I am playing around with hazelcast, using aws cloudformation and ansible to spin up a cluster of two hazelcast nodes + a separate mancenter.
All documentation on the mancenter implies everything must be done manually by a user in a browser. However this is not ideal as we will have many environments and have a hardened ami provided to us every few weeks which we must update existing environment to.
What I am trying to do is create an ansible role that automatically creates the first admin user, and then adds the enterprise license into the mancenter.
I have successfully scripted the user creation (just http for now, baby steps)
- name: Check for first user
uri:
url: "http://{{ hazelcastmanagement_dns }}:8080/mancenter/user.do?operation=anyUser&_=1480397059541"
method: GET
return_content: no
register: anyuser
until: anyuser.json["anyUser"] is defined
retries: 10
delay: 5
- name: Register Admin user
uri:
url: "http://{{ hazelcastmanagement_dns }}:8080/mancenter/user.do?operation=signUp&username={{ hazelcastmanagement_user }}&password={{ hazelcastmanagement_password }}&confirmpassword={{ hazelcastmanagement_password }}&email={{ hazelcastmanagement_email }}&_=1479951949840"
method: GET
return_content: no
register: result
until: result.json["success"] is defined
retries: 10
delay: 5
when: anyuser.json["anyUser"] == "false"
However I am having trouble successfully orchestrating the update license call.
In a browser, certain calls return the JSESSION ID, and HTTP 200's. When trying to emulate this in ansible however, I am always getting a 302, redirect to the login page.
I have pasted the tasks below that I am attempting.
These task examples do not contain many headers, however I have tried emulating every single header that a browser sends previously but had the same result.
- name: Call to update license unauthorized (returns set_cookie)
uri:
url: "http://{{ hazelcastmanagement_dns }}:8080/mancenter/main.do"
method: POST
return_content: yes
body: "operation=savelicense_getLicenceInfo&key={{ hazelcast_license }} "
status_code: 302
register: cookie
- name: Login (302 ok because browser mirrors this result)
uri:
url: "http://{{ hazelcastmanagement_dns }}:8080/mancenter/j_spring_security_check"
method: POST
body: "j_username={{ hazelcastmanagement_user }}&j_password={{ hazelcastmanagement_password }}"
return_content: yes
status_code: 302
HEADER_Cookie: "{{cookie.set_cookie}}"
- name: Call to update license authorized
uri:
url: "http://{{ hazelcastmanagement_dns }}:8080/mancenter/main.do"
method: POST
return_content: yes
body: "operation=savelicense_getLicenceInfo&key={{ hazelcast_license }}"
HEADER_Cookie: "{{cookie.set_cookie}}"
My ansible task logs are below, -vvvv
Hoping someone else has looked into this previously, could not find any questions related to it elsewhere however.
Ansible Log Output:
TASK [hazelcastmanagement_launch : Call to update license authorized] **********
task path: /app/esg/ansible/roles/hazelcastmanagement_launch/tasks/launch.yml:5
ESTABLISH LOCAL CONNECTION FOR USER: root
hazelcast EXEC ( umask 22 && mkdir -p "$( echo /tmp/ansible-tmp-1480399947.07-7077332634698 )" && echo "$( echo /tmp/ansible-tmp-1480399947.07-7077332634698 )" )
hazelcast PUT /tmp/tmpBbuVj0 TO /tmp/ansible-tmp-1480399947.07-7077332634698/uri
hazelcast EXEC chmod a+r /tmp/ansible-tmp-1480399947.07-7077332634698/uri
hazelcast EXEC /bin/sh -c 'sudo -H -S -n -u esg /bin/sh -c '"'"'echo BECOME-SUCCESS-lemxlebthsblahblahblahcevqzkafjdo; LANG=en_US.UTF-8 HTTP_PROXY=proxy.com LC_MESSAGES=en_US.UTF-8 HTTPS_PROXY=proxy.com no_proxy=proxy.com http_proxy=proxy.com https_proxy=proxy.com NO_PROXY=proxy.com LC_ALL=en_US.UTF-8 /usr/bin/python /tmp/ansible-tmp-1480399947.07-7077332634698/uri'"'"''
hazelcast EXEC rm -f -r /tmp/ansible-tmp-1480399947.07-7077332634698/ > /dev/null 2>&1
ok: [hazelcast] => {"changed": false, "content": "", "content_length": "0", "expires": "Thu, 01 Jan 1970 00:00:00 GMT", "invocation": {"module_args": {"backup": null, "body": "operation=savelicense_getLicenceInfo&key=ENTERPRISELicense12341234123412341234123412341234", "body_format": "raw", "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": null, "force_basic_auth": false, "group": null, "method": "POST", "mode": null, "owner": null, "password": null, "regexp": null, "remote_src": null, "removes": null, "return_content": true, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": ["302"], "timeout": 30, "url": "http://internal-esg-aws.elb.amazonaws.com:8080/mancenter/main.do", "user": null, "validate_certs": true}, "module_name": "uri"}, "location": "http://internal-esg-aws.elb.amazonaws.com:8080/mancenter/login.jsp;jsessionid=dq0hzdvm2xm91r4h6eyef1l48", "redirected": false, "server": "Jetty(8.y.z-SNAPSHOT)", "set_cookie": "JSESSIONID=dq0hzdvm2xm91r4h6eyef1l48;Path=/mancenter;HttpOnly", "status": 302}
TASK [hazelcastmanagement_launch : Login] **************************************
task path: /app/app/ansible/roles/hazelcastmanagement_launch/tasks/launch.yml:14
ESTABLISH LOCAL CONNECTION FOR USER: root
hazelcast EXEC ( umask 22 && mkdir -p "$( echo /tmp/ansible-tmp-1480399947.23-71435275964843 )" && echo "$( echo /tmp/ansible-tmp-1480399947.23-71435275964843 )" )
hazelcast PUT /tmp/tmpKhOI1y TO /tmp/ansible-tmp-1480399947.23-71435275964843/uri
hazelcast EXEC chmod a+r /tmp/ansible-tmp-1480399947.23-71435275964843/uri
hazelcast EXEC /bin/sh -c 'sudo -H -S -n -u app /bin/sh -c '"'"'echo BECOME-SUCCESS-rfxrchqnblahblahblahhvryauidnf; LANG=en_US.UTF-8 HTTP_PROXY=proxy.com8 LC_MESSAGES=en_US.UTF-8 HTTPS_PROXY=proxy.com no_proxy=proxy.com http_proxy=proxy.com NO_PROXY=proxy.com LC_ALL=en_US.UTF-8 /usr/bin/python /tmp/ansible-tmp-1480399947.23-71435275964843/uri'"'"''
hazelcast EXEC rm -f -r /tmp/ansible-tmp-1480399947.23-71435275964843/ > /dev/null 2>&1
ok: [hazelcast] => {"changed": false, "content": "", "content_length": "0", "invocation": {"module_args": {"HEADER_Cookie": "JSESSIONID=dq0hzdvm2xm91r4h6eyef1l48;Path=/mancenter;HttpOnly", "backup": null, "body": "j_username=admin&j_password=admin1", "body_format": "raw", "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": null, "force_basic_auth": false, "group": null, "method": "POST", "mode": null, "owner": null, "password": null, "regexp": null, "remote_src": null, "removes": null, "return_content": true, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": ["302"], "timeout": 30, "url": "http://internal-aws.elb.amazonaws.com:8080/mancenter/j_spring_security_check", "user": null, "validate_certs": true}, "module_name": "uri"}, "location": "http://internal-aws.elb.amazonaws.com:8080/mancenter/login.jsp?login_error=true", "redirected": false, "server": "Jetty(8.y.z-SNAPSHOT)", "status": 302}
TASK [hazelcastmanagement_launch : Call to update license authorized] **********
task path: /app/app/ansible/roles/hazelcastmanagement_launch/tasks/launch.yml:23
ESTABLISH LOCAL CONNECTION FOR USER: root
hazelcast EXEC ( umask 22 && mkdir -p "$( echo /tmp/ansible-tmp-1480399947.38-137956022601151 )" && echo "$( echo /tmp/ansible-tmp-1480399947.38-137956022601151 )" )
