependency only (it is 
>> > configured to refuse manual start/stop).\nSee
>> > system logs and 'systemctl status auditd.service' for details.\n"}
>> >
>> > I can restart the service via commandline on the host using "service 
>> > auditd restart"
>> >
>> > I'm running playbook as root user
>> >
>> > Could someone help me please?
>>
>> It might not solve your problem, but you should certainly use the "service" 
>> module instead of "command". If it still
>> fails, please provide corresponding log messages as instructed in the error 
>> message.
>>
>> Regards
>> Racke
>>
>> >
>> > --
>> > You received this message because you are subscribed to the Google Groups 
>> > "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an 
>> > email to
>> > ansible...@googlegroups.com 
>> > .
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com
>> > .
>>
>>
>> --
>> Ecommerce and Linux consulting + Perl and web application programming.
>> Debian and Sympa administration. Provisioning with Ansible.
>>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/3afc2f51-e5f4-41d2-b460-cf9fcc904757%40googlegroups.com.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwMWYaG0cU7mT_8aALWTsQjsbxxQZWLcC8QSX_7MxhMEKA%40mail.gmail.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Bala Mutyam]

Service module is also failing with the same error.

fatal: [192.168.69.33]: FAILED! => {"changed": false, "msg": "Unable to 
restart service auditd: Failed to restart auditd.service: Operation 
refused, unit auditd.service may be requested by dependency only (it is 
configured to refuse manual start/stop).\nSee system logs and 'systemctl 
status auditd.service' for details.\n"}


On Monday, February 17, 2020 at 1:42:37 PM UTC, Stefan Hornburg (Racke) 
wrote:
>
> On 2/17/20 2:36 PM, Bala Mutyam wrote: 
> > Hi all, 
> > 
> > Anisble Version: ansible 2.7.7 
> > 
> > 
> > I'm  configuring auditd on centos7 but the auditd service is failing to 
> restart. 
> > 
> > Handler: 
> > 
> > - name: centos7 restart auditd 
> >   become: yes 
> >   command: service auditd restart 
> > 
> > Error: 
> > 
> > FAILED! => {"changed": false, "msg": "Unable to restart service auditd: 
> Failed to restart auditd.service: Operation 
> > refused, unit auditd.service may be requested by dependency only (it is 
> configured to refuse manual start/stop).\nSee 
> > system logs and 'systemctl status auditd.service' for details.\n"} 
> > 
> > I can restart the service via commandline on the host using "service 
> auditd restart" 
> > 
> > I'm running playbook as root user 
> > 
> > Could someone help me please? 
>
> It might not solve your problem, but you should certainly use the 
> "service" module instead of "command". If it still 
> fails, please provide corresponding log messages as instructed in the 
> error message. 
>
> Regards 
> Racke 
>
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to 
> > ansible...@googlegroups.com   ansible-project+unsubscr...@googlegroups.com >. 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com
>  
> > <
> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com?utm_medium=email_source=footer>.
>  
>
>
>
> -- 
> Ecommerce and Linux consulting + Perl and web application programming. 
> Debian and Sympa administration. Provisioning with Ansible. 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3afc2f51-e5f4-41d2-b460-cf9fcc904757%40googlegroups.com.

Re: [ansible-project] How to gather kernel parameters of remote hosts

[Vladimir Botka]

On Mon, 17 Feb 2020 14:47:19 +0100
Dick Visser  wrote:

>   tasks:
> - name: find out sysctl values
>   shell: sysctl {{ params | join(' ') }}
>   register: sysctl_out

Optionally ask sysctl to print values only and set dictionary of the
parameters and values. For example

- command: "sysctl -n {{ params | join(' ') }}"
  register: sysctl_out
- set_fact:
sysctl_dict: "{{ dict(params|zip(sysctl_out.stdout_lines)) }}"

HTH,

-vlado

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200217153141.134f2357%40gmail.com.


pgpo1wStQBdkL.pgp
Description: OpenPGP digital signature

Re: [ansible-project] How to gather kernel parameters of remote hosts

[Stefan Hornburg (Racke)]

On 2/17/20 1:46 PM, Vikrant Agarwal wrote:
> How to i collect remote hosts kernel parameters using ansible.  I'm looking 
> to below type collect info of remote hosts .
> setup module doesn't collect this info .  
> 
> And sysctl module is to edit , can i use  sysctl module just to list the 
> parameters and not to modify anything ? 

