1
00:00:07,330 --> 00:00:10,173
- All right, let's have
a look at this lab.

2
00:00:11,050 --> 00:00:16,050
Before we begin, I'm not saying
that you should use command.

3
00:00:16,960 --> 00:00:19,430
Using command module is still a bad idea

4
00:00:19,430 --> 00:00:22,470
but I just want to show
you if you need to do it,

5
00:00:22,470 --> 00:00:23,563
how you can do it.

6
00:00:25,190 --> 00:00:27,493
So let's work out an example.

7
00:00:28,330 --> 00:00:29,810
I will try to keep it as simple

8
00:00:29,810 --> 00:00:32,653
so that we get to what
we really want to do.

9
00:00:33,770 --> 00:00:38,770
So name is create user, user, okay.

10
00:00:40,860 --> 00:00:43,193
We make it a little bit flexible.

11
00:00:44,100 --> 00:00:44,993
Then vars.

12
00:00:45,980 --> 00:00:50,593
And in vars I'm using user Linda.

13
00:00:52,450 --> 00:00:56,640
Then hosts, ansible2 is good enough

14
00:00:56,640 --> 00:00:58,520
and we use tasks.

15
00:00:58,520 --> 00:01:00,580
And first I want you to realize what again

16
00:01:00,580 --> 00:01:02,200
the default behavior is.

17
00:01:02,200 --> 00:01:07,200
So I'm using tasks,
name, install, or again

18
00:01:09,640 --> 00:01:14,640
create user, user is
twice the same information

19
00:01:14,700 --> 00:01:17,020
that really doesn't matter too much.

20
00:01:17,020 --> 00:01:20,760
And then I'm using command
useradd user and that's it.

21
00:01:24,780 --> 00:01:26,440
So what was happening again?

22
00:01:26,440 --> 00:01:28,160
If we are using it this way

23
00:01:28,160 --> 00:01:33,160
let's run it Ansible
playbook on lab6.yaml.

24
00:01:36,040 --> 00:01:41,040
And there we can see user
at user Linda already exists

25
00:01:41,600 --> 00:01:46,600
and we get an rc9 and
we get a standard error

26
00:01:46,600 --> 00:01:49,670
and we get so many things.

27
00:01:49,670 --> 00:01:53,780
So how are we going to
make this item potent?

28
00:01:53,780 --> 00:01:57,650
Well, I think we need
to register the value

29
00:01:57,650 --> 00:02:02,650
of this user at command
already exists somewhere

30
00:02:02,790 --> 00:02:07,790
and we need to do something
with it to make it item potent.

31
00:02:07,800 --> 00:02:09,820
So how can we do that?

32
00:02:09,820 --> 00:02:14,820
Well, Ansible playbook
lab6.yaml let's get there again.

33
00:02:16,080 --> 00:02:21,080
And let's use our editor create user

34
00:02:21,270 --> 00:02:26,270
and let's use register user
out, and then we can do what?

35
00:02:28,200 --> 00:02:32,240
Well, we can do something like when,

36
00:02:32,240 --> 00:02:35,383
when user out,

37
00:02:38,510 --> 00:02:41,850
when userout.rc

38
00:02:43,340 --> 00:02:46,103
equals zero, does that make sense?

39
00:02:47,330 --> 00:02:48,480
Probably not.

40
00:02:48,480 --> 00:02:50,760
It would be a nice
chicken and egg problem.

41
00:02:50,760 --> 00:02:52,713
And in this chicken and egg problem,

42
00:02:53,640 --> 00:02:57,450
we cannot do the command only
if the command is successful.

43
00:02:57,450 --> 00:02:59,250
So we need to check it before.

44
00:02:59,250 --> 00:03:03,130
Register is not a bad idea,
but we need to do that before.

45
00:03:03,130 --> 00:03:04,993
So how are we going to do that?

46
00:03:06,370 --> 00:03:10,900
We create before check before check

47
00:03:10,900 --> 00:03:13,930
and we are going to do what?

48
00:03:13,930 --> 00:03:18,930
We are going to use fail,
and we are going to use

49
00:03:19,140 --> 00:03:24,140
fail with the message,
user already exists.

50
00:03:27,270 --> 00:03:32,110
And if user already
exists, then we are going

51
00:03:32,110 --> 00:03:34,240
to fail out of it.

52
00:03:34,240 --> 00:03:36,660
And that is how we can
prevent the failure where

53
00:03:36,660 --> 00:03:39,460
it really shouldn't be failing
but we are using the fail

54
00:03:40,790 --> 00:03:42,460
when, when what?

55
00:03:42,460 --> 00:03:46,700
When, we can use the fail when?

56
00:03:46,700 --> 00:03:49,110
When we need to check something before.

57
00:03:49,110 --> 00:03:50,733
So what are we going to do?

58
00:03:51,680 --> 00:03:54,530
Check user, another command.

59
00:03:54,530 --> 00:03:59,530
So command id user,

60
00:04:00,560 --> 00:04:05,560
and then register id user.

61
00:04:05,610 --> 00:04:07,590
Id user is going to be the variable

62
00:04:07,590 --> 00:04:11,030
in which the id command
results will be stored.

63
00:04:11,030 --> 00:04:13,450
And that will be an id user.

