raynoldahh it's a wonderful day
robinI'm using aws and a bastion host to connect to two webservers. I've got ssh config setup so when I connect to the webservers it tunnels through the bastion host. How would I do this in ansible? Also should I use the ssh config file or /etc/ansible/hosts file with ansible?
elijahDid the `tags:` property ever work for `include_role:`? Testing out an MR that is on 2.5 and getting the error "ERROR! Invalid options for include_role: tags". Which is fine, I'll remove the tags: property but I am concerned if I remove it because we share this role across multiple teams and I don't want to break anyones shit.
elijahahh, https://github.com/ansible/ansible/pull/28077 "Now include_role won't silently ignore incorrect options"
elijahSo I'll take that as a no, it did not work before
CarlFKcan an item be included in a list based on a condition?
CarlFKi only want -loop " when: voctomix.loop_url is defined "
agaffneynot directly
agaffneyyou can use a var with the list and something like 'when: "{{ some_list | reject(...) | list }}"' to filter the list on the fly, but I'm not sure if that'll work with the condition that you want
htaccesshi i have a question about using jumphosts with an in memory inventory
htaccesscan i set ansible_ssh_common_args: in add_host ?
agaffneyyou could also do something like 'when: item != "loop" or voctomix.loop_url is defined' on the task using the list
agaffneyhtaccess: you should be able to
htaccessagaffney: thanks, ill give it a go
CarlFKagaffney: um.. I always want that task to run, just don't include the "loop" item if "loop_url is defined"
agaffneyCarlFK: the 'when' is applied to each iteration, so it will only skip the iteration with item==loop
CarlFKohhh... neat
CarlFKwell. neat, but I suspect it would look pretty messy
CarlFKI may just move the loop into vars.yml
CarlFKbut after dinner . :)
PraxiI have a win_shell task that seems to just hang waiting for a response from a remote server, I know if I turn around launch the task again, it will immediately work. How should I handle this?
apteryx_My machine kills SSH when I issue "apt update". wth... has anyone ever seen this?
PraxiI'm assuming async, but not sure
apteryx_seems to be related to my use of .ssh/config
apteryx_The SSH alias names defined therein match the actual HostNames, maybe this isn't a good idea.
apteryx_The server I thought I was SSHin into wasn't the correct one, but the domain name shows as the correct one... totally crazy.
msnis there someway to loop over both the main and sub dict in this http://paste.debian.net/998101/
Tom-813-484I have a command for yum to install some files but sometimes it fails. How can I have it retry the failed task x # of times? Here is what I have this https://pastebin.com/hrxXg5yX
Tom-813-484but sometimes the yum install times out
msnis there someway to loop over both the main and sub dict in this http://paste.debian.net/998101/
nigelbmsn: There are ugly ways to do it (I think)
nigelbfor instance you loop through top level elements of network and pass the "item" to an include.
nigelband then you loop through zones inside in a task inside the include
nigelbI remember doing this a long time ago
nigelbhttps://docs.ansible.com/ansible/latest/playbooks_loops.html#loop-control <-- Something like this?
msndamn so much more easy in salt :
narbehhey guys, I have a problem in playbooks. Well, the thing is, I'm running ansible -m setup and it returns complete info, but I cannot get results from playbook. here is my playbook: http://paste.ubuntu.com/26070320/
narbehany idea guys ?
Pistahhnarbeh when running playbooks those outputs are omitted
narbehPistahh: thank you for the reply, how can I get the filtered results in the output? even possible ?
narbehPistahh: or something like print statement in plays to print ansible_hostname ... sth like this
Pistahhyou can try adding "register: myvar" to the task then add a new task: "debug: var=myvar"
Pistahh"debug: var=ansible_hostname"
survietaminenarbeh: if you want facts, don't turn facts off
narbehPistahh: fine, let me check
narbehsurvietamine: I want filtered facts to see them in the output,
gypsymauroI'm new to ansible, I'm reading following the tutorial but I want to ask you if I can achieve this target: I want to use ansible to connect to all my linux servers , understand if is a debian or a redhat os, then print out the list of the installed sw (dpkg or yum) then store the result into a local file, can I=
survietaminenarbeh: yes, you can use, for example jinja filters. But there will be nothing to filter if you turn off facts
narbehsurvietamine: got it, thanks. let me try Pistahh's suggestion
narbehPistahh: would you kindly please modify my playbook and add the debug function? i'm a little bit lost
survietaminegypsymauro: yes, you can
Guest55716hi, if say I have 10 target systems and have these keyword set serial: 5, max_failure_percentage: 49 is that mean that play will continue to execute if I two node failure?
gypsymaurosurvietamine: great :) thank you Obama
narbehthis playbook returned error, whats wrong ? http://paste.ubuntu.com/26070583/
iTeVHi, is someone here able to help me out why the when conditional in my playbook is getting ignored? - https://pastebin.com/raw/fLnFfXCS
karimbiTeV mayeb == True ?
karimbmaybe i meant
iTeVnah,I dont think so as I reviewed the output of test.stat and it return "true" instead of "True"
iTeVbut I could give it a try
iTeVnope, sadly does not work
karimbiTeV yeah in my case it works in both cases actually
karimbiTeV try with stat module directly
karimband use double quotes too
karimbiTeV https://pastebin.com/YB9NyiJs
karimbsomething like this
iTeVsadly still the same error karimb
karimbwhich error do you get ?
iTeV[WARNING]: Unable to find '/etc/ansible/roles/updates/post_vars/centosserver.yml' in expected paths.
