How to save stdout at awx-host filesystem

Hello,
I’m trying to save an output of switch configuration at my awx-host filesystem without success. I’m using awx 20. It used to work at awx 17 version. Now, it seems that the playbook is trying to create the file at a “temporary” pod that exists only at execution time.

Sample of playbook:

Anyone got a solution to this so far?

I am also trying to solve this issue…
Thx!

Replace “/path/to/awx-host/filesystem” with the actual path to the directory where you want to save the output file.

Alternatively, you could use the “copy” module to copy the output file from the temporary pod to the AWX host’s filesystem.

• name: Save switch configuration shell: command to save switch configuration > switch_config.txt delegate_to: localhost register: switch_config_output - name: Copy switch configuration output to AWX host copy: content: “{{ switch_config_output.stdout }}” dest: /path/to/awx-host/filesystem/switch_config.txt

Hi

Thanks for your reply. As i pretty new to this, i like to share my setup. Basically i have setup a custom execution image and loaded into a docker on localhost. My AWX is installed on Ks3.

In my playbook, I have this:

• name: cisco_sh_ver
  hosts: awx-cisco-ios-r1 [This is a cisco router]
  gather_facts: true

tasks:

• name: run show ip interface brief on remote devices
  ios_command:
  commands: show ip interface brief
  register: ip_int_output

• name: Print IP Interface brief
  debug:
  var: ip_int_output.stdout_lines

• name: set fact for date and time
  shell: date +“%Y-%m-%d-%H-%M”
  register: date_time

• name: save IP Interface brief to file
  delegate_to: localhost
  copy:
  content: “{{ ip_int_output.stdout }}”
  dest: “/runner/project/ip_interface_brief_{{ date_time.stdout }}.txt”

But once i run the job template from AWX, although successful i cannot find the file at all.

EXEC /bin/sh -c ‘/usr/bin/python3 /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/AnsiballZ_stat.py && sleep 0’
PUT /home/runner/.ansible/tmp/ansible-local-191tqi55nq/tmpu8el6gja TO /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/source
EXEC /bin/sh -c ‘chmod u+x /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/ /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/source && sleep 0’
Using module file /usr/local/lib/python3.8/site-packages/ansible/modules/copy.py
PUT /home/runner/.ansible/tmp/ansible-local-191tqi55nq/tmpxu921f4m TO /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/AnsiballZ_copy.py
EXEC /bin/sh -c ‘chmod u+x /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/ /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/AnsiballZ_copy.py && sleep 0’
EXEC /bin/sh -c ‘/usr/bin/python3 /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/AnsiballZ_copy.py && sleep 0’
EXEC /bin/sh -c ‘rm -f -r /root/.ansible/tmp/ansible-tmp-1681660001.381904-78-44273424326509/ > /dev/null 2>&1 && sleep 0’
changed: [awx-cisco-ios-r1 → localhost] => {
“changed”: true,
“checksum”: “f41d04c0206136d7feca531350a1b4fce31d5e5d”,
“dest”: “/runner/project/ip_interface_brief_2023-04-16-15-46.txt”,
“diff”: ,
“gid”: 0,
“group”: “root”,
“invocation”: {
“module_args”: {
“_original_basename”: “tmpu8el6gja”,
“attributes”: null,
“backup”: false,
“checksum”: “f41d04c0206136d7feca531350a1b4fce31d5e5d”,
“content”: null,
“dest”: “/runner/project/ip_interface_brief_2023-04-16-15-46.txt”,
“directory_mode”: null,
“follow”: false,
“force”: true,
“group”: null,
“local_follow”: null,
“mode”: null,
…
META: ran handlers
META: ran handlers

On AWX the jobs are running a pod separate from the control plane, so files saved in the pod filesystem would likely get cleaned up after the job runs.

You can use the settings Paths to expose to isolated jobs, which allows you to mount folders on the control node to the running pods. Then in your playbook you can write the files to that location

see these docs on configuring that option https://docs.ansible.com/automation-controller/4.3.0/html/userguide/execution_environments.html#execution-environment-mount-options

AWX Team

Hi AWX team,

Thanks for sharing. I am currently running AWX version 22. Under job settings, I dont see exposed host path for container group this option. I tried to specify my ubuntu path under Paths to expose to isolated jobs

image.png3101×1655 210 KB

However, though the playbook is successful, but I couldnt get the studout file.

I have changed ownership to root for both user and group but not really help.

Seek your advice again,.

Tracelog:
changed: [awx-cisco-ios-r1] => {
“changed”: true,
“checksum”: “f41d04c0206136d7feca531350a1b4fce31d5e5d”,
“dest”: “/tmp/ip_interface_brief.txt”,
“diff”: [
{
“after”: "["Interface IP-Address OK? Method Status Protocol\nFastEthernet0/0 192.168.11.60 YES NVRAM up up \nSerial0/0 unassigned YES NVRAM administratively down down \nFastEthernet0/1 unassigned YES NVRAM administratively down down \nSerial0/1 unassigned YES NVRAM administratively down down \nSerial0/2 unassigned YES NVRAM administratively down down \nFastEthernet1/0 unassigned YES NVRAM administratively down down \nSerial2/0 unassigned YES NVRAM administratively down down \nSerial2/1 unassigned …
TASK [fetch file from remote device to local Ubuntu machine] *******************
task path: /runner/project/fetch4.yml:23
redirecting (type: connection) ansible.builtin.network_cli to ansible.netcommon.network_cli
redirecting (type: terminal) ansible.builtin.ios to cisco.ios.ios
redirecting (type: cliconf) ansible.builtin.ios to cisco.ios.ios
<192.168.11.60> ESTABLISH LOCAL CONNECTION FOR USER: root
<192.168.11.60> EXEC /bin/sh -c ‘( umask 77 && mkdir -p “echo /home/runner/.ansible/tmp/ansible-local-19ah400x6z”&& mkdir “echo /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527” && echo ansible-tmp-1681997446.7857811-88-241249696992527=“echo /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527” ) && sleep 0’
Using module file /usr/local/lib/python3.8/site-packages/ansible/modules/stat.py
<192.168.11.60> PUT /home/runner/.ansible/tmp/ansible-local-19ah400x6z/tmp9fjsms6f TO /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527/AnsiballZ_stat.py
<192.168.11.60> EXEC /bin/sh -c ‘chmod u+x /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527/ /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527/AnsiballZ_stat.py && sleep 0’
<192.168.11.60> EXEC /bin/sh -c ‘/usr/bin/python3 /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527/AnsiballZ_stat.py && sleep 0’
<192.168.11.60> FETCH /tmp/ip_interface_brief.txt TO /data/projects/first-project/output/ip_interface_brief.txt
<192.168.11.60> PUT /tmp/ip_interface_brief.txt TO /data/projects/first-project/output/ip_interface_brief.txt
<192.168.11.60> EXEC /bin/sh -c ‘rm -f -r /home/runner/.ansible/tmp/ansible-local-19ah400x6z/ansible-tmp-1681997446.7857811-88-241249696992527/ > /dev/null 2>&1 && sleep 0’
changed: [awx-cisco-ios-r1] => {
“changed”: true,
“checksum”: “f41d04c0206136d7feca531350a1b4fce31d5e5d”,
“dest”: “/data/projects/first-project/output/ip_interface_brief.txt”,
“md5sum”: “d18193eb730c6371c716328ebc687a04”,
“remote_checksum”: “f41d04c0206136d7feca531350a1b4fce31d5e5d”,
“remote_md5sum”: null
}
META: ran handlers
META: ran handlers
PLAY RECAP *********************************************************************
awx-cisco-ios-r1 : ok=5 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

Yoy can also download the job output from the ui iirc

(attachments)

image.png3101×1655 210 KB

Hi Weiye,

Many thanks. However, if i have multiple network equipment to sort them out according to different text file based on IP address, it will be better if i can actually create a txt file for each of them.

Hi anyone or kind souls able to advise?

Somehow the enable job isolation option is also not available to be disabled unlike ansible tower.

https://docs.ansible.com/ansible-tower/latest/html/userguide/security.html

Has anyone else used AWX_PROOT_HIDE_PATHS = [‘/list/of/’, ‘/paths’] before? Not sure if it helps

This kub container is the hosted on the same machine as my ubuntu.

kubectl exec -it awx-task-6667fc866f-abcde -n awx --container awx-task – /bin/bash

bash-5.1$ whoami

awx
bash-5.1$ pwd
/tmp
bash-5.1$ ls

Inside the kub container i have a mounted volume where i can see the playbooks on my local machine.
bash-5.1$ pwd
/var/lib/awx/projects/first-project

is it then possible for the awx job template to copy into this path since it can see the files?

Thanks!

can you provide your exact settings for exposed isolated paths? also can you paste the playbook that you are running, or at least the portion that writes the file to this mounted in location?

AWX Team

Hi, also be sure to use the latest Controller docs. The doc you linked was for v3.8, which is pretty old and doesn’t align with newer AWX versions

you can use this link https://docs.ansible.com/automation-controller/latest/html/userguide/security.html#isolation-functionality-and-variables

Hi OP, were you able to resolve this? I am also trying to save output locally and eventually copy it to remote server.