stankovnjs126: Wus sup?
mstankovstankov: Nothing much same old work.
Ove_I am running roles against a server, but in one of the roles I want to run stuff against ec2. However, it's trying to run it from the instance, even so with local_action: module: modulename
esetcould someone give short advice how do that ? https://hastebin.com/favixawoti.coffeescript
mjau^morns!
esetis there a way to run a task only if variable has a specific value in table?
BloqueNegro2i have a dict structure like this: https://gist.github.com/anonymous/1aa7a0467ad5641359b78994c50f0f47
BloqueNegro2but the newline in the for loop does not work as expected. do i miss something here?
esethey how to achive this: { lookup('pipe', 'ls -1 files/ |sed 's/domain.redirects//' ' ' ~ item ~ '.redirects') }}
esetI see everybody awake
BloqueNegro2setriously, i dont have an idea what ypu are trying to archieve
BloqueNegro2and this weird setup should be nowhere near a productive system, because if that fails at 2am, nobody is gonna fix that
xsseHi, I am using the synchronize module and trying to copy files from my remote_host folder A to folder B (one remote host as well). Is this possible somehow?
esetBloqueNegro2: I'm trying to us in lookup two commands
BloqueNegro2what about splitting that in two tasks?
esetBloqueNegro2: I need to make ls -1 on files/ folder and take only first two letters from aa.domain.redirects so I need to pull out inly aa
esetI wanted to use ls -1 | with sed
esetbut lookup('pipe', 'command with sed '' ' <-- the same ''
esethe doesn't recognize sed with quotes
yrcHi! I’d like to declare mail aliases in a loop in LDAP. So for each “cn=XXX,ou=aliases,dc=example,dc=org” I would declare 1-to-many rfc822MailMember. In other words, ldap_entry would loop over a list of hashes with 2 keys: one key for XXX, the other key for the aliases. How would I do that?
yrcMy problem is that ldap_entry’s attributes: would need to put a list after rfc822MailMember:, not a string…
yrcExample: I would like something like that: ldap_entry:¶ dn: "{{ item.cn }},ou=…"¶ attributes:¶ - rfc822MailMember: {{ item.members }}¶ with_items: - { cn: admin, members:¶ - member1¶ - member2 }
yrcHere I put only 1 item in my with_items, but the goal would be to define several aliases this way.
tumbleyrc, http://dpaste.com/2V7QDQT
tumbleor if I misunderstood, I need a paste that's readable :P
chielhi all, I'm setting up an ansible playbook and installing docker with it, however to install it I need to access for example the os release name (yakkety) - can anyone tell me where I can find a list of all the variables that ansible injects into playbooks?
yrcHey tumble! Thanks for answering. This is exactly what I want to do. Now, how do I use each item?
yrcEspecially the item.members (from your dpaste: http://dpaste.com/2V7QDQT)
yrctumble: ^
chielwah I guess it's facts I'm after
yrcDamn... Windows just decided it would restart in 4 minutes! I'll be back as soon as my tmux reattaches... :-(
tumblexD
bob_cheesey_can anyone suggest how i could go about getting the number of partitions on a disk? i'd like to loop over all disks and count the number of partitions to determine if i need to do something
esetOne more time maybe someone will have an idea: https://hastebin.com/heraseqatu.coffeescript
esetthe error I get: "template error while templating string: expected token ',', got 's'. String: {{ lookup('pipe', 'ls -1 files/ | sed 's#domain.redirects##'' ~ item ~ '.redirects') }}"}
tumbleyrc, http://dpaste.com/3HWVCQC
esethow to parse second command after '|' and with addiitional qutes sed 's///'
esettumble: maybe you? :)
tumbleeset, not much experience with the pipe lookup, I just noticed you have two apostrophes after your sed expression. seems wrong
tumbleah now I noticed, one is enclosing the entire expression
tumblejust exchange the outer ones with double quotes I guess
esettumble: that's the problem with quotes :/
tumbleeset, maybe like this: {{ lookup('pipe', 'ls -1 files/ | sed \"s#domain.redirects##\"' ~ item ~ '.redirects') }}
tumblepossible that you need to escape the backslashes as well, don't know
absolutejamHey guys, what's the best way to filter ansible hosts on a host var?
yrcThanks tumble. So multi-valued attributes would take comma-separated values? I thought I would need to use an actual list, just like the way objectClass is specified.
absolutejamJust make the play exit if the fact = whatever
absolutejamI worded that badly
tumbleyrc, oh I don't know about the ldap-specifics in this case yrc, been a few months that I wrote something like that. Just tried to show some ansible syntax to use such lists
tumbleeset, you can probably achieve the same without this shell-fu, by using the find module, followed by the replace module
yrcWell, thanks anyway tumble! Your example will surely help me :-)
esettumble: {"failed": true, "msg": "lookup_plugin.pipe(ls -1 files/ | sed \"s#casinocruise.redirects##\"casinocruise.redirects) returned 1"}
yrcAnyone here familiar with module ldap_entry?
tumbleeset, from the top of my head - http://dpaste.com/36E26DD
esetbut it renames those files locally?
tumbleoh, you want the resulting output to be in different files, not in-place replaced?
esetlike in that link I gave: in files/ dir there are {au,de,fi,no}.casinocruise.redirects
esetand I parsing it using variables {{ domain_name }} which is the casinocruise word 'redirects' is entered manually in the line. but it should take those fi,de,no etc from array
esetbecause in files/ there can be in future some other files like {fi,de,no,se}}.anotherdomain.redirects
esetand I will just manage which redirects file to copy from files/ with {{ domain_name }}
tumbleah, I just read above that you only want to extract this leading two-letter code and use it for something?
esetNo , I want to make them 'static' to be included always
esetonly the domain name in the middle fi.'domain_name'.redirects changes
esetbut thise fi,au,no etc must be always included that's why I made it with ls -1 | sed 's#domain_name##' to cut it of
esetand I had fi. , no. , se. , no.
esetthen paste only name from {{ domain_name }} and word .redirects which abviously always there
tumbleah okay, you want to list those files in files/ but instead of the entire name you want a list of the domain prefixes, nothing more, right?
esetyes
esetnothing more because there is '~ item ~`
esetand it's related to {{ domain_name }}
tumbleeset, try something like http://dpaste.com/35DEWE1
tumbleoh, not \d, but \w of course
tumbleor use whatever regex you prefer
esetok so How Can I use it copy module after that?
tumbleinstead of debug like in my paste, you use the copy module and insert that template as dest or in whatever way you need it
esethmm
tumblebut first you should figure out with the debug output, if the expression results in what you need
tumbleoh and your files/ folder is probably your local one, I guess, so you need to pass connection: local to the find task
tumbleelse it searches remote
esettumble: but where are {{ domain_name }} how I will parse another domain if new redirects files will pop in the files/ folder ?
diamonds_sent_medoes anyone know of a good pastebin alternative that isnt insanely ad laden?
asyduu.zoy.org
tumbleI see no ads on dpaste, but that might be my ad-blocker :p
diamonds_sent_me@asyd: thanks!
asydand uu.zoy.org provide security since data is encrypt client side before sending to the server
esettumble: but where are {{ domain_name }} how I will parse another domain if new redirects files will pop in the files/ folder ?
tumbleeset, http://dpaste.com/1X3PJ1G
tumbleyou can extract whichever part of the filename you need
tumbleyou can even do this in a separate task and use set_fact to store this in a variable like domain_name, if you prefer
esettumble: but where are {{ domain_name }} how I will parse another domain if new redirects files will pop in the files/ folder ?
esetsorry for spam :/
tumbledamn, had \d and \w mixed up again, that's what you get for recycling pastes. here a corrected one http://dpaste.com/0SWVVED
tumblebut well, you get the idea, regex is the key
esetsorry for spam :/
esetok I will check it but right now looking for manul create copy for all subdomains
esetbut copy doesn't work :/
absolutejamSo, my dynamic inventory returns `osname` for each host
absolutejamAm I right in thinking I can have a play in my playbook that uses `group_by` and use `hostvars[inventory_name].osname` to create a group per os
absolutejamthen my next task, only run against that group?
absolutejamI want to only run a playbook against Windows Server 2008 R2
amsatiquehi :}
Zhenechabsolutejam, like this? http://paste.debian.net/926052/
fsdhi everybody
esettumble: do you know how to execute shell command but in playbook dir ?
eseti don't want to put whole path ~/dira/dira/my_playbook/files folder but in playbook put: shell: and it executes command in ~/dira/dira/my_playbook/files but without gaving the whole path
tumbleeset, https://github.com/lorin/ansible-quickref see playbook_dir variable
reshefsHello Everyone, How can I access environment variables created by jenkins from inside ansible? when using '{{ lookup("env", "AWS_ACCESS_KEY_ID") }}' it doesnt work
tumblereshefs, lookups are executed locally, not on the remote machine
fsdcan i set a waiting period on a task between each host ?
reshefsyes i understand, jenkins and ansible run on the same computer
reshefsbut still it doesnt resolve this variable
Spauldingdifferent user?
Spauldingjenkins is running from jenkins user and ansible is using different user?
mjau^fsd: this might be what you're looking for: http://docs.ansible.com/ansible/pause_module.html
tumblefsd, if you're waiting for some service to start, maybe wait_for is an option for you as well
reshefsit goes like this:
fsdmjau^: yes but how can i iterate over my 10 hosts ?
fsdmjau^,i repeat 10 times my task on playbooks ?
reshefsjenkins runs, and then creates an ansible template from within the same user
absolutejamyeah Zhenech, like that
absolutejamI fixed the one I had - user error
mjau^fsd: run it with serial 1?
absolutejamBut the * was a great addition, forgot about that
Zhenechabsolutejam, >(
Zhenecherr, :)
Zhenechwrong keyboard
absolutejamIs that the best way of doing it?
reshefsanyone?
absolutejamBesides making a really wonky dynamic inventory
absolutejamI have a dynamic inventory that pulls from Active Directory already
absolutejamAnd I'm using the hostvar instead of a fact to save on grathering facts on all the hosts
tumblereshefs, I could imagine that the env variable is simply not set for non-interactive shells, the usual problem :P
absolutejamto speed it up
absolutejamalso, the play recap shows all servers because that's what I started with in the first task. Little annoying
tumblereshefs, how about putting it as encrypted host var instead?
fsdmjau^, why not, but i have to wait 5 minutes between each node execution (in my case, i have to do rolling update on Elasticsaerch cluster without kill them, so i have to wait reconstrution of shard between each host update))
reshefstumble, I want to pass the aws access+secret and also the jenkins BUILD_NUMBER
mjau^fsd: yes, so, serial 1 and the pause module should be able to fix that I think?
reshefsthe env variables do resolv in my python script that creates the jinja2 ansible template yml
mjau^fsd: also, what tumble suggested - the wait_for module - might be better suited
tumblereshefs, when you do a simple shell command like: ssh ansibleuser@jenkinshost "env", is that env set?
mjau^fsd: with that you could probably check that the shard is reconstructed and then go ahead, instead of waiting an arbitrary amount of time
reshefstumble, it is.
fsdmjau^, yes i will try, thx a lot guys :)
mjau^fsd: np, good luck =)
Zhenechabsolutejam, thats the most agnostic and inventory-independant way
Zhenechabsolutejam, of course, if your inventory already knows the data, it could just provide you with the proper groups?
tumblereshefs, when you run: ansible -m setup --user ansibleuser jenkinshost | grep -A20 ansible_env (possibly with ask-pass etc.), do you see the env then?
eok_I'm having some problem with using ipaddr in jinja2, when trying to extract the address portion from an ipv6 address (2001:222:2401:196::0/127) using {{ peer_ip6 | ipaddr('address') }}
eok_It will not accept that as a valid address. is it because it is a /127 and it will not accept the first address in a network?
eok_when the value is 2001:222:2401:196::1/127 it works
eok_only, I don't get this problem with ipv4 /31 addresses
petn-randalleok_: Someone asked a similar question yesterday. Might be a bug in the python netaddr library that it doesn't allow PtP addresses.
Zhenecheok_, technically, 2001:222:2401:196::0/127 is not an address, but a network. the only "available" address in this network is 2001:222:2401:196::1/127
Zhenech(that said, you can perfectly fine use this /127 for a PtP connection as petn-randall says)
Indrekhi, how to get hostname inside playbook? - debug: var= ansible_host doesnt work
Zhenechansible_hostname should do it
Zhenechor inventory_hostname
Zhenechor ansible_fqdn
Zhenechdepending on the value you are looking at
Indrekhttp://docs.ansible.com/ansible/wait_for_module.html
Indrekim trying to - local_action: wait_for port=22 host="{{ ansible_ssh_host | default(inventory_hostname) }}" search_regex=OpenSSH delay=10
eok_Zhenech: yes it was me who asked yesterday :)
eok_i'm trying this now: {% set ipv6_host = neighbor.peer_ip6.split('/') %}
eok_but then I get these elements: ['2001:222:2401:196::'], ['::7f']
eok_so i'm going a bit nuts here
eok_how can it get those from '2001:222:2401:196::0/127' when i'm splitting on '/'
Zhenecheok_, you dont (or rather, I do not.)
Zhenecheok_, sure that neighbor.peer_ip6 is just one address?
eok_Zhenech: i'll paste the relevant portions in a pastebin, hold on
mushrushuis it possible to specify variable in hosts as a list? something like this cluster_vlan_network: ['192.168.100.11','24','none']
eok_Zhenech: https://pastebin.mozilla.org/9018021
eok_here is the output: https://pastebin.mozilla.org/9018022
Neptuhej, someone knows how i get parameters from vagrant to provision de machines??
Zhenecheok_, ans how is "neighbor" defined? your paste only has neighbors
NeptuI mean I should setup a cluster of 10 machines but vagrant only spins the machine and does not send any information about what machine has spinned... so the provision script with ansible has not awareness about what to install
eok_Zhenech, its a loop over there that i forgot in the paste
eok_{% for neighbor in underlay.neighbors %}
Zhenechmhh, k
eok_Zhenech: this is the output if i change it to the first element: https://pastebin.mozilla.org/9018023
Zhenechthat looks correct now, no?
eok_no, link0: { spine: '2001:222:2401:196::0/127', leaf: '2001:222:2401:196::1/127' }
Zhenechaaah of course
Zhenechyou split 2001:222:2401:196::0/127 on /, so you get 2001:222:2401:196::0 and 127
eok_that's what i'm hoping for
eok_but i get 2001:222:2401:196:: and ::7f
Zhenechthe first piped via ipv6 is 2001:222:2401:196::, the second, is converted to 7f (=127 dec)
eok_and the last one doesn't even make sense
Zhenech2001:222:2401:196:: is the same as 2001:222:2401:196::0
eok_ahh, that's what it is..
eok_didn't even thing it could be hex
Zhenechyou force it to be hex by piping it to the ipv6 filter
eok_you would think it's the same, but its not since the all the others are also 2001:222:2401:196::
eok_like this one: link1: { spine: '2001:222:2401:196::2/127', leaf: '2001:222:2401:196::3/127' }
eok_ahh, so if i drop the ipv6 filter
eok_it should behave like i want?
