I am trying to wget a file from a web server from within an Ansible playbook.
Here is the Ansible snippet:
---
- hosts: all
sudo: true
tasks:
- name: Prepare Install folder
sudo: true
action: shell sudo mkdir -p /tmp/my_install/mysql/ && cd /tmp/my_install/mysql/
- name: Download MySql
sudo: true
action: shell sudo wget http://{{ repo_host }}/MySQL-5.6.15-1.el6.x86_64.rpm-bundle.tar
Invoking it via:
ansible-playbook my_3rparties.yml -l vsrv644 --extra-vars "repo_host=vsrv656" -K -f 10
It fails with the following:
Cannot write to `MySQL-5.6.15-1.el6.x86_64.rpm-bundle.tar' (Permission denied).
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit #/usr2/ihazan/vufroria_3rparties.retry
vsrv644 : ok=2 changed=1 unreachable=0 failed=1
When trying to do the command that fail via regular remote ssh to mimic what ansible would do, it doesn't work as follows:
-bash-4.1$ ssh ihazan#vsrv644 'cd /tmp/my_install/mysql && sudo wget http://vsrv656/MySQL-5.6.15-1.el6.x86_64.rpm-bundle.tar'
Enter passphrase for key '/usr2/ihazan/.ssh/id_rsa':
sudo: sorry, you must have a tty to run sudo
But I can solve it using -t as follows:
-bash-4.1$ ssh -t ihazan#vsrv644 'cd /tmp/my_install/mysql && sudo wget http://vsrv656/MySQL-5.6.15-1.el6.x86_64.rpm-bundle.tar'
Then it works.
Is there a way to set the -t (pseudo tty option) on ansible?
P.S: I could solve it by editing the sudoers file as others propose but that is a manual step I am trying to avoid.
Don't use shell-module when there is specialized modules available. In your case:
Create directories with file-module:
- name: create project directory {{ common.project_dir }}
file: state=directory path={{ common.project_dir }}
Download files with get_url-module:
- name: download sources
get_url: url={{ opencv.url }} dest={{ common.project_dir }}/{{ opencv.file }}
Note the new module call syntax in the examples above.
If you have to use sudo with password remember to give --ask-sudo-pass when needed (see e.g. Remote Connection Information).
In Ansible:
file to manage files/directories
get_url to download what you need
become:yes to use sudo priviledges
See ansible documentation:
https://docs.ansible.com/ansible/latest/modules/modules_by_category.html
Related
I can run the script with the command line argument on the linux server it works fine.
for e.g.: ./install.sh -n -I <IP address of the server>
The above command is able to install the script on the server.
When I am trying to do via ansible (version 2.5) playbook using the shell module it gives me an argument error.
- name: Running the script
shell: yes | ./fullinstall
Expect modules has been tried.
--my-arg1=IP address
- shell: "./install.sh -n -I"
args:
chdir: somedir/
creates: somelog.txt
You can look here for examples.
You can also place the install.sh file on the server as a template. Then you can set the variables as desired in Jinja2.
- name: Template install.sh
template:
src: /install.sh.j2
dest: /tmp/install.sh
- shell: "cd /tmp/ ; ./install.sh
Your install.sh.j2 contains:
IP adres: {{ my_ip }}
And set the variable on the command line with:
ansible-playbook -e my_ip="192.168.0.1"
Use command module
- name: run script
command: /path/to/install.sh -n -I {{ ip_addrress }}
playbook
ansible-playbook -e ip_address="192.168.3.9" play.yml
If you want to interactively wanted to enter the IP address, use prompt module.
I'm trying to set up a playbook that will configure my development system. I'd like to copy the /etc/hosts file from my playbooks "files" directory to the /etc directory on my system. Currently I'm doing the following:
# main.yml
- hosts: all
- tasks:
- copy: src=files/hosts
dest=/etc/hosts
owner=root
group=wheel
mode=0644
backup=true
become: true
# inventory
localhost ansible_connection=local
When I run the playbook I'm getting this error:
fatal: [localhost]: FAILED! => {... "msg": Failed to get information on remote file (/etc/hosts): MODULE FAILURE"}
I believe this is because copy is supposed to be used to copy a file to a remote file system. So how do you copy a file to your local management system? I did a Google Search and everything talks about doing the former. I didn't see this addressed in the Ansible docs.
Your task is ok.
You should add --ask-sudo-pass to the ansible-playbook call.
If you run with -vvv you can see the command starts with sudo -H -S -n -u root /bin/sh -c echo BECOME-SUCCESS-somerandomstring (followed by a call to the Python script). If you execute it yourself, you'll get sudo: a password is required message. Ansible quite unhelpfully replaces this error message with its own Failed to get information on remote file (/etc/hosts): MODULE FAILURE.