iTeVwhich is true
iTeVcuz in this case centosserver has no commands to execute
iTeVthats why I implemented the when conditional
iTeVto check if the host has a existing file
halberomiTeV: the problem is most likely your lookup
iTeVhalberom, this is the contents of both of the lookup files - https://pastebin.com/raw/PGv7DQTK
halberomiTeV: your lookup has no when condition, so if the file doesn't exist, it will error
halberomline 5 of your paste
iTeVhuh, I tested this, If lookup doesnt find the file it will return a "false" boolean in stat.exists
strk(how) can I specify environment variables shared by all steps in a task file ?
strk(ie: all tasks)
iTeVhalberom, like this: https://i.imgur.com/d3cfS6s.png
drymekstrk: - hosts: all
drymek vars:
drymek key: "{{ lookup('env', 'KEY') }}"
karthykI dont even know why i am in this channel
karthykwth is ansible anyway
iTeVhow tf did u join the channel lol
iTeVkarthyk, https://www.ansible.com/how-ansible-works
karthykI don't remember, how i joined this
Pistahhkarthyk: probably you wanted to join #python but made some typos
gypsymaurothere is a way to copy a file from remote to local? it doesn't seems possible with the copy module
halberomiTeV: perhaps put up a paste of verbose output of your play, as far as I'm concerned, you'll get at least one error with the execute command task which will fail because the {{ file.command }} will try and use the lookup and that will error with unable to locate file.
iTeVaight ill get onto that
halberomgypsymauro: fetch
karthykgypsymauro: use scp
iTeVhalberom, you want the full verbose output?
iTeVor just where the stat comes in?
halberomwhatever is before, and during the error
iTeVhalberom, - https://pastebin.com/raw/YDtVVY4R
halberomwhat's that supposed to be?
strkdrymek: is then "key" going to be defined as an environment variable for all tasks run on every host ?
drymekstrk: other way: environment variable will be register as variable
halberomstrk: you may want to read http://docs.ansible.com/ansible/latest/playbooks_environment.html
halberom(if you haven't already)
iTeVhalberom, did u take a look at the verbose output? Apperently my bouncer did save the msg history
iTeVDid not*
strkgreat, "environment" is what I'm looking for, now to figure out where hosts are set when running from Vagrantfile
gypsymauroanother sill question, I want to generate a report for each host, but it seems that template generate a complessive report, suppose that I want to print out hostname, ip address, motd and some other things of an host and put them in a txt file , one for each host
halberomgypsymauro: use a template - http://docs.ansible.com/ansible/latest/faq.html#how-do-i-loop-over-a-list-of-hosts-in-a-group-inside-of-a-template
do0mACTION bom dia
gypsymaurohalberom: yes I know that, but I want to generate a single file for each host, is it possible?
halberomgypsymauro: of course, that's how the template module normally works - per instance in the play.
halberomgypsymauro: just need something like - hosts: yourgroup tasks: - template: ... delegate_to: localhost
halberom(assuming you want files written locally)
Pistahhgypsymauro: I would run a script on each host that would generate the report, putting it into a file on that host itself, then use the ansible fetch module to pull it down from the host
strkshould postgresql_db honour env variables for libpq defaults ? (ie: PGHOST)
carl-just trying to touch a file .. and failing with "Permission denied" .. it works from cli .. however having a task displaying id it seems i am not root ..
carl-in the play there is remote_user: root
carl-so what could be wrong when it is not running as root .. what am i missing here ..
carl-become ..
strkwhat's the difference between "defaults" and "vars" ?
Kim^Jstrk: defaults can be overriden by vars/group_vars/host_vars, vars not so much.
Kim^Jstrk: http://docs.ansible.com/ansible/latest/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable
KBmeis it possible to replace (overlay) an official module in my ansible directory for testing?
KBmeI am having issues with the cloud/lxc_container module and would like to test different fixes for it
Kim^JKBme: Yes
KBmenice! so how does it work? is there official documentation for this?
KBmeoh it looks like it's not as simple as just dropping a module into my playbook dir
halberomKBme: it's very close though - http://docs.ansible.com/ansible/latest/intro_configuration.html#library
KBmeANSIBLE_LIBRARY env var. perfect. halberom what is the directory structure required in this? same as in site-packages/ansible/modules/?
needlehowdy. If using roles and a playbook has include_role: is there a way to register a variable for a included role?
matglasIf I'm correct the variables are passed to the include from the playbook. When you do import that is not the case.
needlematglas: I meant the other way round if a included_task has been executed, is there a way to register a variable from that included_task so it would be read int the main.yml?
matglasAah ok. Good question.
halberomKBme: ? as it says, you just add dirs if you need more than the default ./library
KBmeoh. ./library. ok!
KBmethank you halberom
halberomneedle: play calls include_role which registers var that you want to use later in play?
msnis it any way to dynamically updaate a list with new variables as the tasks are completed. I am trying to create a network on aws which spans 2 regions and 5 azs, I want to dynamically while creating a the network components update the intial data with the net network component data
halberomyes, set_fact is one way
msnfor example add vpc_id, 3 subnet_ids, gateway ids and nat ids to the same variable so that i can access the same later for application while creating ec2 and other resources
halberomthough you could just register results and work on the returned info
msnI think I missed the part I want to iterate over the intial variable so everything is craeted with smalled ansible "code" and the results are available for iteration
needlehalberom: yes, i want to register the output from a included_task than give the result the main.yml and there want to decide with when: what to do
halberomif you use the initial variable in your first task, the items will be available inside the returned results
matglasneedle, this might be helpfull too. http://docs.ansible.com/ansible/latest/set_fact_module.html
halberomneedle: have you tried doing just that?
