[ansible-project] Re: turn on boto debugging in Ansible (~/.boto)

[MB]

Had the same issue.

Here's what I did to get Boto debug working. Maybe some of these steps are 
not needed, I didn't take the time to investigate more.

1) Created a ~/.boto.cfg file as you did, with the following content (I put 
my AWS credentials here on purpose):
[Boto]
debug = 2

[Credentials]
aws_access_key_id = ...
aws_secret_access_key = ...


2) Made sure to *delete*  ~/.aws/credentials so that Ansible picks up the 
previous Boto config file

3) and the most ugly part, monkey-patched the Ansible module I wanted to 
test (ec2_elb) to redirect Boto logs to a file, since I could never get the 
console/stdout output to work.
On my system, the module I wanted Boto debug for was located in 
/Library/Python/2.7/site-packages/ansible/modules/cloud/amazon/ec2_elb.py.

Just after the various import boto, import boto.ec2... lines, I added

boto.set_file_logger('boto', 'boto.log', level=2)


This creates the "boto.log" log file in the current directory from where 
you'll run your ansible-playbook comand.


On Wednesday, May 25, 2016 at 7:59:58 PM UTC+8, Cos Bug wrote:
>
> Hi All, 
>
> Is there any way to turn on boto debugging for Ansible playbooks?
>
> In user home directory I created .boto file with contents:
>
> [Boto]
> debug = 2
>
> But Ansible doesn't pick it up though the python script which invokes boto 
> prints the debug messages fine.
>
> Any ideas?
>
> Regards,
> Constantin
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5a5a7445-8236-4104-b8d6-1730a1d816ad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] "msg": "AnsibleUndefinedVariable: 'dict object' has no attribute 'local_as'"

[jaychandran subramanian]

Hi I am trying solve this from past 2 days, Please help

details :

[WARNING]: log file at /var/log/ansible.log is not writeable and we cannot 
create it, aborting
ansible 2.4.3.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/usr/share/my_modules']
  ansible python module location = 
/usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.12 (default, Dec  4 2017, 14:50:18) [GCC 5.4.0 
20160609]

--
---
 - name: Clear gathered facts from all currently targeted hosts
   meta: refresh_inventory

 - name: Generating LEAF-BGP configuration
   template:
  src="/etc/ansible/leaf_bgp/templates/leaf_bgp_template.j2"
  dest=/etc/ansible/leaf_bgp/files/{{item.host_ip}}_leaf_bgp.cfg
   when:
  - item.host_ip |string  in 
hostvars[inventory_hostname].inventory_hostname
   with_items:
 - "{{ leaf_bgp }}"
# - "{{ all_vars }}"


---
# defaults file for leaf_bgp
all_vars:
  [
  local_as : '65111',
  peer_as : '65101',
  evpn_as : '65100',
  spine_lo0 : '172.21.0.11',
  ]
---
#Vars file
leaf_bgp:  
 

  
   #4_Member Leaf TOA  
   

  
   - {'host_ip' : '135.182.175.7',  
  
  'host_name' : 'something',

  'loopback0' : '172.21.0.1',  
   

  
  'spine_neighbor' : '10.11.1.1',  
   
  'spinev6_neighbor' : 'Something',
  

  
 } 

---

With "bgp/vars/main.yaml'" its working fine. But when i change to 
defaults/main.yaml, I am getting error. 

The error is  "msg": "AnsibleUndefinedVariable: 'dict object' has no 
attribute 'local_as'"

Please solve


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e5297058-f846-4af9-8500-243932105ad7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible-vault password file not found

[JiElPe-Fr38]

Thanks for the idea... 
In fact, I already used the verbose mode, so yes I can confirm that it uses 
the awaited config file.
Which is not a good news, because it would have been a good reason for the 
problem.

J-L

Le jeudi 8 mars 2018 11:49:16 UTC+1, JiElPe-Fr38 a écrit :
>
> Dear all,
>
> I am "auto learning" ansible and currently try to understand how to use 
> vault.
> To summarize things, I have created a vault.yml file in the vars 
> directory, and included it in the main.yml task. Then, I put the vault 
> password within a .vault_passwd file created at the same level than 
> ansible.cfg.
>
> When I run :
> ansible-playbook with --vault-password-file .vault_passwd
>
> It is ok.
>
> So, I tried to put the vault password file path within ansible.cfg as 
> follows :
> vault_password_file = .vault_passwd
>
> When running the playbook (without --vault-password-file ), it fails with 
> :
> fatal: [ci-server]: FAILED! => {
> "ansible_facts": {},
> "ansible_included_var_files": [],
> "changed": false,
> "message": "Attempting to decrypt but no vault secrets found"
> }
>
> at the line were the vault.yml file is imported. So, it looks like if it 
> does not find the vault password file to decrypt the vault file.
>
> I can't understand why, and have already tried with the aboslute path, or 
> changing _ with -, just in case documentation had a typo... but without any 
> success.
>
> If someone could have an idea to help, I would be glad.
>
> Have a nice day!
>
> J-L
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7b2fd075-1380-44d9-9b7c-dcdcb70592bf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] When hostnames have hyphens in them

[Brian Coca]

variables cannot have hyphens but hash/dictionary keys can

for example, this would work: private_keys['host-name'] or
private_keys[ansible_hostname]


-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7duQMCedms6n8Qxbnq6u7R5qjbRfa7SM45S%3DxsmN2ZqOQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Howto read variables from an vaut encrypted file

[Richard Sobey]

My limited understanding is that this:

root_pass_sirius: "{{ TesT1234 }}"

..is definting another variable called "TesT1234" rather than assigning the
literal "TesT1234" to the variable "root_pass_sirius" like:

root_pass_sirius: "TesT1234"

On 8 March 2018 at 06:06,  wrote:

> Hi Brian,
>
> of course not. it's supposed to be the value of 'root_pass_sirus' ...
>
> Am Donnerstag, 8. März 2018 01:13:24 UTC+1 schrieb Brian Coca:
>>
>> Ansilbe reads the 'root_pass_sirus' variable fine, the problem is that
>> 'TesT1234' variable isn't defined anywhere.
>>
>>
>> --
>> --
>> Brian Coca
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/fb17c895-772f-4e03-a8fe-dc41cdf7b8e2%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAkoFG%3DMC_7GeEiXBDiBHYSsgHQmuKrvSZdWT1aJPP0fQ5M0Ag%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible-vault password file not found

[JiElPe-Fr38]

Dear all,

I am "auto learning" ansible and currently try to understand how to use 
vault.
To summarize things, I have created a vault.yml file in the vars directory, 
and included it in the main.yml task. Then, I put the vault password within 
a .vault_passwd file created at the same level than ansible.cfg.

When I run :
ansible-playbook with --vault-password-file .vault_passwd

It is ok.

So, I tried to put the vault password file path within ansible.cfg as 
follows :
vault_password_file = .vault_passwd

When running the playbook (without --vault-password-file ), it fails with :
fatal: [ci-server]: FAILED! => {
"ansible_facts": {},
"ansible_included_var_files": [],
"changed": false,
"message": "Attempting to decrypt but no vault secrets found"
}

at the line were the vault.yml file is imported. So, it looks like if it 
does not find the vault password file to decrypt the vault file.

I can't understand why, and have already tried with the aboslute path, or 
changing _ with -, just in case documentation had a typo... but without any 
success.

If someone could have an idea to help, I would be glad.

Have a nice day!

J-L

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1029fe38-50d2-45ce-806c-b9097b9f2e7f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible-vault password file not found

[Richard Sobey]

You may want to check with "ansible-playbook -v ..." that ansible is
picking the correct .cfg file.

Richard

On 8 March 2018 at 10:49, JiElPe-Fr38 <6bery...@gmail.com> wrote:

> Dear all,
>
> I am "auto learning" ansible and currently try to understand how to use
> vault.
> To summarize things, I have created a vault.yml file in the vars
> directory, and included it in the main.yml task. Then, I put the vault
> password within a .vault_passwd file created at the same level than
> ansible.cfg.
>
> When I run :
> ansible-playbook with --vault-password-file .vault_passwd
>
> It is ok.
>
> So, I tried to put the vault password file path within ansible.cfg as
> follows :
> vault_password_file = .vault_passwd
>
> When running the playbook (without --vault-password-file ), it fails with
> :
> fatal: [ci-server]: FAILED! => {
> "ansible_facts": {},
> "ansible_included_var_files": [],
> "changed": false,
> "message": "Attempting to decrypt but no vault secrets found"
> }
>
> at the line were the vault.yml file is imported. So, it looks like if it
> does not find the vault password file to decrypt the vault file.
>
> I can't understand why, and have already tried with the aboslute path, or
> changing _ with -, just in case documentation had a typo... but without any
> success.
>
> If someone could have an idea to help, I would be glad.
>
> Have a nice day!
>
> J-L
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/1029fe38-50d2-45ce-806c-b9097b9f2e7f%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAkoFGkS2gg2pjikWxbw_xdMKe5jv3%2BLuTf%3Dov%3DV4jjRqA7Q3A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] When hostnames have hyphens in them

[Richard Sobey]

Hi all,

I've come across an issue which might be a showstopper for me; either way I
wouldn't mind some advice.

