RE: [ansible-project] Re: Create AWS EFS
EFS tags is error?
- hosts: localhost
>
>connection: local
>
>gather_facts: no
>
>
>
>vars_files:
>
> - ec2key.yml
>
>
>
>tasks:
>
>
>
>- name: Create EFS
>
> efs:
>
>state: present
>
>region: ap-southeast-1
>
>name: "_efs"
>
>tags:
>
> Name: “efs_test”
>
>targets:
>
> - subnet_id: subnet-x
>
>security_groups: sg-x
>
>
>
>
>
The full traceback is:
Traceback (most recent call last):
File
"/tmp/ansible_efs_payload_jPntT1/ansible_efs_payload.zip/ansible/modules/cloud/amazon/efs.py",
line 506, in converge_file_system
File "/usr/lib/python2.7/dist-packages/botocore/client.py", line 324, in
_api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/lib/python2.7/dist-packages/botocore/client.py", line 622, in
_make_api_call
raise error_class(parsed_response, operation_name)
BadRequest: An error occurred (BadRequest) when calling the CreateTags
operation: invalid tag value: \u201cefs\u201d
fatal: [localhost]: FAILED! => {
"changed": false,
"error": {
"code": "BadRequest",
"message": "invalid tag value: “efs”"
},
"invocation": {
"module_args": {
"aws_access_key": null,
"aws_secret_key": null,
"debug_botocore_endpoint_logs": false,
"ec2_url": null,
"encrypt": true,
"id": null,
"kms_key_id": null,
"name": "efs test",
"performance_mode": "general_purpose",
"profile": null,
"provisioned_throughput_in_mibps": null,
"purge_tags": true,
"region": "ap-southeast-1",
"security_token": null,
"state": "present",
"tags": {
"Name": "“efs”"
},
"targets": [
{
"security_groups": "sg-073c16c36bea62794",
"subnet_id": "subnet-46817120"
}
],
"throughput_mode": null,
"validate_certs": true,
"wait": false,
"wait_timeout": 0
}
},
"msg": "Unable to create tags: BadRequest(u'An error occurred (BadRequest)
when calling the CreateTags operation: invalid tag value: \\u201cefs\\u201d',)",
"response_metadata": {
"http_headers": {
"connection": "close",
"content-_length": "67",
"content-_type": "application/json",
"date": "Fri, 27 Mar 2020 03:24:27 GMT",
"x-amzn-_error_type": "BadRequest:",
"x-amzn-_request_id": "2a0db0e0-1743-4552-bc91-32c00955fff1"
},
"http_status_code": 400,
"request_id": "2a0db0e0-1743-4552-bc91-32c00955fff1",
"retry_attempts": 0
}
BR
Sandy
-Original Message-
From: ansible-project@googlegroups.com On
Behalf Of Stefan Hornburg (Racke)
Sent: Wednesday, March 25, 2020 4:22 PM
To: ansible-project@googlegroups.com
Subject: Re: [ansible-project] Re: Create AWS EFS
On 3/25/20 9:18 AM, sandy.h...@abagile.com wrote:
> In user ldap should be use “root”
>
> Use command line
>
> sudo apt-get install pip3
>
> sudo pip3 install boto3
>
It is possible that Ansible uses Python 2 on the target.
To enforce Python 3 on the target, you can set the following variable:
ansible_python_interpreter: '/usr/bin/python3'
Regards
Racke
>
>
>
>
> BR
>
> Sandy
>
>
>
> *From:*ansible-project@googlegroups.com
> *On Behalf Of *Dick Visser
> *Sent:* Wednesday, March 25, 2020 4:02 PM
> *To:* ansible-project@googlegroups.com
> *Subject:* Re: [ansible-project] Re: Create AWS EFS
>
>
>
> How exactly did you install boto3?
>
> As what user etc
>
>
>
>
>
> On Wed, 25 Mar 2020 at 08:52, Sandy Hung > wrote:
>
> ansible 2.9.4
>
> config file = /etc/ansible/ansible.cfg
>
> configured module search path =
> [u'/home/ldap/.ansible/plugins/modules',
> u'/usr/share/ansible/plugins/modules']
>
> ansible python module location =
> /usr/lib/python2.7/dist-packages/ansible
>
> executable location = /usr/bin/ansible
>
> python version = 2.7.17 (default, Nov 7 2019, 10:07:09) [GCC
> 7.4.0]
>
>
>
>
> On Wednesday, March 25, 2020 at 3:07:30 PM UTC+8, Sandy Hung wrote:
>
> Dear All:
>
>
>
> I have create efs ansible , I have install boto3
>
> this is show error msg
>
>
>
> this is my ansible
>
> ---
>
> - hosts: localhost
>
>connection: local
>
>gather_facts: no
>
>
>
>vars_files:
>
> -
Re: [ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
What Vladimir said (twice): You are using: debug: var: while you should be doing: debug: msg: Dick On Thu, 26 Mar 2020 at 20:19, jean-christophe manciot wrote: > > Same result with your second proposal. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/7143cacb-46da-4263-a877-84cf9de1e559%40googlegroups.com. -- Dick Visser Trust & Identity Service Operations Manager GÉANT -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwOzBMTMr5%3DQDy-n-9vxpgJc5AuwbZ4yfOUvgLavZU%3DSfw%40mail.gmail.com.
Re: [ansible-project] Downloading files with a specific regular expression from remote https host to target server local path.
It's fundamentally impossible to do what you want, unless the remote server offers some sort of file system equivalent, like a directory index. Dick On Thu, 26 Mar 2020 at 19:24, Tom K. wrote: > > Having some difficulty finding what is the Ansible code to do this: > > Downloading files with a specific regular expression from remote http / https > host to a target server local path. > > > So would like to wget http://remote.com/rpm/app*.rpm to a set of target > servers. get_url doesn't appear to support patterns as per Ansible > Documentation. On the other hand, with_fileglob supports regular expressions > and patterns but doesn't work with HTTP. > > > Looking for suggestions. > > > Cheers, > > TK > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/42eee6fe-2134-4fd0-aa29-fc0571e9a249%40googlegroups.com. -- Dick Visser Trust & Identity Service Operations Manager GÉANT -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwM2btRNxAuNq1bNQ72VFr2_AynzHZAng0frcmXJiGN3pg%40mail.gmail.com.
Re: [ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
Same result with your second proposal. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7143cacb-46da-4263-a877-84cf9de1e559%40googlegroups.com.
Re: [ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
I also tried that one but it also fails:
- name: test with json_query 1/2
vars:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
debug:
var: "{{ domain_definition|
json_query('[?name==`server21`].port') }}"
ignore_errors: yes
leads to:
ok: [localhost] => {
"": "VARIABLE IS NOT DEFINED!: "
}
What version of ansible are you using?
I have:
- ansible 2.9.6 (from pypi)
- python3 version = 3.7.7 (default, Mar 12 2020, 02:00:38) [GCC 9.2.1
20200306]
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/cca5c8b6-3634-40e7-b111-af7f08addf08%40googlegroups.com.
Re: [ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
On Thu, 26 Mar 2020 20:02:47 +0100
Vladimir Botka wrote:
>
> The playbook below
>
> - name: test with json_query 1/2
> hosts: localhost
> vars:
> domain_definition:
> - name: server11
> cluster: cluster1
> port: '8080'
> - name: server12
> cluster: cluster2
> port: '8090'
> - name: server21
> cluster: cluster3
> port: '9080'
> - name: server22
> cluster: cluster4
> port: '9090'
> tasks:
> - debug:
> msg: "{{ domain_definition|
> json_query('[?name==`server21`].port') }}"
>
> gives
>
> "msg": [
> "9080"
> ]
>
> HTH,
>
> -vlado
"selectattr" below gives the same result
- debug:
msg: "{{ domain_definition|
selectattr('name', 'regex', '^server21$')|
map(attribute= 'port')|
list }}"
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200326201052.16b5bd67%40gmail.com.
pgpRR4F2Rqj8g.pgp
Description: OpenPGP digital signature
Re: [ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
On Thu, 26 Mar 2020 11:43:33 -0700 (PDT)
jean-christophe manciot wrote:
> Let’s suppose the following data structure:
> - domain_definition:
> - name: server11
> cluster: cluster1
> port: '8080'
> - name: server12
> cluster: cluster2
> port: '8090'
> - name: server21
> cluster: cluster3
> port: '9080'
> - name: server22
> cluster: cluster4
> port: '9090'
> The goal is for example to *extract the port number when
> domain_definition.name == 'server21'.*
The playbook below
- name: test with json_query 1/2
hosts: localhost
vars:
domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
tasks:
- debug:
msg: "{{ domain_definition|
json_query('[?name==`server21`].port') }}"
gives
"msg": [
"9080"
]
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200326200247.14516554%40gmail.com.
