Cycle hosts in tasks

Hello, I'm try to generate some task using data from other host (eg.:
open port for internal application only to host in the same group):

hosts file (PS: only test, i use racksace inventory, so this is not static):
---8<-------8<-------8<-------8<-------8<----
[mongodb]
192.168.10.1
192.168.10.2
192.168.10.3
192.168.10.4
---8<-------8<-------8<-------8<-------8<----

Into playbook I try to cycle using hosts but i don't find how to do this:

---8<-------8<-------8<-------8<-------8<----
- hosts: mongodb
- name: open firewall (MongoDB)
  action: command /usr/sbin/ufw allow from $item app MongoDB
  with_items:
    - @HELP_ME_PLEASE_:)_@
    # - ${groups.mongodb}
    # - ${ansible_eth1.ipv4.address}
---8<-------8<-------8<-------8<-------8<----

I know that's possible use groups in template files, but is not
possible have this information in tasks? Is required to create a bash
script using template and execute it?

Thank you!

       Marco

Just get rid of the whole with_items clause. Each host is cycled over each task that passes any filters by default.

<tim/>

Hello Timothy
  thanks for quick reply.

I need to execute this task N-time in each hosts, so (using previous
example) will "converted" to:

- hosts: mongodb
- name: open firewall (MongoDB)
  action: command /usr/sbin/ufw allow from $item app MongoDB
  with_items:
    - 192.168.10.1
    - 192.168.10.2
    - 192.168.10.3
    - 192.168.10.4

this commands are executed:

(in 192.168.10.1):
/usr/sbin/ufw allow from 192.168.10.1 app MongoDB
/usr/sbin/ufw allow from 192.168.10.2 app MongoDB
/usr/sbin/ufw allow from 192.168.10.3 app MongoDB
/usr/sbin/ufw allow from 192.168.10.4 app MongoDB

(in 192.168.10.2):
/usr/sbin/ufw allow from 192.168.10.1 app MongoDB
/usr/sbin/ufw allow from 192.168.10.2 app MongoDB
/usr/sbin/ufw allow from 192.168.10.3 app MongoDB
/usr/sbin/ufw allow from 192.168.10.4 app MongoDB

(in 192.168.10.3):
/usr/sbin/ufw allow from 192.168.10.1 app MongoDB
/usr/sbin/ufw allow from 192.168.10.2 app MongoDB
/usr/sbin/ufw allow from 192.168.10.3 app MongoDB
/usr/sbin/ufw allow from 192.168.10.4 app MongoDB

(in 192.168.10.4):
/usr/sbin/ufw allow from 192.168.10.1 app MongoDB
/usr/sbin/ufw allow from 192.168.10.2 app MongoDB
/usr/sbin/ufw allow from 192.168.10.3 app MongoDB
/usr/sbin/ufw allow from 192.168.10.4 app MongoDB

Bye
       Marco

Sorry I misunderstood what you were trying to do.

In Advanced Playbooks there is a section about Accessing Info About Other Hosts that mentions a groups list, but I think that's only for Jinja templates and is not a variable accessible by playbooks. Maybe I misreading the docs. That would be you ideal solution. with_items: groups['mongodb']

Assuming that isn't an optionI'd create a perform a local task before the one you have that returns a list of the hosts as an ansible_fact and then reference that with the with_items directive. with_items: ${hostvars.localhosts.hosts_list}

<tim/>

In Advanced Playbooks there is a section about Accessing Info About Other Hosts that mentions a groups list, but I think that's only for Jinja templates and is not a variable accessible by playbooks.

${host_vars.name_of_host.name_of_variable} works fine in playbooks
provided your host names don't have any dots in them. If they do,
that's a known issue and we need some way of escaping that in the
non-Jinja2 variable specification. (There's already a ticket on this)

Sorry I misunderstood what you were trying to do.

No problem

In Advanced Playbooks there is a section about Accessing Info About Other Hosts that mentions a groups list, but I think that's only for Jinja templates and is not a variable accessible by playbooks. Maybe I misreading the docs. That would be you ideal solution. with_items: groups['mongodb']

After some investigation I see that Task are invoked in:

* https://github.com/ansible/ansible/blob/devel/lib/ansible/runner/__init__.py#L240

using host as param (current host), but it also can have access to
inventory using self.inventory.

Bye
       Marco

I think you are referring to:

* https://github.com/ansible/ansible/issues/907

I think proble is not only on dot, but Task don't have access to
variable (i think), all variables with $ are replaced and added into
variable without $ eg: ${mydata} are converted to {mydata}:

* https://github.com/ansible/ansible/blob/devel/lib/ansible/runner/__init__.py#L258

I'm investigating how to add this feature, if you can point me on the
right path....

       Marco

Understood.

I was not sure that ${groups['somegroupname']} works in playbooks or that you could grab a list of $hostvars keys (aka host names) to use in an items loop.

<tim/>

Marco Vito Moscaritolo wrote:

I don't know either. If it doesn't work, patches to make it work
would be welcome. You can definitely assign a regular variable like:

foo: $iAmAList

Nope. The groups var does not seem accessible in playbooks. Quick threw together a test and go these errors in my attempts.

unbound variable in with_items: {groups[‘nodes’]}

unbound variable in with_items: {groups.nodes}

Which would be the correct form? I assume the latter.

The latter.

The part that lets variables work in with_items is pretty naive, I
think it just throws away the "$" and sees if the top level variable
is available in the dict.

We'd want something like varLookup that just returned the actual
value, versus templating it out, but still used the same regex logic.

Any solution to this? I’m trying to do the same thing.

Lee S. wrote:

Any solution to this? I'm trying to do the same thing.

What thing is that?

Daniel