hazelcast PUT /tmp/tmpAbC8uL TO /tmp/ansible-tmp-1480399947.38-137956022601151/uri
hazelcast EXEC chmod a+r /tmp/ansible-tmp-1480399947.38-137956022601151/uri
hazelcast EXEC /bin/sh -c 'sudo -H -S -n -u app /bin/sh -c '"'"'echo BECOME-SUCCESS-cciaazzdblahblahblahdufmpuhe; LANG=en_US.UTF-8 HTTP_PROXY=proxy.com LC_MESSAGES=en_US.UTF-8 HTTPS_PROXY=proxy.com no_proxy=proxy.com http_proxy=proxy.com https_proxy=proxy.com NO_PROXY=proxy.comLC_ALL=en_US.UTF-8 /usr/bin/python /tmp/ansible-tmp-1480399947.38-137956022601151/uri'"'"''
hazelcast EXEC rm -f -r /tmp/ansible-tmp-1480399947.38-137956022601151/ > /dev/null 2>&1
fatal: [hazelcast]: FAILED! => {"changed": false, "content": "", "content_length": "0", "failed": true, "invocation": {"module_args": {"HEADER_Cookie": "JSESSIONID=dq0hzdvm2xm91r4h6eyef1l48;Path=/mancenter;HttpOnly", "backup": null, "body": "operation=savelicense_getLicenceInfo&key=ENTERPRISELicense123412341234123412341234123412341234", "body_format": "raw", "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": null, "force_basic_auth": false, "group": null, "method": "POST", "mode": null, "owner": null, "password": null, "regexp": null, "remote_src": null, "removes": null, "return_content": true, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": [200], "timeout": 30, "url": "http://internal-aws.elb.amazonaws.com:8080/mancenter/main.do", "user": null, "validate_certs": true}, "module_name": "uri"}, "location": "http://internal-aws.elb.amazonaws.com:8080/mancenter/login.jsp", "msg": "Status code was not [200]", "redirected": false, "server": "Jetty(8.y.z-SNAPSHOT)", "status": 302}
EDIT:
Thanks for that solution emre. Using curl was the way to go.
I tried a few more times with the uri ansible module. But no dice... must be something under the hood going on.
Since your curl's hit the nail on the head, I just wrapped this in the ansible command module instead of using the uri module to construct the calls.
I chdir to /tmp to ensure I have write access for the cookie file.
- name: Login to management
shell: "curl -X POST http://{{ hazelcastmanagement_dns }}:8080/mancenter/j_spring_security_check -d "j_username={{ hazelcastmanagement_user}}" -d "j_password={{ hazelcastmanagement_password }}" -c cookies.file
args:
chdir: /tmp
- name: Login to management
shell: "curl -H "Content-Type: application/x-www-form-urlencoded" -X POST http://{{ hazelcastmanagement_dns }}:8080/mancenter/main.do?operation=savelicense -d 'key={{ hazelcast_licence }}' -b cookies.file
args:
chdir: /tmp
I don't know about Ansible, but using cUrl you can log in and set the license key as follows:
curl -X POST http://localhost:8083/mancenter/j_spring_security_check -d "j_username=emre" -d "j_password=Password1" -c cookies.file
curl -H "Content-Type: application/x-www-form-urlencoded" -X POST http://localhost:8083/mancenter/main.do?operation=savelicense -d 'key=aaaa' -b cookies.file
Note that you need to log in with an admin user and the license key you provide needs to be correct for the server to return 200.
Edit:
With Hazelcast Management Center version 3.9.3, a new system property to configure the license was introduced. See the release notes for version 3.9.3 and the relevant section on the latest reference manual for details.
Related
$ ansible --version
ansible 2.10.8
Per Oracle VM VirtualBox 6.1 Silent Install (How-To Guide), I should be able to install VirtualBox silently like this
C:\temp> VirtualBox-6.1.28-147628-Win.exe --silent --ignore-reboot
and if I run the above command in a Windows command prompt, it succeeds and installs VirtualBox.
