[ansible-project] Re: Window patch module not working on 2.9 Ansible

[Amit Kumar]

Any help will be really appreciable, As i am stuck here and waste day but 
didn't find any solution




On Monday, May 11, 2020 at 7:19:55 PM UTC+5:30, Amit Kumar wrote:
>
> Hi ,
>
> I tried to installed the window patch with below yml but it's not 
> installing the found patch.
> It just search the patch and skipped that patch, kindly please suggest 
> Where i am doing wrong.   
>
> I have mention the Yml file and output of playbook.
>
>
> Window patch installation win_patch.yml file 
> 
> ---
> # update-windows-test.yaml
> - hosts: win
>   vars:
> win_updates_categories:
>   - SecurityUpdates
>   - CriticalUpdates
>   - UpdateRollups
>   - DefinitionUpdates
>   - Updates
>   - Application
>   - Connectors
>   - DeveloperKits
>   - FeaturePacks
>   - Guidance
>   - ServicePacks
>   - Tools
>   - UpdateRollups
>
>   tasks:
> # Check for missing updates
> - name: check for missing updates
>   win_updates:
> state: searched
> catagory_names: "{{ win_updates_categories }}"
>   register: update_count
>   ignore_errors: yes
>
> - name: reboot if required
>   win_reboot:
>   when: update_count.reboot_required
>   ignore_errors: yes
>  #Install updates
> - name: install updates
>   debugger: on_skipped
>   win_updates:
> catagory_names: "{{ win_updates_categories }}"
> reboot: yes
> register: update_result
>
>
> ---
> Output
>
> 
> ansible@ansible:~/rx_testing$ ansible-playbook win_patch_file3.yml -vvv
> ansible-playbook 2.9.7
>   config file = /home/ansible/rx_testing/ansible.cfg
>   configured module search path = 
> [u'/home/ansible/.ansible/plugins/modules', 
> u'/usr/share/ansible/plugins/modules']
>   ansible python module location = /usr/lib/python2.7/dist-packages/ansible
>   executable location = /usr/bin/ansible-playbook
>   python version = 2.7.17 (default, Apr 15 2020, 17:20:14) [GCC 7.5.0]
> Using /home/ansible/rx_testing/ansible.cfg as config file
> host_list declined parsing /home/ansible/rx_testing/inventory as it did 
> not pass its verify_file() method
> script declined parsing /home/ansible/rx_testing/inventory as it did not 
> pass its verify_file() method
> auto declined parsing /home/ansible/rx_testing/inventory as it did not 
> pass its verify_file() method
> Parsed /home/ansible/rx_testing/inventory inventory source with ini plugin
>
> PLAYBOOK: win_patch_file3.yml 
> ***
> 1 plays in win_patch_file3.yml
>
> PLAY [win] 
> **
>
> TASK [Gathering Facts] 
> **
> task path: /home/ansible/rx_testing/win_patch_file3.yml:3
> Using module file 
> /usr/lib/python2.7/dist-packages/ansible/modules/windows/setup.ps1
> Pipelining is enabled.
> <10.100.100.206> ESTABLISH WINRM CONNECTION FOR USER: Administrator on 
> PORT 5986 TO 10.100.100.206
> EXEC (via pipeline wrapper)
> ok: [10.100.100.206]
> META: ran handlers
>
> TASK [check for missing updates] 
> 
> task path: /home/ansible/rx_testing/win_patch_file3.yml:22
> win_updates: running win_updates module
> Using module file 
> /usr/lib/python2.7/dist-packages/ansible/modules/windows/win_updates.ps1
> Pipelining is enabled.
> <10.100.100.206> ESTABLISH WINRM CONNECTION FOR USER: Administrator on 
> PORT 5986 TO 10.100.100.206
> EXEC (via pipeline wrapper)
> ok: [10.100.100.206] => {
> "changed": false,
> "filtered_updates": {
> "05775fa0-d13e-49eb-89dc-74fba83fcdbf": {
> "categories": [
> "Definition Updates",
> "Windows Defender"
> ],
> "filtered_reason": "category_names",
> "id": "05775fa0-d13e-49eb-89dc-74fba83fcdbf",
> "installed": false,
> "kb": [
> "2267602"
> ],
> "title": "Security Intelligence Update for Windows Defender 
> Antivirus - KB2267602 (Version 1.315.427.0)"
> }
> },
> "found_update_count": 0,
> "installed_update_count": 0,
> "reboot_required": false,
> "updates": {}
> }
>
> TASK [reboot if required] 
> 

Re: [ansible-project] Create user with ssh key, error deploying key

[Joe G]

That did it, thanks.  I've been struggling with yaml spacing lately. I've 
installed yamllint and ansible-lint but in some cases they don't 
necessarily help if you don't understand proper formatting to begin with. 
I've got some learning to do here.  

Any suggestion on the best way to execute user creation and deletion based 
on conditional access?  For example only the dev guys get access to dev 
systems, qa get accounts on qa systems.  My thought was to create different 
user files for each group and then when running the playbook specify the 
host groups. I'm not sure how to get the users set up like a host file in 
groups or if this is possible. Maybe I'm over thinking this and there's a 
simpler way that this has been done. 


On Monday, May 11, 2020 at 12:01:36 PM UTC-7, Stefan Hornburg (Racke) wrote:
>
> On 5/11/20 8:53 PM, Joe G wrote: 
> > I couldn't remember but I checked the key and it's in 
> ecdsa-sha2-nistp256 format.  I'll play around with this and 
> > troubleshoot more, I'm just glad the mechanics are working and can work 
> on improving it.  I'm still somewhat novice to 
> > ansible but learning quite a bit lately. 
> > 
> > 
> > This same task I'm trying to ensure the user is created with /bin/bash 
> shell and I thought that was the default but it 
> > doesn't get appended to my user account after creation.  When I try to 
> add it to the file it errors out interpreting it 
> > as another task. Any idea how I rectify this one? 
>
> Module parameters needs to be intended (e.g. shell), task parameters (e.g. 
> with_items) are on the same level as the task. 
>
> This should do the trick: 
>
> - name: Create Users On VMs 
>   user: 
> name: "{{ item.username }}" 
> shell: /bin/bash 
>   with_items: "{{ users }}" 
>
> Regards 
>   Racke 
>
> > 
> > 
> > | 
> > --- 
> > # task file for manage_ssh_users 
> > - include_vars: users.yml 
> > - name: Create Users On VMs 
> >   user: name="{{ item.username }}" 
> >   with_items: "{{ users }}" 
> >   shell: /bin/bash 
> >   #groups: 
> > 
> > - name: Add .ssh Keys and Directories 
> >   authorized_key: > 
> > user="{{item.username}}" 
> > key="{{ lookup('file', './files/{{ item.username}}_id_rsa.pub')}}" 
> >   with_items: "{{ users }}" 
> > | 
> > 
> > 
> > | 
> > ERROR! conflicting action statements: shell, user 
> > 
> > The error appears to have been in 
> '/home/ansible/roles/manage-ssh-users/tasks/ssh_users.yml': line 3, column 
> 3, but may 
> > be elsewhere in the file depending on the exact syntax problem. 
> > 
> > The offending line appears to be: 
> > 
> > - include_vars: users.yml 
> > - name: Create Users On VMs 
> >   ^ here 
> > | 
> > 
> > 
> > 
> > 
> > 
> > On Monday, May 11, 2020 at 11:22:31 AM UTC-7, Dick Visser wrote: 
> > 
> > Depends which ecdsa, there are 3 of them: 
> > 
> > 
> https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/system/authorized_key.py#L400-L407
>  
> > <
> https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/system/authorized_key.py#L400-L407>
>  
>
> > 
> > 
> > 
> > On Mon, 11 May 2020 at 19:47, Joe G  > wrote: 
> > 
> > Awesome, thanks for the assist.  I created a new key using RSA 
> and it's working.  Does ansible not work with 
> > ecdsa? That's the only difference in the two pub keys I used 
> > 
> > On Thursday, May 7, 2020 at 3:59:15 PM UTC-7, Dick Visser wrote: 
> > 
> > parsekey 
> > IndexError: list index out of range 
> > 
> > 
> > Pretty much says it - something is wrong with the pubkey, in 
> the sense 
> > that the authorized_key module can parse it (see 
> > modules/system/authorized_key.py). 
> > LIkely something with the options of the pubkey, their 
> quoting, or 
> > something with comments (#)? 
> > 
> > What does your pubkey look like? 
> > 
> > 
> > 
> > On Fri, 8 May 2020 at 00:27, Michael Mullay <
> mmu...@gmail.com> wrote: 
> > > 
> > > Perhaps your ssh key file is somehow malformed? What 
> happens if you go old-school and use ssh-copy-id to 
> > try to copy over the key file that way? At least you'll know 
> if it's a problem with your key or the playbook 
> > (and if it works with ssh-copy-id of course you can just 
> delete it off the target host when you are ready to 
> > retry with your ansible playbook). 
> > > 
> > > 
> > > On Thu, May 7, 2020 at 1:48 PM Joe G  
> wrote: 
> >  
> >  I appreciate the suggestion though I don't believe that 
> is the solution to my problem, right? I suppose 
> > I should have posted the actual playbook I'm working with. 
> The one previously provided was just a test one. 
> > >> 
> > >> 
> > >> Here's the task yml file within the role 
> > >> 
> >  

Re: [ansible-project] Re: fortigate / fortinet

[Kai Stian Olstad]

On Thu, May 07, 2020 at 06:03:47AM -0700, Andrew Meyer wrote:
> Here is what I am getting:
> 
> ansible -m ping 10.150.1.1 --user=ansible
> [WARNING]: sftp transfer mechanism failed on [10.150.1.1]. Use 
> ANSIBLE_DEBUG=1 to see detailed information
> [WARNING]: scp transfer mechanism failed on [10.150.1.1]. Use 
> ANSIBLE_DEBUG=1 to see detailed information
> 10.150.1.1 | FAILED! => {
> "changed": false,
> "module_stderr": "Shared connection to 10.150.1.1 closed.\r\n",
> "module_stdout": "fw01 # Unknown action 0\r\n\r\nfw01 # ",
> "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
> "rc": 0
> }
> 
> On Wednesday, May 6, 2020 at 2:49:51 PM UTC-5, Andrew Meyer wrote:
> >
> > Has anyone gotten a fortinet/fortigate playbook to work?  I have a 
> > Fortigate 100D running 6.2.2 and I can't get it to pass an ansible ping.

I don't know what a Fortigate is, but I guess some kind of network equipment.

Ansible ping is not a ICMP ping, it's a module that copies a Python script to
the remote host and run the Python script on that host.

Most network equipment doesn't have a proper shell(which "default" Ansible 
need) and Python installed.

So to use Ansible you need to use the raw and/or expect module so interact with 
the device.
You also have Ansible for Network that might work
https://docs.ansible.com/ansible/latest/network/index.html

-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200511210811.nlghj6tt77f4stnq%40olstad.com.

[ansible-project] Re: Ansible can't access my network devices. Getting : FAILED! => {"changed": false, "msg": "Connection type ssh is not valid for this module"}

[Franz Ford Decrito]

Try adding the "*connection:local*" under your hosts

- hosts: "myhost"
  connection: local


On Thursday, November 14, 2019 at 12:35:32 PM UTC+8, Palmer wrote:
>
> Hi, 
>
> I'm new to Ansible and trying to write my first playbook. 
>
> But i keep getting an error:  *fatal: [RTR1]: FAILED! => {"changed": 
> false, "msg": "Connection type ssh is not valid for this module"}*
>
> I'm suspecting Ansible is complaining about my Cisco devices ssh settings 
> (running diffie-hellman-group1-sha1) but I'm not sure if that's correct. 
> Will appreciate your assistance
>
> [image: anserror.JPG]
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/58a36eb4-5cbd-4a63-b61c-eabb9963a6ce%40googlegroups.com.

Re: [ansible-project] Problem using when condition for empty variable

[Kai Stian Olstad]

On Thu, May 07, 2020 at 02:25:16AM -0700, דודו דודו wrote:
> Using domain_name | default("") == ""  skip the task no matter if i have 
> value or not 

The reason this doesn't work is because default only work on undefined variable,
but your variable is not undefined it's set to null.


> > On 5/7/20 10:35 AM, דודו דודו wrote: 
> > > - name: Copy realm  LDAP Support 
> > > copy: 
> > >   src: "{{ realm_src_path }}{{ realm_template_file_name }}" 
> > > dest: "{{ realm_dest_path }}{{ realm_updated_file_name }}" 
> > > when: domain_name == "" 
> >
> > > task path: /data/ansible/new2_keycloak/create-realm-secert.yml:18 
> > > ok: [10.164.237.140] => { 
> > > "msg": null 

Here you see that you variable is set to null, in Jinja that is the same as
none, so you can use this.

  when: domain_name is none

-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20200511205048.x2nlupbnffxty55e%40olstad.com.

Re: [ansible-project] If unreachable - stop giving Failed out and move to next host

[Work-Hard]

Hi Dick, 
The script from the article reports a 404 error for Ec2 external inventory 
script. Do you have it handy ?

https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#inventory-script-example-aws-ec2


On Friday, May 8, 2020 at 8:50:03 PM UTC-7, Dick Visser wrote:
>
> This is exactly what the dynamic inventory is meant for. Basically if 
> queries the aws api to fetch a list of the instances that are up, and 
> provides that as the inventory. 
>
>
> https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#inventory-script-example-aws-ec2
>
>
>
> On Fri, 8 May 2020 at 23:09, Work-Hard > 
> wrote:
>
>> Hi Dick,
>> I just to make sure on your suggestion that I have over 100 hosts that 
>> brought up and down dynamically. My goal is that the tasks should stop 
>> reporting HUGE errors in the output and we save them to be reviewed by 
>> external companies. Is it possible ?
>>
>> On Friday, May 8, 2020 at 11:16:31 AM UTC-7, Dick Visser wrote:
>>>
>>> You could use the ec2.py dynamic inventory to at least target the 
>>> instances that are powered on. It's more elegant than ignoring errors etc 
>>>
>>> On Fri, 8 May 2020 at 17:45, Work-Hard  wrote:
>>>
 Brian if I remove ignore_unreachable=true. The playbook halts to 
 continue the playbook.




 On Friday, May 8, 2020 at 7:47:19 AM UTC-7, Brian Coca wrote:
>
> if you want to stop that ... dont use ignore_unreachable=true, the 
> 'default' behaviour is to remove the host from play and not try 
> executing subsequent tasks (that of course fail again). 
>
>
> -- 
> -- 
> Brian Coca 
>
> -- 
 You received this message because you are subscribed to the Google 
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send 
 an email to ansible...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/ansible-project/cabf81b2-0451-417e-b108-df53a91f3dff%40googlegroups.com
  
 
 .

>>> -- 
>>> Sent from a mobile device - please excuse the brevity, spelling and 
>>> punctuation.
>>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/89732f66-d11f-4dab-86b4-c560e035c52a%40googlegroups.com
>>  
>> 
>> .
>>
> -- 
> Sent from a mobile device - please excuse the brevity, spelling and 
> punctuation.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d0db9791-7508-4195-a85b-8f36fbf2b2be%40googlegroups.com.

Re: [ansible-project] Create user with ssh key, error deploying key

[Stefan Hornburg (Racke)]

On 5/11/20 8:53 PM, Joe G wrote:
> I couldn't remember but I checked the key and it's in ecdsa-sha2-nistp256 
> format.  I'll play around with this and
> troubleshoot more, I'm just glad the mechanics are working and can work on 
> improving it.  I'm still somewhat novice to
> ansible but learning quite a bit lately.
> 
> 
> This same task I'm trying to ensure the user is created with /bin/bash shell 
> and I thought that was the default but it
> doesn't get appended to my user account after creation.  When I try to add it 
> to the file it errors out interpreting it
> as another task. Any idea how I rectify this one?

Module parameters needs to be intended (e.g. shell), task parameters (e.g. 
with_items) are on the same level as the task.

This should do the trick:

- name: Create Users On VMs
  user:
name: "{{ item.username }}"
shell: /bin/bash
  with_items: "{{ users }}"

Regards
  Racke

>
> 
> |
> ---
> # task file for manage_ssh_users
> - include_vars: users.yml
> - name: Create Users On VMs
>   user: name="{{ item.username }}"
>   with_items: "{{ users }}"
>   shell: /bin/bash
>   #groups:
> 
> - name: Add .ssh Keys and Directories
>   authorized_key: >
>     user="{{item.username}}"
>     key="{{ lookup('file', './files/{{ item.username}}_id_rsa.pub')}}"
>   with_items: "{{ users }}"
> |
> 
> 
> |
> ERROR! conflicting action statements: shell, user
> 
> The error appears to have been in 
> '/home/ansible/roles/manage-ssh-users/tasks/ssh_users.yml': line 3, column 3, 
> but may
> be elsewhere in the file depending on the exact syntax problem.
> 
> The offending line appears to be:
> 
> - include_vars: users.yml
> - name: Create Users On VMs
>   ^ here
> |
> 
> 
> 
> 
> 
> On Monday, May 11, 2020 at 11:22:31 AM UTC-7, Dick Visser wrote:
> 
> Depends which ecdsa, there are 3 of them:
> 
> 
> https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/system/authorized_key.py#L400-L407
> 
> 
> 
> 
> 
> On Mon, 11 May 2020 at 19:47, Joe G > 
> wrote:
> 
> Awesome, thanks for the assist.  I created a new key using RSA and 
> it's working.  Does ansible not work with
> ecdsa? That's the only difference in the two pub keys I used
> 
> On Thursday, May 7, 2020 at 3:59:15 PM UTC-7, Dick Visser wrote:
> 
> parsekey
> IndexError: list index out of range
> 
> 
> Pretty much says it - something is wrong with the pubkey, in the 
> sense
> that the authorized_key module can parse it (see
> modules/system/authorized_key.py).
> LIkely something with the options of the pubkey, their quoting, or
> something with comments (#)?
> 
> What does your pubkey look like?
> 
> 
> 
> On Fri, 8 May 2020 at 00:27, Michael Mullay  
> wrote:
> >
> > Perhaps your ssh key file is somehow malformed? What happens if 
> you go old-school and use ssh-copy-id to
> try to copy over the key file that way? At least you'll know if 
> it's a problem with your key or the playbook
> (and if it works with ssh-copy-id of course you can just delete 
> it off the target host when you are ready to
> retry with your ansible playbook).
> >
> >
> > On Thu, May 7, 2020 at 1:48 PM Joe G  wrote:
> 
>  I appreciate the suggestion though I don't believe that is 
> the solution to my problem, right? I suppose
> I should have posted the actual playbook I'm working with. The 
> one previously provided was just a test one.
> >>
> >>
> >> Here's the task yml file within the role
> >>
> >> - include_vars: users.yml
> >> - name: Create Users On VMs
> >>   user: name="{{ item.username }}"
> >>   with_items: "{{ users }}"
> >>   #shell: /bin/bash
> >>   #groups:
> >>
> >> - name: Add .ssh Keys and Directories
> >>   authorized_key: >
> >>     user="{{item.username}}"
> >>     key="{{ lookup('file', './files/{{ 
> item.username}}_id_rsa.pub')}}"
> >>   with_items: "{{ users }}"
> >>
> >>  Error
> >> failed: [test.preprod.io ] 
> (item={u'username': u'joe'}) => {
> >>     "changed": false,
> >>     "item": {
> >>         "username": "joe"
> >>     },
> >>     "module_stderr": "OpenSSH_7.4p1 Debian-10+deb9u6, OpenSSL 
> 1.0.2u  20 Dec 2019\r\ndebug1: Reading
> configuration data /etc/ssh/ssh_config\r\ndebug1: 
> /etc/ssh/ssh_config line 19: Applying options for
> *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 

Re: [ansible-project] Create user with ssh key, error deploying key

[Joe G]

I couldn't remember but I checked the key and it's in ecdsa-sha2-nistp256 
format.  I'll play around with this and troubleshoot more, I'm just glad 
the mechanics are working and can work on improving it.  I'm still somewhat 
novice to ansible but learning quite a bit lately.


This same task I'm trying to ensure the user is created with /bin/bash 
shell and I thought that was the default but it doesn't get appended to my 
user account after creation.  When I try to add it to the file it errors 
out interpreting it as another task. Any idea how I rectify this one?

---
# task file for manage_ssh_users
- include_vars: users.yml
- name: Create Users On VMs
  user: name="{{ item.username }}"
  with_items: "{{ users }}"
  shell: /bin/bash
  #groups:

- name: Add .ssh Keys and Directories
  authorized_key: >
user="{{item.username}}"
key="{{ lookup('file', './files/{{ item.username}}_id_rsa.pub')}}"
  with_items: "{{ users }}"


ERROR! conflicting action statements: shell, user

The error appears to have been in 
'/home/ansible/roles/manage-ssh-users/tasks/ssh_users.yml': line 3, column 
3, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

- include_vars: users.yml
- name: Create Users On VMs
  ^ here





On Monday, May 11, 2020 at 11:22:31 AM UTC-7, Dick Visser wrote:
>
> Depends which ecdsa, there are 3 of them:
>
>
> https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/system/authorized_key.py#L400-L407
>
>
>
> On Mon, 11 May 2020 at 19:47, Joe G > 
> wrote:
>
>> Awesome, thanks for the assist.  I created a new key using RSA and it's 
>> working.  Does ansible not work with ecdsa? That's the only difference in 
>> the two pub keys I used
>>
>> On Thursday, May 7, 2020 at 3:59:15 PM UTC-7, Dick Visser wrote:
>>>
>>> parsekey 
>>> IndexError: list index out of range 
>>>
>>>
>>> Pretty much says it - something is wrong with the pubkey, in the sense 
>>> that the authorized_key module can parse it (see 
>>> modules/system/authorized_key.py). 
>>> LIkely something with the options of the pubkey, their quoting, or 
>>> something with comments (#)? 
>>>
>>> What does your pubkey look like? 
>>>
>>>
>>>
>>> On Fri, 8 May 2020 at 00:27, Michael Mullay  wrote: 
>>> > 
>>> > Perhaps your ssh key file is somehow malformed? What happens if you go 
>>> old-school and use ssh-copy-id to try to copy over the key file that way? 
>>> At least you'll know if it's a problem with your key or the playbook (and 
>>> if it works with ssh-copy-id of course you can just delete it off the 
>>> target host when you are ready to retry with your ansible playbook). 
>>> > 
>>> > 
>>> > On Thu, May 7, 2020 at 1:48 PM Joe G  wrote: 
>>>  
>>>  I appreciate the suggestion though I don't believe that is the 
>>> solution to my problem, right? I suppose I should have posted the actual 
>>> playbook I'm working with. The one previously provided was just a test one. 
>>> >> 
>>> >> 
>>> >> Here's the task yml file within the role 
>>> >> 
>>> >> - include_vars: users.yml 
>>> >> - name: Create Users On VMs 
>>> >>   user: name="{{ item.username }}" 
>>> >>   with_items: "{{ users }}" 
>>> >>   #shell: /bin/bash 
>>> >>   #groups: 
>>> >> 
>>> >> - name: Add .ssh Keys and Directories 
>>> >>   authorized_key: > 
>>> >> user="{{item.username}}" 
>>> >> key="{{ lookup('file', './files/{{ 
>>> item.username}}_id_rsa.pub')}}" 
>>> >>   with_items: "{{ users }}" 
>>> >> 
>>> >>  Error 
>>> >> failed: [test.preprod.io] (item={u'username': u'joe'}) => { 
>>> >> "changed": false, 
>>> >> "item": { 
>>> >> "username": "joe" 
>>> >> }, 
>>> >> "module_stderr": "OpenSSH_7.4p1 Debian-10+deb9u6, OpenSSL 1.0.2u 
>>>  20 Dec 2019\r\ndebug1: Reading configuration data 
>>> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying 
>>> options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 
>>> setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 
>>> 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 
>>> remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: 
>>> mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: 
>>> done pid = 22809\r\ndebug3: mux_client_request_session: session request 
>>> sent\r\ndebug1: mux_client_request_session: master session id: 
>>> 2\r\nTraceback (most recent call last):\n  File \"\", line 113, in 
>>> \n  File \"\", line 105, in _ansiballz_main\n  File 
>>> \"\", line 48, in invoke_module\n  File 
>>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 678, in 
>>> \n  File 
>>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 673, in 
>>> main\n  File \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", 
>>> line 572, in enforce_state\n  File 
>>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 439, in 
>>> parsekey\nIndexError: list index out of range\ndebug3: 

Re: [ansible-project] Create user with ssh key, error deploying key

[Dick Visser]

Depends which ecdsa, there are 3 of them:

https://github.com/ansible/ansible/blob/stable-2.9/lib/ansible/modules/system/authorized_key.py#L400-L407



On Mon, 11 May 2020 at 19:47, Joe G  wrote:

> Awesome, thanks for the assist.  I created a new key using RSA and it's
> working.  Does ansible not work with ecdsa? That's the only difference in
> the two pub keys I used
>
> On Thursday, May 7, 2020 at 3:59:15 PM UTC-7, Dick Visser wrote:
>>
>> parsekey
>> IndexError: list index out of range
>>
>>
>> Pretty much says it - something is wrong with the pubkey, in the sense
>> that the authorized_key module can parse it (see
>> modules/system/authorized_key.py).
>> LIkely something with the options of the pubkey, their quoting, or
>> something with comments (#)?
>>
>> What does your pubkey look like?
>>
>>
>>
>> On Fri, 8 May 2020 at 00:27, Michael Mullay  wrote:
>> >
>> > Perhaps your ssh key file is somehow malformed? What happens if you go
>> old-school and use ssh-copy-id to try to copy over the key file that way?
>> At least you'll know if it's a problem with your key or the playbook (and
>> if it works with ssh-copy-id of course you can just delete it off the
>> target host when you are ready to retry with your ansible playbook).
>> >
>> >
>> > On Thu, May 7, 2020 at 1:48 PM Joe G  wrote:
>> 
>>  I appreciate the suggestion though I don't believe that is the
>> solution to my problem, right? I suppose I should have posted the actual
>> playbook I'm working with. The one previously provided was just a test one.
>> >>
>> >>
>> >> Here's the task yml file within the role
>> >>
>> >> - include_vars: users.yml
>> >> - name: Create Users On VMs
>> >>   user: name="{{ item.username }}"
>> >>   with_items: "{{ users }}"
>> >>   #shell: /bin/bash
>> >>   #groups:
>> >>
>> >> - name: Add .ssh Keys and Directories
>> >>   authorized_key: >
>> >> user="{{item.username}}"
>> >> key="{{ lookup('file', './files/{{ item.username}}_id_rsa.pub')}}"
>> >>   with_items: "{{ users }}"
>> >>
>> >>  Error
>> >> failed: [test.preprod.io] (item={u'username': u'joe'}) => {
>> >> "changed": false,
>> >> "item": {
>> >> "username": "joe"
>> >> },
>> >> "module_stderr": "OpenSSH_7.4p1 Debian-10+deb9u6, OpenSSL 1.0.2u
>>  20 Dec 2019\r\ndebug1: Reading configuration data
>> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying
>> options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3
>> setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version
>> 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0
>> remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3:
>> mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive:
>> done pid = 22809\r\ndebug3: mux_client_request_session: session request
>> sent\r\ndebug1: mux_client_request_session: master session id:
>> 2\r\nTraceback (most recent call last):\n  File \"\", line 113, in
>> \n  File \"\", line 105, in _ansiballz_main\n  File
>> \"\", line 48, in invoke_module\n  File
>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 678, in
>> \n  File
>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 673, in
>> main\n  File \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\",
>> line 572, in enforce_state\n  File
>> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 439, in
>> parsekey\nIndexError: list index out of range\ndebug3:
>> mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received
>> exit status from master 1\r\n",
>> >> "module_stdout": "",
>> >> "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
>> >> "rc": 1
>> >> }
>> >>
>> >>
>> >>
>> >> --
>> >> You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> >> To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible...@googlegroups.com.
>> >> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/d41dc096-c6e8-4fa5-b31b-b495d3e8a4b1%40googlegroups.com.
>>
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "Ansible Project" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to ansible...@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAH4rTPu%2BXsAgNLFBGOASNdaTXre3Dp5DkM4WV8pvRRWgi91SgQ%40mail.gmail.com.
>>
>>
>>
>>
>> --
>> Dick Visser
>> Trust & Identity Service Operations Manager
>> GÉANT
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> 

Re: [ansible-project] Create user with ssh key, error deploying key

[Joe G]

Awesome, thanks for the assist.  I created a new key using RSA and it's 
working.  Does ansible not work with ecdsa? That's the only difference in 
the two pub keys I used

On Thursday, May 7, 2020 at 3:59:15 PM UTC-7, Dick Visser wrote:
>
> parsekey 
> IndexError: list index out of range 
>
>
> Pretty much says it - something is wrong with the pubkey, in the sense 
> that the authorized_key module can parse it (see 
> modules/system/authorized_key.py). 
> LIkely something with the options of the pubkey, their quoting, or 
> something with comments (#)? 
>
> What does your pubkey look like? 
>
>
>
> On Fri, 8 May 2020 at 00:27, Michael Mullay  > wrote: 
> > 
> > Perhaps your ssh key file is somehow malformed? What happens if you go 
> old-school and use ssh-copy-id to try to copy over the key file that way? 
> At least you'll know if it's a problem with your key or the playbook (and 
> if it works with ssh-copy-id of course you can just delete it off the 
> target host when you are ready to retry with your ansible playbook). 
> > 
> > 
> > On Thu, May 7, 2020 at 1:48 PM Joe G > 
> wrote: 
>  
>  I appreciate the suggestion though I don't believe that is the 
> solution to my problem, right? I suppose I should have posted the actual 
> playbook I'm working with. The one previously provided was just a test one. 
> >> 
> >> 
> >> Here's the task yml file within the role 
> >> 
> >> - include_vars: users.yml 
> >> - name: Create Users On VMs 
> >>   user: name="{{ item.username }}" 
> >>   with_items: "{{ users }}" 
> >>   #shell: /bin/bash 
> >>   #groups: 
> >> 
> >> - name: Add .ssh Keys and Directories 
> >>   authorized_key: > 
> >> user="{{item.username}}" 
> >> key="{{ lookup('file', './files/{{ item.username}}_id_rsa.pub')}}" 
> >>   with_items: "{{ users }}" 
> >> 
> >>  Error 
> >> failed: [test.preprod.io] (item={u'username': u'joe'}) => { 
> >> "changed": false, 
> >> "item": { 
> >> "username": "joe" 
> >> }, 
> >> "module_stderr": "OpenSSH_7.4p1 Debian-10+deb9u6, OpenSSL 1.0.2u 
>  20 Dec 2019\r\ndebug1: Reading configuration data 
> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: Applying 
> options for *\r\ndebug1: auto-mux: Trying existing master\r\ndebug2: fd 3 
> setting O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version 
> 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0 
> remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3: 
> mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive: 
> done pid = 22809\r\ndebug3: mux_client_request_session: session request 
> sent\r\ndebug1: mux_client_request_session: master session id: 
> 2\r\nTraceback (most recent call last):\n  File \"\", line 113, in 
> \n  File \"\", line 105, in _ansiballz_main\n  File 
> \"\", line 48, in invoke_module\n  File 
> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 678, in 
> \n  File 
> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 673, in 
> main\n  File \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", 
> line 572, in enforce_state\n  File 
> \"/tmp/ansible_authorized_key_payload_GKpQf3/__main__.py\", line 439, in 
> parsekey\nIndexError: list index out of range\ndebug3: 
> mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received 
> exit status from master 1\r\n", 
> >> "module_stdout": "", 
> >> "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", 
> >> "rc": 1 
> >> } 
> >> 
> >> 
> >> 
> >> -- 
> >> You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> >> To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible...@googlegroups.com . 
> >> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/d41dc096-c6e8-4fa5-b31b-b495d3e8a4b1%40googlegroups.com.
>  
>
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/CAH4rTPu%2BXsAgNLFBGOASNdaTXre3Dp5DkM4WV8pvRRWgi91SgQ%40mail.gmail.com.
>  
>
>
>
>
> -- 
> Dick Visser 
> Trust & Identity Service Operations Manager 
> GÉANT 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8815d333-4853-48a4-9358-abccb92ce9db%40googlegroups.com.

Re: [ansible-project] Re: Ansible is ignoring my group vars, hoping I'm doing something obviously wrong...

[David Sudia]

To close this out, I realized from your example that in my debug statements 
I was putting the var in "{{}}", which was giving me bad info and making it 
look like the var was undefined. Once I took it out of the quotes/curlies, 
I saw that the var I was trying to use was being overridden by a var 
provided by my host.

So thank you for the help! Problem solved!

