I am trying to run an ansible playbook on an Azure VM, but I am running into a strange problem. Attempting to install any software (attempted git, sysinternals, nscp) just doesn't fire.
win_chocolatey:
name: git
state: present
Does not even trigger an install attempt. Nothing in the logs other than attempting to list the software. It just attempts to list the software, and throws out that it's not present (because said software is not installed)
win_chocolatey:
name: git
state: absent
Works perfectly fine, after manually installing git. I have tried installing the package manually using the command win_chocolatey would use (according to the docs) and it works. Using the exact same user as the playbook is. (has admin rights)
I've also tried to force the admin account with become, (even though it already runs admin) but it mattered not.
-vvvv is not even showing an install attempt either:
TASK [Download and install chocolatey packages] **************************************************************
task path: /usr/user/clouddrive/windows-vm/create-vm-windows.yml:162
Using module file /opt/ansible/local/lib/python2.7/site-packages/ansible/modules/windows/win_chocolatey.ps1
<my.ip.address.here> ESTABLISH WINRM CONNECTION FOR USER: AzureAdministrator on PORT 5986 TO my.ip.address.here
checking if winrm_host my.ip.address.here is an IPv6 address
EXEC (via pipeline wrapper)
failed: [my.ip.address.here] (item={u'choco_name': u'git', u'choco_state': u'present'}) => {
"changed": false,
"command": "C:\\ProgramData\\chocolatey\\bin\\choco.exe list --local-only --exact --limit-output git",
"item": {
"choco_name": "git",
"choco_state": "present"
},
"msg": "Error checking installation status for the package 'git'",
"rc": 2,
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
Am I missing something? The docs (https://docs.ansible.com/ansible/latest/modules/win_chocolatey_module.html#examples) say that even something basic like:
- name: Install git
win_chocolatey:
name: git
Should install the package (state present or not, I've tried it with no state, and any other, only absent works)
Enhanced exit codes were added to Chocolatey 0.10.12 which is listed as a breaking change.
chocolatey.org/docs/release-notes
Ansible changes are already being made to fix this (see github.com/chocolatey/choco/issues/1758), but for now you can disable the feature per the release notes
choco feature disable --name="'useEnhancedExitCodes'"
Related
I'm deploying a Windows 2012 R2 VSI and need to be able to manage it using Ansible.
I'm using this Ansible sample script ConfigureRemotingForAnsible.ps1 although renamed and have the script hosted on SL Object storage. I specify a postinstall script URL including https (which is supposed to cause the execution of the script after downloading) during the order.
After the Windows VSI is ready I attempt to run a win-ping as follows:
- name: ad1 ready
gather_facts: false
tags: setup
hosts: ad1
tasks:
- name: ping the windows vsi
win_ping:
This fails with the output:
fatal: [169.55.189.16]: UNREACHABLE! => {"changed": false, "msg": "ssl: HTTPSConnectionPool(host='169.55.189.16', port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x107c0b310>: Failed to establish a new connection: [Errno 61] Connection refused',))", "unreachable": true}
If I connect to the system and look in c:\PostInstall I see my script has been downloaded. If I then open a PowerShell and run the script, I am able to then run the above win-ping successfully.
This tells me that the script is downloaded cleanly and is apparently correct, but is not being executed in spite of the https in the postinstall URL.
I can't find any documentation on requirements of the postinstall script for windows, but I'm wondering if the problem is that I'm using a PowerShell script, and that the post provision process tries to run this in a standard CMD shell.
Does anyone have any ideas or thoughts on what could be wrong?
It should work with powershell succesfully, you should be able to see the logs of the powershell execution in "C:\postInstallScript.log" perhaps it contains more information about the error.
Anyway if you are still facing this issue I suggest you to open a ticket in Softlayer with "hardware issue" subject, because the issue is likely due to a restriction in the windows machine which is not allowing to execute the script.
Regards
I believe the problem with PowerShell as a provisioning script is the default configuration of PowerShell requires a signed PowerShell script to execute (with no arguments defined). If the PowerShell script is not signed, the execution policy has to be changed on the server, or flags passed to the PowerShell interpreter to allow execution.
Overview: I'm trying to install supervisor and run program process within an ansible playbook.
I'm able to install supervisor and such but when I try to get into supervisorctl to run a simple program, it's unable to find the executable supervisorctl.
This is the portion of the code that fails:
- supervisorctl:
name=program:CAT
state=started
config=/etc/supervisor/supervisord.conf
with the resulting error:
TASK [supervisorctl] ***********************************************************
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "msg": "Failed to find required executable supervisorctl"}
However, when I run the simple command in my terminal, it works:
supervisord -c /etc/supervisord.conf
and I can view the program running by going into 'supervisorctl' in the terminal and typing 'status':
$ supervisorctl
CAT STOPPED Dec 27 04:12 PM
supervisor>
Can anyone point me to what/where my error most likely is?
I would guess the error message is suggesting I did not correctly install supervisor but the fact that I can do these things out of the playbook makes me think I can. I tried specifiying the path to the executable 'supervisorctl' but I don't think that's legal syntax in the playbook because that creates other errors.
*Worth noting, I'm in a virtualenv that runs python2.7
I realized that there is a parameter option in the configure documentation that allows me to specify the path to the supervisorctl executable and that worked! (in that I now have a different error)
Modified the above script to look like:
- supervisorctl:
name=program:CAT
state=started
config=/etc/supervisor/supervisord.conf
supervisorctl_path=/usr/bin/supervisorctl
I am running an Ansible playbook that uses the route53 module and getting an error saying I need 'boto' installed:
TASK [dns : Retrieve DNS record] ***********************************************
fatal: [10.13.25.12]: FAILED! => {"changed": false, "failed": true, "msg": "boto required for this module"}
I do have 'boto' installed on my Ansible machine.
Question: Do all Ansible modules cited in Playbook tasks actually run on the remote host machine?
I have added tasks that install 'python-pip' and 'boto', but it seems that boto should be running on my Ansible server. I feel like I've done something wrong here.
Here are my tasks for installing pip/boto on my remote host machine which do result in no more errors in the running of the route53 module:
- name: Install Pip
apt: name=python-pip state=present
- name: Install boto
pip: name=boto
Modules are executed remotely. Though this only is half of the truth. Many modules bring action plugins with them. These action plugins run locally and invoke their module component (or other modules) later.
For instance the template module actually is an action plugin which renders the template locally and then invokes the copy module.
Unfortunately you can not know what is a module and what is an action plugin without looking at the source. The documentation does not even mention action plugins do exists...
You can find all core action plugins here. As you can see there is no route53 plugin so this really is a module and therefore runs remotely.
Why you still get this error after installing boto I can't explain. I can only suggest you look at the source and try to reproduce the problem without Ansible.
These few import statements do not run without errors on the remote machine.
import boto
import boto.ec2
from boto import route53
from boto.route53 import Route53Connection
from boto.route53.record import Record, ResourceRecordSets
from boto.route53.status import Status
Udondan's answer covers the how some modules have a local component as well as remote actions but for general use all you need to know is that for these modules that interact with a remote service (such as all of the cloud modules) rather than a remote host you might be best off running these as a local action to force Ansible to run the module locally rather than on the remote host that the playbook/role is currently targeting.
You can do this easily by using local_action in your task definition like this:
- name: Retrieve DNS record
local_action:
module: route53_facts
query: record_sets
hosted_zone_id: '{{ route53_hosted_zone_id }}'
...
register: dns_records
I'm trying to set up my firewalld through Ansible on my Fedora 23 server from my Fedora client (Yes I like fedora :D ).
However, each time I try to execute a playbook with some commands including firewalld (Example - firewalld: service=https permanent=true state=enabled), the playbook execution fail with the following message :
failed: [w.x.y.z] => {"failed": true, "parsed": false}
failed=True msg='firewalld required for this module'
I have firewalld up and running on the remote server :
# firewall-cmd --version
0.3.14.2
On my computer :
$ ansible --version
ansible 1.9.4
configured module search path = None
Does anyone know where it could come from ?
Thank you !
--
EDIT: At this line in Ansible source code, firewall library seems not to be imported (and execute error which display that there is no firewall). However, this library exists in Python3 and not Python2 which is used by Ansible.
$ locate firewall
[...]
/usr/lib/python3.4/site-packages/firewall
[...]
I will continue to search, but if someone has an idea...
I found the explanation and solution :
Following my edit, I installed python-firewall which is python 2 bindings of firewalld. But, the execution was incorrect because of the absence of cockpit.
So I had to install cockpit too...
Long story, short story, this is what I've done on remote machine :
# dnf install python-firewall cockpit -y
I need to copy a file from a jenkins server to a remote Windows server 2012 machine using win_get_url
My playbook looks as follows:
hosts: windows_ip tasks:
name: Deploy to windows
win_get_url:
url: 'http://(jenkins_server_ip)/jenkins/view/Trunk/job/router/lastSuccessfulBuild/artifact/router/conf/router-service-context.xml'
dest: 'D:\router'
However it gives the following error:
fatal: [windows_ip]: FAILED! => {"changed": false, "failed": true, "msg": "Error downloading http://(jenkins_server_ip)/jenkins/view/Trunk/job/router/lastSuccessfulBuild/artifact/router/conf/router-service-context.xml to D:\router Exception calling \"DownloadFile\" with \"2\" argument(s): \"An exception occurred during a WebClient request.\""}
What is the issue over here?
For anyone else that comes across this issue, the problem is that the underlying powershell script will not create the destination directory if it does not exist.
I'd troubleshoot this by looking at the exact script. First. make sure ansible leaves it's script on the target node by running the following on the control node:
export ANSIBLE_KEEP_REMOTE_FILES=1
Re-run your playbook, and then log on to the windows box. Ansible's files will be in C:\users\\appdata\local\temp\ansiblexxxxx
Run/debug the script locally to figure out whats happening.