Now I do this in Ansible
- name: "Install {{ artifact_filename }}"
win_package:
path: "C:\\temp\\VirtualBox-6.1.28-147628-Win.exe"
arguments: "--silent --ignore-reboot"
state: present
and I get this when I run the playbook with the task.
fatal: [10.227.x.x]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"arguments": "--silent --ignore-reboot",
"chdir": null,
"client_cert": null,
"client_cert_password": null,
"creates_path": null,
"creates_service": null,
"creates_version": null,
"expected_return_code": [
0,
3010
],
"follow_redirects": "safe",
"force_basic_auth": false,
"headers": null,
"http_agent": "ansible-httpget",
"log_path": null,
"maximum_redirection": 50,
"password": null,
"path": "C:\\temp\\VirtualBox-6.1.28-147628-Win.exe",
"product_id": null,
"provider": "auto",
"proxy_password": null,
"proxy_url": null,
"proxy_use_default_credential": false,
"proxy_username": null,
"state": "present",
"url_method": null,
"url_password": null,
"url_timeout": 30,
"url_username": null,
"use_default_credential": false,
"use_proxy": true,
"username": null,
"validate_certs": true,
"wait_for_children": false
}
},
"msg": "unexpected rc from 'C:\\temp\\VirtualBox-6.1.28-147628-Win.exe --silent --ignore-reboot': see rc, stdout, and stderr for more details",
"rc": 1,
"reboot_required": false,
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
What am I missing? TIA.
I RTFM'd the win_package documentation. It says regarding the arguments option
arguments This is only used for the msi, msp, and registry providers.
So I do this instead
- name: "Install VirtualBox"
win_command: "C:\\temp\\VirtualBox-6.1.28-147628-Win.exe --silent --ignore-reboot"
If anyone has a better answer I'm all eyes.
Disclaimer ... I am new to Ansible but after a few days of googling and trying different things I am struggling with a seemingly basic problem. Below I have put my playbooks and the job runs fine but only the first role actually executes with the variable. Any help in this is greatly appreciated.
---
- connection: local
hosts: all
gather_facts: false
roles:
- role: slb
vars:
name: "test1"
- { role: slb, vars: { name: "test2" }}
- { role: slb, vars: { name: "test3" }}
The folder structure is then roles/slb/tasks/main.yml
- name: create virtual server
a10_slb_virtual_server:
a10_host: "10.247.5.29"
a10_username: "xxxxx"
a10_password: "xxx"
a10_port: "443"
a10_protocol: "https"
name: " {{ name }} "
ip_address: "10.1.1.1"
netmask: "255.255.255.0"
port_list:
- port_number: 80
protocol: tcp
enable_disable_action: enable
stats_data_action: stats-data-enable
Edit - here is a code example that works using the same syntax so maybe it is an issue with the module?
---
- connection: local
hosts: localhost
gather_facts: false
roles:
- role: text
vars:
name: "Scooby"
- { role: text, vars: { name: "Shaggy" }}
- name: Create a text file
file:
path: "/var/lib/awx/projects/test/{{ name }}.txt"
state: touch
'''
[root#awx-ansible a10]# ansible-playbook -i hosts main.yml -vvvv
ansible-playbook 2.8.4
config file = /var/lib/awx/projects/a10/ansible.cfg
configured module search path = [u'/usr/share/ansible/plugins/modules/a10_ansible/library']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible-playbook
python version = 2.7.5 (default, Aug 7 2019, 00:51:29) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
Using /var/lib/awx/projects/a10/ansible.cfg as config file
setting up inventory plugins
host_list declined parsing /var/lib/awx/projects/a10/hosts as it did not pass it's verify_file() method
script declined parsing /var/lib/awx/projects/a10/hosts as it did not pass it's verify_file() method
auto declined parsing /var/lib/awx/projects/a10/hosts as it did not pass it's verify_file() method
Parsed /var/lib/awx/projects/a10/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/default.pyc
PLAYBOOK: main.yml ****************************************************************************************************************************************************************
Positional arguments: main.yml
become_method: sudo
inventory: (u'/var/lib/awx/projects/a10/hosts',)
forks: 5
tags: (u'all',)
verbosity: 4
connection: smart
timeout: 10
1 plays in main.yml
[WARNING]: Found variable using reserved name: name
PLAY [all] ************************************************************************************************************************************************************************
META: ran handlers
TASK [slb : create] ***************************************************************************************************************************************************************
