I am trying to execute a playbook for setting up Dell servers and I have some problems with a dictionary in module idrac_redfish_config. I need to enable SOL for a specific user, but for this I want to use a key in the dictionary with a variable because ID of user can be different from server to server.
How I try to add a variable to a dictionary key like this:
- name: Store id test-user
set_fact:
ID: "{{ result.redfish_facts.user.entries | json_query(\"[?UserName=='test-user'].Id\") }}"
- name: Enable SOL for test-user
community.general.idrac_redfish_config:
category: Manager
command: SetManagerAttributes
resource_id: iDRAC.Embedded.1
manager_attributes:
Users.{{ ID[0] }}.SolEnable: "Enabled" <---
Users.{{ ID[0] }}.IpmiLanPrivilege: "Administrator" <---
baseuri: "testhost"
username: "admin"
password: "admin"
I get this error:
TASK [Store id test-user] **************************************************************************************************************************************************************************************
ok: [localhost] => {
"ansible_facts": {
"ID": [
"8"
]
},
"changed": false
}
TASK [Enable SOL for test-user] ********************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"baseuri": "testhost",
"category": "Manager",
"command": [
"SetManagerAttributes"
],
"manager_attribute_name": null,
"manager_attribute_value": null,
"manager_attributes": {
"Users.{{ ID[0] }}.IpmiLanPrivilege": "Administrator",
"Users.{{ ID[0] }}.SolEnable": "Enabled"
},
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"resource_id": "iDRAC.Embedded.1",
"timeout": 10,
"username": "admin"
}
},
"msg": "SetManagerAttributes: Manager attribute Users.{{ ID[0] }}.SolEnable not found"
}
If I do this:
manager_attributes: "{
'Users.{{ ID[0] }}.SolEnable': Enabled
'Users.{{ ID[0] }}.IpmiLanPrivilege': Administrator
}"
I get:
fatal: [localhost]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"baseuri": "testhost",
"category": "Manager",
"command": [
"SetManagerAttributes"
],
"manager_attributes": "{ 'Users.8.SolEnable': Enabled 'Users.8.IpmiLanPrivilege': Administrator }",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"resource_id": "iDRAC.Embedded.1",
"timeout": 10,
"username": "admin"
}
},
"msg": "argument manager_attributes is of type <class 'str'> and we were unable to convert to dict: unable to evaluate string as dictionary"
}
I didn't find in Ansible documentation how to do this correctly.
According to documentation, manager_attributes should be a dict of key/value pairs to set on your device. The keys have dots in their names and you cannot "statically" create dynamic key names as you tried above (i.e. "prefix{{ dynamic_value }}suffix": "some content" does not work as you experienced by yourself since the key name does not go through jinja2 templating).
Below is a solution. It's far from being the only one but that's the first that came to my mind and I could setup an example for you quickly. In this case, I create a list of {key: X, value: Y} dicts with your dynamic names as keys and use the items2dict filter to transform this back to a dict itself.
I don't have a network device to play this against so I could not verify that the final result is actually accepted by the module. My example simply uses a debug with your input data to illustrate and outputs a dictionary as the module expects. You will have to tune the exact key names if they are wrong but at least you should be able to move forward.
- name: Dynamic dict
hosts: localhost
gather_facts: false
vars:
ID:
- "8"
my_attributes:
- key: "Users.{{ ID[0] }}.IpmiLandPrivilege"
value: Administrator
- key: "Users.{{ ID[0] }}.SolEnable"
value: Enabled
tasks:
- name: construct a dynamic dict and debug
vars:
manager_attributes: "{{ my_attributes | items2dict }}"
debug:
var: manager_attributes
Which gives:
PLAY [Dynamic dict demo] ***************************************************************************************************************************************************************************************************************
TASK [construct a dynamic dict and debug] **********************************************************************************************************************************************************************************************
ok: [localhost] => {
"manager_attributes": {
"Users.8.IpmiLandPrivilege": "Administrator",
"Users.8.SolEnable": "Enabled"
}
}
PLAY RECAP *****************************************************************************************************************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Edit: An additional (out of many others) example to achieve the same goal. The output is exactly the same as above:
- name: Dynamic dict
hosts: localhost
gather_facts: false
vars:
ID:
- "8"
manager_attributes: "{{
{
'Users.' + ID[0] + '.IpmiLandPrivilege': 'Administrator',
'Users.' + ID[0] + '.SolEnable': 'Enabled'
}
}}"
tasks:
- name: construct a dynamic dict and debug
debug:
var: manager_attributes
Related
I'm trying to use a module as an included task so I can loop several items and register the credentials in a variable.
Files:
main.yml:
---
- hosts: localhost
gather_facts: False
tasks:
- include: tasks/myvault/get-vault.yml
with_items:
- demo
register: output
- debug:
msg: "{{output}}"
get-vault.yml:
- name: Retrieve secret from Vault
community.hashi_vault.vault_kv2_get:
url: https://myvaul
path: "{{ item }}"
auth_method: token
token: '{{ mytoken }}'
namespace: MyNamespace
validate_certs: no
output:
ok: [localhost] => {
"msg": {
"changed": false,
"msg": "All items completed",
"results": [
{
"ansible_loop_var": "item",
"include": "tasks/myvault/get-vault.yml",
"include_args": {},
"item": "demo"
}
],
"skipped": false
}
}
The output doesn't display the "real" result of the task.
If I remove:
register: output and put it in get-vault.yml, here is the result:
ok: [localhost] => {
"msg": {
"changed": false,
"data": {
"data": {
"password": "Password",
"username": "Username"
}, ...
How can I get this result returned when I register the output from my included task?
I would like to check if my package is installed, but I would like to have all package types with a name.
Let me explain: I am looking for the OB2 package, but there are plenty of them, so I am looking for OB2* but it skips my search.
I tested with the name without wildcard (*) but it doesn't work any better:
- name: Gather the package facts
ansible.builtin.package_facts:
manager: auto
- name: Print the package facts
ansible.builtin.debug:
var: ansible_facts.packages
- name: Check whether a package called OB2 is installed
ansible.builtin.debug:
msg: "{{ ansible_facts.packages['OB2*'] | length }} versions of OB2are installed!"
when: "'OB2*' in ansible_facts.packages"
Is there a solution to find all outputs that start with OB2 within ansible_facts.package?
ansible_facts.packages is a dictionary. There are no keys in that dictionary named OB2* nor OB2 since no package has this exact name.
If you want to get all keys which names start with the string "OB2", one way is to filter out all others.
Transform you dict to a key/value list with the dict2items filter
Use the selectattr filter and apply the match test to find the relevant entries.
Since the key name is also contained in the parameter name inside each element in the value list , you can retain only the value using the map(attribute='someattr') filter
Last, flatten the list to get one single list containing all packages version
Here is a playbook illustrating the concept. For the example, I used as a prefix "zlib". Just change it back to whatever suits your needs
---
- hosts: localhost
gather_facts: false
vars:
package_prefix: "zlib"
filtered_packages: "{{ ansible_facts.packages | dict2items
| selectattr('key', 'match', package_prefix)
| map(attribute='value') | flatten }}"
tasks:
- name: gather package facts
ansible.builtin.package_facts:
- name: debug the raw variable
debug:
var: filtered_packages
- name: count relevant packages
vars:
pkg_num: "{{ filtered_packages | count }}"
debug:
msg: "There are {{ pkg_num }} packages
which name starts with {{ package_prefix }}"
- name: show some info about relevant packages
debug:
msg: "Package named {{ item.name }} is in category {{ item.category }}
and has version {{ item.version }}"
loop: "{{ filtered_packages }}"
Which gives on my Ubuntu local machine:
PLAY [localhost] *****************************************************************************************************************
TASK [gather package facts] ******************************************************************************************************
ok: [localhost]
TASK [debug the raw variable] ****************************************************************************************************
ok: [localhost] => {
"filtered_packages": [
{
"arch": "amd64",
"category": "libs",
"name": "zlib1g",
"origin": "Ubuntu",
"source": "apt",
"version": "1:1.2.11.dfsg-2ubuntu1.3"
},
{
