How can I do a for loop with Ansible?

Question

I try to create a for loop for this commmand like using Ansible inventory. I have an Ansible inventory and I want to create for loop for CN= also from inventory.

[kafka]
abc ansible_host=10.xxx.xxx.xxx
xyz ansible_host=10.xxx.xxx.xxx
tle ansible_host=10.xxx.xxx.xxx 
zsa ansible_host=10.xxx.xxx.xxx

for i in {1..4}; do
    keytool -genkey -keystore kafka.server0$i.keystore.jks -validity 365 -storepass admin -keypass admin -dname "**CN=abc**" -storetype pkcs12
done

I try to create a for loop.

Unfortunately there is no further description where do you try to execute the key generation, use the result and what do you try to achieve overall. Maybe you can add more information and description. — U880D, May 12 '23 at 11:22
It appears that you have posted sensitive/private information. If that's the case, please reset your passwords and/or revoke API keys and tokens, as they are considered compromised when posted on the internet. — Samuel Liew, May 14 '23 at 09:34

U880D · Answer 1 · 2023-05-12T11:26:32.713

1

In respect to your question and provided description an approach like

---
- hosts: kafka
  become: false
  gather_facts: false

  tasks:

  - name: Loop over
    debug:
      msg: '-keystore kafka.server0{{ ansible_loop.index }}.keystore.jks -dname "CN={{ item }}"'
    loop: "{{ ansible_play_hosts }}" # over hosts within the group defined under hosts:
    loop_control:
      extended: true # to get the loop index
    delegate_to: localhost # which is usually the Control Node
    run_once: true

might work for you as it results into an output of

TASK [Loop over] *******************************************
ok: [abc -> localhost] => (item=abc) =>
  msg: -keystore kafka.server01.keystore.jks -dname "CN=abc"
ok: [xyz -> localhost] => (item=xyz) =>
  msg: -keystore kafka.server02.keystore.jks -dname "CN=xyz"
ok: [tle -> localhost] => (item=tle) =>
  msg: -keystore kafka.server03.keystore.jks -dname "CN=tle"
ok: [zsa -> localhost] => (item=zsa) =>
  msg: -keystore kafka.server04.keystore.jks -dname "CN=zsa"

Documentation

Further Q&A

which are slightly similar ...

Loop from 0 to 100 with Ansible

edited May 12 '23 at 11:26

answered May 12 '23 at 10:56

U880D

8,601
6
24
40

i will step and try now – ahmed May 12 '23 at 11:06
1

`kafka.server{{ '%02d' | format(ansible_loop.index) }}.keystore.jks` – β.εηοιτ.βε May 12 '23 at 11:18
@β.εηοιτ.βε, very good point, since there could be more than nine or ten (0-9, 1-9) hosts within the inventory and therefore play hosts list. So your example will add leading zeros if necessary automatically. – U880D May 12 '23 at 11:21
there are no way to make with for loop – ahmed May 12 '23 at 11:50
@MuhammedOmar, is that a question? [Ansible isn't a programming language](https://www.redhat.com/sysadmin/ansible-coding-programming) therefore there are no such things exactly like DO WHILE or FOR LOOP. From the provided example you can see how to achieve the similar behavior. – U880D May 12 '23 at 11:59
@MuhammedOmar, since [Ansible uses Jinja2 templating to enable dynamic expressions and access to variables and facts](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_templating.html) one could [Master loops with Jinja templates in Ansible](https://www.redhat.com/sysadmin/ansible-jinja) and achieve the exact same result in such other way. – U880D May 12 '23 at 12:05

score 1 · Answer 2 · edited May 12 '23 at 19:47

Declare the keystore filename, the dictionary of keytool options, and join the options

    keystore: "kafka.server{{ '%02d' % (idx + 1) }}.keystore.jks"

    kt_opt_dict:
      genkey: ''
      keystore: "{{ keystore }}"
      validity: 365
      storepass: testtest
      keypass: testtest
      dname: "CN={{ item }}"
      storetype: pkcs12

    kt_opt: "{{ kt_opt_dict|dict2items|
                json_query('[].[key, value]')|
                map('join', ' ')|map('trim')|
                join(' -') }}"

Iterate the command and generate the keys and create the files

    - command:
        cmd: "keytool -{{ kt_opt }}"
        creates: "{{ keystore }}"
      loop: "{{ groups.kafka }}"
      loop_control:
        index_var: idx
      delegate_to: localhost
      run_once: true
      register: out

shell> ls -1 kafka.server0*
kafka.server01.keystore.jks
kafka.server02.keystore.jks
kafka.server03.keystore.jks
kafka.server04.keystore.jks

^{Example of a complete playbook for testing
- hosts: all

vars:

keystore: "kafka.server{{ '%02d' % (idx + 1) }}.keystore.jks"

kt_opt_dict:
genkeypair: ''
keystore: "{{ keystore }}"
validity: 365
storepass: testtest
keypass: testtest
dname: "CN={{ item }}"
storetype: pkcs12

kt_opt: "{{ kt_opt_dict|dict2items|
json_query('[].[key, value]')|
map('join', ' ')|map('trim')|
join(' -') }}"

tasks:

- command:
cmd: "keytool -{{ kt_opt }}"
creates: "{{ keystore }}"
loop: "{{ groups.kafka }}"
loop_control:
index_var: idx
delegate_to: localhost
run_once: true
register: out

- debug:
msg: |
{% for i in out.results %}
{{ i.item }} rc: {{ i.rc }}
{% endfor %}
run_once: true

gives
shell> ansible-playbook pb.yml

PLAY [all] ************************************************************************************

TASK [command] ********************************************************************************
ok: [abc -> localhost] => (item=abc)
ok: [abc -> localhost] => (item=xyz)
ok: [abc -> localhost] => (item=tle)
ok: [abc -> localhost] => (item=zsa)

TASK [debug] **********************************************************************************
ok: [abc] =>
msg: |-
abc rc: 0
xyz rc: 0
tle rc: 0
zsa rc: 0

PLAY RECAP ************************************************************************************
abc: ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0}

How can I do a for loop with Ansible?

2 Answers2