An Ansible execution environment for AWX project
Home Page: https://quay.io/ansible/awx-ee
License: Other
The default Execution Environment for AWX.
First, install ansible-builder.
Then run the following command from the root of this repo:
$ ansible-builder build -v3 -t quay.io/ansible/awx-ee # --container-runtime=docker # Is podman by default
![ansible-zuul[bot] avatar](https://avatars.githubusercontent.com/in/27800?v=4 "ansible-zuul[bot]")
I've included community.general modules in the requirement file.
can some with access help to approve pull request #123
AWX-ee:latest as of today (with cryptography pinned to<37) gives fatal errors for 'normal' jobs (system jobs like project updates are working):
Traceback (most recent call last):
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/jobs.py", line 540, in run
res = receptor_job.run()
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 271, in run
res = self._run_internal(receptor_ctl)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 326, in _run_internal
transmitter_future.result()
File "/usr/lib64/python3.9/concurrent/futures/_base.py", line 439, in result
return self.__get_result()
File "/usr/lib64/python3.9/concurrent/futures/_base.py", line 391, in __get_result
raise self._exception
File "/usr/lib64/python3.9/concurrent/futures/thread.py", line 58, in run
result = self.fn(*self.args, **self.kwargs)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/utils/common.py", line 1153, in wrapper_cleanup_new_process
return func(*args, **kwargs)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 398, in transmit
ansible_runner.interface.run(streamer='transmit', _output=_socket.makefile('wb'), **self.runner_params)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/ansible_runner/interface.py", line 210, in run
r.run()
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/ansible_runner/streaming.py", line 54, in run
stream_dir(self.private_data_dir, self._output)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/ansible_runner/utils/streaming.py", line 36, in stream_dir
archive.write(
File "/usr/lib64/python3.9/zipfile.py", line 1727, in write
zinfo = ZipInfo.from_file(filename, arcname,
File "/usr/lib64/python3.9/zipfile.py", line 517, in from_file
zinfo = cls(arcname, date_time)
File "/usr/lib64/python3.9/zipfile.py", line 361, in __init__
raise ValueError('ZIP does not support timestamps before 1980')
ValueError: ZIP does not support timestamps before 1980
Could you please include tag "latest" to https://quay.io/repository/ansible/awx-ee this can help us building custom image using the latest release
I have a problem trying to use ansible.netcommon because it is necessary to have the python-netaddr package. Can you added into the devel at least?
Thanks you so much !
bash-4.4$ python
Python 3.8.3 (default, Aug 31 2020, 16:03:14)
[GCC 8.3.1 20191121 (Red Hat 8.3.1-5)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.8/site-packages/requests/__init__.py", line 43, in <module>
import urllib3
File "/usr/lib/python3.8/site-packages/urllib3/__init__.py", line 7, in <module>
from .connectionpool import HTTPConnectionPool, HTTPSConnectionPool, connection_from_url
File "/usr/lib/python3.8/site-packages/urllib3/connectionpool.py", line 11, in <module>
from .exceptions import (
File "/usr/lib/python3.8/site-packages/urllib3/exceptions.py", line 2, in <module>
from .packages.six.moves.http_client import IncompleteRead as httplib_IncompleteRead
ModuleNotFoundError: No module named 'urllib3.packages.six'
Right now the default EE that is deployed alongside AWX is built around ansible-core 2.11 which is not released yet.
also, the image contains only 900-some modules compared to what is shipped with a released ansible 2.9.x which contains over 3000 modules.
Also, the ansible version inside the awx-ee image isn't even installed from a rpm...
Please provide an EE image based around ansible 2.9.x with all official modules present, and where ansible was installed from an official rpm for the base OS of the image.
It is a little bit of a strech to go from a tag that is static to latest that is too dynamic.
Current EE tag 0.6.0 is not syncable so the only alternative left is latest and that is pretty unpredictable.
Love your work BTW!
Migrating from ansible/ansible-builder#67, at this very moment we still have 2 outstanding things:
In addition to this, we need to remove the git requirement for community.kubernetes, because it's at parity with the released version.
