htaccesshow do i reference a viariable with jinja2 inside a yaml list?
htaccessi cant see whats wrong with alarm_actions: [ "{{ alerts_sns_topic['sns_arn'] }}" ]
htaccessthat var is fine if i debug it
motkif there's one thing ansible doesn't do well, it's layers of quoting and indirection
axintry {{ alerts_sns_topic.sns_arn }}
htaccessi have heh, turns out i had a single space in the wrong place, my lookup was fine as i discovered when i replaced it with a string and got the same error :)
twkif i had multiple devices ie "sdb through sdf", for multipathd, how would one be able to get the first "handler" from one of the devices
twkid ont want to be static with it and say "sdb" in case i have more vdisk
twkguess i could do a with items: -b -c -d -e -f, and then a "when" vendor == myvendor
twkhrmm no cant "with first found" on that
htaccessaww, i just assumed postgresql_db would support state: dump, like mysql_db does :( https://github.com/ansible/ansible-modules-core/issues/2731
htaccessi guess planb is command pg_dump
rawburtSo I put in a PR about 3 weeks ago, and I'm wondering how long the turn around time usually is? I'm not trying to rush, just curious. https://github.com/ansible/ansible/pull/25636
agaffneyrawburt: you should ask in #ansible-devel, but there won't be many people around at this time
rawburtGotcha
rawburtThanks
sm4rk0hey guys
sm4rk0I'm running devel version from git and run into problem with include "module" yesterday
sm4rk0it doesn't search the current task's dir when including another task
sm4rk0it expects it to be in the dir the main playbook is located
sm4rk0is it a bug or a feature?
sm4rk0So, in this case:
sm4rk0roles/myrole/tasks/task1.yml
sm4rk0roles/myrole/tasks/task2.yml
sm4rk0myplaybook.yml
sm4rk0if task1 is part of role referenced in myplaybook, I can't include: task2.yml, but have to include: roles/myrole/tasks/task2.yml
rdzhey all. i'd like to get a list of all hosts that have set a certain variable to a specific value.
rdzi wrote a playbook with a 'debug' task, that does it, but the output is barely readable
rdzso i wonder if there is way to get a more readable summary or if i should rather parse the ansible-playbook stdout to make it more readable
mbweMorning everybody, i was wondering, what is a good strategy to prevent (when running playbooks) that a loadblancer is always running, or differently put, i want to prevent that both loadbalancers are rebooted after i update those via ansible
memoryleakmbwe: How do you reboot them?
mbwememoryleak: via the playbook, not manually
mbweor that was the idea memoryleak
memoryleakAnd you want to prevent them being rebooted both at once or what's the goal exactly?
mbwethe goad that i don't want both loadbalancer to be down at the same time
peerstermbwe: Look at serial option. You can for instance specify serial: 1.
peerstermbwe: More info here: http://docs.ansible.com/ansible/playbooks_delegation.html
asdaljlsd??
asdaljlsdi bet theres one girl in this bitch who passed college?
asdaljlsdzzz
mbwehi thanks peerster
peerstermbwe: No problem at all
kurkale6kaHi. I want to reuse tasks from a role. So I've got role1 with tasks A,B,C and I need role2 with tasks A,B,D. Is there a way to reuse role1's tasks instead of copying them
petn-randallkurkale6ka: You can put tasks A,B in a different file and include it. Or create a "common" role and role1+role2 depend on it.
BiwaaHey all, I wonder if there is a way to wait the end of an RDS snapshot before continuing the script ? any idea how to do it ?
kurkale6kapetn-randall: I guess
MaZ-fg
MaZ-:( i need to stop typing shell commands into irc
petn-randall.oO( full grin? )
rdzhey all. is there a way to use different defaults based on conditions?
asydyou can use include_vars
rdzasyd, ok.. i'll check
asydrdz: something like http://uu.zoy.org/p/kBLqdg#x=SyWZABTXnQAPmVAA
rdzasyd, cool. thanks!
rdzasyd, include_vars wins over inventory group_vars.. this is not what i want
odyssey4merdz it sounds like you either want group_vars, or you're going to have to do some sort of structured var in your defaults
odyssey4mefor example: https://pastebin.com/JyJYT8FU
odyssey4meThat makes your life quite complicated though
rdzodyssey4me, yeah...sometimes it a takes a few round for me to understand what might be a good approach
rdzand i settled exactly with what you proposed. thanks
svshi all. has anyone used the jabber module in Ansible?
pirofexHey guys, I'm using ansbible on a windows control machine (Linux subsystem) and want to control another windows machine. For authentification I have to use kerberos. I configured everything as described in the docs and I have a valid kerberos ticket but when executing the command "ansible windows -m win_ping -i hosts.yml -vvvvvvv" I get an error message: "Server not found in Kerberos database". Can anybody help?
jborean93pirofex: I didn't know you could connect WSL to a Kerberos realm. My knowledge on Kerberos is a bit rusty but I believe that error is the SPN for the server has not been set correct or you aren't connecting with the FQDN of the target server
petn-randallWhere can I find a list of reserved keywords? I'm trying to access a nested dictionary called with {% for key, value in radius.ldap.update.items()|sort %}, but it's throwing me an error: AnsibleUndefinedVariable: 'builtin_function_or_method object' has no attribute 'items'
petn-randallAccessing a different leaf ( radius.ldap.user.items() ) works without problems. Both dictionaries are defined.
cognifloydIf two groups define the same group_var (via group_vars with inventory), and a host is in both groups, which group's variable wins?
cognifloydDoes ansible load them alphabetically?
petn-randallcognifloyd: AFAICS this is undefined behaviour, and you shouldn't depend on any behaviour you currently see.
cognifloydThat's what I thought.
cognifloydI was looking for a way to have an "all"-like group for a subset of hosts where I can define some defaults and only override them per-group if needed.
petn-randallcognifloyd: Why is it defined in both groups, though? It looks like a potential stumbling block.
petn-randallcognifloyd: Ah, there already is a literal "all" group, that has a lower precedence than other groups.
cognifloydYes, but then the variables will be applied to hosts where it doesn't make sense. I have 13 groups (so far) that are very similar with each other (but I need to be able to select and add variables to them separately). They are all children of a parent group. I want to be able to define some defaults on the parent group, and override them in the children groups.
cognifloydSadly, I don't see a reliable way to do that.
cognifloydBTW: If you need to add lots of dynamic groups as children of a static group, use a YAML inventory instead of an INI inventory. That way you don't have to list the groups twice. In YAML, they can be defined below children and not just as top level groups.
petn-randallcognifloyd: Personally I wouldn't provide any variables in the parent group. I'd rather have ansible fail than apply the wrong vars when I forget to set them in the more specific group.
cognifloydpetn-randall: That's a good way of looking at it.
steadfasterXhi. is it possible to set a list in a variable in the inventory? I want to set container=first,second and then be able to iterate over these in a task
steadfasterXsorry for the noise got it :)
dag__need help on this https://gist.github.com/houami/4e8fe450b219d2fb864a5fab605d5fdd
BloqueNegrodag__: not sure, but i assume that ansible tries to do lookup with the stuff from inside the csv
BloqueNegroit appears you rather want to cat it and get the output
BloqueNegromaybe try to use that in an debug step and show the output?
pantwebHello
jtannermorning
jhawkesworth_pirofex: "Server not found in Kerberos database" means the domain controller doesn't know about the machine you are asking about. So check the machine you are targeting is on the domain. Also - use the hostname and make sure the hostname resolves properly from within WSL.
pantwebDoes anyone know if ansible is able to run a script on a remote host containing a chroot command?
jtannerpantweb: as long as you connect as root or use become:true, i don't see why not
pantweb@jtanner I am having this problem... I am connected as normal user, but I do sudo (and I am in sudoers)
pantwebI tried both using raw with sudo -u root and command with become: true
jtanneryou have to extrapolate on "problem"
pantwebwell, if I try to run the script /etc/init.d/kibana start (which starts kibana within a chroot) via ansible, it returns 0... If I run manually via ssh, it works flawlessly
pantwebI tried handling the service via the service module, raw, command, shell
pantweball the same, I can properly stop or get the status, but not start... with an interactive shell, it works correctly (same user with sudoers)
jtannerreturns 0 ... isn't that good?
