I am trying to create a VPC with the following code.
- name: VPC | Creating an AWS VPC inside mentioned Region
local_action:
module: ec2_vpc
region: "{{ vpc_region }}"
state: present
aws_access_key:
aws_secret_key:
cidr_block: "{{ vpc_cidr_block }}"
resource_tags: { "Name":"{{ vpc_name }}-vpc" }
subnets: "{{ vpc_subnets }}"
internet_gateway: yes
route_tables: "{{ public_subnet_rt }}"
register: vpc
passing the localhost as the host.
But I am facing the following error.
An exception occurred during task execution. The full traceback is:
Traceback (most recent call last):
File "/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc", line 2944, in <module>
main()
File "/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc", line 731, in main
(vpc_dict, new_vpc_id, subnets_changed, igw_id, changed) = create_vpc(module, vpc_conn)
File "/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc", line 339, in create_vpc
previous_vpc = find_vpc(module, vpc_conn, id, cidr_block)
File "/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc", line 199, in find_vpc
previous_vpcs = vpc_conn.get_all_vpcs(None, {'cidr': cidr, 'state': 'available'})
AttributeError: 'NoneType' object has no attribute 'get_all_vpcs'
fatal: [localhost -> localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "ec2_vpc"}, "module_stderr": "Traceback (most recent call last):\n File \"/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc\", line 2944, in <module>\n main()\n File \"/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc\", line 731, in main\n (vpc_dict, new_vpc_id, subnets_changed, igw_id, changed) = create_vpc(module, vpc_conn)\n File \"/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc\", line 339, in create_vpc\n previous_vpc = find_vpc(module, vpc_conn, id, cidr_block)\n File \"/Users/Merv/.ansible/tmp/ansible-tmp-1462873251.31-168428606517499/ec2_vpc\", line 199, in find_vpc\n previous_vpcs = vpc_conn.get_all_vpcs(None, {'cidr': cidr, 'state': 'available'})\nAttributeError: 'NoneType' object has no attribute 'get_all_vpcs'\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
I moved my boto version to 2.40.0 yet facing this issue.
yes It is a bug in the boto library. I installed the latest one. Also, this error persists if, the region name is wrong. So i changed my "{{ vpc_region }}" and this error went away.
Looks like, it a bug in boto library.
Found this: https://github.com/ansible/ansible-modules-core/issues/1772
For a temporary fix(as mentioned in the link):
To manually fix you can
add into each init.py
/usr/lib/python2.7/dist-packages/boto/ec2/init.py
your endpoints for example...
I added to the RegionData for this...
'eu-west-1a': 'ec2.eu-west-1.amazonaws.com',
'eu-west-1b': 'ec2.eu-west-1.amazonaws.com',
'eu-west-1c': 'ec2.eu-west-1.amazonaws.com',
Related
Pls. Help
I`m have this playbook:
---
- name: Install service
hosts: some_host
vars:
app: "{{ app_name }}-{{ tag }}.war"
app_folder: "{{ client_dir }}/{{ app_name }}"
tasks:
- name: Unpack archive Java
unarchive:
src={{ java_distrib }}
dest={{ app_folder }}
creates="{{ app_folder }}/{{ java_home }}"
mode=0555
all work fine when i install on remote host.
But when hosts is same machine from i run ansible-playbook i got this error:
TASK [Unpack archive Java] *********************************************************************************************************
fatal: [10.2.9.6]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 10.2.9.6 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n File \"/home/stend/.ansible/tmp/ansible-tmp-1586175452.58-42679814338845/AnsiballZ_unarchive.py\", line 114, in <module>\r\n _ansiballz_main()\r\n File \"/home/stend/.ansible/tmp/ansible-tmp-1586175452.58-42679814338845/AnsiballZ_unarchive.py\", line 106, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/stend/.ansible/tmp/ansible-tmp-1586175452.58-42679814338845/AnsiballZ_unarchive.py\", line 49, in invoke_module\r\n imp.load_module('__main__', mod, module, MOD_DESC)\r\n File \"/tmp/ansible_unarchive_payload_f_poEj/__main__.py\", line 157, in <module>\r\n File \"/tmp/ansible_unarchive_payload_f_poEj/ansible_unarchive_payload.zip/ansible/module_utils/urls.py\", line 402, in <module>\r\nAttributeError: 'module' object has no attribute 'HTTPSConnection'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
and im not understand whats going on. Why connection closed? im try unarchive to local machine. Where i`m wrong? Pls help !
Problem solved, i`m re install python and library libssl1.1
Using Terraform code I have created Other type of secrets in AWS Secrets Manager.
I need to use these AWS secrets in Ansible code. I found this below link but I am unable to proceed it.
https://docs.ansible.com/ansible/2.8/plugins/lookup/aws_secret.html
I have below Ansible code:-
database.yml
- name: Airflow | DB | Create MySQL DB
mysql_db:
login_user: "{{ mysql_user }}"
# login_password: "{{ mysql_root_password }}"
login_password: "{{ lookup('ca_dev', 'mysql_root_password') }}"
# config_file: /etc/my.cnf
# login_unix_socket: /var/lib/mysql/mysql.sock
# encrypted: yes
name: "airflow"
state: "present"
How can I incorporate AWS secret Manager in my ansible code?
