date:20180411

[ansible-project] unable to fit the piece of code in ansible

2018-04-11 Thread Bishwajit Samanta

Hi all,

I am a beginner in ansible. If anyone can help me in finding the answer. It 
would be great. My problem was finding a phrase in ansible which one of the 
person have helped me. But unfortunately i am not able to fit the piece of 
code in my playbook.

hostinfo:
  host001':
ip: 192.168.43.10
hostclass: 'puppet'
  'host002':
ip: 192.168.43.11
hostclass: 'ess'
  'host003':
ip: 192.168.43.21
hostclass: 'mdb'

the code was::

- debug: 
  msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
'ess')|first|first }}"

Now i am writing the code as given below. I know in this piece of code i am 
making mistakes. But since i am a beginner i am not able to understand it. 
Can anyone help me?

---
- hosts: test
  gather_facts: no 

- debug: 
  msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
'ess')|first|first }}"

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/da7d078e-2f2f-4e2d-af26-3435a9a28116%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to use the same dictionary to loop over two tasks? is it possible using block?

2018-04-11 Thread Tony Chia

I.e. 
instead of doing this which does win_iis_website,win_iis_website,etc then 
win_iis_webbinding,win_iis_webbinding, etc

  - name: Create IIS site
win_iis_website:
  name:   '{{ item.key }}'
  state: started
  application_pool:   '{{ item.value.application_pool }}'
  physical_path:  '{{ item.value.physical_path }}'
with_dict:"{{ sites }}"
  - name: Bind Site
win_iis_webbinding:
  name:   '{{ item.key }}'
  protocol: https
  ip: '{{ ansible_ip_addresses[0] }}'
  port:   '{{ item.value.http_port }}'
  certificate_hash:   '{{ item.value.cert_thumbprint }}'
with_dict:"{{ sites }}"

I would like to do this so that the win_iis_webbinding is called 
immediately after win_iis_website instead of calling 
win_iis_website,win_iis_website,etc then win_iis_webbinding, 
win_iis_webbinding, etc

- block:
  - name: Create IIS site
win_iis_website:
  name:   '{{ item.key }}'
  state: started
  application_pool:   '{{ item.value.application_pool }}'
  physical_path:  '{{ item.value.physical_path }}'
  - name: Bind Site
win_iis_webbinding:
  name:   '{{ item.key }}'
  protocol: https
  ip: '{{ ansible_ip_addresses[0] }}'
  port:   '{{ item.value.http_port }}'
  certificate_hash:   '{{ item.value.cert_thumbprint }}'
  with_dict:"{{ sites }}"
  tags: webapp

However  I got this
ERROR! 'with_dict' is not a valid attribute for a Block

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6ec9c113-fbed-46db-9098-cc84a0008b18%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Can we selectively install Windows Updates with Ansible

2018-04-11 Thread Jordan Borean

Hi

With Ansible 2.5 you can now select a blacklist of updates to skip when 
running the task. An example can be seen on the module documentation page 
http://docs.ansible.com/ansible/latest/modules/win_updates_module.html. 
Another way of doing it if you have a WSUS setup is to not approve the 
updates for any server that shouldn't have them.

Thanks

Jordan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6a777f3c-3b72-4600-a1c0-0a6bbd6c886a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible error : ERROR! The tasks/main.yml file for role 'xyz' must contain a list of tasks

2018-04-11 Thread Brian Coca

`tasks:` should only appear in a play, not a tasks list for a role,
remove it and it should work.

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7cXGaAEcAs5jPw%3Do%2BOUrquVeF%3D3X8pS6dzfs-dPFr_47Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible error : ERROR! The tasks/main.yml file for role 'xyz' must contain a list of tasks

2018-04-11 Thread Irfan Sayed

Hello,
i have following simple YAML play file

---
tasks:
- name: Execute the command in remote shell; stdout goes to the specified file
on the remote.
shell: echo hi

but when running ansible-playbook command: getting following error

ERROR! The tasks/main.yml file for role 'xyz' must contain a list of tasks

The error appears to have been in
'/home/cdkubemaster1/plabook_structure/roles/xyz/tasks/main.yml': line 2,
column 1, but may
be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:
--

tasks:
^ here

exception type:
exception: {u'tasks': [{u'shell': u'echo hi', u'name': u'Execute the
command in remote shell; stdout goes to the specified file on the
remote.'}]} should be a list or None but is

what is expected:
All the tasks mentioned in the playbook should be executed ...
i have here just one tasks , but the error says , need to have all the list
of tasks ..
Not getting what is mean to that ?
please suggest

Regards,

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/d471705b-cd6c-41cf-9b5a-a0e97d12c5bd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible 2.4 to 2.5 files - file module change

2018-04-11 Thread Jan Fader

Hi Mike

Am Tue 10. Apr. 2018, hat Mike Garris geschrieben:
> Am I reading the docs correctly with regards to the file module being 
> changed?

The module file.py in plugins still "Sets attributes of files"
https://github.com/ansible/ansible/blob/stable-2.5/lib/ansible/modules/files/file.py
in 2.5 but the link is pointing to the file.py in lookup-plugins.

Seems like this error is only in the documentation. I've checked a fresh
build of the docs and the wrong link is already fixed there.

Regards
Jan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/20180411183919.txyp6oqlyzrhxpil%40fader-archlinux-hp.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible module for vRA

2018-04-11 Thread Luis Bonilla

Hey Ivan,

Did you find something? I found this today while searching for an Ansible 
module that will request base OS blueprints from VRA. Let me know.

https://github.com/LinuxArchitects/Ansible-VMware-vRealize-Automation


On Friday, September 29, 2017 at 5:24:12 AM UTC-7, Ivan Pacheco wrote:
>
> I'm looking for an ansible module to work with vRA similary to the one to 
> work with vCenter, but so far I'm unable to find any official module. 
> Basically be able to provision VMs and execute tasks over them, shutdown, 
> clone, etc.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/73a0e7ac-017c-4bf2-8f8f-57d866f44381%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Where to put files and templates that don't belong to a role

2018-04-11 Thread Kai Stian Olstad

On Wednesday, 11 April 2018 15.13.51 CEST Clayton Louden wrote:
> Hi everyone,
> 
> Where do you usually put files or templates that are just used in a certain 
> play but are not part of a role?

For the most part in a role.