Jmainguy0 is good
zem0 is usually success
pantwebyes, but then the service is not there, no process spawned
zemwhat does ansible output?
pantwebadded set -x to get more logs in the script
pantwebI described the behavior in https://github.com/ansible/ansible/issues/26429
davidakcan i define the groups of a host in one line in the inventory?
jtannersome init scripts don't play nice with python subprocess.Popen ... but it's usually exposed as a failure to get the exit code
jtannerpantweb: looking at that script, i'm inclined to believe the script is lying about the successful start
pantwebwell, I agree
pantwebI added a emit $? to print the actual return code
pantwebbut it prints anyhow 0
jtannerreturn 0 ... that's going to prevent you from ever getting a "failure"
pantwebjust after the chroot
jtanneryou should return $emit
jtannersine $? is the exit code
jtannersince*
pantwebyep, I tried to print it for a test and I get 0 after the chroot
jtanneri dunno ... where are $program and $args set?
pantwebI updated the github issue to include the whole file
val2kHi, was someone able to move files based on a wildcard ?
dagHmm, another dag__ on #ansible ? Not sure the system can handle that :-)
bcocawe've had that for a while
fbacaanyone had issues with vault in 2.3.1? I set the ANSIBLE_VAULT_PASSWORD_FILE and I can encrypt, decrypt, view files but when I run ansible or ansible-playbook it keep throwing "ERROR! Syntax Error while loading YAML.". Already tried to specify the file from command line but still does not work.
fbacaok figured it out, first I need to make sure my file works fine before encrypting, it was an error in the var file :)
AntohHi all and thx for your work and support, i have a tech question, is it possible to set "hosts" directly in the roles, or its scope is limited to the playbooks / ansible-cmd-line ?
jtanneradd_host module
Antoh@jtanner thx, i'll try that ! <3
zem.///////////ac/wiin 1
zemwhoops
temmi_hoohookay i've got a problem with regex_replace()
Antoh@jtanner ok, the fact is that i just want to set a host has target in my role, not add a new one in the inv, add_host can not help me i guess
temmi_hoousing the following as part of a task produces wanted result _and_ error message vpn_ip: "{{ point_ip | regex_replace('172.168.([0-9])*', '192.168.132.\1') }}"
temmi_hoodoublequoting results in no error but also just unmodified point_ip in the file vpn_ip: "{{ point_ip | regex_replace('172.168.([0-9])*', '192.168.132.\\1') }}"
MaZ-https://gist.github.com/benagricola/1ce2688df8e7a7ab2fad7be72c6a0976 any idea what I'm doing wrong here? wait_for always fails with 'One or more conditional statements have not been satisfied' - I assume my conditional is incorrect but I can't work out what it *should* be to find the right tag
atomsHello, have question, i have 2 tasks first one runs for every host in playbook, second task should run only once with delegate to localhost (not on every host) if some host returns changed, if no hosts return changed it should be skipped
atomshow can i do that, cause if i register variable and in second task check that variable it will not change as localhost has not changed
petn-randallatoms: Use register, and use delegate_to: on the 2nd task?
atomsi use register on first task, and delegate_to on second
jtannerAntoh: host patterns are for playbooks, not roles
petn-randallatoms: Ah, then I don't have a solution, sorry for the noise.
Antohjust no way to hack this ? ok thanks ;)
atomsnp
atomsthe thing i want to make is: i have api for dns addind, and if one host is changed i need to trigger dns zone reload (with serial regeneration), and if i do that on every changed host then i would run out of serial per day, cause our dns system uses YYmmddXX format for serial, so 100 changes per day only
temmi_hoomoving the regex_replace from a lineinfile task vars: section to line: section resulted in same
smacz[m]One of my dependencies is being skipped, and all I can see with -vvvv is "skip_reason: Conditional result was False". Is there any way to debug that skip_reason?
jwitkoyou need to debug the conditional
jwitkothe skip_reason is telling you exactly whats happening
smacz[m]Well: This is what I'm running into: https://github.com/ansible/ansible/issues/26364
smacz[m]So I know the conditional that's being applied for the previous role, but it shouldn't be applied for the second role
temmi_hoohttps://pastebin.com/xmZ5fwEh
temmi_hooany idea on how the replace_regex() works and how should i solve my trouble?
