register variable can't be used in shell module?

liyo...@126.com

unread,

Jan 19, 2021, 11:26:25 PM1/19/21

to Ansible Project

when I edit a playbook test.yml:

---

- hosts: master

gather_facts: no

tasks:

- name: register hash

shell: "openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^ .* //'|cut -d' ' -f 2"

register: kubeadm_hash

when: inventory_hostname == groups['master']|first

- name: display hash

debug: msg="{{kubeadm_hash.stdout}}"

when: inventory_hostname == groups['master']|first

- name: register token

shell: kubeadm token list |grep forever|awk '{print $1}'

register: kubeadm_token

when: inventory_hostname == groups['master']|first

- name: display token

debug: msg="{{kubeadm_token.stdout}}"

when: inventory_hostname == groups['master']|first

- name: add master node

shell: "kubeadm join {{ groups['master'][0] }}:6443 --token {{kubeadm_token.stdout}} --discovery-token-ca-cert-hash sha256:{{kubeadm_hash.stdout}} --control-plane"

when: inventory_hostname != groups['master']|first

the results is below:

PLAY [master] ***************************************************************************************************************************************************************

TASK [register hash] ********************************************************************************************************************************************************

skipping: [47.108.234.26]

skipping: [47.108.213.148]

changed: [47.108.222.84]

TASK [display hash] *********************************************************************************************************************************************************

ok: [47.108.222.84] => {

"msg": "af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c"

}

skipping: [47.108.213.148]

skipping: [47.108.234.26]

TASK [register token] *******************************************************************************************************************************************************

skipping: [47.108.234.26]

skipping: [47.108.213.148]

changed: [47.108.222.84]

TASK [display token] ********************************************************************************************************************************************************

ok: [47.108.222.84] => {

"msg": "otnb1h.cvagwwe7tgdvzbtx"

}

skipping: [47.108.234.26]

skipping: [47.108.213.148]

TASK [add master node] ******************************************************************************************************************************************************

skipping: [47.108.222.84]

fatal: [47.108.234.26]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to be in '/root/test.yml': line 23, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: add master node\n ^ here\n"}

fatal: [47.108.213.148]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to be in '/root/test.yml': line 23, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: add master node\n ^ here\n"}

PLAY RECAP ******************************************************************************************************************************************************************

47.108.213.148 : ok=0 changed=0 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0

47.108.222.84 : ok=4 changed=2 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0

47.108.234.26 : ok=0 changed=0 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0

how to use it ?

Dick Visser

unread,

Jan 20, 2021, 1:31:36 AM1/20/21

to ansible...@googlegroups.com

Hii

You're registering a variable for one host (47.108.222.84) but then try to use it for another (47.108.213.148).

I'm have no experience with kubeadm but I think your logic wrt host selection should be improved, so that you can reliably pick the variable from a stable group name, instead of "the last item".

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/21ca354e-a0ed-4d10-9d01-8f48f170d22cn%40googlegroups.com.

--

Sent from a mobile device - please excuse the brevity, spelling and punctuation.

liyo...@126.com

unread,

Jan 20, 2021, 2:17:31 AM1/20/21

to Ansible Project

I know，but I want get the token in A host，use it in other hosts，how to do it ?

Dick Visser

unread,

Jan 20, 2021, 2:21:13 AM1/20/21

to ansible...@googlegroups.com

You could register the variable to a dummy host. It's a bit of a hack imho but it does work.

https://stackoverflow.com/questions/33896847/how-do-i-set-register-a-variable-to-persist-between-plays-in-ansible

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com.

Jean-Yves LENHOF

unread,

Jan 20, 2021, 2:34:43 AM1/20/21

to ansible...@googlegroups.com

You're looking for something like this I think (not tested) :

- name: add master node

shell: "kubeadm join {{ groups['master']|first }}:6443 --token {{hostvars['master']['kubeadm_token'].stdout}} --discovery-token-ca-cert-hash sha256:{{hostvars['master']['kubeadm_hash'].stdout}} --control-plane"

when: inventory_hostname != groups['master']|first

Please be careful using special hostvars variable, there's no control in this array if the variable exist, etc... so use with caution

Regards,

JYL

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/647f4749-f97f-4522-a368-c95a25878790n%40googlegroups.com.

Jean-Yves LENHOF

unread,

Jan 20, 2021, 2:47:31 AM1/20/21

to ansible...@googlegroups.com

I'm wrong.... it's not hostvars['master'], because master is not the name of your first host in group master

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/1ed8d8ac-3d8b-29cd-576b-a26fecb91ed7%40lenhof.eu.org.

liyo...@126.com

unread,

Jan 20, 2021, 2:53:15 AM1/20/21

to Ansible Project

yes,I want only get one host in member of group ‘master’，how to write it ?

