Hi, I think it would be a good idea to create a single role for managing ESXi settings, including changing the root password. To make the role reusable, I recommend not specifying the hostname, ID, and password within the role itself. In your playbook, you can utilize a `vars_files` directive to include a file like `vcenter_creds.yml` that contains definitions for variables such as `vcenter_hostname`. These defined variables can then be accessed and used within your role as well. In Ansible, variables defined within the role's vars/main.yml file have a higher precedence than those defined in the playbook. Therefore, to ensure that the playbook-defined variables are used, avoid defining the same variables in the role's vars/main.yml file.
2023年4月26日水曜日 22:06:20 UTC+9 Tony Wong: > any idea? > > On Tue, Apr 25, 2023 at 6:41 AM Tony Wong <[email protected]> wrote: > >> but how would i split up enable/disable ssh? can both be in same role? I >> need to enable ssh before i can change root pass, then disable ssh after >> its done >> >> On Tue, Apr 25, 2023 at 6:33 AM Dick Visser <[email protected]> wrote: >> >>> You could use ansible-galaxy to instantiate a role skeleton: >>> >>> >>> dick.visser@GA0267 tmp$ ansible-galaxy init enable_ssh >>> - Role enable_ssh was created successfully >>> dick.visser@GA0267 tmp$ tree enable_ssh/ >>> enable_ssh/ >>> ├── README.md >>> ├── defaults >>> │ └── main.yml >>> ├── files >>> ├── handlers >>> │ └── main.yml >>> ├── meta >>> │ └── main.yml >>> ├── tasks >>> │ └── main.yml >>> ├── templates >>> ├── tests >>> │ ├── inventory >>> │ └── test.yml >>> └── vars >>> └── main.yml >>> >>> 9 directories, 8 files >>> >>> btw, different roles to enable and disable SSH to me sounds like too >>> much overhead.... >>> >>> >>> >>> On Tue, 25 Apr 2023 at 15:16, Tony Wong <[email protected]> wrote: >>> >>>> this is what i have currently >>>> >>>> change_esxi_root_pass >>>> >>>> ├── hosts >>>> >>>> ├── main.yml >>>> >>>> └── roles >>>> >>>> ├── change_esxi_root >>>> >>>> ├── disable_ssh >>>> >>>> └── enable_ssh >>>> >>>> ├── tasks >>>> >>>> │ └── main.yml >>>> >>>> └── vars >>>> >>>> ├── vars.yml >>>> >>>> └── vcenter_creds.yml >>>> >>>> >>>> >>>> >>>> >>>> On Tue, Apr 25, 2023 at 5:59 AM Tony Wong <[email protected]> wrote: >>>> >>>>> for >>>>> >>>>> |__/defaults >>>>> | >>>>> |__/main >>>>> |__vcenter_creds.yml >>>>> |__vars.yml >>>>> >>>>> >>>>> does these need to be under defaults under each role? >>>>> >>>>> what if other roles need to access these same vars files? >>>>> >>>>> >>>>> >>>>> On Mon, Apr 24, 2023 at 10:05 PM dulhaver via Ansible Project < >>>>> [email protected]> wrote: >>>>> >>>>>> the role structure can be as complex as mentioned in the previous >>>>>> post, but it does not have to include everything. In your case I'd say >>>>>> it >>>>>> boild down to this. >>>>>> >>>>>> you create a structure like this: >>>>>> >>>>>> >>>>>> base_folder >>>>>> | >>>>>> |__ playbook.yml >>>>>> | >>>>>> |__ /roles >>>>>> | >>>>>> |__ role1 >>>>>> | >>>>>> |__/tasks >>>>>> | |__main.yml >>>>>> | >>>>>> |__/defaults >>>>>> | >>>>>> |__/main >>>>>> |__vcenter_creds.yml >>>>>> |__vars.yml >>>>>> >>>>>> the playbook.yml >>>>>> >>>>>> - name: test >>>>>> hosts: all >>>>>> gather_facts: no >>>>>> >>>>>> roles: >>>>>> - role1 >>>>>> >>>>>> (there are other ways to all the roles though but thius should do the >>>>>> job) >>>>>> >>>>>> >>>>>> >>>>>> the ./tasks/main.yml >>>>>> >>>>>> --- >>>>>> - name: Enable SSH service >>>>>> vmware_host_service_manager: >>>>>> hostname: “{{ vcenter_hostname }}” >>>>>> username: “{{ vcenter_username }}” >>>>>> password: “{{ vcenter_password }}” >>>>>> esxi_hostname: “{{ hostname }}” >>>>>> validate_certs: no >>>>>> state: present >>>>>> service_name: “TSM-SSH” >>>>>> delegate_to: localhost >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On 04/24/2023 7:35 PM CEST Tony Wong <[email protected]> wrote: >>>>>> >>>>>> >>>>>> I got a pb that works like this. any idea how i can convert this to a >>>>>> role? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> --- >>>>>> >>>>>> - name: test >>>>>> >>>>>> hosts: all >>>>>> >>>>>> gather_facts: no >>>>>> >>>>>> vars_files: >>>>>> >>>>>> - vcenter_creds.yml >>>>>> >>>>>> - vars.yml >>>>>> >>>>>> >>>>>> >>>>>> tasks: >>>>>> >>>>>> - name: Enable SSH service >>>>>> >>>>>> vmware_host_service_manager: >>>>>> >>>>>> hostname: "{{ vcenter_hostname }}" >>>>>> >>>>>> username: "{{ vcenter_username }}" >>>>>> >>>>>> password: "{{ vcenter_password }}" >>>>>> >>>>>> esxi_hostname: "{{ hostname }}" >>>>>> >>>>>> validate_certs: no >>>>>> >>>>>> state: present >>>>>> >>>>>> service_name: "TSM-SSH" >>>>>> >>>>>> delegate_to: localhost >>>>>> >>>>>> sdfsdfsd >>>>>> >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Ansible Project" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/ansible-project/d637013b-7cba-4401-b7c0-edcb70b6a52cn%40googlegroups.com >>>>>> >>>>>> <https://groups.google.com/d/msgid/ansible-project/d637013b-7cba-4401-b7c0-edcb70b6a52cn%40googlegroups.com?utm_medium=email&utm_source=footer>. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to a topic in >>>>>> the Google Groups "Ansible Project" group. >>>>>> To unsubscribe from this topic, visit >>>>>> https://groups.google.com/d/topic/ansible-project/F6s6Iaaawxs/unsubscribe >>>>>> . >>>>>> To unsubscribe from this group and all its topics, send an email to >>>>>> [email protected]. >>>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/d/msgid/ansible-project/1552518980.884442.1682399125194%40office.mailbox.org >>>>>> >>>>>> <https://groups.google.com/d/msgid/ansible-project/1552518980.884442.1682399125194%40office.mailbox.org?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/CALmkhkozMiFyzJQuL--%3DqS%3DfFFauGqZb5BER4ss2WDdpAk_GVA%40mail.gmail.com >>>> >>>> <https://groups.google.com/d/msgid/ansible-project/CALmkhkozMiFyzJQuL--%3DqS%3DfFFauGqZb5BER4ss2WDdpAk_GVA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Ansible Project" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/ansible-project/F6s6Iaaawxs/unsubscribe >>> . >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/CAF8BbLa_O2mPDvci1Xwq0ukJF-Fz-L4xXS%2Bu7rj6ux7pihrWTA%40mail.gmail.com >>> >>> <https://groups.google.com/d/msgid/ansible-project/CAF8BbLa_O2mPDvci1Xwq0ukJF-Fz-L4xXS%2Bu7rj6ux7pihrWTA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/902ec20f-d450-4628-8614-d356fcf75dd7n%40googlegroups.com.