djadkHey guys i'm trying to load some variables base on OS distribution but I dont want to use the when statement anyone If there is away I could make this work
djadkhttps://hastebin.com/raw/uhedepavef
smacz[m]OK, so basically the conditional was only being applied to the `include: ` statement, but not any raw tasks within that main.yml
agaffneydjadk: either use a dict or something like vars['nagios_' + (ansible_distribution| lower) + '_load']
agaffneytemmi_hoo: 172.168.([0-9])* isn't really a valid regex for an IP address. if you are trying to capture the third octet, you probably want 172.168.([0-9])..* or similar
agaffneyactually, 172.168.([0-9]+)..*
reelinhas anyone setup SSH bastion host connections with passwords?
temmi_hooagaffney: thing is: it produced the result I wanted along with error message
cluelesspersonhttps://hastebin.com/raw/amuvumonid
cluelesspersonouch errors
cluelesspersonThe error was: IOError: [Errno 2] No such file or directory: '/root/.ssh/known_hosts'
coco060Hello, I'm looking for a module to download something from an ssh server. Something like get_url but for ssh.
creadakcheck out http://docs.ansible.com/ansible/copy_module.html remote_src is what you're looking for probably
coco060not really, I want to download a file from X server into the ansible host
creadakSo from a remote server, to the machine ansible is being run from?
bcocafetch/slurp
bcoca^ not copy
coco060As I understant, fetch is to transfert a file from ansible host to ansible controller.
coco060In my case, I want to download a file from a third server, not the ansible controller, not the ansible host
coco060similar to get_url, but something like. get_url: sftp://my.remote.server.com/srv/data/my.binary.tar.gz
cluelesspersonHey guys, I'm new to ansible, and I'm attempting to run a command using a playbook against ios cisco devices.
cluelesspersonI seem to be having trouble getting ansible to login
temmi_hoocan you ssh into the cisco without asking password?
cluelesspersontemmi_hoo: I can
temmi_hooweird
cluelesspersontemmi_hoo: and... I literally got it to work, but I don't know why it works
temmi_hoodid you set up all of ssh options in .ssh/config ?
asydcluelessperson: ansible -vvv
cluelesspersontemmi_hoo: it seems I had to pass ansible host variables to the network module in order to interact with those devices.
cluelesspersonasyd: https://hastebin.com/raw/axujijusan
cluelesspersonasyd: Here's the playbook: https://hastebin.com/raw/azejefekaq
cluelesspersonnotice this annoying number: ssh_keyfile: "{{ ansible_ssh_private_key_file }}"
cluelesspersonI think that's where it passes the variable over to the network module
cluelesspersonokay, so it seems the module is supposed to default to ansible's defaults
temmi_hoocluelessperson: i'm using .ssh/config aliases in my ansible inventory
temmi_hoothey define the key file nicely
cluelesspersonfor a group, can you do something like, ansible_host=%h.core.example.com ?
ndoneganWhy not just put the proper hostname in the group in the fist place?
cluelesspersonndonegan: I want to name it differently, and have a playbook save the config as name.conf
ndoneganYou're probably going to need to look at add_host to dynamically create a group with the names in the format you want.
ndoneganhttp://docs.ansible.com/ansible/add_host_module.html
cluelesspersonndonegan: I don't think so, I just need the ansible_host varible to be %h.example.com
cluelesspersonlike an alias
agaffneyreelin: I don't think that you can, at least not with ansible handling the password
caphrim007can anyone tell me at what point the "environment" keyword takes effect? is it before group vars are loaded?
caphrim007at the playbook level i mean
agaffneycaphrim007: those are completely unrelated. the 'environment' keyword sets env vars on the "remote" host for each task
caphrim007agaffney: so what value goes in this playbook level env var if the env var is not defined and the port var is defined in a group_vars variable? "{{ lookup('env', 'SERVER_PORT')|default(port) }}"
caphrim007i get "" instead of the port variable value
agaffneycaphrim007: lookup('env', ...) is looking at env vars on the ansible "controller" host. the 'environment' keyword sets env vars on the *remote* host
agaffneyanything available to lookup('env', ...) should have been set in the shell *before* ansible was run
caphrim007agaffney: these are running with connection: local
agaffneyit doesn't matter. each task runs in its own individual subshell, so anything set via 'environment' doesn't survive that particular task
agaffneythere is no mechanism for setting new env vars in the ansible-playbook process
cluelesspersonhow do you suggest getting the datetime in a variable to pass to hosts in a command?
embikhey everyone, here comes a question you don't get everyday I guess. I'm using ansible on FreeBSD to manage jails and my jail manager sets rather odd names for the jail (ioc-<UUID>) but allows me to 'tag' them. My custom inventory script passes along that tag as custom variable. Now I'd like to target a specific jail with my playbook based on that custom iocage_tag hostvar
embikI'm unable to find a way to do that :-/
mattclayembik: Are you using the iocage connection plugin, or the jail connection plugin?
embikmattclay: the jail connection plugin, there's an iocage plugin?!
mattclayembik: Yeah, added back in December.
mattclayembik: It handles the translation of the tags to the actual jail name for you.
embikwell that's pretty nice
mattclayYeah, so if you're using devel or stable-2.3 you'll have that available.
embikalthough I guess I need to rewrite the dynamic inventory script for that
mattclayACTION nods
embik2.3.1.0 so I should be good
embikthanks a lot! I didn't know about the plugin
dumbitguy_hi guys, im curious if there is a way to end a playbook immediately with a conditional similarly to meta or fail/assert but without being a failure
Fluordumbitguy_, afaik you cant, but im not sure. there's other ways to accomplish the same though. conditional *include* of said playbook?
dumbitguy_that was actually the next thing i was going to look into. let me look into that, thank you
agaffneycluelessperson: there's the ansible_datetime fact, or you can do something like '- set_fact: my_date="{{ lookup('pipe', 'date') }}"'
bkeroHi there, ansible question. I'm attempting to use a role that has a variable 'config_file_template_path', which is a string to the path of the template. By default it references 'config.yml' (in the roles own templates/). How would I set that usefully?
agaffneybkero: it either needs to be an absolute path or a path relative to the templates/ dir relative to your playbook. you can potentially use {{ playbook_dir }} to help in constructing an absolute path
bkeroagaffney: Hmm, okay. All these solutions sound dirty.
bkerobut doable
agaffneyyep, but there's no "clean" way to inject a custom template into a third party role
agaffneythe only other option is to replace the in-role template with your own, which is even dirtier
dumbitguy_Fluor: the conditional insert works. thanks man
bkeroagaffney: that's a workable solution for now, thanks
jsaltshttps://gist.github.com/anonymous/990364069b3d506eb2859b0b12fa91df
jsaltswhat's wrong with my block syntax here?
agaffneyjsalts: are you getting an error?
jsaltsgetting a no such file or directory found error
jsaltsthat goes away if I collapse it
agaffneyit's probably the double quotes
agaffney> and | provide implicit quoting of the entire block
jsaltsah ok
jsaltsthanks
agaffneyin your paste, the quotes become part of the value
ChinnoDogJust upgraded to Ansible 2.3.1 and get the warning that when statements can't have jinja braces. They don't have jinja braces though. The braces are in the variable they reference. Is there an easy solution to this?
agaffneyChinnoDog: the warning is new in 2.3, and this is a known problem with the new warning. for now, you can just ignore it, as it's just a warning
ChinnoDogMy solution was to wrap the when statement in parenthesis. This requires me to be psychic though since there is no way to know weather a parameter passed to my role has jinja in it.
