r/ansible

▲ 4 r/ansible+1 crossposts

Ansible issue with port channels

I was using Ansible to push interface information(desc, mtu, name...) from cisco ASR to netbox. Normal interfaces were pushed successfully, but when Ansible pulled the info from Port channels, all the port channels were looped and broadcast storm was caused(info was pushed to netbox tho). There was more than 500000 packets per second on each port channel interface. I did the same on a few cisco switch and nothing bad happened.

Anyone knows what caused this and how to prevent it?

edit: the module was cisco ios gather facts all. I want to know if is there anything more lightweight or optimised so it won't cause loops and broadcast storms on port channels.

reddit.com
u/kowaxuriskanfeti — 5 hours ago
▲ 16 r/ansible

I made a native iOS client for Ansible Semaphore – looking for feedback

I’ve been using Ansible Semaphore for a while, and I realized that whenever I was away from my computer I kept opening the web UI from my phone just to check whether a deployment had finished, look at a failed job, or quickly rerun a template.
The web interface works, but I wanted something faster, more mobile-friendly, and always in my pocket. So I started building a native iPhone app for myself.
After using it daily for a few months, I decided to publish it on the App Store in case it could be useful to other Semaphore users as well.
At the moment it supports things like:
Browsing projects and templates
Launching task templates
Monitoring running and completed jobs
Viewing and searching execution logs
Sharing logs for troubleshooting
It connects directly to your own Semaphore instance using your personal API token.

There’s no external service involved.
App Store: https://apps.apple.com/it/app/semaphore-remote/id6782102335

I’m curious to hear from other Semaphore users:
What features are missing that would make this genuinely useful?
Are there pain points in the Semaphore web UI that you’d like a mobile app to solve?
Is there anything you’d want to manage from your phone that isn’t possible today?
I’d love to keep improving it based on real-world workflows rather than just my own. Thanks!

u/alesiestu — 2 days ago

ansible-navigator versions diffrences?

Is there a difference in the ansible-navigator installed via pip and the ansible-navigator installed with dnf via redhat repo?

reddit.com
u/letsgotime — 3 days ago

List of dict in the inventory

Hi,

I'm using Ansible to attach VMDK to VMware VM and create a filesystem/mountpoint on the OS.

My inventory looks like this:

[extra_vmdks]
myhost vmdks='["{'path': '/data', 'mode': 'persistent', 'size': '20G', 'vgname': 'data'}", "{'path:' '/opt', 'mode': 'persistent', 'size': '12G', 'vgname': 'opt'}", "{'path': '/var/log/iway', 'mode': 'independent_persistent', 'size': '12G', 'vgname': 'logiway'}"]'  

It works but is there a better way to store this information in the inventory? YAML/TOML format doesn't seem better.

Thanks,

reddit.com
u/Pei-Pa-Koa — 4 days ago

Should Ansible be used for local development?

I've considered getting rid of many scripts and vscode tasks in favor of adding a dev.yml inventory that deploy everything locally on my machine.

However i've been meeting plenty of problems. I need to add conditionals on various tasks that need privilege escalation (such as nginx restart). I need to add permissions for various processes on my machine, and generally uproot a lot of my (already working) playbooks workflow.

I don't know what to make of this. Is the recent inclusion of localhost exposing flaws in my playbook and task design. Or am I now realizing Ansible wasn't built with local devlopment in mind and I am trying to fit a square peg into a round hole?

reddit.com
u/BigBootyBear — 6 days ago
▲ 18 r/ansible

Renewing SSL certs on 2.6 Containerized w/o running the installer?

I know what the official RH docs say, but I think it's dumb so I'm here to ask; Has anyone been able to replace tls files (cert and key) for certificate renewals on the containerize AAP 2.6 platform without running the installer?

I'm talking just the main platform url, the Gateway's url.

EDIT
In my environment, I created a SAN cert using LE to cover themain url and each hosts fqdn.. there were reasons at the time but honestly right now I can't remember. Regardless, specifying thesame cert for each role is supported.

So under /home/*aap_user*/aap/*role*/etc on all 8 hosts the custom cert exists as gateway.cert, tower.cert, pulp.cert and eda.cert. (.key files exist in the same place too)

EDIT2
The tasks named `tls.yml` for each Role simply copies the specified {{ role_tls_cert }} and {{role_tls_key }} from the src which would be. defined in the inventory file, to {{ role_conf_dir }}/role.cert (role.key)

So logically yes, putting hte two new files on each hosts Config directory (/home/aap_installer_user/aap/*role*/etc/name.cert and name.key) is def step 1. Well after backing up the existing files obviously, lol.

EDIT3
So edit2, then bounced all container services (under the user scope, my new cert in in play and all services are testing good.

reddit.com
u/invalidpath — 6 days ago
▲ 9 r/ansible+1 crossposts

Looking for the name of a work method

Dear architects,

I am a system administrator in a team, we work a lot with Ansible. In my team we have two approaches to write roles/playbooks:

  • One style has ready-made flat configuration files, maybe a few substitutions here and there. Changes might require finding multiple occurences of a string, and replacing them. The Ansible code is copying files for the most part.
  • The other style leans heavily on a bunch of lists/dictionaries which I would describe as a "model" of the various object classes of e.g. a company. The Ansible code is written smart enough to derive everything from that model. Fluctuation in the company is reduced to updating the lists/dictionaries.

I am fairly certain that there is a snappy name to distinguish those two approaches.

reddit.com
u/chief_wrench — 7 days ago
▲ 33 r/ansible

I built a free, browser-based Ansible visual debugger and Jinja2 sandbox

I built this tool because I was tired of the "Ansible Loop of Doom": writing complex filters, running the playbook, waiting for the connection, and watching it fail. I wanted a way to visualize the execution path instantly.

It’s called Ansible101, and it's a completely free, MIT-licensed, privacy-first tool. All parsing happens client-side, so your sensitive YAML or inventory data never leaves your browser.

Key features:

- Visual Flow: Renders raw YAML into a ReactFlow-based execution graph.

- Limits Lab: Live-test --limit patterns against your inventories.

- Jinja2 Sandbox: Step-by-step transformation traces.

I’m looking for any feedback on how it handles complex playbook structures or edge-case parsing. Please let me know if you run into any layout bugs!

reddit.com
u/N3bula404 — 9 days ago

Quota exceeded when creating a backup in tmp

Ansible fails during module transfer with "Disk quota exceeded" (EDQUOT) despite available disk space. Root cause is /tmp mounted as tmpfs with memory-based limits, causing Ansible temporary payload writes to fail. /home workaround already applied; issue now isolated to /tmp memory-backed filesystem. Mitigation requires moving Ansible remote temp directory to /var/tmp or increasing tmpfs size and after doing that, I get the "Create backup in tmp" tasks just hanging.

reddit.com
u/Imaginary_Choice_430 — 7 days ago
▲ 0 r/ansible+1 crossposts

I feel like I’m going nowhere in my career… need honest advice?

Hey everyone,

I’m working as a Storage Admin (around 1.5 years of experience—NetApp & Dell Unity). From outside it probably looks like I’m doing okay, but honestly I feel completely lost.

My day-to-day work is mostly repetitive stuff—monitoring, basic issues, and following existing steps. I don’t feel like I’m learning anything deep or becoming really good at something. It’s starting to scare me a bit because I don’t feel confident about my skills.

I’ve tried to improve myself—looked into Azure and backup tools and even thought about switching to DevOps. But the problem is I keep jumping between things. I start something, then lose focus or get confused, and move to something else. End result: I don’t think I’ve properly learned anything.

Now I’m stuck in this weird place where: I don’t feel skilled enough; I don’t know what to focus on; I don’t know if I should continue in storage or switch paths

It feels like I’m just passing time in my job instead of actually growing.

If anyone here has been in a similar situation, what did you do?

Should I just stick to storage and go deep into it, or is it better to switch to something like cloud/DevOps now before it’s too late?

Also, how do you guys actually stay consistent while learning? That’s been a big struggle for me.

Would really appreciate honest advice.

reddit.com
u/Key-Situation9384 — 8 days ago
▲ 8 r/ansible+1 crossposts

Confirmation about ansible-config init and ansible-navigator settings --sample in the EX294 exam environment

Hello everyone,

Has anyone who recently passed the Red Hat EX294 exam confirmed whether the following commands work in the actual exam environment?

ansible-config init --disabled > ansible.cfg
ansible-navigator settings --sample > ansible-navigator.yml

I am asking because they can help generate sample configuration files instead of memorizing every variable name, such as remote_user, inventory settings, execution environment settings, and other Ansible configuration options.

I am not asking for any exam questions or confidential exam content. I only want to confirm whether these commands are available and usable in the exam environment.

Can anyone please confirm this from recent experience?

reddit.com
u/umer4350 — 8 days ago
▲ 14 r/ansible

Correct way to reference env vars moving forward?