According to its documentation, no.

But you can read the current values with

   command: sysctl -a
   register: sysctl_settings

Regards
Racke

> 
> net.ipv4.ip_forward = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.accept_source_route = 0
> kernel.sysrq = 0
> kernel.core_uses_pid = 1
> net.ipv4.tcp_syncookies = 1
> kernel.msgmnb = 65536
> kernel.msgmax = 65536
> kernel.shmmax = 68719476736
> kernel.shmall = 4294967296
> fs.file-max = 209702
> net.core.optmem_max = 1000
> net.core.rmem_default = 1000
> net.core.rmem_max = 1000
> net.core.wmem_default = 1000
> net.core.wmem_max = 1000
> net.ipv4.conf.all.rp_filter = 1
> net.ipv4.tcp_max_tw_buckets = 200
> net.ipv4.tcp_mem = 3000 3000 3000
> net.ipv4.tcp_rmem = 3000 3000 3000
> net.ipv4.tcp_wmem = 3000 3000 3000
> net.ipv4.ip_local_port_range = 32768 65000
> net.ipv4.ip_forward = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.tcp_timestamps = 1
> net.ipv4.tcp_fin_timeout = 30
> net.ipv4.tcp_keepalive_time = 300
> net.ipv4.tcp_window_scaling = 1
> net.ipv4.tcp_sack = 1
> net.ipv4.igmp_max_memberships = 4096
> kernel.pid_max = 131072
> kernel.pid_max = 131072  
> 
> 
> Regards
> Vikrant
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAFn3J16xSQXGvmrrzQO1%2BcGS-Ppy_Gah%2ByH09AA4Ezdxh%3D_Xxg%40mail.gmail.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6ab3aeba-6d90-e953-9146-eb215608fdc2%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] How to gather kernel parameters of remote hosts

[Dick Visser]

Probably best done in one long cmd, for example:

- hosts: all
  vars:
params:
  - net.ipv4.ip_forward
  - net.ipv4.conf.default.rp_filter
  - net.ipv4.conf.default.accept_source_route
  - kernel.sysrq
  - kernel.core_uses_pid
  - net.ipv4.tcp_syncookies
  - kernel.msgmnb
  - kernel.msgmax
  - kernel.shmmax
  - kernel.shmall
  - fs.file-max
  - net.core.optmem_max
  - net.core.rmem_default
  - net.core.rmem_max
  - net.core.wmem_default
  - net.core.wmem_max
  - net.ipv4.conf.all.rp_filter
  - net.ipv4.tcp_max_tw_buckets
  - net.ipv4.tcp_mem
  - net.ipv4.tcp_rmem
  - net.ipv4.tcp_wmem
  - net.ipv4.ip_local_port_range
  - net.ipv4.ip_forward
  - net.ipv4.conf.default.rp_filter
  - net.ipv4.tcp_timestamps
  - net.ipv4.tcp_fin_timeout
  - net.ipv4.tcp_keepalive_time
  - net.ipv4.tcp_window_scaling
  - net.ipv4.tcp_sack
  - net.ipv4.igmp_max_memberships
  - kernel.pid_max
  - kernel.pid_max

  tasks:
- name: find out sysctl values
  shell: sysctl {{ params | join(' ') }}
  register: sysctl_out

- debug: var=sysctl_out

On Mon, 17 Feb 2020 at 13:47, Vikrant Agarwal 
wrote:

> How to i collect remote hosts kernel parameters using ansible.  I'm
> looking to below type collect info of remote hosts . setup module doesn't
> collect this info .
>
> And sysctl module is to edit , can i use  sysctl module just to list the
> parameters and not to modify anything ?
>
> net.ipv4.ip_forward = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.accept_source_route = 0
> kernel.sysrq = 0
> kernel.core_uses_pid = 1
> net.ipv4.tcp_syncookies = 1
> kernel.msgmnb = 65536
> kernel.msgmax = 65536
> kernel.shmmax = 68719476736
> kernel.shmall = 4294967296
> fs.file-max = 209702
> net.core.optmem_max = 1000
> net.core.rmem_default = 1000
> net.core.rmem_max = 1000
> net.core.wmem_default = 1000
> net.core.wmem_max = 1000
> net.ipv4.conf.all.rp_filter = 1
> net.ipv4.tcp_max_tw_buckets = 200
> net.ipv4.tcp_mem = 3000 3000 3000
> net.ipv4.tcp_rmem = 3000 3000 3000
> net.ipv4.tcp_wmem = 3000 3000 3000
> net.ipv4.ip_local_port_range = 32768 65000
> net.ipv4.ip_forward = 0
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.tcp_timestamps = 1
> net.ipv4.tcp_fin_timeout = 30
> net.ipv4.tcp_keepalive_time = 300
> net.ipv4.tcp_window_scaling = 1
> net.ipv4.tcp_sack = 1
> net.ipv4.igmp_max_memberships = 4096
> kernel.pid_max = 131072
> kernel.pid_max = 131072
>
>
> Regards
> Vikrant
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAFn3J16xSQXGvmrrzQO1%2BcGS-Ppy_Gah%2ByH09AA4Ezdxh%3D_Xxg%40mail.gmail.com
> 
> .
>


-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwOsPukGdpNEhe23h_2JFUUjK2m8h1Qf2y2YESewZP9yLg%40mail.gmail.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Bariou Alarou]

Could you use the service module instead of command.

Handler:

- name: centos7 restart auditd
   service:
  name: audits
  state: restarted
  become: yes

Also wanted to know how do you run your playbook because you defined as
handler.


On Mon, Feb 17, 2020 at 8:36 AM Bala Mutyam  wrote:

> Hi all,
>
> Anisble Version: ansible 2.7.7
>
>
> I'm  configuring auditd on centos7 but the auditd service is failing to
> restart.
>
> Handler:
>
> - name: centos7 restart auditd
>   become: yes
>   command: service auditd restart
>
> Error:
>
> FAILED! => {"changed": false, "msg": "Unable to restart service auditd:
> Failed to restart auditd.service: Operation refused, unit auditd.service
> may be requested by dependency only (it is configured to refuse manual
> start/stop).\nSee system logs and 'systemctl status auditd.service' for
> details.\n"}
>
> I can restart the service via commandline on the host using "service
> auditd restart"
>
> I'm running playbook as root user
>
> Could someone help me please?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com
> 
> .
>
-- 
Sincerely,
Abdoul Alarou
Tel: 2406676734
Email: barioualaro...@gmail.com

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACH1cPBiZ2cA_nfOZq_Ydoqu9shaVg60z9vogt-_AiwqgL3vEg%40mail.gmail.com.

Re: [ansible-project] Unable to restart auditd service on centos7

[Stefan Hornburg (Racke)]

On 2/17/20 2:36 PM, Bala Mutyam wrote:
> Hi all,
> 
> Anisble Version: ansible 2.7.7
> 
> 
> I'm  configuring auditd on centos7 but the auditd service is failing to 
> restart.
> 
> Handler:
> 
> - name: centos7 restart auditd
>   become: yes
>   command: service auditd restart
> 
> Error:
> 
> FAILED! => {"changed": false, "msg": "Unable to restart service auditd: 
> Failed to restart auditd.service: Operation
> refused, unit auditd.service may be requested by dependency only (it is 
> configured to refuse manual start/stop).\nSee
> system logs and 'systemctl status auditd.service' for details.\n"}
> 
> I can restart the service via commandline on the host using "service auditd 
> restart"
> 
> I'm running playbook as root user
> 
> Could someone help me please?

It might not solve your problem, but you should certainly use the "service" 
module instead of "command". If it still
fails, please provide corresponding log messages as instructed in the error 
message.

Regards
Racke

> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1350b167-bcb5-663d-f17a-61d81b795234%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] Ansible-variable containing double quotes changed

[Dick Visser]

Hi Barun

You say "When I assign a variable containing double quotes to another
variable" - what variable are you assigning to what other variable?
What you post appears to be the output of a cmd task (I'm guessing, since
you didn't post the original playbook, nor the task).
That is JSON formatted output and looks fine to me.