I need to run playbooks on Vagrant boxes and on aws when I setup environment with cloud formation.
In Vagrant file I use ansible-local and everything works fine
name: Setup Unified Catalog Webserver
hosts: 127.0.0.1
connection: local
become: yes
become_user: root
roles: generic
However when I create instance in AWS the ansible playbook fails with error:
sudo: sorry, you must have a tty to run sudo
This happen because it is run as root and it doesnt have tty. But I dont know how to fix it without making change in /etc/sudoers to allow !requiretty
Is there any flags I can setup in ansible.cfg or in my Cloud Formation template?
"#!/bin/bash\n", "\n", "
echo 'Installing Git'\n","
yum --nogpgcheck -y install git ansible htop nano wget\n",
"wget https://s3.eu-central-1.amazonaws.com/XXX -O /root/.ssh/id_rsa\n",
"chmod 600 /root/.ssh/id_rsa\n",
"ssh-keyscan 172.31.7.235 >> /root/.ssh/known_hosts\n",
"git clone git#172.31.7.235:something/repo.git /root/repo\n",
"ansible-playbook /root/env/ansible/test.yml\n
I was able to fix this by setting the transport = paramiko configuration in ansible.cfg.
I have found the following solutions for myself:
1. Change requiretty in /etc/sudoers with sed run playbooks and change it back.
"#!/bin/bash\n", "\n", "
echo 'Installing Git'\n","
yum --nogpgcheck -y install git ansible htop nano wget\n",
"wget https://s3.eu-central-1.amazonaws.com/xx/ansible -O /root/.ssh/id_rsa\n",
"chmod 600 /root/.ssh/id_rsa\n",
"ssh-keyscan 172.31.9.231 >> /root/.ssh/known_hosts\n",
"git clone git#172.31.5.254:somerepo/dev.git /root/dev\n",
"sed -i 's/Defaults requiretty/Defaults !requiretty/g' /etc/sudoers\n",
"\n",
"ansible-playbook /root/dev/env/ansible/uk.yml\n",
"\n",
"sed -i 's/Defaults !requiretty/Defaults requiretty/g' /etc/sudoers\n"
OR
2. In ansible playbook specify variable:
- name: Setup
hosts: 127.0.0.1
connection: local
sudo: {{ require_sudo }}
roles:
- generic
Run in AWS Cloud Formation template would be
"ansible-playbook -e require_sudo=False /root/dev/env/ansible/uk.yml\n"
And for Vagrant in ansible.cfg it can be specified
require_sudo=True
Also in CF template may identify who is running and the pass variable
ansible-playbook -e$(id -u |egrep '^0$' > /dev/null && require_sudo=False || require_sudo=True; echo "require_sudo=$require_sudo") /apps/ansible/uk.yml
If you need to specific connection: paramiko within just one playbook versus a global configuration in ansible.cfg, you can add connection: paramiko following in the playbook, example:
- name: Run checks after deployments
hosts: all
# https://github.com/paramiko/paramiko/issues/1369
connection: paramiko
gather_facts: True
I give up, just can't understand how to use Ansible with "connection: local" + "sudo: yes".
I have something like:
ansible-playbook ansible/desktop.yml
- hosts: localhost
connection: local
...
tasks:
- apt_repository: repo='ppa:alexey-smirnov/deadbeef'
sudo: yes
I've also tried sudo_user: ... param, sudo before the command, ansible-playbook --sudo and --ask-sudo-pass
Currently:
failed: [localhost] => {"failed": true}
msg: [Errno 13] Permission denied
How should it be executed?
ansible --version
ansible 1.7.2
Try
ansible-playbook -i <inventory> ansible/desktop.yml -u <local user who can sudo with password> --ask-sudo-pass
This will make ansible use the remote user you mentioned in -u. And when it uses that user to sudo, it will ask you for sudo password.
Here's another method (also works with ansible become: syntax):
sudo su -c "ansible-playbook <your playbook name and options>"
I have set sudo_user in /etc/ansible/ansible.cfg.
In my playbook I have set remote_user, sudo_user and sudo:yes (also tried sudo:True) on the same level as hosts:
I then use a role that does:
shell: cp -f src /usr/local/bin/dest
sudo: yes
and get
stderr: cp: cannot create regular file `/usr/local/bin/dest': Permission denied
The credentials in AWX are set correctly - I am able to manually log in as the desired user on the remote machine and copy the file with sudo cp. I have no idea what I'm doing wrong.
What's your sudo user? Your base playbook should look something like this:
# Base System: this is my base playbook
- name: Base Playbook
hosts: all
user: myuser
sudo: True