How to let clojure to generate this simple YAML file? - clojure

I want clojure to generate this simple ansible YAML file:
- hosts: 172.16.10.104
tasks:
- name: ping
ping:
I use the https://github.com/owainlewis/yaml to generate it:
(def data [{:hosts "172.16.10.104"}
{:tasks [{
:name "ping",
:ping ""
}]}
])
and got this:
- hosts: 172.16.10.104
- tasks:
- name: ping
ping: ''
I want the "tasks" not the "- tasks", how to fix it?

If you structure your data as follows,
(def data [{:host "172.16.10.104"
:tasks [{:name "ping" :ping ""}]}])
then
(yaml/generate-string data :dumper-options {:flow-style :block})
yields
"- host: 172.16.10.104\n tasks:\n - name: ping\n ping: ''\n"
which formatted, is:
- host: 172.16.10.104
tasks:
- name: ping
ping: ''

Related

Ansible regex to replace the DNS address in Ubuntu netplan file

I would like to change DNS IP address from 192.168.86.14 to 192.168.86.16 in Ubuntu netplan yaml file:
link: ens3
addresses: [192.168.86.12/24]
gateway4: 192.168.86.1
nameservers:
addresses: [192.168.86.14,8.8.8.8,8.8.4.4]
Here is my ansible playbook:
- name: test
ansible.builtin.replace:
path: /etc/netplan/00-installer-config.yaml
regexp: '(addresses: \[)+192.168.86.14,'
replace: '\1192.168.86.16,'
My playbook doesn't change anything in the file. Tried to escape comma but doesn't match anything as well.
For some reason I need to make sure the IP address is between "addresses [" and "," so I can't just use the syntax like this :
- name: test
ansible.builtin.replace:
path: /etc/netplan/00-installer-config.yaml
regexp: '192.168.86.14'
replace: '192.168.86.16'
I am very new to Ansible, any help is appreciated!
The dictionaries are immutable in YAML. But, you can update dictionaries in Jinja2. Let's take a complete example of a netplan configuration file, e.g.
shell> cat 00-installer-config.yaml
network:
version: 2
renderer: networkd
ethernets:
ens3:
mtu: 9000
enp3s0:
link: ens3
addresses: [192.168.86.12/24]
gateway4: 192.168.86.1
nameservers:
addresses: [192.168.86.14,8.8.8.8,8.8.4.4]
Read the dictionary into a variable
- include_vars:
file: 00-installer-config.yaml
name: netplan_conf
gives
netplan_conf:
network:
ethernets:
enp3s0:
addresses:
- 192.168.86.12/24
gateway4: 192.168.86.1
link: ens3
nameservers:
addresses:
- 192.168.86.14
- 8.8.8.8
- 8.8.4.4
ens3:
mtu: 9000
renderer: networkd
version: 2
Create a template that updates the nameservers
shell> cat 00-installer-config.yaml.j2
{% set _dummy = netplan_conf.network.ethernets.enp3s0.nameservers.update({'addresses': _addresses}) %}
{{ netplan_conf|to_nice_yaml }}
The task below
- template:
src: 00-installer-config.yaml.j2
dest: 00-installer-config.yaml
vars:
_addresses: "{{ netplan_conf.network.ethernets.enp3s0.nameservers.addresses|
regex_replace('192.168.86.14', '192.168.86.16') }}"
will update the configuration file
shell> cat 00-installer-config.yaml
network:
ethernets:
enp3s0:
addresses:
- 192.168.86.12/24
gateway4: 192.168.86.1
link: ens3
nameservers:
addresses:
- 192.168.86.16
- 8.8.8.8
- 8.8.4.4
ens3:
mtu: 9000
renderer: networkd
version: 2

Access yaml list of dictionaries file with ansible

So I am trying take values from file, let's call it "test.yaml"
file looks like this (sorry for long output, but it is the shortest cut containing all patterns and structure):
---
results:
- failed: false
item: XXX.XX.XX.XX
invocation:
module_args:
validate_certs: false
vm_type: vm
show_tag: false
username: DOMAIN\domain-user
proxy_host:
proxy_port:
show_attribute: false
password: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
port: XXX
folder:
hostname: XXX.XX.XX.XX
changed: false
virtual_machines:
- ip_address: XXX.XX.XX.XX
mac_address:
- XX:XX:XX:aa:XX:XX
uuid: XXXX-XX-XX-XXXX-XXXXX
guest_fullname: Red Hat Enterprise Linux X (XX-bit)
moid: vm-XXX
folder: "/DOMAIN-INTERXION/vm"
cluster:
attributes: {}
power_state: poweredOn
esxi_hostname: esx.hostname
tags: []
guest_name: VMnameXX
vm_network:
XX:XX:XX:aa:XX:XX:
ipv6:
- XX::XXX:XX:XXXX
ipv4:
- XXX.XX.XX.XX
I would like, for example to have something like:
results.invocation.virtual_machines.ip_address
results.invocation.module_args.user_name
I tried all kind of stuff but it doesn't work :)
last attempt is this:
---
- name: demo how register works
hosts: localhost
tasks:
- name: Include all .json and .jsn files in vars/all and all nested directories (2.3)
include_vars:
file: test.yml
name: vm
- name: debug
debug:
msg: "{{ item.0.item }}"
with_subelements:
- "{{ vm.results }}"
- virtual_machines
register: subelement
following your structure and after fixing some errors:
results.invocation.virtual_machines.ip_address is results[0].virtual_machines[0].ip_address
and
results.invocation.module_args.user_name is results[0].invocation.module_args.username
(results and virtual_machines are arrays, write results[0] or results.0 is same)
so a sample of playbook doing job:
- name: vartest
hosts: localhost
tasks:
- name: Include all .json and .jsn files in vars/all and all nested directories (2.3)
include_vars:
file: test.yml
name: vm
- name: ip
set_fact:
ipadress: "{{ vm.results[0].virtual_machines[0].ip_address }}"
- name: username
set_fact:
username: "{{ vm.results[0].invocation.module_args.username }}"
- name: display
debug:
msg: "ip: {{ ipadress }} and username: {{ username }}"
result:
ok: [localhost] =>
msg: 'ip: XXX.XX.XX.XX and username: DOMAIN\domain-user'

Run Ansible task only on one server - AWS

I have my ansible task running in all my api_servers which i would restrict it to run only on one IP (one of the api_server)
I have added run_once: true but it didnt helps.
Kindly advise.
EDIT :
Will the below work? I have 10 instances of app_servers running, I want the task to run only on one app_server
run_once: true
when:
- inventory_hostname == groups['app_servers'][0]
Where my inventory file is like
[app_servers]
prod_app_[1:4]
I would write my playbook like that:
---
# Run on all api_servers
- hosts: api_servers
tasks:
- name: do something on all api_servers
#...
# Run only on one api_server e.q. api_server_01
- hosts: api_server_01
tasks:
- name: Gather data from api_server_01
#...
The other option would be to work with when: or to run the playbook with the --limit option
---
- hosts: all
tasks:
- name: do something only when on api_server_01
#...
when: inventory_hostname == "api_server_01"
EDIT:
Here you will see all the option in one example:
---
- hosts: all
tasks:
- debug: msg="run_once"
run_once: true
- debug: msg=all
- debug: msg="run on the first of the group"
when: inventory_hostname == groups['app_servers'][0]
# Option with separated hosts, this one will be faster if gather_facts is not tuned.
- hosts: app_servers[0]
tasks:
- debug: msg="run on the first of the group"
(Since I can not comment, I have to answer.)
What about delegate_to? Where you delegate the task to a specific host.
hosts: all
tasks:
- name: Install vim on specific host
package:
name: vim
state: present
delegate_to: staging_machine
Or
As #user2599522 mentioned: --limit is also an option to use:
You can also limit the hosts you target on a particular run with the --limit flag. (Patterns and ansible-playbook flags)

