I'm having two machines one is the ansible controller where I execute my playbooks from and the other one is the remote machine (target) which I would like to install/update. The important thing is that the controller runs within the corporate network but the target is outside that network (only accessible via ssh).
So I need to download a file (from within the corporate network) and copy it to the target node.
I've tried to use: ansible.builtin.get_url to download the file but
unfortunately it will do that on the remote (target) machine which has of course no access to the corporate network.
Does someone has a tip/idea ?
Update: Using ansible [core 2.11.6]
To download something to the local Ansible Controller you may use the following approach.
- name: Download something to Ansible Controller
delegate_to: localhost
get_url:
url: "https://{{ ansible_user }}:{{ ansible_password }}#files.example.com/installer.rpm"
dest: "/tmp/{{ ansible_user }}"
owner: "{{ ansible_user }}"
tags: download,local
Please take note that according Controlling where tasks run: delegation and local actions, delegate_to is not a parameter of module get_url but of the task.
Related
I am writing a playbook where i need to select host which will be a part of group which starts with name "hadoop". The host will be supplied as an extra variable in term of parent group. The task is about upgrading the java on all machines with repo but there are certain servers which dont have repo configured or are in dmz and can only use there local repo... i need to enable local_rpm:true so that when the playbook execute the server which belong to hadoop group have this fact enabled.
I tried like below :
- hosts: '{{ target }}'
gather_facts: no
become: true
tasks:
- name: enable local rpm
set_fact:
local_rpm: true
when: "'hadoop' in group_names"
tags: always
and then importing my role based on tag
It's probably better to use group_vars in this case.
https://docs.ansible.com/ansible/latest/user_guide/intro_inventory.html#group-variables
I'm setting up an Ansible playbook to set up a couple servers. There are a couple of tasks that I only want to run if the current host is my local dev host, named "local" in my hosts file. How can I do this? I can't find it anywhere in the documentation.
I've tried this when statement, but it fails because ansible_hostname resolves to the host name generated when the machine is created, not the one you define in your hosts file.
- name: Install this only for local dev machine
pip:
name: pyramid
when: ansible_hostname == "local"
The necessary variable is inventory_hostname.
- name: Install this only for local dev machine
pip:
name: pyramid
when: inventory_hostname == "local"
It is somewhat hidden in the documentation at the bottom of this section.
You can limit the scope of a playbook by changing the hosts header in its plays without relying on your special host label ‘local’ in your inventory. Localhost does not need a special line in inventories.
- name: run on all except local
hosts: all:!local
This is an alternative:
- name: Install this only for local dev machine
pip: name=pyramid
delegate_to: localhost
I want to copy a file from a remote windows host to the local ansible server.
I have searched stackoverflow but I only found answers for Linux host : like this one Unfortunately the fetch seems not to work with windows hosts.
So how can I copy from a remote windows host to a local ansible server?
I could figure it out, and I have to revert my initial statement. The error messages where miss leading. The fetch module does work also for Windows. I my case I had a bad winrm connection. But instead of an error message the module tried to connect via ssh and finally ended "ok" (green!) the only indication that it did not worked that the file was not copied -- and this never could have happened since the was no ssh connection. I reinstalled the winrm and all worked fine!! Here is the working code:
- name: Fetch war file from buildserver
fetch:
validate_checksum: yes
src: "{{ war_file_path }}{{ war_file_name }}"
dest: "{{ warfile_tmp_folder }}"
flat: yes
delegate_to: "{{ buildserver }}"
With ansible, I'm trying to copy an application artifact from a remote server "artifacts_host" to a target machine, i.e. a host in my inventory. The play I'm trying to run is something like:
- name: rsync WAR artifact from artifacts host
synchronize: >
src={{ artifacts_path }}/{{ artifact_filename }}.war
dest={{ artifact_installation_dir }}
delegate_to: "{{ artifacts_host }}"
I came very close to getting this to work by using ansible-vault to encrypt a "secrets.yml" variable file with the artifact_host's public key and then installed it on the target machine's auth file like:
- name: install artifacts_host's public key to auth file
authorized_key: >
user={{ ansible_ssh_user }}
key='{{ artifacts_host_public_key }}'
sudo: yes
but the problem is that my artifacts_host cannot resolve an IP address from the FQDN that Ansible passes to it. If I was able to "inform" the artifacts_host of the IP to use (what the fqdn should resolve to) then I would be fine. I would also be fine having the task fire off on the target machine to pull from the artifacts_host, but I can't find an idempotent way of accomplishing this, nor can I figure out how to feed the target machine a login/password OR ssh key to use.
Am I just gonna have to template out a script to push to my targets???
For anyone who comes across this and has the same question, I did not really figure it out, I just decided to install the private key in the target machines' /etc/ssh directory and chmod it to 0600. I figure it's basically as secure as it could get without a transient (in-memory only) key/password and with idempotence.
I'm setting up an Ansible playbook to set up a couple servers. There are a couple of tasks that I only want to run if the current host is my local dev host, named "local" in my hosts file. How can I do this? I can't find it anywhere in the documentation.
I've tried this when statement, but it fails because ansible_hostname resolves to the host name generated when the machine is created, not the one you define in your hosts file.
- name: Install this only for local dev machine
pip:
name: pyramid
when: ansible_hostname == "local"
The necessary variable is inventory_hostname.
- name: Install this only for local dev machine
pip:
name: pyramid
when: inventory_hostname == "local"
It is somewhat hidden in the documentation at the bottom of this section.
You can limit the scope of a playbook by changing the hosts header in its plays without relying on your special host label ‘local’ in your inventory. Localhost does not need a special line in inventories.
- name: run on all except local
hosts: all:!local
This is an alternative:
- name: Install this only for local dev machine
pip: name=pyramid
delegate_to: localhost