Reading data from a file?
26 views
Skip to first unread message
jimbob...@gmail.com
Aug 21, 2014, 7:22:12 AM8/21/14
to ansible...@googlegroups.com
Hi.
I'm quite new to ansible.
I have an iptables module that takes an array of ip addresses and generates iptables rules using a template. It works well. It's called like this:
- { role: iptables, whitelisted_ips: [
'1.1.1.1', # dave
'2.2.2.2', # dave
'3.3.3.3', # dave
'4.4.4.4', # malcolm
'5.5.5.5', # edna
] }
As you can see, Dave has a lot of ip addresses. I'd like to call it like this instead:
- { role: iptables, whitelisted_ips: [ 'dave', 'malcolm', 'edna', ] }
But I don't know where to start. How can I do this?
Hope someone can help.
I'm quite new to ansible.
I have an iptables module that takes an array of ip addresses and generates iptables rules using a template. It works well. It's called like this:
- { role: iptables, whitelisted_ips: [
'1.1.1.1', # dave
'2.2.2.2', # dave
'3.3.3.3', # dave
'4.4.4.4', # malcolm
'5.5.5.5', # edna
] }
As you can see, Dave has a lot of ip addresses. I'd like to call it like this instead:
- { role: iptables, whitelisted_ips: [ 'dave', 'malcolm', 'edna', ] }
But I don't know where to start. How can I do this?
Hope someone can help.
Henry Finucane
Aug 21, 2014, 10:58:56 PM8/21/14
to ansible...@googlegroups.com
If you want to reference a previous variable, it's going to have to be
a scalar, and you have to do something like this:
whitelisted_ips: [ "{{dave}}", "{{malcolm}}" ...
The way I've been doing things like this is setting up a dict for the
environment or group like this:
whitelisted_ips:
dave:
- 1.1.1.1
- 2.2.2.2
malcolm:
- 4.4.4.4
edna:
- 5.5.5.5
And then calling roles like this:
- role: iptables
I like it because if you want to know what the settings are for a
group, you look at the group vars, or the environment, the environment
vars, instead of having it in the playbook, which is sort of the wrong
layer. I also have separate dicts for administrative concerns-
everything in the environment is going to be the same, there- and
services, where each group is liable to be different.
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2d858fa3-4099-42f8-9524-4468b5332c6b%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
-----------------------
| Henry Finucane
| "I hear aphorisms are popular"
-----------------------
a scalar, and you have to do something like this:
whitelisted_ips: [ "{{dave}}", "{{malcolm}}" ...
The way I've been doing things like this is setting up a dict for the
environment or group like this:
whitelisted_ips:
dave:
- 1.1.1.1
- 2.2.2.2
malcolm:
- 4.4.4.4
edna:
- 5.5.5.5
And then calling roles like this:
- role: iptables
I like it because if you want to know what the settings are for a
group, you look at the group vars, or the environment, the environment
vars, instead of having it in the playbook, which is sort of the wrong
layer. I also have separate dicts for administrative concerns-
everything in the environment is going to be the same, there- and
services, where each group is liable to be different.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/2d858fa3-4099-42f8-9524-4468b5332c6b%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
-----------------------
| Henry Finucane
| "I hear aphorisms are popular"
-----------------------
Reply all
Reply to author
Forward
0 new messages