"arch": "amd64",
"category": "libdevel",
"name": "zlib1g-dev",
"origin": "Ubuntu",
"source": "apt",
"version": "1:1.2.11.dfsg-2ubuntu1.3"
}
]
}
TASK [count relevant packages] ***************************************************************************************************
ok: [localhost] => {
"msg": "There are 2 packages which name starts with zlib"
}
TASK [show some info about relevant packages] ************************************************************************************
ok: [localhost] => (item={'name': 'zlib1g', 'version': '1:1.2.11.dfsg-2ubuntu1.3', 'arch': 'amd64', 'category': 'libs', 'origin': 'Ubuntu', 'source': 'apt'}) => {
"msg": "Package named zlib1g is in category libs and has version 1:1.2.11.dfsg-2ubuntu1.3"
}
ok: [localhost] => (item={'name': 'zlib1g-dev', 'version': '1:1.2.11.dfsg-2ubuntu1.3', 'arch': 'amd64', 'category': 'libdevel', 'origin': 'Ubuntu', 'source': 'apt'}) => {
"msg": "Package named zlib1g-dev is in category libdevel and has version 1:1.2.11.dfsg-2ubuntu1.3"
}
PLAY RECAP ***********************************************************************************************************************
localhost : ok=4 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
You have to filter the keys, a direct address is not possible, because you don't know the exact name.
- name: Gather the package facts
ansible.builtin.package_facts:
- name: Filter package names
set_fact:
filtered_package_names: "{{ ansible_facts.packages | list
| map('regex_search', '^vim.*') | select('string') | list }}"
- name: Print filtered packages
debug:
var: filtered_package_names
- name: Print package details from all filtered packages
debug:
msg: "{{ ansible_facts.packages[item] }}"
with_items: "{{ filtered_package_names }}"
With list a list of the keys is created, then you can filter this list with regex_search, afterwards the list is reduced to the filter result.
== Edit begin
There is a smarter filter method. Instead of using map(regex_search) / select(string), you could use directly select(match), so the filtering would look like:
- name: Filter package names
set_fact:
filtered_package_names: "{{ ansible_facts.packages | list
| select('match', '^vim.*') | list }}"
== Edit end
The result is a list of package names that match your regex.
If you need more information about one of the packages, you can then use ansible_facts.packages[_your_item] to get the rest of the information.
Example output of the above tasks:
TASK [Gather the package facts] ****************************************************************************************
ok: [localhost]
TASK [Filter package names] ********************************************************************************************
ok: [localhost]
TASK [Print filtered packages] *****************************************************************************************
ok: [localhost] => {
"filtered_package_names": [
"vim",
"vim-common",
"vim-runtime",
"vim-tiny"
]
}
TASK [Print package details] *******************************************************************************************
ok: [localhost] => (item=vim) => {
"msg": [
{
"arch": "amd64",
"category": "editors",
"name": "vim",
"origin": "Ubuntu",
"source": "apt",
"version": "2:8.1.2269-1ubuntu5.7"
}
]
}
ok: [localhost] => (item=vim-common) => {
"msg": [
{
"arch": "all",
"category": "editors",
"name": "vim-common",
"origin": "Ubuntu",
"source": "apt",
"version": "2:8.1.2269-1ubuntu5.7"
}
]
}
ok: [localhost] => (item=vim-runtime) => {
"msg": [
{
"arch": "all",
"category": "editors",
"name": "vim-runtime",
"origin": "Ubuntu",
"source": "apt",
"version": "2:8.1.2269-1ubuntu5.7"
}
]
}
ok: [localhost] => (item=vim-tiny) => {
"msg": [
{
"arch": "amd64",
"category": "editors",
"name": "vim-tiny",
"origin": "Ubuntu",
"source": "apt",
"version": "2:8.1.2269-1ubuntu5.7"
}
]
}
