Concatenate strings using with_items and assign to a variable in Ansible

2,305 views
Skip to first unread message

charan....@zemosolabs.com

unread,
Mar 20, 2017, 11:02:39 AM3/20/17
to Ansible Project

I need to save two 2 IPs to a variable in a vars_file when launching ec2_instances, which are used later during deployment.


This is how I am saving a single server ip:


- name: Save server public IP to vars file
  lineinfile: line="server_public_ip{{':'}} {{ item.public_ip }}"
              dest="{{ansible_env.HOME}}/dynamic_ips_{{ec2_environment}}"
  with_items: server.instances  #server is registered in previous task


The output I have in dynamic_ips file is server_public_ip: xxx.xxx.xx.x


Now I have 2 servers launched and registered as servers.


I need to save this as server_public_ips: xxx.xx.x.xx , xxx.x.xx.x


I tried to declare an empty string and append ips to it, something like this, but I am getting errors.


set_fact:
   ips: ""
set_fact:
   ips: " {{ ips }} + {{ item.public_ip}} "
with_items: servers.instances  #servers is registered in previous task
lineinfile: line="server_public_ips{{':'}} {{ ips }}"
            dest="{{ansible_env.HOME}}/dynamic_ips_{{ec2_environment}}"


I think it can be done using lineinfile insertafter and regex.


Finally, I need this to do this in a different server,


- name: Restrict access to outside world
  command: iptables INPUT {{ item }} ACCEPT
  with_items: {{ server_public_ips }}.split(,) #grant access for each ip 
  command: iptables INPUT DROP

Harsh Agarwal

unread,
Apr 20, 2020, 8:12:49 PM4/20/20
to Ansible Project
why dont you..concatenate strings to a list and then join the list instead to make the string?

Dick Visser

unread,
Apr 21, 2020, 12:40:14 AM4/21/20
to ansible...@googlegroups.com
Few things come to mind when looking at your code

1. Why are you using iptables? Security groups would take away a lot of problems especially the dynamics that you seem to working around with iptables. 

2. If you need to restrict access between ec2 instances, why do you use public interfaces for communication? 

If you let us know what high level goal you are trying to achieve with your playbook? There might be better/easier ways to achieve it.

Dick

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/409799bb-9288-4c2d-b484-801dad1f4c0c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Sent from a mobile device - please excuse the brevity, spelling and punctuation.
Reply all
Reply to author
Forward
0 new messages