I'm looking for an Ansible module to identify Red Hat or CentOS yum database errors for "rpmdb open failed"? I'm looking to proactively identify servers we patch regularly to know ahead of patching and report for us when this error occurs. And then have Ansible fix the error. Has anyone seen this type of module/fix?
Thank you.
Such a module does not exist, however you could use the list parameter for the yum module. It won't perform any task other than a yum list on the package you provide, and the result will be successful whether or not the package is installed, unless of course you run into an rpmdb error.
You will need to ignore errors and register the result, like so:
- yum:
list: kernel
ignore_errors: yes
register: result
- debug: var=result
The result variable will include failed=true, msg, and stderr, which together you should be able to use to identify an rpmdb error. Based on this identification, you can kick off a conditional shell task to fix the error.
Related
I have a playbook I am writing that automates the install of firmware to our fleet of C2960Xs.
I recently moved the location of the Ansible server I am using from my homelab to a VM in Azure. We have security rules on our sites to only allow remote connection on a specific non-default port. After reading, I discovered that means I need to use libssh and not paramiko for remote commands.
I have a specific task I am running, and when running it returns:
fatal: [HOSTNAME]: FAILED! => {
"msg": "The conditional check 'ansible_net_filesystems_info['flash:'].spacefree_kb >
firmware_image_size' failed. The error was: error while evaluating
conditional (ansible_net_filesystems_info['flash:'].spacefree_kb >
firmware_image_size): 'ansible_net_filesystems_info' is undefined" }
I then compared the 'before' and 'after' for what facts are being stored at the beginning of the playbook. I found that using Paramiko, I seem to have a TON more detail compared to the facts being gathered via libssh.
One of which being the variable ansible_net_filesystems_info that my playbook references.
Is there a workaround for this process? The idea being to verify there is free space on the switch before moving an archive to the switch for unzipping.
Under the cisco.ios.ios_facts documentation, you can specify the types of facts you want to pull. I added the line: >gather_subset: all
I have a playbook, as below:
tasks:
- name: Execute a program_A on managed node
win_command: 'D:test\program_A.exe'
I run this playbook but hung and no any response on managed node (Windows 2012). (i.e. there is a program_A.exe process generated on managed node but no response, it's CPU usage time is always 0%)
I also tired to replace win_command by win_shell module, raw module, but it still hung and no response on managed node...
When I try to open a command window on the managed node to run D:\test\program_A.exe directly, the program_A.exe was successfully executed.
What could be wrong?
Make sure the exe file is executed by the same privilege. eg. when you directly execute it, you are using Administrator, but in playbook, you may use guest rule.
I came across a code as;
- pip: name=ansible version=<ansible_version> extra_args='--ignore-installed'
During my test I confirmed the upgrade of Ansible version.
I also tried this with raw module;
- raw: pip install ansible==<ansible_version>
but the following tasks after this fails during playbook execution. There are various types of errors:
ImportError: cannot import name AnsiblePlugin
TypeError: mkdtemp() takes at most 4 arguments (5 given)
...
or playbook execution even hangs on next task.
I wonder is it really possible to upgrade version of Ansible by using ansible-playbook execution itself. Would it be possible by reloading Ansible core modules somehow after Ansible version upgrade?
Ansible can be upgraded via pip module of Ansible itself, but any subsequent tasks might fail after the upgrade, this is a natural behavior.
Only exception is remote host here. If your installation or upgrade of Ansible is performed by an Ansible task which is executed on a remote host, it would proceed without causing a failure. Because in this scenario, actual installation of Ansible is done on remote host without updating any configuration of Ansible on localhost.
I am running an Ansible playbook that uses the route53 module and getting an error saying I need 'boto' installed:
TASK [dns : Retrieve DNS record] ***********************************************
fatal: [10.13.25.12]: FAILED! => {"changed": false, "failed": true, "msg": "boto required for this module"}
I do have 'boto' installed on my Ansible machine.
Question: Do all Ansible modules cited in Playbook tasks actually run on the remote host machine?
I have added tasks that install 'python-pip' and 'boto', but it seems that boto should be running on my Ansible server. I feel like I've done something wrong here.
Here are my tasks for installing pip/boto on my remote host machine which do result in no more errors in the running of the route53 module:
- name: Install Pip
apt: name=python-pip state=present
- name: Install boto
pip: name=boto
Modules are executed remotely. Though this only is half of the truth. Many modules bring action plugins with them. These action plugins run locally and invoke their module component (or other modules) later.
For instance the template module actually is an action plugin which renders the template locally and then invokes the copy module.
Unfortunately you can not know what is a module and what is an action plugin without looking at the source. The documentation does not even mention action plugins do exists...
You can find all core action plugins here. As you can see there is no route53 plugin so this really is a module and therefore runs remotely.
Why you still get this error after installing boto I can't explain. I can only suggest you look at the source and try to reproduce the problem without Ansible.
These few import statements do not run without errors on the remote machine.
import boto
import boto.ec2
from boto import route53
from boto.route53 import Route53Connection
from boto.route53.record import Record, ResourceRecordSets
from boto.route53.status import Status
Udondan's answer covers the how some modules have a local component as well as remote actions but for general use all you need to know is that for these modules that interact with a remote service (such as all of the cloud modules) rather than a remote host you might be best off running these as a local action to force Ansible to run the module locally rather than on the remote host that the playbook/role is currently targeting.
You can do this easily by using local_action in your task definition like this:
- name: Retrieve DNS record
local_action:
module: route53_facts
query: record_sets
hosted_zone_id: '{{ route53_hosted_zone_id }}'
...
register: dns_records
I'm trying to set up my firewalld through Ansible on my Fedora 23 server from my Fedora client (Yes I like fedora :D ).
However, each time I try to execute a playbook with some commands including firewalld (Example - firewalld: service=https permanent=true state=enabled), the playbook execution fail with the following message :
failed: [w.x.y.z] => {"failed": true, "parsed": false}
failed=True msg='firewalld required for this module'
I have firewalld up and running on the remote server :
# firewall-cmd --version
0.3.14.2
On my computer :
$ ansible --version
ansible 1.9.4
configured module search path = None
Does anyone know where it could come from ?
Thank you !
--
EDIT: At this line in Ansible source code, firewall library seems not to be imported (and execute error which display that there is no firewall). However, this library exists in Python3 and not Python2 which is used by Ansible.
$ locate firewall
[...]
/usr/lib/python3.4/site-packages/firewall
[...]
I will continue to search, but if someone has an idea...
I found the explanation and solution :
Following my edit, I installed python-firewall which is python 2 bindings of firewalld. But, the execution was incorrect because of the absence of cockpit.
So I had to install cockpit too...
Long story, short story, this is what I've done on remote machine :
# dnf install python-firewall cockpit -y