I am trying to create a deployment which create two pods whose node IP's match with two exisiting pods. For this I am defining PodAffinity as below
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ .Values.albId }}
topologyKey: "{{ .Values.topologyKey }}"
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ .Values.name }}
topologyKey: "{{ .Values.topologyKey }}"
Since the namespace in which I want to create new pods is different from namespace in which I am referring exisitng pods, PodAffinity is failing.
Pods remain in pending state and when I do describe pod I get below error
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
28s 13s 6 default-scheduler Warning FailedScheduling No nodes are available that match all of the predicates: MatchInterPodAffinity (1).
From k8s docs- https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity-alpha-feature found that, I should define namespaces in PodAffinity and initialse it to empty list in order to allow cross namespace PodAffinity.
But I did not get any example from net on example of how to initialise namespaces to emplty list.
Please need help on this.
From the documentation you linked:
In addition to labelSelector and topologyKey, you can optionally specify a list namespaces of namespaces which the labelSelector should match against (this goes at the same level of the definition as labelSelector and topologyKey). If omitted, it defaults to the namespace of the pod where the affinity/anti-affinity definition appears. If defined but empty, it means “all namespaces”
Here is the example based on your yaml:
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ .Values.albId }}
topologyKey: "{{ .Values.topologyKey }}"
namespaces: [] # empty array
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ .Values.name }}
topologyKey: "{{ .Values.topologyKey }}"
namespaces: []
Related
--- EDIT ---
Partial-Solution: Messed around with the JMESPath syntax and was able to successfully get a match for the first test case (without the optional variable) using:
jmesquery: "{{ datacenter }}{{ subcategory }}.{{ refine_hosts }}.[*][].[*][][]"
I am writing an Ansible Playbook that takes a list of hosts from a network server, parses the JSON list, and finds hostnames that matches the user's input when they deploy the playbook as a Jenkin's Job through it's API.
The issue I am encountering is that I am unable to successfully query the JSON host list. Currently, I am only trying to run the following test case:
datacenter: a
subcategory: bc
refine_hosts: QA
However, the final version of this playbook should be able to take in values for datacenter, subcategory, and refine_hosts with an optional input value of host_type. An example test case including the optional input value would be the following:
datacenter: a
subcategory: bc
refine_hosts: QA
host_type: WEBSITE
In my playbook, I am using JMESPath within the following task:
- name: Build HOSTS list
set_fact:
hosts_list: "{{ jsondata | json_query(jmesquery) }}"
vars:
jmesquery: '%%datacenter%%-%%subcategory%%.%%refine_hosts%%.[*][*][][]'
The JSON host list is structured in the following manner (I am unable to edit the structure of the host list, but it will always follow the following structure nonetheless):
{
"a-bc":{
"all":{
"webServer":[
],
"archive":[
"someHostAlias-123.privateDomain.com"
],
"central":[
"someHostAlias-456.privateDomain.com"
]
},
"QA":{
"xyz":{
"INBOUND_HTTP":[
"someHostAlias-789.privateDomain.com"
],
"WEBSITE":[
"someHostAlias-1011.privateDomain.com"
]
}
}
}
}
I have been using the following websites for this issue:
JMESPath Tutorial
Ansible JMESPath Documentation
JSONPath Expression Tester
StackOverflow: How to Use Variable in JMESPath Expression
Gitter: JMESPath/chat
I apologize if the query seems obvious, this is my first attempt at an Ansible Playbook. All help/feedback is greatly appreciated.
One of the issue of your query is that you are confusing [*] — a list projection — that selects all the elements of a list with .* — an object projection — that selects all the properties of a dictionary.
So, one solution in JMESPath, would be to do:
jmesquery: >-
"{{ datacenter }}-{{ subcategory }}".{{ refine_hosts }}.*.
{{ host_type if host_type | default('') != '' else '*' }}[] | []
Given the playbook:
- hosts: localhost
gather_facts: no
tasks:
- debug:
msg: "{{ jsondata | json_query(jmesquery) }}"
loop: "{{ fake_user_input }}"
loop_control:
label: "{{ jmesquery }}"
vars:
jmesquery: >-
"{{ datacenter }}-{{ subcategory }}".{{ refine_hosts }}.*.