pgpH0SDtiBObx.pgp
Description: OpenPGP digital signature
[ansible-project] How to extract a value of a field within a list of dictionaries when a key matches another value
Let’s suppose the following data structure:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
The goal is for example to *extract the port number when
domain_definition.name == 'server21'.*
As simple as it sounds, I tried the following tasks with 'json_query' and
'selectattr': they all failed:
- name: test with json_query 1/2
vars:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
debug:
var: "{{ domain_definition |
json_query('domain_definition[?name==`server21`].port') }}"
ignore_errors: yes
- name: test with json_query 2/2
vars:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
debug:
var: "{{ . |
json_query('domain_definition[?name==`server21`].port') }}"
ignore_errors: yes
- name: test with selectattr 'match'
vars:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
debug:
var: "{{ domain_definition | selectattr('name', 'match',
'^server21$')).port }}"
ignore_errors: yes
- name: test with selectattr 'match'
vars:
- domain_definition:
- name: server11
cluster: cluster1
port: '8080'
- name: server12
cluster: cluster2
port: '8090'
- name: server21
cluster: cluster3
port: '9080'
- name: server22
cluster: cluster4
port: '9090'
debug:
var: "{{ domain_definition | selectattr('name', 'equalto',
'server21')).port }}"
ignore_errors: yes
leads to:
ASK [yang : test with json_query 1/2]
***
fatal: [XEv_Spine_31]: FAILED! => {
"msg": "template error while templating string: Expected an expression,
got 'end of print statement'. String: {{}}"
}
...ignoring
TASK [yang : test with json_query 2/2]
***
fatal: [XEv_Spine_31]: FAILED! => {
"msg": "template error while templating string: unexpected '.'. String:
{{ . | json_query('domain_definition[?name==`server21`].port') }}"
}
...ignoring
TASK [yang : test with selectattr 'match']
***
fatal: [XEv_Spine_31]: FAILED! => {
"msg": "template error while templating string: unexpected ')'. String:
{{ domain_definition | selectattr('name', 'match', '^server21$')).port }}"
}
...ignoring
TASK [yang : test with selectattr 'match']
***
fatal: [XEv_Spine_31]: FAILED! => {
"msg": "template error while templating string: unexpected ')'. String:
{{ domain_definition | selectattr('name', 'equalto', 'server21')).port }}"
}
...ignoring
What am I doing wrong?
Maybe there is an easier way to achieve that.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/3faa234a-244c-497b-9e29-6b197bc092fe%40googlegroups.com.
[ansible-project] Downloading files with a specific regular expression from remote https host to target server local path.
Having some difficulty finding what is the Ansible code to do this: Downloading files with a specific regular expression from remote http / https host to a target server local path. So would like to wget http://remote.com/rpm/app*.rpm to a set of target servers. get_url doesn't appear to support patterns as per Ansible Documentation. On the other hand, with_fileglob supports regular expressions and patterns but doesn't work with HTTP. Looking for suggestions. Cheers, TK -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/42eee6fe-2134-4fd0-aa29-fc0571e9a249%40googlegroups.com.
[ansible-project] Integer comparison if condition jinja2 template Ansible does not work
My jinja2 template yields correct value for the variable
{{ vars[allip.name | join("")] | default('ERR') }}
The variable has value 82.3 which gets printed by Ansible's template module.
I wish to write an if condition where I want to check if the value of the
variable is more than 80
{% if ( vars[allip.name | join("")] | int ) > 80 %}
MORE THAN 80
{% endif %}
However, the 'if' the condition does not meet.
I tried
{% if ( vars[allip.name | join("")] | int > 80 ) %}
I also tried
{% if vars[allip.name | join("")] | int > 80 %}
But, none of them worked. Can you please let me know what needs to be done
to meet the if condition?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/45e56835-bf61-4de5-a43a-af6c8205ecfc%40googlegroups.com.
[ansible-project] Integer comparision issue in jinja2 template Ansible
My jinja2 template yields correct value for the variable
{{ vars[allip.name | join("")] | default('ERR') }}
The variable has value 82.3 which gets printed by Ansible's template module.
I wish to write an if condition where I want to check if the value of the
variable is more than 80
{% if ( vars[allip.name | join("") | int ) > 80 %}
MORE THAN 80
{% endif %}
However, the 'if' the condition does not meet.
I tried
{% if ( vars[allip.name | join("") | int > 80 ) %}
I also tried
{% if vars[allip.name | join("") | int > 80 %}
But, none of them worked. Can you please let me know what needs to be done
to meet the if condition?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/34ea1c10-1094-4583-aa71-24bb532ff99a%40googlegroups.com.