Link back to ansible/awx#8650
This collection should be added to this execution environment.
I am trying to build custom EE with different version of ansible. I am able to build custom EE with different set of collections or bindep with command
ansible-builder build --tag xxx.azurecr.io/ansible/awx-custom-ee:2.11-65fd33e7f6f2 --context ./ --container-runtime podman
but if add build-arg EE_BASE_IMAGE like this
ansible-builder build --tag xxx.azurecr.io/ansible/awx-custom-ee:2.11-65fd33e7f6f2 --context ./ --container-runtime podman --build-arg EE_BASE_IMAGE=quay.io/ansible/ansible-runner:stable-2.11-latest
It fails with error:
Successfully installed PyJWT-1.7.1 adal-1.2.7 applicationinsights-0.11.10 argcomplete-1.12.3 awxkit-19.4.0 azure-cli-core-2.11.1 azure-cli-telemetry-1.0.6 azure-common-1.1.11 azure-core-1.21.1 azure-graphrbac-0.61.1 azure-keyvault-1.0.0a1 azure-mgmt-apimanagement-0.2.0 azure-mgmt-authorization-0.51.1 azure-mgmt-automation-0.1.1 azure-mgmt-batch-5.0.1 azure-mgmt-cdn-3.0.0 azure-mgmt-compute-10.0.0 azure-mgmt-containerinstance-1.4.0 azure-mgmt-containerregistry-2.0.0 azure-mgmt-containerservice-9.1.0 azure-mgmt-core-1.2.0 azure-mgmt-cosmosdb-0.5.2 azure-mgmt-datalake-nspkg-2.0.0 azure-mgmt-datalake-store-0.5.0 azure-mgmt-devtestlabs-3.0.0 azure-mgmt-dns-2.1.0 azure-mgmt-eventhub-2.0.0 azure-mgmt-hdinsight-0.1.0 azure-mgmt-iothub-0.7.0 azure-mgmt-keyvault-1.1.0 azure-mgmt-loganalytics-1.0.0 azure-mgmt-managedservices-1.0.0 azure-mgmt-managementgroups-0.2.0 azure-mgmt-marketplaceordering-0.1.0 azure-mgmt-monitor-0.5.2 azure-mgmt-network-12.0.0 azure-mgmt-notificationhubs-2.0.0 azure-mgmt-nspkg-2.0.0 azure-mgmt-privatedns-0.1.0 azure-mgmt-rdbms-1.9.0 azure-mgmt-recoveryservices-0.4.0 azure-mgmt-recoveryservicesbackup-0.6.0 azure-mgmt-redis-5.0.0 azure-mgmt-resource-10.2.0 azure-mgmt-search-3.0.0 azure-mgmt-servicebus-0.5.3 azure-mgmt-sql-0.10.0 azure-mgmt-storage-11.1.0 azure-mgmt-trafficmanager-0.50.0 azure-mgmt-web-0.41.0 azure-nspkg-2.0.0 azure-storage-0.35.1 cachetools-4.2.4 certifi-2021.10.8 colorama-0.4.4 google-auth-2.3.3 humanfriendly-8.2 isodate-0.6.1 jmespath-0.10.0 jsonpatch-1.32 jsonpointer-2.2 knack-0.7.2 kubernetes-21.7.0 msal-1.0.0 msal-extensions-0.1.3 msrest-0.6.21 msrestazure-0.6.4 oauthlib-3.1.1 pkginfo-1.8.2 portalocker-1.7.1 pyasn1-modules-0.2.8 pygments-2.11.1 python-dateutil-2.8.2 requests-oauthlib-1.3.0 rsa-4.8 tabulate-0.8.9 websocket-client-1.2.3
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
+ EXTRAS=
+ '[' -f /output/packages.txt ']'
++ wc -l
++ ls -1 /output/wheels/ansible_core-2.11.7.post0-py3-none-any.whl /output/wheels/ansible_runner-2.0.4.dev16-py3-none-any.whl
+ '[' 2 -gt 0 ']'
+ pip3 uninstall -y /output/wheels/ansible_core-2.11.7.post0-py3-none-any.whl /output/wheels/ansible_runner-2.0.4.dev16-py3-none-any.whl
Found existing installation: ansible-core 2.11.7.post0
Uninstalling ansible-core-2.11.7.post0:
Successfully uninstalled ansible-core-2.11.7.post0
Found existing installation: ansible-runner 2.0.4.dev16
Uninstalling ansible-runner-2.0.4.dev16:
Successfully uninstalled ansible-runner-2.0.4.dev16
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
+ pip3 install -c /output/upper-constraints.txt --cache-dir=/output/wheels /output/wheels/ansible_core-2.11.7.post0-py3-none-any.whl /output/wheels/ansible_runner-2.0.4.dev16-py3-none-any.whl
ERROR: Could not open requirements file: [Errno 2] No such file or directory: '/output/upper-constraints.txt'
Error: error building at STEP "RUN /output/install-from-bindep && rm -rf /output/wheels": error while running runtime: exit status 1
When I do compare between these two outputs it thinks that this file is present
I was able to build same way custom EE few months ago but I am not able anymore.
Can you please help me what I am doing wrong?
Using the 0.5 version of this container as EE in AWX19, I'd like to do some container-wide configuration. This is not possible, because the user is not root and su requires a password unknown to me.
- name: configure pip mirror
ini_file:
path: /etc/pip.conf
section: global
option: index
value: https://internal.pip.mirror.example.com
delegate_to: localhost
- name: install API pkg locally
pip:
name: api-client
delegate_to: localhostYes, a long-term solution would be to include the package in an own build of the EE container, but especially for development iterations this would be useful.
Since 0.3.0 we are getting this warning:
You are running the development version of Ansible. You should only
run Ansible from "devel" if you are modifying the Ansible engine, or trying out
features under development. This is a rapidly changing source of code and can
become unstable at any point.
Which version of the execution environment is recommended to run?
Follow up from issue ansible/awx#4995
I take it this is needed for ansible.builtin.expect @tha80 @kladiv is that your use case?
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/expect_module.html
I am trying to add the infoblox-client package to our awx-ee image but i can't get it to work.
it keeps giving me: "msg": "infoblox-client is required but does not appear to be installed. It can be installed using the command pip install infoblox-client"
I have cloned the awx-ee base image and added "infoblox-client" to the requirement.yml file for the python package needed
and added "infoblox.nios_modules" to the collections requirements.yml file to add the ansible collection for the module.
Doing that on a regular ubuntu for examle is enough to have it working.
If i check in the container everything seems to be installed.
One difference i noticed comparing it to a regular install is that on that system a python library is added in /usr/lib/python3/dist-packages/ansible/modules/net_tools/nios and that is nowhere to be found in the awx-ee image.
I looked in /usr/local/lib/python3.8/site-packages/ansible/module_utils/ which i assume is where ansible is looking for the files based on this screenshot.
Which is where found that library on the regular ubuntu:
I tried to add the library in the image manually but it wasn't picked up.
It seems that some files that are normally installed with the python infoblox-client package are not being installed in the image for some reason
Any advice would be much appreciated
When running a job in the latest awx-ee container a warning about blowfish is presented in the job output:
/usr/local/lib/python3.8/site-packages/paramiko/transport.py:236: CryptographyDeprecationWarning: Blowfish has been deprecated
"class": algorithms.Blowfish,
/usr/local/lib/python3.8/site-packages/paramiko/transport.py:236: CryptographyDeprecationWarning: Blowfish has been deprecated
"class": algorithms.Blowfish,
Paramiko is working on a fix: paramiko/paramiko#2038
I have AWX Tower 18.0.0 running on AKS Cluster. While launching the job templates, awx-job-61-p25bk pod is trying to get created but it is failing with Error: ImagePullBackOff.