[root@localhost ~]# cat /etc/ansible/hosts

[master]

47.108.222.84

47.108.234.26

47.108.213.148

only use "47.108.222.84" to do shell command

liyo...@126.com

unread,

Jan 20, 2021, 2:59:54 AM1/20/21

to Ansible Project

I just try to use set_fact，but only one one host: 47.108.234.26 get the token value,the other master node : 47.108.213.148 dont get it

---

- hosts: master

gather_facts: no

tasks:

- name: register hash

shell: "openssl x509 -in /etc/kubernetes/pki/ca.crt -noout -pubkey | openssl rsa -pubin -outform DER 2>/dev/null | sha256sum | cut -d' ' -f1"

register: kubeadm_hash

#when: inventory_hostname == groups['master']|first

- name: register token

shell: kubeadm token list |grep forever|awk '{print $1}'

register: kubeadm_token

#when: inventory_hostname == groups['master']|first

- name: Set facts

set_fact:

new_token: "{{kubeadm_token.stdout}}"

new_hash: "{{kubeadm_hash.stdout}}"

- name: add master node

shell: kubeadm join --control-plane {{ groups['master'][0] }}:6443 --token {{ new_token }} --discovery-token-ca-cert-hash sha256:{{ new_hash }}

when: inventory_hostname != groups['master']|first

the results is :

TASK [add master node] ******************************************************************************************************************************************************

skipping: [47.108.222.84]

fatal: [47.108.213.148]: FAILED! => {"changed": true, "cmd": "kubeadm join --control-plane 47.108.222.84:6443 --token --discovery-token-ca-cert-hash sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c", "delta": "0:00:00.046088", "end": "2021-01-20 15:45:04.843444", "msg": "non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.797356", "stderr": "accepts at most 1 arg(s), received 2\nTo see the stack trace of this error execute with --v=5 or higher", "stderr_lines": ["accepts at most 1 arg(s), received 2", "To see the stack trace of this error execute with --v=5 or higher"], "stdout": "", "stdout_lines": []}

fatal: [47.108.234.26]: FAILED! => {"changed": true, "cmd": "kubeadm join --control-plane 47.108.222.84:6443 --token otnb1h.cvagwwe7tgdvzbtx --discovery-token-ca-cert-hash sha256:af040f8e06e320e264a79f62b677b3267f4b681d869408658bdd121fa568216c", "delta": "0:00:00.332618", "end": "2021-01-20 15:45:05.120137", "msg": "non-zero return code", "rc": 1, "start": "2021-01-20 15:45:04.787519", "stderr": "\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/\nerror execution phase preflight: [preflight] Some fatal errors occurred:\n\t[ERROR DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty\n\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists\n\t[ERROR Port-10250]: Port 10250 is in use\n[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`\nTo see the stack trace of this error execute with --v=5 or higher", "stderr_lines": ["\t[WARNING IsDockerSystemdCheck]: detected \"cgroupfs\" as the Docker cgroup driver. The recommended driver is \"systemd\". Please follow the guide at https://kubernetes.io/docs/setup/cri/", "error execution phase preflight: [preflight] Some fatal errors occurred:", "\t[ERROR DirAvailable--etc-kubernetes-manifests]: /etc/kubernetes/manifests is not empty", "\t[ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists", "\t[ERROR Port-10250]: Port 10250 is in use", "[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`", "To see the stack trace of this error execute with --v=5 or higher"], "stdout": "[preflight] Running pre-flight checks", "stdout_lines": ["[preflight] Running pre-flight checks"]}

Jean-Yves LENHOF

unread,

Jan 20, 2021, 3:03:16 AM1/20/21

to ansible...@googlegroups.com

You could try something

hostvars[groups['master']|first] instead of hostvars['master'] in my proposition to see it that works...not sure

Use a debug module could help

Regards,

JYL

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/98e9e1c7-51dc-4e79-9128-c47370b1a665n%40googlegroups.com.

liyo...@126.com

unread,

Jan 20, 2021, 3:21:04 AM1/20/21

to Ansible Project

thanks,I try it :

shell: kubeadm join --control-plane {{ groups['master'][0] }}:6443 --token {{ hostvars[groups['master']|first]['kubeadm_token'].stdout }} --discovery-token-ca-cert-hash sha256:{{ hostvars[groups['master']|first]['kubeadm_hash'].stdout }}

but the ansible-playbook command is seizing

liyo...@126.com

unread,

Jan 20, 2021, 3:32:54 AM1/20/21

to Ansible Project

it works，thanks very mush

Reply all

Reply to author

Forward