[ansible-project] Re: Problems with gcp_compute_instance
Sorry, found it:
network_interfaces:
- network_ip: "{{ ipaddress.address }}"
- subnetwork: "{{ selfLink }}"
is wrong
network_interfaces:
- subnetwork: "{{ selfLink }}"
network_ip: "{{ ipaddress.address }}"
is right. My fault.
Thomas
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/ea436222-5662-4d9a-aa9a-3f319c05eb81%40googlegroups.com.
[ansible-project] Re: Problems with gcp_compute_instance
If I specify only the subnetwork value, then the server is assigned an IP
address:
network_interfaces:
- subnetwork: "{{ selfLink }}"
Thomas
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/be46d1fd-7104-4c96-bef7-40f1b715725f%40googlegroups.com.
[ansible-project] Problems with gcp_compute_instance
Hello,
I'm branching to a problem with gcp_compute_instance. The server should be
created inside a project that has a shared subnet in custom mode.
These are the individual steps to gather the informations for the network:
- name: "Gather network information for {{ vpc_project }}"
gcp_compute_network_info:
filters:
- name = "{{ vpc_network }}"
project: "{{ vpc_project }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
register: vpcnetwork
- name: Create dictionary VPCselfLink
set_fact:
VPCselfLink: "{{ VPCselfLink|default({}) | combine( {'selfLink':
vpcnetwork['items'][0].selfLink} ) }}"
- name: "Gather subnet information from project {{ vpc_project }} and
subnetwork {{ vpc_subnetwork }}"
gcp_compute_subnetwork_info:
region: region
project: myproject
filters:
- name = "{{ vpc_subnetwork }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
register: vpcsubnetwork
- name: Create dictionary selfLink
set_fact:
selfLink: "{{ selfLink|default({}) | combine( {'selfLink':
vpcsubnetwork['items'][0].selfLink} ) }}"
- name: "Create IP address for server {{ instancename }}"
gcp_compute_address:
name: "ip-{{ instancename }}"
region: "{{ region }}"
project: "{{ gcp_project }}"
address_type: INTERNAL
subnetwork: "{{ selfLink }}"
auth_kind: "{{ gcp_cred_kind }}"
service_account_file: "{{ gcp_cred_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present
register: ipaddress
When I make this call for the network:
network_interfaces:
- network: "{{ VPCselfLink }}"
- network_ip: "{{ ipaddress.address }}"
- subnetwork: "{{ selfLink }}"
I get this error:
Fatal: [localhost]: FAILED! => {"changed": false, "msg": "GCP returned
error: {'error': {'errors': [{'domain': 'global', 'reason': 'invalid',
'message': 'Invalid value for field \\'resource.networkInterfaces[0]\\':
\\'{ \"network\":
\"https://www.googleapis.com/compute/v1/projects//global/networks/...\\'.
Subnetwork should be specified for custom subnetmode network'}], 'code':
400, 'message': 'Invalid value for field
\\'resource.networkInterfaces[0]\\': \\'{ \"network\":
\"https://www.googleapis.com/compute/v1/projects/sap-shared-vpn/global/networks/vpc-ott...\\'.
Subnetwork should be specified for custom subnetmode network'}}"}
When I make this call for the network:
network_interfaces:
- network_ip: "{{ ipaddress.address }}"
- subnetwork: "{{ selfLink }}"
I get this error:
fatal: [localhost]: FAILED! => {"changed": false, "msg": "GCP returned
error: {'error': {'errors': [{'domain': 'global', 'reason': 'invalid',
'message': \"Invalid value for field
'resource.networkInterfaces[0].network': ''. The referenced network
resource cannot be found.\"}], 'code': 400, 'message': \"Invalid value for
field 'resource.networkInterfaces[0].network': ''. The referenced network
resource cannot be found.\"}}"}
What am I doing wrong? I am grateful for any help.
Thomas from Germany
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/aab13466-d329-4134-9a55-c8ff228303eb%40googlegroups.com.