My aim is to lookup in a vaulted file the name of a variable that is based
around the hostname of the server. My servers have hyphens in the hostname.

I have got something like this:

- name: Copy private key
copy:
content: "{{ ansible_hostname }}_private_key"
dest: /root/.ssh/id_rsa

And in my vaulted vars file a variable called "server-name_private_key".

Now since variables cannot have hyphens in them, but my server hostname
does, how can I lookup the variable dynamically based on which host the
task is running on?

I could always have a separate task for each host and explicitly define the
variable but keeping it short is my goal.

Thanks
Richard

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAAkoFG%3DLBMa6pnJcxyjrPOyeVszw%2B1N%2BtabYT%2BL1N32cNZ98tg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] cannot get remote_user in a callback plugin

[Igor B.]

Hi all,

I am developing a callback plugin to print messages to hipchat when 
playbook starts and finishes, and some additional info like who is running 
the playbook. To get the username I tried 2 ways:

   1. 
   
   cli.options.remote_user -- outputs "None".
   2. 
   
   play.remote_user -- outputs username only if remote_user is defined in a 
   play. Unfortunately we don't do this in our playbooks.
   
I also looked at hipchat 
(https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/callback/hipchat.py)
 
and slack 
(https://github.com/ansible/ansible/blob/devel/lib/ansible/plugins/callback/slack.py#L155)
 
callback plugins and it's not working with Ansible 2.4.1.0:


# hipchat

PLAY [aplay] 


[WARNING]: Failure using method (v2_playbook_on_play_start) in callback 
plugin (): 'Play' object has no attribute 'playbook'


#slack

PLAY [aplay] 
**
 [WARNING]: Failure using method (v2_playbook_on_play_start) in callback 
plugin (): 'dict' object has no attribute 'remote_user'


How do I get username which runs the playbook in a callback plugin?


Thanks,

Igor

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a0d6f49a-904a-42d6-bb16-9cfb74732b51%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Copy module

[Malcolm Hussain-Gambles]

It's not a network issue. Local and remote are localhost.
The speed issues seem to be down to abuse of ansible.
Just to process the files dictionary list into a sensible format took over 
three hours (I gave up) and used 12Gb of ram.
Using a shell script takes less than a second.
Ansible is doing a lot of checks, that in this instance are pointless.
There is a lot of manipulation of data as well, that would be far easier in 
python too.
So a module to make an rpm I think is the way to go. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c62ccbab-be8a-46d9-a103-bd7f625e04a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible Playbook running for longtime/indefinitely for windows 2012 R2 Ansible Playbook

[Tony Chia]

Here are two things you can try
Try putting the win_ping module in a task in a playbook and run it.
Try adding -v (5 v for winrm connection debug info) to ansible-playbook


On Wednesday, March 7, 2018 at 11:32:51 PM UTC-8, Namasivayam C wrote:
>
>
> I am new to Ansible and I'm trying to configure windows 2012 R2 from RHEL 
> 7 Ansible Node. I'm able to establish connection between them using Winrm 
> Credssp. Below is /etc/ansible/group_vars/windows.yml file
>
>
> COMPONENT NAME
> urllib3.connectionpool https://192.168.2.211:5986 "POST /wsman HTTP/1.1" 
> 500 1320
>
>
> ANSIBLE VERSION
> ansible 2.3.1.0
>
> python version = 2.7.5
>
>
> ansible_user: admin
> ansible_password: XXX
> ansible_winrm_scheme: https
> ansible_winrm_transport: credssp
> ansible_port: 5986
> ansible_connection: winrm
> ansible_winrm_server_cert_validation: ignore
> validate_certs: false
>
> When I execute win_ping module for testing connection from Ansible node to 
> Windows 2012 R2 server it was successful.
>
> [root@Ansible-Server playbooks]# ansible windows -m win_ping
> XX.XX.XX.XX | SUCCESS => {
> "changed": false,
> "ping": "pong"
> }
>
> But When I have tried executing Windows 2012 R2 playbook file, after 
> submitting ansible-playbook playbook.yml command, it is continuously 
> waiting for indefinite time, as It is not completing.
>
> Below is the log that is constantly displaying same. Waiting continuously. 
> /var/log/ansible/log
>
> 2018-03-07 19:34:14,255 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:34:34,256 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:34:54,256 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:35:14,258 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:35:34,257 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:35:54,272 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:36:14,272 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:36:34,273 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:36:54,273 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:37:14,273 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:37:34,273 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:37:54,274 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:38:14,274 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:38:34,274 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
> 2018-03-07 19:38:54,274 urllib3.connectionpool https://192.168.2.211:5986 
> "POST 
> /wsman HTTP/1.1" 500 1320
>
> above log continues/updates same for every 20 sec.
>
> Could you please any one suggest where it' got stuck and how i can 
> identify and troubleshoot .
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/27612f51-b0ab-4451-8d95-438f21913060%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: networking not idempotent

