Does anyone know if its possible to retrieve a list of EC2 AMIs older than x months(or days) using the ec2_ami_find module? So far I've got:
- name: ec2 find all
ec2_ami_find:
owner: self
region: us-west-1
sort: creationDate
sort_order: descending
register: ec2_ami
- name: test
set_fact:
date: "{{lookup('pipe','date +%Y%m%d%H%M%S -d \"180 day ago\"')}}"
msg: "{{ ec2_ami | json_query('results[?creationDate<`{{ date }}`]') }}"
However, this doesnt seem to work with me. Whatever I put in the date command(180 days, 1 day, 700 days), it retrieves the exact same list of AMI's for me.
It has to do with string interpolation and replacing the date variable in the set_fact directive. Here is an example, also I have used the ec2_ami_facts module instead of ec2_ami_find as ec2_ami_find would be deprecated soon.
---
- hosts: localhost
remote_user: me
gather_facts: no
connection: local
tasks:
- ec2_ami_facts:
owner: self
region: eu-central-1
register: ec2_ami
- set_fact:
filter_date: "{{ lookup('pipe','date \"+%Y-%m-%d\" -d \"180 day ago\"') }}"
- debug: var=filter_date
- set_fact:
filtered_ami: "{{ ec2_ami | json_query(\"images[?creation_date<=`\" + filter_date + \"`]\") }}"
- shell: echo "{{ filtered_ami | length }} {{ ec2_ami.images | length }}"
Please find the python script to list the AMIs older than X Days. Please do not forget to update your AWS credential profile value if you have multiple accounts as profiles=["default", "profile2"].
`
import boto3
from dateutil.parser import parse
import datetime
retention_day = "<addyour desired days here> eg. 30"
profiles = ["default"]
def days_old(date):
get_date_obj = parse(date)
date_obj = get_date_obj.replace(tzinfo=None)
diff = datetime.datetime.now() - date_obj
return diff.days
def get_ami_snap_list():
for profile in profiles:
session = boto3.Session(profile_name=profile)
ec2 = session.client('ec2')
Name=""
Description=""
amis = ec2.describe_images(Owners=[
'self'
])
for ami in amis['Images']:
try:
create_date = ami['CreationDate']
ami_id = ami['ImageId']
# print ami['ImageId'], ami['CreationDate']
day_old = days_old(create_date)
if day_old > retention_day:
# print(ami_id)
image = ec2.describe_images(ImageIds=[ami_id])
for img in image['Images']:
Name=img['Name']
Description=img['Description']
print(ami_id+",",Name+",",Description+",",profile)
except Exception as e:
print(ami_id + ",", Name + ",", Description + ",", profile)
get_ami_snap_list()
Related
I would like to execute a command to obtain the current AWS EC2 launch template version in an integer format so I can do basic arithmetic on it to use in subsequent queries / deletes.
For example:
tasks:
- name: Lookup current default version of EC2 launch template
command: aws ec2 describe-launch-template-versions --launch-template-id lt-xxx --filters Name=is-default-version,Value=true --query 'LaunchTemplateVersions[*].[VersionNumber]'
delegate_to: localhost
register: result
- name: Show results
debug:
msg: '{{ result.stdout }}'
delegate_to: localhost
If this output is '5' I would like to subtract 1 from it so I can execute an additional command to do the following:
aws ec2 delete-launch-template-versions --launch-template-id lt-xxx --versions {{result - 1}}
I realize this will not work as written, but this is the premise I'm going for.
Convert the string to an integer. For example
- command: echo 5
register: result
- command: "echo {{ result.stdout|int - 1 }}"
register: result
- debug:
var: result.stdout
gives
result.stdout: '4'
The type of the command return values' attribute stdout is string. See the results below
- command: echo 5
register: result
- debug:
msg: |-
result.stdout: {{ result.stdout }}
result.stdout|type_debug: {{ result.stdout|type_debug }}
result.stdout|int|type_debug: {{ result.stdout|int|type_debug }}
msg: |-
result.stdout: 5
result.stdout|type_debug: AnsibleUnsafeText
result.stdout|int|type_debug: int
On an Ansible playbook, I'm trying to execute a shell command only if a service exist on the remote server.