{{ host_type if host_type | default('') != '' else '*' }}[] | []
datacenter: "{{ item.datacenter }}"
subcategory: "{{ item.subcategory }}"
refine_hosts: "{{ item.refine_hosts }}"
host_type: "{{ item.host_type | default('') }}"
fake_user_input:
- datacenter: a
subcategory: bc
refine_hosts: QA
host_type: WEBSITE
- datacenter: a
subcategory: bc
refine_hosts: QA
jsondata:
a-bc:
all:
webServer: []
archive:
- someHostAlias-123.privateDomain.com
central:
- someHostAlias-456.privateDomain.com
QA:
xyz:
INBOUND_HTTP:
- someHostAlias-789.privateDomain.com
WEBSITE:
- someHostAlias-1011.privateDomain.com
This yields:
ok: [localhost] => (item="a-bc".QA.*. WEBSITE[] | []) =>
msg:
- someHostAlias-1011.privateDomain.com
ok: [localhost] => (item="a-bc".QA.*. *[] | []) =>
msg:
- someHostAlias-789.privateDomain.com
- someHostAlias-1011.privateDomain.com
How can I use the Azure DevOps counter function in a variable template?
Up until now, I have been using the counter function to set a variable in an pipeline and the value has been set as expected - it started at 1 and has incremented every time I run the pipeline.
Variable template - /Variables/variables--code--build-and-deploy-function-app.yml
variables:
- name: major
value: '1'
- name: minor
value: '0'
- name: patch
value: $[counter(format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']), 1)]
- name: branch
${{ if eq( variables['Build.SourceBranchName'], 'master' ) }}:
value: ''
${{ if ne( variables['Build.SourceBranchName'], 'master' ) }}:
value: -${{ variables['Build.SourceBranchName'] }}
However, after moving the exact same variables in to a variable template, the value of counter is the literal value specified in the template.
Digging further in to the documentation for templates, I found some words on template expression functions, together with an example of how to use a functon -
You can use general functions in your templates. You can also use a few template expression functions.
Given that counter is listed on the page that the link above refers to, I assumed I would be able to use it. However, no matter what I've tried, I can't get it to work. Here are a few examples -
${{ counter('${{ format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']) }}', 1) }}
${{ counter(format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']), 1) }}
$[counter('${{ format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']) }}', 1)]
What am I doing wrong?
Update
My variable template is as above, an here is how I use it in the pipeline -
pr: none
trigger: none
variables:
- template: ../Variables/variables--code--build-and-deploy-function-app.yml
name: ${{ variables.major }}.${{ variables.minor }}.${{ variables.patch }}${{ variables.branch }}
The expanded pipeline obtained from logs after a run is as follows -
pr:
enabled: false
trigger:
enabled: false
variables:
- name: major
value: 1
- name: minor
value: 0
- name: patch
value: $[counter(format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']), 1)]
- name: branch
value: -CS-805
name: 1.0.$[counter(format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']), 1)]-CS-805
As can be seen from the extended pipeline, the patch variable isn't being evaluated, resulting in the name containing the literal value -
I inserted the same variables into the template and the patch variable works as expected. It seems that your counter is correct.
Here are my sample, you could refer to it:
Template Yaml: build.yml
variables:
- name: major
value: '1'
- name: minor
value: '0'
- name: patch
value: $[counter(format('{0}.{1}-{2}', variables['major'], variables['minor'], variables['Build.SourceBranchName']), 1)]
Azure-Pipelines.yml
name: $(patch)
trigger:
- none
variables:
- template: build.yml
pool:
vmImage: 'windows-latest'
steps:
- script: echo $(patch)
displayName: 'Run a one-line script'
In order to make the result more intuitive, I set patch variable to build name.
Here is the result:
Update:
Test with $(varname) and it could work as expected.
trigger:
- none
variables:
- template: build.yml
name: $(major).$(minor)-$(patch)$(branch)
Result:
The $(varname) means runtime before a task executes.
I have a YAML file with content as like below:
cat ../../ansible/playbooks/vars/patching-config.yml
---
patching_tag_name: "Patching"
my_windows_patching:
- {
OS: "WINDOWS",
tag_value: "myProdA",
frequency: "Month", #patching frequency. OneTime|Day|Hour|Week|Month|Minute
interval: 1, #interval of the schedule.