[Mark Tovey]

On Thursday, March 8, 2018 at 1:43:44 PM UTC-8, Mark Tovey wrote:
>
>
> I am experimenting with the networking modules in Ansible to try to 
> understand how we can use Ansible to manage our network devices.  To that 
> end, I have written a simple playbook to apply an ACL to a router.  It 
> works well, except I notice that each time the playbook is run, the change 
> is applied.  It does not appear to be idempotent.
> My playbook looks like the following:
>
>   tasks:
>   - name: ACL before create
> ios_command:
>   provider: "{{provider}}"
>   commands:
> - show access-list TEST
> register: acl_before
>
>   - debug: var=acl_before.stdout_lines
>
>   - name: Create access list
> ios_config:
>   provider: "{{ provider }}"
>   authorize: yes
>   parents: ['ip access-list extended TEST']
>   lines:
> - 10 permit ip host 1.1.1.1 any
> - 20 deny ip any any
>   before: ['no ip access-list extended TEST']
>   match: exact
>   backup: yes
>
>   - name: ACL after create
> ios_command:
>   provider: "{{ provider }}"
>   commands:
> - show access-list TEST
> register: acl_after
>
>   - debug: var=acl_after.stdout_lines
>
> The first time the playbook is run, the ACL is applied properly as 
> expected.  But the next time the playbook is run, the ACL is again applied 
> even though it is clearly already present:
>
> PLAY [R1] 
> **
>
> TASK [ACL before create] 
> ***
> ok: [10.48.94.50]
>
> TASK [debug] 
> ***
> ok: [10.48.94.50] => {
> "acl_before.stdout_lines": [
> [
> "Extended IP access list TEST",
> "10 permit ip host 1.1.1.1 any",
> "20 deny ip any any"
> ]
> ]
> }
>
> TASK [Create access list] 
> **
> changed: [10.48.94.50]
>
> TASK [ACL after create] 
> 
> ok: [10.48.94.50]
>
> TASK [debug] 
> ***
> ok: [10.48.94.50] => {
> "acl_after.stdout_lines": [
> [
> "Extended IP access list TEST",
> "10 permit ip host 1.1.1.1 any",
> "20 deny ip any any"
> ]
> ]
> }
>
> PLAY RECAP 
> *
> 10.48.94.50: ok=5changed=1unreachable=0
> failed=0
>
> So what do I need to add to the playbook to ensure that it is 
> idempotent?
>

 

> I should mention that we are using Ansible version 2.3.1 on RHEL 7.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9001b2d8-d5b7-4cfa-8bf5-4fe59aa02cad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible Playbook running for longtime/indefinitely for windows 2012 R2 Ansible Playbook

[Jordan Borean]

We would probably need to see the playbook file and the output you are 
getting until it freezes so we can narrow down what task is taking forever. 
As for the HTTP 500 responses I don't think they are an issue, part of 
WinRM is to poll for command outputs and you get constant 500 responses 
from the server if there is no output so we try again until the command is 
complete.

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b32421ee-05a2-4f39-bf82-78ce42e2087a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] networking not idempotent

[Mark Tovey]

I am experimenting with the networking modules in Ansible to try to 
understand how we can use Ansible to manage our network devices.  To that 
end, I have written a simple playbook to apply an ACL to a router.  It 
works well, except I notice that each time the playbook is run, the change 
is applied.  It does not appear to be idempotent.
My playbook looks like the following:

  tasks:
  - name: ACL before create
ios_command:
  provider: "{{provider}}"
  commands:
- show access-list TEST
register: acl_before

  - debug: var=acl_before.stdout_lines

  - name: Create access list
ios_config:
  provider: "{{ provider }}"
  authorize: yes
  parents: ['ip access-list extended TEST']
  lines:
- 10 permit ip host 1.1.1.1 any
- 20 deny ip any any
  before: ['no ip access-list extended TEST']
  match: exact
  backup: yes

  - name: ACL after create
ios_command:
  provider: "{{ provider }}"
  commands:
- show access-list TEST
register: acl_after

