Re: [ansible-project] Digest for ansible-project@googlegroups.com - 8 updates in 5 topics

[Jarett D. Chaiken]

Q,11

---

From: ansible...@googlegroups.com <ansible...@googlegroups.com>
Sent: Saturday, April 25, 2020 12:40:12 PM
To: Digest recipients <ansible...@googlegroups.com>
Subject: [ansible-project] Digest for ansible...@googlegroups.com - 8 updates in 5 topics

 

ansible...@googlegroups.com

Google Groups

Topic digest
View all topics

• Playbook that takes IP address of host machines and store these IPs - 1 Update
• [Errno 2] No such file or directory #2 - 2 Updates
• Upgrading 2960x - 2 Updates
• How to exclude the task from role - 2 Updates
• Check for existing ACI contract between 2 IPs using Ansbile - 1 Update

Playbook that takes IP address of host machines and store these IPs

Amir Khalili <khalili...@gmail.com>: Apr 25 04:47AM -0700 Hi,   Have you try that?   Thanks, Amir   On Friday, April 24, 2020 at 8:26:44 PM UTC+4:30, PMP wrote:

Back to top

[Errno 2] No such file or directory #2

Renato Marcandier <renato.m...@gmail.com>: Apr 25 01:59AM -0700 Hello,   I am trying to perform the following playbook:     --- # Deploy a BIG-IP in AWS   name: Deploy BIG-IP hosts: localhost gather_facts: false vars_files:   secrets.yaml tasks:   Get My IP Address name: Get public IP address uri: url: "http://checkip.amazonaws.com" return_content: yes register: myip Deploy BIG-IP in AWS name: Deploy a BIG-IP in AWS via CFT register: deploy_output cloudformation: stack_name: "{{ stack_name }}" state: present region: "{{ region }}" template_url: "{{ template_url }}" template_parameters: Vpc: "{{ vpc }}" subnet1Az1: "{{ subnet1Az1 }}" imageName: "{{ imageName }}" instanceType: "{{ instanceType }}" sshKey: "{{ sshKey }}" restrictedSrcAddress: "{{ myip.content | replace('\n', '') }}/32" restrictedSrcAddressApp: "{{ myip.content | replace('\n', '') }}/32" Wait for BIG-IP to be ready name: Wait for BIG-IP to be ready wait_for: host: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}" state: present Change the BIG-IP admin password name: Change BIG-IP admin password bigip_command: provider: server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" ssh_keyfile: "{{ ssh_keyfile }}" transport: cli user: "{{ f5_user }}" commands: modify auth user {{ f5_user }} password {{ f5_password }} Install Declarative Onboarding RPM NOTE: rpm binary must be located on host running playbook name: Retrieve DO Install Version find: paths: "{{ playbook_dir }}/files" patterns: "f5-decl*.rpm" register: dorpm   name: Install DO bigip_lx_package: package: "{{ dorpm.files[0].path }}" provider: server: "{{ deploy_output.stack_outputs.Bigip1subnet1Az1SelfEipAddress }}" server_port: "{{ deploy_output.stack_outputs.Bigip1Url | urlsplit('port')}}" transport: rest user: "{{ f5_user }}" password: "{{ f5_password }}" validate_certs: no   Push Declarative Onboarding declaration to BIG-IP name: Push DO declaration to BIG-IP uri: url: "{{ deploy_output.stack_outputs.Bigip1Url }}/mgmt/shared/declarative-onboarding" method: POST user: "{{ f5_user }}" password: "{{ f5_password }}" body: "{{ lookup('file', 'files/single_nic_do.json') }}" status_code: 202 timeout: 300 body_format: json validate_certs: no   debug: var: deploy_output.stack_outputs   I created the directory /files on my local laptop:   (myansible) ➜ Automation_Webinar git:(master) ll total 64 -rw-r--r-- 1 rengonca staff 105B 24 Apr 14:28 ansible.cfg drwxr-xr-x 3 rengonca staff 96B 24 Apr 14:28 app_inputs -rw-r--r-- 1 rengonca staff 506B 24 Apr 14:28 create_app.yaml -rw-r--r-- 1 rengonca staff 222B 24 Apr 14:28 delete_bigip.yaml -rw-r--r-- 1 rengonca staff 2.6K 25 Apr 00:47 deploy_bigip.yaml drwxr-xr-x 3 rengonca staff 96B 24 Apr 22:26 files drwxr-xr-x 3 rengonca staff 96B 25 Apr 00:03 group_vars -rw-r--r-- 1 rengonca staff 172B 24 Apr 16:11 hosts drwxr-xr-x 8 rengonca staff 256B 24 Apr 16:20 myansible -rw-r--r-- 1 rengonca staff 1.0K 24 Apr 14:28 node_mgmt.yaml -rw-r--r-- 1 rengonca staff 1.3K 24 Apr 14:28 push_config.yaml -rw------- 1 rengonca staff 484B 25 Apr 00:40 secrets.yaml drwxr-xr-x 4 rengonca staff 128B 24 Apr 14:28 templates (myansible) ➜ Automation_Webinar git:(master)   I downloaded the rpm file as well:   (myansible) ➜ Automation_Webinar git:(master) ✗ ls files f5-declarative-onboarding-1.12.0-1.noarch.rpm   However, I am facing the following problem:   TASK [Install DO] ********************************************************************************************************************************************************************************************************** fatal: [localhost]: FAILED! => {"changed": false, "cmd": "rpm -qp --queryformat '%{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}' /Users/rengonca/Documents/GitHub/Automation_Webinar/files/f5-declarative-onboarding-1.12.0-1.noarch.rpm", "msg": "[Errno 2] No such file or directory", "rc": 2}   PLAY RECAP ***************************************************************************************************************************************************************************************************************** localhost : ok=5 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0   Any idea what I should do to fix it?         repo: https://github.com/codygreen/Automation_Webinar/tree/master/code/1%20-%20Automating%20F5%20BIG-IP%20with%20Ansible   Regards RG