Re: [ansible-project] Unable to get remote target hostname when using delegate_to
On Wed, Mar 25, 2020 at 10:41:35PM -0700, Shifa Shaikh wrote:
> ---
> hosts: remote_hosts
> tasks:
> - name: Generate JSON data
> lineinfile:
> path: "{{ playbook_dir }}/tmpfiles/stats.yml"
> line: "{{ inventory_hostname }}_{{ item.mount }}: {{ (100 *
> ((item.size_total - item.size_available) / item.size_total)) | round(1,
> 'common') }}"
> insertafter: EOF
> delegate_to: localhost
> when: item.mount == '/tmp'
> with_items: '{{ ansible_mounts }}'
>
>
> I wish to get the target hostname_mountname in the stats.yml
>
> Thus if the remote_hosts are
>
> 10.0.0.2
> > 10.0.0.3
> > 10.0.0.5
>
>
> My stats.yml should have the below entries (Expected Output):
>
> 10.0.0.2_/tmp: 54
> > 10.0.0.3_/tmp: 42
> > 10.0.0.5_/tmp: 65
>
>
> However, after using lineinfile and delegate_to it always prints localhost
>
> localhost:/tmp: 54
> > localhost_/tmp: 42
> > localhost_/tmp: 65
Delegate to localhost does not change inventory_hostname, if it did it would
break a lot of code out there.
And I can prove it with this code that mimic you codes behavior.
$ more test.yml
---
- hosts: a1,a2
gather_facts: no
become: no
vars:
myvar:
- value1
- value2
- value3
tasks:
- lineinfile:
path: /tmp/test
line: "{{ inventory_hostname }} {{ item }}"
insertafter: EOF
create: true
delegate_to: localhost
when: item == "value2"
with_items: "{{ myvar }}"
And by running it I get
$ ansible-playbook test.yml; echo "Content of /tmp/test:"; cat /tmp/test
PLAY [a1,a2] ***
TASK [lineinfile] **
skipping: [a1] => (item=value1)
skipping: [a2] => (item=value1)
changed: [a1 -> localhost] => (item=value2)
skipping: [a1] => (item=value3)
changed: [a2 -> localhost] => (item=value2)
skipping: [a2] => (item=value3)
PLAY RECAP *
a1 : ok=1changed=1unreachable=0failed=0
a2 : ok=1changed=1unreachable=0failed=0
Content of /tmp/test:
a1 value2
a2 value2
--
Kai Stian Olstad
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200326090545.qmkhcis2tyu7yv3p%40olstad.com.
[ansible-project] Re: ansible windows inventory get hostname/user/password ad-hoc from external script
Would constructing your own lookup plugin be an option? There seem to be lots of lookup plugins that look things up in various kinds of vaults: https://docs.ansible.com/ansible/latest/plugins/lookup.html#plugin-list Could you create one of your own. If you created an inventory plugin, rather than an older style dynamic inventory script, I believe the inventory plugins can make use of the internal cache, so you might be able to cache credentials for a little while, which might speed things up, but I'd be inclined to see if you could create your own lookup plugin. Hope this helps, Jon On Tuesday, March 17, 2020 at 7:49:01 PM UTC, Gregory Storme wrote: > > Hi, > > We have a couple of hundred Windows hosts, with each host having different > credentials (both login and password), which are stored in an on-premise, > in-house developed "vault" system. > A dream scenario would be to install win32-openssh on all of them, and use > ssh key authentication :) however until there's MSI(X) support for > win32-openssh and/or it goes out of beta, this is not an option. > > We have an API to access our vault, which returns the > hostname/username/password for the host. > As a workaround now, I've written a simple wrapper for ansible-playbook > which works, but the disadvantage is that each host is a new playbook run. > I'm looking for a solution to run a playbook, and where ansible polls the > hostname/username/password for each alias in the ansible inventory. > Tried looking to patch the winrm.py connection plugin, but this didn't > work, and I think it would poll for each task that's executed by the winrm > plugin instead of only once? > > Solution I'm using now: > > ansible hosts file: > > [windows] > L001 > L002 > L003 > > ansible-playbook wrapper: > > #!/bin/bash > > CONNECTION="ansible_connection=winrm ansible_port=5985 > ansible_winrm_transport=credssp" > > for host in `cat ~/.ansible/hosts` > do > SECRET=`/opt/scripts/vault-functions/bin/console > app:get-admin-credential --tag=$host` > HOST=`echo $SECRET | cut -d ';' -f1` > LOGIN=`echo $SECRET | cut -d ';' -f2` > DOMAIN=`echo $SECRET | cut -d ';' -f3` > PWD=`echo $SECRET | cut -d ';' -f4` > > if [ -z "$DOMAIN" ]; then > ansible-playbook -i ~/.ansible/hosts ~/.ansible/windows.yml -e > "ansible_host=$HOST ansible_user=$LOGIN ansible_password=$PWD $CONNECTION" > else > ansible-playbook -i ~/.ansible/hosts ~/.ansible/windows.yml -e > "ansible_host=$HOST ansible_user=$LOGIN@$DOMAIN ansible_password=$PWD > $CONNECTION" > fi > done > > This works, but as stated before this runs an ansible-playbook for each > host. > Could someone point me in the right direction on how to be able to run an > ansible-playbook, upon which ansible does a lookup of the > ansible_hostname/ansible_user/ansible-password during the connection phase > to the host? > > Important detail, once a secret is requested from our vault, the password > will be reset within a couple of hours. So it's not possible for us to > build a static (encrypted) inventory. > Building a dynamic inventory is also not desired, because of the large > amount of hosts and the time it takes to request the credentials, this > would take too long and by the time it's finished, it's possible the > credentials of the first hosts have already been reset. > > So I'm looking for something that can pull data ad-hoc upon the ansible > connection, like the wrapper above does, but whilst staying in 1 playbook > run ... tips are much appreciated! > > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/42d09dda-7d9d-440e-b5dd-cb3612990aea%40googlegroups.com.
