(ansible)[ansible-eos]$ cat route.yaml
---
- hosts: veos01
gather_facts: no
vars:
route: 1.1.1.1/32
tasks:
- eos_command:
commands:
- show ip route | json
waitfor:
- "result[0].vrfs.default.routes[{{ route }}].hardwareProgrammed
eq true"
p
Ignore the request for filing an issue, I committed a change that should
fix this problem. The fix is available for testing in ansible/ansible devel
On Tue, Mar 22, 2016 at 4:25 PM, Peter Sprygada
wrote:
> Thats a bug... could you file an issue at
> github.com/ansible/ansible-modules-core please
Hi Uditha,
I can use "command" module to accomplish my "sudo apt-get install nginx"
task, But I want to schedule my play-book to run on every half hour to
maintain configuration in my client. In this case, it always will try to
install nginx every time. But if I use apt module, it will install t
Thank you for reply.
> What's wrong with doing it via inventory?
Installed OS in a host varies by timing, so I'm trying to prepare the
following two playbooks.
playbook_windows.yml : "ansible_connection: winrm" in vars section
playbook_linux.yml : "ansible_connection: ssh" in vars section
This
Just a pull request is all that is needed.
--
Brian Coca
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.co
Hi Guys,
I am having some issues getting add_host to create a dynamic inventory
correctly.
Here is the relevant section from my playbook:
tasks:
- name: Connect to Cloud
# assume RC file has already been sourced
os_auth:
- name: launch web instances
os_server:
Definitely. It would be great if I can contribute it.
What should I do first? Open an issue or pull request?
On Wednesday, March 23, 2016 at 12:52:08 AM UTC+9, Brian Coca wrote:
>
> Nice,
>
> Do you want to contribute it to ansible/ansible?
>
>
> --
> Brian Coca
>
--
You received this m
Update on ziploader:
After going down a rabbit hole of related bugs, I've had some time to
work on jimi-c's initial branch. The branch I have now[1]_ is passing
unittests and integration tests (at least through mysql... I have an
issue on my system that's preventing mysql from passing and I've be
Mike,
Thanks for your patience and assistance. I wanted to do it the way you
suggested so that I get in the habit of crafting my roles that can be
useful in other ways later. With that said, I think I am getting the hang
of what you are saying. I started completely over and separated my roles.
moustaches do not stack
home="{{ item.value.home | default("/home/" + item.key) }}"
--
Brian Coca
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
seems like you wanted:
when: "( '0 to upgrade, 0 to newly install' not in
ruby_installed_version.stdout) and ( '0 upgraded, 0 newly installed' not in
ruby_installed_version.stdout)"
making them a list ( -) is an implicit AND.
--
Brian Coca
--
You received this message because you are
Updating the ansible credentials to leave out the privelege escalation
worked thanks
On Tuesday, March 22, 2016 at 10:15:44 PM UTC+1, Brian Coca wrote:
>
> I believe the issue is you are using become wrong, as per that sudoers
> file you can just leave the `become_user: root` and it will work lo
Sorry if I have this wrong - the nested YAML quote thing is hurting my
eyes - but I think you can do what you want with group_vars - have a
look at the docs for that.
On 22 March 2016 at 17:55, Roy wrote:
> Hi,
>
>
> I am trying to use include_vars based on when condition as follows:
>
> - inclu
I'm using the ec2_remote_facts module to get a list of instances based on
filters.
I want to create another list that contains the
ec2_facts.instances[0-n].private_ip
This is the logic I'm after
- name: Set server names address for webapp proxy server
set_fact:
servers[item]: "{{ e
I believe the issue is you are using become wrong, as per that sudoers file
you can just leave the `become_user: root` and it will work logging in
either as sshuser or machineadmin (also `become_method: sudo`), or just
don't set them as those are the defaults.
--
Brian Coca
--
You recei
If i go into visudo (centos) I have the following
sshUser ALL=(ALL) NOPASSWD: ALL
machineAdminALL=(ALL) NOPASSWD: ALL
so yes?
On Tuesday, March 22, 2016 at 9:48:25 PM UTC+1, Benjamin Redling wrote:
>
> On 2016-03-22 20:25, Aaron Axisa wrote:
> > TASK [gosa : Install EPEL Package
I have some custom Ansible modules to scratch my own itches. Two are very
significant:
- s3enc: get/put s3 files with KMS-based client-side encryption
- s3_sync: high-speed s3 uploader
https://github.com/tedder/tedder_ansible_library/tree/master/library
Enjoy,
-ted
--
You received this message
On 2016-03-22 20:25, Aaron Axisa wrote:
> TASK [gosa : Install EPEL Package]
> * task path:
> /var/lib/awx/projects/_8__bitbucket_ldap/ansible/roles/gosa/tasks/main.yml:15<192.168.20.4>
> ESTABLISH SSH CONNECTION FOR USER: sshUser<192.168.20.4> SSH:
Have
If i run the yum install as the machineAdmin user it is fine on the
machine. Ansible is somehow losing the privledges?