Error message:-
TASK [../../roles/airflow : Airflow | DB | Create MySQL DB] **************************************************************************************************************************************************************************
task path: /home/ec2-user/cng-ansible/roles/airflow/tasks/database.yml:25
The full traceback is:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 140, in run
res = self._execute()
File "/usr/lib/python2.7/site-packages/ansible/executor/task_executor.py", line 539, in _execute
self._task.post_validate(templar=templar)
File "/usr/lib/python2.7/site-packages/ansible/playbook/task.py", line 267, in post_validate
super(Task, self).post_validate(templar)
File "/usr/lib/python2.7/site-packages/ansible/playbook/base.py", line 364, in post_validate
value = templar.template(getattr(self, name))
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 540, in template
disable_lookups=disable_lookups,
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 495, in template
disable_lookups=disable_lookups,
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 746, in do_template
res = j2_concat(rf)
File "<template>", line 8, in root
File "/usr/lib/python2.7/site-packages/jinja2/runtime.py", line 193, in call
return __obj(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/ansible/template/__init__.py", line 631, in _lookup
instance = self._lookup_loader.get(name.lower(), loader=self._loader, templar=self)
File "/usr/lib/python2.7/site-packages/ansible/plugins/loader.py", line 381, in get
obj = getattr(self._module_cache[path], self.class_name)
AttributeError: 'module' object has no attribute 'LookupModule'
fatal: [127.0.0.1]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
RUNNING HANDLER [../../roles/airflow : restart rabbitmq-server]
task path: /home/ec2-user/cng-ansible/roles/airflow/handlers/main.yml:28
to retry, use: --limit #/home/ec2-user/cng-ansible/plays/airflow/installAirflow.retry
PLAY RECAP
127.0.0.1 : ok=39 changed=7 unreachable=0 failed=1
ansible-doc -t lookup -l output
The error {"msg": "lookup plugin (ca_dev) not found"} suggests your issue is the misuse of the lookup command.
The following line:
login_password: "{{ lookup('ca_dev', 'mysql_root_password') }}"
Should look something like
login_password: "{{ lookup('aws_secret', 'mysql_root_password') }}"
ca_dev is not a valid lookup type, whereas aws_secret is.
You can see a list of supported lookup plugins for Ansible 2.8 in the Lookup Plugins section of the official documentation.
If you are using a custom lookup plugin, or backporting a plugin from a future version of ansible to an older version, you must make sure that it is in a directory visible to ansible.
You can either place the custom file in the default location ansible looks in ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup or configure your ansible.cfg to look in a different place using the following lookup_plugins ini key under the defaults section.
DEFAULT_LOOKUP_PLUGIN_PATH
Description: Colon separated paths in which Ansible will search for Lookup Plugins.
Type: pathspec
Default: ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
Ini Section: defaults
Ini Key: lookup_plugins
Environment: ANSIBLE_LOOKUP_PLUGINS
Documentation for this can be found in the Ansible Configuration section of the official documentation
This is the error message:
TASK [vsphere_guest] ***********************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: pysphere.resources.vi_exception.VIException: [Object Not Found]: Could not find a VM named 'templatename'
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "module_stderr": "Traceback (most recent call last):\n File \"/var/folders/5_/zznkc3cs38v1wscsgmsdcc1w0000gn/T/ansible_Z0ldZx/ansible_module_vsphere_guest.py\", line 1879, in \n main()\n File \"/var/folders/5_/zznkc3cs38v1wscsgmsdcc1w0000gn/T/ansible_Z0ldZx/ansible_module_vsphere_guest.py\", line 1836, in main\n vm_extra_config=vm_extra_config\n File \"/var/folders/5_/zznkc3cs38v1wscsgmsdcc1w0000gn/T/ansible_Z0ldZx/ansible_module_vsphere_guest.py\", line 655, in deploy_template\n vmTemplate = vsphere_client.get_vm_by_name(template_src)\n File \"/usr/local/lib/python2.7/site-packages/pysphere/vi_server.py\", line 323, in get_vm_by_name\n FaultTypes.OBJECT_NOT_FOUND)\npysphere.resources.vi_exception.VIException: [Object Not Found]: Could not find a VM named 'templatename'\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
This is the Ansible code:
---
- hosts: all
tasks:
- vsphere_guest:
validate_certs: no
guest: newbuildvm001
#state: powered_on
from_template: yes
template_src: templatename
vm_extra_config:
vcpu.hotadd: yes
mem.hotadd: yes
notes: This is a test VM
folder: Test
vm_disk:
disk1:
size_gb: 10
type: thin
datastore: test
folder: test-ansible
vm_nic:
nic1:
type: vmxnet3
network: teset
network_type: standard
vm_hardware:
memory_mb: 2048
num_cpus: 2
osid: centos64Guest
scsi: paravirtual
esxi:
datacenter: DC
I was expecting ansible to create a virtual machine based on the template called templatename.
Instead it seems to look for a virtual machine called templatename to clone?
vsphere_guest module clone existing VMs.
template_src is a name of VM (not template as you might expect) to clone from.
See proof in the module's code.
---
- hosts: localhost
gather_facts: false
vars:
keypair: id_rsa
instance_type: t2.micro
image: ami-6f68cf0f
region: us-west-2
tasks:
- name: launch ec2-instance
ec2:
key_name: "{{ keypair }}"
instance_type: "{{ instance_type }}"
image: ami-6f68cf0f
wait: true
group: wide-open
region: "{{ region }}"
aws_access_key: '************'
aws_secret_key: '********************************'
register: ec2
This what I run but it shows the following error
Traceback (most recent call last):
File "/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2", line 3628, in <module>
main()
File "/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2", line 1413, in main
(instance_dict_array, new_instance_ids, changed) = create_instances(module, ec2, vpc)
File "/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2", line 898, in create_instances
grp_details = ec2.get_all_security_groups()
File "/usr/lib/python2.6/site-packages/boto/ec2/connection.py", line 2984, in get_all_security_groups
[('item', SecurityGroup)], verb='POST')
File "/usr/lib/python2.6/site-packages/boto/connection.py", line 1186, in get_list
raise self.ResponseError(response.status, response.reason, body)
boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized
<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>5d241900-6b6e-4398-aba3-16d5738fb6d5</RequestID></Response>
fatal: [localhost]: FAILED! => {"changed": false, "failed": true, "invocation": {"module_name": "ec2"}, "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2\", line 3628, in <module>\n main()\n File \"/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2\", line 1413, in main\n (instance_dict_array, new_instance_ids, changed) = create_instances(module, ec2, vpc)\n File \"/root/.ansible/tmp/ansible-tmp-1483922048.3-267705964376313/ec2\", line 898, in create_instances\n grp_details = ec2.get_all_security_groups()\n File \"/usr/lib/python2.6/site-packages/boto/ec2/connection.py\", line 2984, in get_all_security_groups\n [('item', SecurityGroup)], verb='POST')\n File \"/usr/lib/python2.6/site-packages/boto/connection.py\", line 1186, in get_list\n raise self.ResponseError(response.status, response.reason, body)\nboto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>5d241900-6b6e-4398-aba3-16d5738fb6d5</RequestID></Response>\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
The error message you received is a fairly good one in this case:
AWS was not able to validate the provided access credentials
The credentials in question here are those for your AWS account. In particular, your aws_access_key and aws_secret_key variables.
You just need to get the right values for those variables, check what you have against what you were given by whoever issued those credentials/your backup of them if it was yourself.
I have an ansible script that looks like this, and it was working properly yesterday -
- name: Dockerfile
hosts: localhost
connection: local
tasks:
- name: Install repositories packages
yum:
name: "{{ item }}"
state: present
with_items:
- https://centos7.iuscommunity.org/ius-release.rpm
- http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.10/CentOS/glusterfs-epel.repo
However this morning when I ran it, I got the following error -
failed: [localhost] (item=[u'https://centos7.iuscommunity.org/ius-release.rpm', u'http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.10/CentOS/glusterfs-epel.repo']) => {"failed": true, "invocation": {"module_name": "yum"}, "item": ["https://centos7.iuscommunity.org/ius-release.rpm", "http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.10/CentOS/glusterfs-epel.repo"], "module_stderr": "Traceback (most recent call last):\n File \"/tmp/ansible_mdVzzz/ansible_module_yum.py\", line 1064, in <module>\n main()\n File \"/tmp/ansible_mdVzzz/ansible_module_yum.py\", line 1053, in main\n disablerepo, disable_gpg_check, exclude, repoquery)\n File \"/tmp/ansible_mdVzzz/ansible_module_yum.py\", line 969, in ensure\n res = install(module, pkgs, repoq, yum_basecmd, conf_file, en_repos, dis_repos)\n File \"/tmp/ansible_mdVzzz/ansible_module_yum.py\", line 595, in install\n pkg_name = local_name(module, package)\n File \"/tmp/ansible_mdVzzz/ansible_module_yum.py\", line 492, in local_name\n header = ts.hdrFromFdno(fd)\n File \"/usr/lib64/python2.7/site-packages/rpm/transaction.py\", line 160, in hdrFromFdno\n raise rpm.error(\"error reading package header\")\n_rpm.error: error reading package header\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
The actual error description is
raise rpm.error(\"error reading package header\")\n_rpm.error: error reading package header\n", "module_stdout": "", "msg": "MODULE FAILURE", "parsed": false}
Did I break something? Or is this more of an issue with the gluster RPM?
Did you try this one:
- name: Install repositories packages
yum:
name: "{{ item }}"
state: present
with_items:
- https://centos7.iuscommunity.org/ius-release.rpm
- name: Install the gluster repo
get_url:
url: "http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.10/CentOS/glusterfs-epel.repo"
dest: "/etc/yum.repos.d/glusterfs-epel.repo"
mode: 0644