ChinnoDogagaffney: Are you expecting it to persist or go away in a future release? Just trying to resolve it the "right" way.
agaffneythere's a lot of...disagreement about that warning and how exactly to handle these corner cases
agaffneyI do not know if any decision has been made. you can always check out current 'devel' and see how it behaves there
ChinnoDogThere are a bunch of threads but I didn't see anything conclusive about weather it was here to stay or not.
agaffneythe last discussion I saw about it was during a core meeting a few weeks ago
ChinnoDogimho this would be a lot simplier if all jinja statements were in the same namespace and therefore when statements /require/ curly braces
bcocaChinnoDog: except conditionals are {% %} wrapped then the curly become 'recrusive'
agaffneythe problem is that 'when' statements are *always* evaluated within a jinja block....{% if <condition here> %}True{% else %}False{% endif %}
agaffneyyour case isn't one intended to be caught by the warning
ChinnoDogI know. The fact that some of the yaml is interpreted as being strings and the when statement being automatically wrapped is what is confusing.
agaffneywell, probably not...you haven't shown us exactly what is happening with your task and inputs
ChinnoDogbcoca: My knowledge of jinja falls short here. I don't know the implications of {% and %}
bcocaits already 'varaible context' so its like {{ {{var}} }}
agaffneythe thing the warning is intended to catch is 'when: {{ foo }} == True' or similar, which is "wrong" and tends to blow up without unnecessary extra quoting when using string types or similar
ChinnoDogNested variable context already works in other situations like variables referencing other variables that themselves are references. I don't see why the when statement would behave any different.
agaffney'when: foo == "bar"' vs. 'when: "'{{ foo }}' == 'bar'"'
Fadi_Hello everyone, I'm on the latest stable version of Ansible (2.3.1.0) and I'm getting the following error in my playbook: fatal: [10.104.149.109]: FAILED! => {"changed": false, "failed": true, "msg": "Failed to connect to S3: type object got multiple values for keyword argument 'calling_format'"}
agaffneyChinnoDog: that's not nested...that's "recursive"
Fadi_According to this: https://github.com/ansible/ansible-modules-core/issues/2907 it's because my s3 bucket name has a "."
Fadi_Which it does
Fadi_Anyway around this problem?
ChinnoDogagaffney: I understand. If that is all the warning was supposed to capture though it would only complain about braces if they were actually in the when statement and not further up.
agaffneyChinnoDog: as I said before, the warning wasn't intended to catch "recursive" vars, but it does as a side effect of how it's implemented
gabbottFadi_ I changed the ec2.py to_safe function to this: https://hastebin.com/ecitunefib.py
gabbottTo allow for periods in aws names.
Fadi_gabbott: where is this file usually located?
gabbottFati_ in your inventory.
agaffneygabbott: the error that Fadi_ is getting doesn't look like it's from the ec2.py inventory script
Fadi_agaffney, I'm not sure where this is coming from honestly lol
Fadi_This is my task that causes this: https://gist.github.com/farahfa/3fd9e656ad137f1d16cb201135d976ed
Fadi_agaffney: I put all the information that I got in this Gist (look at the comments also): https://gist.github.com/farahfa/3fd9e656ad137f1d16cb201135d976ed
linux_usertaking this into mind: https://stackoverflow.com/questions/35807868/ansible-add-unix-group-to-user-only-if-the-group-exists
ChinnoDogagaffney: I see. I guess I will have to wait and see what happens to it.
linux_userhow do I re-write this in "unwarned" manner? when: '"{{item}}" in etc_groups.stdout_lines
linux_userit gripes about "{{item}}" construction
ChinnoDogwhen: item in etc_groups.stdout_lines
cluelesspersonI'm confused by something. I'm creating a playbook to ssh into a bunch of cisco devices
cluelesspersonThey're all on the same version, same hardware models, etc. Same username, same ssh key
cluelesspersonI can ssh into them all manually with the ssh keys and run the commands
cluelesspersonhowever I get fatal: [zac-switch]: FAILED! => {"changed": false, "failed": true, "msg": "failed to connect to zac-switch.core.care-view.com:22"}
cluelesspersonhttps://hastebin.com/raw/baruzudili
agaffneycluelessperson: "failed to connect" implies a problem with the host/port
cluelesspersonagaffney: you'd think, but it's not.
cluelesspersonagaffney: uh. I just found that the only working switches are the ones on the previous version.
morgajelhey folks, I'm getting ready to do a presentation at work on writing ansible roles- could you give my slides a once-over and provide some feedback? https://docs.google.com/presentation/d/13Kwyiv_wcpa3nTRyIWtbKZsazQUIXkiAkwakPb5beGA/edit?usp=sharing
cluelesspersonwell, it seems I'm going to have to downgrade all my switches.
cluelesspersonmorgajel: what's your job title?
morgajelcluelessperson: Linux Systems Engineer
djp9823d3'evening
djp9823d3I have a 'when:' that contains: - target_environment == "o1" or target_environment == "ost" or tar....etc. Can I say target_environment in ('o1' or 't1' or 't2') ?
djp9823d3or, how can I save typing a lot? :)
agaffneydjp9823d3: target_environment in ['o1', 't1', 't2']
agaffneyit creates a list on the fly and then uses the 'in' keyword to check for target_environment in that list
djp9823d3agaffney: awesome, thanks!
djp9823d3the number of different target_environments are getting out of control
djp9823d3could I also define it as a variable on top, like: ota_envs = ['o1', 't1', 't2'] and then later say in my when clause: target_environment in ota_envs ?
agaffneyyes
djp9823d3last question then, since I'm now really getting to remove a lot of redundant text: Can i define a list env_t = ['t1', 't2'] and then define another that includes the previous list, like: env_ot = [env_t, 'o1'] ?
agaffneyenv_ot="{{ env_t + ['new', 'items'] }}"
djp9823d3nice, nice
djp9823d3thanks a lot
stochastixIs there a way to make copy: preserve the owner:user and permissions? Or do you have to specify what you want if you dont want it to get save as root, since i am running as root on the remote side?
stochastixIm not so worried about the owner:group as much as I am the permissions in the recursive directory copy I am about to make.
infiniverseevening folks
infiniverseACTION continues his ansible adventures.
agaffneystochastix: preserve the permissions from where? the source file on the host where you are running ansible?
infiniverseToday I’m struggling to work out how to select elements of a list based upon values of sub-attributes
agaffneythat's a bad idea in general, since most people keep their ansible bits in git, and git can't store the full set of unix permissions
stochastixYes, just how they are in my files dir in my role
infiniverseThis doesn’t work: networks | selectattr('hosts.address', 'match', '31.210.26.209')
infiniversei.e. select elements from the ‘networks.hosts’ list based upon the value of their ‘address’ attribute.
bcocainfiniverse: you are composing attributes ... that does not work
infiniverseFeels like a common pattern that ought to be expressible without doing anything really clever.
mmerceranyone have any suggestions on how to parse an xml tree (via url) in ansible and store a specific part without having to hand off to a shell variable ?
infiniversebcoca: I can do: network | map(attribute='hosts') | sum(start = []) | selectattr(‘address’) but that only gets the addresses, and I lose the context they were defined in.
mmercers/variable/module
bcocainfiniverse: not sure what you want, ansible is not designed for data manipulation
bcocammercer: a couple of xml modules in queue
infiniversegiven an address, I want to get the value of one of the other associated host attributes.
agaffneyinfiniverse: I *think* that {{ networks.hosts | selectattr('address', ...) }} will do what you want
infiniverseACTION tries it....
stochastixagaffney: If you want to copy over a chunk of files and preserve everything, is it better to run rsync through ansible or something?
agaffneystochastix: probably
stochastixok, im going to try with copy first to see how it goes. Then Ill see about just putting rsync on the remote side and sending it over that way. That would be more cool too :)
infiniverseagaffney: if I that I lose the network entry. https://pastebin.com/zHyKWS9m
qrkourierHello Room! I'd like to help troubleshoot an error and file a defect report and hopefully provide a patch for what I'm seeing if you would be willing to help me understand the traceback. I'm using HEAD from stable-2.3 with Python 3.6 and got "ImportError: cannot import name 'BaseVarsPlugin'" for ansible/plugins/vars/host_group_vars.py. I can reproduce the error by executing that .py file in a terminal.
infiniverseGiven an address, I want to locate the associated inet.mask
infiniverse(given there are a number of networks defined :) )
stochastixIs ansible able to show a progress bar for things like running the copy module?
infiniverseWhat I’m trying to express is: “Find the item in the networks list that contains the host with the specified address”.