> Currently I do have them just alongside my 
> playbooks organised by play

Some file like ssh and gpg public keys is located on top level inside files/ 
directly.
The reason for this is that it make it easier for people since they don't need 
to go deep down into a role if they need to change their files or add files.


> This however is a bit awkward when using it in a play since I always have 
> to specify the play subfolder in files/ or templates/
> 
> - name: Copy extensions.conf 
>   copy: src=files/someplay/extensions.conf dest=/etc/extensions.conf 
> 
> Now this can be easily solved by converting that particular playbook into a 
> role and then just using 'templates/somethemplate.js' and 'files/somefile' 
> without the 'play' subdirectory.

When using template it automatically check the templates folder so you don't 
need to include templates/, somethemplate.js suffice.
The same are try for copy and the files/ directory in a role.


> That however has the side-effect that I'd 
> have a rather stupid playbook that just includes a role, which I find 
> rather annoying:
> 
> - name: Configure server 
>   hosts: mysinglehost
>   roles: 
> - role: custom_configure_server_role

Personally i find this cleaner that having a task.
And if you have more than one host that need it, you only have one place to 
change the code if needed.

You can leave out role:

  roles: 
- custom_configure_server_role


> I've heard from other ansible guys that they treat 'everything as a role'. 
> Maybe it's just me but I find that opening a playbook just to find out that 
> it contains just one custom role a bit redundant. How do you guys usually 
> do this?

If the config is very small I sometimes do someting like this since it fast and 
easy to grasp

  - name: Runing check every minute
copy:
  content: |
# Managed by Ansible
* * * * * root /usr/local/bin/check
  dest: /etc/cron.d/hourly_check


-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1644662.yEBPTpHtCN%40x1.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: finding a phrase through ansible script

2018-04-11 Thread Bishwajit Samanta

Hi, thanks for sharing the docs link. In the meanwhile i am not able to go 
in the right direction of solving the problem. so far what i have done is ::

1. converted the text file to json through python.
2. write some ansible codes, which in return it is dumping the contents but 
i am not able to get the thing i want.



---

- hosts: devops
  gather_facts: no
  vars:
contents: "{{ lookup('file', '/root/ansible/sample_1.json') | from_json 
}}"

  tasks:

- debug:
  msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
'ess')|first|first }}"

- debug:
   msg: "{{ contents }}"



Can you guide in my problem please.. 



On Wednesday, April 11, 2018 at 10:26:47 PM UTC+5:30, Matt Martz wrote:
>
> Templating in Ansible is handled by Jinja2.  You can find documentation on 
> Jinja2 at http://jinja.pocoo.org/docs/dev/templates/
>
> For the `first` filter specifically: 
> http://jinja.pocoo.org/docs/dev/templates/#first
>
> On Wed, Apr 11, 2018 at 11:47 AM, Bishwajit Samanta <
> bishwajits...@gmail.com > wrote:
>
>> @Matt Martz : I am sorry to ask silly questions, regarding ansible as by 
>> seeing the small piece of code, i can understand you must be an ansible 
>> expert. If possible you can help me in my problem explanation a bit. 
>>
>> And any such links for learning you want to refer, please refer me. As i 
>> googled selectattr but first|first parameter which you have passed i am not 
>> getting any good document. If you can help me in referring such, it would 
>> be of very nice help.
>>
>>
>>
>> On Wednesday, April 11, 2018 at 9:36:13 PM UTC+5:30, Bishwajit Samanta 
>> wrote:
>>>
>>> I am glad you replied so fast, but sorry to say i am not an ansible 
>>> expert . I am just a beginner . I just typed the code. Can you help me in 
>>> understanding  where i am not correct.
>>>
>>> ---
>>>
>>> - hosts: devops
>>>
>>>   tasks:
>>> - debug:
>>>msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
>>> 'ess')|first|first }}"
>>>
>>> ~
>>> ~
>>>
>>>
>>>
>>>
>>> On Wednesday, April 11, 2018 at 8:54:15 PM UTC+5:30, Bishwajit Samanta 
>>> wrote:

 i am having a problem in finding solution. I have a piece of file which 
 contains data in below format (json type with quotes)::-

 hostinfo:
   'host001':
 ip: x.x.x.x
 hostclass: 'puppet'
   'host002':
 ip: y.y.y.y
 hostclass: 'ess'
   'host003':
 ip: z.z.z.z
 hostclass: 'mdb'

 Now my task is to find out the hostname of the system belong to 
 hostclass 'ess' , which in this case the answer in host002. I have to 
 write 
 an ansible script to find out the result. Can anyone help me in finding 
 out, or any idea to approach for the problem.

 Issue Type:: Finding a phrase through ansible
 Ansible Version:: Ansible 2.4.0
 Component Name:: It looks similar to json type file.



 -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/e685426e-a978-4ae9-be43-6ed342d3225a%40googlegroups.com
>>  
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d49d691b-9234-424b-ad2a-b06dbc0ccc1a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: vsphere wait for vm powered off

2018-04-11 Thread Kai Stian Olstad

On Wednesday, 11 April 2018 11.05.42 CEST Zeljko Dokman wrote:
> Hi, thank you, your suggestion works. 
> I am wondering are this options documented some where? or how can I list 
> this option for a module?
> Ansible documentation is not covering all this options or I haven't been 
> able to find it.  

The directives one the same level as vsphere_guest is not part of the module 
they are part of the task.
The directive you can use and where is documented here
https://docs.ansible.com/ansible/latest/reference_appendices/playbooks_keywords.html

The documentation for until you'll find here
https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html#do-until-loops


-- 
Kai Stian Olstad

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3565170.M0x84ycpnk%40x1.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: finding a phrase through ansible script

2018-04-11 Thread Matt Martz

Templating in Ansible is handled by Jinja2.  You can find documentation on
Jinja2 at http://jinja.pocoo.org/docs/dev/templates/

For the `first` filter specifically:
http://jinja.pocoo.org/docs/dev/templates/#first

On Wed, Apr 11, 2018 at 11:47 AM, Bishwajit Samanta <
bishwajitsamanta1...@gmail.com> wrote:

> @Matt Martz : I am sorry to ask silly questions, regarding ansible as by
> seeing the small piece of code, i can understand you must be an ansible
> expert. If possible you can help me in my problem explanation a bit.
>
> And any such links for learning you want to refer, please refer me. As i
> googled selectattr but first|first parameter which you have passed i am not
> getting any good document. If you can help me in referring such, it would
> be of very nice help.
>
>
>
> On Wednesday, April 11, 2018 at 9:36:13 PM UTC+5:30, Bishwajit Samanta
> wrote:
>>
>> I am glad you replied so fast, but sorry to say i am not an ansible
>> expert . I am just a beginner . I just typed the code. Can you help me in
>> understanding  where i am not correct.
>>
>> ---
>>
>> - hosts: devops
>>
>>   tasks:
>> - debug:
>>msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto',
>> 'ess')|first|first }}"
>>
>> ~
>> ~
>>
>>
>>
>>
>> On Wednesday, April 11, 2018 at 8:54:15 PM UTC+5:30, Bishwajit Samanta
>> wrote:
>>>
>>> i am having a problem in finding solution. I have a piece of file which
>>> contains data in below format (json type with quotes)::-
>>>
>>> hostinfo:
>>>   'host001':
>>> ip: x.x.x.x
>>> hostclass: 'puppet'
>>>   'host002':
>>> ip: y.y.y.y
>>> hostclass: 'ess'
>>>   'host003':
>>> ip: z.z.z.z
>>> hostclass: 'mdb'
>>>
>>> Now my task is to find out the hostname of the system belong to
>>> hostclass 'ess' , which in this case the answer in host002. I have to write
>>> an ansible script to find out the result. Can anyone help me in finding
>>> out, or any idea to approach for the problem.
>>>
>>> Issue Type:: Finding a phrase through ansible
>>> Ansible Version:: Ansible 2.4.0
>>> Component Name:: It looks similar to json type file.
>>>
>>>
>>>
>>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/e685426e-a978-4ae9-be43-6ed342d3225a%40googlegroups.
> com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v_4ORtzwLKugC%2B65sREp%3D6awndkQjzao2V2Eu_zn5O2Gw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: finding a phrase through ansible script

2018-04-11 Thread Bishwajit Samanta

@Matt Martz : I am sorry to ask silly questions, regarding ansible as by 
seeing the small piece of code, i can understand you must be an ansible 
expert. If possible you can help me in my problem explanation a bit. 

And any such links for learning you want to refer, please refer me. As i 
googled selectattr but first|first parameter which you have passed i am not 
getting any good document. If you can help me in referring such, it would 
be of very nice help.


On Wednesday, April 11, 2018 at 9:36:13 PM UTC+5:30, Bishwajit Samanta 
wrote:
>
> I am glad you replied so fast, but sorry to say i am not an ansible expert 
> . I am just a beginner . I just typed the code. Can you help me in 
> understanding  where i am not correct.
>
> ---
>
> - hosts: devops
>
>   tasks:
> - debug:
>msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
> 'ess')|first|first }}"
>
> ~
> ~
>
>
>
>
> On Wednesday, April 11, 2018 at 8:54:15 PM UTC+5:30, Bishwajit Samanta 
> wrote:
>>
>> i am having a problem in finding solution. I have a piece of file which 
>> contains data in below format (json type with quotes)::-
>>
>> hostinfo:
>>   'host001':
>> ip: x.x.x.x
>> hostclass: 'puppet'
>>   'host002':
>> ip: y.y.y.y
>> hostclass: 'ess'
>>   'host003':
>> ip: z.z.z.z
>> hostclass: 'mdb'
>>
>> Now my task is to find out the hostname of the system belong to hostclass 
>> 'ess' , which in this case the answer in host002. I have to write an 
>> ansible script to find out the result. Can anyone help me in finding out, 
>> or any idea to approach for the problem.
>>
>> Issue Type:: Finding a phrase through ansible
>> Ansible Version:: Ansible 2.4.0
>> Component Name:: It looks similar to json type file.
>>
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e685426e-a978-4ae9-be43-6ed342d3225a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: win_package

2018-04-11 Thread lpescatore via Ansible Project

Hi Bill, 
Try this:

  become: yes

  become_method: runas

  become_user: SYSTEM

On Wednesday, April 11, 2018 at 9:24:28 AM UTC-7, William Dossett wrote:
>
> Hi,
>
> Fairly new to Ansible, but  I am just finishing a fairly extensive course 
> on Linux Academy.  I have some good use cases... the first one is 
> configuring windows VMs to have a number of packages installed 
> automatically.  Currently I can uninstall old versions of java and install 
> the most current version of java on a number of VMs.
>
> I have a problem with the install thought that I can't seem to put my 
> finger on, but have reproduced several times now specifically on windows 
> 2016 servers and possibly on windows 2012.
>
> These VMs are automatically put on the domain when they are provisioned.  
> We are an engineering shop and we add all domain users to the local 
> administrator group as any engineer can logon to any VM as administrator.  
> These are engineering clusters only.
>
> I have configured Kerberos and it works fine in general, however when I 
> try to use win_package to install from a network share I have problems.
>
>
>  - name: Install Java from network share
> win_package:
>  path: \\fileserver.mycorp.local\share\java\JavaSetup8u161.exe
>  product_id: '{26A24AE4-039D-4CA4-87B4-2F32180161F0}'
>  state: present
>  arguments: /s
>  user_name: MYCORP\myuser
>  user_password: secretpassword
>
> it fails with permissions
>
> "failed to connect network drive with credentials: Access is denied"
>
> I am a member of domain admins, and administrators... I can logon to these 
> systems and execute the package from PS console and it works fine, but not 
> using win_package
>
> If I change the user from myuser to administrator, then it works.  It 
> seems like this is to do with ansible as I can execute it from console as 
> me fine, but if anyone has any advice on what the problem might be, I would 
> sure appreciate it as this is kind of stumbling block to move on to a full 
> configuration that I am trying to achieve.
>
> Thanks
> Bill
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8d4fdc38-b6c7-4060-8429-031c7a32fbe4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] win_package

2018-04-11 Thread William Dossett

Hi,

Fairly new to Ansible, but I am just finishing a fairly extensive course
on Linux Academy. I have some good use cases... the first one is
configuring windows VMs to have a number of packages installed
automatically. Currently I can uninstall old versions of java and install
the most current version of java on a number of VMs.

I have a problem with the install thought that I can't seem to put my
finger on, but have reproduced several times now specifically on windows
2016 servers and possibly on windows 2012.