Zhenechwell, if 2001:222:2401:196::2/127 also translates to 2001:222:2401:196:: then your loop or your set is wrong
eok_maybe, but what could be wrong?
eok_i just trying not passing it to the ipv6 filter now:
eok_ neighbor {{ ipv6_host[0] }} {
eok_and i get the same result
Indrekhttps://launchpad.net/~ansible/+archive/ubuntu/ansible
Indrekif i do ansible --version and it returns: ansible 2.2.2.0
Indrekhow to make sure i have 2.2.2.0-1 installed ?
zeotIs there any simple way to implement the ansible templating functionality in an action plugin, without writing my own jinja2 wrapper?
suteriIndrek: yum info ansible, apt-cache show ansible
craftytechhello folks: what's the best way to pass a list as an extra-var in cli??
craftytechwhen I do '-e list=[one,two,three]' and iterate in j2, it comes out as o,n,e,,t,w,o,t,h,r,e,e
Indrekit's driving me crazy. how can i debug hostname inside play?
miscIndrek: debug the hostname module ?
Indrekim trying to restart remote server and then wait for it like it says in manual
Indrekhttp://docs.ansible.com/ansible/wait_for_module.html
Indrekinventory hostname is undefined
square1ansible_hostname
square1wrong window :D
Indrekansible_hostname is also undefined
sdubeytrying to install elasticsearch but getting ""msg": "No package matching 'elasticsearch' is available"
eok_Zhenech: I have done some testing, and it is jinja2 fucking things up. when i change the mask to /126 both splitting and using ipaddr works fine with this address: 2001:222:2401:196::2
eok_changing the mask back to /127 it fails
eok_so my only choice is to convert all my linknets to /126
eok_and as stupid that is, it's not a problem
square1does ansible_managed not work on win_template?
square1it apparently does..
sdubeymy playbook - https://pastebin.com/ZkHKtEC2
reshefstumble, sorry for the delay. I receive: ImportError: No module named ansible.constants
tumblereshefs, that sounds like a broken ansible setup to me
suterisdubey: can you locate the package with apt?
reshefsansible (2.2.1.0) is my version
dmincayou're in virtualenv?
reshefstumble, I just googled it and I think it relates to permissions
halberomrcarrillocruz: hello, thanks for the fast response to #23217 and the merge, works perfectly with vEOS.
rcarrillocruzneat
reshefstumble, does ansible need to run with sudo permissions?
rcarrillocruzi also cherry-picked on stable-2.3
halberomnice!
BloqueNegro2i have a dict structure like this: https://gist.github.com/anonymous/1aa7a0467ad5641359b78994c50f0f47
BloqueNegro2but the newline in the for loop does not work as expected. do i miss something here?
BloqueNegro2it obviously works atm, but i would like to understand why i wont see a linebreak here
reshefstumble, I mean, I create the ansible template with jenkins, and run it with user jenkins but with sudo. but anyway the variable assignment takes place before I use sudo
asmodaircarrillocruz: Any idea if someone will add 2.2.2 entries to the stable-2.2 changelog.md?
asmodaiIt's sadly missing.
rcarrillocruznot sure, i haven't worked any patches for 2.2
rcarrillocruzlet me pull gundalow
asmodaircarrillocruz: Bit unfortunate omission since I always review changelog to see whether we need to update/migrate straight away at work. :)
halberomBloqueNegro2: you may be configuring jinja whitespace controls - e.g. if your template has `#jinja2:trim_blocks: True` at the top. And I seem to recall there's a jinja plugin option in ansible cfg.
suteriHow can I verify that ansible is running a task with sudo/escalation?
halberomsuteri: run with verbosity enabled e.g. `-vvv`, will show 'sudo' in the calls
suterihalberom: thanks
tumblereshefs, no, it does not require sudo at all to run ansible
tumblebut I'm a bit out of ideas why your vars aren't set and that the ad-hoc setup command doesn't even work doesn't help either ~_~
tumbleusually you have env vars in ansible_env, if fact gathering took place
suterihalberom: This is the only reference to sudo. Could you verify that this looks correct? --> "cmd": "/bin/rsync --delay-updates -F --compress --archive --rsh 'ssh -S none -o StrictHostKeyChecking=no -o Port=22' --rsync-path=\"sudo rsync\" --out-format='<<CHANGED>>%i %n%L' \"/var/www/html\" \"ansible@test@foo.bar:/var/www/\"
halberomsuteri: assuming you've got enough verbosity, you should see sudo calls to python files
halberomsuteri: if you're seeing calls to python files without sudo, then it's either missing escalation, or (if the actions work and require escalation) you're running as root
suterihalberom: No sudo calls afaict. I actually am running as root on local machine, but not at the remote one.
reshefstumble, so whats the problem then? i cant run your command because it generates error
BloqueNegro2halberom: ty, i'll take a look at it
tumblereshefs, you installed ansible using pip?
halberomsuteri: you're specifying a different remote user then?
suterihalberom: yes
halberomsuteri: ok, well, you'll need to provide more info if you want more help - e.g. a snippet showing task, and verbose output.
suterihalberom: ok I'll paste, thanks.
halberomlunch time for me, but someone else can prob help
reshefsyes tumble
tumblereshefs, I'm not familiar with that way, but maybe you try a --reinstall of ansible to get the missing module in
tumbleafter all, that's probably not going to fix your initial problem, however, it's always a good foundation to have a working ansible setup^^
tumbleI don't even understand how your ansible can work at all if you cannot execute the setup module on a remote host, because it's required for fact gathering in every play (unless you suppress it)
tumblebut maybe just the ad-hoc bin is broken
reshefstumble, another question please: I'm receiving "jinja2.exceptions.UndefinedError: 'lookup' is undefined" for lookup: {{ lookup('file', '{{ userdata_file }}
Merry_suteri: I'd double check that rsh part, isn't the syntax --rsh=""
jtannerreshefs: lookup is not a keyword you can use outside of the jinja expression
reshefswhat can I do then?
jtanner{{ lookup() }}
jtannernot lookup: {{ lookup() }}
reshefswait a sec I didnt explain myself correctly:
reshefs"{{ lookup("env", "AWS_SECRET_ACCESS_KEY") }}"
jtannerok, where did you put that?
reshefsinside my jinja2 template
reshefsdo I need to enclose that in another 2x curly braces?
jtannerhave you found an example somewhere that shows a lookup inside a template?
reshefsI saw some examples a while ago
reshefsnone worked for me
absolutejamis there a nicer alternative to `assert`?
jtannerlookups aren't meant to be used inside templates
absolutejamat the minute I'm using `assert` to see if something is already installed
reshefsso what is my option then?
absolutejambut it produces a fail output
absolutejamI'd rather have a step that checks if x is installed and exits the task as a success
jtannerreshefs: use the lookup in a task and register the result as a var, then use that var in the template
sdubeysuteri: apt-cache doesn't show package
suteriMerry_: thanks
suterisdubey: maybe your repository does not have the package, or there typos
absolutejaminstead of `when:` statements on each following task
reshefswhat I'm currently doing is performing the lookup under "vars" and inside the task i make the assignment to the var
reshefshttps://pastebin.com/znq8H9yE
reshefsso there is a variable resolution when creating the template, and when ansible itself runs
jtannerwhy do you have those raw keywords in there?
absolutejamnvm, I'll just split the tasks up into 2 files
absolutejamand have a conditional include
reshefsjtanner: when I create the jinja2 yml template i need to "escape" the lookups
reshefsi know i am probably doing something wrong or not the best practice, though it works (except for the env variables lookup)
reshefswhat would you do differently?