But then you say:


Expected value to store in variable : [\"dev/xvdj\",\"dev/xvdk\"]
But it is storing this variable value: [u'dev/xvdj', u'dev/xvdk']


What variables are you referring to, and what values do you think are
assigned to them?

Maybe first things first: what are you actually trying to achieve? What do
you need?


Dick

On Mon, 17 Feb 2020 at 12:19, Barun kumar  wrote:

> When I assign a variable containing double quotes to another variable the
> double quotes (") sometimes get converted to single quotes ('). .can you
> please suggest how to solve this.
>
>
>
>
>
> TASK [asm_pdb_disk_mapping : debug]
> 
>
> ok: [10.0.0.10] => {
>
> "device_name": {
>
> "changed": true,
>
> "cmd": "a1=( \"xvda\" \"xvdb\" \"xvdc\" \"xvdd\" \"xvde\" \"xvdf\"
> \"xvdg\" \"xvdh\" \"xvdi\" \"xvdj\" \"xvdk\" \"xvdl\" \"xvdm\" \"xvdn\"
> \"xvdo\" \"xvdp\" \"xvdq\" \"xvdr\" \"xvds\" \"xvdt\" \"xvdu\" \"xvdv\"
> \"xvdw\" \"xvdx\" \"xvdy\" \"xvdz\")\nfor i in `cat /tmp/volume.txt | sed
> -e 's/\\[//' | sed -e 's/\\]//' | sed -e 's/\\\"//g' | sed -e 's/,/
> /g'`\ndo\na2+=(\"$i\")\ndone\na3=()\nfor i in \"${a1[@]}\"; do\nskip=\nfor
> j in \"${a2[@]}\"; do\n  [[ $i == $j ]] && { skip=1; break; }\ndone\n  [[
> -n $skip ]] || a3+=(\"$i\")\ndone\njoined=$(printf
> \",\"\\\"\"dev/\"%s\"\\\"\" \"${a3[@]:0:2}\") \necho
> \"[\"${joined:1}\"]\"\n",
>
> "delta": "0:00:00.088902",
>
> "end": "2020-02-17 21:50:56.868731",
>
> "failed": false,
>
> "rc": 0,
>
> "start": "2020-02-17 21:50:56.779829",
>
> "stderr": "",
>
> "stderr_lines": [],
>
> "stdout": "[\"dev/xvdj\",\"dev/xvdk\"]",
>
> "stdout_lines": [
>
> "[\"dev/xvdj\",\"dev/xvdk\"]"
>
> ]
>
> }
>
> }
>
>
>
> Expected value to store in variable : [\"dev/xvdj\",\"dev/xvdk\"]
>
>
>
> But it is storing this variable value: [u'dev/xvdj', u'dev/xvdk']
>
>
>
> Tel me know how to solve this issue.
>
>
> *Regards,*Barun Kumar
> Mobile: +91 8297380006, India
> Coming Soon...
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CADG%3DkotAgP8RdwBmyHjG9nv8GO-0Kqr5Zt%3DH_FTfmfk09Aomwg%40mail.gmail.com
> 
> .
>


-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwNowDf2ixf1%2Bgi0KL5RUHPBoHgZE_wpYQPqm74TZXObvA%40mail.gmail.com.

[ansible-project] Unable to restart auditd service on centos7

[Bala Mutyam]

Hi all,

Anisble Version: ansible 2.7.7


I'm  configuring auditd on centos7 but the auditd service is failing to 
restart.

Handler:

- name: centos7 restart auditd
  become: yes
  command: service auditd restart

Error:

FAILED! => {"changed": false, "msg": "Unable to restart service auditd: 
Failed to restart auditd.service: Operation refused, unit auditd.service 
may be requested by dependency only (it is configured to refuse manual 
start/stop).\nSee system logs and 'systemctl status auditd.service' for 
details.\n"}

I can restart the service via commandline on the host using "service auditd 
restart"

I'm running playbook as root user

Could someone help me please?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/417abda6-bbfd-4af8-9eed-8ee023e5eb73%40googlegroups.com.

[ansible-project] How to gather kernel parameters of remote hosts

[Vikrant Agarwal]

How to i collect remote hosts kernel parameters using ansible.  I'm looking
to below type collect info of remote hosts . setup module doesn't collect
this info .