  - debug: var=acl_after.stdout_lines

The first time the playbook is run, the ACL is applied properly as 
expected.  But the next time the playbook is run, the ACL is again applied 
even though it is clearly already present:

PLAY [R1] 
**

TASK [ACL before create] 
***
ok: [10.48.94.50]

TASK [debug] 
***
ok: [10.48.94.50] => {
"acl_before.stdout_lines": [
[
"Extended IP access list TEST",
"10 permit ip host 1.1.1.1 any",
"20 deny ip any any"
]
]
}

TASK [Create access list] 
**
changed: [10.48.94.50]

TASK [ACL after create] 

ok: [10.48.94.50]

TASK [debug] 
***
ok: [10.48.94.50] => {
"acl_after.stdout_lines": [
[
"Extended IP access list TEST",
"10 permit ip host 1.1.1.1 any",
"20 deny ip any any"
]
]
}

PLAY RECAP 
*
10.48.94.50: ok=5changed=1unreachable=0failed=0

So what do I need to add to the playbook to ensure that it is 
idempotent?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8493e275-9317-4b71-acf9-8ea63a7b36b6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Howto read variables from an vaut encrypted file

[neccross9]

unbeliveable ... but that was it !! 
Thanks a lot :)


Am Mittwoch, 7. März 2018 22:07:53 UTC+1 schrieb necc...@gmail.com:
>
> Hi all,
>
> the following task may sound easy but actually it fails all the time ...
>
> I want to store my password in a variable and put it into an ansible-vault 
> encrypted file.
> The content of this file will look like this:
>
> ---
> root_pass_sirius: "{{ TesT1234 }}"
>
> Now my check.yml shall read the encrypted file, get the password and login
>
> ---
> - hosts: sirius
>   remote_user: ansible
> #  gather_facts: no
>   become: yes
>   become_method: su
>   vars_files:
>  - enc_vars.yml
>
>   vars:
>  ansible_become_pass: '{{ root_pass_sirius }}'
>
>
> But the login fails with:
>
> FAILED! => {
> "msg": "The field 'become_pass' has an invalid value, which includes 
> an undefined variable. The error was: {{ Test1234 }}: 'TesT1234' is 
> undefined\nexception type:  'ansible.errors.AnsibleUndefinedVariable'>\nexception: {{ TesT1234 }}: 
> 'TesT1234' is undefined"
> }
>
> So it looks like ansible is unable to get the variable out of the 
> encrypted file ... but WHY ?
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c03058c4-c5d8-4fe3-b1ac-80db19521b24%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Permission denied while copy with sudo (Related to issue 2837)

[Toshio Kuratomi]

There's a configuration option, remote_tmp.  Setting that to a system
directory (like /tmp or /var/tmp ) can fix this error.

On Mar 8, 2018 5:04 PM, "Vamsi krishna"  wrote:

> Hi vincent,
>
> mee to facing the same issue...
> changing the tmp directory means, what you mean??
>
> you mean to change that in our hosts
>
> can u explain litttle bit clear...
>
> On Friday, July 19, 2013 at 9:30:53 AM UTC-7, Vincent Hardion wrote:
>>
>> I have just pull the last version but it is the same behaviour.
>>
>> ~/projects/cfg-maxlab-ansible/etc/ansible% ansible-playbook --version
>> ansible-playbook 1.3 (devel f4b1e426ea) last updated 2013/07/19 18:08:52
>> (GMT +200)
>>
>> TASK: [ensure NTP point out to the ntp server] *
>> failed: [computerA.se] => {"failed": true, "item": ""}
>> msg: Could not replace file: /home/xxx/.ansible/tmp/ansible
>> -1374250532.29-44727094344629/source to /etc/ntp.conf: [Errno 13]
>> Permission denied: '/home/xxx/.ansible/tmp/ansibl
>> e-1374250532.29-44727094344629/source'
>>
>>
>> By changing the temp directory it works.
>>
>> Thank you Michael and Brian.
>>
>> Vincent
>>
>>
>> On Fri, Jul 19, 2013 at 5:54 PM, Michael DeHaan 
>> wrote:
>>
>>> But yes, Brian is correct.   The ansible remote temp path should
>>> probably be configured and forced to /tmp in this case.
>>>
>>>
>>>
>>>
>>> On Fri, Jul 19, 2013 at 11:54 AM, Michael DeHaan <
>>> mic...@ansibleworks.com> wrote:
>>>
 Just for clarification, have you tried the development branch as of
 about 20 minutes ago?

 Some code changes in that regard and want to make sure you're trying
 latest before I try to replicate things.

 --Michael




 On Fri, Jul 19, 2013 at 4:26 AM, Vincent Hardion 
 wrote:

> Thanks for your answer.
> Effectively with the version of ansible is better. So I tried first
> with 1.2 (rpm from epel) but it happens with release1.2.1 and even the
> development branch.
>
> I'm the owner of ~/.ansible. But now you talk about "unique" maybe one
> thing: the home directory is nfs mount. So when I launch ansible from
> computer A to computer B, ansible use the same "drive" space.
>
> This pull request can be more explicit : https://github.com/ansible/a
> nsible/pull/3587.
>
> Best regards,
> Vincent
>
> --
> You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to ansible-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>



 --
 Michael DeHaan 
 CTO, AnsibleWorks, Inc.
 http://www.ansibleworks.com/


>>>
>>>
>>> --
>>> Michael DeHaan 
>>> CTO, AnsibleWorks, Inc.
>>> http://www.ansibleworks.com/
>>>
>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit https://groups.google.com/d/to
>>> pic/ansible-project/yCN_yXa_GkM/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> ansible-proje...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>
>>>
>>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/4bae621f-b1d9-4ed7-87db-3dc76678b30f%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPrnkaQNX9ii%2BVJBzZ7b0ehru%2Boxq%3Dd0btSPKYYZxjBYGLLaEA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] determining network os type?

[Marcos Georgopoulos]

Hi, 

There are various network modules for iOS,EOS, etc etc... 

What I was wondering is there a way to determine a hosts base os type so 
that the correct network module can be called? I have seen some sites 
reference 'ansible_network_os' 

like below. However I am not sure is this is simple a variable that has 
been set manually of something ansible sets when initially connecting to a 
device?

eos_facts:
  when: ansible_network_os == 'eos'

- name: Gather facts (ops)
  ios_facts:
  when: ansible_network_os == 'ios'

- name: Gather facts (vyos)
  vyos_facts:

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/54f1f07f-cefd-474f-950b-7cf181573e7e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] determining network os type?

[Ganesh Nalawade]

ansible_network_os is a reserved variable and need to be set manually.
More details can be found here
https://docs.ansible.com/ansible/devel/network/user_guide/platform_index.html

Regards,
Ganesh

On Fri, Mar 9, 2018 at 11:17 AM, Marcos Georgopoulos  wrote:

> Hi,
>
> There are various network modules for iOS,EOS, etc etc...
>
> What I was wondering is there a way to determine a hosts base os type so
> that the correct network module can be called? I have seen some sites
> reference 'ansible_network_os'
>
> like below. However I am not sure is this is simple a variable that has
> been set manually of something ansible sets when initially connecting to a
> device?
>
> eos_facts:
>   when: ansible_network_os == 'eos'
>
> - name: Gather facts (ops)
>   ios_facts:
>   when: ansible_network_os == 'ios'
>
> - name: Gather facts (vyos)
>   vyos_facts:
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/54f1f07f-cefd-474f-950b-7cf181573e7e%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2B6y2sGsPcFu9AJs5q%2BuyUuVsg_PUQhM1LFx9AovqTcVNQxdRQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible 2.5.0 Release Candidate 2 is available

[mattdavi]

Hi all- we're happy to announce that Release Candidate 2 of Ansible 2.5.0 
is now available! 


How do you get it?
--

All Ansible pre-releases in the 2.5 series will be published to PyPI. This 
is probably the easiest way for most users to install:

$ pip install ansible==2.5.0rc2 --user


The tar.gz of the release can be found here:

http://releases.ansible.com/ansible/ansible-2.5.0rc2.tar.gz
SHA256: 609066a807778228b4c3cb1b5f121c7d29d3abbf060079de65e434a9896f3efd

You can also test against the git repository as follows:

$ git clone https://github.com/ansible/ansible.git
$ cd ansible
$ git checkout v2.5.0rc2


You can then source our testing script:

$ . hacking/env-setup

or you can build your own .tar.gz (output will be 
dist/ansible-2.5.0rc2.tar.gz):

$ make sdist


Weekly pre-release builds are planned through release; all will be 
available via PyPI, releases.ansible.com, and GitHub.


Planned Release Schedule
--
Release Candidate 3 (if necessary): March 15, 2018
(further release candidates as necessary)
Final Release: mid-March, 2018 (target March 15, 2018, assuming no RC3)


Finally, we've published a draft porting guide at 
https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_2.5.html 
to help migrate your content to 2.5. If you discover any errors, or if you 
see any regressions from playbooks which work on 2.4.x and prior, please 
open a Github issue, and be sure to mention you're testing against 2.5.0rc2.