[WARNING]: Deprecation warnings can be disabled by setting `deprecation_warnings=False` in ansible.cfg.
[DEPRECATION WARNING]: INJECT_FACTS_AS_VARS default to `True` is deprecated, top-level facts will not be auto injected after the change. This feature will be removed from ansible-core version 2.24.
Origin: /Users/user/project/playbooks/agents/yoke-agent-setup.yml:5:11

3   hosts: my-host
4   environment:
5     PATH: "{{ ansible_env.HOME }}/.local/bin:{{ ansible_env.PATH }}"
            ^ column 11

Use `ansible_facts["fact_name"]` (no `ansible_` prefix) instead.

This warning is seemingly misleading, as ansible_facts['env'] does not exist. ansible_env[...] is also being deprecated. What is the correct way to reference these moving forward?

reddit.com
u/stacktoodeep — 11 days ago
▲ 14 r/ansible+1 crossposts

Determining IaC data-center baseline and patching method going forward

I am trying to understanding the current ask of my boss. We have a collection of playbooks that are building a data-center using Ansible. This is an IaC framework obviously. I am trying to determine what exactly my boss is asking of me. He wants a "Source of Truth" for our data-center.

Isn't the datacenter built inherently considered the baseline on day 1? Or how can I snap a chalk line and say what is the baseline of our datacenter? A json dump of our application configurations? How or what deliverable defines what the baseline of the environment is?

Also, a question about patching the environment. My boss wants a file that can be easily modified and then that pushes a new configuration for applications. For example, a file that has 2 AD servers defined, so if a 3rd one gets added you can just add it to this file. So the datacenter doesn't have to be re-built from ground zero.

Wouldn't adding a new playbook just be considered "patching" the existing baseline?

reddit.com
u/fordgoldfish — 11 days ago
▲ 1 r/ansible+1 crossposts

What’s your biggest pain when working with Ansible in JetBrains IDEs?

I’ve been using Ansible for a while, and I feel the editing experience in JetBrains IDEs is still missing a lot compared to what I’d expect from a modern IDE.

Some things that regularly slow me down:
- jumping between inventories, roles, and playbooks
- understanding where a variable actually comes from
- working with Ansible Vault files
- navigating large infrastructure repositories
- YAML completion that isn’t really Ansible-aware

I’m curious what annoys other people the most.

If you could add one feature to your IDE for Ansible development, what would it be?

I’d especially love to hear from people managing medium or large infrastructures.

reddit.com
u/meanmail_dev — 11 days ago

Determining IaC data-center baseline and patching method going forward

I am trying to understanding the current ask of my boss. We have a collection of playbooks that are building a data-center using Ansible. This is an IaC framework obviously. I am trying to determine what exactly my boss is asking of me. He wants a "Source of Truth" for our data-center.

Isn't the datacenter built inherently considered the baseline on day 1? Or how can I snap a chalk line and say what is the baseline of our datacenter? A json dump of our application configurations? How or what deliverable defines what the baseline of the environment is?

Also, a question about patching the environment. My boss wants a file that can be easily modified and then that pushes a new configuration for applications. So the datacenter doesn't have to be re-built from ground zero.

Wouldn't adding a new playbook just be considered "patching" the existing baseline?

reddit.com
u/fordgoldfish — 11 days ago

rh insights

I am working on a role to install and configure rh insights, but I can't tell if the collection from the automation hub is deprecated and I should use the rhc from galaxy. How is everyone you going about this?

Thanks!

reddit.com
u/Busy-Examination1148 — 11 days ago
▲ 15 r/ansible+1 crossposts

An ansible-doc plugin that looks up keyword under cursor for all types ansible-doc supports in parallel

Hi all!

I've just updated my plugin Geertsky/ansible-doc.nvim.

Features

  • Looks up the keyword under the cursor for all types supported by ansible-doc -t.
  • Runs lookups in parallel with a configurable concurrency limit.
  • Prompts with vim.ui.select() when multiple documentation types match.
  • Renders documentation as Markdown.
  • Installs a buffer-local mapping for Ansible YAML buffers.
u/geertsky — 11 days ago

Breaking variables out of hostvars.

Hi all,

I'm trying to break a list of hostnames and variables out of hostvars so I can then run a loop to build some other config.

But I'm struggling to find the suitable reference to work out how to do it.

But i can see the information in the debug.

Any suggestions please?

reddit.com
u/psfletcher — 14 days ago