And sysctl module is to edit , can i use  sysctl module just to list the
parameters and not to modify anything ?

net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
fs.file-max = 209702
net.core.optmem_max = 1000
net.core.rmem_default = 1000
net.core.rmem_max = 1000
net.core.wmem_default = 1000
net.core.wmem_max = 1000
net.ipv4.conf.all.rp_filter = 1
net.ipv4.tcp_max_tw_buckets = 200
net.ipv4.tcp_mem = 3000 3000 3000
net.ipv4.tcp_rmem = 3000 3000 3000
net.ipv4.tcp_wmem = 3000 3000 3000
net.ipv4.ip_local_port_range = 32768 65000
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1
net.ipv4.igmp_max_memberships = 4096
kernel.pid_max = 131072
kernel.pid_max = 131072


Regards
Vikrant

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFn3J16xSQXGvmrrzQO1%2BcGS-Ppy_Gah%2ByH09AA4Ezdxh%3D_Xxg%40mail.gmail.com.

RE: [ansible-project] Re: List of hosts by MacAdress + Connexion if computer is in standby

[Stuart Lowe]

I’d look into something like ddns getting your dhcp server to update dns for you
Then you can use the machine hostname?

Wake on LAN

Etc


From: ansible-project@googlegroups.com  On 
Behalf Of Günter Zöchbauer
Sent: 17 February 2020 12:02
To: Ansible Project 
Subject: [ansible-project] Re: List of hosts by MacAdress + Connexion if 
computer is in standby

On Monday, February 17, 2020 at 10:46:49 AM UTC+1, Test Deux wrote:
Hello,


I am considering using Ansible to achieve a certain goal, but as I get more 
informed, I feel that Ansible may not be the right tool. Unless, perhaps, I 
missed some information?


Result sought:

Use Ansible to quickly install softwares on Ubuntu 18.4 computers in a computer 
room (school).


https://docs.ansible.com/ansible/latest/modules/apt_module.html


Questions:

- Create a list of hosts uses IP addresses. But these addresses are not fixed, 
so can't I create the list of hosts by naming them with their MacAdress?


I'm an Ansible beginner myself and there might be a better way but an idea is 
to address all machines and then use
conditionals to assign tasks to MAC addresses
https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html
https://stackoverflow.com/questions/40224460/getting-mac-address-from-ansible-facts-in-role


- Ansible seems to be designed for connection to servers, machines that are 
constantly on. But the classrooms computers are often in standby, when they are 
not used. I have tried some direct SSH connection and it seems that this cannot 
be done if the target computer is in standby. Is Ansible also facing this 
obstacle?


There are ways to run Ansible in a pull way like 
https://docs.ansible.com/ansible/latest/cli/ansible-pull.html
(there might be others)

You can use Wake-on-LAN to wake the machines up to be able to manage them
https://docs.ansible.com/ansible/latest/modules/wakeonlan_module.html
(and shut them down again when done)


Thank you in advance for your help :)


Seb






--
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/05980a93-a5fe-4919-9c8c-062c37cc0b94%40googlegroups.com.
--
Stuart Lowe
Cloud & Hosting Engineer
Zen Internet
Team: 01706 902009
Web: zen.co.uk


Winner of 'Services Company of the Year' at the UK IT Industry Awards


This message is private and confidential. If you have received this message in 
error, please notify us and remove it from your system.


Zen Internet Limited may monitor email traffic data to manage billing, to 
handle customer enquiries and for the prevention and detection of fraud. We may 
also monitor the content of emails sent to and/or from Zen Internet Limited for 
the purposes of security, staff training and to monitor quality of service.

Zen Internet Limited is registered in England and Wales, Sandbrook Park, 
Sandbrook Way, Rochdale, OL11 1RY Company No. 03101568 VAT Reg No. 686 0495 01

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/AM6PR01MB543255312F74286FB7B48796A8160%40AM6PR01MB5432.eurprd01.prod.exchangelabs.com.