On Sunday, May 10, 2020 at 1:31:50 PM UTC-6, Vladimir Botka wrote:
>
> Hi David, 
>
> On Sun, 10 May 2020 11:21:18 -0700 (PDT) 
> David Sudia > wrote: 
>
> > My understanding was that group_vars needed to be in the same directory 
> as 
> > the inventory to work, but in your example it looks like group_vars is 
> one 
> > directory up, is that correct? 
>
> Yes. It is correct. Ansible loads host and group variable files by 
> searching 
> paths relative to the inventory file or the playbook. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9e5a8d17-0e4b-4a9c-abce-a20e01d2708b%40googlegroups.com.

Re: [ansible-project] Questions about collections and issue tracking

[Matt Martz]

There will be no mass migration/move of issues or PRs.  PRs and issues will
simply be closed, and up to the submitter to migrate or re-submit.

https://github.com/ansible/ansibullbot/blob/master/docs/collection_migration.md#how-do-i-migrate-my-issue-to-another-repo

On Mon, May 11, 2020 at 9:02 AM Brian Coca  wrote:

> When the issues/PRs affect 'moved' code, yes to both.
>
> The bot should already be labeling issues to be moved with the target
> collection, but we won't do a move until we are happy with the success
> rate.
> Until then we encourage you to manually close/open issues as appropriate.
>
>
> --
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7c%2BN839gFwMpWbaJQLYq9MKu0v0cHEq5RZ%2Bfop4xF312A%40mail.gmail.com
> .
>


-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9Jq8mq-_fv_j4%2BK16ZiB1xaVXE-P1do-cPRa2MB%3DdOTg%40mail.gmail.com.

Re: [ansible-project] Questions about collections and issue tracking

[Brian Coca]

When the issues/PRs affect 'moved' code, yes to both.

The bot should already be labeling issues to be moved with the target
collection, but we won't do a move until we are happy with the success
rate.
Until then we encourage you to manually close/open issues as appropriate.


-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7c%2BN839gFwMpWbaJQLYq9MKu0v0cHEq5RZ%2Bfop4xF312A%40mail.gmail.com.

[ansible-project] Window patch module not working on 2.9 Ansible

[Amit Kumar]

Hi ,

I tried to installed the window patch with below yml but it's not 
installing the found patch.
It just search the patch and skipped that patch, kindly please suggest 
Where i am doing wrong.   

I have mention the Yml file and output of playbook.


Window patch installation win_patch.yml file 

---
# update-windows-test.yaml
- hosts: win
  vars:
win_updates_categories:
  - SecurityUpdates
  - CriticalUpdates
  - UpdateRollups
  - DefinitionUpdates
  - Updates
  - Application
  - Connectors
  - DeveloperKits
  - FeaturePacks
  - Guidance
  - ServicePacks
  - Tools
  - UpdateRollups

  tasks:
# Check for missing updates
- name: check for missing updates
  win_updates:
state: searched
catagory_names: "{{ win_updates_categories }}"
  register: update_count
  ignore_errors: yes

- name: reboot if required
  win_reboot:
  when: update_count.reboot_required
  ignore_errors: yes
 #Install updates
- name: install updates
  debugger: on_skipped
  win_updates:
catagory_names: "{{ win_updates_categories }}"
reboot: yes
register: update_result

---
Output

ansible@ansible:~/rx_testing$ ansible-playbook win_patch_file3.yml -vvv
ansible-playbook 2.9.7
  config file = /home/ansible/rx_testing/ansible.cfg
  configured module search path = 
[u'/home/ansible/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible-playbook
  python version = 2.7.17 (default, Apr 15 2020, 17:20:14) [GCC 7.5.0]
Using /home/ansible/rx_testing/ansible.cfg as config file
host_list declined parsing /home/ansible/rx_testing/inventory as it did not 
pass its verify_file() method
script declined parsing /home/ansible/rx_testing/inventory as it did not 
pass its verify_file() method
auto declined parsing /home/ansible/rx_testing/inventory as it did not pass 
its verify_file() method
Parsed /home/ansible/rx_testing/inventory inventory source with ini plugin

PLAYBOOK: win_patch_file3.yml 
***
1 plays in win_patch_file3.yml

PLAY [win] 
**

TASK [Gathering Facts] 
**
task path: /home/ansible/rx_testing/win_patch_file3.yml:3
Using module file 
/usr/lib/python2.7/dist-packages/ansible/modules/windows/setup.ps1
Pipelining is enabled.
<10.100.100.206> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 
5986 TO 10.100.100.206
EXEC (via pipeline wrapper)
ok: [10.100.100.206]
META: ran handlers

TASK [check for missing updates] 

task path: /home/ansible/rx_testing/win_patch_file3.yml:22
win_updates: running win_updates module
Using module file 
/usr/lib/python2.7/dist-packages/ansible/modules/windows/win_updates.ps1
Pipelining is enabled.
<10.100.100.206> ESTABLISH WINRM CONNECTION FOR USER: Administrator on PORT 
5986 TO 10.100.100.206
EXEC (via pipeline wrapper)
ok: [10.100.100.206] => {
"changed": false,
"filtered_updates": {
"05775fa0-d13e-49eb-89dc-74fba83fcdbf": {
"categories": [
"Definition Updates",
"Windows Defender"
],
"filtered_reason": "category_names",
"id": "05775fa0-d13e-49eb-89dc-74fba83fcdbf",
"installed": false,
"kb": [
"2267602"
],
"title": "Security Intelligence Update for Windows Defender 
Antivirus - KB2267602 (Version 1.315.427.0)"
}
},
"found_update_count": 0,
"installed_update_count": 0,
"reboot_required": false,
"updates": {}
}

TASK [reboot if required] 
***
task path: /home/ansible/rx_testing/win_patch_file3.yml:29
skipping: [10.100.100.206] => {
"changed": false,
"skip_reason": "Conditional result was False"
}

TASK [install updates] 

Re: [ansible-project] Line in file

[Sivaraman P]

Thank you for your assistance.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0781ca58-ffb1-426f-a238-6fd3ce387026%40googlegroups.com.

Re: [ansible-project] Line in file

[Stefan Hornburg (Racke)]

On 5/11/20 2:17 PM, Sivaraman P wrote:
> Hi All,
> 
> I am using Line in file nodule to write a list output in ansible to a file in 
> the target machine.
> 
> Below is the code i have used.
> 
> hosts: localhost
> tasks:
>   - lineinfile:
>   create: yes
>   regexp: "NONEXISTENTLINE"
>   dest: /projects/testing/check.txt
>   line : "{{item}}"
>   state: present
> with_items:
> - "{{something}}"
> 
> And that something is a list and its value is given below,
> 
> ["WOAprofile1",
> "WOAprofile2",
> "WOAprofile3"]
> 
> When I am using the above line in file prints each value of the list in 
> separate line.
> But I need the output in the file as below,
> WOAprofile1, WOAprofile2, WOAprofile3
> 
> Note: the number of lines in the variable "something" will be differ from 
> server to server.
>  
> 
> 

Change the line module parameter as below and drop the loop (with_items)

line: "{{ something | join(', ') }}

Regards
 Racke

-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e33673f7-b2b9-be45-a7d3-a7c374f735e6%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

[ansible-project] Line in file

[Sivaraman P]

Hi All,

I am using Line in file nodule to write a list output in ansible to a file in 
the target machine.

Below is the code i have used.

hosts: localhost
tasks:
  - lineinfile:
  create: yes
  regexp: "NONEXISTENTLINE"
  dest: /projects/testing/check.txt
  line : "{{item}}"
  state: present
with_items:
- "{{something}}"

And that something is a list and its value is given below,

["WOAprofile1",
"WOAprofile2",
"WOAprofile3"]

When I am using the above line in file prints each value of the list in 
separate line.
But I need the output in the file as below,
WOAprofile1, WOAprofile2, WOAprofile3

Note: the number of lines in the variable "something" will be differ from 
server to server.
 


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ca1770f8-21e8-4ffc-911c-2d595b43ee56%40googlegroups.com.