Thanks!

Matt Davis (@nitzmahone)
Ansible Core Engineering / 2.5 release manager

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2a7e2912-b254-4179-9b6d-493c01065c06%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Permission denied while copy with sudo (Related to issue 2837)

[Vamsi krishna]

Hi vincent,

mee to facing the same issue...
changing the tmp directory means, what you mean??

you mean to change that in our hosts 

can u explain litttle bit clear...

On Friday, July 19, 2013 at 9:30:53 AM UTC-7, Vincent Hardion wrote:
>
> I have just pull the last version but it is the same behaviour.
>
> ~/projects/cfg-maxlab-ansible/etc/ansible% ansible-playbook --version
> ansible-playbook 1.3 (devel f4b1e426ea) last updated 2013/07/19 18:08:52 
> (GMT +200)
>
> TASK: [ensure NTP point out to the ntp server] * 
> failed: [computerA.se] => {"failed": true, "item": ""}
> msg: Could not replace file: 
> /home/xxx/.ansible/tmp/ansible-1374250532.29-44727094344629/source to 
> /etc/ntp.conf: [Errno 13] Permission denied: 
> '/home/xxx/.ansible/tmp/ansible-1374250532.29-44727094344629/source'
>
>
> By changing the temp directory it works.
>
> Thank you Michael and Brian.
>
> Vincent
>
>
> On Fri, Jul 19, 2013 at 5:54 PM, Michael DeHaan  > wrote:
>
>> But yes, Brian is correct.   The ansible remote temp path should probably 
>> be configured and forced to /tmp in this case.
>>
>>
>>
>>
>> On Fri, Jul 19, 2013 at 11:54 AM, Michael DeHaan > > wrote:
>>
>>> Just for clarification, have you tried the development branch as of 
>>> about 20 minutes ago?
>>>
>>> Some code changes in that regard and want to make sure you're trying 
>>> latest before I try to replicate things.
>>>
>>> --Michael
>>>
>>>
>>>
>>>
>>> On Fri, Jul 19, 2013 at 4:26 AM, Vincent Hardion >> > wrote:
>>>
 Thanks for your answer.
 Effectively with the version of ansible is better. So I tried first 
 with 1.2 (rpm from epel) but it happens with release1.2.1 and even the 
 development branch.

 I'm the owner of ~/.ansible. But now you talk about "unique" maybe one 
 thing: the home directory is nfs mount. So when I launch ansible from 
 computer A to computer B, ansible use the same "drive" space.

 This pull request can be more explicit : 
 https://github.com/ansible/ansible/pull/3587.

 Best regards,
 Vincent

 -- 
 You received this message because you are subscribed to the Google 
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send 
 an email to ansible-proje...@googlegroups.com .
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

>>>
>>>
>>>
>>> -- 
>>> Michael DeHaan 
>>> CTO, AnsibleWorks, Inc.
>>> http://www.ansibleworks.com/
>>>
>>>
>>
>>
>> -- 
>> Michael DeHaan 
>> CTO, AnsibleWorks, Inc.
>> http://www.ansibleworks.com/
>>
>> -- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/ansible-project/yCN_yXa_GkM/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to 
>> ansible-proje...@googlegroups.com .
>> For more options, visit https://groups.google.com/groups/opt_out.
>>  
>>  
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4bae621f-b1d9-4ed7-87db-3dc76678b30f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Permission denied while copy with sudo (Related to issue 2837)

[Vamsi krishna]

When i am creating directory i am getting permission denied...

ansible version 2.4.3

"msg": "There was an issue creating /etc/ as requested: [Errno 13] 
Permission denied: b'/etc/'

On Thursday, March 8, 2018 at 5:03:59 PM UTC-8, Vamsi krishna wrote:
>
> Hi vincent,
>
> mee to facing the same issue...
> changing the tmp directory means, what you mean??
>
> you mean to change that in our hosts 
>
> can u explain litttle bit clear...
>
> On Friday, July 19, 2013 at 9:30:53 AM UTC-7, Vincent Hardion wrote:
>>
>> I have just pull the last version but it is the same behaviour.
>>
>> ~/projects/cfg-maxlab-ansible/etc/ansible% ansible-playbook --version
>> ansible-playbook 1.3 (devel f4b1e426ea) last updated 2013/07/19 18:08:52 
>> (GMT +200)
>>
>> TASK: [ensure NTP point out to the ntp server] * 
>> failed: [computerA.se] => {"failed": true, "item": ""}
>> msg: Could not replace file: 
>> /home/xxx/.ansible/tmp/ansible-1374250532.29-44727094344629/source to 
>> /etc/ntp.conf: [Errno 13] Permission denied: 
>> '/home/xxx/.ansible/tmp/ansible-1374250532.29-44727094344629/source'
>>
>>
>> By changing the temp directory it works.
>>
>> Thank you Michael and Brian.
>>
>> Vincent
>>
>>
>> On Fri, Jul 19, 2013 at 5:54 PM, Michael DeHaan  
>> wrote:
>>
>>> But yes, Brian is correct.   The ansible remote temp path should 
>>> probably be configured and forced to /tmp in this case.
>>>
>>>
>>>
>>>
>>> On Fri, Jul 19, 2013 at 11:54 AM, Michael DeHaan <
>>> mic...@ansibleworks.com> wrote:
>>>
 Just for clarification, have you tried the development branch as of 
 about 20 minutes ago?