Re: [ansible-project] ternary clarification needed
Thank you all for the answers. I used the solution "from_yaml" provided by
Vladimir and it works like a charm, and it's also cleaner. However, if this
is the case, I don't believe this is an issue of how ternary works, but of
how "from_json" works. My gut feeling is that it shouldn't behave that way.
On Thu, Mar 26, 2020 at 9:27 AM Martin Krizek wrote:
> On Thu, Mar 26, 2020 at 7:55 AM Davide Scrimieri
> wrote:
> >
> > Hello,
> >
> > Whenever a ternary is used are both conditions evaluated regardless ?
> >
> > For example, I want to convert "my_other_var" to an object only if it is
> passed as as string, otherwise I don't want to touch the object, and leave
> it as it is.
> >
> > - set_fact:
> > my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
> (my_other_var | from_json, my_other_var }}"
> >
>
> Yes, this is how the ternary filter works. To work around that you can
> use a ternary statement:
>
> - set_fact:
> my_var: "{{ my_other_var | from_json if (my_other_var |
> type_debug == 'str') else my_other_var }}"
>
> That should result in desired behavior.
>
> M.
>
> > What happens right now is this:
> >
> > if my_other_var is str -> It works
> > if my_other_var is dict -> it gives me the error saying that
> my_other_var should be a string to be converted from_json. But I would
> expect that being the condition on the left = False, it would ignore the
> left condition on the ternary and only consider the rightmost condition.
> >
> > I also tried using when:
> >
> > -- name: Set fact for string object
> > set_fact:
> > my_var: "{{ my_other_var | from_json }}"
> > when: (my_other_var | type_debug == 'str')
> >
> >
> > - name: Set fat for dict object
> > set_fact:
> > my_var: "{{ my_other_var | from_json }}"
> > when: (my_other_var | type_debug == 'dict')
> >
> > However, if "my_other_var" is dict, the first block (named set fact for
> string object) gives me the same error as before. I was actually expecting
> that being the when statement equals to false, it would simply ignore it.
> >
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-project+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8e08a7c9-9f2a-4c83-a7c4-ab9aa389b4e2%40googlegroups.com
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CADDq2ENmBvy7%2B1rXhJ--G1c2aYDPiwJnCDU2%3D3TiC8%3D-Ergxww%40mail.gmail.com
> .
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAEOhr79iT18g%2Bmu%3DUZB%2B_PA7YzvNzf5jpD-aFFb0cruXBJPj8w%40mail.gmail.com.
Re: [ansible-project] ternary clarification needed
On Thu, Mar 26, 2020 at 7:55 AM Davide Scrimieri wrote:
>
> Hello,
>
> Whenever a ternary is used are both conditions evaluated regardless ?
>
> For example, I want to convert "my_other_var" to an object only if it is
> passed as as string, otherwise I don't want to touch the object, and leave it
> as it is.
>
> - set_fact:
> my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
> (my_other_var | from_json, my_other_var }}"
>
Yes, this is how the ternary filter works. To work around that you can
use a ternary statement:
- set_fact:
my_var: "{{ my_other_var | from_json if (my_other_var |
type_debug == 'str') else my_other_var }}"
That should result in desired behavior.
M.
> What happens right now is this:
>
> if my_other_var is str -> It works
> if my_other_var is dict -> it gives me the error saying that my_other_var
> should be a string to be converted from_json. But I would expect that being
> the condition on the left = False, it would ignore the left condition on the
> ternary and only consider the rightmost condition.