These VMs are automatically put on the domain when they are provisioned.
We are an engineering shop and we add all domain users to the local
administrator group as any engineer can logon to any VM as administrator.
These are engineering clusters only.

I have configured Kerberos and it works fine in general, however when I try
to use win_package to install from a network share I have problems.

- name: Install Java from network share
win_package:
path: \\fileserver.mycorp.local\share\java\JavaSetup8u161.exe
product_id: '{26A24AE4-039D-4CA4-87B4-2F32180161F0}'
state: present
arguments: /s
user_name: MYCORP\myuser
user_password: secretpassword

it fails with permissions

"failed to connect network drive with credentials: Access is denied"

I am a member of domain admins, and administrators... I can logon to these
systems and execute the package from PS console and it works fine, but not
using win_package

If I change the user from myuser to administrator, then it works. It seems
like this is to do with ansible as I can execute it from console as me
fine, but if anyone has any advice on what the problem might be, I would
sure appreciate it as this is kind of stumbling block to move on to a full
configuration that I am trying to achieve.

Thanks
Bill

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e2fec1cd-ba8f-41d8-ad51-a74453a54c37%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: finding a phrase through ansible script

2018-04-11 Thread Bishwajit Samanta

I am glad you replied so fast, but sorry to say i am not an ansible expert 
. I am just a beginner . I just typed the code. Can you help me in 
understanding  where i am not correct.

---

- hosts: devops

  tasks:
- debug:
   msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto', 
'ess')|first|first }}"

~
~




On Wednesday, April 11, 2018 at 8:54:15 PM UTC+5:30, Bishwajit Samanta 
wrote:
>
> i am having a problem in finding solution. I have a piece of file which 
> contains data in below format (json type with quotes)::-
>
> hostinfo:
>   'host001':
> ip: x.x.x.x
> hostclass: 'puppet'
>   'host002':
> ip: y.y.y.y
> hostclass: 'ess'
>   'host003':
> ip: z.z.z.z
> hostclass: 'mdb'
>
> Now my task is to find out the hostname of the system belong to hostclass 
> 'ess' , which in this case the answer in host002. I have to write an 
> ansible script to find out the result. Can anyone help me in finding out, 
> or any idea to approach for the problem.
>
> Issue Type:: Finding a phrase through ansible
> Ansible Version:: Ansible 2.4.0
> Component Name:: It looks similar to json type file.
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b649014c-236d-43ab-993b-3ec643fa8cda%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] finding a phrase through ansible script

2018-04-11 Thread Matt Martz

The following task will find that:

- debug:
msg: "{{ hostinfo|dictsort|selectattr('1.hostclass', 'equalto',
'ess')|first|first }}"

That takes the `hostinfo` dict, turns it into a list of tuples, selects
where `hostclass` equals `ess`, gets the first result (there should only be
one here), and then gets the first element.

If you don't have jinja2 version with the `equalto` test, you can replace
that with `search` or `match`

It outputs:

TASK [debug] 


*
ok: [localhost] => {
"msg": "host002"
}

On Wed, Apr 11, 2018 at 10:24 AM, Bishwajit Samanta <
bishwajitsamanta1...@gmail.com> wrote:

> i am having a problem in finding solution. I have a piece of file which
> contains data in below format (json type with quotes)::-
>
> hostinfo:
>   'host001':
> ip: x.x.x.x
> hostclass: 'puppet'
>   'host002':
> ip: y.y.y.y
> hostclass: 'ess'
>   'host003':
> ip: z.z.z.z
> hostclass: 'mdb'
>
> Now my task is to find out the hostname of the system belong to hostclass
> 'ess' , which in this case the answer in host002. I have to write an
> ansible script to find out the result. Can anyone help me in finding out,
> or any idea to approach for the problem.
>
> Issue Type:: Finding a phrase through ansible
> Ansible Version:: Ansible 2.4.0
> Component Name:: It looks similar to json type file.
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/f0e5742d-cdcd-473d-854d-decff5b2b283%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v8PTiV7f%2Bd5fmnC2CPO-7%3DLHJTGg8ygzRioaJmBSSKr9g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] finding a phrase through ansible script

2018-04-11 Thread Bishwajit Samanta



i am having a problem in finding solution. I have a piece of file which 
contains data in below format (json type with quotes)::-

hostinfo:
  'host001':
ip: x.x.x.x
hostclass: 'puppet'
  'host002':
ip: y.y.y.y
hostclass: 'ess'
  'host003':
ip: z.z.z.z
hostclass: 'mdb'

Now my task is to find out the hostname of the system belong to hostclass 
'ess' , which in this case the answer in host002. I have to write an 
ansible script to find out the result. Can anyone help me in finding out, 
or any idea to approach for the problem.

Issue Type:: Finding a phrase through ansible
Ansible Version:: Ansible 2.4.0
Component Name:: It looks similar to json type file.



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f0e5742d-cdcd-473d-854d-decff5b2b283%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ternary filter vs conditional expressions

2018-04-11 Thread Brian Coca

Even though Ansible is written in Python, Python devs are not the main
target of the tool, so being 'pythonic' is not really an aim of it.

The `ternary` filter is easier for people that are not familiar with
Python, but non programmers and those used to ternary structures in
other languages.

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7e7zDsPgtm8xrwKwZ9GQj808gqLMbx6kRo0b_o1DMG1gQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to recover from expected connection loss?

2018-04-11 Thread Uwe Sauter

Hi all,

I'm trying to reduce the size of the locale archive on CentOS 7.4 as described 
in [1] and [2]. Ansible version is 2.4.2.0-2.el7

For this I have a script on the client, that calls the needed commands:

## /root/bin/rebuild_locale.sh
#!/bin/bash

LOCALES="en_US:de_DE"

mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
build-locale-archive -l ${LOCALES}
##

The playbook looks like:

## playbook
---
- name: run preparations
  hosts: '{{ groups["image_creator"] | first }}'
  gather_facts: false
  tasks:
- name: recreate locale archive
  shell: /root/bin/rebuild_locale.sh
  ignore_errors: yes

- meta: clear_host_errors
##

Unfortunatelly, the required command "build-locale-archive" causes a disconnect 
of the SSH connection which causes Ansible to mark
the host down. "meta: clear_host_errors" doesn't help.

