Problem With Simple Template
76 views
Skip to first unread message
Jon Forrest
Nov 22, 2016, 12:42:26 AM11/22/16
to Ansible Project
(This might appear twice, sorry).
(Ansible 2.2 - Mac OS 12.1)
I'm having trouble with a template I'm trying to create. So, I cut
it down to a bare minimum.
Consider the following:
jon.yml
---------------------------------
---
- name: big test
hosts: all
gather_facts: no
tasks:
- debug: var=inventory_hostname
- name: test for jon
template: src=templates/jon.j2 dest=jon.conf
-----------------------------------
jon.inv
-----------------------------------
[datacenter]
host1.example.com
host2.example.com
[ntpservers-datacenter]
host1.example.com
------------------------------------
templates/jon.j2
------------------------------------
{% for backend in groups['ntpservers-datacenter'] %}
server {{ 'ansible_hostname' }} {{ backend }}
{% endfor %}
------------------------------------
When running
ansible-playbook jon.yml -i jon.inv
I was expecting jon.conf to end up with something like
server host1.example.com host1.example.com
server host1.example.com host2.example.com
server host2.example.com host1.example.com
server host2.example.com host2.example.com
Instead, I get the correct debug output, and then
fatal: [host1.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname host1.example.com: nodename nor servname provided, or not known\r\n", "unreachable": true}
fatal: [host2.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname host2.example.com: nodename nor servname provided, or not known\r\n", "unreachable": true}
This surprised me because I'm not trying to actually connect to
anything. I'm just trying to create jon.conf which doesn't get created
in this case.
What am I doing wrong? Any other advice for debugging template problems like this?
What I'm really trying to do is to go through my inventory and see if
each host is in a specific group. If it is, I want to a specific set
of configuration commands to a file. If not, I want to write a different
specific set of configuration commands to the file. This is to create
one ntp.conf file for hosts that are ntp servers, and another for hosts
that are ntp clients.
Any suggestions would be appreciated.
Cordially
Jon Forrest
nob...@gmail.com
(Ansible 2.2 - Mac OS 12.1)
I'm having trouble with a template I'm trying to create. So, I cut
it down to a bare minimum.
Consider the following:
jon.yml
---------------------------------
---
- name: big test
hosts: all
gather_facts: no
tasks:
- debug: var=inventory_hostname
- name: test for jon
template: src=templates/jon.j2 dest=jon.conf
-----------------------------------
jon.inv
-----------------------------------
[datacenter]
host1.example.com
host2.example.com
[ntpservers-datacenter]
host1.example.com
------------------------------------
templates/jon.j2
------------------------------------
{% for backend in groups['ntpservers-datacenter'] %}
server {{ 'ansible_hostname' }} {{ backend }}
{% endfor %}
------------------------------------
When running
ansible-playbook jon.yml -i jon.inv
I was expecting jon.conf to end up with something like
server host1.example.com host1.example.com
server host1.example.com host2.example.com
server host2.example.com host1.example.com
server host2.example.com host2.example.com
Instead, I get the correct debug output, and then
fatal: [host1.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname host1.example.com: nodename nor servname provided, or not known\r\n", "unreachable": true}
fatal: [host2.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: Could not resolve hostname host2.example.com: nodename nor servname provided, or not known\r\n", "unreachable": true}
This surprised me because I'm not trying to actually connect to
anything. I'm just trying to create jon.conf which doesn't get created
in this case.
What am I doing wrong? Any other advice for debugging template problems like this?
What I'm really trying to do is to go through my inventory and see if
each host is in a specific group. If it is, I want to a specific set
of configuration commands to a file. If not, I want to write a different
specific set of configuration commands to the file. This is to create
one ntp.conf file for hosts that are ntp servers, and another for hosts
that are ntp clients.
Any suggestions would be appreciated.
Cordially
Jon Forrest
nob...@gmail.com
Jon Forrest
Nov 22, 2016, 12:58:31 AM11/22/16
to Ansible Project
As a follow up, I realize that I made a couple of mistakes in my
original posting. Unfortunately, fixing these mistakes didn't change
the results.
templates/jon.j2 is now
{% for backend in groups['ntpservers_datacenter'] %}
server {{ inventory_hostname }} {{ backend }}
{% endfor %}
and jon.inv is now
[datacenter]
host1.example.com
host2.example.com
[ntpservers_datacenter]
host1.example.com
Jon
original posting. Unfortunately, fixing these mistakes didn't change
the results.
templates/jon.j2 is now
{% for backend in groups['ntpservers_datacenter'] %}
server {{ inventory_hostname }} {{ backend }}
{% endfor %}
and jon.inv is now
[datacenter]
host1.example.com
host2.example.com
[ntpservers_datacenter]
host1.example.com
Jon
Dick Davies
Nov 22, 2016, 3:15:10 AM11/22/16
to ansible list
That playbook tells ansible to create the template on the 'all' group
i.e. everything in the inventory.
That's what it's trying to do.
for your use case, just make 2 roles: ntp_server and ntp_client, and
apply them to groups as
required.
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f1c58feb-528a-4c6d-884b-3f3095a63a4e%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
i.e. everything in the inventory.
That's what it's trying to do.
for your use case, just make 2 roles: ntp_server and ntp_client, and
apply them to groups as
required.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/f1c58feb-528a-4c6d-884b-3f3095a63a4e%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
Jon Forrest
Nov 22, 2016, 9:58:55 AM11/22/16
to ansible...@googlegroups.com
On 11/22/16 12:14 AM, Dick Davies wrote:
> That playbook tells ansible to create the template on the 'all' group
> i.e. everything in the inventory.
>
> That's what it's trying to do.
right! I had stupidly been thinking that this would happen on
the control machine. Maximum mea culpa. Changing 'all' to
'localhost' fixes the problem and lets me test the template.
This was driving me crazy.
> for your use case, just make 2 roles: ntp_server and ntp_client, and
> apply them to groups as required.
recognize which role to apply to a host. I think my basic
idea is sound. All I have to do is avoid making more stupid
mistakes.
Thank you *very* much!
Jon Forrest
Dick Davies
Nov 22, 2016, 3:20:46 PM11/22/16
to ansible list
On the 'how do i apply roles to specific hosts, I'd go for a full
ntp_server role and an ntp_client role.
Then your site.yml looks like
--------------8<---------------
- hosts: ntpservers
roles:
- ntp_server
- hosts: servers
roles:
- ntp_client
- presumably_something_useful
--------------8<------------------
if you want to avoid hardcoding a group into the ntp_client roles
templates, you can pass in a group
name using 'parameterised roles' - though TBH that might be overkill.
the folder layout is then something like (for completeness)
.
├── hosts
├── roles
│ ├── ntp_client
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ └── etc
│ │ └── ntp.conf.j2
│ └── ntp_server
│ ├── tasks
│ │ └── main.yml
│ └── templates
│ └── etc
│ └── ntp.conf.j2
└── site.yml
ntp_server role and an ntp_client role.
Then your site.yml looks like
--------------8<---------------
- hosts: ntpservers
roles:
- ntp_server
- hosts: servers
roles:
- ntp_client
- presumably_something_useful
--------------8<------------------
if you want to avoid hardcoding a group into the ntp_client roles
templates, you can pass in a group
name using 'parameterised roles' - though TBH that might be overkill.
the folder layout is then something like (for completeness)
.
├── hosts
├── roles
│ ├── ntp_client
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ └── etc
│ │ └── ntp.conf.j2
│ └── ntp_server
│ ├── tasks
│ │ └── main.yml
│ └── templates
│ └── etc
│ └── ntp.conf.j2
└── site.yml
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8d610703-3c86-0c33-0f22-da2e9ed7e86d%40gmail.com.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
Jon Forrest
Nov 22, 2016, 4:27:15 PM11/22/16
to ansible...@googlegroups.com
On 11/22/16 12:20 PM, Dick Davies wrote:
> On the 'how do i apply roles to specific hosts, I'd go for a full
> ntp_server role and an ntp_client role.
> Then your site.yml looks like
[...]
I wish our environment were that simple. However, here at the
day job we have >3 separate "silos", each of which will be running
its own time server pool, which the clients in the silo will
connect to.
So, with the guidance you gave me, I came up with the following
structure I'm using in a Vagrant-created test environment to
illustrate my idea:
-------
... general stuff for all hosts
{% if inventory_hostname in groups['ntp-servers'] %}
# Servers to sync with.
{% for host in groups['ntp-servers'] %}
pool {{ host }}
{% endfor %}
# Servers to get time from
server 0.ubuntu.pool.ntp.org iburst
server 1.ubuntu.pool.ntp.org iburst
server 2.ubuntu.pool.ntp.org iburst
server 3.ubuntu.pool.ntp.org iburst
# Use Ubuntu's ntp server as a fallback.
server ntp.ubuntu.com iburst
{%elif inventory_hostname in groups['ntp-clients'] %}
# Servers to get time from.
{% for host in groups['ntp-servers'] %}
server {{ host }} iburst
{% endfor %}
{% endif %}
... more general stuff
------
I'll have to replicate this for each of our silos, replacing
'ntp-servers' and 'ntp-clients' with the appropriate group names
(and defining the groups properly).
I'm not completely satisfied with this approach, because it requires
too much replication. It might be possible to add an outer loop that
iterates over the silo names.
But I'm way farther along than I was yesterday.
Thanks!
Jon
Reply all
Reply to author
Forward
0 new messages