jtannerreshefs: why are you setting vars based on themselves?
jtannerdesired_number_of_instances: {{ desired_number_of_instances }}
jtannerthat makes no sense to me
reshefsyes it's kinda messy to say the least
jtannerthe first thing you need to do is get rid of all those raw keywords
reshefsok I will. what will I do with the lookups for the file and for the env variables?
jtannerdon't expect to send anything other than registered variables to templates ... you can't run code inside them
jtannerthe env vars: https://pastebin.com/gY0vgU8H
jtannerand in your templates, you should have {{ aws_access_key }} or {{ aws_secret_key }}
reshefswhat do you consider a template? the whole yml or whatever inside the "task"?
jtannera call to the template: module
jtanneryou really should thoroughly read through http://docs.ansible.com/ansible/guide_aws.html
reshefserm
reshefsso whatever is "ec2:" and on is considered the template?
jtannerno ... earlier you said "inside my jinja2 template", which meant you were using the "template" module in my mind
jtanneryour pastebin implies otherwise, so it doesn't matter
reshefsah
reshefsno, i considered this a template since i generate lots of these inside jenkins
reshefsbut in terms of usage, this is the only one i use
lisaphello :) I'm working with ansible 2.2.1.0 against windows servers and I have some trouble with "win_shell" module
reshefsi just generate ymls based on this file
lisapA simple PowerShell command execution returns "stderr": "Thread failed to start.\r\n"
lisapBut If I run the same command with "raw" it works
lisapI don't understand why it happens. Some extra info that helps me?
iron_houziWhat is the idiomatic way to do `ssh-keygen` on the remote node?
reshefsjtanner: the other operation guys here want a generated yml based on parameters that are sent from jenkins. for each build they want a yml generated template and then run ansible with that template whenever and however they want. is there soemtrhing wrong with that?
jtannerreshefs: generating yaml sucks
reshefsjtanner: thats the request I received.
jtannertry to use parameterized roles, or use an api ...
jtannersuch as the suitable python lib
reshefsany reference for that?
jtannerfor which?
reshefsparameterized roles
jtannerroles documentation covers that
jtanner!search roles
answerbot(jtanner) http://docs.ansible.com/ansible/#stq=roles
iron_houziNoone?
reshefsthanks. but can I achieve the same goal with these solutions?
jtanneriron_houzi: http://docs.ansible.com/ansible/user_module.html
iron_houzijtanner: Thanks!
jtannerreshefs: the request from your ops team is probably misguided, based on my experience with similar requests
jtanneriron_houzi: generate_ssh_key parameter
reshefsjtanner: they want a yml file for each jenkins build and then execute ansible manually/whatever/whenever they want. what is so wrong with that?
jtanner"want a generated yml based on parameters" ... that doesn't sound like static yaml
reshefsno no
reshefsthe parameters are permanent. the values not
jtannerokay ...
jtannerthe common pattern for jenkins/tower/rundeck etc to send variables to a playbook is to use extra vars
reshefsyes thats the old way we used to work with
malinoffreshefs: your ops requests' description is pretty vague. Can you paste an example playbook and parameters somewhere? (Don't try to make it actually work, just show us the idea)
reshefsafter being generated?
reshefsi will paste it in a minute. in the meantime i will explain the flow:
grealishHi, has anyone got a decent ansible.cfg example for maintaining in git? most online are 4+yrs old
reshefs1. user logs to jenkins and chooses parameters for AWS ec2 instance creation. 2. the parameters are sent to a python script that queries amazon for whatever else necessary, converts subnet names to ids and etc. 3. a template playbook yml file is created
reshefshttps://pastebin.com/jYssaJ1t
reshefshere it is
jtannerthose look like static arguments to me
reshefsyes. i used the template terminology because ymls are created based on this
jtannerthe values to those arguments can just be variables ... i don't see why you would want to "generate" a playbook
reshefsbelieve me i dunno why they want it exported to a yml file
reshefsbut I have to live with that request
jtannerprobably for some stupid audit-ability logic
reshefsmaybe.
reshefsbut anyway, I think you can now understand why im using the raw stuff
jtannerimo, it would be easier to generate vars files based on their inputs and to save those vars files as artifacts in the jobs
jtanner-e can take a yaml or json file as the value ... --extra-vars=@foo.json
reshefsyes that was the previous way it went
reshefsbut considering that we keep the current approach - what would you suggest me to fix?
reshefsI will remove the duplicate "desired_number_of_instances"
reshefsI also need to fix the lookup to AWS access/secret key because it doesnt work
jtannerhow do they plan to utilized these generated playbooks?
jtanneronce the jobs are finished
reshefsexecute ansible on a later stage
dzodzogreetings
dzodzoi'm using simple copy module from src to dest but i'm getting this error:
dzodzofatal: [lvt0004]: FAILED! => {"changed": false, "failed": true, "msg": "Unable to find '/etc/httpd/conf.d/icingaweb2.conf' in expected paths."}
dzodzoi found that copy module might have some bugs with relative paths but i use full paths
Merry_Anyone created VM's in Azure with azure_rm_virtualmachine and associated NIC's to them? Getting error when creating VM and specifying existing NIC, but everything's just as I specified in Azure...
jtannerreshefs: I have recommendations, but those would probably violate some sort of HR/partner relationships between our companies
jtannerif you catch my drift
dzodzooops ok, it seems i misunderstood the purpose of the copy module, fixed
KoFFiEhmm what would be the best way to detect if a system is using systemd?
reshefshmm
jtannerreshefs: just make it work whichever way you can ... you'll never get a "best practice" recommendation with that approach, so it's easier to just get it done and move on
reshefsyes thats what im trying to do
jtannerso if you have an error of some sort, paste that if you need help fixing it
reshefswhat would you do differently in terms of the lookups?
reshefsi need to lookup 3 ENV variables, and lookup 1 file
jtannerjust remove the "raw" keywords
reshefsbut it wont generate my template
jtannerthe ec2 module automatically reads ENV for those vars ... you don't need to do it
reshefsautomatically?
jtanneryes
reshefsreally. i googled it a ton and never saw that. but I will defeinitely check this out
jtannerhttps://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/ec2.py#L144
reshefswell I have 3 different aws accounts
reshefsso I dont want the default one stored in ~/.aws
reshefsthats why I have jenkins pass it
reshefsok I will check that
jtannerreshefs: if you look at the code stanza above, you'll see things like access_key = os.environ['AWS_ACCESS_KEY_ID']
jtannerit checks the module args first, then fills in from env vars for anything missing
reshefsyes, I just opened it and it goes right into my production credentials
reshefseven though my job sets AWS_ACCESS_KEY_ID and secret
reshefs(i use QA env credentials)
jtannerare you setting a boto profile or something?
jtannerenv vars can't have duplicate keys, so you must have the wrong env values set if it's picking up something different
reshefsmmm
reshefsok i will try setting these to some other param
reshefsi changed to something different than AWS_ACCESS_KEY_ID but it still takes the default credentials
gestahltHi
suteriIs there another way to copy a directory with content besides synchronize?
gestahltI am new to ansible and i like to manage use it for openstack instances and such
gestahltBut it looks like i have no openstack modules? How can i install them or find out if they are even missing
tumblegestahlt, how did you install ansible?
gestahlttumble: pacman -S ansible
gestahlttumble: it is version 2.2.2.0
gestahlttumble: i didnt find any other packages
tumbleany idea in what path it landed?
tumbleopenstack modules are in $ansible_path/lib/ansible/modules/cloud/openstack
reshefsjtanner: i renamed the jenkins AWS access key to 'AWS_ACCESS_KEY_ID_JENKINS' but it would still unresolve. any idea why?
jtannerthe code doesn't look for AWS_ACCESS_KEY_ID_JENKINS, i don't know why you would have renamed it to that
reshefsha
reshefswell, so what can i do if AWS_ACCESS_KEY_ID is already set?
gestahltCould this be correct? "/usr/lib/python2.7/site-packages/ansible/modules/core/cloud/openstack/"
reshefsonly pass it manually?
reshefsI mean, i don't want to pass this variable anywhere. i want it to be an env var
FruktdrikkI have some vars directories with both config.yml and config.yml.example files, but the example config is also loaded and breaks things. Is it possible to make ansible not load the example file while it is in the same dir?
gestahltI seriousy dont get it
gestahltI try to specify the module parameter with -M and enter the path where i found the modules. I always get the error: ERROR! 'os_networks_facts' is not a valid attribute for a Play (or whatever else i try which is documented for cloudstack)
Joelgestahlt, try showing what you're doing on a paste site.
wowzHi, is it possible to delete only directories that are empty with the file module?
wowzright now I'm using shell & rm -df but it throws a warning
gestahltThis is exactly what i do: http://docs.ansible.com/ansible/os_networks_facts_module.html
gestahltjust copied and pasted it
gestahltJust to see it work somehow. I bet i have to take care of auth issues later, but currently, it does not even recognize the attributes
tdtraskACTION submitted a pull request over a week ago, and have only seen activity from ansibot
tdtraskhttps://github.com/ansible/ansible/pull/22886
tdtraskany ideas how to get some feedback?
tdtraskor to get it approved?
vangapcan someone explain this behaviour, I am doing include_vars multiple times, I have a dictionary variable which stays constant through out the multiple requires I am doing
vangaphttps://gist.github.com/vanga/b5e68dda650d01667da2bccb74ca01e8
star_proneHi!
star_proneI watched this ansible presentation video https://www.ansible.com/quick-start-video, and tried to run one of the commands from the video "ansible web.local -a /bin/date" but it will show me some warning: [WARNING]: Host file not found: /etc/ansible/hosts
star_prone[WARNING]: provided hosts list is empty, only localhost is available
star_prone[WARNING]: No hosts matched, nothing to do
star_proneI use ansible 2.2.2.0 on macos
Mitigatingyou need a host file where web.local is define
Mitigatingd
star_prone@Mitigating: thank you! can you please give me more details? I don't understand exactly what I have to do. what do you mean by "where web.local is defined"?
star_proneweb.local is the target host
star_proneI thought it is resolved using /etc/hosts
star_proneor the DNS service
CrtxReavrstar_prone, that's an example for educational purposes.
star_proneCrtxReavr: should I understand that he already has the host file defined?
star_pronebecause this what I'm trying to do, to educate myself and I want to try it :D
CrtxReavrIt woudl seem that way.
Indreki have a playbook, it involves downloading stuff from internet. If i run playbook, then 7 times out of 10 i get network connectivity issues. One step is example downloading java.
IndrekIs it normal to ansible to fail in such things or should i search for inernet issues
petn-randallIndrek: You have network issues that need fixing.
chrisl_Hi
reshefsy0
reshefssorry I got disconnecte
reshefsjtanner: i renamed the jenkins AWS access key to 'AWS_ACCESS_KEY_ID_JENKINS' but it would still unresolve. any idea why?
jtannerwhat is your intent of changing that? i said before that nothing in the code is looking for *_JENKINS variables
permalacIs there any way to get a default value for item.proxy , just in case ? So for example the default value is "" , and if there is no proxy then it does not give me an error.
reshefsI need to lookup for an environment variable, so I won't have to pass it with my python script
Zhenechpermalac, there is a "default" filter
Zhenechpermalac, http://docs.ansible.com/ansible/playbooks_filters.html#defaulting-undefined-variables
permalacZhenech, I was wrong, I did not need a default, but instead I need the yum_repository module to not add the proxy line in case there is no item.proxy. (otherwise with the default I end up with a proxy="" on the .repo file and it breaks)
permalacZhenech, omit ?
permalacZhenech, YEAS!!!! thanks
LadyElusivehello
jwitkoHey All, is there any indication of a global handler in Ansible when using 'delegate_to:' in a handler? Currently my role is restarting Nagios once for each host it templates but I'd like it to be only once per play
jwitkoI'm seeing the documentation for Blocks but having a hard time understanding if that could be used for this?
raktajinojwitko: run_once
jwitkoraktajino, you can apply that to a handler and it won't execute more than once in the entire play ?
raktajinotry it and see
boomeris there a way to have the file module recurse and set modes on just directories and not the files in them? i.e. I want to basically make a dir and all subdirs g+ws
jwitkoraktajino, thank you it worked.
raktajinohooray
KippoHey guys and gals, good morning. I have a quick question, was hoping you'd be able to help.
reshefsIs there any way to pass a dictionary variable to ansible-playbook? it only parses the first line and quits with error
KippoI'm trying to develop a connection plugin for ansible; I've looked at the sample code on the github repo; I was just wondering if there was any better way to debug what's going on other than print statements.
bcocaKippo: you might want to try #ansible-devel
KippoLike a way to interactively launch a debugger on a given plugin
KippoAh word, didn't know there was a separate channel
KippoThanks @bcoca !
huwjrhey
huwjri have ~/.ssh/config setup with agent forwarding for certain hosts already, and i’ve just found the need to use it in an ansible play… how do I do that?
huwjransible -i hosts FOO -m shell -a 'ssh-keyscan -H bitbucket.org'
huwjrsuccess
huwjransible -i hosts FOO -m shell -a 'ssh -T git@bitbucket.org'
huwjrPermission denied (publickey).
huwjrssh FOO; ssh -T git@bitbucket.org
huwjrlogged in as …
raktajinohuwjr: use a gist please.
huwjri’ve just posted the command that failed… i don’t think a one liner needs a gist
flowerysongYou posted six lines.
huwjrsorry i bothered giving context and what I had tried
huwjrthis command failed: ansible -i hosts FOO -m shell -a 'ssh -T git@bitbucket.org'
Jmainguyhuwjr: try sshing to the host that is failing, as the user that is running the playbook
reshefsanyone?
Jmainguyand then running that ssh -T command
huwjri did that and it works
reshefsi need to pass a dict variable to ansible
Jmainguyhmmm
gileswheya ansiblers
huwjri also found it hung on new host keys, so added an ssh-keyscan
Jmainguytry adding a some -vvv's to your ansible command that is failing and pastebin that output
gileswi'm trying to write some tests for my module using travis
gileswthing is I want to have a postgres installed first so i'm looking for an example of a travis test for a role that installs dependencies
huwjrJmainguy: i can get it to work with ansible.cfg
Jmainguyah nice
huwjrbut i get 4 checks to use my ssh key which is mental
huwjrand i know someone told me in teh past that you can do it without that =[
huwjrany ideas?
huwjreverything i find on google seems to suggest i have to use ansible.cfg but i am 99% sure this is not correct
flowerysongreshefs: https://docs.ansible.com/ansible/playbooks_variables.html#passing-variables-on-the-command-line
boomerIs there a way to have the file module recurse and set modes on just directories and not the files in them? i.e. I want to basically make a dir and all subdirs g+ws, but skip the files in them
flowerysongreshefs: ansible localhost -e '{"foo":{"one":1,"two":2}}' -m debug -a 'var=foo'
Zapme?
finster!
iron_houziAny idea when 2.3 is available on Ubuntu PPA?