Dick Visser <dick....@geant.org>: Apr 25 12:07PM +0200 Hi   First of all your message shows unindented yaml, which means a lot of things can be wrong. Secondly it looks like this is just a verbatim copy of an existing deployment repository that happens to use Ansible: https://github.com/codygreen/Automation_Webinar/blob/master/code/1%20-%20Automating%20F5%20BIG-IP%20with%20Ansible/deploy_bigip.yaml It is probably more appropriate to seek help with the authors of that code (which you just have done: https://github.com/codygreen/Automation_Webinar/issues/2)   thx     On Sat, 25 Apr 2020 at 11:00, Renato Marcandier   -- Dick Visser Trust & Identity Service Operations Manager GÉANT

Back to top

Upgrading 2960x

kanor <ka...@conncoll.edu>: Apr 24 11:15AM -0700 I'm sure I'm missing something very simple but have been working on this for a few days. I'm really new to Ansible and would really appreciate any help.   I have AWX Ansible   My Playbook --- - hosts: all connection: network_cli gather_facts: no vars: ansible_network_os: ios ansible_command_timeout: 720 tasks: - name: Copy ios_command: commands: "copy tftp://xxx.xxx.xxx.xxx/c2960x-universalk9-mz.152-7.E0a.bin flash:" prompt: "c2960x-universalk9-mz.152-7.E0a.bin" answer: "\r" - name: Show results debug: msg= {{ results.stdout_lines }} My error. fatal: [10.xxx.xxx.xxx]: FAILED! => { 63 "ansible_facts": { 64 "discovered_interpreter_python": "/usr/bin/python" 65 }, 66 "changed": false, 67 "invocation": { 68 "module_args": { 69 "answer": "\r", 70 "commands": "copy tftp://xxx.xxx.xxx.xxx/c2960x-universalk9-mz.152-7.E0a.bin flash:", 71 "prompt": "c2960x-universalk9-mz.152-7.E0a.bin" 72 } 73 }, 74 "msg": "Unsupported parameters for (ios_command) module: answer, prompt Supported parameters include: auth_pass, authorize, commands, host, interval, match, password, port, provider, retries, ssh_keyfile, timeout, username, wait_for" 75 } 76

Dick Visser <dick....@geant.org>: Apr 25 02:00AM +0200 Hi Although this list isn't for AWX, it's easy to spot the error because it literally says at the end what is wrong. The commands parameter expects a list. See the last example on https://docs.ansible.com/ansible/latest/modules/ios_command_module.html#examples         -- Sent from a mobile device - please excuse the brevity, spelling and punctuation.