msnHere is my intial variable http://paste.debian.net/998101/ the real one also add aws_region,
needleif everything is written in a plain file without includes it works with register, however when I do inclued i have no register: output form included_task included_role
msnand I want to add vpc_id at the top when vpc is created, then when I create subnets 3 in each az i want to add the subnets in the zones part
msnsubnet_ids i meant
msnI am able to retrieve the variables but can't seem to update anything
halberomansible is built around constants, so you can't update vars, you have to overwrite them
msnsince set_fact needs to iterate over to seperate lists at the same time using same "indexes" and merge the result
msnanyway I can use jinja loops inside playbooks to update variables?
halberomsee comment above
msnthat sucks :(
halberomneedle: what you're saying doesn't make sense and/or sound right, I suspect you've got a typo or other issue. Try reproducing with a very simple playbook and put up a paste/gist if you still need help
msneven if i created empty variables at start I can't update them on the fly :(
halberommsn: so as mentioned, you could use set_fact e.g. set_fact: network: "{{ network|combine({ 'area_1': { 'vpcid': '123' }}) }}"
halberommsn: but i'm not sure you actually _need_ to update your source var, given you'll probably have registerd results which will include the items you're working on _and_ the results - so you can iterate/use those in subsequent tasks
needlethis is what works https://paste.pound-python.org/show/32KLlvkJJHBt77Fxbgkm/
qtaxHey, do Ansible support "run_once: <forever>" kind of method?
qtax(and not per play?)
miscwhat would it do ?
qtaxExample only run a task once - even if you play it again.
halberomthat is quite easy to do - use a lock file or similar technique
qtaxOr do I then need to have a file to look at?
qtaxYes, that was my original idea, but would be easier, if it were built in :)
qtaxJust wanted to be sure. Thanks halberom
qtaxand misc
halberomtoo many possible scenarios, and distributed users also make a builtin solution tricky
needlethis is the same but the routines have been placed in roles/common/tasks https://paste.pound-python.org/show/2Ixm00jCms69dODGtIOJ/
needlethere i can not use register: and when: as with https://paste.pound-python.org/show/32KLlvkJJHBt77Fxbgkm/ because the variable register from a included task: is empty
halberomneedle: why do you have register on include_role?
KBmecan anyone tell me what the active branch is for https://github.com/ansible/ansible-modules-extras ?
needlehalberom: why not?
KBmelooks like stable-2.2 is more recent than the devel branch. I'm confused
halberomregister takes the results of a task, a role has 1 or more tasks - and so i would be _very_ surprised if that worked
needlethat was the question, does that work? or how do i do it that one gets an output from a included_role
halberomKBme: that repo is legacy
halberomKBme: they got merged back into ansible/ansible
KBmeoh. where is development taking place then?
needleall right so register will not work with include_role?
halberomneedle: you're already registering in the task inside the role - so that's sufficient
halberomneedle: ansible has a relatively flat var structure during runtime, the concept of roles and included tasks is more of a human abstraction - as far as ansible is concerned, it ends up being a flat list of tasks. a var registered against a nested role/task is not in a separate namespace - there is no need to pull that var out, it's already generally available within the same play.
halberomhopefully that helps make sense of it
needleso setting register: in included_task will not work or makes no sense, Rregister then has to be in the task. Is that right?
needleSo I have removed the register in the included_task and defined in the play and the register: show is "hello world"
KBmedamn the bug I was trying to fix has been fixed in 2.4.2 :D
KBmeACTION waits for it to hit fedora/centos
needleit somehow does not work if i split up a playbook into files and routines. It only works if everything is defined in a playbook
needlehttps://paste.pound-python.org/show/I3kDvTcvQTCDod6XuQsE/ that is the output
needlewait I have a typo in that play
halberomneedle: that paste still has a register on include_role
needlehalberom: you are right
needlenow I have it working, thanks halberom
needlehttps://paste.pound-python.org/show/iOKbUkFvxKPKEuCHUAWv/ halberom thanks for the patience and explaining.
msnhalberom: any ideas how I can create a ec2_route_table in ansible whtn most data comes from one list aka the public_subnet registered variable but the gateway id comes from another one
halberommsn: that would depend on how you're generating the gateway id's. with_nested, with_together or with_subelements: - registeredvar.results - thing
msnlike this : http://paste.debian.net/998149/ (the variables are in group_vars file)
msnthen subnet creation uses subelements to create all the subnets
halberomsimilar principle as your second task, your vpc igw var will probably include all dict items from network - use debug to check
msnhmmm http://paste.debian.net/998151/ yes but it does not contain subnet_ids which will have to be connected to the route table
msnthose are generated in the last block and that does not have the gateway id. that's where I get stuck
halberomtry using vpc gwi var in your subnet task
halberomyou're iteratively building up the details you need in each registered var that way
msnyes that's how aws setup works you start with some base and build ont on top of other somethings are parallel like subnets and route tables and need to be connected
akofinko/ hey all - is it possible to pass behavioral inventory parameters to `ansible-playbook`? I'm using this syntax: `ansible-playbook -i host,`, and I want to do something like `ansible-playbook -i host ansible_connection=local,`
akofinkhere's the docs I'm using http://docs.ansible.com/ansible/latest/intro_inventory.html#list-of-behavioral-inventory-parameters
akofinkbtw, that syntax ^ doesn't seem to work (that's why I'm here)
mgedminif you're not quoting that, ansible sees -i host, and then tries to load "ansible_connection=local," as a playbook
mgedminbtw any reason not to use ansible-playcook -c local ?
akofinkmgedmin: ah, thanks! what about ansible_python_interpreter? is there a cli option for that too?
mgedminno, but you can provide variables using -e var=value
akofinkok, nice. Thank you! mgedmin++
amoraeshi there, not sure if I'm doing something wrong, I am trying ansible creating ELB(aws), using the ec2_elb_lb module, it is creating as ec2-classic and I would like to configure it into a VPC. I didn't find or I am looking for that in a wrong way. Is that possible what I want? Thanks.
apollo13https://dpaste.de/z8i1/raw any idea what is happening here? (please compare cmd & _raw_params in the output)
PenguinPerkI currently have ansible_ssh_private_key_file in my ansible host file, other than in there where can it be placed?
apollo13command line, ssh config…
apollo13most likely env var too
apollo13I filed it as https://github.com/ansible/ansible/issues/33379
apollo13wonder if someone has an idea, I am out of my depth in debugging
apollo13bcoca; wanna lend me a helping hand? :D
JmainguyI always just add tons of module json fails as a form of debugging
Jmainguyits not the best way I am sure, but it works for me =)
JustASlackeris there anyway to not check certificates when using "with_url"
JustASlackeralso, I hate ssl
JmainguyJustASlacker: SSL loves you
JmainguyJustASlacker: what about TLS?
JustASlackercan you do ansible localhost -m get_url -a 'url=https://releases.hashicorp.com/vagrant/ dest=/tmp/download'
theacolyteprobably... but why? hahah
bcocaapollo13: i dont see where you define the var
theacolyteI might be missing scrollback
apollo13bcoca: in defaults/main.yml, let me add that file to the bugreport -- but can you explain the difference between _raw_params and the cmd key?
bcoca_raw_params is just a placeholder to say 'no optoins, just a string passed to the module'
apollo13bcoca: yeah, but as you can see in that string, there variable got interpolated fine
apollo13I added defaults/main.yml to the bugreport
apollo13also if it works, the cmd key is a list rather than a string
bcocadepends, by default it is split to try to find command vs arguments
bcocabut w/o a reliable reproducer not sure anyone is going to be able to do anything on that ticket
apollo13bcoca: any idea on how to add some debug to ansible so I can debug myself?
bcoca-vvv should be enough to show what is run
apollo13ok let me get that
apollo13bcoca: https://github.com/ansible/ansible/issues/33379#issuecomment-347888565 that is the -vvv output
apollo13oha, it has something to do with sudo
bcocathat does not look like a variable expansion issue
apollo13bcoca: it fails as soon as I use -b --become-user admin
apollo13any idea where to start debugging?
bcocaquote the :.
apollo13how? put the whole line into "" ?
apollo13aha, it seems to be the @
apollo13does ansible for security reasons or so somehow somewhere strip stuff?
amoraesnot sure if there is any relation, about the issue I was getting, I changed the 'zones:' on ec2_elb_lb to subnets: and now it is into a VPC.
amoraesit seems to be working fine so.
PrincessZoeyif I'm running ansible-playbook from one commputer connected to another, can I log into the remote PC and view logs? I'm not getting any output thanks to terraform and I'm not sure if it stalled or not
JustASlackerwhy not just use ssh ?
PrincessZoeyI can ssh into the remote PC
JustASlackerand view logs?
PrincessZoeybut I have terraform spin up a VPS then run a playbook to configure the srever.
PrincessZoeyI didn't know if and where the logs would be located.
PrincessZoeythe only output terraform is giving me is "vultr_instance.maad: Still creating... (1h32m21s elapsed)
loomsenhi guys, I have a problem. I'm just redesigning our directory structure, using the second best practice example from the official doc. I need to have a link inside my group_vars definition for all, and also I need a main.yml/all.yml. see: https://gist.github.com/loomsen/bc7502627228bdba074e6755e793ec0d
PistahhPrincessZoey: /var/log/messages (or something other there) may contain logs about the ansible modules executed
apollo13bcoca: ah lol, ansible thinks that root@localhost is a password and therefor sanaitizes it
PistahhPrincessZoey: also if you can login to the host being configured, you should see ansible related python processes
apollo13the real issue was that the executable was not found due to path issues
loomsenhowever, if i have the all/ symlink, it doesn't pick up my vars from all.yml. it doesn't seem to pick up vars in main.yml at all
sivelloomsen: ansible will chose a dir over a file of the same name, and only 1 will work
sivelmain.yml would only work if the hosts were in a group called main
loomsensivel: oh ok, must have missed that. I though main.yml was something like all.yml
sivelall.yml works because there is an implicit "all" group
PrincessZoeyok. I think my playbook stalled out and didn't error out like it should have.
PrincessZoeybecause it's been 1hr40 minutes and it's still showing it in progress.
loomsensivel: ok, so i guess i will need to create a group main as a top group for my inventory and it should work then
PrincessZoeyyeah. it died somewhere in the very beginning
PrincessZoeyI don't think it actually did anything
Mitigatingprincess zoey is the cutest nick on irc I've ever seen
strkin which file can environment variables be specified ?
strkie: -host: all
loomsensivel: thank you very much for the heads up, got it working now
strkdeployment/host_vars/all ?
Mitigatingall is a magic group that all hosts are in
strkgroup_vars/all.yml: just an -environment: section there ?
sivelstrk: what are you trying to achieve? You can put any var you want in host_vars/group_vars but to make them work as env vars would be different
siveldepending on whether we are using the same definition of an environment variable
PenguinPerkI currently have ansible_ssh_private_key_file in my ansible host file, other than in there where can it be placed?
Mitigatingstrk, what you do is this. In your inventory file you set an env: variable like env:prod
Mitigatingthen inside tasks you include_vars: {{ env }}.yml
sivelstrk: that will create a variable called `environment` but it won't do anything magically in a playbook
Mitigatingand make a file for each environment
sivelstrk: you still ahve to use the `environment` keyword on each task/play that needs it
sivelthere is no global "environment"
strkwhat I'm trying to achieve is not to touch all tasks because I need an environment variable used for them
strkexample: in a postgresql_db task I don't want to add a login_host parameter (currently missing) but rather would like a PGHOST env variable to be set
Mitigatingohhhh hahah
sivelstrk: you can place it on the play, but as mentioned, there is no global environment setting
strkassuming "postgresql_db" module would honour that
Mitigatinghe means shell environment variables
Mitigatingthat's an unrelated topic sir
sivelI've been talking about shell env vars the whole time ;)
strknot really, that's my main goal: not having to modify each and every task..
Mitigatingwget that to your brain
PrincessZoeyok. combining terraform with ansible is a giant and complete waste of time and 12+ hours of effort.
Mitigatingyeah, terraform + ansible is annoying right now
sivelstrk: you have a few options, place it on the play, nest all the tasks in a block and apply enviroment to the block, put them in a role and do that to a role
MitigatingI just run them separate
strkin a role would be fine
PrincessZoeyI found what appeared to be an updated terraform-provisioner-ansible that seemed to want to work but I let it run for two hours and it didn't do a single task in the playbook x.x
strkrole level for env worked
dunkWhat's the best way to log from a custom ansible module?
strkok so env variables seem to work, for the "shell" module, now on to the other issue: "postgresl_db" module is not honouring them, looks like :(
strkknown issue ? considered non-issue ?
mgedminafaict ansible doesn't do anything special, just invokes psycopg2.connect()
mgedminif psycopg2 ignores $PGHOST, well
mgedminbut I find it strange
mgedmingoogle doesn't say one way or the other
mgedminthe source tree of psycopg2 doesn't mention PGHOST at all, but it if wraps libpq, then isn't it libpq itself that's supposed to be checking the env vars?
mgedminI could write a small python program and experiment
mgedminor maybe strk could? ;)
halberomthat and ansible does not always connect in a way that will actually have said env vars
dunkIs there a clean way to integrate the AnsibleModule.log function with python's built-in logging?
siveldunk: no, it is wired up to use syslog, it's not pluggable
dunksivel: Is there some sort of a shim somewhere? I'm probably not the first person to write a script and find the python logging framework useful, but also want to spit it out via ansible?
siveldunk: it would depend on what your goal is with python logging, you can't have it print to stdout, you would have to log elsewhere
dunksivel: Likely not much code; just seemed like the sort of thing that I shouldn't re-write
mgedminremember, that ansible module runs as a separate process, on the target, once per task
mgedminso you'd have to (1) configure python logging to log somewhere (but not stdout/stderr), and then (2) do a little bit of log, every time a task is executed
dunksivel: I'd be sad to abandon the whole logging framework - with all the logger inheritance, etc. etc. that it provides. But rather than spit the logs out manually I figured I should probably use ansible's logger so it is all (1) formatted the same and (2) all in the same place
mgedminyou could maybe write a python logging backend that forwards to ansible's log (which is just syslog actually so ...)
mgedminor wait, I think ansible can log directly to systemd-journald?
sivelyes, if you are on a systemd system it logs to journald instead of syslog
dunkmgedmin: yeah, thats's probably what I will do. I just assumed that this was quite a common thing to do.
siveldunk: I would say it's not common. to my knowledge, you are the first person to ask about using pythons logger in place of syslog
dunkWhere can I find the documentation for the AnsibleModule class?
agaffneydunk: there isn't really any docs, aside from the code and the hundreds of examples of its use distributed with ansible
mgedminit would be nice to have documentation for writing ansible modules (and plugins) ...
agaffneydocs PRs are welcome :)
PrincessZoeywhat exactly is a play?
Dejangroup of tasks/blocks
mgedmina list of roles and tasks, aimed at a particular set of hosts
mgedmina playbook contains one or more plays
DejanPrincessZoey, each playbook may contain more than one "tasks:"
PrincessZoeyI officially give up on combining ansible and terraform. piece of trash provider.
Dejanthose are "plays"
dunkagaffney: no docs? :'(
agaffneydunk: the user docs are much more massive and used by far more people, so focus has been on those. there's been a recent effort to revamp the developer docs, but I doubt that would extend to meaningful documentation for the AnsibleModule class
dunkRTFSC, then
mgedminsource diving is fun!
agaffneyjust use the StackOverflow method for writing ansible modules...copy and paste from various examples until you have something that works
petn-randallOh, you mean cargo culting?
agaffneysimilar, but not quite
agaffneyis it cargo culting if you know that you're just copying everyone else but you don't care because you want to focus on other parts?
petn-randallagaffney: cargo culting is when you copy behavourisms without understanding the the underlying mechanisms in hopes of reproducing the same effect.
agaffneyI'm totally guilty of that when setting up a quick prototype of something, such as the kubernetes+flannel setup I just did
mgedminit's not cargo culting if you understand what you're copying and pasting
agaffneypetn-randall: right, that's what I thought
petn-randallagaffney: Richard Feynman's story on it is that the natives of the pacific islands built radar towers and flight instructor helmets from bamboo, and waves around with long sticks in hopes of getting care packages; because that is what they saw the americans do, and they got those air drops.
agaffneyyeah, I've heard that story
Ab_Hi, How do I get the IPv4 address of the ansible control machine with "gather_facts: false" ?
sivelAb_: is there a specific reason you are not gathering facts?
Ab_sivel: I am running raw module and gathering facts on all the machines takes long time so we put it to false
sivelI mean, if you want ansible to do it, you need to run gather_facts or the setup module (which is what gather facts is)
sivelotherwise, you'll have to write that functionality on your own, to get the IP
sivelYou can however use gather_subset
Ab_would i be able to use setup module (like connection: local)?
sivelI don't understand what that means
halberomAb_: suggest you check the setup module docs, you can call it like any other module - so delegate_to or local_action can be used.
Ab_gotcha .. thanks !
PraxiI have a task that I want to run for a minute, if it doesn't complete, I want to start the task over. Is this possible?
PraxiI tried using async: 60 with retries: 10. But that did not seem to work. It never retried.
traumschulePraxi: should be with async's poll option
Praxipoll defaults to 10 if its unspecified. Do you think I need to manually specify it with a retry?
Praxiat least thats what the documentation says, I took it at its word :)
traumschulePraxi: tbh, it have no experience with retry, i just used it fire it up
Praxiya it doesn't work :) Anyone know of a way I can timeout a task and restart it after so much time?
Praxithe way I have tried is async with retries
halberomsome modules support a timeout param
Praxihmm that seems to work. undocumented features! Thanks @halberom
Praxior maybe not
Praxiit just ignored it :)
halberomwhich module?
Praxicommand module. I think I need to test this more. async DOES appear to work. It just doesn't show retries like a task normally would.
halberomPraxi: by retries i assume you're using the until loop - which i'm not sure works with async tbh. you might need to put your async task in a separate file, and then loop the include_task action until... or something
halberomthough a better action might be to run something which identifies when whatever the target is is ready, so that you're not having to try repeatedly while it starts up or whatever the scenario is
cyrus_mcI am trying to do the following within a template : log_stream_name = {{ log.log_stream_name | default("{{ ansible_ec2_hostname }}") }}
spiderjhi everyone! iam using delegete_to and i put it inside the roles, is there a way to have this in the playbook directly?
cyrus_mcbut that just ends up using the default of {{ ansible_ec2_hostname }} string literal
cyrus_mcif I remove the " " around template rendering errors
halberomcyrus_mc: don't nest {{}}
halberomcyrus_mc: anything inside one set of {{ }} is a code block
cyrus_mcso just default(ansible_ec2_hostname)
halberomACTION nods
halberomspiderj: clarify please
spiderjhalberom: i use the lxd module to create a container on localhost, so subsequent roles need to work on the container
Praxisorry, not using until @halberom
Praxiasync fails the process, then retries grab it.
halberomasync supports retries?
halberomnews to me
spiderjhalberom: so i put the delegate_to into the roles, inside each task there
Praxiya me too
halberomafaik retries is an 'until' loop feature
spiderjhalberom: im quite new to ansible, so this might be totally the wrong way
cyrus_mchalberom: I have one more. I have a variable set multi_line_start_pattern: {datetime_format}
cyrus_mcwhen I print that out in a template it prints {u'datetime_format': None}
halberomspiderj: that's one way of doing it, you can also delegate at playbook level, and at role level - { role: foo, delegate_to: .. }
Praxi@halberom https://pastebin.com/sG3wr9T7
Praxigive that a try with a stopwatch or something, it definitely seems to work :)
halberominteresting, i guess retries and delay etc are task meta keys - thought they were specific to until loop but obviously not
halberomcyrus_mc: dunno, would need to see a paste/gist of the template, var contents and output
cyrus_mcI just needed to enclose it in ''. THanks
spiderjhalberom: unsure how the correct syntax would be then, could you point it out to me more specifically? https://pastebin.com/PrYhGyR5
halberomsee my comment above for role format
spiderji don't think i understand that, does it come before the roles: "command"?
spiderjhalberom: or do i just append the ", delegate_to somethin" after the role name?
halberomspiderj: have a look at the docs - http://docs.ansible.com/ansible/latest/playbooks_reuse_roles.html
halberomspiderj: roles can take params
spiderjhalberom: thank you! seems i have looked at all the wrong docs ;)
spiderjjust starting so ... lots to learn
Praxi@halberom I have verified that there is only one sleep process running when doing the async/retries thing :)
Praxican you use wildcards on win_stat?
PraxiI'm trying it now, but in hind site, I should of tried it on a job that doesn't take 30 minutes to run lol.
jborean93Praxi: I don’t think so, win_find is probably better for that task
Praxikk. Thanks @jborean93 will put some eyeballs on that
jwitkoHey All, when running a jenkins job against a centos7.4 stock container to test an ansible playbook run I am getting the following error when executing package installs: "python2 bindings for rpm are needed for this module. python2 yum module is needed for this module"
jwitkoa bit of googling shows a bunch of people with similar issues but nothing related to containers or how to fix the issue
jwitkoAnyone have any idea how to resolve this ?>
blammois there a way to leverage the file module to create directories using something similar to bash curly brace expansion, like /my/dir{ectory,s}/{here,there} ?
blammoi tried and it literally created a directory with the braces in the name
sivelblammo: no, you should look at using with_items instead, or at worst, drop to using the shell module
jwitkoblammo, a loop would be your best bet over the file task
blammosivel: i'm actually using with_items, and some items look like it. was trying to compress a long list of directories i'm creating to just create the leaf directories, but wanted to not have lots of almost exactly redundant items
blammoanything that an inline jinja2 template could help with this?
blammoit seems like i can try with_filetree. sounds closer to what i want anyway
apteryx_Is it OK to backup my datadir (default: ~/.ethereum) folder while it's running?
apteryx_oops, wrong channel.
raktajinoI've been asked to implement some instrumentation for our deployment times, specifically metrics around how long each task is taking which would then be shipped to a stats collector. I'm thinking a callback plugin is the right way to go about doing this, but does anyone reading this have any strong feelings otherwise?
sivelraktajino: that sounds correct, in fact there is already a callback that times tasks
raktajinoyeah, i've used it and its pretty awesome
raktajinoi'll probably build off of that
raktajinook cool, thanks sivel
flowerysongDefinitely a job for a callback. I'd probably start by reviewing ARA (https://github.com/openstack/ara)
raktajinowhoa this looks awesome thanks flowerysong
Richlvwhere is the 'in' thing from "if ... in" documented ?
Richlvfor example - fact: "{{ 'val1' if '.string.' in inventory_hostname else 'val2' }}"
Richlvwondering whether the string part is a regexp or plain string
Richlvand if the latter, how to check for multiple options in the inventory variable
agaffneyRichlv: the 'in' in jinja is the same as python's 'in' operator
agaffneyit does a substring match on a string, or an exact match when used against a list
Richlvagaffney, thanks. so what's the most efficient way to check for presence of one of several substrings ?
agaffneyfoo | search('string 1|string 2|string 3')
Richlvagaffney, great, thank you a lot. i had seen it in some of the pages i found, but was not sure it would support regexp (as i assume it does)
agaffneythe |search() and |match() filters are basically mapped directly to the python re.match() and re.search() functions
Richlvhmm, would it be like this then ?
Richlvfact: "{{ 'val1' if inventory_hostname | search('string 1|string 2|string 3') else 'val2' }}"
agaffneytry it
agaffneybut that looks right
Robert-de-BockI’m trying to use the module github_release, but keep on getting: “Traceback (most recent call last):\r\n File \"/tmp/ansible_dEmDkD/ansible_module_github_release.py\", line 216, in <module>\r\n main()\r\n File \"/tmp/ansible_dEmDkD/ansible_module_github_release.py\", line 184, in main\r\n except github3.AuthenticationFailed as e:\r\nAttributeError: 'module' object has no attribute 'AuthenticationFailed’\r\n”
Robert-de-BockBefore submitting a bug, does anybody work with this module?
agaffneythat sounds like you have an older (or newer) version of the github3 python module than the ansible module expects
Robert-de-Bock@agaffney, correct, thanks for helping!
smitzHi all! I'm developing a custom module that uses "connection: local" in order to access some archaic hardware. It works great! However, I need to add a feature that scp
smitzs a file to a given host. Do the standard ansible libs have any helper functions for scp'ing to a target, like for example open_url, etc ?
SuperNinjaHi, How do I assign data: "A" or "B" if B exists in Ansible? Thanks
SuperNinjaor B is defined, thanks
raktajino{{ B | default(A) }}
SuperNinjagreat thanks again :)
agaffneysmitz: it sounds more like you want an action plugin. they implicitly run on localhost and have the ability to utilize modules
jwitkoHey does anyone have any experience running ansible playbooks inside docker containers? I'm attempting to test my playbook runs against ephemeral docker CentOS7 instances but I am running into problems with ansible tasks that start systemd services
jwitko"failure 1 during daemon-reload: Failed to get D-Bus connection: Operation not permitted"
jwitkofrom some googling it would appear that systemd does not run inside containers but most of the stuff I'm finding is from 2014. Does anyone know if this is possible or am I fighting a lost cause ?
raktajinoJoel: any chance I could steal a few minutes of your time to chat about profile_tasks? Not urgent, whenever you have time is fine.
BenTheBuilderAnyone here have any experience getting Ansible to work on AWS ECS?
BenTheBuilderI'm constantly getting fatal: []: FAILED! => {"failed": true, "msg": "winrm or requests is not installed: No module named xmltodict"}
Joelraktajino anytime works
raktajinomind if i PM?
BenTheBuilderI'm launching a ECS Docker via Jenkins
jborean93BenTheBuilder you need winrm, requests and xmltodict installed, are you using pip or the system package to install Ansible
smitz_agaffney: I thought I was already writing an action plugin, but looks like you're right, ty for the info!
BenTheBuilder@jborean93 yes. My docker file installs pywinrm (which includes requests and xmltodict)
BenTheBuilderI'm using pip
jborean93from that message it doesn't sound like it
BenTheBuilderI agree
jborean93or the Ansible you are using isn't in the same library
jborean93I know there was something recently around xmltodict not being packaged properly with a RHEL package but pip should be fine
BenTheBuilderI'm wondering if my ECS docker is not updating or running properly.
BenTheBuilderI just did a manual run of the docker on my local and it worked fine !!!
BenTheBuilderBut when I push via Jenkins in ECS it blows up
BenTheBuilderI think I see the issue - my jenkins job is not updating to use the latest container... Sigh!
cyrus_mcQuestion regarding per environments inventories when dealing with dynamic inventories (ie: AWS). Read this blog on directory structure: https://leucos.github.io/ansible-files-layout. The inventories dir within your playbook broken down by env makes sense (if static). But when using a script to generate dynamically how would you do that
cyrus_mcHave a script that queries AWS to return the inventories. You supply different parameters based on which environment you want (in our case environments are in different accounts)
cyrus_mcwith the official ec2.py script you have the ini which you can use to filter on different criteria. But again, is there a way to specify which INI (outside of always having to set EC2_INI_PATH environment var) based on which env you are running against
iintheskyHey folks.. What would be the best way to pull in an entire directory structure from a pull play?
iintheskyI don't think get_url can do that..
cyrus_mcwrapper script .. that might do it
agaffneycyrus_mc: I think the ec2.py script looks for an INI file in the same directory, so if you just have a copy/symlink of ec2.py in a separate dir for each environment, it should just work
agaffneyiinthesky: pull in from where, and to where?
cyrus_mcagaffney: yep..correct. THat is what I was thinking.
cyrus_mcJust ran the ec2.py and it returned something .. just not sure what. It returned only one host that being an ECS instance host. But there are 46 other running machines
iintheskyagaffney: during a ansible-pull play pull in from a remote repo.. http or maybe git if I could figure out how to do that
agaffneyiinthesky: you can use the 'git' module to help clone another git repo, but your ansible playbook wouldn't be able to do much with those fetched files because of the order in which ansible processes things
iintheskyThe copy module can do recursive.. wish there was something that can do recursive via http.. like rsync but that isn't really tenable
PapiWhat do you use as ansible web ui?