Re: [ansible-project] Question on win_lineinfile replace/deleting the values with-in config file

[Stefan Hornburg (Racke)]

On 5/11/20 12:45 PM, Kumaresh kulal wrote:
> Hello,
> 
> I have got a task to configure the config file by removing the not required 
> text from the config file. 
> 
> Sample Config File:
> 
> 
> http://www.nlog-project.org/schemas/NLog.xsd; 
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;>
>    value="${specialfolder:folder=LocalApplicationData}" />
>   
>     
>     
>   
>   
>      fileName="${WorkflowLoggingDirectory}/${shortdate}_Execution.log"
> layout="${time} ${level} ${message}" concurrentWrites="true" encoding="utf-8" 
> writeBom="true" />
>      log="Application" />
>   
> 
> 
> Text to Remove: ${time} ${level} 
> 
> So far I was able to do this using the below win_lineinfile playbook and it 
> works fine:
> 
> ---
> 
> - hosts: all
> 
>   tasks:
> 
>    - name: updating content in config file
> 
>      win_lineinfile:
> 
>        dest: C:\tmp\NLog.config
> 
>        regexp: '^(.*)time(.*)$'
> 
>        line: '     fileName="${WorkflowLoggingDirectory}/${shortdate}_Execution.log" 
> layout="${message}" concurrentWrites="true"
> encoding="utf-8" writeBom="true" />'
> 
>        backrefs: yes
> 
> 
> I would like to know if there is a better way to handle this instead of 
> re-writing the whole line, can I only
> replace/delete the portion of the text?
> 

Lineinfile doesn't make sense for XML files, use (win_)xml module.

Regards
 Racke

> 
> 
> Thank You :-)
> 
> 
> Kumar
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ea6a7f82-5896-4d02-a6a3-5401f0821139%40googlegroups.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3f3b79ea-597d-87c0-1e6b-06f79ce837c9%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] Re: strange variable behaviour/error

[Alfredo De Luca]

hi all.
I figured out why I was having that issue.
The problem was into the jinja2 templates where I found out that if I line
starts with # it's not interpreted as a comment  and so why ansible kept
throwing errors on undefined variable.


ISSUE

[control:vars]

*#kolla_external_vip_interface="{{ network_interface }}"<-
WRONG *
so here the playbook had issues with undefined variable (network_interface)
but cause for me was commented I couldn't understand the error.


FIX
[control:vars]

*{#kolla_external_vip_interface="{{ network_interface }}"##}   <-
RIGHT*
This is a proper comment which now doesn't appear in the target file.

Cheers





On Sun, May 10, 2020 at 7:26 PM Dick Visser  wrote:

> So far you only provided bits of information, like variables without
> values etc.
> We can't magically guess what your environment looks like.
> Please come up with a clear isolated, reproducible playbook, including
> templates, inventory, etc.
>
>
>
>
> On Sun, 10 May 2020 at 19:13, Alfredo De Luca 
> wrote:
>
>> I thought about writing to the community and ask...but before doing that
>> I took the playbook and the template and create a simple project with
>> molecule.
>> Then the same issue. no kolla-ansible/kolla involved at all.
>> So must be something else.
>>
>>
>>
>>
>> On Sun, May 10, 2020 at 1:33 PM Dick Visser 
>> wrote:
>>
>>> This list is about ansible itself, but your issue seems to be highly
>>> specific to the "kolla" framework:
>>> https://docs.openstack.org/project-deploy-guide/kolla-ansible/latest/
>>> I would start by reaching out to that community for support first as
>>> their users will have much more experience with the mechanics of "kolla".
>>>
>>>
>>>
>>> On Sat, 9 May 2020 at 18:25, Alfredo De Luca 
>>> wrote:
>>>
 Apologies if it wasn't clear.
 So it's a playbook that create an inventory file from a template for
 kolla-ansible so it can install Openstack.

 here is the playbook

 ---
 - name: TEMPLATES
   file:
   path: "{{ deploy_env }}/my_envs/openstack/{{ deploy_env }}"
   state: directory
   mode: 0755

 - name: Create inventory file from a template
   template:
   src: templates/osk_inventory.j2
   dest: "{{ deploy_env }}/my_envs/openstack/{{ deploy_env
 }}/osk_inventory_{{ deploy_env }}"
   owner: root
   group: root


 On Sat, May 9, 2020 at 3:55 PM Alfredo De Luca <
 alfredo.del...@gmail.com> wrote:

> Hi all.
> I have ansible 2.9.7 running on ubuntu. I am just running some test
> and one is to create an inventory by a template.
> All good except when I use the template it says
>
>
> *fatal: [instance]: FAILED! => {"changed": false, "msg":
> "AnsibleUndefinedVariable: 'network_interface' is undefined"}*
>
> Now here is the inventory.j2 snip
>
> 
> [control]
> {{ osk_nodes.split(',')[0] }}
>
> [compute]
> {% for node_ip in osk_nodes.split(',') %}
> {{node_ip}}
> {% endfor %}
>
> [all:vars]
> *network_interface=eno1*
> 
>
> Not sure why it keep saying undefined variable. where I specifically
> set the network_interface to eno1.
>
> Any ideas/suggestions?
> Cheers
>
>
>
>
> --
> */Alfredo*
>
>

 --
 */Alfredo*

 --
 You received this message because you are subscribed to the Google
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to ansible-project+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/CAAWpFTFzh%2B_sJf8vBU%3DKga-M6MwyXOcH8pxVDL-9xn4rmqneig%40mail.gmail.com
 
 .

>>> --
>>> Sent from a mobile device - please excuse the brevity, spelling and
>>> punctuation.
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>>
>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAL8fbwOQNuiTvWOyNeEoDXZ7ug-M14Q0v4%2BUL9CW8s8-T7Fd7w%40mail.gmail.com
>>> 
>>> .
>>>
>>
>>
>> --
>> */Alfredo*
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this 

[ansible-project] Question on win_lineinfile replace/deleting the values with-in config file

[Kumaresh kulal]

Hello,

I have got a task to configure the config file by removing the not required 
text from the config file. 

Sample Config File:


http://www.nlog-project.org/schemas/NLog.xsd; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;>
  
  


  
  


  


Text to Remove: ${time} ${level} 

So far I was able to do this using the below win_lineinfile playbook and it 
works fine:

---

- hosts: all

  tasks:

   - name: updating content in config file

 win_lineinfile:

   dest: C:\tmp\NLog.config

   regexp: '^(.*)time(.*)$'

   line: ''

   backrefs: yes


I would like to know if there is a better way to handle this instead of 
re-writing the whole line, can I only replace/delete the portion of the 
text?



Thank You :-)


Kumar

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ea6a7f82-5896-4d02-a6a3-5401f0821139%40googlegroups.com.

Re: [ansible-project] Re: how to run the python script from ansible to Windows 2019?

[Dhilipsingh G]

Hi any suggestions plz
hi ,anyone have idea ?

On Friday, May 8, 2020 at 12:25:03 PM UTC+5:30, Dhilipsingh G wrote:
>
> hi Team ,
>
> i am getting error while run the python script from ansible to windows
> 2019. kindly help  me to fix the issue
>
> error :
>  "Traceback (most recent call last):",
> "  File \"deploy.py\", line 866, in ",
> "DatabaseCreator().main()",
> "  File \"deploy.py\", line 788, in main",
> "os.makedirs(self.ECRF_FGDB_PATH)",
> "  File \"F:\\Python27\\ArcGISx6410.7\\lib\\os.py\", line 150, in
> makedirs",
> "makedirs(head, mode)",
> "  File \"F:\\Python27\\ArcGISx6410.7\\lib\\os.py\", line 150, in
> makedirs",
> "makedirs(head, mode)",
> "  File \"F:\\Python27\\ArcGISx6410.7\\lib\\os.py\", line 150, in
> makedirs",
> "makedirs(head, mode)",
> "  File \"F:\\Python27\\ArcGISx6410.7\\lib\\os.py\", line 157, in
> makedirs",
> "mkdir(name, mode)",
> "WindowsError: [Error 123] The filename, directory name, or volume
> label syntax is incorrect: ''"
>
> --
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/
msgid/ansible-project/252257c0-d589-4522-ac29-a1887161efa2%40googlegroups.
com

.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CANDDiytBz97BqQ3i_LhWLxTYqYQtyqhiT6edM0hxf4YNEf6FYw%40mail.gmail.com.

[ansible-project] Re: Create VM from ISO on ESXI

[David Foley]

>
> Hi,
>

you could just use the following Folder: / 

That will automatically place the Server into the path of  Datacenter/vm/

Using Folder would place it into a more specific folder if needed i.e 
Folder Datacenter/vm/Development/

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/249344c1-783c-4e64-990e-8928353b500b%40googlegroups.com.

Re: [ansible-project] SSh-passwdless login

[Dick Visser]

What is the purpose of this shell script?