I have 3 tasks :
service_facts
execution of shell command if tomcat is installed
display the output of the shell command if tomcat is installed
Here is my code :
- name: Get Infos
hosts: all
gather_facts: yes
become: false
remote_user: [MY_USER]
tasks:
- name: Get the list of services
service_facts:
- name: Get version of Tomcat if installed
become: true
shell: 'java -cp /opt/tomcat/lib/catalina.jar org.apache.catalina.util.ServerInfo | grep "Server version"'
register: tomcat_version
when: "'tomcat.service' in services"
- debug: msg="{{ tomcat_version.stdout_lines }}"
when: "'tomcat.service' in services"
The problem is on certains servers the service name is, for example, tomcat-8.1
How can i use regex in the when condition?
I tried regex(), regex_search(), either I'm doing it wrong or I don't know how to do it.
Have you any idea how to do it?
Thanks in advance!
Count matching items. For example
- service_facts:
- block:
- shell: smartctl --version | head -1
register: smart_version
- debug:
msg: "{{ smart_version.stdout_lines }}"
when: _srvcs|length > 0
vars:
_regex: '.*smart.*'
_srvcs: "{{ services|select('match', _regex) }}"
gives
msg:
- smartctl 7.1 2019-12-30 r5022 [x86_64-linux-5.4.0-73-generic] (local build)
The next option is to intersect the list of services, e.g.
when: _srvcs|length > 0
vars:
my_services:
- smartmontools.service
- smart-8.1
- smart-devel.0.0.1
_srvcs: "{{ my_services|intersect(services) }}"
Debug
Q: "It gives me a failure on the server where my service doesn't exist, cause the playbook still tries to execute the shell. Is it normal?"
A: No. It is not normal. Print debug and find out why the condition evaluates to true, i.e. what service(s) match either the regex or the list. For example
- debug:
msg: |
_srvcs:
{{ _srvcs|to_nice_yaml|indent(2) }}
when: debug|d(false)|bool
vars:
my_services:
- smartmontools.service
- smart-8.1
- smart-devel.0.0.1
_srvcs: "{{ my_services|intersect(services) }}"
gives
msg: |-
_srvcs:
- smartmontools.service
To enable the task run the playbook with the option -e debug=true.
I need some help with extracting a specific line from a file and then extracting a column, assign it to a variable and then use that variable in the next task.
I have the file with this format on the confluent broker server
Save the key. It cannot be retrieved later.
+------------+----------------------------------------------+
| Enc Key | omykeyvaluecontinuousstringgoeshereandmakelong= |
+------------+----------------------------------------------+
I am trying to write Ansible task that will read the third line and then extract the key into a variable which I need to export as an environment variable in the task. In the next task I will be executing a confluent command as a shell command.
I tried something like below, but it doesn't work - I get error
vars:
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
ansible_host_key_checking: false
contents: "{{ lookup('file', '/etc/kafka/info.txt') }}"
contents2: "{{ lookup('file', '/etc/kafka/info.txt').splitlines() }}"
- name: set fact
set_fact:
extract_key: "{{ contents.split('\n')[2] }}"
- name: Display output
debug: msg="{{ extract_key }}"
And then extract the key value from extract_key variable
How can I achieve this?
Thank you
The task below does the job
- set_fact:
extract_key: "{{ contents.split('\n').2.split('|').2|trim }}"
gives
extract_key: omykeyvaluecontinuousstringgoeshereandmakelong=
You can use this filter if only text lines are fixed:
- name: capturing Key
shell: echo {{ contents }} | head -3 | tail -1 | sed 's/|/\n/g' | sed -n 3p
register: extract_key
- name: Display output
debug: msg="{{ extract_key.stdout }}"
This returns omykeyvaluecontinuousstringgoeshereandmakelong=
I need to copy the SSH public key from a local file, then use it in a uri task in my playbook.
Keep in mind, I cannot use "authorized_key" module as this is a system I must use the API to configure public keys for users.
Code below keeps failing, I am 100% sure its because of the filter I am using. I am including the commented out section that does work for the body.
Trying to use a lookup with a regex_search, I used [^\s]\s[^\s] which works in python. Also the key is in a different directory in my local host (../../ssh/ssh_key/key.pub)
Any ideas?
- name: copy public key to gitea
hosts: localhost
tasks:
- name: include user to add as variable
include_vars:
file: users.yaml
name: users
- name: Gather users key contents and create variable
# shell: "cat ../keys/ssh_keys/zz123z.pub | awk '{print $1 FS $2}'"
shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '{print $1 FS $2}'"
register: key
with_items:
- "{{users.user}}"
- name: Add user's key to gitea
uri:
url: https://10.10.10.10/api/v1/admin/users/{{ item.username }}/keys
headers:
Authorization: "token {{ users.GiteaApiToken }}"
validate_certs: no
return_content: yes
status_code: 201
method: POST
body: "{\"key\": \"{{ key.stdout }}\", \"read_only\": true, \"title\": \"{{ item.username }} shared
body_format: json
with_items:
- "{{users.user}}"
This is the error I receive when using -vvv
TASK [Add user's key to gitea] *************************************************
task path: /home/dave/projects/Infrastructure/ansible/AddTempUsers/addusers.yaml:275
Wednesday 04 March 2020 18:14:29 -0500 (0:00:00.537) 0:00:01.991 *******
fatal: [localhost]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to be in '/home/dave/projects/Infrastructure/ansible/AddTempUsers/addusers.yaml': line 275, column 13, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: Add user's key to gitea\n ^ here\n"
}
I FIGURED IT OUT!
used shell with an awk command to gather the keys. (Note: including an awk for RSA keys, and one for id_ed25519, which we use. RSA is commented out but others can comment if they wish to use.)
Used loop control to iterate through the results.
Code below:
- name: copy public key to gitea
hosts: localhost
tasks:
- name: include user to add as variable
include_vars:
file: users.yaml
name: users
- name: Gather users key contents and create variable
# For RSA Keys
# shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '/-END PUBLIC KEY-/ { p = 0 }; p; /-BEGIN PUBLIC KEY-/ { p = 1 }'
# For id_ed5519 Keys
shell: "cat ../keys/ssh_keys/{{item.username}}.pub | awk '{print $1 FS $2}'"
register: key
with_items:
- "{{users.user}}"
- name: Add user's key to gitea
uri:
url: https://10.10.10.10/api/v1/admin/users/{{ item.username }}/keys
headers:
Authorization: "token {{ users.GiteaApiToken }}"
validate_certs: no
return_content: yes
status_code: 201
method: POST
body: "{\"key\": \"{{ key.results[ndx].stdout }}\", \"read_only\": true, \"title\": \"{{ item.username }} shared VM\"}"
body_format: json
with_items:
- "{{users.user}}"
loop_control:
index_var: ndx
I am trying to match the "OK" from the following output with regex and store it in a varible:
System 'server.mylabserver.com'
status OK
monitoring status Monitored
monitoring mode active
on reboot start
load average [0.00] [0.01] [0.05]
cpu 0.1%us 0.1%sy 0.0%wa
memory usage 367.9 MB [20.0%]
swap usage 0 B [0.0%]
uptime 2h 10m
boot time Mon, 02 Apr 2018 06:51:01
data collected Mon, 02 Apr 2018 09:01:02
Ansible code with "regex_replace" that I've tried:
- name: Fetch the monit status
shell: "monit status | tail -n +3"
register: monit_status_raw
tags: basic_monitoring
- name: Extract monit variables
set_fact:
vmstatus: "{{ monit_status_raw | regex_replace('^\s\s([a-z]*)\s+', '\\1:')}}"
Error:
The offending line appears to be:
set_fact:
vmstatus: "{{ monit_status_raw | regex_replace('^\s\s([a-z]*)\s+', '\\1')}}"
^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value. For instance:
with_items:
- {{ foo }}
Should be written as:
with_items:
- "{{ foo }}"
Ansible code with "regex_search" that I've tried:
- name: Fetch the monit status
shell: "monit status | tail -n +3"
register: monit_status_raw
- name: Extract monit variables
set_fact:
vmstatus: "{{ monit_status_raw | regex_search('^\s\sstatus\s+(.*)$') }}"
Error:
The offending line appears to be:
set_fact:
vmstatus: "{{ monit_status_raw | regex_search('^\s\sstatus\s+(.*)$') }}"
^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value. For instance:
with_items:
- {{ foo }}
Should be written as:
with_items:
- "{{ foo }}"
Any idea what it's wrong in the regexes?
Thank you,
Dan
I think if you'd like to use regexp_search - you need to give a string and think about escaping characters, and then you need to use some construction as:
with_items
- "{{ monit_status_raw.stdout_lines }}"
But I think it will be simpler:
- name: Fetch the monit status
shell: 'monit status | tail -n +2 | grep "^\s*status" '
register: monit_status_raw
- set_fact:
vmstatus: "{{ monit_status_raw.stdout.split('status')[1]| replace(' ','')}}"
You will get vmstatus = 'Ok', if you use your sample.