Cannot get with_Items working with ec2group
427 views
Skip to first unread message
Chuzzy
Aug 4, 2014, 2:45:11 PM8/4/14
to ansible...@googlegroups.com
Ansible 1.7
Basically, this is failing repeatedly .. and I guess its down to confusion around the correct scope to apply the with_items keyword ..
I have something like this ..
- name: Create security group
ec2_group:
name: "some-name"
description: "some description"
vpc_id: "vpc-blahblah"
region: "eu-north-4"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ item }}"
with_items:
- addr1/32
- addr2/32
- etc/32In the above scope of usage, ansible is not able to see the variable .. it's exactly the same below when the with_items is nested in-line with and the following also does not work ..
- name: Create security group
ec2_group:
name: "some-name"
description: "some description"
vpc_id: "vpc-blahblah"
region: "eu-north-4"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ item }}"
with_items:
- addr1/32
- addr2/32
- etc/32The only variant that works is when it's aligned with the ec2group line (see immediately below) .. but it does not iterate and create several security groups .. it iteratively, replaces a single entry with the latest value in the loop ..
- name: Create security group
ec2_group:
name: "some-name"
description: "some description"
vpc_id: "vpc-blahblah"
region: "eu-north-4"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ item }}"
with_items:
- addr1/32
- addr2/32
- etc/32I have looked at the docs for both ec2group and with_items, and it's not obvious how this is supposed to be used .. I suspect I may be making some basic mistake/omission .. Any suggestions? thanks in advance.
Michael DeHaan
Aug 4, 2014, 4:22:08 PM8/4/14
to ansible...@googlegroups.com
You have an indentation error here for starters:
- name: Create security group
ec2_group:
name: "some-name"
description: "some description"
vpc_id: "vpc-blahblah"
region: "eu-north-4"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ item }}"
with_items:
- addr1/32
- addr2/32
- etc/32
ec2_group:
name: "some-name"
description: "some description"
vpc_id: "vpc-blahblah"
region: "eu-north-4"
rules:
- proto: tcp
from_port: 443
to_port: 443
cidr_ip: "{{ item }}"
with_items:
- addr1/32
- addr2/32
- etc/32
with_items should be at the same level as "ec2_group".
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/abab1cf3-c1f6-4966-bad4-2520239c729d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Chuzzy
Aug 4, 2014, 6:42:32 PM8/4/14
to ansible...@googlegroups.com
And yes, I have seen that's the only way it works ,, I do ponder what I have to do to have it create a security group per item element(s) .. or is this an incorrect usage?
Thanks again ..
Tomasz Kontusz
Aug 5, 2014, 1:42:27 AM8/5/14
to ansible...@googlegroups.com
Try to give the groups different names.
You can use:
with_items:
- ip: addr1/32
name: group1
And then access that data with {{ item.ip }} and {{ item.name }}.
You can use:
with_items:
- ip: addr1/32
name: group1
And then access that data with {{ item.ip }} and {{ item.name }}.
Chuzzy <chuxu...@gmail.com> napisał:
--
Wysłane za pomocą K-9 Mail.
Chuzzy
Aug 5, 2014, 5:32:33 AM8/5/14
to ansible...@googlegroups.com
But this will result in my creating a huge number of security groups .. the intention is to create a list of rules for a security group ..
the ideal solution would be to have the loop work on a 'rule' level .. and not at the SG level, so that each iteration points to a new rule instead of a new SG ..
Without such a change, using with_items or any other loop for managing rules is not really useful ..
Michael DeHaan
Aug 5, 2014, 12:20:53 PM8/5/14
to ansible...@googlegroups.com
You may wish to just define the list as a variable and do
attribute: "{{ listvar }}"
To plug in the list from your variable file
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/38fbc55c-5429-49cc-b607-768059a5370c%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages