ansible issueshttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues2021-04-23T16:03:28+02:00https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/107Add the KIT-AD integration2021-04-23T16:03:28+02:00sg7149Add the KIT-AD integrationSummary
-------
The AD integration is not automated so some behaviours are unexpected (las-archiv1 permissions on other computers) and setting up new computers involves manual work.
Steps to reproduce
------------------
1. SSH to a m...Summary
-------
The AD integration is not automated so some behaviours are unexpected (las-archiv1 permissions on other computers) and setting up new computers involves manual work.
Steps to reproduce
------------------
1. SSH to a machine that is not yours and try to access /mnt/las-archiv1.
2. Setup a new computer.
What is the current bug behaviour?
---------------------------------
1. Permission denied, because I'm not in the users group.
2. No login with KIT account possible
What is the expected correct behaviour?
---------------------------------------
1. Access granted (I am part of the group users)
2. Login with KIT account works.
Relevant logs and/or screenshots
--------------------------------
```
[sg7149@methusalix ~]$ ls -la /mnt/las-archiv1/
ls: cannot open directory '/mnt/las-archiv1/': Permission denied
```
Possible fixes
--------------
Implement the KIT-LAS_LDAP guide.yuancun.nieyuancun.niehttps://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/96Fix deprecation warning (loop in Jupyter notebbok)2020-05-15T20:10:47+02:00sg7149Fix deprecation warning (loop in Jupyter notebbok)Calling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: idefix
Summary
-------
Deprecation warning for using list as loop for package managers instead of installing the list. See other roles (eg. common) for the fix of this issue....Calling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: idefix
Summary
-------
Deprecation warning for using list as loop for package managers instead of installing the list. See other roles (eg. common) for the fix of this issue.
Steps to reproduce
------------------
Run sites.yml
What is the current bug behavior?
---------------------------------
Deprecation warning
What is the expected correct behaviour?
---------------------------------------
No deprecation warning
Relevant logs and/or screenshots
--------------------------------
```
TASK [ipynb : install Jupyter notebook for Python 3] *****************************************************************
[DEPRECATION WARNING]: Invoking "dnf" only once while using a loop via squash_actions is deprecated. Instead of using
a loop to supply multiple items and specifying `name: "{{ item }}"`, please use `name: ['python3-jupyter-core',
'python3-ipykernel', 'python3-nbformat', 'python3-ipdb', 'python3-ipython']` and remove the loop. This feature will
be removed in version 2.11. Deprecation warnings can be disabled by setting deprecation_warnings=False in
ansible.cfg.
ok: [idefix.las.kit.edu] => (item=['python3-jupyter-core', 'python3-ipykernel', 'python3-nbformat', 'python3-ipdb', 'python3-ipython'])
TASK [ipynb : install Jupyter notebook extensions] *******************************************************************
[DEPRECATION WARNING]: Invoking "pip" only once while using a loop via squash_actions is deprecated. Instead of using
a loop to supply multiple items and specifying `name: "{{ item }}"`, please use `name: ['ipywidgets']` and remove
the loop. This feature will be removed in version 2.11. Deprecation warnings can be disabled by setting
deprecation_warnings=False in ansible.cfg.
ok: [idefix.las.kit.edu] => (item=['ipywidgets'])
```
Possible fixes
--------------
Don't use a loop (with_items), but provide the list as the `name` argument.
/cc @vn4918https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/95lasarchiv1 role fails sometimes2020-05-14T18:00:01+02:00sg7149lasarchiv1 role fails sometimesCalling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: pepe, faulus
Summary
-------
Running the newly merged code !43 it first failed for some hosts, but not for all.
After having a look at https://github.com/ansible/ansible/issu...Calling host: obelix.las.kit.edu (Fedora 31)
Failing nodes: pepe, faulus
Summary
-------
Running the newly merged code !43 it first failed for some hosts, but not for all.
After having a look at https://github.com/ansible/ansible/issues/29814 and changing `remounted` to `mounted` again succeeded.
But `mounted` initially failed, so maybe it is the bug and we cannot do much about it in our role. From the github-issue, I understand the documentation like it should work with `mounted` which is more consistent with the idea of stateless-ness though I read the documentation of the `mount` module differently the last time.
Steps to reproduce
------------------
Run `ansible-playbook --vault-password-file password nfs.yml --skip-tags fonts`.
What is the current bug behavior?
---------------------------------
SOMETIMES:
Hosts with unmounted /mnt/las-archiv1 and not installed fail. Broken, and correctly mounted /mnt/las-archiv1 machines do not fail.
What is the expected correct behaviour?