64
00:04:13,450 --> 00:04:15,439
And when

65
00:04:15,439 --> 00:04:19,867
iduser.rc equals zero

66
00:04:21,860 --> 00:04:24,250
then we are going to fail.

67
00:04:24,250 --> 00:04:27,170
And if id user does not equal zero

68
00:04:27,170 --> 00:04:29,830
then we are going to continue.

69
00:04:29,830 --> 00:04:33,120
And how are we going to
take care of continuing

70
00:04:33,120 --> 00:04:35,620
if we do not create the user again?

71
00:04:35,620 --> 00:04:37,590
Well, I see one option only

72
00:04:37,590 --> 00:04:39,870
and that is by creating a new play.

73
00:04:41,505 --> 00:04:44,990
So let's call this play
continuing, and let's run it

74
00:04:47,920 --> 00:04:52,700
on hosts, ansible2 with the tasks

75
00:04:55,160 --> 00:04:55,993
debug

76
00:04:57,690 --> 00:05:02,430
and message, we made it or whatever.

77
00:05:02,430 --> 00:05:04,150
I like silly messages like that

78
00:05:04,150 --> 00:05:06,450
just to figure out that we made it.

79
00:05:06,450 --> 00:05:07,920
So how is this going to work?

80
00:05:07,920 --> 00:05:12,693
Ansible playbook lab6.yaml.

81
00:05:15,720 --> 00:05:19,910
So we can see that before check,

82
00:05:19,910 --> 00:05:22,240
we have a skipping on ansible2

83
00:05:22,240 --> 00:05:23,910
and we have a change on ansible2.

84
00:05:23,910 --> 00:05:27,600
So what were we doing again before check

85
00:05:27,600 --> 00:05:30,393
we fail if user already exists.

86
00:05:31,380 --> 00:05:34,533
So we should fail when
iduser.rc equals zero

87
00:05:38,050 --> 00:05:40,880
and the iduser.rc equals zero.

88
00:05:40,880 --> 00:05:42,380
That doesn't work out too well

89
00:05:43,870 --> 00:05:46,570
because we see it failing
on the user at command

90
00:05:46,570 --> 00:05:49,140
and that's what we need to work around.

91
00:05:49,140 --> 00:05:52,560
So how do we approach in cases like that?

92
00:05:52,560 --> 00:05:57,070
Well, in cases like that,
you should use debug.

93
00:05:57,070 --> 00:06:00,970
And in debug, you print
the variable iduser.

94
00:06:00,970 --> 00:06:04,023
We wanna see what id user is all about.

95
00:06:05,170 --> 00:06:07,543
So let's run it again.

96
00:06:10,500 --> 00:06:15,500
And now we can see that id
user has a return code zero

97
00:06:16,030 --> 00:06:19,220
but Hey, the zero is not
between double quotes,

98
00:06:19,220 --> 00:06:20,273
it's just a zero.

99
00:06:21,360 --> 00:06:25,500
So it's still doing a skipping

100
00:06:25,500 --> 00:06:29,750
and it's still failing on
the creation of the user.

101
00:06:29,750 --> 00:06:33,430
So can we do this in another way?

102
00:06:33,430 --> 00:06:38,131
Well, let's do id user dot.rc is zero

103
00:06:38,131 --> 00:06:43,131
as string value instead of re again.

104
00:06:43,840 --> 00:06:48,840
So let you use iduser.rc
as an integer value

105
00:06:49,470 --> 00:06:51,330
instead of a string value and see

106
00:06:51,330 --> 00:06:53,690
if that's doing anything better.

107
00:06:53,690 --> 00:06:56,590
That is always what I would recommend

108
00:06:56,590 --> 00:06:59,880
if your variables are not
interpreted the right way.

109
00:06:59,880 --> 00:07:03,280
Might be up to you because
you think it's a string

110
00:07:03,280 --> 00:07:05,040
then it happens to be an integer.

111
00:07:05,040 --> 00:07:06,470
You think it's an integer,

112
00:07:06,470 --> 00:07:08,090
then it happens to be a bully.

113
00:07:08,090 --> 00:07:11,360
And ah, there are so many
reasons why that can go wrong

114
00:07:11,360 --> 00:07:12,650
and look at that.

115
00:07:12,650 --> 00:07:16,340
Now we are able to move on.

116
00:07:16,340 --> 00:07:21,340
So before check is giving
me a fatal changed user

117
00:07:22,700 --> 00:07:27,170
already exist, and that
is what we wanted to do.

118
00:07:27,170 --> 00:07:31,900
Now if we want to make it more
elegant, we are using fail.

119
00:07:31,900 --> 00:07:35,290
So what do we have here?

120
00:07:35,290 --> 00:07:38,070
We have our failure occurring
when the user exists.

121
00:07:38,070 --> 00:07:40,370
And that's about all that you can do

122
00:07:40,370 --> 00:07:43,090
to make the command module item potent.

123
00:07:43,090 --> 00:07:45,360
The command module isn't item potent.

124
00:07:45,360 --> 00:07:47,610
Rule use real modules.

125
00:07:47,610 --> 00:07:50,290
If you're using command,
this is about as good

126
00:07:50,290 --> 00:07:54,490
as you can make it to
fake some item potency.

127
00:07:54,490 --> 00:07:57,820
But if you want a real
stable Ansible solution

128
00:07:57,820 --> 00:07:59,913
look for dedicated modules.