Ansible nested loops through inventories

1
votes

I was looking at the Loops page of Ansible https://docs.ansible.com/ansible/2.7/user_guide/playbooks_loops.html but I could not find what I am looking for...

I would like to test if a "source" host can reach / connect to a set of target hosts on a set of ports. Each set of target host can be, for example, an inventory group and each inventory group has a list of their own ports to be tested.

The idea is to specify only two vars as input to the playbook: a list of groups of hosts and a list of one or more source hosts.

How the loop should be done? The inventory can be YAML or INI files: one or multiple, for each group. The test of a TCP connection is easy... so the focus is only on the input vars and loop construction.

Thanks and regards.

Stef

1
ansibleansible-inventory

1 Answers

0
votes

Given the following hosts inventory file

server1
server2
server3

[dev]
d1
d2
d3

[dev:vars]
ports=8080,8443

[int]
i1
i2
i3

[int:vars]
ports=80,443

and the following playbook play.yml

---
- hosts: all
  gather_facts: False
  vars:
    group: 'dev'

  tasks:
  - name: Just loop through a group and group_vars
    debug:
      msg: 'group is {{group}} target is {{item.0}} port is {{item.1}}'
    loop: >
      {{ groups[group] |
         product(hostvars[groups[group][0]]["ports"]) |
         list }}

you can loop through you inventory as you described

ansible-playbook -i hosts play.yml -l server* -e group=int

produces the following result:

PLAY [all] *********************************************************************

TASK [Just loop through a group and group_vars] ********************************
ok: [server1] => (item=[u'i1', 80]) => {
    "msg": "group is int target is i1 port is 80"
}
ok: [server1] => (item=[u'i1', 443]) => {
    "msg": "group is int target is i1 port is 443"
}
ok: [server2] => (item=[u'i1', 80]) => {
    "msg": "group is int target is i1 port is 80"
}
ok: [server2] => (item=[u'i1', 443]) => {
    "msg": "group is int target is i1 port is 443"
}
ok: [server1] => (item=[u'i2', 80]) => {
    "msg": "group is int target is i2 port is 80"
}
ok: [server3] => (item=[u'i1', 80]) => {
    "msg": "group is int target is i1 port is 80"
}
ok: [server1] => (item=[u'i2', 443]) => {
    "msg": "group is int target is i2 port is 443"
}
ok: [server3] => (item=[u'i1', 443]) => {
    "msg": "group is int target is i1 port is 443"
}
ok: [server2] => (item=[u'i2', 80]) => {
    "msg": "group is int target is i2 port is 80"
}
ok: [server1] => (item=[u'i3', 80]) => {
    "msg": "group is int target is i3 port is 80"
}
ok: [server3] => (item=[u'i2', 80]) => {
    "msg": "group is int target is i2 port is 80"
}
ok: [server2] => (item=[u'i2', 443]) => {
    "msg": "group is int target is i2 port is 443"
}
ok: [server1] => (item=[u'i3', 443]) => {
    "msg": "group is int target is i3 port is 443"
}
ok: [server3] => (item=[u'i2', 443]) => {
    "msg": "group is int target is i2 port is 443"
}
ok: [server2] => (item=[u'i3', 80]) => {
    "msg": "group is int target is i3 port is 80"
}
ok: [server3] => (item=[u'i3', 80]) => {
    "msg": "group is int target is i3 port is 80"
}
ok: [server2] => (item=[u'i3', 443]) => {
    "msg": "group is int target is i3 port is 443"
}
ok: [server3] => (item=[u'i3', 443]) => {
    "msg": "group is int target is i3 port is 443"
}

PLAY RECAP *********************************************************************
server1                    : ok=1    changed=0    unreachable=0    failed=0
server2                    : ok=1    changed=0    unreachable=0    failed=0
server3                    : ok=1    changed=0    unreachable=0    failed=0

You just have to replace the debug with the wait_for module for example.