I want to create a group and user using salt state files, but I do not know the group, gid, user, uid, sshkey until I need to execute the salt state file which I would like to pass in as parameters.
I have read about Pillar to create the variable. How do I create pillars before execution?
/srv/salt/group.sls:
{{ name }}:
group.present:
- gid: {{ gid }}
- system: True
Command line:
salt 'SaltStack-01' state.sls group name=awesome gid=123456
If you really want to pass in the data on the command like you can also do it like this:
{{ pillar['name'] }}:
group.present:
- gid: {{ pillar['gid'] }}
- system: True
Then on the command line you can pass in the data like this:
salt 'SaltStack-01' state.sls group pillar='{"name": "awesome", "gid": "123456"}'
You use Pillars to create "dictionaries" that you can reference into State files. I'm not sure if I'm understanding you correctly, but here's an example of what you can do:
mkdir /srv/pillar/
Create /srv/pillar/groups.sls and paste something like this into it:
groups:
first: 1234
second: 5678
These are names and GIDs of the groups you want to create.
Create /srv/pillar/top.sls so you can apply this pillar to your minions. This is very similar to a salt top file, so you can either apply it to all minions ('*') or just the one ('SaltStack-01'):
base:
'hc01*':
- groups
To test that that has worked, you can run salt '*' pillar.items and you should find the groups pillar somewhere in the output.
Now, your /srv/salt/group.sls file should look like this:
{% for group,gid in pillar.get('groups',{}).items() %}
{{ group }}:
group.present:
- gid: {{ gid }}
{% endfor %}
This is a for loop: for every group and gid in the pillar groups, do the rest. So basically, you can look at it as if the state file is running twice:
first:
group.present:
- gid: 1234
And then:
second:
group.present:
- gid: 5678
This was incorporated from this guide.
if you do not want use Pillar
you can do as:
# /srv/salt/params.yaml
name: awesome
gid: 123456
and then:
# /srv/salt/groups.sls
{% import_yaml "params.yaml" as params %}
{{ params['name'] }}:
group.present:
- gid: {{ parmas['gid'] }}
- system: True
more details:doc
Another nice way to pass (incase you don't want to use pillars Nor create a file as other answers shows) - you can pass a local environment variable to salt and read it from within the sls file, like this:
Command:
MYVAR=world salt 'SaltStack-01' state.sls somesalt # Note the env variable passed at the beginning
sls file:
# /srv/salt/somesalt.sls
foo:
cmd.run:
- name: |
echo "hello {{ salt['environ.get']('MYVAR') }}"
Will print to stdout:
hello world
Another good thing to know is that the env variable also gets passed on to any included salt states as well.
Related
Trying to make a failsafe logic on output as csv as comma separated each columns by JInja2 template.
failsafe logic is supposed to tell me if any of items in modules or tech is missing.
any help appreciated to figure out the logic of jinja2 template.
Variable
swproduct_list:
header: Sw product,sw product module,technology
details:
- name: BASE PACKAGE
Modules:
- Polygon Manager
- Common Manager
tech:
- SPRING CLOUD
- SPRING CLOUD
- name: DMA
Modules:
- KUA on demand
- KUA parameters
tech:
- SPRING CLOUD
- SPRING CLOUD
Desired Output
Sw product,sw product module,technology
DMA,KUA on demand,SPRING CLOUD
DMA,KUA parameters,SPRING CLOUD
BASE PACKAGE,Polygon Manager,SPRING CLOUD
BASE PACKAGE,Common Manager,SPRING CLOUD
Solution- Jinja2 template
{% for intf in swproduct_list.details -%}
{% for ll in intf.Modules -%}
{{ intf.name }},{{ ll }},{{ intf.tech[loop.index0] }}
{% endfor %}
{% endfor %}
Thanks to Zeitounator who suggested in a comment:
Create a task which checks that every element has the same number of modules and tech using the fail or assert module prior to rendering your template.