Any suggestions?


Regards,

Uwe


[1] 
https://unix.stackexchange.com/questions/90006/how-do-i-reduce-the-size-of-locale-archive
[2] 
https://stephane.lesimple.fr/blog/2010-04-29/fixing-a-locale-archive-breakage.html

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/cf1ec46f-b21b-4829-1c16-3a2bc00bb36a%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Ansible Python API 2.0 - capture warnings

2018-04-11 Thread Brian Coca

Warnings are not currently handled by callbacks, the Display class handles them.


-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7eFcKLzY5_doDDmQ17UTpsXkLCHkUwM6j2MgyLfFKJY6Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] create tepdir and copy file into it?

2018-04-11 Thread Michael Renner

Moin,

[...]
 

>
> If I understand you correctly you want to download to localhost, and then 
> copy it out to all the host in the play. 
> If so you need to add run_once and delegate_to. you need to add run_once 
> and delegate_to


[...]

CU 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3cb6fd1b-c821-45a4-b268-2d8710318ab2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Where to put files and templates that don't belong to a role

2018-04-11 Thread Clayton Louden

Hi Mike,

On 11.04.2018 15:25, Mike Garris wrote:
> I am in the boat of treating everything as a role. 
[...]
> Just an opinion on the "everything as a role" comment. 

An extra opinion is very welcome. If I'm the only person who doesn't treat 
"everything as a role" then maybe it's time to think about changing my ways ;)

Cheers!

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5dedf2e1-da45-0e8c-e30f-2b274972ba8d%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Where to put files and templates that don't belong to a role

2018-04-11 Thread Mike Garris

I am in the boat of treating everything as a role. 

|some_app
| |site.yml
| |roles
| | |some_app_name
| | | |vars
| | | |tasks
| | | |defaults
| | | |files
| | | |templates

Now you could, if needed, create a site.yml that would have variables to 
execute, or not execute, certain roles inside of the "roles" directory. 

site.yml

tasks:
- include_role:
name: some_app_1
  when: some_app1_variable == "true"

- include_role:
name: some_app_2
  when: some_app2_variable == "true"

This doesn't really get around your problem of having a generic location 
for files/templates. Just an opinion on the "everything as a role" comment. 

Happy Coding!!

On Wednesday, April 11, 2018 at 9:13:52 AM UTC-4, Clayton Louden wrote:
>
> Hi everyone,
>
> Where do you usually put files or templates that are just used in a 
> certain play but are not part of a role? Currently I do have them just 
> alongside my playbooks organised by play
>
> someplay.yml
> files/
>   someplay/somefile
>   someotherplay/someotherfile
> templates
>   someplay/sometemplate.j2
>   someotherplay/someothertemplate.j2
>
> This however is a bit awkward when using it in a play since I always have 
> to specify the play subfolder in files/ or templates/
>
> - name: Copy extensions.conf 
>   copy: src=files/someplay/extensions.conf dest=/etc/extensions.conf 
>
> Now this can be easily solved by converting that particular playbook into 
> a role and then just using 'templates/somethemplate.js' and 
> 'files/somefile' without the 'play' subdirectory. That however has the 
> side-effect that I'd have a rather stupid playbook that just includes a 
> role, which I find rather annoying:
>
> - name: Configure server 
>   hosts: mysinglehost
>   roles: 
> - role: custom_configure_server_role
>
> I've heard from other ansible guys that they treat 'everything as a role'. 
> Maybe it's just me but I find that opening a playbook just to find out that 
> it contains just one custom role a bit redundant. How do you guys usually 
> do this?
>
> Cheers!
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b3fe20fe-e799-472d-8490-79157f8cdf3a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Where to put files and templates that don't belong to a role

2018-04-11 Thread Clayton Louden

Hi everyone,

Where do you usually put files or templates that are just used in a certain
play but are not part of a role? Currently I do have them just alongside my
playbooks organised by play

someplay.yml
files/
someplay/somefile
someotherplay/someotherfile
templates
someplay/sometemplate.j2
someotherplay/someothertemplate.j2

This however is a bit awkward when using it in a play since I always have
to specify the play subfolder in files/ or templates/

- name: Copy extensions.conf
copy: src=files/someplay/extensions.conf dest=/etc/extensions.conf

Now this can be easily solved by converting that particular playbook into a
role and then just using 'templates/somethemplate.js' and 'files/somefile'
without the 'play' subdirectory. That however has the side-effect that I'd
have a rather stupid playbook that just includes a role, which I find
rather annoying:

- name: Configure server
hosts: mysinglehost
roles:
- role: custom_configure_server_role

I've heard from other ansible guys that they treat 'everything as a role'.
Maybe it's just me but I find that opening a playbook just to find out that
it contains just one custom role a bit redundant. How do you guys usually
do this?

Cheers!

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/e83b31a3-4b0a-4e97-805f-aa81bf4083ae%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Possible Bug in azure_rm_networkinterface module (Ansible 2.5.0)

2018-04-11 Thread f . floimair . commend



Hi everyone!

 

I am using Ansible 2.5.0 and I think I found a bug in the 
azure_rm_networkinterface module (either in the code or the documentation).

 

When I create a network-interface that should be used with an already 
existing Network Security Group (NSG), it never uses the existing NSG, but 
instead creates a new one with default values and the same name as the 
networkinterface, which is the default behavior if no NSG is provided as a 
parameter.

 

Steps to reproduce:

 

---

- name: Create VLAN, subnets, Public IPs and NICs for an Azure VM

  hosts: localhost

  connection: local

  tasks:

  - name: Create resource group

azure_rm_resourcegroup:

  name: testRG

  location: westeurope

 

  - name: Create storage account

azure_rm_storageaccount:

  name: "testSTORAGE"

  resource_group: "testRG"

  account_type: Standard_LRS

 

  - name: Create a virtual network

azure_rm_virtualnetwork:

  name: testVNET

  resource_group: testRG

  address_prefixes_cidr:

  - "192.0.0.0/24"

 

  - name: Create VLAN subnet

azure_rm_subnet:

  name: "testSUBNET"

  virtual_network_name: "testVNET"

  resource_group: "testRG"

  address_prefix_cidr: "192.0.0.0/28"

  

  - name: Create network security group (firewall rules)

azure_rm_securitygroup:

  resource_group: "testRG"

  name: "testNSG"

  state: present

  purge_rules: yes

  rules:

- name: 'AllowSSH'

  protocol: Tcp

  source_adress_prefix: '*'

  destination_port_range: 22

  access: Allow

  priority: 1000

  direction: Inbound

 

  - name: Create public IP address

azure_rm_publicipaddress:

  name: "testVM_ip"

  resource_group: "testRG"

  allocation_method: Static

  domain_name_label: "testvm"

 

  - name: Create virtual network interface card

azure_rm_networkinterface:

  name: "testVM_nic"

  resource_group: "testRG"

  virtual_network_name: "testVNET"

  subnet_name: "testSUBNET"

security_group_name: "testNSG" # this parameter seems to be ignored

  ip_configurations:

- name: "testVM_ip"

  public_ip_address_name: "testVM_ip"

  primary: True

 

Maybe someone can spot an obvious error.