infiniversethe jinja2 filters are kind of functional, but I’ve still not sure where the limits of the art of the possible are without writing custom filters.
infiniverseI guess I’m looking for the equivalent of an xpath or css selector match...
infiniversekind of thing.
qrkourierI see that host_group_vars.py wasn't present in the build of ansible-2.3 for Python 2.7, and weirdly there's no output from `git log build/lib/ansible/plugins/vars/host_group_vars.py` on stable-2.3.
infiniverseHmm, I wasn’t expecting this to work: debug: msg="{{ networks | selectattr('hosts', 'selectattr', 'address', 'match', '31.210.26.209') | list }}"
geethreehello strangers. Let say that I have a dictionary in host vars, and I wanted to write that to a yaml file on a remote host without a template.
geethreeIs there an easy way to do so?
infiniversegeethree: {{ some_variable | to_yaml }}
geethreethat will make it a yaml file on the remote host?
infiniverseI think that ‘copy’ can take an explicit input value.
geethreeinteresting
geethreewill try
infiniverseone sec, i’ll look it up.
defionscodegeethree what infiniverse and use it within the `contents` argument of teh `file` module
defionscodesorry I meant copy module
defionscodes/contents/content/
geethreeOK so copy: contents: {{ var|to_yaml }} dest:where_to_put
infiniversethat’s the one!
defionscodeyep, i thnk that should work
infiniverse(with quotes about the “{{ var|to_yaml}}"
infiniverse(probably)
defionscodeif using YAML literal for the task
defionscodewhich is preferred stylistically
geethreeoh fun. For some reason I had missed the contents option on the copy module.
infiniverseeasily done.
infiniverseloads to miss first tim around! :)
infiniversetime
infiniverse^wasn’t expecting to work^ …. and it doesn’t, but would have been nice :)
geethreeToday now a new error. On xenial it seems as if that docker_login docker_images modules are failing on me due to a lack of docker-py module. Though a) it is no longer the docker-py module (was fixed when they had updated docker-compose a day after 2.2 came out) and b) docker module is installed for python2 and 3
geethreehmp
geethreeoh
geethreeit doesn't?
infiniversegeethree, I was referring to my comment 20 lines or so ago.
geethreeperfect
geethree{{ var|to_nice_yaml }} woo
stochastixagaffney: I just discovered the synchronize module. An rsync wrapper.
agaffneystochastix: that can sometimes/often be more trouble than its worth
stochastixIm going to give it a whirl. The Copy module definitely did not preserve them.
stochastixagaffney: wow! Not only did it preserve everything perfectly, It sent 3 Gig over in almost no time at all
stochastixIm not sure what issues there were in the past, bu right now that module works great.
infiniversesynchronise is pretty good.
stochastixYea, its great that the default is to archive. Since that is what everyone has been after in the copy: module.
stochastixsrc and dest, and I was on my way. shabam
infiniversewe tend to use: rsync_opts: [“—chown=user:group”, “—chmod=750”] quite a lot
infiniversewhich works with rsync v3.
stochastixI think the biggest key to its speed is that it seemed to compress everything into one archive, then expand it on the other side.
stochastixwell, in big chunks in each directory it seems.
infiniverseif you use rsync a lot on the command line, you’ll understand how synchronize works.
stochastixYea, I have used rsync a lot
infiniversecheck the rsync man page if you want more details on it’s protocol.
stochastixI used to back everything up with it, until I started using borgbackup.
infiniverseor run ansible-playbook with a ‘-vvv’ play to see what rsync command it is running.
stochastixyea -vvv is so awesome hey lol
stochastixAnd all this stuff is just python. truly a work of art, ansible is.
stochastixSo much fun too, more fun than compiling a kernel
stochastixThe greatest thing about Ansible I think, is that when you build your playlists, and roles, you are literally taking notes on how to set up all the things, and then you have the benefit of it being automated too!
infiniversestochastix: nice to see the enthusiasm :)
infiniversestick with the learning curve.
SmearedBeardhey all - I am using the URI module and its' failing.. I think its something to with the variable for the URL but not sure, and not sure how to resolve it - https://pastebin.com/Gw0AjLVA
SmearedBeardthat has the output and play