 Some code changes in that regard and want to make sure you're trying 
 latest before I try to replicate things.

 --Michael




 On Fri, Jul 19, 2013 at 4:26 AM, Vincent Hardion  
 wrote:

> Thanks for your answer.
> Effectively with the version of ansible is better. So I tried first 
> with 1.2 (rpm from epel) but it happens with release1.2.1 and even the 
> development branch.
>
> I'm the owner of ~/.ansible. But now you talk about "unique" maybe one 
> thing: the home directory is nfs mount. So when I launch ansible from 
> computer A to computer B, ansible use the same "drive" space.
>
> This pull request can be more explicit : 
> https://github.com/ansible/ansible/pull/3587.
>
> Best regards,
> Vincent
>
> -- 
> You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible-proje...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>  
>  
>



 -- 
 Michael DeHaan 
 CTO, AnsibleWorks, Inc.
 http://www.ansibleworks.com/


>>>
>>>
>>> -- 
>>> Michael DeHaan 
>>> CTO, AnsibleWorks, Inc.
>>> http://www.ansibleworks.com/
>>>
>>> -- 
>>> You received this message because you are subscribed to a topic in the 
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit 
>>> https://groups.google.com/d/topic/ansible-project/yCN_yXa_GkM/unsubscribe
>>> .
>>> To unsubscribe from this group and all its topics, send an email to 
>>> ansible-proje...@googlegroups.com.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>  
>>>  
>>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1dfc6268-635b-4e92-849d-a701ef2b526a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Cannot get password from a vault file

[JiElPe-Fr38]

Dear all,

I am really stucked with this problem.
I have a vault file which is referenced within ansible.cfg and its password 
is stored in a file referenced on the command line through 
--vault-password-file.
This seems to be ok.

My vault contains (silly example for trials):
jenkins: totototo

I thought that I had understood that jenkins is considered as a var ( by 
the way, the file is included through include_vars), and therefore must be 
used as {{ jenkins }}.
And as it is about password used to create a user, the task could be 
something like :

-name: Create Jenkins User
user:
name: jenkins
groups: jenkins
state: present
password: "{{ jenkins | password_hash('sha512') }}"
comment: "Jenkins Instance user"
createhome: yes
home: /home/jenkins
shell: /usr/bin/bash
  become: yes
  become_user: root



The playbook runs OK.
But when going into the machine (a VM created with vagrant) through ssh as 
vagrant user, I cannot run su jenkins. The password *totototo* is refused.
Note that if I replace the password line with :
*password: "{{ 'totototo' | password_hash('sha512') }}"*
I can run a su jenkins with password totototo.

So ... what ?

Thanks for your help.
J-L

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/99f4554b-ac39-4225-b813-ef0f8510d11a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Retrieve EC2 Tags via Ansible

[Anurag Sernapally]

Hi All,

I have an requirement to execute specific ansible task based on the ec2 
tags thats been injected in the instance. I am using ansible version 2.2.

Can someone let me know how can I get the list of ec2 tags? Below is the 
code snippet that I am trying to execute.

Code:

---
- hosts: "{{ host }}"
  tasks:
  - name: Display the hostname
shell: hostname
  - debug:
  msg: "{{ host }}"
  - ec2_facts:
  - set_fact:
  in_id: "{{ ansible_ec2_instance_id }}"
  rg_id: "{{ ec2_region }}"
  - name: Retrieve all tags on an instance
ec2_tag:
  resource: '{{ in_id }}'
  region: '{{ rg_id }}'
  state: list
register: ec2_tags
  - name: List tags, such as Name and env
debug:
  msg: "{{ ec2_tags.tags.Environment }}"

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0a9c2da2-5200-4828-b57b-3dbf3718ae96%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.