Problem with groups in inventory

[Chris Barlock]

I posted this yesterday, but have yet to see it show up in the forum:

I have the following in one of my playbooks:

- name: "Copy SSH keys"

  command: sshpass -f ~/temp.pass ssh-copy-id -i ~/.ssh/id_rsa.pub {{ ansible_user }}@{{ item }}

  with_flattened: 

    - groups.worker 

    - groups.proxy 

  when: item not in groups.master

with this inventory file:

[master]

9.42.23.241 kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%", "--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'

[worker]

9.42.23.147

[proxy]

9.42.23.241 kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%", "--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'

[management]

9.42.23.241 kubelet_extra_args='["--eviction-hard=memory.available<100Mi,nodefs.available<2Gi,nodefs.inodesFree<5%", "--image-gc-high-threshold=100%", "--image-gc-low-threshold=100%"]'

This works fine when I run on an Ubuntu 16.04 system, but when I run on RHEL 7.4, I get:

failed: [9.42.23.241] (item=groups.worker) => {"changed": true, "cmd": ["sshpass", "-f", "~/temp.pass", "ssh-copy-id", "-i", "~/.ssh/id_rsa.pub", "ro...@groups.worker"], "delta": "0:00:00.128010", "end": "2018-01-11 12:55:19.491284", "failed": true, "item": "groups.worker", "msg": "non-zero return code", "rc": 1, "start": "2018-01-11 12:55:19.363274", "stderr": "/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: \"/root/.ssh/id_rsa.pub\"\n/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n\n/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname groups.worker: Name or service not known", "stderr_lines": ["/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: \"/root/.ssh/id_rsa.pub\"", "/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed", "", "/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname groups.worker: Name or service not known"], "stdout": "", "stdout_lines": []}

failed: [9.42.23.241] (item=groups.proxy) => {"changed": true, "cmd": ["sshpass", "-f", "~/temp.pass", "ssh-copy-id", "-i", "~/.ssh/id_rsa.pub", "ro...@groups.proxy"], "delta": "0:00:00.122724", "end": "2018-01-11 12:55:19.942384", "failed": true, "item": "groups.proxy", "msg": "non-zero return code", "rc": 1, "start": "2018-01-11 12:55:19.819660", "stderr": "/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: \"/root/.ssh/id_rsa.pub\"\n/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n\n/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname groups.proxy: Name or service not known", "stderr_lines": ["/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: \"/root/.ssh/id_rsa.pub\"", "/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed", "", "/usr/bin/ssh-copy-id: ERROR: ssh: Could not resolve hostname groups.proxy: Name or service not known"], "stdout": "", "stdout_lines": []}

to retry, use: --limit @/root/ansible/deploy.retry

As you can see, groups.workers and groups.proxy are taken as literal strings and are the IP addresses are not substituted.  Should I be doing this another way?

[Kai Stian Olstad]

On Thursday, 11 January 2018 18.59.27 CET Chris Barlock wrote:
> I have the following in one of my playbooks:
>
> - name: "Copy SSH keys"
> command: sshpass -f ~/temp.pass ssh-copy-id -i ~/.ssh/id_rsa.pub {{ ansible_user }}@{{ item }}
> with_flattened:
> - groups.worker
> - groups.proxy
> when: item not in groups.master
>

<snip />

>
> As you can see, groups.workers and groups.proxy are taken as literal
> strings and are the IP addresses are not substituted. Should I be doing
> this another way?

Yes, if you want to use variables you need to enclose them in {{ }}
- '{{ groups.worker }}'
- '{{ groups.proxy }}'


--
Kai Stian Olstad

[Chris Barlock]

Thank you!  That worked.  Tricker syntax because you need the braces in the with_flattened element, but not in the when element.

Chris

[Chris Barlock]

Tricky that is!

[Kai Stian Olstad]

On Friday, 12 January 2018 18.12.54 CET Chris Barlock wrote:
> Thank you! That worked. Tricker syntax because you need the braces in the
> with_flattened element, but not in the when element.

It easy to remember, only place you can't use them is in when, every other places the brackets is mandatory.

--
Kai Stian Olstad

[Chris Barlock]

Thank you!  Really odd, though, that it worked on Ubuntu without the braces, but failed on RedHat.

[chaitanya p]

😎

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/cb559170-5f08-42a5-ade6-01fe542ce51c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Kai Stian Olstad]

On Saturday, 13 January 2018 01.42.38 CET Chris Barlock wrote:
> Thank you! Really odd, though, that it worked on Ubuntu without the

> braces, but failed on RedHat.

You probably have an older version of Ansible on the Ubuntu machine since the older version do allow using variables without the brackets.

--
Kai Stian Olstad

[Chris Barlock]

Makes sense, thanks!