kubectl logs pods/awx-job-61-p25bk -n awx
Error from server (BadRequest): container "worker" in pod "awx-job-61-p25bk" is waiting to start: trying and failing to pull image
Events:
Type Reason Age From Message
Normal Scheduled 77s default-scheduler Successfully assigned awx/awx-job-61-p25bk to aksd2msw000003
Normal Pulling 63s (x2 over 75s) kubelet Pulling image "quay.io/ansible/awx-ee"
Warning Failed 63s (x2 over 74s) kubelet Failed to pull image "quay.io/ansible/awx-ee": rpc error: code = Unknown desc = Error response from daemon: unknown: Tag latest was deleted or has expired. To pull, revive via time machine
Normal SandboxChanged 51s (x7 over 74s) kubelet Pod sandbox changed, it will be killed and re-created.
Warning Failed 47s (x6 over 71s) kubelet Back-off pulling image "quay.io/ansible/awx-ee"
Is there any Changelog / other information to see which EE image use which Ansible Version?
Ansible uri module is broken (likely something else as well, but this is what i noticed problem with) in container with latest tag. /usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py is trying to reference to a missing attribute, causing uri module to fail.
Can be reproduced like this:
docker run -it quay.io/ansible/awx-ee:latest /bin/bash
Create sample playbook to /tmp/play.yml with content:
---
- name: test
hosts: localhost
tasks:
- name: test
uri:
url: "https://github.com"
method: GET
status_code: 200
run it:
bash-4.4$ ansible-playbook play.yml
/usr/local/lib/python3.8/site-packages/paramiko/transport.py:236: CryptographyDeprecationWarning: Blowfish has been deprecated
"class": algorithms.Blowfish,
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
PLAY [test] ********************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] *********************************************************************************************************************************************************************************************************************
ok: [localhost]
TASK [test] ********************************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 107, in <module>\n _ansiballz_main()\n File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/runner/.ansible/tmp/ansible-tmp-1651047435.8167667-59-205387513469591/AnsiballZ_uri.py\", line 47, in invoke_module\n runpy.run_module(mod_name='ansible.modules.uri', init_globals=dict(_module_fqn='ansible.modules.uri', _modlib_path=modlib_path),\n File \"/usr/lib64/python3.8/runpy.py\", line 207, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib64/python3.8/runpy.py\", line 97, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib64/python3.8/runpy.py\", line 87, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_ansible.legacy.uri_payload_qe4x8_yb/ansible_ansible.legacy.uri_payload.zip/ansible/modules/uri.py\", line 446, in <module>\n File \"<frozen importlib._bootstrap>\", line 991, in _find_and_load\n File \"<frozen importlib._bootstrap>\", line 975, in _find_and_load_unlocked\n File \"<frozen importlib._bootstrap>\", line 655, in _load_unlocked\n File \"<frozen importlib._bootstrap>\", line 618, in _load_backward_compatible\n File \"<frozen zipimport>\", line 259, in load_module\n File \"/tmp/ansible_ansible.legacy.uri_payload_qe4x8_yb/ansible_ansible.legacy.uri_payload.zip/ansible/module_utils/urls.py\", line 115, in <module>\n File \"/usr/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py\", line 46, in <module>\n import OpenSSL.SSL\n File \"/usr/local/lib/python3.8/site-packages/OpenSSL/__init__.py\", line 8, in <module>\n from OpenSSL import crypto, SSL\n File \"/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py\", line 1517, in <module>\n class X509StoreFlags(object):\n File \"/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py\", line 1537, in X509StoreFlags\n CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK\nAttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
PLAY RECAP *********************************************************************************************************************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Hello,
is it possible to add google-cloud-storage pip module in AWX EE ?
google-auth module is already present but to use google.cloud.gcp_storage_bucket Ansible module the google-cloud-storage library is required too.
It should be useful to have it built-in in the default EE.