[ansible-project] Re: List of hosts by MacAdress + Connexion if computer is in standby

[Günter Zöchbauer]

On Monday, February 17, 2020 at 10:46:49 AM UTC+1, Test Deux wrote:
>
> Hello,
>
>  
> I am considering using Ansible to achieve a certain goal, but as I get 
> more informed, I feel that Ansible may not be the right tool. Unless, 
> perhaps, I missed some information?
>
>  
> *Result sought:*
>
> Use Ansible to quickly install softwares on Ubuntu 18.4 computers in a 
> computer room (school).
>
>
https://docs.ansible.com/ansible/latest/modules/apt_module.html

 
> *Questions:*
>
> - Create a list of hosts uses IP addresses. But these addresses are not 
> fixed, so can't I create the list of hosts by naming them with their 
> MacAdress?
>
>
I'm an Ansible beginner myself and there might be a better way but an idea 
is to address all machines and then use
conditionals to assign tasks to MAC addresses
https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html
https://stackoverflow.com/questions/40224460/getting-mac-address-from-ansible-facts-in-role

 

> - Ansible seems to be designed for connection to servers, machines that 
> are constantly on. But the classrooms computers are often in standby, when 
> they are not used. I have tried some direct SSH connection and it seems 
> that this cannot be done if the target computer is in standby. Is Ansible 
> also facing this obstacle?
>  
>

There are ways to run Ansible in a pull way like 
https://docs.ansible.com/ansible/latest/cli/ansible-pull.html
(there might be others)

You can use Wake-on-LAN to wake the machines up to be able to manage them
https://docs.ansible.com/ansible/latest/modules/wakeonlan_module.html
(and shut them down again when done)
 

>
> Thank you in advance for your help :)
>
>
> Seb
>
>  
>




-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/05980a93-a5fe-4919-9c8c-062c37cc0b94%40googlegroups.com.

[ansible-project] Ansible-variable containing double quotes changed

[Barun kumar]

When I assign a variable containing double quotes to another variable the
double quotes (") sometimes get converted to single quotes ('). .can you
please suggest how to solve this.





TASK [asm_pdb_disk_mapping : debug]


ok: [10.0.0.10] => {

"device_name": {

"changed": true,

"cmd": "a1=( \"xvda\" \"xvdb\" \"xvdc\" \"xvdd\" \"xvde\" \"xvdf\"
\"xvdg\" \"xvdh\" \"xvdi\" \"xvdj\" \"xvdk\" \"xvdl\" \"xvdm\" \"xvdn\"
\"xvdo\" \"xvdp\" \"xvdq\" \"xvdr\" \"xvds\" \"xvdt\" \"xvdu\" \"xvdv\"
\"xvdw\" \"xvdx\" \"xvdy\" \"xvdz\")\nfor i in `cat /tmp/volume.txt | sed
-e 's/\\[//' | sed -e 's/\\]//' | sed -e 's/\\\"//g' | sed -e 's/,/
/g'`\ndo\na2+=(\"$i\")\ndone\na3=()\nfor i in \"${a1[@]}\"; do\nskip=\nfor
j in \"${a2[@]}\"; do\n  [[ $i == $j ]] && { skip=1; break; }\ndone\n  [[
-n $skip ]] || a3+=(\"$i\")\ndone\njoined=$(printf
\",\"\\\"\"dev/\"%s\"\\\"\" \"${a3[@]:0:2}\") \necho
\"[\"${joined:1}\"]\"\n",

"delta": "0:00:00.088902",

"end": "2020-02-17 21:50:56.868731",

"failed": false,

"rc": 0,

"start": "2020-02-17 21:50:56.779829",

"stderr": "",

"stderr_lines": [],

"stdout": "[\"dev/xvdj\",\"dev/xvdk\"]",

"stdout_lines": [

"[\"dev/xvdj\",\"dev/xvdk\"]"

]

}

}



Expected value to store in variable : [\"dev/xvdj\",\"dev/xvdk\"]



But it is storing this variable value: [u'dev/xvdj', u'dev/xvdk']



Tel me know how to solve this issue.


*Regards,*Barun Kumar
Mobile: +91 8297380006, India
Coming Soon...

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CADG%3DkotAgP8RdwBmyHjG9nv8GO-0Kqr5Zt%3DH_FTfmfk09Aomwg%40mail.gmail.com.