Please read 
https://docs.ansible.com/ansible/latest/user_guide/basic_concepts.html#ansible-concepts,
and then 
https://docs.ansible.com/ansible/latest/user_guide/connection_details.html#ssh-key-setup.



On Mon, 11 May 2020 at 06:45, Mahendra gaddam  wrote:
>
> Hi ,
> I'm trying to setup  passwdless authentication for remote machine , when i'm 
> doing manually it's working fine when i'm doing by shell script it's not 
> working could you please help me out this. below is the shell script
>
>
>
> Thanks
>
> filename="id_rsa"
> path="$HOME/.ssh"
>
> if [ $1 ]
> then
> hostname=$1
> if [ $2 ]
> then
> username=$2
> else
> username="$USER"
> fi
> else
> # Read the host and username to store public key (the host/username 
> accepting passwordless ssh from this computer)
> #echo "What host you want to access with passwordless SSH from this 
> computer?"
> #read hostname
> #echo "What is your username on $hostname? ($USER?)"
> #read username
> hostname=new_hostname
> username=ansible_user
>
> if [ ! $username ]
> then
> username="$USER"
> fi
> fi
>
>
> # Generate rsa files
> if [ -f $path/$filename ]
> then
> echo "RSA key exists on $path/$filename, using existing file"
> else
> ssh-keygen -t rsa -f "$path/$filename"
> echo RSA key pair generated
> fi
>
> echo "We need to log into $hostname as $username to set up your public key 
> (hopefully last time you'll use password from this computer)"
> cat "$path/$filename.pub" | ssh "$hostname" -l "$username" '[ -d .ssh ] || 
> mkdir .ssh; cat >> .ssh/id_rsa.pub; chmod 700 ~/.ssh; chmod 600 ~/.ssh/*'
> status=$?
>
> if [ $status -eq 0 ]
> then
> echo "Set up complete, try to ssh to $host now"
> exit 0
> else
> echo "an error has occured"
> exit 255
> fi
>
> Mahi
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/df7f24b9-6cb4-4cac-a6d8-5e18ed629236%40googlegroups.com.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwO3-MGn%2B6Ur0eUkhvVQR2cKGzUDdKbgMw_xBK7DV2i7zA%40mail.gmail.com.

Re: [ansible-project] Create VM from ISO on ESXI

[Dick Visser]

On Mon, 11 May 2020 at 10:27, Karther  wrote:
>
> Hello Guy !! ;)
>
> I am trying to create an Eyes Of Network virtual machine from an ISO on an 
> ESXI through a vCenter.
> I try to use the task below but it doesn't work :(

That can mean many things.
Please try to be more specific.

> More, i don't understand what is parameter "folder", i want to déploy my vm 
> only from iso...

Look at 
https://docs.ansible.com/ansible/latest/modules/vmware_guest_module.html#parameter-folder



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwPK_2txRVatxacN55xnZzZZQHVY1HoMA%2B2JRy6jPQtwvQ%40mail.gmail.com.

[ansible-project] Create VM from ISO on ESXI

[Karther]

Hello Guy !! ;)

I am trying to create an Eyes Of Network virtual machine from an ISO on an 
ESXI through a vCenter.
I try to use the task below but it doesn't work :(
Can you tell me if this is the right module to use please?

- name: Create a virtual machine from a template
 vmware_guest:
   hostname: "172.180.0.134"
   username: "root"
   password: "espoire"
   folder: test_vm_0001
   validate_certs: no
   name: EON_01
   state: poweredoff
   datacenter: Datacenter
   guest_id: Eon_1
   disk:
   - size_gb: 4
 type: thin
 datastore: datastore1
   hardware:
 memory_mb: 512
 num_cpus: 6
 num_cpu_cores_per_socket: 3
 scsi: paravirtual
 memory_reservation_lock: True
 mem_limit: 8096
 mem_reservation: 4096
 cpu_limit: 8096
 cpu_reservation: 4096
 max_connections: 5
 hotadd_cpu: True
 hotremove_cpu: True
 hotadd_memory: False
 version: 12 # Hardware version of virtual machine
 boot_firmware: "efi"
   cdrom:
 type: iso
 iso_path: "[datastore1] EyesOfNetwork-5.3-x86_64-bin.iso"
   networks:
   - name: VM Network
 mac: aa:bb:dd:aa:00:14
   wait_for_ip_address: yes
   esxi_hostname: "172.180.0.100"
 delegate_to: localhost
 register: deploy

More, i don't understand what is parameter "folder", i want to déploy my vm 
only from iso...

Can you help me please !! :)

Thanks you very much

Best Regards,

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ca43f511-ecae-4b6f-a849-0024e9e3c751%40googlegroups.com.

Re: [ansible-project] Range function in Ansible?

[Albert Short]

Dick,

thanks for that, other than the strange behavior for anything with the 8 or 
9 in it not formatting correctly.

My next issue I can't resolve is to make this loop through a 'multi-layer' 
dictionary

top:
  device1:
name: test_name1
vlanid: 2-10,800-810
  device2:
name: test_name2
vlanid: 100-120

My brain is a bit frazzled right now but I may be looking at this from the 
wrong angle.

My idea, if possible is to be able to:

   1. User to input 'name:' for each device/endpoint ('device1:' , 
   'device2:')
   2. User input of 'vlanid:' for each specific device/endpoint ('device1:' 
   , 'device2:')
   3. Ansible to loop through 'top:'
  1. Use 'name:' input
  2. Expand 'vlanid:'
  3. Build required objects in ACI, on per device/endpoint deployment
   
If I can get this work once, I hope to be able to use it on other ACI 
object creations that are endpoint specific. 

I have tried using sub_elements in my past playbook, which works fine, but 
I have to input each 'vlanid' individually into a list
top:
  device1:
name: test_name1
vlanid: 
   - '0002'
   - '0003'
   - '0004'
   .
   - '0919'
  device2:
name: test_name2
vlanid: 
   - '0100'
   - '0101'
   - '0102'
   - '0103'
   ...
   - '0120'

Again, any assistance would be great.

Regards



On Friday, 8 May 2020 19:55:08 UTC+2, Dick Visser wrote:
>
> This works for me: 
>
>
> --- 
> - hosts: localhost 
>   connection: local 
>   gather_facts: no 
>
>   vars: 
> vlan_range: 1-9,100-103,201-204,500-507,600-604,1000-1003 
>
>   tasks: 
> - set_fact: 
> vlans: "{{ vlans|default([]) | union(lookup('sequence', 
> item.split('-')|first + '-' + item.split('-')|last + ':%04d', 
> wantlist=True ))  }}" 
>   loop: "{{ vlan_range.split(',') }}" 
>
> - debug: var=vlans 
>
>
> TASK [debug] 
> **
>  
>
> ok: [localhost] => 
>   vlans: 
>   - '0001' 
>   - '0002' 
>   - '0003' 
>   - '0004' 
>   - '0005' 
>   - '0006' 
>   - '0007' 
>   - 0008 
>   - 0009 
>   - '0100' 
>   - '0101' 
>   - '0102' 
>   - '0103' 
>   - '0201' 
>   - '0202' 
>   - '0203' 
>   - '0204' 
>   - '0500' 
>   - '0501' 
>   - '0502' 
>   - '0503' 
>   - '0504' 
>   - '0505' 
>   - '0506' 
>   - '0507' 
>   - '0600' 
>   - '0601' 
>   - '0602' 
>   - '0603' 
>   - '0604' 
>   - '1000' 
>   - '1001' 
>   - '1002' 
>   - '1003' 
>
>
>
> The only thing I don't understand is how to make the formatting 
> understand that this is decimal - the 0008 and 0009 are treated as 
> octal. 
> Adding "map('string') |list" doesn't fix that. 
>
>
> Dick 
>
>
> On Fri, 8 May 2020 at 17:49, Albert Short  > wrote: 
> > 
> > Can anyone tell me there is a solution I can use to do the same thing a 
> Python range function in Ansible? 
> > 
> > Scenario: 
> > Variables I am using 
> > access_hostname: 
> > - name: dariusz_access1 
> >   nodeid_access: 1001 
> >   from_port: '04' 
> >   vlanid: 
> > - 201-204,500-510 
> >   podid: 1 
> >   int_mode: regular 
> >   depl_immediacy: lazy 
> > 
> > - name: dariusz_access2 
> >   nodeid_access: 1001 
> >   from_port: '05' 
> >   vlanid: 
> > - 10,1200 
> >   podid: 1 
> >   int_mode: regular 
> >   depl_immediacy: lazy 
> > 
> > What I want to achieve is to expand my 'vlanid' variable into a list of 
> individual items: 
> > So from this 
> >   vlanid: 
> > - 201-204,500-510 
> > 
> > to something like this, hopefully to the use that info in loops, etc. 
> >   dariusz_access1: 
> > vlanid: 
> > - '0201' 
> > - '0202' 
> > - '0203' 
> > - '0204' 
> > - '0500' 
> > - '0501' 
> > - '0502' 
> > - '0503' 
> > - '0504' 
> > - '0505' 
> > - '0506' 
> > - '0507' 
> > - '0508' 
> > - '0509' 
> > - '0510' 
> > - |- 
> >   dariusz_access2: 
> > vlanid: 
> > - '0010' 
> > - '1200' 
> > 
> > 
> > 
> > I also need to get a leading zero '0' added to each vlanid that is not 4 
> characters in length. 
> > 
> > The idea is to avoid having to ask the end user to input each vlanid 
> individually, which could take some time. 
> > 
> > I have a python code that can split the ranges for me, with no problem, 
> but if there was an option in Ansible, i would prefer that. 
> > 
> > Any guidance would be great. 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible...@googlegroups.com . 
> > To view this discussion on the web 