 

This is what I have in my resource group “testRG” as a result of above 
operations vs. what I would expect

 

Resource Type   | Resource Name   | Expected | Status

+-+--+-

Storage account | testSTORAGE | yes  | OK

virtual network | testVNET| yes  | OK

subnet  | testSUBNET  | yes  | OK

nsg | testNSG | yes  | OK

nsg | testVM_nic  | no   | unwanted

public IP   | testVM_ip   | yes  | OK 

virtual NIC | testVM_nic  | yes  | Points to wrong NSG 
(testVM_nic)

 

Can someone reproduce this or find an error? Any help is appreciated.

 

 

 

 

With best regards



*Florian Floimair *Innovation - Software-Development -  VoIP & DevOps


*COMMEND INTERNATIONAL GMBH *A-5020 Salzburg, Saalachstraße 51
Tel: +43-662-85 62 25
Fax: +43-662-85 62 26
http://www.commend.com



*Security and Communication by Commend *FN 178618z | LG Salzburg

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d8297d18-d61d-4802-841a-7cd9fd1d10db%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Can we selectively install Windows Updates with Ansible

2018-04-11 Thread Dinesh Vashisht

Hello Team,

I am using *win_updates* module in playbook with *Ansible Version 2.4.2.0*.

Have a requirement for Automation of Windows Security and Roll-up updates 
patching, therefore categories selected are: *SecurityUpdates*, 
*UpdateRollups*. Patches identified are:

   - 2018-01 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 
   4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 on Windows Server 2012 for x64 (KB4055265)
   - 2018-04 Security Monthly Quality Rollup for Windows Server 2012 for 
   x64-based Systems (KB4093123)
   - Windows Malicious Software Removal Tool x64 - April 2018 (KB890830)
   

How can we skip installing updates for .NET Framework, because according to 
the previous experience it broke the application installed on server being 
patched.

Thank you,

Dinesh Vashisht

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7c8ed74d-902b-4111-ba04-b07f5fa70503%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] need help to install Visual studio code on linux machine through Ansible

2018-04-11 Thread Vishal Mane



I took a role to install vs code from github. now trying to run the role, 
it gets executes successfully, but vs code doesn't gets installed on the 
target machine.
my playbook is 
   
   - 
   - ---
   - - hosts: 
   -   become: true
   -   become_method: sudo
   -   roles:
   -  - { role: working-ansible-role-visual-studio-code, x: 42 }
   - 
   
I cloned the role from this path --- 
https://github.com/mhalano/ansible-role-visual-studio-code


runnung playbook as -ansible-playbook -i  .yml --ask-sudo-pass



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/21d4ff3a-05c3-4369-9366-3ca7dd34d3a6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Proper handling of host specific credential files

2018-04-11 Thread Jean Helou

Hi,

I am using ansible 2.5, I have gone through the best practices

but I fail to understand how I am supposed to properly handle
*host-specific* files.

My exact use case is handling vpn certificates for computers embedded in
cars. the vpn lets the cars talk to our internal servers.
Each deployed car has it's own vpn certificate and key allowing for
individual revocation. The .crt and the .key files really are host
specific.

Here is the tree I thought I could use :
.
├── inventories
│ ├── group_vars
│ │ └── mygroup
│ └── host_vars
│ └── demo-box
│ ├── demo-box.crt
│ ├── demo-box.key
│ └── demo-box.yml
├── playbook.yml
├── playbooks
│ └── setup.yml
└── roles
└── linux
└── openvpn
├── defaults
│ └── main.yml
├── files
├── meta
│ └── main.yml
└── tasks
└── main.yml

Unfortunately I can't seem to get the copy plugin to properly resolve the
.key and .crt files (the host vars are indeed processed)

my initial naive attempt for the tasks/main.yml was

- name: "Install client openvpn credentials"
copy:
src: "openvpn.{{item}}"
dest: "/etc/openvpn/{{ hostname }}.{{ item }}"
mode: 0755
with_items:
- crt
- key
tags:
- foo

When running ansible-playbook -i inventories/test.lst playbook.yml I get
the follwing error

AnsibleFileNotFound: Could not find or access 'openvpn.crt'
Searched in:
/home/ansible/ansible/roles/linux/openvpn/files/openvpn.crt
/home/ansible/ansible/roles/linux/openvpn/openvpn.crt
/home/ansible/ansible/roles/linux/openvpn/tasks/files/openvpn.crt
/home/ansible/ansible/roles/linux/openvpn/tasks/openvpn.crt
/home/ansible/ansible/playbooks/files/openvpn.crt
/home/ansible/ansible/playbooks/openvpn.crt

So it seems that unlike vars, default file lookup doesn't look into
inventory_dir at all. and also that using a top level file directory like
in
https://stackoverflow.com/questions/32830428/where-should-i-be-organizing-host-specific-files-templates?lq=1

in not going to work. Adding playbook_vars_root = all to ansible.cfg
doesn't help either as it seem to only apply to vars.

Based on
https://www.reddit.com/r/ansible/comments/29mnp3/where_to_store_perhost_config_files/,

I tried using lookup like so

- name: "Install client openvpn credentials"
src: "{{ lookup('file', inventory_dir + '/host_vars/' +
inventory_hostname + '/openvpn.'+ item ) }}"
dest: "/etc/openvpn/{{ hostname }}.{{ item }}"
mode: 0755
with_items:
- crt
- key

but that doesn't seem to be valid anymore in 2.5 (I get an error about
quotes but can't spot a quoting error) and this syntax is totally absent
from 2.5 documentation.

What is the "official" recommendation for this use case ?
I guess I could create 2 string vars for the key and crt files and use
ansible-vault encrypt-string instead of encrypt to secure the key. This is
a relatively painful process (as opposed to simply copying the files over
to the proper host folder) and we have tens of systems to retrofit into
ansible. I was hoping there would be a better solution for host-specfic
credential files.

thanks
jean

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/5c975118-37a4-42d4-aff6-e3fb9bc10852%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Hostnames with EC2 inventory plugin

2018-04-11 Thread flowerysong

On Wednesday, April 11, 2018 at 3:19:51 AM UTC-4, os...@apartum.com wrote:
>
> I'm testing the new Amazon EC2 dynamic inventory plugin. I need to set the 
> host names to the "Name" tag, but I don't understand the documentation. 
> Reading this: 
> http://docs.ansible.com/ansible/latest/plugins/inventory/aws_ec2.html I 
> understand I should write something like this:
>
> hostnames:
>   - tag:Name=Name
>
>
The inventory plugin does not currently have useful support for setting 
hostnames from tags. I submitted a pull request 
(https://github.com/ansible/ansible/pull/35880) to add this functionality, 
but it hasn't been merged yet.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7851c084-7697-4a54-bf0e-739c726012fa%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: HP ILO set from ansible (no OS installed)

2018-04-11 Thread Benny Kusman

Hi  Dave,

So i got this stupid question, where is the library of to put this hpilo ?
i was looking at https://github.com/ansible/ansible/issues/7633, but 
couldnt find the solution.

Thank you

On Tuesday, April 10, 2018 at 3:38:46 AM UTC, Dave H wrote:
>
> Hi Benny,
>
> There are a couple of development modules in the ansible docs, e.g. 
> https://docs.ansible.com/ansible/devel/modules/hpilo_boot_module.html, 
> but I have not used them.
>
> I use the python package from http://seveas.github.io/python-hpilo to 
> expose a command line interface and use an example playbook like the 
> following. You have to extract data from the output of the cli but it's 
> fairly straightforward and very useful.
>
> ansible-playbook -i "localhost," -c local playbook.yml
>
> ---
>
> - hosts: localhost
>   gather_facts: false
>
>   vars:
>
> ilo_host: "192.168.0.10"  # IP address / hostname of the iLO interface
> ilo_user: "x" # username for the user to log into the iLO
> ilo_password: "xx"# fetch from vault or other secret storage
> hpilo_cli_cmd: "hpilo_cli {{ ilo_host }} --json --login='{{ ilo_user 
> }}' --password='{{ ilo_password }}'"
>
>   tasks:
>
>   - name: Get current power status
> command: "{{ hpilo_cli_cmd }} get_host_power_status"
> register: hpilo_cli_get_host_power_status
>   
>   - name: Record power status
> set_fact:
>   power_status: "{% if 'ON' in hpilo_cli_get_host_power_status.stdout 
> %}ON{% else %}OFF{% endif %}"
>
>   - name: Power on server - if it is powered down
> command: "{{hpilo_cli_cmd}} press_pwr_btn"
> when: power_status != "ON"
>
>   - name: Reboot server - if it is powered up
> command: "{{hpilo_cli_cmd}} cold_boot_server"
> when: power_status == "ON"
>
> Hope that helps.
>
> Dave
>
>
> On Monday, 9 April 2018 09:37:15 UTC+1, Benny Kusman wrote:
>>
>> Hi,
>>
>> has anyone implemented setting up HP ILO using ansible, when the server 
>> has no OS yet ?
>> if the server has been installed and has hponcfg command, there is 
>> ansible module for it.
>>
>> But wondering, if anyone has tried to setup the server in the ilo using 
>> ansible (just simply specifying the ilo hostname, userid/password, port)
>>
>> Thanks
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3fd006d4-584e-4dee-86af-de13b3f18825%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: vsphere wait for vm powered off

2018-04-11 Thread Zeljko Dokman

Hi, thank you, your suggestion works. 
I am wondering are this options documented some where? or how can I list 
this option for a module?
Ansible documentation is not covering all this options or I haven't been 
able to find it.  

here is a working code 
   - name: Wait till {{ target }} is powered off
 vsphere_guest:
  vcenter_hostname="{{ vcenter_server }}"
  username=ansible@local.domain
  password="{{ vc_passwd }}"
  guest="{{ ansible_hostname }}"
  validate_certs=False
  vmware_guest_facts=yes
 register: vm_state
 until: vm_state.ansible_facts.hw_power_status == 'POWERED OFF'
 retries: 10
 delay: 5
 delegate_to: localhost

  
Best regards


On Tuesday, April 10, 2018 at 9:09:42 PM UTC+2, robert sanders wrote:
>
> change result to vm_state if youre using vsphere_guest
>
> register: vm_state
>   until: vm_state.ansible_facts.hw_power_status == 'POWERED OFF'
>   retries: 10
>   delay: 5
>
> On Wednesday, April 4, 2018 at 9:34:32 AM UTC-4, Zeljko Dokman wrote:
>>
>> Hi, I am trying to use this code to check VM power state and its failing 
>> for me with this error..
>>
>>  "msg": "The conditional check 'result.hw_power_status == \"POWERED 
>> OFF\"' failed. The error was: error while evaluating conditional 
>> (result.hw_power_status == \"POWERED OFF\"): 'dict object' has no attribute 
>> 'hw_power_status'"
>>
>> My playbook..
>> Enter code here...   - name: Wait till {{ target }} is powered off
>>  vsphere_guest:
>>   vcenter_hostname="{{ vcenter_server }}"
>>   username=ansible@mbu.local
>>   password="{{ vc_passwd }}"
>>   guest=mbu-zabbix-ccp
>>   validate_certs=False
>>   vmware_guest_facts=yes
>>  register: result
>>  until: result.hw_power_status == "POWERED OFF"
>>  retries: 10
>>  delay: 5
>>
>> i tried with 
>> result.hw_power_status == "POWERED OFF"
>> and
>> result.ansible_facts.hw_power_status == "POWERED OFF"
>>
>> both fail with a same error..
>>
>> Regards 
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bc04c776-0dff-4ab4-a1ab-c9021ff1e4ea%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ternary filter vs conditional expressions

2018-04-11 Thread rbarlik



I've been recently wondering about the ternary filter in Ansible. I've seen 
it used in a couple of places and it's also mentioned in the documentation. 
As you probably know, it's not a standard Jinja filter but one created in 
Ansible code.