Re: [ansible-project] aws_s3 - not sure if I understand how to use

[Dick Visser]

As you are beginning with ansible, start with the simplest option,
which is just a single playbook file, and don't bother with roles yet.
Something like this should already work to create a bucket:


- hosts: localhost
  gather_facts: False

  tasks:
- name: Create S3 Bucket
  aws_s3:
bucket: my-bucket
mode: create
permission: private-read
region: us-east-1

Provided your environment contains AWS_SECRET_ACCESS_KEY and
AWS_ACCESS_KEY_ID. Read
https://docs.ansible.com/ansible/latest/scenario_guides/guide_aws.html
on how that works.

Please note that 'private-read' isn't a valid option for the
permission, see
https://docs.ansible.com/ansible/latest/modules/aws_s3_module.html#parameter-permission
for the supported values.

Dick


On Mon, 17 Feb 2020 at 06:56, David Rivera  wrote:
>
>
>
> So I wondering if ansible supports s3, from what I see it does but I just 
> might not understand how to do it. Im a novice at Ansible, esp in the realm 
> of using it in conjunction  with AWS.
>
> So I *think* I have to create a role and call it in my playbook?
>
> my role for learning is: s3-create.yml
> - name: Create S3 Bucket
>   aws_s3:
> bucket: my-bucket
> mode: create
> permission: private-read
> region: us-east-1
>
>
> my playbook:
>   key_name: my-key
>   vpc_subnet_id: subnet-02439
>   roles:
> - s3-create
>   assign_public_ip: yes
>   group:  my-group
>
>
> when I run it, I get this:
>
> EntePLAY [Test creating ec2 instance with Ansible] 
> ***
>
> TASK [Gathering Facts] 
> ***
> ok: [localhost]
>
> TASK [Start New ec2 Instance] 
> 
> fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unsupported 
> parameters for (ec2) module: roles Supported parameters include: 
> assign_public_ip, aws_access_key, aws_secret_key, count, count_tag, 
> debug_botocore_endpoint_logs, ebs_optimized, ec2_url, exact_count, group, 
> group_id, id, image, instance_ids, instance_initiated_shutdown_behavior, 
> instance_profile_name, instance_tags, instance_type, kernel, key_name, 
> monitoring, network_interfaces, placement_group, private_ip, profile, 
> ramdisk, region, security_token, source_dest_check, spot_launch_group, 
> spot_price, spot_type, spot_wait_timeout, state, tenancy, 
> termination_protection, user_data, validate_certs, volumes, vpc_subnet_id, 
> wait, wait_timeout, zone"}
>
> PLAY RECAP 
> ***
> localhost  : ok=1changed=0unreachable=0failed=1   
>  skipped=0rescued=0ignored=0
> r code here...
>
>
> From what I read, you cant do it, but that contradicts ansible's docs so I 
> think I just dont know what I am doing..
>
>
> any help would be appreciated..
>
>
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/6dff2045-5d8a-4239-ba88-f2a588401c56%40googlegroups.com.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwO%3DgOdeAi8wZ0Ggk%2BoNRMYQyH8tpt1D%3DBa_0xxtsKP9aw%40mail.gmail.com.

[ansible-project] List of hosts by MacAdress + Connexion if computer is in standby

[Test Deux]

Hello,

 
I am considering using Ansible to achieve a certain goal, but as I get more 
informed, I feel that Ansible may not be the right tool. Unless, perhaps, I 
missed some information?

 
*Result sought:*

Use Ansible to quickly install softwares on Ubuntu 18.4 computers in a 
computer room (school).

 
*Questions:*

- Create a list of hosts uses IP addresses. But these addresses are not 
fixed, so can't I create the list of hosts by naming them with their 
MacAdress?

- Ansible seems to be designed for connection to servers, machines that are 
constantly on. But the classrooms computers are often in standby, when they 
are not used. I have tried some direct SSH connection and it seems that 
this cannot be done if the target computer is in standby. Is Ansible also 
facing this obstacle?
 

Thank you in advance for your help :)


Seb

 
 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2c9eb689-e29f-441b-ab32-63534528e4be%40googlegroups.com.

[ansible-project] The Complete Guide to using AppViewX and Ansible for NetOps and DevSecOps Orchestration

[Vidhya Kumar]

Download the complete guide to using AppViewX and Ansible for NetOps and 
DevSecOps Orchsetration 


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2e729ede-23d1-45aa-91a2-9e36850d117e%40googlegroups.com.