- Red Hat Community
- :
- DO457 - Red Hat Ansible for Network Automation
- :
- Forum
- :
- Re: Welcome to the Red Hat Ansible for Network Aut...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Syed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 10.2K Views
Welcome to the Red Hat Ansible for Network Automation (DO457) group!
We are excited to launch a space dedicated to the Red Hat Training course Red Hat Ansible for Network Automation!
To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.
We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO457.
Read more about Red Hat Ansible for Network Automation here.
Travis
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 120 Views
So some of the important things are ...
https://github.com/tmichett/do374/blob/main/Demos/Misc/Extra_Mounts/ansible-navigator.yml
If you are using ansible-navigator directly, you can mount items in (this is an older format of the configuration file), but you can see the point.
Unfortunately, from remembering where I taught the networking course, I believe everything is done with VSCode and Ansible Automation Controller, so that eliminates using and testing the playbooks locally. So now you need to have something where you capture the files within the EE and then place them on another machine.
So in your instance, you might need to do something like "fetch_files" example here ...
https://github.com/tmichett/do374/blob/main/Demos/Misc/Delegation/Fetch_Files.yml
So "fetch" will typically grab the file to the "localhost" ... in this instance, localhost is the container. So what you need to do is copy the file from the container to another system where you would have access. Essentially what is happening is the Ansible Controller is running the EE and collecting the information and then it is going "poof" when the EE has completed its tasks and ends the running container.
There is also a slurp module that can be used, but keep in mind the data is B64 encoded.
Your example above where you delegate to localhost is actually delegating to the "container". If you delegate to workstation it will create a file or directory on the workstation machine. In the case of your example, you would be creating a directory.
One other cool thing I have shown ... adding another task at the bottom of the playbook to wait for 5 minutes or wait for a certain file or input within the EE. Then I take students and SSH to the controller now and run as the AWX user. You can use Podman to jump in the container and see where the resources are created. Again, the container is "localhost" and the container is ephemeral, so when the EE is complete, the container stops and cleans up after itself.
https://rhtapps.redhat.com/verify?certId=111-134-086
SENIOR TECHNICAL INSTRUCTOR / CERTIFIED INSTRUCTOR AND EXAMINER
Red Hat Certification + Training
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 102 Views
Hi,
thanks for your help.
So the only way is to mount a volume on the ansible-navigator.yml file? I can not understand why it works if I use a sub dir under {{ plyabook_dir }} but not outside it, even using delegate_to: fqdn of the controller host machine.
Again, thanks for your help.
Travis
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 93 Views
@Amaya -
So to mount a volume inside the EE you need to specify that as an extra mount in the ansible-navigator.yml file. The reason subdirectories work is because the top-level directory is mounted into the EE, so anything in that directory and all subdirectories will be available.
If you don't understand containers, essentially Podman is running the container image with a -v which mounts the current working directory into the running container based on the container image. Typically, you are attempting to run a playbook, so the Playbook Directory as you have mentioned is the current working directory and mounted into the container automatically because that is how the EE works. So anything at the Playbook Directory level is available and anything underneath of that. The container has no knowledge of anything above or outside of the Playbook Directory because it isn't available.
travis @ Traviss-MacBook-Pro-16in-8: ~/Github/AnsiblePlaybooks master [!]
$ tree
.
├── AAP2
│ ├── Collection
│ │ └── tmichett
│ │ └── gls_collection_demo
│ │ ├── docs
│ │ │ ├── manage_firewall_role.md -> ../roles/manage_firewall/README.md
│ │ │ └── manage_services_role.md -> ../roles/manage_services
│ │ ├── galaxy.yml
│ │ ├── meta
│ │ │ └── runtime.yml
│ │ ├── plugins
│ │ │ └── README.md
│ │ ├── README.md
│ │ └── roles
│ │ ├── deploy_packages
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── README.md
│ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ └── vars
│ │ │ └── main.yml
│ │ ├── manage_firewall
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── README.md
│ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ └── vars
│ │ │ └── main.yml
│ │ └── manage_services
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── README.md
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── vars
│ │ └── main.yml
│ ├── EE
│ │ ├── ansible-navigator.yml
│ │ ├── ansible.cfg
│ │ ├── EE_Demo
│ │ │ ├── ansible.cfg
│ │ │ ├── bindep.txt
│ │ │ ├── context
│ │ │ │ ├── _build
│ │ │ │ │ ├── bindep.txt
│ │ │ │ │ ├── requirements.txt
│ │ │ │ │ ├── requirements.yml
│ │ │ │ │ └── tmichett-gls_collection_demo-1.0.1.tar.gz
│ │ │ │ └── Containerfile
│ │ │ ├── execution-environment.yml
│ │ │ ├── requirements.txt
│ │ │ ├── requirements.yml
│ │ │ └── tmichett-gls_collection_demo-1.0.1.tar.gz
│ │ ├── inventory
│ │ └── README.adoc
│ ├── Misc
│ │ ├── ansible-navigator.log
│ │ ├── ansible-navigator.yml
│ │ ├── ansible.cfg
│ │ ├── Delegation
│ │ │ ├── ansible-navigator.log
│ │ │ ├── ansible-navigator.yml
│ │ │ ├── ansible.cfg
│ │ │ ├── Fetch_Files.yml
│ │ │ └── inventory
│ │ ├── Extra_Mounts
│ │ │ ├── ansible-navigator.yml
│ │ │ ├── ansible.cfg
│ │ │ ├── Fetch_Files.yml
│ │ │ └── inventory
│ │ ├── Fetch_Files.yml
│ │ └── inventory
│ └── navigator
│ ├── ANR_Setup.yml
│ ├── ansible-navigator-mounts.yml
│ ├── ansible-navigator.log
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── Demo_Clean.sh
│ ├── Demo_Complete.sh
│ ├── EE_Demo_Readme.adoc
│ ├── inventory
│ ├── Localhost_Navigator_Demo.yml
│ ├── playbook.yml
│ └── Workstation_Navigator_Demo.yml
├── Ansible_Changes
│ ├── ansible_builtin_runtime.yml
│ └── Notes.adoc
├── Callbacks
│ ├── ansible-navigator.log
│ ├── ansible.cfg
│ ├── Callback_Timer_Demo.yml
│ ├── inventory
│ ├── Packages.yml
│ └── Test.yml
├── Collections
│ └── README.adoc
├── Containers
│ ├── ansible.cfg
│ ├── collections
│ │ └── requirements.yml
│ ├── Deploy_Container_Demo.yml
│ ├── inventory
│ ├── README.adoc
│ └── vars
│ └── registry_login.yml
├── Dictionaries_and_Lists
│ ├── ansible.cfg
│ ├── inventory
│ ├── packages_to_install.yaml
│ ├── Playbook_Custom_Package_Large.yml
│ ├── Playbook_Custom_Package.yml
│ ├── playbook_packages_demo.yml
│ ├── Playbook_Sandwich_and_Shopping.yml
│ ├── sandwich_dict.yaml
│ └── shopping_list.yaml
├── DO407_Roles_Demo
│ ├── ansible.cfg
│ ├── DEMO.yml
│ ├── firewall.yml
│ ├── inventory
│ ├── requirements.yml
│ ├── roles
│ │ ├── tmichett.deploy_packages
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── README.md
│ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ └── vars
│ │ │ └── main.yml
│ │ ├── tmichett.manage_firewall
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── meta
│ │ │ │ └── main.yml
│ │ │ ├── README.md
│ │ │ ├── tasks
│ │ │ │ └── main.yml
│ │ │ └── vars
│ │ │ └── main.yml
│ │ └── tmichett.manage_services
│ │ ├── defaults
│ │ │ └── main.yml
│ │ ├── meta
│ │ │ └── main.yml
│ │ ├── README.md
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── vars
│ │ └── main.yml
│ ├── services.yml
│ └── yum.yml
├── Dynamic_Inventory
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── Demo_Inventory.sh
│ └── inventory
│ ├── hosts
│ ├── inventorya.py
│ └── inventoryw.py
├── git
│ ├── ansible.cfg
│ ├── Files
│ │ ├── BASHRC_Git_prompt
│ │ └── GitConfig
│ ├── Git_Tools_Setup.yml
│ ├── inventory
│ └── vars
│ └── git_creds.yml_demo
├── Gnome
│ └── gnome-tweaks.yml
├── IdM
│ ├── ansible.cfg
│ ├── create_groups.yml
│ ├── create_users.yml
│ └── inventory
├── JSON_QUERY
│ ├── Container_EE_Demo
│ │ ├── ansible-navigator.yml
│ │ ├── ansible.cfg
│ │ ├── container_name_in_output.yml
│ │ ├── containers_content_found.yml
│ │ ├── containers.yml
│ │ └── inventory
│ └── Demo
│ ├── ansible.cfg
│ ├── demo_danny.yml
│ ├── demo.yml
│ ├── inventory
│ ├── json_query_demo.yml
│ ├── vars_list.yml
│ └── vars.yml
├── Loops
│ └── Loop_Demo
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── demo.yml
│ ├── inventory
│ └── user.yaml
├── Networking
│ ├── ansible.cfg
│ ├── inventory
│ └── Teaming.yml
├── Packages
│ ├── AAP22
│ │ ├── ansible-navigator.log
│ │ ├── ansible-navigator.v1
│ │ ├── ansible-navigator.yml
│ │ ├── ansible.cfg
│ │ ├── inventory
│ │ ├── Package_and_Info.yml
│ │ └── Package_and_Info2.yml
│ ├── ansible.cfg
│ ├── inventory
│ ├── packages_no_to_nice_yaml.txt
│ ├── packages_to_be_updated_old.txt
│ ├── packages_to_be_updated_sorted.txt
│ ├── packages_to_be_updated.txt
│ ├── packages_updated_old.txt
│ ├── packages_updated.txt
│ ├── packages_with_to_nice_yaml.txt
│ ├── README.adoc
│ ├── RPM_Reports_Test.yml
│ └── RPM_Reports.yml
├── Playbook_Demo
│ ├── ansible-navigator.log
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── Empty_Playbook.yml
│ ├── inventory
│ ├── Out_of_Order_Playbook.yml
│ └── roles
│ └── tmichett.role-demo-debug
│ ├── defaults
│ │ └── main.yml
│ ├── meta
│ │ └── main.yml
│ ├── README.md
│ ├── tasks
│ │ └── main.yml
│ └── vars
│ └── main.yml
├── Priv_Escallation
│ ├── ansible-navigator.log
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── inventory.yml
│ ├── Priv_Demo_Book.yml
│ └── Priv_Demo_Show.yml
├── README.md
├── References
│ └── Articles.adoc
├── RHV
│ ├── ansible.cfg
│ ├── inventory
│ ├── Register_RHHIV_Host.yml
│ └── Sysprep_RHEL8_VM.yml
├── Satellite
│ ├── Activation_Key.yml
│ ├── ansible.cfg
│ ├── collections
│ │ └── ansible_collections
│ │ └── redhat
│ │ └── satellite
│ │ ├── CHANGELOG.rst
│ │ ├── changelogs
│ │ │ └── changelog.yaml
│ │ ├── FILES.json
│ │ ├── LICENSE
│ │ ├── MANIFEST.json
│ │ ├── meta
│ │ │ └── runtime.yml
│ │ ├── plugins
│ │ │ ├── callback
│ │ │ │ └── foreman.py
│ │ │ ├── doc_fragments
│ │ │ │ └── foreman.py
│ │ │ ├── filter
│ │ │ │ └── foreman.py
│ │ │ ├── inventory
│ │ │ │ └── foreman.py
│ │ │ ├── module_utils
│ │ │ │ ├── _apypie.py
│ │ │ │ └── foreman_helper.py
│ │ │ └── modules
│ │ │ ├── activation_key.py
│ │ │ ├── architecture.py
│ │ │ ├── auth_source_ldap.py
│ │ │ ├── bookmark.py
│ │ │ ├── compute_attribute.py
│ │ │ ├── compute_profile.py
│ │ │ ├── compute_resource.py
│ │ │ ├── config_group.py
│ │ │ ├── content_credential.py
│ │ │ ├── content_upload.py
│ │ │ ├── content_view_filter.py
│ │ │ ├── content_view_version.py
│ │ │ ├── content_view.py
│ │ │ ├── domain.py
│ │ │ ├── external_usergroup.py
│ │ │ ├── global_parameter.py
│ │ │ ├── hardware_model.py
│ │ │ ├── host_collection.py
│ │ │ ├── host_info.py
│ │ │ ├── host_power.py
│ │ │ ├── host.py
│ │ │ ├── hostgroup.py
│ │ │ ├── http_proxy.py
│ │ │ ├── image.py
│ │ │ ├── installation_medium.py
