Background
I am experimenting with Ansible (1.9.4) roles and I am trying to get the hang of role dependencies.
I have created the following roles:
A role that installs the Oracle JDK (ansible-java8)
A role that installs Tomcat (ansible-tomcat7)
The second role defines the first as a dependency in /ansible-tomcat7/meta/main.yml:
dependencies:
- { role: java8 }
I also included a requirements.yml file with the following:
- name: java8
src: 'https://github.com/gregwhitaker/ansible-java8'
I have added the following configuration to my /etc/ansible/ansible.cfg to configure my roles_path to a place in my home directory:
roles_path = ~/ansible/roles
I then installed the ansible-java8 role as java8 using the following command:
ansible-galaxy install -r requirements.yml
Once the command was ran I can see the java8 role in the ~/ansible/roles directory.
However, when I run a playbook that calls the tomcat7 role only that role is executed. The java8 role is not executed before the tomcat7 role.
PLAY [all] ********************************************************************
GATHERING FACTS ***************************************************************
ok: [default]
TASK: [Install Tomcat7 (Ubuntu)] **********************************************
changed: [default] => (item=tomcat7,libtcnative-1,libapr1)
TASK: [Install Tomcat7 (Debian)] **********************************************
skipping: [default]
TASK: [Install Tomcat7 (Amazon Linux)] ****************************************
skipping: [default]
PLAY RECAP ********************************************************************
default
Questions
Is this the correct way to define dependent roles or have I totally missed something?
Am I correct in thinking that since I marked the tomcat7 role as depending on java8 that the java8 role should have been located from the roles_path and ran first?
What mistake am I making that is causing the java8 role to not run before the tomcat7 role?
This turned out to be a problem with how I was testing the role.
I was telling Vagrant to provision my test box using the following site.yml file:
- hosts: all
sudo: yes
tasks:
- include: tasks/main.yml
This was obviously causing Ansible to only run the Tomcat tasks and not take into account that this was actually a role and not just a playbook with some tasks in it.
The site.yml playbook I am using for testing is at the root of the repository so once I changed it to reference the repository as a role everything started working.
- hosts: all
sudo: yes
roles:
- { role: '../ansible-tomcat7' }
Related
I am running Packer + Ansible provisioner from the Bitbucket pipeline. but ansible not becoming root even become: true is given. Packer is used to create an Amazon Linux AMI and Ansible provisioner is used to run some server hardening scripts and configurations.
output from simple id command:
When run from Pipeline
TASK [aws-basic : debug] *****************************************
ok: [default] => {
"command_output.stdout_lines": [
"uid=1000(ec2-user) gid=1000(ec2-user) groups=1000(ec2-user),4(adm),10(wheel),190(systemd-journal)"
]
}
When running from Locally
TASK [aws-basic : debug] *****************************************
ok: [default] => {
"command_output.stdout_lines": [
"uid=0(root) gid=0(root) groups=0(root)"
]
}
Following is my Ansible Playbook with two roles
- name: AWS EC2 AMLinux Configuration playbook
hosts: default
remote_user: ec2-user
connection: ssh
become: true
vars:
_date: "{{ansible_date_time.iso8601}}"
reop_path: /usr/tmp/
roles:
- role: role-1
- role: role-2
Packer ansible provisioner config
provisioner "ansible" {
playbook_file = "../ansible/aws-ec2-base.yml"
extra_arguments = ["--extra-vars", "api_key=${var.api_key}"]
galaxy_file = "../ansible/requirements.yml"
ansible_ssh_extra_args = ["-oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa"]
}
Even putting become_user: root in the ansible-playbook is not working.
Any reason this only happens in the bitbucket pipeline? I am using an ubuntu docker image with Ansible and Packer installed.
My gut is there would be some config in each system that triggers a different behaviour. I'd try
ansible-config dump --only-changed
in both your local workstation and the CI system and try to peek any difference that might be causing this.
This issue was caused because of the use of an older version of the packer plugin.
can also resolve the issue by using a bitbucket runner.
I have a simple ansible roles with one task, but the problem is when i run it
the tasks are not actually started
It worked when I tried my task without roles and not sure why its happening when I try using roles.
Version of ansible: ansible 2.2.3.0
This is my run.yml
- name: add user to general purpose
hosts: localhosts
roles:
- adduser
cd adduser/tasks/main.yml
- name: Create user
shell: sudo adduser tom
Running
ansible-playbook run.yml -vvv
This is the output
Using /etc/ansible/ansible.cfg as config file
[WARNING]: provided hosts list is empty, only localhost is available
PLAYBOOK: run.yml
**************************************************************
1 plays in run.yml
PLAY RECAP
*********************************************************************
It is because you have a typo in your hosts: field; the name is localhost not localhosts (as there is no such thing as a plural of the local host)
Also, while this isn't what you asked, it is bad news to (a) manually use sudo in a module (b) call adduser unconditionally, as it will bomb the second time you run that playbook. The thing you want is to tell ansible that task needs elevated privileges and then make use of the user: module to allow ansible to ensure there is such a user by the end of that role:
- name: Create user
become: yes
user:
name: tom
The benefit of being more declarative is (a) that's how ansible works (b) it allows ansible to be idempotent across runs
Actually I've defined remote_user variable for each host group. But remote_user value is not taken from defined one. Rather its using top assigned value.
