diff --git a/knowledge base/ansible.md b/knowledge base/ansible.md index 9e4829f..19b1802 100644 --- a/knowledge base/ansible.md +++ b/knowledge base/ansible.md @@ -1760,6 +1760,7 @@ Another _better (?)_ solution in playbooks/roles would be to sanitize the input - [How to run Ansible with_fileglob in alphabetical order?] - [Ansible v2.14 CHANGELOG] - [How can I pass variable to ansible playbook in the command line?] +- [Ansible Map Examples - Filter List and Dictionaries] [6 ways to speed up ansible playbook execution]: https://wearenotch.com/speed-up-ansible-playbook-execution/ [ansible - how to remove an item from a list?]: https://stackoverflow.com/questions/40927792/ansible-how-to-remove-an-item-from-a-list#40927834 +[Ansible Map Examples - Filter List and Dictionaries]: https://www.middlewareinventory.com/blog/ansible-map/ [ansible roles: basics, creating & using]: https://spacelift.io/blog/ansible-roles [ansible vault tutorial]: https://piyops.com/ansible-vault-tutorial [ansible vault with awx]: https://medium.com/t%C3%BCrk-telekom-bulut-teknolojileri/ansible-vault-with-awx-80b603617798 @@ -1824,6 +1826,7 @@ Another _better (?)_ solution in playbooks/roles would be to sanitize the input [Easy things you can do to speed up ansible]: https://mayeu.me/post/easy-things-you-can-do-to-speed-up-ansible/ [edit .ini file in other servers using ansible playbook]: https://syslint.com/blog/tutorial/edit-ini-file-in-other-servers-using-ansible-playbook/ [Handling secrets in your Ansible playbooks]: https://www.redhat.com/sysadmin/ansible-playbooks-secrets +[Hide sensitive data in Ansible verbose logs]: https://harshanu.space/en/tech/ansible-redact/ [how can i hide skipped tasks output in ansible]: https://stackoverflow.com/questions/39189549/how-can-i-hide-skipped-tasks-output-in-ansible#76147924 [how can i pass variable to ansible playbook in the command line?]: https://stackoverflow.com/questions/30662069/how-can-i-pass-variable-to-ansible-playbook-in-the-command-line#30662156 [how to append to lists]: https://blog.crisp.se/2016/10/20/maxwenzin/how-to-append-to-lists-in-ansible @@ -1853,4 +1856,3 @@ Another _better (?)_ solution in playbooks/roles would be to sanitize the input [working with versions]: https://docs.ansible.com/ansible/latest/collections/community/general/docsite/filter_guide_working_with_versions.html [yes and no, true and false]: https://chronicler.tech/red-hat-ansible-yes-no-and/ [zuul]: https://zuul-ci.org/ -[Hide sensitive data in Ansible verbose logs]: https://harshanu.space/en/tech/ansible-redact/ diff --git a/snippets/ansible/tasks.yml b/snippets/ansible/tasks.yml index d0b0e92..9bb8fc6 100644 --- a/snippets/ansible/tasks.yml +++ b/snippets/ansible/tasks.yml @@ -628,16 +628,34 @@ seconds: 60 - name: EC2-specific operations # Notice: tasks using the 'ec2_instance' module might create a new instance even if older ones exist from a - # different run, but return the *old* instance's ID and information. - # This seems to be an issue with how the module filters EC2 instances out when deciding whether existing - # instances match and should be altered. By default, instances are filtered by 'Name' tag, base AMI, state, and - # subnet ID. Refer the module's 'filters' property. + # different run, but return the *old* instance's ID and information. + # This seems to be an issue with how the module filters EC2 instances out when deciding whether existing + # instances match and should be altered. By default, instances are filtered by 'Name' tag, base AMI, state, and + # subnet ID. Refer the module's 'filters' property. + # `filters` accepts inputs as the API would. Refer + # + # ALERT: `filters` takes precedence over `instance_ids` - do *not* do something like + # amazon.aws.ec2_instance: + # instance_ids: i-0123456789abcdef0 + # filters: + # instance-state-name: running + # state: terminated + # as it will terminate *all* running instances, not only the specified instance *if* running. + # The AWS API, instead, work as expected as of 2025-08-25. block: - - name: Get running instances with 'K8S' as the 'Application' tag + - name: Get information about running instances with 'K8S' as the 'Application' tag amazon.aws.ec2_instance_info: filters: - "tag:Application": K8S + tag:Application: K8S instance-state-name: ["running"] + - name: Start stopped PG dumper instances + tags: dumper + amazon.aws.ec2_instance: + filters: + instance-state-name: stopped + tag:Application: Postgres + tag:Component: Dumper + state: started - name: Clone EC2 instances vars: source_instance_id: i-0123456789abcdef0 @@ -869,10 +887,11 @@ ansible_remote_tmp: /tmp/.ansible-ssm-user/tmp ansible_async_dir: /tmp/.ansible-ssm-user/async tasks: - - name: Start the PG dumper instance + - name: Start stopped PG dumper instances tags: dumper amazon.aws.ec2_instance: filters: + instance-state-name: stopped tag:Application: Postgres tag:Component: Dumper state: started diff --git a/snippets/ansible/tasks/manipulate data.yml b/snippets/ansible/tasks/manipulate data.yml index fa27da7..4291404 100644 --- a/snippets/ansible/tasks/manipulate data.yml +++ b/snippets/ansible/tasks/manipulate data.yml @@ -296,6 +296,15 @@ {{ 'ansible_job_id' | extract(module_output | regex_search('{.*}') | from_json) }} base64_encoded_string: "{{ 'some string' | ansible.builtin.b64encode }}" base64_decoded_string: "{{ 'c29tZSBzdHJpbmc=' | ansible.builtin.b64decode }}" + csv_to_command_options: >- + {{ + [ + pg_shared_preload_libraries|split(',')|reject('equalto','pgaudit')|map('regex_replace','^','--extension='), + '--no-publications', + '--no-subscriptions', + '--exclude-schema=transient_views', + ] | flatten | unique + }} - name: Return data types tags: