Re: [ansible-project] [Ansible Beginner Question]: Using Ansible to Provision VMs on AWS, Anyone?

[Abhijeet Kasurde]

Hi Kenny,

Please check Ansible AWS collection
https://github.com/ansible-collections/community.aws and
https://github.com/ansible-collections/amazon.aws

You may want to take look at `ec2_instance` -
https://docs.ansible.com/ansible/latest/modules/ec2_instance_module.html

On Tue, Aug 11, 2020 at 3:47 AM Kenny  wrote:

> Hello Everyone,
>
> I would appreciate any pointer to a project/s that deals with the above
> topic , please.
>
> Much Appreciated
>
> Kenny
> +1 240 714-2372
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/3a1ab4e2-0972-4f4b-a971-035929824d8do%40googlegroups.com
> 
> .
>


-- 
Thanks,
Abhijeet Kasurde

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFwWkHq%2BUv-OQaEhDCETB%3DfbwzFxr2jJnr-hXmMuxT3d_zRjXQ%40mail.gmail.com.

[ansible-project] New Ansible releases 2.9.12 and 2.8.14

[Rick Elrod]

Hi all- we're happy to announce that the general release of Ansible 2.9.12 and
2.8.14 are now available!


How do you get it?
--

$ pip install ansible==2.9.12 --user
or
$ pip install ansible==2.8.14 --user

The tar.gz of the releases can be found here:

* 2.9.12
  https://releases.ansible.com/ansible/ansible-2.9.12.tar.gz
  SHA256: 7e95ddf719190b068fafc7d7c7877c218054cc5da4f6d9d794faf7bc66dab774
* 2.8.14
  https://releases.ansible.com/ansible/ansible-2.8.14.tar.gz
  SHA256: 248990ade8689126ded598c5a931b2524ff4edf4629627b10962098d1303eaa5


What's new in 2.9.12 and 2.8.14
---

These releases contain fixes to multiple CVEs: CVE-2020-1736,
CVE-2020-14332, CVE-2020-14330

These releases are maintenance releases containing numerous bugfixes. The full
changelogs are at:

* 2.9.12
  
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst
* 2.8.14
  
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst


What's the schedule for future maintenance releases?


Future maintenance releases will occur approximately every 3 weeks.  So expect
the next one around 2020-08-31.


Porting Help


We've published a porting guide at
https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.9.html to
help migrate your content to 2.9.


If you discover any errors or if any of your working playbooks break when you
upgrade to 2.9.12, please use the following link to report the regression:

  https://github.com/ansible/ansible/issues/new/choose

In your issue, be sure to mention the Ansible version that works and the one
that doesn't.

Thanks!

-Rick Elrod

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAMuUyjRUxD-VeO28kHGaNeC90najr%2BOQFbieEADg73A1Jt9Q1A%40mail.gmail.com.

Re: [ansible-project] copy module failing path has wildcard ?????

[sai kumar]

Hi Om,

The linux-782078, in the path created during the installation of puppeteer 
in previous step. It may change when there is a version update.

Hence i need to check and the version prior to run the play book. instead 
number if mentioned wildcard characters, I can simply run the playbook and 
no need to update the playbook every time. 

Thanks
HARASAI

On Wednesday, August 5, 2020 at 10:51:02 PM UTC-4, Om Prasad Reddy Surapu 
wrote:
>
> It doesn’t find the directory so failed. You may can define that as a 
> variable and try. 
>
> On Thu, 6 Aug 2020 at 07:44, sai kumar > 
> wrote:
>
>> Hi,
>>
>> I am trying to copy a file from one location to other with copy module, 
>> on remote server
>>
>> /puppeteer/.local-chromium/linux-782078/chrome-linux  to /usr/local/sbin
>>
>> linux.chrom_dir  = /puppeteer/.local-chromium/linux-782078/chrome-linux
>>
>> source file: chrome_sandbox
>> dest file: chrome-devel-sandbox
>>
>> - name: Copy chrome_sandbox to sbin directory
>> copy:
>> src: "{{ linux.chrom_dir }}/chrome_sandbox"
>> dest: /usr/local/sbin/chrome-devel-sandbox
>> remote_src: yes
>> owner: root
>> group: root
>> mode: '4755'
>>
>> if i changed the linux-782078 to linux-??,  
>>
>> Ansible  terminating with path not found
>>
>> fatal: [centos]: FAILED! => {"changed": false, "msg": "Source 
>> /puppeteer/.local-chromium/linux-??/chrome-linux/chrome_sandbox not 
>> found"}
>>
>>
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/b58d52ec-4c09-43dd-9a87-e9452c6f4de2o%40googlegroups.com
>>  
>> 
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c608ef4c-ec68-4f1d-9e1e-959979d2de3bo%40googlegroups.com.

[ansible-project] [Ansible Beginner Question]: Using Ansible to Provision VMs on AWS, Anyone?

[Kenny]

Hello Everyone,

I would appreciate any pointer to a project/s that deals with the above 
topic , please.

Much Appreciated

Kenny
+1 240 714-2372

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3a1ab4e2-0972-4f4b-a971-035929824d8do%40googlegroups.com.

[ansible-project] nice/ionice a module on target server

[WK]

I have tried googling but have failed.

We use ansible to upgrade a fleet of VMs.  Some of them are fairly small 
and apt in particular seems to really bog them down (yum/dnf isn't that bad)


if we ssh in to the target we can run apt with nice/ionice

i.e.

|sudo ionice -n 7 nice -n 19 apt-get dist-upgrade which does the job of 
not completely disrupting the VM functionality. However, I would prefer 
to continue to use the apt module within a playbook with Poll: 0 and 
monitor from within Ansible. So is there to way to pass on nice/ionice 
within a module? I suppose I could use shell and a wrapper but I'd like 
to do it in the "ansible" way if possible. Sincerely, -wk |


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9509670b-1a73-7165-9235-f43424b8e641%40bneit.com.

Re: [ansible-project] play book execution error

[Stefan Hornburg (Racke)]

On 8/10/20 5:49 PM, A wrote:
> Hi Mates, I am getting below error while executing playbook for a new server 
> that needs to be added .
> 
> TASK [krb5_workstation : install krb5_workstation package from 
> rhel-x86_64-server-7-datacenter]
> ***
> Monday 10 August 2020  11:19:22 -0400 (0:00:00.128)       0:01:14.829 
> *
> fatal: [hsdmqa08]: FAILED! => {"msg": "The task includes an option with an 
> undefined variable. The error was:
> 'krb5_workstation_package_name7' is undefined\n\nThe error appears to have 
> been in
> '/opt/hd/sh/srv/ansible/development/axs8u3p/hadoop/roles/krb5_workstation/tasks/main.yml':
>  line 9, column 3, but may\nbe
> elsewhere in the file depending on the exact syntax problem.\n\nThe offending 
> line appears to be:\n\n\n- name: install
> krb5_workstation package from rhel-x86_64-server-7-datacenter\n  ^ here\n"}
> 
> Please find the main.yml below.

Apparently the variable krb5_workstation_package_name7 is not defined. Check if 
there is a typo in the variable name.

Regards
Racke

 >
> ---
> # krb5_workstation role
> 
> - name: RedHat unlock krb5 version
>   command: yum versionlock delete '{{krb5_workstation_yumlock_version7}}'
>   when: ansible_distribution_major_version == "7"
>   ignore_errors: yes
> 
> - name: install krb5_workstation package from rhel-x86_64-server-7-datacenter
>   package:
>     name: "{{krb5_workstation_package_name7}}"
>     state: present
>   when: ansible_distribution_major_version == "7"
> 
> 
> - name: RedHat lock krb5_workstation  version 7
>   command: yum versionlock add '{{krb5_workstation_package_name7}}'
>   when: ansible_distribution_major_version == "7"
> 
> # install conf file
> - name: deploy /etc/hue/conf/krb5.conf
>   copy:
>     src: "etc/krb5.conf.{{ lcp }}"
>     dest: /etc/krb5.conf
>     owner: root
>     group: root
>     mode: 0755
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to
> ansible-project+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/4453d673-63c3-41f6-baae-6344fd4d7934o%40googlegroups.com
> .


-- 
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1a63c735-91bf-a9c8-7e53-504b3b53b6a2%40linuxia.de.


signature.asc
Description: OpenPGP digital signature

[ansible-project] play book execution error

[A]

Hi Mates, I am getting below error while executing playbook for a new 
server that needs to be added .

TASK [krb5_workstation : install krb5_workstation package from 
rhel-x86_64-server-7-datacenter] 
***
Monday 10 August 2020  11:19:22 -0400 (0:00:00.128)   0:01:14.829 
*
fatal: [hsdmqa08]: FAILED! => {"msg": "The task includes an option with an 
undefined variable. The error was: 'krb5_workstation_package_name7' is 
undefined\n\nThe error appears to have been in 
'/opt/hd/sh/srv/ansible/development/axs8u3p/hadoop/roles/krb5_workstation/tasks/main.yml':
 
line 9, column 3, but may\nbe elsewhere in the file depending on the exact 
syntax problem.\n\nThe offending line appears to be:\n\n\n- name: install 
krb5_workstation package from rhel-x86_64-server-7-datacenter\n  ^ here\n"}

Please find the main.yml below.

---
# krb5_workstation role

- name: RedHat unlock krb5 version
  command: yum versionlock delete '{{krb5_workstation_yumlock_version7}}'
  when: ansible_distribution_major_version == "7"
  ignore_errors: yes

- name: install krb5_workstation package from 
rhel-x86_64-server-7-datacenter
  package:
name: "{{krb5_workstation_package_name7}}"
state: present
  when: ansible_distribution_major_version == "7"


- name: RedHat lock krb5_workstation  version 7
  command: yum versionlock add '{{krb5_workstation_package_name7}}'
  when: ansible_distribution_major_version == "7"

# install conf file
- name: deploy /etc/hue/conf/krb5.conf
  copy:
src: "etc/krb5.conf.{{ lcp }}"
dest: /etc/krb5.conf
owner: root
group: root
mode: 0755

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4453d673-63c3-41f6-baae-6344fd4d7934o%40googlegroups.com.

[ansible-project] Re: Installing ansible on Windows 10

[Michael Richter]

It might be installed to *$HOME/.local/bin*. If you can find ansible in 
this directory, add it to your PATH variable (*$HOME/.profile*: export 
PATH="$PATH:$HOME/.local/bin") and login again.

charles...@gmail.com schrieb am Freitag, 7. August 2020 um 22:59:09 UTC+2:

> Thank you I could install a Linux VM and install ansible w/in that. again 
> according to that video I should be able to confirm the installation by 
> using the trusted --version command. But evidently something is not right
> osboxes@osboxes:~$ pip3 install ansible
> Processing 
> ./.cache/pip/wheels/96/b5/fc/646cc0302950f9dd85ce04f1108809447c7c1c20ebf23f587b/ansible-2.9.11-py3-none-any.whl
> Requirement already satisfied: cryptography in 
> /usr/lib/python3/dist-packages (from ansible) (2.8)
> Requirement already satisfied: jinja2 in 
> ./.local/lib/python3.8/site-packages (from ansible) (2.11.2)
> Requirement already satisfied: PyYAML in /usr/lib/python3/dist-packages 
> (from ansible) (5.3.1)
> Requirement already satisfied: MarkupSafe>=0.23 in 
> /usr/lib/python3/dist-packages (from jinja2->ansible) (1.1.0)
> Installing collected packages: ansible
> Successfully installed ansible-2.9.11
> osboxes@osboxes:~$ ansible --version
> bash: ansible: command not found
> osboxes@osboxes:~$ 
>
> My linux skills are rudimentary  (Does that preclude me from proceeding 
> with this exercise? do tell me). I thought maybe I have to explicitly add 
> the folder for the ansible executable to my $PATH to which end I tried
> osboxes@osboxes:~$ locate ansible
> but it returned nothing
>
> Then I had the bright idea of installing it via the Software Manager. It 
> installed 2.9.6, rather than 2.9.11, but I doubt if that's a show stopper.  
> All good now :-)
>
> On Friday, August 7, 2020 at 5:30:12 AM UTC-4 moonchil...@gmail.com wrote:
>
>> If you are unable to switch to linux, a workaround for your issue could 
>> be to install WSL on your windows machine, and then install ansible on wsl.
>> Works without issues. If you've seen video about installing ansible on 
>> windows, it must have been somethin in that vein. 
>> One thing to note, however, is that you will not be able to run ansible 
>> in Windows native directories (/mnt/c usually), as they need to have 777 
>> permission set simulated. Ansible will refuse to run in a world writtable 
>> directory, so place your config file somewhere in your WSL hone directory 
>> (/home/username) 
>>
>> https://docs.microsoft.com/en-us/windows/wsl/install-win10 <- follow 
>> this guide. 
>>
>> Not yet sure how it works with WSL2, i haven't tested it yet. 
>>
>> Alternatively, install Linux VM of your choice on top of windows, and run 
>> ansible there. 
>>
>> Dana petak, 7. kolovoza 2020. u 03:12:14 UTC+2, korisnik Charles Leviton 
>> napisao je:
>>>
>>> Hi I watched the Ansible for dev ops Youtube video and following 
>>> instructions therein tried to install ansible on windows 10 machine using
>>> *pip install ansible*
>>> I am running python 3.8.5
>>>
>>> after I got this message "A required privilege is not held by the 
>>> client:", I opened a command prompt as administrator and retried that pip 
>>> command.
>>>
>>> Now I get
>>> "error: can't copy 'lib\ansible\module_utils\ansible_release.py': 
>>> doesn't exist or not a regular file"
>>>
>>> I searched this string on this group but found no hits, so I'm hoping 
>>> someone could help me.
>>>
>>> thanks 
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c41f2a4c-847b-436d-ba3d-cfe2438609d5n%40googlegroups.com.

Re: [ansible-project] Learning Opportunity Terraform _ Top rated course 85% off for 3 days

[Abhijeet Kasurde]

Hi CLOUD PASSION

This channel is meant for asking Ansible user questions. Please refrain
yourself from posting Ads and Solicitation emails.

Thanks.

On Mon, Aug 10, 2020 at 3:33 PM CLOUD PASSION 
wrote:

>
> https://www.google.com/url?q=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Fhashicorp-certified-terraform-associate-comprehensive%2F%3FcouponCode%3DDEALTOWIN=D=1=AFQjCNFmk5EoJJnYndc1XY5fdKOI3r_srA
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/64a626b3-a3e7-471f-90db-7e00d3d6fa24o%40googlegroups.com
> 
> .
>


-- 
Thanks,
Abhijeet Kasurde

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAFwWkHpjcz3Hm4FFmKksLU%2BsxDaPi3gPCDXggdbAF8yxbOoMLw%40mail.gmail.com.

[ansible-project] Learning Opportunity Terraform _ Top rated course 85% off for 3 days

[CLOUD PASSION]

https://www.google.com/url?q=https%3A%2F%2Fwww.udemy.com%2Fcourse%2Fhashicorp-certified-terraform-associate-comprehensive%2F%3FcouponCode%3DDEALTOWIN=D=1=AFQjCNFmk5EoJJnYndc1XY5fdKOI3r_srA

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/64a626b3-a3e7-471f-90db-7e00d3d6fa24o%40googlegroups.com.

[ansible-project] Ansible IOS gather facts

[Zaldy B]

HI guys / experts,

Have you tried gathering ios facts and when it is satisfied, it will gather 
another facts using the output of the first facts?


Dont know if this is possible.

Thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/017cb488-0918-4d48-8056-af4916dbd3dbo%40googlegroups.com.

Re: [ansible-project] ansible foreman callback plugin

[Dick Visser]

This list is for generic ansible issues.
Your issue seems highly specific to a 3rd party module. I would try
that community first:

https://github.com/theforeman/foreman_ansible#foreman-ansible-arrow_forward

On Mon, 10 Aug 2020 at 02:56, Kiran Kumar  wrote:
>
> Hi
>
> I have setup the plugin for forman
>
> https://raw.githubusercontent.com/theforeman/foreman_ansible/master/extras/foreman_callback.py
>
> Also install below on ansible control node
>
> yum install -y python-pip
>  pip install requests
>
>
>
>
> the plugin file is updated
>
> from __future__ import absolute_import
>
>
> FOREMAN_URL = os.getenv('FOREMAN_URL', "https://xxx;)
> # Substitute by a real SSL certificate and key if your Foreman uses HTTPS
> FOREMAN_SSL_CERT = (os.getenv('FOREMAN_SSL_CERT', 
> "/etc/foreman-proxy/ssl_cert.pem"),
> os.getenv('FOREMAN_SSL_KEY', 
> "/etc/foreman-proxy/ssl_key.pem"))
>
>
>
> Ansible side is updated
>
> [callback_foreman]
>
> url = https://xx
>
>
> ssl_cert = /etc/foreman-proxy/ssl_cert.pem
> ssl_key = /etc/foreman-proxy/ssl_key.pem
> verify_certs = /etc/foreman-proxy/ssl_ca.pem
> callback_whitelist = foreman
> bin_ansible_callbacks = True
> callback_plugins   = /usr/share/ansible/plugins/callback
> stdout_callback = yaml
>
>
>
> i am getting error below
>
>
> any suggestions Please ?
>
>
> TASK [Gathering Facts] 
> ***
> ok: [xxx]
> [WARNING]: Failure using method (v2_runner_on_ok) in callback plugin 
> ( 0x7f6108061690>): 'invocation'
>
>
>
>
> And the host is not getting updated in UI of forman
>
>
> Forman & ansible both are on same subnet & there is no firewall
>
>
> thanks
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/4cb6411b-4f8a-4c30-ae71-db5299a69aa5o%40googlegroups.com.



-- 
Dick Visser
Trust & Identity Service Operations Manager
GÉANT

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAL8fbwPQR%3D6Fj-GwxD6AmpMU8wh02j2FVX%2BuH2RibE_qY9HUWw%40mail.gmail.com.

[ansible-project] Re: FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

[Hrvoje Gašpar]

What is the output error once you remove no_log? Did you recieve additional 
information? 


Dana ponedjeljak, 10. kolovoza 2020. u 08:59:43 UTC+2, korisnik anilkumar 
panditi napisao je:
>
> Hello, My playbook has following github module , which is failing with 
> error  FAILED! => {"censored": "the output has been hidden due to the 
> fact that 'no_log: true' was specified for this result", "changed": false}
>
> code:
> 
>
> - name: Clone from git repo
>   git: 
>  repo: "{{ item.repo_url }}"
>  dest: "{{ item.destination }}"
>  version: "{{ item.version }}"
>  force: yes
>   no_log: true
>   with_items:
>  - { repo_url: "https://{{ deploy_user }}:{{ deploy_token 
> }}@gitlab.xx.git",destination: "/data/wcs9", version: "{{ git_branch }}" }
>
>
> Have tried commenting out the no_log_true and also true to false. 
>
> Still my playbook is failing. Any idea please.
>
> Ansible Version is 2.9.10
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a82bfd94-8870-43d6-b446-5b60659bdf1bo%40googlegroups.com.

[ansible-project] Cross-domain auth using Kerberos

[Michael Richter]

Hi,
On a Linux server I want to access a Windows server from Windows domain 
*sub.dnsdomain* using an account from parent Windows domain *dnsdomain*. 
The account has admin permissions to that server and can login using RDP.

I have configured Kerberos realms for both domains on the Linux server. I 
can than get a Kerberos ticket using kinit user. I can access servers from 
*dnsdomain*. But I can not access the server from *sub.dnsdomain*.

[libdefaults]
default_realm = DNSDOMAIN
dns_lookup_realm = false
#ticket_lifetime = 24h
renew_lifetime = 7d
rdns = false
default_tkt_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc 
des-cbc-md5
default_tgs_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc 
des-cbc-md5
permitted_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc 
des-cbc-md5
ticket_lifetime = 600
kdc_timesync = 1
ccache_type = 4

# The following krb5.conf variables are only for MIT Kerberos.
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true

# The following libdefaults parameters are only for Heimdal Kerberos.
fcc-mit-ticketflags = true

[realms]
DNSDOMAIN = {
kdc = dc1.dnsdomain:88
kdc = dc2.dnsdomain:88
admin_server = dc1.dnsdomain:749
default_domain = dnsdomain
}
SUB.DNSDOMAIN = {
kdc = subdc1.sub.dnsdomain:88
kdc = subdc2.sub.dnsdomain:88
admin_server = subdc1.sub.dnsdomain:749
default_domain = sub.dnsdomain
}

[domain_realm]
.dnsdomain = DNSDOMAIN
dnsdomain = DNSDOMAIN
.sub.dnsdomain = SUB.DNSDOMAIN
sub.dnsdomain = SUB.DNSDOMAIN

[appdefaults]
autologin = true
forward = true
forwardable = true
encrypt = true

Note: The Windows domain name differs from the DNS names. I'm not using it 
in Kerberos config.

Than I can do this:

$ kinit user
Password for user@DNSDOMAIN: 
$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: user@DNSDOMAIN

Valid starting   Expires  Service principal
07.08.2020 14:06:07  07.08.2020 14:16:00  krbtgt/DNSDOMAIN@DNSDOMAIN
renew until 10.08.2020 14:06:07
$ rpcclient server.dnsdomain -k
rpcclient $> srvinfo
XXX 
platform_id :   500
os version  :   6.3
server type :   0x801013
rpcclient $> quit
$ rpcclient subserver.sub.dnsdomain -k
Cannot connect to server.  Error was NT_STATUS_LOGON_FAILURE

If I try to connect via Ansible/WinRM to the server in subdomain I get the 
error:

Server not found in Kerberos database

How to get access to the server in subdomain using an account from parent 
domain?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cf9fc2fd-11ba-4142-8fc3-0f72896dd0dfn%40googlegroups.com.

[ansible-project] FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}

[anilkumar panditi]

Hello, My playbook has following github module , which is failing with 
error  FAILED! => {"censored": "the output has been hidden due to the fact 
that 'no_log: true' was specified for this result", "changed": false}

code:


- name: Clone from git repo
  git: 
 repo: "{{ item.repo_url }}"
 dest: "{{ item.destination }}"
 version: "{{ item.version }}"
 force: yes
  no_log: true
  with_items:
 - { repo_url: "https://{{ deploy_user }}:{{ deploy_token 
}}@gitlab.xx.git",destination: "/data/wcs9", version: "{{ git_branch }}" }


Have tried commenting out the no_log_true and also true to false. 

Still my playbook is failing. Any idea please.

Ansible Version is 2.9.10

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/046799ef-76ea-4e61-92f2-b1ad10a805a2o%40googlegroups.com.