Ansible and GCP Using facts GCP filestore module - amazon-web-services

EDIT: I can use gcloud but cannot see how to get ip in var.
gcloud filestore instances describe nfsxxxd --project=dxxxxt-2xxx --zone=xxxx-xx-b --format='get(networks.ipAddresses)'
['1xx.x.x.1']
I'am tring to create filestore and mount it in instance.
I facing an issue when trying to get ipadress of this new filestore.
I'am using ansible module and I can see output when using -v in ansible command.
Ansible module filestore:
- name: get info on an instance
gcp_filestore_instance_info:
zone: xxxxx-xxxx-b
project: dxxxxx-xxxxxx
auth_kind: serviceaccount
service_account_file: "/root/dxxxt-xxxxxxx.json"
Ansible output:
ok: [xxxxxx-xxxxxx] => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python3"}, "changed": false, "resources": [{"createTime": "2021-03-12T13:40:36.438598373Z", "fileShares": [{"capacityGb": "1024", "name": "nfxxxxx"}], "name": "projects/xxx-xxxxx/locations/xxxxxxx-b/instances/xxxxx-xxx", "networks": [{"ipAddresses": ["1xx.x.x.x"], "modes": ["MODE_IPV4"], "network": "admin", "reservedIpRange": "1xx.x.x.x/29"}], "state": "READY", "tier": "BASIC_HDD"}, {"createTime": "2021-03-10T11:13:00.111631131Z", "fileShares": [{"capacityGb": "1024", "name": "nfsnxxxxx", "nfsExportOptions": [{"accessMode": "READ_WRITE", "ipRanges": ["xxx.xx.xx.xxx"], "squashMode": "NO_ROOT_SQUASH"}]}], "name": "projects/dxxx-xxxxx/locations/xxxxx/instances/innxxxx", "networks": [{"ipAddresses": ["x.x.x.x."], ...
I have tried this but it doesn't works.
Ansible tasks:
- name: print fact filestore
debug:
msg: "{{ansible_facts.resources.createTime}}"
fatal: [nxxxxxxx]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'resources'\n\nThe error appears to be in '/root/xxxxxxx/tasks/main.yml': line 11, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: print fact filestore\n ^ here\n"}
Thanks

If I believe the example output from your answer, the info is returned in a resources key in your task result. I cannot test myself, but I believe the following should meet your expectation.
Please note that resources is a list of dicts. In my below example I will access the info from the first element of the list. If you need someting else (e.g. list of all createTime...) or to loop over those objects, you can extend from this example.
- name: get info on an instance
gcp_filestore_instance_info:
zone: xxxxx-xxxx-b
project: dxxxxx-xxxxxx
auth_kind: serviceaccount
service_account_file: "/root/dxxxt-xxxxxxx.json"
register: instance_info
- name: show create time for first resource
debug:
msg: "{{ instance_info.resources.0.createTime }}"
- name: show first ip of first network of first resource
debug:
msg: "{{ instance_info.resources.0.networks.0.ipAddresses.0 }}"

Related

Creation GCP ressource and get IP adresse

I must create new nexus server on GCP. I have decided to use nfs point for datastorage. All must be done with ansible ( instance is already created with terraform)
I must get the dynamic IP setted by GCP and create the mount point.
It's working fine with gcloud command, but how to get only IP info ?
Code:
- name: get info
shell: gcloud filestore instances describe nfsnexus --project=xxxxx --zone=xxxxx --format='get(networks.ipAddresses)'
register: ip
- name: Print all available facts
ansible.builtin.debug:
msg: "{{ip}}"
result:
ok: [nexus-ppd.preprod.d-aim.com] => {
"changed": false,
"msg": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"cmd": "gcloud filestore instances describe nfsnexus --project=xxxxx --zone=xxxxx --format='get(networks.ipAddresses)'",
"delta": "0:00:00.763235",
"end": "2021-03-14 00:33:43.727857",
"failed": false,
"rc": 0,
"start": "2021-03-14 00:33:42.964622",
"stderr": "",
"stderr_lines": [],
"stdout": "['1x.x.x.1xx']",
"stdout_lines": [
"['1x.x.x.1xx']"
]
}
}
Thanks
Just use the proper format string, eg. to get the first IP:
--format='get(networks.ipAddresses[0])'
Find solution just add this:
- name:
debug:
msg: "{{ip.stdout_lines}}"
I'am feeling so stupid :(, I must stop to work after 2h AM :)
Thx

ansible regex_replace in command

I'am using ansible to deploy filestore on GCP, I need to get IP from instance and use it to create mount point.
gcloud working fine but it's return bracket and simple quote with ip.
Someone can help me to remove these caractere please ? My regex command doesn't work and i'am newbie with regex.
Error tasks mount cannot resolv come from '' in ip.stdout
ansible code:
- name: get info
shell: gcloud filestore instances describe "{{nfs_id}}" --project=xxxx-xxxx --zone=xxxxx-b --format='get(networks.ipAddresses)'
register: ip
- name: master_setup.yml --> DEBUG REGEX
debug:
var: "{{ 'ip.stdout' | regex_replace('([^\\.]*)\\.(.+)$', '\\1') }}"
- name: print mount point test
debug:
msg: "{{ip.stdout}}:/{{nfs_name }}"
- name: Mount an NFS volume
mount:
fstype: nfs
state: mounted
opts: rw,sync,hard,intr
src: "{{ip.stdout}:/{{nfs_name }}"
path: /mnt/nexus-storage
result of ansible playbook execution
TASK [install_nexus : master_setup.yml --> DEBUG REGEX] ********************************************************
ok: [nexus-xxxx.xxx.xxxxx] => {
"ip": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": true,
"cmd": "ggcloud filestore instances describe "{{nfs_id}}" --project=xxxx-xxxx --zone=xxxxx-b --format='get(networks.ipAddresses)'",
"delta": "0:00:01.013823",
"end": "2021-03-14 21:23:32.398266",
"failed": false,
"rc": 0,
"start": "2021-03-14 21:23:31.384443",
"stderr": "",
"stderr_lines": [],
"stdout": "['1xx.xxx.xx.2']",
"stdout_lines": [
"['1xx.xxx.xx.2']"
]
}
}
TASK [install_nexus : print mount point test] ******************************************************************
ok: [nexus-xxxx.xxx.xxxxx] => {
"msg": "['1xx.xxx.xx.2']:/nfsnexusnew"
}
TASK [install_nexus : Mount an NFS volume] *********************************************************************
[WARNING]: sftp transfer mechanism failed on [nexus-ppd.preprod.d-aim.com]. Use ANSIBLE_DEBUG=1 to see detailed
information
fatal: [nexus-xxxx.xxx.xxxxx]: FAILED! => {"changed": false, "msg": "Error mounting /mnt/nexus-storage: mount.nfs: Failed to resolve server '1xx.xxx.xx.2': Name or service not known\n"}
Thx
Resolved doing this, it's not very sexy but it's working. If someone find a solution please forward me it.
I have used 2 regex because I don't how to remove simple quote and bracket in one line:
- name: get info
shell: gcloud filestore instances describe "{{nfs_id}}" --project=xxxx-xxxx --zone=xxxxx-b --format='get(networks.ipAddresses)' > /tmp/nfs-ip.txt
- name: sed regex to delete []
shell: sed -i 's/[][]//g' /tmp/nfs-ip.txt
- name: sed regex to delete ''
shell: sed -i 's|["'\'']||g' /tmp/nfs-ip.txt
- name: register result in var ip
shell: cat /tmp/nfs-ip.txt
register: ip
- name: Mount an NFS volume
mount:
fstype: nfs
state: mounted
opts: rw,sync,hard,intr
src: "{{ip.stdout}}:/{{nfs_name }}"
path: /mnt/nexus-storage
Q: "Cannot resolve ip.stdout"
A: The value stored in ip.stdout is a string
"ip": {
...
"stdout": "['1xx.xxx.xx.2']",
...
}
Use the filters from_yaml and first to get the first item of the list, e.g.
src: "{{ ip.stdout|from_yaml|first }}:/{{ nfs_name }}"

"Required 'compute.addresses.get' permission" when trying to create an address in GCP using Ansible

I am trying to create a VM in GCP using ansible. I have followed the official tutorial on Ansible's website.
I created the service account and gave it 3 roles: compute.admin, editor and serviceAccountUser. Generated the JSON key and basically copy pasted the code
- name: create a address
gcp_compute_address:
name: 'test-adress'
region: "{{ region }}"
project: "{{ project }}"
auth_kind: "{{ auth_kind }}"
service_account_file: "{{ service_account_file }}"
scopes:
- https://www.googleapis.com/auth/compute
state: present
register: address
This is the output
fatal: [localhost]: FAILED! => {"changed": false, "msg": "GCP returned
error: {'error': {'code': 403, 'message': "Required
'compute.addresses.get' permission for
'projects/sdb20-21/regions/europe-west2/addresses/test-adress-lmao-lol'",
'errors': [{'message': "Required 'compute.addresses.get' permission
for
'projects/sdb20-21/regions/europe-west2/addresses/test-adress-lmao-lol'",
'domain': 'global', 'reason': 'forbidden'}]}}"}
I have tried pretty much every fix suggested in this website about this problem, to no avail. If I go to the google cloud "policy troubleshooter" it tells me that the service account does manage to call the api for "compute.addresses.get" with sucess.
The onty thing I cannot do is start another project, for school/credit reasons. Anything else is welcome

Automating Ansible VMware with lookup dig

I'm currently trying to further automate VM automation by not having to include the IP address in the variables file. I found nslookup module with dig, but feel I'm going about this the wrong way, for example here is variables file which is read upon creation for details:
# VMware Launch Variables
# If this is a test deployment you must ensure the vm is terminated after use.
vmname: agent5
esxi_datacenter: Datacenter
esxi_cluster: Cluster
esxi_datastore: ds1 # Do not change value.
esxi_template: template-v2
esxi_folder: agents # Folder must be pre-created
# Static IP Addresses
esxi_static_ip: "{{ lookup('dig', '{{ vmname }}.example.com.') }}"
esxi_netmask: 255.255.252.0
esxi_gateway: 10.0.0.1
What I was hoping to do with these was just to have the "esxi_static_ip" but pulled on the fly from a lookup with dig. This, however, in its current state does not work.
What is happening is either the VM launches without an ipv4 address or more often it fails with the following error:
fatal: [localhost -> localhost]: FAILED! => {"changed": false, "msg": "Failed to create a virtual machine : A specified parameter was not correct: spec.nicSettingMap.adapter.ip.ipAddress"}
I get the IP and pass it along, which works when I hard code the esxi_static_ip: in my vmware-lanch-vars.yml file. However, if I use (including the examples) it fails.
The newvm is registered when I run my vmware_guest playbook.
- name: Make virtual machine IP persistant
set_fact:
newvm_ip_address: '{{ newvm.instance.ipv4 }}'
- name: Add host to in memory inventory
add_host:
hostname: "{{ newvm_ip_address }}"
groups: just_created
newvm_ip_address: "{{ newvm.instance.ipv4 }}"
When I run with -vvvv I can see no IP is being attached:
"networks": [
{
"device_type": "vmxnet3",
"gateway": "0.0.0.01",
"ip": "",
"name": "Network",
"netmask": "255.255.252.0",
"type": "static"
}
],
UPDATE 3
When I created a simple playbook it works, just not when I put it into my regular flow, this below works:
---
- hosts: localhost
vars:
vmname: "apim-sb-ng1-agent2"
vm_dig_fqdn: "{{ vmname }}.example.com."
esxi_static_ip: "{{ lookup('dig', vm_dig_fqdn) }}"
tasks:
- debug: msg="{{ esxi_static_ip }}"
I am not sure this is the first problem your are facing (see my comment above), but your jinja2 template expression is wrong.
You cannot use jinja2 expression expansion while already inside a jinja2 expression expansion.
In this case, you have to concatenate your variable and string with the + operator:
esxi_static_ip: "{{ lookup('dig', vmname + '.example.com.') }}"
If your prefer to use jinja2 expansion everywhere, you can separate this in different variables, e.g.:
vm_dig_fqdn: "{{ vmname }}.example.com."
esxi_static_ip: "{{ lookup('dig', vm_dig_fqdn) }}"

ansible local_action returns error "invalid output was: [sudo via ansible, key=xxx] password:"

I've being trying to run this ansible playbook to get a AWS resource tags:
- name: list resource tags
local_action: ec2_tag resource=i-abcdefg region=us-east-1 state=list
register: result
And this error is returned:
failed: [ec2-11-222-333-444.compute-1.amazonaws.com] => {"failed":
true, "parsed": false} invalid output was: [sudo via ansible,
key=heoqwlqnhxlxyzwnxmtbvmdtvmvjbsux] password:
FATAL: all hosts have already failed -- aborting
How can I fix that
You cannot run this local_action as root. Change your task to be:
- name: list resource tags
sudo: false
local_action: ec2_tag resource=i-abcdefg region=us-east-1 state=list
register: result