Ansible playbook to add dynamic list of object in ...

Gert_Vossius · ‎2019-02-06

Hi all,

I'm using the tutorial playbook on the Check Point Github page and I want to make a playbook where I can create host objects and a network group object based on an input file.

The goal is to use/create n number of hosts and add that n number of hosts to a network group objects based on an inputfile dat is dynamically generated by another script.

For this I'm trying to use the with_items statement in Ansible but I get the error:

TASK [set group] *******************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"failed": true, "msg": "The task includes an option with an undefined variable. The error was: 'item' is undefined\n\nThe error appears to have been in '/root/workspace/ansible/cp/cp_add_host_to_existing_group-playbook.yml': line 27, column 5, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n # the login command is used here to run 'add-host'\n - name: \"set group\"\n ^ here\n\nexception type: <class 'ansible.errors.AnsibleUndefinedVariable'>\nexception: 'item' is undefined"}

This is how my playbook looks like

---
- hosts: "localhost" # Note #2 in the Description section
 vars_files:
 - varhosts.yml
 tasks:
 - name: "login" # You have to login to the management
 # server before running any commands
 check_point_mgmt:
 command: login
 parameters:
 username: "{{mgmt_user}}" # Variables set in /etc/ansible/hosts, to avoid needing
 password: "{{mgmt_password}}" # to type your login details in every playbook.
 management: "{{mgmt_server}}"
 domain: "{{mgmt_domain}}"
 fingerprint: "XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX"
 register: login_response # Register the output from the login
 # command so we can use it later to run commands.
 - name: "add host"
 check_point_mgmt:
 command: add-host # Name of the command
 parameters: # The parameters for it, in dictionary form
 name: "{{item.host_name}}"
 ipv4-address: "{{item.ipv4_address}}"
 session-data: "{{ login_response }}" # The session data we received from
 with_items: "{{host_table}}"
 # the login command is used here to run 'add-host'
 - name: "set group"
 check_point_mgmt:
 command: set-group
 parameters:
 name: "{{group_name}}"
 members:
 - "{{item.host_name}}"
 with_items: "{{host_table}}"
 session-data: "{{ login_response }}"
 - name: "publish" # Publishing is important if you want
 # your changes to be saved.
 check_point_mgmt: # This will actually 'discard' when
 # check mode is enabled (ansible-playbook -C)
 # unless you add 'always_run: yes' to the task.
 command: publish
 session-data: "{{login_response}}"
 - name: logout
 check_point_mgmt:
 command: logout
 session-data: '{{login_response}}'‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I also tried this:

- name: "set group"
 check_point_mgmt:
 command: set-group
 parameters:
  name: "{{group_name}}"
  members:
   - "{{item.host_name}}"
  session-data: "{{ login_response }}"‍‍‍‍‍‍‍‍‍
 with_items: "{{host_table}}"‍‍‍‍‍‍‍‍‍

add with_items on the end of the group, but in that case only 1 (the last) host object is added to the network group object.

Somebody who can help me with this? I'm an Ansible fresher so any help is welcome!

Thanks

PhoneBoy · ‎2019-02-08

I believe the mistake is that you're referring to the item as item.host_name when you're using with_items.

However, I am by no means an Ansible expert.

Also keep in mind that Ansible is very sensitive to spacing/indents and can fail when this is incorrect.

Are you a member of CheckMates?

Ansible playbook to add dynamic list of object in network group object