Problem: to create the LXC (Proxmox) in ansible playbook.
Playbook:
- name: Create LXC
proxmox:
node: PVE-03
api_user: root#pam
api_password: password
api_host: 192.168.254.23
password: 11111
hostname: ans
ostemplate: data:vztmpl/debian-9.0-standard_9.5-1_amd64.tar.gz
Log:
fatal: [192.168.254.23]: FAILED! => {"changed": false, "msg": "authorization on proxmox cluster failed with exception: Couldn't authenticate user: ********#pam to https://192.168.254.23:8006/api2/json/access/ticket"}
It is necessary to update a proxmox:
apt full-upgrade
Related
I need to run a SQL query on Azure SQL Database from an Ansible playbook.
My task is:
- name: Sql server - rights
vars:
sql_groups:
- { group_name: "{{ reader_group }}", db_access: "db_datareader" }
- { group_name: "{{ contributer_group }}", db_access: "db_datawriter" }
- { group_name: "{{ owner_group }}", db_access: "db_owner" }
community.general.odbc:
dsn: "Driver={ODBC Driver 13 for SQL Server};Server=tcp:{{ sql_server_host }},1433;Database={{ sql_server_db }};Uid={{ mssql_login_user }};Pwd={{ mssql_login_password }};Encrypt=yes;TrustServerCertificate=no;Connection Timeout=30;Authentication=ActiveDirectoryPassword"
query: |
CREATE USER ["{{ group_name }}"] FROM EXTERNAL PROVIDER
EXEC sp_addrolemember '{{ db_access }}', '{{ group_name }}'
loop: "{{ sql_groups }}"
When I run the playbook with the following command, Ansible tries to communicate via SSH.
ansible-playbook -i inventory.yml playbook.yml --check
The error is :
[WARNING]: Unhandled error in Python interpreter discovery for host XXXXXX: Failed to connect to the host via ssh: ssh: Could not resolve hostname XXXXXX: Name
or service not known
fatal: [XXXXXX]: UNREACHABLE! => {"changed": false, "msg": "Data could not be sent to remote host \"XXXXXX\". Make sure this host can be reached over ssh: ssh: Could not resolve hostname XXXXXX: Name or service not known\r\n", "unreachable": true}
I think I need to force the use of an ODBC connection with something like below (example is for Windows server) :
ansible_connection: winrm
ansible_port: 5986
ansible_winrm_transport: credssp
ansible_winrm_server_cert_validation: ignore
What should I do ?
ansible_port: 1433 ? And what other parameters ?
I don't see how to communicate via ODBC.
I am executing a PS script on a windows host and want to store its stdout in a file on an ansible local machine. I have a playbook like following:
---
- name: Check Antivirus software
hosts: all
become: false
gather_facts: no
tasks:
- name: Get AV details
win_shell: |
echo "script printing data on stdout"
register: result
- name: save response
copy:
content: '{{ result.stdout }}'
dest: '{{ response_file }}'
delegate_to: localhost
From the above playbook, 1st task gets executed without any issues. But 2nd task gives the following error.
TASK [save response] *******************************************************************************************************************************************
fatal: [20.15.102.192 -> localhost]: UNREACHABLE! => {"changed": false, "msg": "ntlm: HTTPSConnectionPool(host='localhost', port=5986): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f4940760208>: Failed to establish a new connection: [Errno 111] Connection refused',))", "unreachable": true}
I also tried local_action which is also giving the same error.
I'm running a basic acl creation on Ansible but get this error:
TASK [Merge provided configuration with device configuration] ********************************************************************
fatal: [192.168.0.140]: FAILED! => {"changed": false, "msg": "sh access-list\r\n ^\r\nERROR: % Invalid input detected at '^' marker.\r\n\rASA> "}
---
- name: "ACL TEST 1"
hosts: ASA
connection: local
gather_facts: false
collections:
- cisco.asa
tasks:
- name: Merge provided configuration with device configuration
cisco.asa.asa_acls:
config:
acls:
- name: purple_access_in
acl_type: extended
aces:
- grant: permit
line: 1
protocol_options:
tcp: true
source:
address: 10.0.3.0
netmask: 255.255.255.0
destination:
address: 52.58.110.120
netmask: 255.255.255.255
port_protocol:
eq: https
log: default
state: merged
The hosts file is:
[ASA]
192.168.0.140
[ASA:vars]
ansible_user=admin
ansible_ssh_pass=admin
ansible_become_method=enable
ansible_become_pass=cisco
ansible_connection=ansible.netcommon.network_cli
ansible_network_os=cisco.asa.asa
ansible_python_interpreter=python
There's not much to the code but am struggling to get past the error. I don't even need the "sh access-list" output.
My yml:
---
- hosts: all
gather_facts: yes
become: yes
become_method: sudo
become_user: or{{sid}}
tasks:
- name: Check the id
shell: whoami
register: id
Error:
fatal: [exlodbadm04 ]: FAILED! => {"changed": false, "module_stderr": "Shared connection to exlodbadm04 closed.\r\n", "module_stdout": "\r\nSorry, user tkounain is not allowed to execute '/bin/sh -c echo BECOME-SUCCESS-oaagrwuwwvqysbkjdrksyihaplvrowyf; /usr/bin/python /tmp/ansible-tmp-1575536551.48-205039480507144/setup.py' as oranew on ogexlonqdbadm04.og.ge.com.\r\n", "msg": "MODULE FAILURE", "rc": 1}
Im running it like this:
ansible-playbook tk.yml -e "sid=anew" --ask-sudo-pass --ask-pass
I am newbie to Ansible and follow this tutorial to create a security group and an ec2 instance. The security group is created successfully, but creating ec2 instance is failed by ec2:
error: unrecognized arguments:
/home/ec2-user/.ansible/tmp/ansible-tmp-14244....
I did set up aws credentials and asnsible variables properly as below
# AWS Credentials
export AWS_ACCESS_KEY_ID=xxx
export AWS_SECRET_ACCESS_KEY=xxx
# EC2 Environment Variables
export ANSIBLE_HOSTS=/etc/ansible/ec2.py
export EC2_INI_PATH=/etc/ansible/ec2.ini
The files and output are showed as follow. Any ideas for this issue? Thanks for your Help!
$ cat group_vars/all
# Variables listed here are applicable to all host groups
key_name: sobrr-staging.pem
aws_region: cn-north-1
ami_id: ami-9e0c9ea7
instance_type: m1.small
$ cat basic-create.yml
# Basic provisioning example
- name: Create AWS resources
hosts: localhost
connection: local
gather_facts: False
tasks:
- name: Create security group
ec2_group:
name: my-security-group
description: "A Security group"
region: "{{aws_region}}"
rules:
- proto: tcp
type: ssh
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
type: all
cidr_ip: 0.0.0.0/0
register: basic_firewall
- name: debug basic_firewall
debug: 'msg="{{ basic_firewall }}"'
- name: create an EC2 instance
local_action:
module: ec2
key_name: "{{key_name}}"
region: "{{aws_region}}"
group_id: "{{basic_firewall.group_id}}"
instance_type: "{{instance_type}}"
image: "{{ami_id}}"
count: 1
wait: yes
register: basic_ec2
- name: debug instance start
debug: 'msg="{{ basic_ec2 }}"'
OUTPUT
ansible-playbook -i /etc/ansible/hosts -vvvv basic-create.yml
/usr/lib64/python2.6/site-packages/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
PLAY [Create AWS resources] ***************************************************
TASK: [Create security group] *************************************************
<localhost> region=cn-north-1 description=A Security group name=my-security-group
<localhost>
<localhost>
<localhost> u'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.15-98406246607462/ec2_group; rm -rf /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.15-98406246607462/ >/dev/null 2>&1']
ok: [localhost] => {"changed": false, "group_id": "sg-63fae101"}
TASK: [debug basic_firewall] **************************************************
ok: [localhost] => {
"msg": "{'invocation': {'module_name': u'ec2_group', 'module_args': ''}, 'changed': False, 'group_id': 'sg-63fae101'}"
}
TASK: [create an EC2 instance] ************************************************
<127.0.0.1> instance_type=m1.small image=ami-9e0c9ea7 group_id=sg-63fae101 region=cn-north-1 key_name=sobrr-staging.pem
<127.0.0.1>
<127.0.0.1>
<127.0.0.1>
<127.0.0.1> u'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/env python /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.54-184834253412898/ec2 /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.54-184834253412898/arguments; rm -rf /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.54-184834253412898/ >/dev/null 2>&1']
failed: [localhost -> 127.0.0.1] => {"failed": true, "parsed": false}
usage: ec2 [-h] [--list] [--host HOST] [--refresh-cache]
ec2: error: unrecognized arguments: /home/ec2-user/.ansible/tmp/ansible-tmp-1424461765.54-184834253412898/arguments
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit #/home/ec2-user/basic-create.retry
localhost : ok=2 changed=0 unreachable=0 failed=1
The key_name parameter in Ansible ec2 module refers to the ssh public key you uploaded or created(if you want to reuse the previous key) in your AWS account. You may want to verify it matches the name you specified in the AWS account.
My guess is that the key name in you AWS account is sobrr-staging, not sobrr-staging.pem
Try use sobrr-staging and see how that goes.