I'm trying to get VG_Name using below code. I can see variable value using debug:var but it doesn't work inside actual task & print value as "vg": "hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg"
tasks:
- set_fact:
LV_name: "opt"
- name: Get VG Name
set_fact:
vg_command: "{{ 'hostvars[inventory_hostname].ansible_lvm.lvs.'+ LV_name +'.vg' }}"
- name: Show VG
debug:
var: "{{ vg_command }}"
- name: extend logical volume and file system
community.general.lvol:
vg: "{{ vg_command }}"
lv: "{{ LV_name }}"
size: +100%FREE
resizefs: yes
Output:
TASK [Get VG Name] *********************************************************************************************************************************************************************************
task path: /root/ansible_disk/disk_extend.yml:92
ok: [SERVER-NAME] => {
"ansible_facts": {
"vg_command": "hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg"
},
"changed": false
}
TASK [Show VG] *************************************************************************************************************************************************************************************
task path: /root/ansible_disk/disk_extend.yml:96
ok: [SERVER-NAME] => {
"hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg": "vg_00"
}
TASK [extend logical volume and file system] *******************************************************************************************************************************************************
task path: /root/ansible_disk/disk_extend.yml:109
fatal: [SERVER-NAME]: FAILED! => {
"changed": false,
"err": " Volume group name \"hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg\" has invalid characters.\n Cannot process volume group hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg\n",
"invocation": {
"module_args": {
"active": true,
"force": false,
"lv": "varlog",
"opts": null,
"pvs": null,
"resizefs": true,
"shrink": true,
"size": "+100%FREE",
"snapshot": null,
"state": "present",
"thinpool": null,
"vg": "hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg"
}
},
"msg": "Volume group hostvars[inventory_hostname].ansible_lvm.lvs.varlog.vg does not exist.",
"rc": 5
}
Tried all possible ways(lookup, vars etc) that I could think of but no luck, any help would be appreciated!
You are building your string incoorectly, leaving inventory[hostname] inside the single quotes, it will be treated as a literal; so:
vg_command: "{{ 'hostvars[inventory_hostname].ansible_lvm.lvs.'+ LV_name +'.vg' }}"
should instead be:
vg_command: "{{ hostvars[inventory_hostname].ansible_lvm.lvs[LV_name].vg }}"
Im trying to have a task that asserts two dictionaries defined as facts.
The following are two dictionaries in which the keys have the disk space that is available or required per hypervisor.
"available": {
"hypervisor-01": 2321,
"hypervisor-02": 46
}
"required": {
"hypervisor-01": "200",
"hypervisor-02": "75"
}
The previous facts assert should fail as hypervisor-02 requires more than what is available.
"available": {
"hypervisor-01": 2321,
"hypervisor-02": 46
}
"required": {
"hypervisor-01": "200",
"hypervisor-02": "5"
}
The previous dictionaries should pass as all the requirements are fulfilled. If at least one condition is not meet it should fail (there might be many hypervisors).
Try this
- set_fact:
ka: "{{ available.keys()|list }}"
kr: "{{ required.keys()|list }}"
- assert:
that: kr|difference(ka)|length == 0
fail_msg: Required hypervisor not available.
- assert:
that: sum_max == sum_avail
fail_msg: Required space not available.
vars:
va: "{{ kr|map('extract', available)|list }}"
vr: "{{ kr|map('extract', required)|list }}"
sum_max: "{{ vr|zip(va)|map('max')|sum }}"
sum_avail: "{{ va|sum }}"
Please see below playbook. I have added 2 more conditions that may not be applicable to your case (in case available or required don't have the same keys).
playbook:
---
- hosts: localhost
gather_facts: false
vars:
available:
hypervisor-01: 2321
hypervisor-02: 46
hypervisor-03: 462
required:
hypervisor-01: 200
hypervisor-02: 75
tasks:
- assert:
that:
- required[item] is defined
- available[item] > required[item]
with_items: "{{ available.keys() | list }}"
output:
TASK [assert] **********************************************************************************************************************************************************************************************************
ok: [localhost] => (item=hypervisor-01) => {
"ansible_loop_var": "item",
"changed": false,
"item": "hypervisor-01",
"msg": "All assertions passed"
}
failed: [localhost] (item=hypervisor-02) => {
"ansible_loop_var": "item",
"assertion": "available[item] > required[item]",
"changed": false,
"evaluated_to": false,
"item": "hypervisor-02",
"msg": "Assertion failed"
}
failed: [localhost] (item=hypervisor-03) => {
"ansible_loop_var": "item",
"assertion": "required[item] is defined",
"changed": false,
"evaluated_to": false,
"item": "hypervisor-03",
"msg": "Assertion failed"
}
PLAY RECAP *************************************************************************************************************************************************************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
I'm trying to extract value of vm datastore with ansible snippet:
- name: Gather disk facts from virtual machine using name
vmware_guest_disk_facts:
hostname: "{{ vcenter_server }}"
username: "{{ vcenter_user }}"
password: "{{ vcenter_pass }}"
datacenter: "{{ datacenter }}"
validate_certs: no
name: "{{ item }}"
delegate_to: localhost
register: disk_facts
with_items: "{{ vm_list }}"
- name: Get disk info
debug:
var: disk_facts.results.guest_disk_facts.backing_datastore
Output:
[root#sysmgttl1 lvm]# ansible-playbook -i hosts vmfacts.yml -e vcenter_server=vmimgtpw002 -e vm_list=sndprfql8
PLAY [sndprfql8] ***********************************************************************************************************************************************************
TASK [Gathering Facts] *****************************************************************************************************************************************************
ok: [sndprfql8]
TASK [Gather disk facts from virtual machine using name] *******************************************************************************************************************
ok: [sndprfql8 -> localhost] => (item=sndprfql8)
TASK [Get disk info] *******************************************************************************************************************************************************
ok: [sndprfql8] => {
"disk_facts.results.guest_disk_facts.backing_datastore": "VARIABLE IS NOT DEFINED!"
}
PLAY RECAP *****************************************************************************************************************************************************************
sndprfql8 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
This is what my disk_facts looks like.
ok: [sndprfql8] => {
"disk_facts": {
"changed": false,
"msg": "All items completed",
"results": [
{
"ansible_loop_var": "item",
"changed": false,
"failed": false,
"guest_disk_facts": {
"0": {
"backing_datastore": "QADEV07",
"backing_eagerlyscrub": false,
"backing_filename": "[QADEV07] sndprfql8/sndprfql8.vmdk",
"backing_thinprovisioned": true,
"backing_type": "FlatVer2",
"backing_uuid": "6000C292-7716-6296-de04-69bac9186661",
"backing_writethrough": false,
"capacity_in_bytes": 68719476736,
"capacity_in_kb": 67108864,
"controller_key": 1000,
"key": 2000,
"label": "Hard disk 1",
"summary": "67,108,864 KB",
"unit_number": 0
}
},
"invocation": {
"module_args": {
"datacenter": "RDC",
"folder": null,
"hostname": "vmimgtpw002",
"name": "sndprfql8",
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"port": 443,
"use_instance_uuid": false,
"username": "svcvread#chop.edu",
"uuid": null,
"validate_certs": false
}
},
"item": "sndprfql8"
}
]
}
}
If this is really for a one shot use, the following should do:
- name: Get disk info
debug:
var: disk_facts.results[0].guest_disk_facts['0'].backing_datastore
If you goal is to get all values for a list of vms in the result possibly having several disks, the following will give you a flattened list (that you can de-duplicate with the unique filter if needed)
- debug:
msg: "{{ disk_facts | json_query('results[].guest_disk_facts.*[].backing_datastore') }}"