flowerysongiron_houzi: After it's released.
iron_houziPerfect!
iron_houziIs 2.3 on the verge of being released .. or is it still some time in pre-release before it's released?
raktajinoevery time you ask the release date is pushed back 3 weeks
takimballol
AdylasHello, using the blockinfile module. I try to add multiple line. Is there an escape to add before the next line ? ansible is complaining
huwjrJmainguy: fixed..
huwjri had ForwardAgent yes only for hosts i trust
huwjrif i just set it as on for all, it works with no problems
huwjrso i’ll just have to set it to no for ones i don’t trust going forward.
jtanneriron_houzi: this was just stated in ansible-meeting ...
jtanner#info Anisble 2.3 RC4 will be release shortly (maybe even today) Please test :) and report any issues via GitHub
iron_houzijtanner: Thanks! I might have to go for it then.. How does ansible release cycles work? Is it like Canonical or more like Valve?
jtannerumm ... it's more like ansible?
jtannerhttp://docs.ansible.com/ansible/dev_guide/developing_releases.html#release-schedule
iron_houzijtanner: Perhaps you're not aware about the software companies I mentioned. Canonical does every six months, with a hard limit, Valve develops games and only release when they consider their product to be stable ..
jtannerwe do a feature freeze, to cut off any new modules
iron_houzijtanner: Thanks!
jtannerthen at some point we make a stable-x.x branch for the release
jtannerbugfixes are cherry picked from devel into the branch
jtannerwe do a range of release candidates from the branch until things look good
iron_houzijtanner: How has python3 support been going so far? Are you happy with the move?
jtannerit's "done", aside from waiting for people to report issues with modules
jtanneri work on the bot all day, so all i see is py2
iron_houziACTION wishes jtanner the glory of f-strings and awesome-dicts
jtanneryes, i always feel bad about myself when i watch a raymond hettinger talk
iron_houzi:D
CustosLimenhi
CustosLimenso I was doing this {% set index = 0 %} {% for authorized_key in item.authorized_keys %} {% set index = index + 1 %}
CustosLimenbut its not working anymore since ansible 2.2.2.0
CustosLimenwhere can I see changelogs ?
phy1729If this is for ssh keys you could use http://docs.ansible.com/ansible/authorized_key_module.html and http://docs.ansible.com/ansible/playbooks_loops.html#looping-over-subelements
CustosLimenso I was doing this {% set index = 0 %} {% for authorized_key in item.authorized_keys %} {% set index = index + 1 %}
CustosLimenbut its not working anymore since ansible 2.2.2.0
CustosLimenwhere can I see changelogs ?
CustosLimensorry I may have said befoore but my internet went funky so dunno if it went through
CustosLimeni fixed it now by just using a range loop though
JmainguyCustosLimen: https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md
whereismyjetpackwow. looks like a solid release
whereismyjetpackreally looking forward to the vaulted vars feature
apathorhey. is there a special variable for the user invoking ansible?
boomeryes
boomeransible_user_id ?
apathorperfect. thanks boomer.
agaffneyisn't that the fact for the remote SSH user?
agaffneyif you want the user invoking ansible, you probably need {{ lookup('env', 'USER') }}
apathorah. in this case they are reliably the same but good to know anyway. thanks agaffney
hamzyhey y'all... I am seeing "ImportError: No module named os_client_config" and trying to figure out why ansible is not seeing that module that was installed http://paste.openstack.org/show/605545/
agaffneyhamzy: the ansible module os_client_config is looking for a python module called os_client_config, which needs to be installed separate from ansible
hamzyagaffney, it is already installed... the first command tests a basic python import of that module
agaffneyah, didn't notice that
flowerysonghamzy: No it doesn't. ansible -c specifies the connection type.
boomeroops, yeah, i wasn't thinking =)
flowerysonghamzy: You want ansible localhost -a 'python -c "import os_client_config;"'
hamzyflowerysong, I swore that I've already done a "sudo pip install os-client-config" but apparently not :( maybe it got sucked into a venv... sigh... so that works now
hamzythanks
andersonvomhey folks, I'm trying to run a task like "- shell: path/to/script arg1" and the first time around, ansible returns an error seemingly related to an SSH connection failure:
andersonvomread header failed: Broken pipe\r\ndebug2: Received exit status from master 0\r\nShared connection to IP closed
andersonvomthe second time around, it actually succeeds. what's a good way to debug what's going on?
agaffneythat sounds like a problem with the underlying SSH connection, which is generally due to network problems
agaffneydoes it reliably fail the first time and succeed the second time?
andersonvomagaffney: yup! consistently so.
flowerysonghamzy: It's a little weird that ansible doesn't complain about the bad value for -c, which would have helped you notice what was happening.
andersonvomagaffney: I'm guessing it's something related to how much output the script is getting on the remote machine, or something. but I can't know for sure, because all I see back from ansible is the module error message
hamzyyeah and I had it in my notes that I tested python locally with the -c import
agaffneyhmm, a quick tests shows that I can use all sorts of valid and invalid values with 'ansible localhost -c <whatever>', and it seems to just use 'local'
agaffneyI wonder if it gets ignored somehow with the implicit localhost
andersonvomor related to the output of that script in general. but I don't know how to debug what's going on. when I run the script locally in the remote host, it works just fine
agaffneywhen using something other than 'localhost', it does complain about a bad -c value
agaffneyit appears that it's because ansible_connection specified in the inventory (including for the implicit localhost) will override the -c option, causing it not to be evaluated
gregworkis there any reason to use ansible tower vs. rundeck pro ?
sivelsure
agaffneyI'm sure there are reasons, but they may not be relevant to your use case
gregworkwhat are commonly cited reasons?
whereismyjetpackRBAC IMO is much better with tower.
whereismyjetpackit was 'built' for ansible, so it feels natural to use.
gregworkcost of tower is pretty prohibitive compared to rundeck
gregworkat scale anyways
gregworki have about 5k windows/linux systems in my org, tower is a per system registration so at 70$ list thats 350k / year .. vs say 15-20k for a 2 node rundeck pro cluster which doesnt charge per node
gregworkthats a pretty preposterous difference
tryfanI know tower questions are frowned upon, but I have an issue with tower_group, which is community supported.
agaffneytryfan: they're frowned upon, because not a lot of people use Tower here, and it's a commercial product with commercial support
siveltryfan: yes, the tower modules within ansible are supported, but generally speaking you aren't likely to find many people with tower experience here
tryfanyeah, I guess my question is more tower specific...back to the fun that is red hat support. thanks anyway
systestanyone have experience with the systemd module? No matter what I do, enabling or starting a service always fails on the first time the play is run on the box
systestsubsequent runs are fine. feels like a race condition but I've even tried doing a shell daemon reload with a sleep after it before calling the module and it still fails
systesthttps://pastebin.com/Sdb27X1j
systesterror returned is "Unable to enable service consul: Failed to execute operation: Invalid argument\n"
craftytechhello: I'm including a playbook within a playbook, but when I try to register the output, I get error: "'register' is not a valid attribute for a PlaybookInclude"
craftytechdoes anyone have a workaround for this??
raktajinocraftytech: you can't parameterize includes at the playbook levevl
raktajinolevel*
craftytechgotcha.. so that means I can't capture the output ?
raktajinoyou can, but you would need to put it on each task. if you're asking whether you can register the output of an entire play to a variable the answer is (afaik) no
reshefsHello everyone, I am trying to pass a dict variable to ansible with extra-vars but it wont work. i dont want to pass the whole dictionary manually and dont want to use json file. what are my options?
craftytechraktajino: thanks for the 411
flowerysongreshefs: What are you trying that isn't working? Passing dicts works just fine.