---------------------------------------
ALWAYS: None of the machines fail and all have a mounted /mnt/las-archiv1
Relevant logs and/or screenshots
--------------------------------
```
TASK [lasarchiv : remount lasarchiv1] ********************************************************************************
fatal: [homoeopatix.las.kit.edu]: FAILED! => {"changed": false, "msg": "Error remounting /mnt/las-archiv1: umount: /mnt/las-archiv1: not mounted.\n"}
changed: [methusalix.las.kit.edu]
changed: [majestix.las.kit.edu]
changed: [troubadix.las.kit.edu]
fatal: [faulus.las.kit.edu]: FAILED! => {"changed": false, "msg": "Error remounting /mnt/las-archiv1: umount: /mnt/las-archiv1: no mount point specified.\n"}
fatal: [pepe.las.kit.edu]: FAILED! => {"changed": false, "msg": "Error remounting /mnt/las-archiv1: umount: /mnt/las-archiv1: not mounted.\n"}
changed: [idefix.las.kit.edu]
```
https://github.com/ansible/ansible/issues/29814
Possible fixes
--------------
(If you can, link to the line of code that might be responsible for the problem)
/cc @vn4918https://git.scc.kit.edu/las-it-organisation/32-0-IT-InstructionsAndRules/ansible/-/issues/73Fix auto-update role2021-09-03T15:25:45+02:00sg7149Fix auto-update roleCalling host: obelix.las.kit.edu (Fedora 30)
Failing nodes: homoeopatix, galantine
Summary
-------
The timer does not work
Steps to reproduce
------------------
* disable the timer if it is not anyway `sudo systemctl stop dnf-autom...Calling host: obelix.las.kit.edu (Fedora 30)
Failing nodes: homoeopatix, galantine
Summary
-------
The timer does not work
Steps to reproduce
------------------
* disable the timer if it is not anyway `sudo systemctl stop dnf-automatic.timer`
* Make a change in the config, to trigger a run of `configure autoupdate` and its handlers.
* Have a look if the timer is enabled/running `systemctl status dnf-automatic.timer`
What is the current bug behavior?
---------------------------------
* the timer is not enabled, though the handlers run
* the next task (install ntpdate) aborts with a connection timeout
What is the expected correct behaviour?
---------------------------------------
* timer is enabled like when running `sudo systemctl start dnf-automatic.timer`
* ansible does not stop at the next task
Relevant logs and/or screenshots
--------------------------------
```
NOTIFIED HANDLER common : enable automatic for homoeopatix.las.kit.edu
changed: [homoeopatix.las.kit.edu] => {
"changed": true,
"checksum": "696d44dfa164390f90c382977fd4f6017a41d36f",
"dest": "/etc/dnf/automatic.conf",
"diff": [],
"gid": 0,
"group": "root",
"invocation": {
"module_args": {
"_original_basename": "automatic.conf",
"attributes": null,
"backup": false,
"checksum": "696d44dfa164390f90c382977fd4f6017a41d36f",
"content": null,
"delimiter": null,
"dest": "/etc/dnf/automatic.conf",
"directory_mode": null,
"follow": false,
"force": true,
"group": "root",
"local_follow": null,
"mode": 644,
"owner": "root",
"regexp": null,
"remote_src": null,
"selevel": null,
"serole": null,
"setype": null,
"seuser": null,
"src": "/root/.ansible/tmp/ansible-tmp-1563879277.1940045-149113441544632/source",
"unsafe_writes": null,
"validate": null
}
},
"md5sum": "bfccf2820f6617355dc306e4f97cb290",
"mode": "01204",
"owner": "root",
"secontext": "system_u:object_r:etc_t:s0",
"size": 2572,
"src": "/root/.ansible/tmp/ansible-tmp-1563879277.1940045-149113441544632/source",
"state": "file",
"uid": 0
}
<homoeopatix.las.kit.edu> ESTABLISH SSH CONNECTION FOR USER: root
<homoeopatix.las.kit.edu> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 homoeopatix.las.kit.edu '/bin/sh -c '"'"'echo ~root && sleep 0'"'"''
<homoeopatix.las.kit.edu> (0, b'/root\n', b'')
<homoeopatix.las.kit.edu> ESTABLISH SSH CONNECTION FOR USER: root
<homoeopatix.las.kit.edu> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 homoeopatix.las.kit.edu '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763 `" && echo ansible-tmp-1563879278.9439619-57665086813763="` echo /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763 `" ) && sleep 0'"'"''
<homoeopatix.las.kit.edu> (0, b'ansible-tmp-1563879278.9439619-57665086813763=/root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763\n', b'')
Using module file /usr/lib/python3.7/site-packages/ansible/modules/packaging/os/dnf.py
<homoeopatix.las.kit.edu> PUT /root/.ansible/tmp/ansible-local-284632oi9hj3u/tmpqen7qowb TO /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py
