Develop Reference

uninstall rpm without using yum in ansible

I used the below code in my playbook to remove the rpm
- name: query rpm
shell: "rpm -qa | grep -i rscd"
args:
warn: false
register: rpmblade
- debug: msg="{{ rpmblade.stdout}}"
- name: remove bladelogic rpm
shell: "rpm -e {{ rpmblade.stdout }}"
when: rpmblade.stdout == "BladeLogic_RSCD_Agent-8.9.04-292.x86_64" or rpmblade.stdout == "BladeLogic_RSCD_Agent-21.02.01-211.x86_64"
but what I required was irrespective of whatever the version as long as I see the "BladeLogic_RSCD_Agent" I want to uninstall that package. Is there a way to do it?

What is the difference between `sudo` and `become` for privilege escalation? [duplicate]

I have an ansible play file that has to performs two tasks, first on the local machine get the disk usage and another task is to get the disk usage of a remote machine and install apache2 in the remote machine.
When I am trying to run the file I am getting the error "ERROR! 'sudo' is not a valid attribute for a Play"
When I remove the sudo and apt section from the yml file, it is running fine.
I am using ansible 2.9.4. Below are two playbook files:
File running without any error,
---
-
connection: local
hosts: localhost
name: play1
tasks:
-
command: "df -h"
name: "Find the disk space available"
-
command: "ls -lrt"
name: "List all the files"
-
name: "List All the Files"
register: output
shell: "ls -lrt"
-
debug: var=output.stdout_lines
-
hosts: RemoteMachine1
name: play2
tasks:
- name: "Find the disk space"
command: "df -h"
register: result
- debug: var=result.stdout_lines
File running with error:
---
-
connection: local
hosts: localhost
name: play1
tasks:
-
command: "df -h"
name: "Find the disk space available"
-
command: "ls -lrt"
name: "List all the files"
-
name: "List All the Files"
register: output
shell: "ls -lrt"
-
debug: var=output.stdout_lines
-
hosts: RemoteMachine1
name: play2
sudo: yes
tasks:
- name: "Find the disk space"
command: "df -h"
register: result
- name: "Install Apache in the remote machine"
apt: name=apache2 state=latest
- debug: var=result.stdout_lines
Complete error message:
ERROR! 'sudo' is not a valid attribute for a Play
The error appears to be in '/home/Documents/ansible/play.yml': line 20, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
-
hosts: RemoteMachine1
^ here

Ansible play keyword sudo was (long ago) deprecated with warnings in version 2.0 and removed in version 2.2
See the actual supported play keywords. Use:
become: true

- hosts: RemoteMachine1
name: play2
become: yes
tasks:
- name: "Find the disk space"
command: "df -h"
register: result
- name: "Install Apache in the remote machine"
apt: name=apache2 state=latest
- debug: var=result.stdout_lines
use become: yes it will run your tasks as the root user.
Become directives

Ansible: disable service only if present

Is there any nice way to do disable and stop a service, but only if it's installed on server? Something like this:
- service: name={{ item }} enabled=no state=stopped only_if_present=yes
with_items:
- avahi-daemon
- abrtd
- abrt-ccpp
Note that "only_if_present" is a keyword that doesn't exist right now in Ansible, but I suppose my goal is obvious.

I don't know what is the package name in your case, but you can do something similar to this:
- shell: dpkg-query -W 'avahi'
ignore_errors: True
register: is_avahi
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- shell: rpm -q 'avahi'
ignore_errors: True
register: is__avahi
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
- service: name=avahi-daemon enabled=no state=stopped
when: is_avahi|failed
Update: I have added conditions so that the playbook works when you have multiple different distros, you might need to adapt it to fit your requirements.

Universal solution for systemd services:
- name: Disable services if enabled
shell: if systemctl is-enabled --quiet {{ item }}; then systemctl disable {{ item }} && echo disable_ok ; fi
register: output
changed_when: "'disable_ok' in output.stdout"
loop:
- avahi-daemon
- abrtd
- abrt-ccpp
It produces 3 states:
service is absent or disabled already — ok
service exists and was disabled — changed
service exists and disable failed — failed

ansible wget then exec scripts => get_url equivalent

I always wonder what is the good way to replace the following shell tasks using the "ansible way" (with get_url, etc.):
- name: Install oh-my-zsh
shell: wget -qO - https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh | bash -
or
- name: Install nodesource repo
shell: curl -sL https://deb.nodesource.com/setup_5.x | bash -

This worked for me:
- name: Download zsh installer
get_url:
url: https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh dest=/tmp/zsh-installer.sh
- name: Execute the zsh-installer.sh
shell: /tmp/zsh-installer.sh
- name: Remove the zsh-installer.sh
file:
path: /tmp/zsh-installer.sh
state: absent

#RaviTezu solution doesn't work because the file/script that you wish to execute must be on the machine where you execute your play/role.
As per the documentation here
The local script at path will be transferred to the remote node and then executed.
So one way to do it is by downloading the file locally and using a task like below:
- name: execute the script.sh
script: /local/path/to/script.sh
Or you can do this:
- name: download setup_5.x file to tmp dir
get_url:
url: https://deb.nodesource.com/setup_5.x
dest: /tmp/
mode: 0755
- name: execute setup_5.x script
shell: setup_5.x
args:
chdir: /tmp/
I would go for the first method if you are uploading your own script, the second method is more useful in your case because the script might gets updated in time so you are sure each time you execute it it uses the latest script.