task path: /var/lib/awx/projects/a10/roles/slb/tasks/main.yml:3
<10.247.5.29> ESTABLISH LOCAL CONNECTION FOR USER: root
<10.247.5.29> EXEC /bin/sh -c 'echo ~root && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729 `" && echo ansible-tmp-1572014930.09-177848662916729="`
echo /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729 `" ) && sleep 0'
<10.247.5.29> Attempting python interpreter discovery
<10.247.5.29> EXEC /bin/sh -c 'echo PLATFORM; uname; echo FOUND; command -v '"'"'/usr/bin/python'"'"'; command -v '"'"'python3.7'"'"'; command -v '"'"'python3.6'"'"'; command -v '"'"'python3.5'"'"'; command -v '"'"'python2.7'"'"'; command -v '"'"'python2.6'"'"'; command -v '"'"'/usr/libexec/platform-python'"'"'; command -v '"'"'/usr/bin/python3'"'"'; command -v '"'"'python'"'"'; echo ENDFOUND && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '/usr/bin/python && sleep 0'
Using module file /usr/share/ansible/plugins/modules/a10_ansible/library/a10_slb_virtual_server.py
<10.247.5.29> PUT /root/.ansible/tmp/ansible-local-57176X2vg1j/tmp5QQ2WF TO /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729/AnsiballZ_a10_slb_virtual_server.py
<10.247.5.29> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729/ /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1572014930.09-177848662916729/ > /dev/null 2>&1 && sleep 0'
ok: [10.247.5.29] => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": false,
"invocation": {
"module_args": {
"a10_host": "10.247.5.29",
"a10_partition": null,
"a10_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"a10_port": 443,
"a10_protocol": "https",
"a10_username": "admin",
"acl_id": null,
"acl_id_shared": null,
"acl_name": null,
"acl_name_shared": null,
"arp_disable": null,
"description": null,
"disable_vip_adv": null,
"enable_disable_action": "enable",
"ethernet": null,
"extended_stats": null,
"get_type": null,
"ha_dynamic": null,
"ip_address": "10.1.1.1",
"ipv6_acl": null,
"ipv6_acl_shared": null,
"ipv6_address": null,
"migrate_vip": null,
"name": " test1 ",
"netmask": "255.255.255.0",
"port_list": [
{
"port_number": 80,
"protocol": "tcp"
}
],
"redistribute_route_map": null,
"redistribution_flagged": null,
"shared_partition_policy_template": null,
"state": "present",
"stats_data_action": "stats-data-enable",
"template_logging": null,
"template_policy": null,
"template_policy_shared": null,
"template_scaleout": null,
"template_virtual_server": null,
"use_if_ip": null,
"user_tag": null,
"uuid": null,
"vport_disable_action": null,
"vrid": null
}
},
"message": "",
"original_message": "",
"result": {},
"virtual-server": {
"a10-url": "/axapi/v3/slb/virtual-server/%20test1%20",
"arp-disable": 0,
"disable-vip-adv": 0,
"enable-disable-action": "enable",
"extended-stats": 0,
"ip-address": "10.1.1.1",
"name": " test1 ",
"netmask": "/24",
"port-list": [
{
"a10-url": "/axapi/v3/slb/virtual-server/%20test1%20/port/80+tcp",
"action": "enable",
"auto": 0,
"clientip-sticky-nat": 0,
"conn-limit": 64000000,
"cpu-compute": 0,
"def-selection-if-pref-failed": "def-selection-if-pref-failed",
"extended-stats": 0,
"force-routing-mode": 0,
"ha-conn-mirror": 0,
"ipinip": 0,
"memory-compute": 0,
"message-switching": 0,
"no-auto-up-on-aflex": 0,
"no-dest-nat": 0,
"no-logging": 0,
"port-number": 80,
"protocol": "tcp",
"range": 0,
"reset": 0,
"reset-on-server-selection-fail": 0,
"rtp-sip-call-id-match": 0,
"scaleout-bucket-count": 32,
"skip-rev-hash": 0,
"snat-on-vip": 0,
"stats-data-action": "stats-data-enable",
"syn-cookie": 0,
"template-tcp": "default",
"template-virtual-port": "default",
"use-alternate-port": 0,
"use-default-if-no-server": 0,
"use-rcv-hop-for-resp": 0,
"uuid": "0c2a963c-f741-11e9-b845-e9b0dd63a720"
}
],
"redistribution-flagged": 0,
"stats-data-action": "stats-data-enable",
"uuid": "0c2a19e6-f741-11e9-b845-e9b0dd63a720"
}
}
TASK [slb : create] ***************************************************************************************************************************************************************
task path: /var/lib/awx/projects/a10/roles/slb/tasks/main.yml:3
<10.247.5.29> ESTABLISH LOCAL CONNECTION FOR USER: root
<10.247.5.29> EXEC /bin/sh -c 'echo ~root && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567 `" && echo ansible-tmp-1572014931.51-10342010886567="` echo /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567 `" ) && sleep 0'
Using module file /usr/share/ansible/plugins/modules/a10_ansible/library/a10_slb_virtual_server.py