Ansible - Check if string exists in file with regex

I need to validate that the PermitRootLogin parameter is equal to "no", for example:
PermitRootLogin no
But sometimes between these words there is more than one space. For this reason I use a regex, but apparently I do it wrong. This is the line that seems to be bad:
when: check_config.stdout.find('PermitRootLogin\s+no') != -1
Any idea how to fix this?
- hosts: redhat
tasks:
- name: check file
shell: cat /etc/ssh/sshd_config
register: check_config
- name: compare string
when: check_config.stdout.find('PermitRootLogin\s+no') != -1
debug: msg="this server is ok"
Q: "Validate that the PermitRootLogin parameter is equal to no."
A: Put the below declaration into the vars
match_lines: "{{ check_config.stdout_lines|
map('regex_search', '^\\s*PermitRootLogin\\s+no$')|
select }}"
and test the length of the list
- debug:
msg: this server is OK
when: match_lines|length > 0
Example of a complete playbook for testing
- hosts: localhost
vars:
match_lines: "{{ check_config.stdout_lines|
map('regex_search', '^\\s*PermitRootLogin\\s+no$')|
select }}"
tasks:
- command: cat /etc/ssh/sshd_config
register: check_config
- debug:
var: match_lines
- debug:
msg: This server is OK
when: match_lines|length > 0
gives, for example (abridged)
TASK [debug] *******************************************
ok: [localhost] =>
match_lines:
- PermitRootLogin no
TASK [debug] *******************************************
ok: [localhost] =>
msg: This server is OK
Given the inventory below set hosts -hosts: rehat
shell> cat hosts
[redhat]
test_11
test_12
test_13
The playbook gives, for example (abridged)
TASK [debug] *******************************************
ok: [test_11] =>
match_lines:
- PermitRootLogin no
ok: [test_12] =>
match_lines: []
ok: [test_13] =>
match_lines: []
TASK [debug] *******************************************
skipping: [test_12]
ok: [test_11] =>
msg: This server is OK
skipping: [test_13]
You can use lookup to simplify the task if the play is running at the localhost only. For example, the playbook below gives the same result
- hosts: localhost
tasks:
- debug:
msg: This server is OK
when: match_lines|length > 0
vars:
match_lines: "{{ lookup('file', '/etc/ssh/sshd_config').splitlines()|
map('regex_search', '^\\s*PermitRootLogin\\s+no$')|
select }}"
If you want to put/replace the line in the config use lineinfile. For example,
- lineinfile:
path: /etc/ssh/sshd_config
regexp: '^PermitRootLogin(.*)$'
line: 'PermitRootLogin no'

Ansible list concat contains only the last element when used with a loop

[Closed] It is a bug in Ansible v2.5.1, see comment below.
I want to build a new list based on a dictionary. So I try with set_fact and a loop but the variable only contains the last value (not the list)
I try simpler example without dictionary. I use this web site: https://ttl255.com/ansible-appending-to-lists-and-dictionaries/. And it doesn't work has expected.
---
- name: Append to list
hosts: localhost
vars:
devices: []
cisco:
- CiscoRouter01
- CiscoRouter02
- CiscoRouter03
- CiscoSwitch01
arista:
- AristaSwitch01
- AristaSwitch02
- AristaSwitch03
tasks:
- name: Add Cisco and Airsta devices to the list
set_fact:
devices: "{{ devices + [item] }}"
with_items:
- "{{ cisco }}"
- "{{ arista }}"
- name: Debug list
debug:
var: devices
verbosity: 0
Extract of the output:
TASK [Debug list] *********************************************************************************************************
ok: [localhost] => {
"devices": [
"AristaSwitch03"
]
}
Expected:
TASK [Debug list] *********************************************************************************************************
ok: [localhost] => {
"devices": [
"CiscoRouter01",
"CiscoRouter02",
"CiscoRouter03",
"CiscoSwitch01",
"AristaSwitch01",
"AristaSwitch02",
"AristaSwitch03"
]
}
I use the ansible version: 2.5.1
its a bug of 2.5.1, you will have to upgrade.
check this question for more info.