I would like to understand why was the ternary filter created and why is it 
preferred (Ansible docs doesn't even mention the alternative syntax) over 
the more pythonic way of using python style conditional expressions 
supported by the Jinja library.


# python style conditional expressions
- debug: msg="{{ variable if variable is defined else omit }}"
- debug: msg="{{ 'yes' if variable == 'inline' else 'no' }}"
 

# Using ternary filter
 - debug: msg="{{ variable | ternary(variable, omit) }}"
 - debug: msg="{{ (variable == 'inline') | ternary('yes', 'no') }}"


To me, the first example seems more readable and uses a syntax familiar to 
python developers.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1a6b745e-c97b-47f0-a284-92052f4ac3bb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible Python API 2.0 - capture warnings

2018-04-11 Thread Suren Baskaran

Hello All
Been circling around the Callbackbase with all possible tries , but I could 
not find a way till now to capture these warnings from a playbook execution 
with the API output

[WARNING]:  * Failed to parse hosts/UAT/ dictionary, got: 

 [WARNING]:  * Failed to parse /hosts/UAT/ssh_keys/dbrun_46186_1_uat with 
ini plugin:: Expected key=value host variable assignment, got: RSA
 [WARNING]: Could not match supplied host pattern, ignoring: primary_host


Appreciate some help - on how to capture these warning messages when we run 
playbooks via the API?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ef04a81d-e203-4f5c-afc1-6570e2bbaeb2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] List of running processes form multiple linux hosts using with_items

2018-04-11 Thread smitconsultant2017

Hi 
I am trying to achieve all running processes on our linux machines via 
ansible and get output in a file along with each host name and processes. I 
have made below playbook but not getting to the point how to get list of 
processes for each host one by one and store in a file. Can anyone please 
help with the code how can I achieve this? I am using with_items with list 
of hosts which is coming from inventory group hostlist. many thanks

---
- hosts: all
  gather_facts: false
  tasks:

  - name: Get Running Processes
command: ps -ef
delegate_to: "{{ item }}"
run_once: false
with_items:
 - "{{ groups['hostlist'] }}"
register: process_list

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/34297f23-0ef1-47d1-bb98-2730a9079424%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Hostnames with EC2 inventory plugin

2018-04-11 Thread oscar

Hi,

I'm testing the new Amazon EC2 dynamic inventory plugin. I need to set the 
host names to the "Name" tag, but I don't understand the documentation. 
Reading this: 
http://docs.ansible.com/ansible/latest/plugins/inventory/aws_ec2.html I 
understand I should write something like this:

hostnames:
  - tag:Name=Name


But it doesn't work. Also tried:

hostnames:
  - tag-Key:Name


With no result. Also checked 
https://www.ansible.com/blog/dynamic-inventory-past-present-future, but 
gives no additional information about how to do it. Do you know the way to 
set inventory hostname to the Name tag? It's the configuration I'm using to 
test:

plugin: aws_ec2
boto_profile: default
regions:
  # Regions to include in the inventory
  - us-east-1
filters:
# Criteria to include hosts in the inventory
  tag:Environment: staging
  instance-state-name: running
hostnames:
  - tag:Name
  #- private-dns-name
strict_permissions: False

Regards,
Oscar

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ab55fd2d-24e8-4d1b-8576-fb1d665ee630%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How do I loop a task with variables defined in another file?

2018-04-11 Thread Olof Lundgren

This is what the task "Include user database" debug message looks like when 
its *jsonprettyfied*

TASK [Include user database] 

ok: [vyos-router.lan] => {
"ansible_facts": {
"users": [{
"configured_password": "abcd1234",
"full_name": "Olof Lundgren",
"level": "admin",
"name": "olof",
"ssh-key": {
"key": "x",
"name": "olof@olof-ubuntu-work",
"type": "ssh-rsa"
}
},  {
"configured_password": "vyos",
"full_name": "T7D VyOS default user",
"level": "admin",
"name": "vyos"
}, {
"configured_password": "password",
"full_name": "Servicedesk operator user",
"level": "operator",
"name": "servicedesk"
}]
},
"ansible_included_var_files": ["/home/olof/Documents/ansible/users.yml"
],
"changed": false
}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ae736e87-ee2d-4b4b-9ecc-b02004c24e05%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How do I loop a task with variables defined in another file?

2018-04-11 Thread Olof Lundgren

I have built a .yml file with a set of users that I want to push to my 
routers with vyos_user module.
This is my *users.yml*

users:
  - full_name:   "Olof Lundgren"
name:"olof"
configured_password: "abcd1234"
level:   "admin"
ssh-key:
name:"olof@olof-ubuntu-work"
type:"ssh-rsa"
key:  "xxx"


  - full_name:   "T7D VyOS default user"
name:"vyos"
configured_password: "vyos"
level:   "admin"


  - full_name:   "Servicedesk operator user"
name:"servicedesk"
configured_password: "password"
level:   "operator"


I built my playbook, but I dont know how to use this list of users in the 
play.

This is my attempt: *add-users-vyos.yml*

  - hosts:vyos
connection:   network_cli
gather_facts: no


tasks:
- name:   Include user database
  include_vars:
file: users.yml
#name: vyosusers


- name:add and set users
  vyos_user:
full_name:   "{{ users.full_name }}"
configured_password: "{{ users.configured_password }}"
name:"{{ users.name }}"
level:   admin
purge:   no
state:   present
update_password: always
  loop: "{{ users }}"


First it successfully plays the task "Include user database" and I can see 
the variables are defined 
The on the next task. my error message is this: 

TASK [add and set users] 

fatal: [vyos-router.lan]: FAILED! => {"msg": "The task includes an option 
with an undefined variable. The error was: 'list object' has no attribute 
'configured_password'\n\nThe error appears to have been in 
'/home/olof/Documents/ansible/add-users-vyos.yml': line 11, column 11, but 
may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe 
offending line appears to be:\n\n\n- name:add 
and set users\n  ^ here\n"}


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2786b0ea-458f-4ea2-882c-397859f2ad7a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

37 matches

Mail list logo