Jmainguyiinthesky: wget can grab web dirs
Jmainguyiinthesky: wget -R or -r forget which flag, grabs everything
iintheskyso you think shell: 'wget http://mybox/myrepo/mydir/' something like this?
Jmainguyin1t3r: wget -r http://mybox/myrepo/mydir/
Jmainguyin1t3r: sorry ignore me
Jmainguyiinthesky: ^^ yeah
Jmainguyiinthesky: should download everything in that dir, it makes a new web call for each file and certainly isnt the most optimal way to transfer things
Jmainguybut it works
Richlvagaffney, yay, that worked - thank you. i had to do \\. as i wanted to match literal dots, and at first i messed it up by quoting each value in the regexp. after figuring out what the error was about, it all seems to work as expected
PraxiTrying to templatize a string for an until statement. If I hardcode my example, it works. Get some eyeballs, and maybe some ideas? https://pastebin.com/g5vQ1gsp
PraxiI have tried that without the inside curlies. I'm working through variations on the quotation marks now.
flowerysongDon't nest {{ }}. '@[?Name==`POSLoad_' ~ inventory_hostname.split('.')[0] ~ '.PASS`]'
flowerysongAlso, until is probably implicitly templated and you shouldn't have the outer {{ }} either.
Praxiwhat do the tildes do @flowerysong ? I need to go read about that
Praxiand that did work, ty
flowerysongString concatenation.
Praxijust so I can get my learn on, is that specific to jmes_path?
Praxineed to figure out how to do an OR for .PASS OR .FAIL :)
PraxiI ended up making a really long statement to check for both conditions; https://pastebin.com/qUDW4Znx
PraxiTried breaking that over lines using > but no love :) . I assume because its in a until statement and ansible is doing something to the block.
iintheskyIs it possible to get ansible-pull to copy down resources attached to a playbook? For example.. when i pull down the playbook with git i want it to pull down associated files and stuff into a staging area.. is this something to do with the way the git repo is configured?
bcocaput them in git, that action will check thouse out also
Praxi+1 thats how I handle mine. Most everything is run through Jenkins. Jenkins checks out my repo, checks out the development teams config repo, etc...
herloI'm wanting to include another role external to the role I'm running in my playbook. I know about DEFAULT_ROLES_PATH in the config, but where the role I'd like to include ends up being somewhat dynamic. Is there a way to include the role from extra_vars or somesuch?
SamYapleherlo: include_role: "{{ some_variable }}"
herloSamYaple: I'm doing it this way: http://pastebin.centos.org/445626/
herloSamYaple: the common role lives in a different directory structure from the beaker.yml (what you see in the paste).
SamYapleah i see your point.
herloSamYaple: in fact, the playbook and beaker role exist in one directory. The rest reside elsewhere which is dynamic.
SamYapleim not sure ive ever included a role like that
SamYapletasks/playbooks sure
robinI'm planning on using ansible dynamic inventory with aws. I have a bastion host which I use on the VPC to access all other hosts on aws how can I make dynamic inventory work with this?
herloSamYaple: well, this way works if you have all of your roles in one place (or even if it's in the parent directory of the playbook)
SamYapleherlo: right, but thats not what you want. i understand what you want
SamYaplerobin: setup your ssh configuration to proxy through the bastion host
herloessentially, I need to dynamically set the DEFAULT_ROLES_PATH value programattically or through extra_vars or something. Looking at the code, it seems I can do it with an environment variable, but that's about it.
SamYapleherlo: - { role: '/path/to/my/roles/common' }
SamYaplethat oculd be a variable
robinSamYaple: does ansible work with the .ssh config file? If I proxy there does it affect ansible?
herloSamYaple: could work. I guess I could set that as a var.
SamYaplerobin: ansible uses ssh config, yes
robinSamYaple: thanks alot!
SamYapleherlo: also, completely unrelated, but i like the syntax better... http://pastebin.centos.org/445631/
herloSamYaple: oh, sure. that is better. :)
robinI want to source control all ansible code but some code like inventory is put in /etc/ansible. How do you source control ansible?
SamYaplerobin: i dont use /etc/ansible myself, but nothing stops you from source controlling that
SamYaple`ansible-playbook -i /path/to/inventory`
agaffneyrobin: that's just the default inventory location. you can override that in ansible.cfg or with the -i option to ansible commands
robinAh, great! Thanks again.
SamYaplerobin: some projects also end up providing a wrapper script that sets alot of options and keep all thier configs in the git repo
SamYapleyouve got options
robinSamYaple: thanks, do you know any good resource for that?
SamYaplerobin: just simple bash script shell wrapper command. nothing fancy
robinSamYaple: alright, appreciate it :)
herloSamYaple: I set a variable catlled 'default_roles_path' in my code. Then used it like this: http://pastebin.centos.org/445641/ and it works. Thanks!