<homoeopatix.las.kit.edu> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 '[homoeopatix.las.kit.edu]'
<homoeopatix.las.kit.edu> (0, b'sftp> put /root/.ansible/tmp/ansible-local-284632oi9hj3u/tmpqen7qowb /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py\n', b'')
<homoeopatix.las.kit.edu> ESTABLISH SSH CONNECTION FOR USER: root
<homoeopatix.las.kit.edu> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 homoeopatix.las.kit.edu '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/ /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py && sleep 0'"'"''
<homoeopatix.las.kit.edu> (0, b'', b'')
<homoeopatix.las.kit.edu> ESTABLISH SSH CONNECTION FOR USER: root
<homoeopatix.las.kit.edu> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 -tt homoeopatix.las.kit.edu '/bin/sh -c '"'"'/usr/bin/python3 /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py && sleep 0'"'"''
<homoeopatix.las.kit.edu> (0, b'/root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py:18: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module\'s documentation for alternative uses\r\n import imp\r\n[master ac956f1] saving uncommitted changes in /etc prior to dnf run\r\n 1 file changed, 1 insertion(+), 1 deletion(-)\r\n\r\n{"msg": "Nothing to do", "changed": false, "results": ["Installed: ntpdate"], "rc": 0, "invocation": {"module_args": {"state": "present", "name": ["ntpdate"], "allow_downgrade": false, "autoremove": false, "bugfix": false, "disable_gpg_check": false, "disable_plugin": [], "disablerepo": [], "download_only": false, "enable_plugin": [], "enablerepo": [], "exclude": [], "installroot": "/", "install_repoquery": true, "install_weak_deps": true, "security": false, "skip_broken": false, "update_cache": false, "update_only": false, "validate_certs": true, "lock_timeout": 0, "conf_file": null, "disable_excludes": null, "download_dir": null, "list": null, "releasever": null}}}\r\n', b'Shared connection to homoeopatix.las.kit.edu closed.\r\n')
<homoeopatix.las.kit.edu> ESTABLISH SSH CONNECTION FOR USER: root
<homoeopatix.las.kit.edu> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/4830240bc1 homoeopatix.las.kit.edu '/bin/sh -c '"'"'rm -f -r /root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/ > /dev/null 2>&1 && sleep 0'"'"''
<homoeopatix.las.kit.edu> (0, b'', b'')
fatal: [homoeopatix.las.kit.edu]: FAILED! => {
"changed": false,
"module_stderr": "Shared connection to homoeopatix.las.kit.edu closed.\r\n",
"module_stdout": "/root/.ansible/tmp/ansible-tmp-1563879278.9439619-57665086813763/AnsiballZ_dnf.py:18: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses\r\n import imp\r\n[master ac956f1] saving uncommitted changes in /etc prior to dnf run\r\n 1 file changed, 1 insertion(+), 1 deletion(-)\r\n\r\n{\"msg\": \"Nothing to do\", \"changed\": false, \"results\": [\"Installed: ntpdate\"], \"rc\": 0, \"invocation\": {\"module_args\": {\"state\": \"present\", \"name\": [\"ntpdate\"], \"allow_downgrade\": false, \"autoremove\": false, \"bugfix\": false, \"disable_gpg_check\": false, \"disable_plugin\": [], \"disablerepo\": [], \"download_only\": false, \"enable_plugin\": [], \"enablerepo\": [], \"exclude\": [], \"installroot\": \"/\", \"install_repoquery\": true, \"install_weak_deps\": true, \"security\": false, \"skip_broken\": false, \"update_cache\": false, \"update_only\": false, \"validate_certs\": true, \"lock_timeout\": 0, \"conf_file\": null, \"disable_excludes\": null, \"download_dir\": null, \"list\": null, \"releasever\": null}}}\r\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 0
}
RUNNING HANDLER [common : enable automatic] ***********************************************************************************************************************************************************************************************************************************
task path: /root/ansible/roles/common/handlers/main.yml:82
PLAY RECAP ********************************************************************************************************************************************************************************************************************************************************************
homoeopatix.las.kit.edu : ok=24 changed=1 unreachable=0 failed=1 skipped=5 rescued=0 ignored=0
```
Possible fixes
--------------
(If you can, link to the line of code that might be responsible for the problem)
/cc @gethmann