I applied the following assert method before jinja template starts and it works:
- set_fact:
check_total: |
{
'modules_total': {{ (swproduct_list.details | selectattr('Modules', 'defined') | map(attribute='Modules') | flatten | list) | length }},
'tech_total': {{ (swproduct_list.details | selectattr('tech', 'defined') | map(attribute='tech') | flatten | list) | length }},
}
- debug:
var: check_total
- assert:
that:
- check_total.modules_total == check_total.tech_total
quiet: true
fail_msg: >
total no of modules should match with total no of tech
I am trying to set ansible facts from the stdout of a command task I call from another role.
Role A:
- name: example command
command: client get -s {{ service }}
register: vars_string
- name: set vars
set_fact: vars={{ vars_string.stdout.split('\n')}}
when:
- vars_string.stdout | length > 0
- name: set vars as facts
set_fact: "{{ item }}"
with_items: "{{ vars }}"
vars output:
"vars": [
"tst=ansible",
"example=values"
]
Role B:
- debug:
var: tst
Results from Role B:
Expectation: { "tst": "ansible" }
Reality: { "tst": "VARIABLE IS NOT DEFINED!" }
I have tried to spit vars into a dict and use set_fact: "{{ item.key }}" : "{{ item.value }}" as well. This returned the same results.
I want to be able to call by the variable name returned from the command in future roles. Any ideas?
Two points about your code snippet that may interest you:
There is already a split-by-newline version of the output from your command, it's vars_string.stdout_lines
I can't tell if you just chose that variable by accident, or you were trying to actually assign to the vars built-in variable, but either way, don't do that
As best I can tell, there is no supported syntax for assigning arbitrary top-level host facts from within just a task.
You have two choices: write out those variables to a file, then use include_vars: to read them in -- which will assign them as host facts, or concede to the way set_fact: wants things and be content with those dynamic variables living underneath a known key in hostfacts
We'll show the latter first, because it's shorter:
- set_fact:
my_facts: >-
{{ "{" + (vars_string.stdout_lines
| map('regex_replace', '^([^=]+)=(.+)', '"\1": "\2"')
| join(",")) + "}"
}}
when:
- vars_string.stdout | length > 0
Of course, be aware that trickery won't work if your keys or values have non-JSON friendly characters in them, but if that simple version doesn't work, ask a follow-up question, because there are a lot more tricks in that same vein
The include_vars: way is:
- tempfile:
state: file
suffix: .json
register: vars_filename
- copy:
dest: '{{ vars_filename.path }}'
content: >-
{{ "{" + (vars_string.stdout_lines
| map('regex_replace', '^([^=]+)=(.+)', '"\1": "\2"')
| join(",")) + "}"
}}
- include_vars:
file: '{{ vars_filename.path }}'
- file:
path: '{{ vars_filename.path }}'
state: absent
I would like to pass in variables from python to jinja2 when rendering templates.
'with_remediation' is a boolean/varilable that I would like to pass into the jinja2 template for evaluation.
Here is how the jinja2 template file looks like:
{% if with_remediations %}
no hostname
{% endif %}
hostname {{ nodes.hostname }}
In my rendering function, I have these lines of code:
with_remediation = True
baseline = env.get_template(template)
config = baseline.render(nodes = node_object[index],with_remediation)
When I execute code, I get the following error:
config = baseline.render(nodes = node_object[index],with_remediation)
SyntaxError: non-keyword arg after keyword arg
However, if I specify the boolean directly into the function call:
config = baseline.render(nodes = node_object[index],with_remediation=True)
It runs without errors but not the expected output.
Here is the output when executed:
switch
/templates/cisco/ios/switch/test.jinja2
Push configs? [y/N]: y
config term
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)#
switch(config)#
switch(config)#
switch(config)#
switch(config)#hostname switch
switch(config)#end
switch#
The expected result should be:
switch
/templates/cisco/ios/switch/test.jinja2
Push configs? [y/N]: y
config term
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)#
switch(config)#no hostname
switch(config)#
switch(config)#
switch(config)#hostname switch
switch(config)#end
switch#
Why is it not executing the {% if with_remediations %} section since it holds true?
{% if with_remediations %}
Works when condition is true //Any Statement
{% else %}
no hostname //Any Statement
{% endif %}
def demo():
boo=True`
return render_template("demo.html",with_remediations=boo)
play_hosts is a list of all machines for a play. I want to take these and use something like format() to rewrite them like rabbitmq#%s and then join them together with something like join(). So:
{{ play_hosts|format(???)|join(', ') }}
All the examples of format use piping where the input is the format string and not a list. Is there a way to use these (or something else) to accomplish what I want? The output should looks something like:
['rabbitmq#server1', 'rabbitmq#server2', rabbitmq#server3', ...]
The jinja2 doc describes format like this:
format(value, *args, **kwargs)
Apply python string formatting on an object:
{{ "%s - %s"|format("Hello?", "Foo!") }}
-> Hello? - Foo!
So it gives three kinds of input but doesn't describe those inputs in the example, which shows one in the pipe and the other two passed in via args. Is there a keyword arg to specify the string that's piped? Please help, python monks!
In ansible you can use regex_replace filter:
{{ play_hosts | map('regex_replace', '^(.*)$', 'rabbitmq#\\1') | list }}
I believe another way would be using the joiner global function, as you can read in http://jinja.pocoo.org/docs/2.9/templates/#list-of-global-functions:
A joiner is passed a string and will return that string every time it’s called, except the first time (in which case it returns an empty string). You can use this to join things
So your code would be something like:
[
{% set comma = joiner(",") %}
{% for host in play_hosts %}
{{ comma() }}
{{ "rabbitmq#%s"|format(host) }}
{% endfor %}
]
You can create custom filter
# /usr/share/ansible/plugins/filter/format_list.py (check filter_plugins path in ansible.cfg)
def format_list(list_, pattern):
return [pattern % s for s in list_]
class FilterModule(object):
def filters(self):
return {
'format_list': format_list,
}
and use it
{{ play_hosts | format_list('rabbitmq#%s') }}
You could simply join not only by , but also add the prefix together with it. Now that's not very pythonic or sophisticated but a very simple working solution:
[rabbitmq#{{ play_hosts | join(', rabbitmq#') }}]
If you want to format a string, through a list.
l: list = ["world", "stackoverflow"]
"Hello %s and %s"|format(*l)
I would like to do some basic pillar value settings for all boxes so that I can use them later in a unified way. Our minions are usually named in this format:
<project>-<env>.<role>-<sequence>.<domain>
Example pillar/base/top.sls:
base:
'*':
- basics
'I#project:mycoolproject and I#role:nginx':
- etc.
Example pillar/base/basics/init.sls:
{% if '-live.' in grains['id'] %}
env: production
{% elif '-qa.' in grains['id'] %}
env: qa
{% elif '-staging.' in grains['id'] %}
env: staging
{% else %}
env:
{% endif %}
{% set role = re.match("(?:live|qa|staging)\.([a-z_\-]+)\-', grains['id']).group(1) -%}
role: {{ role }}
The env part obviously works but I can't get the regex working. As far as I understood there is no way to import python module (i.e. import re) in jinja template. Any suggestions how to get regex functionality available in the pillar file if possible at all?
The simple answer is, "no". There is not a way to inject regex functionality directly into the jinja environment (I'm sure there's a way to extend jinja, but anyway..)
The way I addressed this was with an external module function, id_info.explode() and an external pillar.
Enable external modules on the master:
external_modules: /srv/extmod
External modules do not require any sort of special infrastructure--they are just regular python modules (not packages, mind you--the loader doesn't currently know how to properly side-load a package yet)
Put your python+regex logic there. Return a dictionary, assembled to your your liking.
Your external module would go in /srv/extmod/modules. You can call call this function from your pillar.sls
{% id_info = __salt__[id_info.explode()] -%}
{% subcomponent = id_info['subcomponent'] -%}
{% project = id_info['project'] -%}
etc...
A couple things to know:
The salt-master has to be restarted when an external module is added or modified. There isn't a way that I know of to incite the equivalent of a saltutil.refresh_modules() call on the salt-master, so there ya go.
The external_modules directive is not just for execution modules. In this scenario, you would also create /srv/extmod/{pillar,runners,outputers,etc}.
These modules are only available on the master