Back to top

How to exclude the task from role

Suresh Karpurapu <karpurap...@gmail.com>: Apr 24 11:34AM -0700 Hi Team,   I have the role which has 10 tasks. I would like to exclude 1 task out of 10 as the task already executed in previous play.. Is there anyway to do   --- - name: Required Checks for the migration hosts: localhost gather_facts: no become: yes tasks: - include_role: name: validation tasks_from: sshcheck - name: check ssh connectivity hosts: sshgroup gather_facts: no become: yes any_errors_fatal: false tasks: - name: Checking SSH connectivity wait_for: host: "{{ inventory_hostname }}" port: 22 - name: stale and mount permissions check hosts: localhost gather_facts: no become: yes roles: - { name: validation, sshcheck: false } ...   Regards, Suresh

Dick Visser <dick....@geant.org>: Apr 25 01:50AM +0200 Use tags   On Fri, 24 Apr 2020 at 20:34, Suresh Karpurapu <karpurap...@gmail.com> wrote:     -- Sent from a mobile device - please excuse the brevity, spelling and punctuation.

Back to top

Check for existing ACI contract between 2 IPs using Ansbile

Claudia de Luna <del...@gmail.com>: Apr 24 02:01PM -0700 Hi Dave,   In ACI you would typically do this check at the EPG level (as contracts are between EPGs).   Assuming that would help you (but that depends entirely on your design), There are a couple of approaches I can think of: - Query the EPGs - Query the Contract objects (more parsing)   Query the two EPGs in question and extract out the provided and consumed contracts.   For that I would use something like below. I set the Tenant, AP, and the two EPGs I want to check as variables and then use the aci_rest module to query each of those EPGs.     vars:   # These variables should be updated for the EPGs to pull and their corresponding tenant and anps. epgs: - Web - DB tenant: Heroes anp: Power_Up   query_path: "/api/node/mo/uni/tn-{{ tenant }}/ap-{{ anp }}/epg-<EPG VALUE>.json?query-target=children" method: 'get'       tasks: - name: "Execute REST Call Action: {{ method | upper }} Query: {{ query_path }} " aci_rest: host: "{{ aci_host }}" username: "{{ aci_user }}" password: "{{ aci_pwd }}" validate_certs: no method: "{{ method }}" path: "/api/node/mo/uni/tn-{{ tenant }}/ap-{{ anp }}/epg-{{ item }}.json?query-target=children" delegate_to: localhost with_items: "{{ epgs }}" register: query_result   - name: Display RAW APIC Results debug: var: query_result         You will get back structured data that will allow you to pick out what you want.   If this is new to you take a look at the post below. https://gratuitous-arp.net/decomposing-complex-json-data-structures/   There is also an ACI module that will allow you to check (query) this relationship. Thats probably the most important part of this, understanding the object relationships.   aci_epg_to_contract – Bind EPGs to Contracts (fv:RsCons, fv:RsProv)   Either way you will need to process the data as you need to.   I put together a simple playbook that shows you both approaches. Its set up to run agains the DevNet always on APIC Sandbox and its looking for specific Tenants, ANPs, and EPGs so you may need to change those accordingly.   https://github.com/cldeluna/cisco_aci/blob/master/aci_rest_epg.yml   There is probably a much easier way to do this and I'm hoping those in this community will show me the error of my ways!   Good luck!   Claudia         On Wednesday, April 22, 2020 at 10:33:59 AM UTC-7, Dave Zarei wrote:

Back to top

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page. To unsubscribe from this group and stop receiving emails from it send an email to ansible-proje...@googlegroups.com.