<10.247.5.29> PUT /root/.ansible/tmp/ansible-local-57176X2vg1j/tmpKJVm5x TO /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567/AnsiballZ_a10_slb_virtual_server.py
<10.247.5.29> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567/ /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1572014931.51-10342010886567/ > /dev/null 2>&1 && sleep 0'
ok: [10.247.5.29] => {
"changed": false,
"invocation": {
"module_args": {
"a10_host": "10.247.5.29",
"a10_partition": null,
"a10_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"a10_port": 443,
"a10_protocol": "https",
"a10_username": "admin",
"acl_id": null,
"acl_id_shared": null,
"acl_name": null,
"acl_name_shared": null,
"arp_disable": null,
"description": null,
"disable_vip_adv": null,
"enable_disable_action": "enable",
"ethernet": null,
"extended_stats": null,
"get_type": null,
"ha_dynamic": null,
"ip_address": "10.1.1.1",
"ipv6_acl": null,
"ipv6_acl_shared": null,
"ipv6_address": null,
"migrate_vip": null,
"name": " test2 ",
"netmask": "255.255.255.0",
"port_list": [
{
"port_number": 80,
"protocol": "tcp"
}
],
"redistribute_route_map": null,
"redistribution_flagged": null,
"shared_partition_policy_template": null,
"state": "present",
"stats_data_action": "stats-data-enable",
"template_logging": null,
"template_policy": null,
"template_policy_shared": null,
"template_scaleout": null,
"template_virtual_server": null,
"use_if_ip": null,
"user_tag": null,
"uuid": null,
"vport_disable_action": null,
"vrid": null
}
},
"message": "",
"original_message": "",
"result": {}
}
TASK [slb : create] ***************************************************************************************************************************************************************
task path: /var/lib/awx/projects/a10/roles/slb/tasks/main.yml:3
<10.247.5.29> ESTABLISH LOCAL CONNECTION FOR USER: root
<10.247.5.29> EXEC /bin/sh -c 'echo ~root && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912 `" && echo ansible-tmp-1572014932.64-244561048768912="`
echo /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912 `" ) && sleep 0'
Using module file /usr/share/ansible/plugins/modules/a10_ansible/library/a10_slb_virtual_server.py
<10.247.5.29> PUT /root/.ansible/tmp/ansible-local-57176X2vg1j/tmpuWRYRS TO /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912/AnsiballZ_a10_slb_virtual_server.py
<10.247.5.29> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912/ /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912/AnsiballZ_a10_slb_virtual_server.py && sleep 0'
<10.247.5.29> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1572014932.64-244561048768912/ > /dev/null 2>&1 && sleep 0'
ok: [10.247.5.29] => {
"changed": false,
"invocation": {
"module_args": {
"a10_host": "10.247.5.29",
"a10_partition": null,
"a10_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"a10_port": 443,
"a10_protocol": "https",
"a10_username": "admin",
"acl_id": null,
"acl_id_shared": null,
"acl_name": null,
"acl_name_shared": null,
"arp_disable": null,
"description": null,
"disable_vip_adv": null,
"enable_disable_action": "enable",
"ethernet": null,
"extended_stats": null,
"get_type": null,
"ha_dynamic": null,
"ip_address": "10.1.1.1",
"ipv6_acl": null,
"ipv6_acl_shared": null,
"ipv6_address": null,
"migrate_vip": null,
"name": " test3 ",
"netmask": "255.255.255.0",
"port_list": [
{
"port_number": 80,
"protocol": "tcp"
}
],
"redistribute_route_map": null,
"redistribution_flagged": null,
"shared_partition_policy_template": null,
"state": "present",
"stats_data_action": "stats-data-enable",
"template_logging": null,
"template_policy": null,
"template_policy_shared": null,
"template_scaleout": null,
"template_virtual_server": null,
"use_if_ip": null,
"user_tag": null,
"uuid": null,
"vport_disable_action": null,
"vrid": null
}
},
"message": "",
"original_message": "",
"result": {}
}
META: ran handlers
META: ran handlers
PLAY RECAP ************************************************************************************************************************************************************************
10.247.5.29 : ok=3 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
'''
After much work I was able to resolve my issue by starting from scratch and it appears that the original problem was caused by spaces in the play variable " {{ name }} ". Once I changed it to "{{ name }}" things seemed to work as expected. I'm still struggling with the syntax but once I got this working I've been able to really tie plays together as I had hoped. Thanks to both of you for the help.