>
> I also tried using when:
>
> -- name: Set fact for string object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'str')
>
>
> - name: Set fat for dict object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'dict')
>
> However, if "my_other_var" is dict, the first block (named set fact for
> string object) gives me the same error as before. I was actually expecting
> that being the when statement equals to false, it would simply ignore it.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8e08a7c9-9f2a-4c83-a7c4-ab9aa389b4e2%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CADDq2ENmBvy7%2B1rXhJ--G1c2aYDPiwJnCDU2%3D3TiC8%3D-Ergxww%40mail.gmail.com.
Re: [ansible-project] ternary clarification needed
On Wed, 25 Mar 2020 23:54:57 -0700 (PDT)
Davide Scrimieri wrote:
> I want to convert "my_other_var" to an object only if it is
> passed as as string, otherwise I don't want to touch the object, and leave
> it as it is.
>
> - set_fact:
> my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
> (my_other_var | from_json, my_other_var }}"
I'd rather use "from_yaml". JSON is a subset of YAML. How to test types see
https://jinja.palletsprojects.com/en/master/templates/#list-of-builtin-tests
For example
vars:
my_other_var1: "'my': {'other': {'var1': 'var1'}}"
my_other_var2:
my:
other:
var2: var2
tasks:
- debug:
msg: "{{ item is string|ternary(item|from_yaml, item) }}"
loop:
- "{{ my_other_var1 }}"
- "{{ my_other_var2 }}"
gives
ok: [localhost] => (item='my': {'other': {'var1': 'var1'}}) => {
"msg": {
"my": {
"other": {
"var1": "var1"
}
}
}
}
ok: [localhost] => (item={u'my': {u'other': {u'var2': u'var2'}}}) => {
"msg": {
"my": {
"other": {
"var2": "var2"
}
}
}
}
HTH,
-vlado
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/20200326091302.150b60ad%40gmail.com.
pgpLS1bWwMVxu.pgp
Description: OpenPGP digital signature
Re: [ansible-project] Re: ternary clarification needed
> Whenever a ternary is used are both conditions evaluated regardless ?
A ternary filter consists of three parts:
a) the condition
b) the statement to be evaluated if the condition is true
c) the statement to be evaluted if the condition is false.
Only one of b) and c) will be evaluated, but the condition will always be
evaluated IF the ternary statement itself is evaluated.
Regards, K.
On Thu, Mar 26, 2020 at 6:02 PM Davide Scrimieri
wrote:
>
> UPDATE: PLEASE, DISCARD what I said about the when statement at the end of
> my post, in my original code I had a typo, and was not working for other
> reasons. The first part of the post about the ternary statement still stands
>
>
> On Thursday, March 26, 2020 at 7:54:58 AM UTC+1, Davide Scrimieri wrote:
>>
>> Hello,
>>
>> Whenever a ternary is used are both conditions evaluated regardless ?
>>
>> For example, I want to convert "my_other_var" to an object only if it is
>> passed as as string, otherwise I don't want to touch the object, and leave
>> it as it is.
>>
>> - set_fact:
>> my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
>> (my_other_var | from_json, my_other_var }}"
>>
>> What happens right now is this:
>>
>> if my_other_var is str -> It works
>> if my_other_var is dict -> it gives me the error saying that my_other_var
>> should be a string to be converted from_json. But I would expect that being
>> the condition on the left = False, it would ignore the left condition on
>> the ternary and only consider the rightmost condition.
>>
>> I also tried using when:
>>
>> -- name: Set fact for string object
>> set_fact:
>> my_var: "{{ my_other_var | from_json }}"
>> when: (my_other_var | type_debug == 'str')
>>
>>
>> - name: Set fat for dict object
>> set_fact:
>> my_var: "{{ my_other_var | from_json }}"
>> when: (my_other_var | type_debug == 'dict')
>>
>> However, if "my_other_var" is dict, the first block (named set fact for
>> string object) gives me the same error as before. I was actually expecting
>> that being the when statement equals to false, it would simply ignore it.
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3e0c7994-6e18-44bb-afc5-807607fa2a88%40googlegroups.com
>
> .
>
--
*Karl Auer* { manager, systems support }
P: 1300 759 975
E: ka...@2pisoftware.com
2pisoftware.com
GPG/PGP : DF6A 43E5 FB9D D884 C6CA CD7F 5278 212D E80F C107
Previous: 301B 1F4E 624D AD99 242C 7A68 EC24 7113 E854 4A4E
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CA%2B%2BT08Q2W5f9OZXdgdLBDHZYW8WmpyDW%3D2%3Dw1wu45kz2ji%3DE5Q%40mail.gmail.com.
