task to get username/password from group_vars

[RK]

I have a pretty easy playbook to connect to a Juniper switch and provide me the show version output. All works when I place the username and password into the playbook no problem. What I would prefer to do is set the username and password in group_vars/all and have the username and password read from there. Any tips? I can't seem to get this going. I think I may need to pass along a hostvars but can't seem to figure it out.

playbook:

- hosts: juniper

  gather_facts: no

  connection: local

  tasks:

  - name: DEFINE PROVIDER

    set_fact:

      hostinfo:

        host: "{{ inventory_hostname }}"

        password: xxxxx

        username: admin

  - debug: var=hostvars[inventory_hostname]

  - name: show command

    junos_command:

      provider: "{{ hostinfo }}"

      commands:

        - show version

    register: version

  - debug: msg="{{ version.stdout }}"

group_vars/all
username=admin

password=xxxxxx

[Alexander H. Laughlin]

[duchess@cody:tmp] cat /etc/ansible/hosts

[juniper]

localhost

Make sure you have localhost in the juniper group in your inventory.

[duchess@cody:tmp] cat group_vars/juniper

---

username: admin

password: This is not a good password.

...

And if you're going to use group variables you need to place them in the correct group.

[duchess@cody:tmp] cat playbook.yml

---
- name: Execute a show command on a junos device.

 hosts: juniper

 gather_facts: no

 connection: local

 tasks:

   - name: Define the provider.

      set_fact:

       hostinfo:

         host: "{{ inventory_hostname }}"

         password: "{{ password }}"

          username: "{{ username }}"

    - name: Output the hostname.

     debug:

        var: hostvars[inventory_hostname]

   # I don't have a junos device handy so I can't test this, but. . .

   #- name: show command

   #  junos_command:

   #    provider: "{{ hostinfo }}"

   #    commands:

   #      - show version

   #  register: version

   #- name: Output the version.

   #  debug:

   #    var: version

   - name: Output the username and password from group_vars/juniper.

     debug:

       msg: "The username is {{ username }}. The password is '{{ password }}'."

...

Please excuse the odd indentation, the code macro in Google Groups doesn't seem to like yaml very much.

[duchess@cody:tmp] ansible-playbook playbook.yml

PLAY [Execute a show command on a junos device.] *******************************

TASK [Define the provider.] ****************************************************

ok: [localhost]

TASK [Output the hostname.] ****************************************************

ok: [localhost] => {

   "hostvars[inventory_hostname]": {

       "ansible_check_mode": false,

        "ansible_version": {

           "full": "2.1.2.0",

            "major": 2,

            "minor": 1,

            "revision": 2,

            "string": "2.1.2.0"

       },

        "group_names": [

           "juniper"

       ],

        "groups": {

           "all": [

               "localhost"

           ],

            "juniper": [

               "localhost"

           ],

            "ungrouped": []

       },

        "hostinfo": {

           "host": "localhost",

            "password": "This is not a good password.",

            "username": "admin"

       },

        "inventory_dir": "/etc/ansible",

        "inventory_file": "/etc/ansible/hosts",

        "inventory_hostname": "localhost",

        "inventory_hostname_short": "localhost",

        "omit": "__omit_place_holder__fe3ea0370d6ef7ffad66e4a8a81c05821adcfe79",

        "password": "This is not a good password.",

        "playbook_dir": "/private/tmp",

        "username": "admin"

   }

}

TASK [Output the username and password from group_vars/juniper.] ***************

ok: [localhost] => {

   "msg": "The username is admin. The password is 'This is not a good password.'."

}

PLAY RECAP *********************************************************************

localhost                  : ok=3    changed=0    unreachable=0    failed=0  

As you can see the username and password are now readily available.

I should like to suggest that you take some time to review the documentation on inventory and variables. 

Also, if you would be so kind as to review the community guidelines and follow them a bit more closely in the future I believe everyone would benefit. 

Good luck!

[Alexander H. Laughlin]

I almost forgot. . .

It's generally unsafe to store credentials in cleartext on your hard drive, so the documentation on the Ansible Vault may also be of some use to you.