│ │ │ ├── job_invocation.py
│ │ │ ├── job_template.py
│ │ │ ├── lifecycle_environment.py
│ │ │ ├── location.py
│ │ │ ├── operatingsystem.py
│ │ │ ├── organization.py
│ │ │ ├── os_default_template.py
│ │ │ ├── partition_table.py
│ │ │ ├── product.py
│ │ │ ├── provisioning_template.py
│ │ │ ├── puppet_environment.py
│ │ │ ├── puppetclasses_import.py
│ │ │ ├── realm.py
│ │ │ ├── redhat_manifest.py
│ │ │ ├── repository_info.py
│ │ │ ├── repository_set.py
│ │ │ ├── repository_sync.py
│ │ │ ├── repository.py
│ │ │ ├── resource_info.py
│ │ │ ├── role.py
│ │ │ ├── scap_content.py
│ │ │ ├── scap_tailoring_file.py
│ │ │ ├── setting.py
│ │ │ ├── smart_class_parameter.py
│ │ │ ├── smart_proxy.py
│ │ │ ├── status_info.py
│ │ │ ├── subnet.py
│ │ │ ├── subscription_manifest.py
│ │ │ ├── sync_plan.py
│ │ │ ├── templates_import.py
│ │ │ ├── user.py
│ │ │ └── usergroup.py
│ │ ├── README.md
│ │ ├── requirements.txt
│ │ └── roles
│ │ ├── activation_keys
│ │ │ ├── README.md
│ │ │ └── tasks
│ │ │ └── main.yml
│ │ ├── content_view_version_cleanup
│ │ │ ├── README.md
│ │ │ └── tasks
│ │ │ ├── delete_cv_versions.yml
│ │ │ ├── find_and_delete_unused_cv_versions.yml
│ │ │ └── main.yml
│ │ ├── lifecycle_environments
│ │ │ ├── README.md
│ │ │ └── tasks
│ │ │ └── main.yml
│ │ ├── manifest
│ │ │ ├── defaults
│ │ │ │ └── main.yml
│ │ │ ├── README.md
│ │ │ └── tasks
│ │ │ └── main.yml
│ │ ├── repositories
│ │ │ ├── README.md
│ │ │ └── tasks
│ │ │ └── main.yml
│ │ └── sync_plans
│ │ ├── README.md
│ │ └── tasks
│ │ └── main.yml
│ ├── inventory
│ ├── Register_Host.yml
│ ├── Sat_Test.yml
│ └── sat_vars.yml
├── task-speed
│ ├── ansible.cfg
│ ├── clean.yml
│ ├── create_cgroup.txt
│ ├── deploy_webservers_optimized.yml
│ ├── deploy_webservers_slow.yml
│ ├── deploy_webservers.yml
│ ├── deploy_webservers.yml.backup
│ ├── inventory.yml
│ └── web_content
│ ├── data.img
│ ├── rhel7.0
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.1
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.2
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.3
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.4
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.5
│ │ └── isos
│ │ └── netboot.iso
│ ├── rhel7.6
│ │ └── isos
│ │ └── netboot.iso
│ └── rhel8.0
│ └── isos
│ └── netboot.iso
├── Tower_or_AWX
│ ├── ansible.cfg
│ ├── collections
│ │ └── requirements.yml
│ ├── inventory
│ ├── Notes.adoc
│ ├── playbook_commands.txt
│ ├── Setup_Controller.yml
│ └── Setup_Jobs.yml
├── User
│ ├── ansible.cfg
│ ├── commands
│ ├── DO447_Examples
│ │ ├── ansible-navigator.yml
│ │ ├── ansible.cfg
│ │ ├── clean.yml
│ │ ├── config
│ │ ├── config.txt
│ │ ├── create_users.yml
│ │ ├── credentials
│ │ │ ├── john_password
│ │ │ ├── karen_password
│ │ │ └── lauren_password
│ │ ├── file.yml
│ │ ├── hosts
│ │ ├── hosts.txt
│ │ ├── inventory
│ │ ├── ips-debug.yml
│ │ ├── ips.yml
│ │ ├── sources.yml
│ │ ├── template.txt.j2
│ │ ├── tests
│ │ ├── tests.txt
│ │ ├── users.txt
│ │ └── users.yml
│ ├── inventory
│ ├── user_setup.yml
│ └── Variable_Filters
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── commands
│ ├── inventory
│ └── user_setup.yml
├── Vars
│ ├── ansible.cfg
│ ├── inventory
│ ├── Playbook_Custom_Package_Large.yml
│ ├── Var_Demo_Playbook.yml
│ ├── Var_Demo_Playbook2.yml
│ └── volume
├── VMs
│ ├── ansible.cfg
│ ├── View_QCOW2_Data.yml
│ └── View_QCOW2_Data2.yml
└── Windows
├── ansible.cfg
├── Demo
│ ├── ansible_launch_zsh.sh
│ ├── ansible-navigator.log
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── Files
│ │ └── Windows_Copy_Demo.txt
│ ├── inventory
│ ├── win_chocolatey_install.yml
│ ├── win_chocolatey.yml
│ ├── win_copy.yml
│ ├── win_file.yml
│ ├── win_package.yml
│ └── win_ping.yml
└── inventory
So I have a huge directory tree here of sample playbooks. If I do it from my Github project directory at the top-level, it will mount all of that into the running EE. However, if I am in the Windows sub-directory of the project, I would only have access to the following playbooks, directories and files ...
├── ansible.cfg
├── Demo
│ ├── ansible_launch_zsh.sh
│ ├── ansible-navigator.log
│ ├── ansible-navigator.yml
│ ├── ansible.cfg
│ ├── Files
│ │ └── Windows_Copy_Demo.txt
│ ├── inventory
│ ├── win_chocolatey_install.yml
│ ├── win_chocolatey.yml
│ ├── win_copy.yml
│ ├── win_file.yml
│ ├── win_package.yml
│ └── win_ping.yml
└── inventory
I wouldn't even know I was in a directory called Windows, but instead, from the context of what is known is the current working directory so the top-level has ansible.cfg, inventory, and a directory called Demo and that is what would be mounted in the running container (EE) and available to the Ansible execution environment (EE). Everything else is outside the container and it has no way of knowing it exists.
https://rhtapps.redhat.com/verify?certId=111-134-086
SENIOR TECHNICAL INSTRUCTOR / CERTIFIED INSTRUCTOR AND EXAMINER
Red Hat Certification + Training
shashi01
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 89 Views
That’s simply awesome!
Travis
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- 89 Views
@Amaya -
I wanted to address the delegate_to separately ... as this has nothing to do with how things are mounted in an execution environment, but more where/how a module will execute and perform its task.
Typically, Ansible playbooks leverage the inventory file and the Hosts directive in the Ansible playbook. What is on the hosts line is what the module in the task uses to define where and how a task will be run. It takes a lot of thinking in terms of context on where and how a module will run and perform its designated operation.
Typically, a control node is the location running the playbook. If you aren't using execution environments, the control node is the machine that has the ansible-playbook command and is also known as "localhost". When using execution environments, it is the container that is actually running the playbook and it is the container that is "localhost", so while ansible-navigator is run from the physical or virtual machine, localhost is within the running container and anything on that filesystem is gone when the container execution finishes.
This raises the question, how does fetch work ... well, fetch is meant to grab a file from hosts in the inventory and bring it back to the localhost running the module. In the instance of using fetch it would grab files from the inventory hosts and bring those back to localhost and the files would be lost. One thing you could do is use fetch and delegate_to to provide an alternative host instead of localhost on where the files would be dumped. This would prevent the files from being on the container and instead the files would be grabbed from the inventory hosts and dumped on the system in the delegate_to.
https://rhtapps.redhat.com/verify?certId=111-134-086
SENIOR TECHNICAL INSTRUCTOR / CERTIFIED INSTRUCTOR AND EXAMINER
Red Hat Certification + Training
- « Previous
- Next »
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.