Ansible version:
# ansible --version
ansible 2.3.1.0
config file = /etc/ansible/ansible.cfg
configured module search path = Default w/o overrides
python version = 2.7.12 (default, Jul 1 2016, 15:12:24) [GCC 5.4.0 20160609]
Playbook file : info.yml
---
- hosts: all
remote_user: demo
roles:
- common
- hosts: devlocal
remote_user: root
become: yes
roles:
- common
- hosts: testlocal
remote_user: test
become: yes
roles:
- common
when I run the playbook for hosts [ devlocal] , the users name is taken from first assignment [ i.e : "demo" ]. Actually it should use the remote_user "root" in my case.
logs :
# ansible-playbook -i hosts -l devlocal info.yml --ask-pass -vvvv
Using /etc/ansible/ansible.cfg as config file
SSH password:
Loading callback plugin default of type stdout, v2.0 from /usr/lib/python2.7/dist-packages/ansible/plugins/callback/__init__.pyc
PLAYBOOK: site.yml ********************************************************************************************************************************
3 plays in site.yml
PLAY [all] ****************************************************************************************************************************************
TASK [Gathering Facts] ****************************************************************************************************************************
Using module file /usr/lib/python2.7/dist-packages/ansible/modules/system/setup.py
<10.11.12.213> ESTABLISH SSH CONNECTION FOR USER: demo
Someone please help what was an issue here. Thanks in advance
Someone please help what was an issue here.
The issue here is that you specified the first play to run as demo:
- hosts: all
remote_user: demo
roles:
- common
And Ansible runs it as demo which seems not to be your objective.
That's why Ansible provides inventory mechanism, so you can specify connection details per host, not in plays.
I've defined remote_user variable for each host group
Wrong. You've defined remote_user for each play and not host group.
Hosts and groups are defined via inventory.
So you should defined devlocal and testlocal groups with ansible_user assigned.
And have single play:
- hosts: all
roles:
- common
Whenever I run my playbook on my control machine I only see this:
PLAY RECAP *********************************************************************
So I get the feeling ansible is not finding my task file. Here is my directory structure (it's a git project in Eclipse):
ansible
ansible
dockerhosts.yml
hosts
roles
dockerhost
tasks
main.yml
My dockerhosts.yml:
---
- hosts: integration
roles: [dockerhost]
...
My hosts file:
[integration]
192.168.1.8
192.168.1.9
And my main.yml file:
- name: Install Docker CE from added Docker YUM repo
remote_user: installer
become: true
become_user: root
become_method: sudo
command: yum -y install docker-ce
I don't have any syntax errors clearly as it's running but for some reason it doesn't appear to find my main.yml file. I tried to see what user ansible runs under in case it's a question of file permissions but I haven't found anything.
I am running ansible-playbook dockerhosts.yml from the /ansible/ansible directory.
What am I doing wrong?
I have a hosts file but it's not in the /etc/ansible/hosts default location. As I showed in my question it's actually at the same level as dockerhosts.yml since this is a git project.
I used the -vvvv flag but that didn't tell me much. After running ansible-playbook -h I tried the -i flag and ran ansible-playbook dockerhosts.yml -i hosts and that actually did something.
It gave me SSH connection errors but it did more than just the blank PLAY RECAP I got before which to me means it's actually running the tasks now.
I've etcd running on the Ansible control machine (local). I can get and put the values as shown below but Ansible wouldn't get values, any thoughts?
I can also get the value using curl
I got this simple playbook
#!/usr/bin/env ansible-playbook
---
- name: simple ansible playbook ping
hosts: all
gather_facts: false
tasks:
- name: look up value in etcd
debug: msg="{{ lookup('etcd', 'weather') }}"
And running this playbook wouldn't fetch values from etcd
TASK: [look up value in etcd] *************************************************
ok: [app1.test.com] => {
"msg": ""
}
ok: [app2.test.com] => {
"msg": ""
}
Currently (31.05.2016) Ansible etcd lookup plugin support only calls to v1 API and not compatible with newer etcd instances that publish v2 API endpoint.
Here is the issue.
You can use my quickly patched etcd2.py lookup plugin.
Place it into lookup_plugins subdirectory near you playbook (or into Ansible global lookup_plugins path).
Use lookup('etcd2', 'weather') in your playbook.