[ansible-project] Re: ternary clarification needed
UPDATE: PLEASE, DISCARD what I said about the when statement at the end of
my post, in my original code I had a typo, and was not working for other
reasons. The first part of the post about the ternary statement still stands
On Thursday, March 26, 2020 at 7:54:58 AM UTC+1, Davide Scrimieri wrote:
>
> Hello,
>
> Whenever a ternary is used are both conditions evaluated regardless ?
>
> For example, I want to convert "my_other_var" to an object only if it is
> passed as as string, otherwise I don't want to touch the object, and leave
> it as it is.
>
> - set_fact:
> my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
> (my_other_var | from_json, my_other_var }}"
>
> What happens right now is this:
>
> if my_other_var is str -> It works
> if my_other_var is dict -> it gives me the error saying that my_other_var
> should be a string to be converted from_json. But I would expect that being
> the condition on the left = False, it would ignore the left condition on
> the ternary and only consider the rightmost condition.
>
> I also tried using when:
>
> -- name: Set fact for string object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'str')
>
>
> - name: Set fat for dict object
> set_fact:
> my_var: "{{ my_other_var | from_json }}"
> when: (my_other_var | type_debug == 'dict')
>
> However, if "my_other_var" is dict, the first block (named set fact for
> string object) gives me the same error as before. I was actually expecting
> that being the when statement equals to false, it would simply ignore it.
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/3e0c7994-6e18-44bb-afc5-807607fa2a88%40googlegroups.com.
[ansible-project] ternary clarification needed
Hello,
Whenever a ternary is used are both conditions evaluated regardless ?
For example, I want to convert "my_other_var" to an object only if it is
passed as as string, otherwise I don't want to touch the object, and leave
it as it is.
- set_fact:
my_var: "{{ ( my_other_var | type_debug == 'str' ) | ternary
(my_other_var | from_json, my_other_var }}"
What happens right now is this:
if my_other_var is str -> It works
if my_other_var is dict -> it gives me the error saying that my_other_var
should be a string to be converted from_json. But I would expect that being
the condition on the left = False, it would ignore the left condition on
the ternary and only consider the rightmost condition.
I also tried using when:
-- name: Set fact for string object
set_fact:
my_var: "{{ my_other_var | from_json }}"
when: (my_other_var | type_debug == 'str')
- name: Set fat for dict object
set_fact:
my_var: "{{ my_other_var | from_json }}"
when: (my_other_var | type_debug == 'dict')
However, if "my_other_var" is dict, the first block (named set fact for
string object) gives me the same error as before. I was actually expecting
that being the when statement equals to false, it would simply ignore it.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/8e08a7c9-9f2a-4c83-a7c4-ab9aa389b4e2%40googlegroups.com.
Re: [ansible-project] Unable to get correct disk space utilized percentage using Ansible API
Thank you @Kai for the excellent explanation :)
On Thursday, March 26, 2020 at 12:41:00 AM UTC+5:30, Kai Stian Olstad wrote:
>
> On Wed, Mar 25, 2020 at 09:54:07AM -0700, Shifa Shaikh wrote:
> > @Kia Hi,
> >
> > As suggested I tried
> >
> > item.size_total instead of item.size_available
> >
> > "{{ ansible_host }}_{{ item.mount }}: {{ (100 * ((item.size_total -
> > item.size_available) / item.size_total)) | round(1, 'common') }}"
> >
> >
> >
> > but it still gives me 22.2 % value instead of 19%
> >
> > Can you please let me know what's wrong and why the difference?
>
> This is a little out of scope of this list, so I'll keep it brief.
>
> When you create a filesystem mkfs reserve some block on the device.
> df output available block but this value doesn't count the reserved
> blocks.
>
> Filesystem1K-blocks Used Available Use% Mounted on
> /dev/mapper/ihs_vg_yt 51466720 8790352 40038956 19% /ihs
>
> Just to illustrate on your df output of /ihs by doing Total - Used -
> Available should equal 0 if no blocks was reserved.
>
> 51466720 - 8790352 - 40038956 = 82715324
> So you have about 82.7 million 1K blocks reserved.
>
> df uses the "Used" / ( "Used" + "Available") to calculate used
> 8790352 / (8790352 + 40038956) = approx. 0,18002205
>
> So a little over 18 percent which is rounded up to 19%
>
> When you in Ansible do size_total - size_available you are including the
> reserved blocks in used and that is why you get a higher number than df.
>
>
> --
> Kai Stian Olstad
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f3df456b-537f-4e6e-a234-c3e2500cea6f%40googlegroups.com.