And it's using su machineAdmin cause ansible tower is configured that the
sshUser's privelege escalation is of type su and with credentials for
machineAdmin
(In reality both m
like I said, since you've put this into a role, "separating this into
multiple plays would be more complicated", so you're better off not
splitting it up and instead, doing what you were doing
copied from your earlier post (with the typo pointed out by Uditha
corrected:
In app_install_main.ym
So in the first debug I see "su machineAdmin" which might not have access
to the specific action if yum is giving you that message.
@Brandon, this is useless:
remote_user: "{{user_to_use}}"
become: yes
become_user: "{{user_to_use}}"
^ that is the same as writing sudo 'myself', the become
Thats a bug... could you file an issue at
github.com/ansible/ansible-modules-core please?
On Tue, Mar 22, 2016 at 2:17 PM, Martin Baro
wrote:
> Hi Uditha,
>
> Thanks for the reply.
> I've simplified the problem a bit (just removed the variable) and with
> removing the "" around the whole stateme
Hi Mike,
Thanks for the suggestions. I tried to implement what you mentioned and I
ended up breaking everything. I am completely lost with this. I am just
going to have to start over at this point. Between sanitizing the data to
post here and then trying to translate your suggestions back to wh
TASK [gosa : Install EPEL Package]
* task path:
/var/lib/awx/projects/_8__bitbucket_ldap/ansible/roles/gosa/tasks/main.yml:15
<192.168.20.4>
ESTABLISH SSH CONNECTION FOR USER: sshUser <192.168.20.4> SSH: ansible.cfg
set ssh_args: (-o)(ControlMaster
run with - to see what ansible is doing.
--
Brian Coca
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.
I have the following playbook
---
- name: myPlaybook
hosts: "{{machine_to_setup}}"
remote_user: "{{user_to_use}}"
become: yes
roles:
# Install Gosa - part 1
- { role: gosa, become: yes }
(I know become is duplicated.
With the following role content:
---
# Requires Ansible v
a) you are using {{}} in when clause
b) you start a YAML value by a quote but do not end by a quote
c) you want this:
when: inventory_hostname in groups['hadoop-clouderamanager']
or
when: "'hadoop-clouderamanager' in group_names"
--
Brian Coca
--
You received this message because you
The way ansible works is by running arbitrary scripts (modules) on the
remote machine, as such it is very hard to make sudo rules to allow this
that are virtually equivalent to ALL.
Some modules do execute system commands, many others use syscalls
directly, so even if we introduce a way to 'deleg
If that's all you really need, invoke it via a "command" stanza with a
passwordless sudo. Problem solved.
On Tuesday, 22 March 2016 18:46:35 UTC, Matt Calhoun wrote:
>
> Sure, except that I am running ansible on an unattended deployment box
> (Jenkins) in this case vs real humans running interac
Sure, except that I am running ansible on an unattended deployment box
(Jenkins) in this case vs real humans running interactively in the case of
my admins.
I'm trying to follow a policy of least privilege and grant the user only
the rights to restart the nginx server as root (needs it to access p
you can use ansible + sudo + sudo password, you end up with exact same
security.
--
Brian Coca
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansib
I'm not sure I agree with that. With our admins, we have ssh with key +
sudo with a password. With this setup (running ansible as a deploy user to
deploy a web app), the only protection I have is the ssh key.
Is there a good reason the ansible user can't be restricted to specific
commands via s
Hi Uditha,
Thanks for the reply.
I've simplified the problem a bit (just removed the variable) and with
removing the "" around the whole statement I managed to preserve the quotes.
Unfortunately it didn't solve the problem:
waitfor:
- result[0].vrfs.default.routes[\'1.2.3.4/30\'].hard
Hi,
I am trying to use include_vars based on when condition as follows:
- include_vars: clouderamanager.yml
when: "'{{ inventory_hostname }}' in groups['hadoop-clouderamanager']"
- include_vars: hadoop-namenode.yml
when: "'{{ inventory_hostname }}' in groups['hadoop-namenode']"
- include_v
DOH thanks so much! that worked.
On Tuesday, March 22, 2016 at 12:20:41 PM UTC-4, Uditha Desilva wrote:
>
> You didn't specify the inventory in the 2nd command... try
>
> *ansible -i hosts -m ping all*
>
> On Tuesday, 22 March 2016 15:06:10 UTC, Leroy Walker Jr wrote:
>>
>> I could really use
You can put them in the same or sub dir as your modules. Or, you can put
them anywhere, just append the path in the module. However, if you want
multiple modules in multiple roles to share the same libs, then things get
tricky. I've done that by appending '../../pylibs/' to my sys.path to get
t
Given my understanding of the way Ansible bundles up modules, I am not sure
that will work. You may need to install your custom python libraries on
each of your target systems.
On Monday, 21 March 2016 18:41:07 UTC, Alexey Wasilyev wrote:
>
> Hello!
>
> I am writing a set of custom ansible modul
It's no more a security role than allowing your sysadmins to su to root...
On Monday, 21 March 2016 18:28:21 UTC, Matt Calhoun wrote:
>
> Is there really no way to give the ansible user specific sudo NOPASSWD
> privileges? This seems like a huge security hole!
>
> On Monday, March 21, 2016 at 9:2
What's wrong with doing it via inventory?
I suppose you could try explicitly setting
hostvars.['localhost'].ansible_connection_method="local"
as a workaround.
Uditha.
On Tuesday, 22 March 2016 15:06:09 UTC, Yuri wrote:
>
> Hello,
>
> (Ansible version:2.0.0)
>
> I tried to execute the followin
Looks like your "ansible_connection: winrm" is overriding the connection
method for localhost. Any reason why you can't define those as group
variables via inventory?
On Tuesday, 22 March 2016 15:06:09 UTC, Yuri wrote:
>
> Hello,
>
> (Ansible version:2.0.0)
>
> I tried to execute the following
You didn't specify the inventory in the 2nd command... try
*ansible -i hosts -m ping all*
On Tuesday, 22 March 2016 15:06:10 UTC, Leroy Walker Jr wrote:
>
> I could really use some help on this issue. I have a hosts file with one
> server.
> the hosts looks like
>
> *[vm]*
> *172.20.20.106*
>
>
You need a group as the second argument. try
ansible -i hosts vm -m ping
On 22 March 2016 at 14:33, Leroy Walker Jr wrote:
> I could really use some help on this issue. I have a hosts file with one
> server.
> the hosts looks like
>
> [vm]
> 172.20.20.106
>
> when i run the host command, i get:
Nice,
Do you want to contribute it to ansible/ansible?
--
Brian Coca
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@go
Hi all,
When I write a playbook and run it, I often add a stupid bug and running
the playbook fails at some point. Fixing these bugs often takes time since
I am not sure actual values of facts, variables and so on. Then I think it
would be nice if I have a debugger for it.
So I've created 'deb
Hi, i have a problem with --start-at-task in ansible 2.0.1.0
*playbook front.yml*
---
- hosts: all
become: yes
remote_user: vagrant
gather_facts: no
tasks:
- name: "one"
apt_repository: repo='ppa:nginx/development'
- name: "two"
action: apt pkg={{ item }} state=installed
I could really use some help on this issue. I have a hosts file with one
server.
the hosts looks like
*[vm]*
*172.20.20.106*
when i run the host command, i get:
* ansible -i hosts --list-hosts all*
* hosts (1):*
* 172.20.20.106*
but when i run a simple ping command
*ansible hosts -m ping*
*
Hello,
(Ansible version:2.0.0)
I tried to execute the following playbook.
---
- name: test
hosts: remote_windows_host
vars:
ansible_ssh_user: XXX
ansible_ssh_pass: XXX
ansible_ssh_port:
ansible_connection: winrm
tasks:
- name: setup(remote windows host)
s
On 03/22/2016 01:33, Gaya wrote:
> The installation was successful (I also tried an upgrade later). However
> for some commands I run like "ansible -v", I get the following error and it
> displays the help.
>
> ERROR! Missing target hosts
Maybe you missed the first line were it shows you the sy
It may need more protection for those quotes -- perhaps this?
- "result[0].vrfs.default.routes[\'{{ route }}\'].hardwareProgrammed
eq true"
>
>>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and sto
https://gist.github.com/ptman/9bd8223272e2c0e27b2b
Cheers,
Paul
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
Thank you Michel for your suggestions.
On Mon, Mar 21, 2016 at 12:39 PM, Michel blanc
wrote:
> Le 21/03/2016 12:30, poiuytrez a écrit :
> > Hello,
> >
> > We are a team of 10 people. Our ansible playbooks are hosted on a git
> > repository. It happens that someone deploys an outdated version of
I will try with the development branch and will post the results.
Do we have an official image of Ansible's latest devel branch on docker hub
?
On Monday, 21 March 2016 19:19:11 UTC+5:30, J Hawkesworth wrote:
>
> It looks like a fix for this has already been made in latest development
> version
52 matches
Mail list logo