Re: [ansible-project] About loop and regex

[Stefan Hornburg (Racke)]

On 5/11/20 8:20 AM, Umut Cokbilir wrote:
> Hi All,
> 
> I have a question about the loop. As You know, loopback and main interface 
> aren't any vlan so i need to add 'null' for
> intf_vlan's item
> 
> How can I handle this problem?
> 
> *Here is my '.*.yml' part and output;*
> Thanks.
> 
> - name: Extract 'interface, vlan, description, mtu , ip address, subnet, 
> ISIS Process, Circuit Type and QoS'
>   set_fact:
> intf_isis: "{{ intf_isis | default([]) + item | 
> regex_findall('.*interface\\s+(\\S+)') }}" 
> intf_vlan: "{{ intf_vlan | default([]) + item | 
> regex_findall('.*vlan-type\\s+dot1q\\s+(\\S+)') }}" 
> #intf_desc: "{{ item | regex_findall('.*description\\s+(\\S+)') }}" 
>   loop: "{{ interface_detail }}"
> 
> 

Hello Umut,

Don't use a loop here. It only complicates things in your scenario.

- name: Extract 'interface, vlan, description, mtu , ip address, subnet, ISIS 
Process, Circuit Type and QoS'
  set_fact:
  intf_isis: "{{ interface_detail | regex_findall('.*interface\\s+(\\S+)') 
}}"

Regards
  Racke

> 2.PNG 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/e7e5d6ef-eb04-4c32-aa8c-868fb0b40288%40googlegroups.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2bf9bc22-aad9-8a57-91e0-ebaf1042837a%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

[ansible-project] About loop and regex

[Umut Cokbilir]

Hi All,

I have a question about the loop. As You know, loopback and main interface 
aren't any vlan so i need to add 'null' for intf_vlan's item

How can I handle this problem?

*Here is my '.*.yml' part and output;*
Thanks.

- name: 
Extract 'interface, vlan, description, mtu , ip address, subnet, ISIS Process, 
Circuit Type and QoS'
  set_fact:
intf_isis: "
{{ intf_isis | default([]) + item | regex_findall('.*interface\\s+(\\
S+)') }}" 
intf_vlan: "
{{ intf_vlan | default([]) + item | regex_findall('.*vlan-type\\s+dot1q\\s+(
\\S+)') }}" 
#intf_desc: "{{ item | regex_findall('.*description\\s+(\\S+)') }}" 
  loop: "{{ interface_detail }}"


[image: 2.PNG] 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e7e5d6ef-eb04-4c32-aa8c-868fb0b40288%40googlegroups.com.

[ansible-project] ios_config error: unable to set terminal parameters

[Steve G]

Hi,

I'm trying to test enable mode privilege escalation on a Cisco router. 

I have created a simple playbook to update the hostname of the router, as 
shown below - 


*---*
*- name: Update hostname*
*  hosts: all*

*  tasks: *
*  - ios_config: *
*  lines: hostname {{ inventory_hostname }}*


I have a group vars file (all.yml) in the group_vars directory -

*---*
*ansible_network_os: ios*
*ansible_become: yes*
*ansible_become_method: enable*
*ansible_become_password: cisco*
*ansible_connection: network_cli*
*ansible_user: ansible*
*ansible_password: ansible*


I have created a local user called ansible (password: ansible) on the Cisco 
router with privilege level 0. I have also set the enable password to cisco.

I also have the following aaa commands set on the router - 

*aaa authentication login default local*
*aaa authentication enable default enable*
*aaa authorization exec default local *

I would expect Ansible to log in to the router and enter enable mode, enter 
config mode and update the hostname.

However, I get the following error when running with - -

*ansible-playbook 2.9.4*
*  config file = /root/.ansible.cfg*
*  configured module search path = [u'/root/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']*
*  ansible python module location = 
/usr/lib/python2.7/dist-packages/ansible*
*  executable location = /usr/bin/ansible-playbook*
*  python version = 2.7.17 (default, Nov  7 2019, 10:07:09) [GCC 7.4.0]*
*Using /root/.ansible.cfg as config file*
*setting up inventory plugins*
*host_list declined parsing /root/ansible/chgconfig/hosts as it did not 
pass its verify_file() method*
*script declined parsing /root/ansible/chgconfig/hosts as it did not pass 
its verify_file() method*
*auto declined parsing /root/ansible/chgconfig/hosts as it did not pass its 
verify_file() method*
*Parsed /root/ansible/chgconfig/hosts inventory source with ini plugin*
*Loading callback plugin default of type stdout, v2.0 from 
/usr/lib/python2.7/dist-packages/ansible/plugins/callback/default.pyc*

*PLAYBOOK: chgconfig.yml 
**
*Positional arguments: chgconfig.yml*
*become_method: sudo*
*inventory: (u'/root/ansible/chgconfig/hosts',)*
*forks: 5*
*tags: (u'all',)*
*verbosity: 4*
*connection: smart*
*timeout: 10*
*1 plays in chgconfig.yml*

*PLAY [Update hostname] 
***
*META: ran handlers*

*TASK [ios_config] 

*task path: /root/ansible/chgconfig/chgconfig.yml:6*
*<150.1.7.7> attempting to start connection*
*<150.1.7.7> using connection plugin network_cli*
*<150.1.9.9> attempting to start connection*
*<150.1.9.9> using connection plugin network_cli*
*<150.1.7.7> local domain socket does not exist, starting it*
*<150.1.7.7> control socket path is /root/.ansible/pc/e903e53500*
*<150.1.7.7> local domain socket listeners started successfully*
*<150.1.7.7> loaded cliconf plugin ios from path 
/usr/lib/python2.7/dist-packages/ansible/plugins/cliconf/ios.py for 
network_os ios*
*<150.1.7.7> *
*<150.1.7.7> local domain socket path is /root/.ansible/pc/e903e53500*
*<150.1.9.9> local domain socket does not exist, starting it*
*<150.1.9.9> control socket path is /root/.ansible/pc/3d3c9ac8a1*
*<150.1.9.9> local domain socket listeners started successfully*
*<150.1.9.9> loaded cliconf plugin ios from path 
/usr/lib/python2.7/dist-packages/ansible/plugins/cliconf/ios.py for 
network_os ios*
*<150.1.9.9> *
*<150.1.9.9> local domain socket path is /root/.ansible/pc/3d3c9ac8a1*
*fatal: [R9]: FAILED! => {*
*"changed": false, *
*"msg": "unable to set terminal parameters"*
*}*
*fatal: [R7]: FAILED! => {*
*"changed": false, *
*"msg": "unable to set terminal parameters"*
*}*
*to retry, use: --limit @/root/ansible/chgconfig/chgconfig.retry*

*PLAY RECAP 
***
*R7 : ok=0changed=0unreachable=0
failed=1skipped=0rescued=0ignored=0   *
*R9 : ok=0changed=0unreachable=0
failed=1skipped=0rescued=0ignored=0*




Note that if I modify the privilege level of user ansible on the Cisco 
router to 15, then the playbook works, but the whole point is to test 
privilege mode escalation.

Any