Hi
What is the most efficient way to "push" backslashes in ansible playbooks ?
My playbook does not work because Python cut backslashes or add new one.
e.g. //hostname001/foo/
Hi
What is the most efficient way to "push" backslashes in ansible playbooks ?
My playbook does not work because Python cut backslashes or add new one.
e.g. //hostname001/foo/
Can you give a bit more detail?
Don’t forget that as well as python parsing, there is yaml parsing and if you are using templates - {{ }} then there is jinja2 parsing too.
So can you share a minimal version of the problem?
Jon
Just noticed you said windows paths. in playbooks I would suggest the following
1/ use ansible 2.0 or later
2/ use key: value (yaml style) rather than key=value key=value as you are less likely to need to quote vars if they aren’t all on one line.
3/ If you aren’t using templating you can usually just have bare paths without any quoting
win_copy:
src: myfile.txt
dest: C:\Myfiles\myfile.txt
4/ if you are using templating then you may need to double quote your windows paths - and if you are double quoting then use double backslash for path separator
vars:
sub_dir: “parent_folder\child_folder”
win_copy:
src: myfile.txt
dest: “C:\Myfiles\{{ sub_dir }}\myfile.txt”
It looks like maybe you are trying to use a UNC path to access files from a second windows machine \someserver\share. Unfortunately windows treats this as a ‘second hop’ (hop 1 is from ansible controller to windows box, hop 2 is from windows box to \second_machine), and ‘second hop’ communication is usually disallowed.
If you have pywinrm installed and you set up kerberos delegation you can get round this limitation, but this is new functionality and not yet documented. If possible it might be easier to use fetch to collect files from one windows machine and then win_copy to push the files out to your windows machines if you don’t want to, or can’t set up kerberos delegation.
Hope this helps,
Jon
Thanks Jon!
Problem with backslashes has been solved.
Good point: we are trying to access directory from a second machine e.g. \\host002\something
That is exactly our problem ... multi-hop scenarios.
Unfortunately we cannot copy required files from remote to local machine.
As I know Ansible since 2.1 solved this problem and there is no docs yet.
Can you give me some hints or paste sample configuration how to solve this issue and allow my win host controlled by Ansible to have an access to others machines inside our domain ?
Karol
Assuming you’re already using kerberos for domain auth, just make sure you have pywinrm >= 0.2.0, then add:
ansible_winrm_kerberos_delegation=yes
to your inventory. This will cause the TGT to be included in the kerberos negotiation instead of just the service ticket, so that downstream services can use the TGT to request access to other resources.
Docs are coming, but I ended up doing a bigger rewrite than originally planned to try and make sense of all the options.