This question already has answers here:
How to use Ansible's with_item with a variable?
(2 answers)
Closed 5 years ago.
I have the following files in my tmp directory
root#ansible:/tmp/test$ ls /tmp/test/
file1 file2 file3
I also have the following playbook which is modeled after this
vars:
exclude_files: file1
tasks:
- name: check files
shell: ls -l /tmp/test
register: capture
- name: remove files
file: path=/tmp/test/{{item}} state=absent
with_items: capture.stdout_lines
when: item not in exclude_files
- name: debug variable
debug: msg={{exclude_files}}
Unfortunately the second task isn't removing file2,file3. Instead it's treating the registered variable as a file.
ok: [172.16.2.3] => (item=capture.stdout_lines) => {
"changed": false,
"invocation": {
"module_args": {
"attributes": null,
"backup": null,
"content": null,
"delimiter": null,
"diff_peek": null,
"directory_mode": null,
"follow": false,
"force": false,
"group": null,
"mode": null,
"original_basename": null,
"owner": null,
"path": "/tmp/test/capture.stdout_lines",
"recurse": false,
"regexp": null,
"remote_src": null,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": null,
"state": "absent",
"unsafe_writes": null,
"validate": null
}
},
"item": "capture.stdout_lines",
"path": "/tmp/test/capture.stdout_lines",
"state": "absent"
Any idea why this code isn't working? I am using ansible 2.3.
with_items: capture.stdout_lines should be with_items: "{{capture.stdout_lines}}"
Bare variables in with_... are deprecated long ago.
Here is what I have:
- name: Create directories that will be used as persistent volumes
become: yes
become_method: sudo
file:
path: /tmp/pv-{{ item }}
state: directory
mode: "g=rwx"
group: "root"
selevel: _default
seuser: _default
serole: _default
setype: svirt_sandbox_file_t
with_items:
- cassandra
- services
The two directories are correctly created, group a rights are ok. But the SE Linux context is wrong.
$ ll -dZ /tmp/pv-cassandra
drwxrwxr-x. 2 jkremser root unconfined_u:object_r:user_tmp_t:s0 40 Mar 9 15:19 /tmp/pv-cassandra
This is the part of the debugging output:
ok: [localhost] => (item=cassandra) => {
"changed": false,
"diff": {
"after": {
"path": "/tmp/pv-cassandra"
},
"before": {
"path": "/tmp/pv-cassandra"
}
},
"gid": 0,
"group": "root",
"invocation": {
"module_args": {
"backup": null,
"content": null,
"delimiter": null,
"diff_peek": null,
"directory_mode": null,
"follow": false,
"force": false,
"group": "root",
"mode": "g=rwx",
"original_basename": null,
"owner": null,
"path": "/tmp/pv-cassandra",
"recurse": false,
"regexp": null,
"remote_src": null,
"selevel": "_default",
"serole": "_default",
"setype": "svirt_sandbox_file_t",
"seuser": "_default",
"src": null,
"state": "directory",
"unsafe_writes": null,
"validate": null
},
"module_name": "file"
},
"item": "cassandra",
"mode": "0775",
"owner": "root",
"path": "/tmp/pv-cassandra",
"size": 80,
"state": "directory",
"uid": 0
}
What am I doing wrong? My OS is Fedora 25.
If I use the copy module, instead of the file, that has almost the same parameters, it throws this error:
Aborting, target uses selinux but python bindings (libselinux-python) aren't installed
After installing the libselinux-python package, it works! So it looks like the file module silently swallows the error and does what it can do :( I can't depend on the fact that user has the libselinux-python package installed.
I'll probably call the chcon myself as a shell command or add the package as a prerequisite:
- name: Install the libselinux-python package
package:
name: libselinux-python
state: present
I am trying to use the Ansible URI Module to log into multiple webpages and check the environments are up and working.
At the moment, i want it to just log into 2 webpages (Peoplesoft envs), but i would like a vars file that i can add to each time i want to to check a new page.
This is what i have so far, but it doesnt seem to log into both pages, just 1 of them....any help woould be appreciated.
Playbook -
---
- name: Run Selenium Test Scripts
hosts: local
vars_files:
- /etc/ansible/uri_module/vars_uri.yml
tasks:
- name: Installing URI dependancy
yum: name=python-httplib2.noarch state=present
- name: Log into Webpage
uri:
url: http://{{appserver}}:{{port}}/{{dbname}}/signon.html
method: POST
body: "name={{userid}}&password={{password}}&enter=Sign%20in"
with_file: /etc/ansible/uri_module/vars_uri.yml
Vars file
---
- { name: 'dog', appserver: 'st1920', port: '8100', dbname: 'dbdog', userid: 'user', password: 'pass' }
- { name: 'cat', appserver: 'st1921', port: '8300', dbname: 'dbcat', userid: 'user', password: 'pass' }
Output with -vvvv
ok: [local] => {"changed": false, "content_language": "en-US", "content_length": "1831", "content_type": "text/html", "date": "Thu, 13 Oct 2016 11:45:23 GMT", "invocation": {"module_args": {"backup": null, "body": "name=user&password=pass&enter=Sign%20in", "body_format": "raw", "content": null, "creates": null, "delimiter": null, "dest": null, "directory_mode": null, "follow": false, "follow_redirects": "safe", "force": null, "force_basic_auth": false, "group": null, "method": "POST", "mode": null, "owner": null, "password": null, "regexp": null, "remote_src": null, "removes": null, "return_content": false, "selevel": null, "serole": null, "setype": null, "seuser": null, "src": null, "status_code": [200], "timeout": 30, "url": "http://st1921:8300/dbcat/signon.html", "user": null, "validate_certs": true, "with_file": "/etc/ansible/uri_module/vars_uri.yml"}, "module_name": "uri"}, "last_modified": "Wed, 13 Aug 2014 11:42:42 GMT", "redirected": false, "server": "WebSphere Application Server/7.0", "status": 200}
Using the vars file, i want it to log into the dog environment, tell me its there, log into the cat environment, tell me its there. Then if i have a horse, frog, or what ever environment, i can keep adding to the vars file without adding to or changing the playbook. At the moment it only logs into cat and i dont know why.
Have i goen down the right route with this? Is there a better way of doing it? With it not giving an error, im struggling to figure out the issue!
Thanks.
I don't think it is possible to use with_file like that.
It would be cleaner to store the vars_uri dictonaries in a list like this:
---
vars_uri:
- { name: 'dog', appserver: 'st1920', port: '8100', dbname: 'dbdog', userid: 'user', password: 'pass' }
- { name: 'cat', appserver: 'st1921', port: '8300', dbname: 'dbcat', userid: 'user', password: 'pass' }
and loop over it with with_items like this:
---
# Run Selenium Test Scripts
hosts: local
vars_files:
- /etc/ansible/uri_module/vars_uri.yml
tasks:
- name: Installing URI dependancy
yum: name=python-httplib2.noarch state=present
- name: Log into Webpage
uri:
url: http://{{ item.appserver }}:{{ item.port }}/{{ item.dbname }}/signon.html
method: POST
body: "name={{ item.userid }}&password={{ item.password }}&enter=Sign%20in"
with_items: vars_uri