For me, the following statement worked:
- name: "Execute Script"
shell: curl -sL https://rpm.nodesource.com/setup_6.x | bash -

Consider using the get_url or uri module rather than running curl.
For example:
- name: Download setup_8.x script
get_url: url=https://deb.nodesource.com/setup_8.x dest=/opt mode=755
- name: Setup Node.js
command: /opt/setup_8.x
- name: Install Node.js (JavaScript run-time environment)
apt: name=nodejs state=present

This playbook is what I've come up with. So far, it's as close to an idiomatic solution as I have come, and seems to be idempotent.
It will check for the existence of a command (in this case, starship) and if/when the test fails it will download the script.
---
- name: Check for Starship command
command: command -v starship >/dev/null 2>&1
register: installed
no_log: true
ignore_errors: yes
- name: Download Starship installer
get_url:
url: https://starship.rs/install.sh
dest: /tmp/starship-installer.sh
mode: 'u+rwx'
when: installed.rc != 0
register: download
- name: Run the install script
shell: /tmp/starship-installer.sh
when: download.changed
- name: Remove the starship-installer.sh
file:
path: /tmp/starship-installer.sh
state: absent

May be this basic example can help you to start:
---
- name: Installing Zsh and git
apt: pkg=zsh,git state=latest
register: installation
- name: Backing up existing ~/.zshrc
shell: if [ -f ~/.zshrc ]; then mv ~/.zshrc{,.orig}; fi
when: installation|success
sudo: no
- name: Cloning oh-my-zsh
git:
repo=https://github.com/robbyrussell/oh-my-zsh
dest=~/.oh-my-zsh
when: installation|success
register: cloning
sudo: no
- name: Creating new ~/.zshrc
copy:
src=~/.oh-my-zsh/templates/zshrc.zsh-template
dest=~/.zshrc
when: cloning|success
sudo: no

Note the: "force=yes", which will always download the script, overriding the old one.
Also note the "changed_when", which you can refine per your case.
- name: 'Download {{ helm.install_script_url }}'
environment:
http_proxy: '{{proxy_env.http_proxy | default ("") }}'
https_proxy: '{{proxy_env.https_proxy | default ("") }}'
no_proxy: '{{proxy_env.no_proxy | default ("") }}'
get_url: url={{ helm.install_script_url | default ("") }} dest=/tmp/helm_install_script force=yes mode="0755"
when: helm.install_script_url is defined
tags:
- helm_x
- name: Run {{ helm.install_script_url }}
environment:
http_proxy: '{{proxy_env.http_proxy | default ("") }}'
https_proxy: '{{proxy_env.https_proxy | default ("") }}'
no_proxy: '{{proxy_env.no_proxy | default ("") }}'
command: "/tmp/helm_install_script"
register: command_result
changed_when: "'is up-to-date' not in command_result.stdout"
when: helm.install_script_url is defined
args:
chdir: /tmp/
tags:
- helm_x

ansible : how to use the variable ${item} from with_items in notify?

I am new to Ansible and I am trying to create several virtual environments (one for each project, the list of projects being defined in a variable).
The task works well, I got all the folders, however the handler does not work, it does not init each folder with the virtual environment. The ${item} varialbe in the handler does not work.
How can I use an handler when I use with_items ?
tasks:
- name: create virtual env for all projects ${projects}
file: state=directory path=${virtualenvs_dir}/${item}
with_items: ${projects}
notify: deploy virtual env
handlers:
- name: deploy virtual env
command: virtualenv ${virtualenvs_dir}/${item}

Handlers are just 'flagged' for execution once whatever (itemized sub-)task requests it (had the changed: yes in its result).
At that time handlers are just like a next regular tasks, and don't know about the itemized loop.
A possible solution is not with a handler but with an extratask + conditional
Something like
- hosts: all
gather_facts: false
tasks:
- action: shell echo {{item}}
with_items:
- 1
- 2
- 3
- 4
- 5
register: task
- debug: msg="{{item.item}}"
with_items: task.results
when: item.changed == True

To sum up the previous discussion and adjusting for the modern Ansible...
- hosts: localhost,
gather_facts: false
tasks:
- action: shell echo {{item}} && exit {{item}}
with_items:
- 1
- 2
- 3
- 4
- 5
register: task
changed_when: task.rc == 3
failed_when: no
notify: update service
handlers:
- name: update service
debug: msg="updated {{item}}"
with_items: >
{{
task.results
| selectattr('changed')
| map(attribute='item')
| list
}}