rebootSetting: "never", #ifRequired|never|always
PatchGroup: testA,
startDate: "2020-01-16T23:59:59Z",
expiryDate: "2020-02-16T23:59:59Z",
duration: "PT2H0M",
timeZone: "Australia/Sydney",
updateClassifications: "Critical,Important,Moderate"
}
I want to extract the values of updateClassifications from above YML file in Jinja Template file MaintenanceWindow.yml.j2
Resources:
WindowsNonProdBaseline:
Type: AWS::SSM::PatchBaseline
Properties:
Name: Windows-Non-Prod-Baseline
Description: Baseline containing all updates approved for Windows instances
OperatingSystem: {{ item.OS }}
PatchGroups:
- {{ item.PatchGroup }}
ApprovalRules:
PatchRules:
- PatchFilterGroup:
PatchFilters:
- Values:
# - Critical
# - Important
# - Moderate
{% for item in item.updateClassifications %}
- {{ item }}
{% endfor %}
I'm trying with the code described above, below one more time snippet:
{% for item in item.updateClassifications %}
- {{ item }}
{% endfor %}
I'm calling patching-config.yml in my tasks/main.yml as below
- include_vars: "{{playbook_dir}}/vars/patching-config.yml"
ignore_errors: yes
- name: create a cloudformation stack
cloudformation:
stack_name: "New-Ansible-cloudformation"
state: "present"
disable_rollback: true
template_body: "{{ lookup('template', '../../cloudformation/patching/MaintenanceWindow.yml.j2') }}"
with_items: "{{ telstra_windows_patching }}"
Finally, invoking role as below
cat ansible/playbooks/patching.yml
---
- hosts: localhost
roles:
- patching-cf-ssm
Unfortunately, it is not working.
Any lead shall be greatly appreciated.
Couple of things:
Your task is using telstra_windows_patching in with_items where as your variable file has variable name as my_windows_patching.
Assuming you are using the same name say my_windows_patching in your task and var file, if you are trying to save json object in yaml variable my_windows_patching you don't need - before curly braces. You can define something like this
my_windows_patching:
{
OS: "WINDOWS",
tag_value: "myProdA",
frequency: "Month", #patching frequency. OneTime|Day|Hour|Week|Month|Minute
interval: 1, #interval of the schedule.
rebootSetting: "never", #ifRequired|never|always
PatchGroup: testA,
startDate: "2020-01-16T23:59:59Z",
expiryDate: "2020-02-16T23:59:59Z",
duration: "PT2H0M",
timeZone: "Australia/Sydney",
updateClassifications: "Critical,Important,Moderate"
}
If you want to use elements inside my_windows_patching object with dot notation directly you could change the variable from object to a list something like,
my_windows_patching:
- OS: "WINDOWS"
tag_value: "myProdA"
I am trying to use a variable in a when statement and ansible pops up a warning like this
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: {{ item.name}}.changed
I use a loop first:
- include_tasks: anaconda_env.yml
with_items: "{{anaconda_templates}}"
and in the anaconda_env file.yml i have this:
- name: anaconda.templates
template:
owner: "{{item.owner|default(common_owner)}}"
group: "{{item.group|default(common_group)}}"
mode: "{{item.mode|default(common_mode)}}"
src: "{{item.template}}"
dest: "{{item.dest}}"
register: "{{item.name}}"
- name: anaconda.handler
command: echo '1'
notify: "{{item.name}}"
when: "{{ item.name}}.changed"
And in another situation I tried "{{ item.name}}.rc == 1" and I have the same issue. Any idea how can I avoid this Wanring message.
I found the issue here but no solution
https://github.com/ansible/ansible/issues/27225
My original answer didn't work, but I believe the one below will (or at least did with my limited mock data):
- set_fact:
current_template: "{{item}}"
- name: anaconda.handler
command: echo '1'
notify: "{{item.name}}"
when: current_template.changed is defined
I have a task which must check the database list of stores in the .ini file, and if it is not exist - create it from the file.
Currently I have this task which check the database present:
- name: Check DB (if necessary)
mysql_db:
name: "{{ item }}"
state=present
register: db_created
with_ini:
- databases[1-100]
- section: sites
- file: "lookup.ini"
- re: true
But it is just check the present of db and stay rise event "db_created".
And I need to create the new database with task like this:
- name: Import DB (if it was created)
mysql_db:
name=my_database
state=import
target=/tmp/database.sql
when: db_created.changed
But with this task it will be call once, not the for all databases which I need to create. And I need to know exactly which database need to be created.
Can you help, how to call second one with correct name of database, and for all database if there more then one?
Bad syntax apart, your first task does not just check, but ensures that db is present (create new db if it is not found).
In your db_created result you have per item changed status.
Something like this should do the job:
- name: Check DB (if necessary)
mysql_db:
name: "{{ item }}"
state: present
register: db_created
with_ini:
- databases[1-100]
- section: sites
- file: "lookup.ini"
- re: true
- name: Import DB (if it was created)
mysql_db:
name: "{{ item.item }}"
state: import
target: /tmp/database.sql
when: item is changed
with_items: "{{ db_created.results }}"
Or event like this (to iterate only over changed items):
- name: Import DB (if it was created)
mysql_db:
name: "{{ item.item }}"
state: import
target: /tmp/database.sql
with_items: "{{ db_created.results | select('changed') | list }}"
Note: about your syntax – forget =, always use :.