flowerysongreshefs: ansible localhost -e '{"foo":{"one":1,"two":2}}' -m debug -a 'var=foo'
reshefsos.system("sudo /usr/bin/ansible-playbook --extra-vars {}".format(self.ansible_dict))
reshefsyes but i have a dict stored as a variable
reshefsi dont want to write the whole dictionary manually
raktajinouse combine filter
flowerysongThen...convert it to a format that ansible will accept.
reshefslike what? i'd rather not use a json file
flowerysongjson string or YAML string.
reshefserm, so you're saying i need to get rid of the new lines
sivelreshefs: import json; json.dumps(self.ansible_dict)
sivel--extra-vars takes JSON, so you should give it JSON
sivelyou may have to quote the {} also, so something like: os.system("sudo /usr/bin/ansible-playbook --extra-vars '{}'".format(json.dumps(self.ansible_dict)))
sivelmight also look at pipes.quote, and various other things to avoid bad security issues, and potentially subprocess.Popen instead of os.system
sivelsome thoughts
reshefsyes i just found it
reshefsthanks guys
reshefsstill: ERROR! the playbook: [us-east-1a, could not be found
E1ephant /buffer 16
sivelI'd have to guess that you are still building your command wrong. Also, that os.system invocation didn't include a playbook to execute
sivelreshefs: ^
reshefsyes i forgot to write it
reshefsbut anyway it doesnt matter as i run the command with it
reshefsthe object is now of a str type
reshefsdoes the json object i need to pass tolerate spaces?
reshefsi saw this example of flowerysong: {"foo":{"one":1,"two":2}} --> no spaces
joshbennerAnyone managing DNS zone files with Ansible? Looking for experience/roles/approaches that might be helpful in this.
gwenaeljoshbenner: DNS zone files??? Database is more powerfull
sivelreshefs: I just tested with the following, and it works without issue:
sivelos.system("ansible all -i localhost, -c local -e '{}' -m debug -a var=foo".format(json.dumps(foo)))
sivelwhere foo is defined as: foo = {'foo': {'bar': 'baz'}}
reshefsi formatted to json a line before. but will test it now
reshefssivel, thanks a lot. seems to work now. apparently i just had to add the single quotes :/
ImuMotiveHey everyone! Got a question. If I use a regex filter on a variable, how do I skip the regex when the variable is undefined and I just want to default to something instead?
joshbennerI think something like: var | default(someval) | otherfilters...
sivelmight also be able to use ternary. {{ (somevar is defined)|ternary(somevar|regex_replace('', ''), default_value) }}
daxoridI assume you all hate questions about YAML, so I won't ask. Can you recommend good resources for debugging YAML syntax errors at least?
siveldaxorid: perhaps http://www.yamllint.com
daxoridok thanks
chadmandoo_ hey all I have a question. When generating my ssh key on the main ansible server is ansible going to know which key is used based off the user? The reason I ask is I am going to be executing ansible commands via php and I'm not sure which user is responsible for running that, maybe apache?
chadmandoo_is there any way i can default to a certain set of keys?
ed___hello. sudoers only allows "su -" - how can i make ansible work with this? i've tried all combinations that i can think of
siveled___: ansible cannot support this mechanism
siveled___: `sudo su -` manually, and `visudo` and allow running any command via sudo
ed___sivel: thanks for clarifying! unfortunately too many systems
circ-user-TmkN7is there a quick start guide to be able to contribute to ansible ? with 0 github knowledge how does the process work
ImuMotiveWhat am I missing here? {"failed": true, "item": "main.cf", "msg": "AnsibleUndefinedVariable: {{ (ansible_ec2_public_ipv4 is defined) | ternary(ansible_ec2_public_ipv4 | regex_replace('\\.', '-') + '.' + domain_mail, hostname) }}: 'ansible_ec2_public_ipv4' is undefined"}
ansible-92758945cat I have a pseudorandom but idempotent oick from a list ?
reshefsdamn i backed off from using a template and now my ansible yml file generates a weird error
reshefsi have all my variables resolved
sivelansible-92758945: the random filter, accepts a seed, to make random selection idempotent: http://docs.ansible.com/ansible/playbooks_filters.html#random-number-filter
morpheus7hello - trying to configured ubuntu 16.04 interfaces with nmcli - getting this error, any pointers appreciated - bus=dbus.SystemBus()\r\nNameError: name 'dbus' is not defined\r\n"
sivelansible-92758945: that is in ansible v2.3 though, which is in rcv3
reshefsi am trying to do this: "{{ availability_zone|default(['']) * desired_number_of_instances }}"
reshefsand i receive ``` "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: list object has no element 1```
ansible-92758945sivel: thanks, i
ansible-92758945am on 2.2.2 though
Fluoransible-92758945, pre v2.3 supports idempotent random too with some small hacky tasks btw.
Fluoransible-92758945, i dont know by heart, google for idempotent random ansible.
ansible-92758945Fluor: i found something for 60 minutes, but that is rather easy .
ansible-92758945i will just use real random for now and fix idem later when the ubuntu sources are current
hashtagstrashtagHey all - Is it possible to configure the `expect` module to match cmd prompts which contain spaces?
sivelhashtagstrashtag: should be as simple as just doing 'some prompt': 'some response'
hashtagstrashtagahhh
hashtagstrashtagthanks for the pointer - is that just typical yaml syntax for a multi-word key?
sivelYAML is a superset of JSON, and accepts many of the same ways of defining things as JSON does
sivelin JSON, your keys are always quoted, and YAML allows that too
hashtagstrashtagahh, your explanation is much appreciated.
reshefsguys how can i find an undefined variable inside my playbook?
dch_reshefs: run with -vv and read the output carefully when it fails :-(
dch_it is in there, just well concealed
reshefsthats what im doing. but it;s not printing the missing variable
reshefshttps://pastebin.com/zNb0kYhv
reshefswhat could i be doing wrong?
larsksreshefs: can you also pastebin the complete error?
reshefshttps://pastebin.com/mnFwjNWL
larsksreshefs: the actual error is not about an undefined variable; it says "list object has no element 1"
larsksYou are indexing a few lists in that task...
larsks...vpc_subnet_id and availability_zone
larsksDo they both have an appropriate number of items?
reshefsyes i understand i have an undefined variable
reshefsi just cant find which it is
larsksThat...is not what I said.
raktajinoreshefs: you're referencing item.1 and your list has no item.1
larsksI even suggested a couple of variables to check.
reshefsraktajino: why not?
raktajinoaliens, probably
reshefsit all started when i converted from creating a yml template when everything workek to passing a json as extra args
larsksreshefs: back to my earlier question: what are the contents of vpc_subnet_id and availability_zone? Are you sure that they have range(desired_number_of_instances) values? Maybe add a debug: task before this failing task to verify?
larsksI see they default to a one-item list, both of which have no index 1.
reshefsAZ is a 3 item list, subnets is a list with an empty string
larsksreshefs: and what is desired_number_of_instances?
reshefs2
larsks...aaaaand you have just identified your problem.
larskswith desired_number_of_instances=2, you will loop with item=0, then item=1.
larsksBut vpc_subnet_id only has vpc_subnet_id[0]. There is no vpc_subnet_id[1].
larsksAnd that is the source of your error message.
reshefsthats not correct
larsksThat's what you just told me? "subnets is a list with an empty string"
reshefsbecause both vpc_subnet and availabaility zones lists are multiplied
larsksList indexes start at 0.
reshefsyes
reshefsbut look, earlier i enlarge the lists:
larsksI don't see that in the pastebin.
reshefshttps://pastebin.com/wC8Javm1
larsksThat's not what your original pastebin looked like, and my mind-reading isn't working today. Anway, I suggest adding a debug: task before the "Launch the new EC2 Instance" to verify that those variables contain what you think they do.
reshefshow come. thats my yml
larsksThis is what you pasted earlier: https://pastebin.com/zNb0kYhv
larsksThere is no "* desired_number_of_instances" there.
reshefsyes that was when i started debugging
reshefsi still get this error
reshefseven though im multiplying
reshefsmaybe i need to set these as facts?
ChrisWiHi ... I am stuck and need some help please ... it is about a template file ...
reshefsi really dont understand why it stopped working
ChrisWiI am looping over a dict and using 'RewriteCond "%{HTTP_HOST}" "{{ item.alias_domain | reject("###") }}"' which results in 'RewriteCond "%{HTTP_HOST}" "<generator object _select_or_reject at 0x7f2ad4af7460>"'
agaffneyChrisWi: add |list after the |reject()
reshefsdamnnnnnnnnnnnnnnn
reshefsi found it
reshefsI was referencing the lists twice when i worked with the template
reshefsand i used {% raw %} so it didnt resolve the first time
reshefsbah
ChrisWiagaffney: thanks ... just trying ...
ChrisWiagaffney: now getting a failure ...TemplateRuntimeError: no test named '###'
agaffneythat's due to your reject()
agaffneybecause ### is not a valid test
ChrisWiagaffney: http://paste.opensuse.org/70912332 ... I want to 'reject' list items which start with '###' ...
IslandUsurperIf I want a notification that a playbook run is finished, I could put a localhost task at the end of the playbook, but I don't see any way to include success information in the message. Is the proper way to wrap `ansible-playbook` in a script and inspect the return code?
agaffneyChrisWi: reject('match', '###')
raktajinoI don't believe ansible's return code is related to the success or lackthereof of the playbook run
raktajinoIslandUsurper: but you could look at existing callback plugins and modify one to suit your needs
IslandUsurperraktajino, what kind of callback plugins? I was kind of hoping for a magic fact but I haven't seen anything like that.
raktajinodoesn't exist to my knowledge
raktajinothe kind that come with ansible
agaffneythe exit code of ansible-playbook does mostly reflect the success/failure of the playbook run. look at the EXIT CODES section of the man page
agaffneyhttps://pastebin.com/kg72K3za
IslandUsurperOK, thanks, agaffney.
raktajinooh it does? neat. thanks agaffney
ChrisWiagaffney: thanks for help :)
agaffneyraktajino: I haven't verified, but the man page says so
raktajino2.3 has actual real man pages now?????
agaffneythis is in 2.2.2
raktajinoOMG
raktajinoi swear that didn't exist before
agaffneythe DEB packaging
raktajino♥ ♥ ♥ ♥
agaffneyit probably doesn't exist when installing via pip
raktajinoahhhh that might have been it. I changed my install method a bit back.
agaffneythe man pages have been there since at least 2.0, iirc
raktajinohax
agaffneyI didn't use ansible before that, so I have no idea :)
raktajinohaha n00b
agaffneyheh
raktajinoi remember when vault was a new feature
raktajinoACTION shakes cane get off my lawn kids these days etc
agaffneyokay, old timer
IslandUsurperHowever, now that I've found callback plugins, that's probably what I want to use. . . provided I can find the docs to teach me how to use one.
IslandUsurperGreat page about writing a plugin . . .
agaffneyIslandUsurper: the only real docs are the code
agaffneyhttp://docs.ansible.com/ansible/dev_guide/developing_plugins.html#callback-plugins talks a bit about how to enable them
IslandUsurperJust now found that.
IslandUsurperThanks again!
ChrisWiagaffney: how can I combine this match with another one ? reject two different matches ?
agaffneyChrisWi: yes, you can do two different |reject() calls, or just combine both matches into a single regex
agaffneyif the other match isn't at the beginning of the line, you may want to use 'search' instead of 'match'
ChrisWiagaffney: thanks ... didn't know that I can add reject()| reject() ...
agaffney|reject() spits out a list and |reject() takes a list
agaffneyas long as the output from the previous filter matches the expected input of the next one, you can keep chaining them
ChrisWiagaffney: ahhh ... got it now
mmercersince when does a 'when: groupname not in group_names' complained about undefined group name variables?
mmercerthis makes no sense
joshbennerIs there any decent way to conditionally include elements in an array in Ansible yaml?
mmercerjoshbenner: in the yaml itself? not that i am aware of; in a play, using when, sure
joshbennerYeah, I've got a list of things to specify to a module in yaml, but I want to conditionally exclude some of them. Hmm.
mmerceragaffney raktajino : either of you seen when check issues with ansible v 2.2.2.0? seeming to have issues with when: 'groupname' not in group_names which I am certain has worked in the past... but not sure if this is a bug, or if its a behavioral change that im not seeing documented
mmercerACTION falls down laughing
mmercerim an idiot
djadkCurrently I have some servers running haproxy as loadbalancer each server has 1, 2 or 3 ips assign to 1 interface. I know I'm able to get ip address using {{ ansible_default_ipv4.address }}. The deal is most of the ip address are not the deafult and I want to use template with a commun variable that store the correct ip address base on the host
peashttps://pastebin.com/5vg3mcAk
peasWhat am I doing wrong?
peasfyi, I'm not using notify: because I have subsequent tasks that depend on the new apache configuration being live
djadkpeas: is that a syntax error you are geting
djadkpeas: you please send error also, Im assuming base on your question
peasthere's no error, it just skips the reload task
peasbut doesn't even report skipping the task
peasis <var>.changed the right syntax?
djadkyou have notify: reload apache commented out
djadkwhy?
peasbecause that will wait until the end of the task list
peasbut I need it reloaded immediately only if the conf changed
peasapparently the default handlers are smart enough to know to only reload if there has been a change. Maybe I could include the subsequent tasks in another task.yml
peasbut not sure if the apache reload would continue to wait into the next task.yml instructions
djadkyou can try to force the hanble to run imediatly
djadkhttp://serverfault.com/questions/617548/always-trigger-handler-execution-in-ansible
djadkyou should uncomment the notify to see if it works
raspadosomewhat of a unique issue here, i use template which is delegated_to: some_other_host, and I use inventory_hostname inside that template, for every iteration of the hosts within ansible_inventory, that template is being updated each time
raktajinolook at delegated variables
drab_is there any way to group by a variable instead of a fact? so basically go through all/group_vars/host_vars and find all hosts that have somevar=true
drab_and run a playbook against them
agaffneydrab: facts *are* variables
raktajinodramaticchipmunk.gif
drablol
drabthanks, I guess I was still treating them as two diff things, ie facts callected from nodes by "setup" module Vs variables defined in group/hosts_vars etc
agaffneyfacts are host variables, but still variables
agaffneyI think that vars in host/group_vars are also considered host vars, as are vars defined directly in the inventory
agaffneyvs. vars defined with 'register' and such, which are not host vars (and aren't accessible via 'hostvars' and don't survive between plays)
raspadoraktajino: ok thx
johnzornIs there a list of ANSIBLE_ env vars somewhere?
flowerysongjohnzorn: https://github.com/ansible/ansible/blob/devel/lib/ansible/constants.py#L196
johnzornflowerysong, thanks
kplummerhey guys. i'm provisioning to digitalocean successfully, and am add_host'ing the machine then calling a playbook on those hosts. but i'm getting the ssh 'Are you sure you want to continue connecting (yes/no)?' thing. how do i set it up to auto accept?
kplummerfound it.