Thank you
awx:~/awx-ee# tox -edocker
docker create: /root/awx-ee/.tox/docker
docker installdeps: -r/root/awx-ee/requirements.txt
docker installed: ansible-builder @ git+https://github.com/ansible/ansible-builder.git@db9e74a0b66aa4b535bf6946c5288f1c2619c133,bindep==2.10.2,distro==1.7.0,packaging==21.3,Parsley==1.3,pbr==5.8.1,pyparsing==3.0.7,PyYAML==6.0,requirements-parser==0.5.0,types-setuptools==57.4.11
docker run-test-pre: PYTHONHASHSEED='303857441'
docker run-test: commands[0] | /bin/bash -c 'podman rmi quay.io/ansible/awx-ee:latest || true'
/bin/bash: line 1: podman: command not found
docker run-test: commands[1] | ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee --container-runtime=docker
Ansible Builder is building your execution environment image. Tags: quay.io/ansible/awx-ee
File ./_build/requirements.yml was placed in build context by user, leaving unmodified.
File ./_build/bindep.txt was placed in build context by user, leaving unmodified.
Rewriting Containerfile to capture collection requirements
Running command:
docker build -f ./Dockerfile -t quay.io/ansible/awx-ee .
Sending build context to Docker daemon 21.37MB
Step 1/26 : ARG EE_BASE_IMAGE=quay.io/ansible/ansible-runner:stable-2.12-devel
Step 2/26 : ARG EE_BUILDER_IMAGE=quay.io/ansible/ansible-builder:latest
Step 3/26 : FROM $EE_BASE_IMAGE as galaxy
stable-2.12-devel: Pulling from ansible/ansible-runner
fdc12ef68aee: Already exists
998ceb85f375: Already exists
45081c646f63: Already exists
b0eb4fd5a26a: Already exists
6c569ba3ed4d: Pulling fs layer
62fa4cf563ab: Pulling fs layer
d5b10f3441e1: Pulling fs layer
d777af3f4a5e: Pulling fs layer
a8d40afdc5f2: Pulling fs layer
8e05686aad27: Pulling fs layer
c135176e631c: Pulling fs layer
c73fae58d3fe: Pulling fs layer
bf617b66c403: Pulling fs layer
05affca58bee: Pulling fs layer
a959e235a6df: Pulling fs layer
bda8e1011014: Pulling fs layer
079be403c54f: Pulling fs layer
c73fae58d3fe: Waiting
bda8e1011014: Waiting
079be403c54f: Waiting
bf617b66c403: Waiting
a959e235a6df: Waiting
05affca58bee: Waiting
8e05686aad27: Waiting
d777af3f4a5e: Waiting
a8d40afdc5f2: Waiting
c135176e631c: Waiting
62fa4cf563ab: Download complete
6c569ba3ed4d: Verifying Checksum
6c569ba3ed4d: Download complete
6c569ba3ed4d: Pull complete
62fa4cf563ab: Pull complete
a8d40afdc5f2: Download complete
d5b10f3441e1: Download complete
d777af3f4a5e: Verifying Checksum
d777af3f4a5e: Download complete
8e05686aad27: Verifying Checksum
8e05686aad27: Download complete
c135176e631c: Download complete
c73fae58d3fe: Download complete
a959e235a6df: Verifying Checksum
a959e235a6df: Download complete
d5b10f3441e1: Pull complete
bda8e1011014: Verifying Checksum
bda8e1011014: Download complete
bf617b66c403: Verifying Checksum
bf617b66c403: Download complete
079be403c54f: Verifying Checksum
079be403c54f: Download complete
05affca58bee: Verifying Checksum
05affca58bee: Download complete
d777af3f4a5e: Pull complete
a8d40afdc5f2: Pull complete
8e05686aad27: Pull complete
c135176e631c: Pull complete
c73fae58d3fe: Pull complete
bf617b66c403: Pull complete
05affca58bee: Pull complete
a959e235a6df: Pull complete
bda8e1011014: Pull complete
079be403c54f: Pull complete
Digest: sha256:cd9366c5c63dde3024a2efc75f4a1f72cd804a7f8d4820895b5601f4bba1cbd2
Status: Downloaded newer image for quay.io/ansible/ansible-runner:stable-2.12-devel
---> fd665cf7bb6a
Step 4/26 : ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=
---> Running in 7ac4a0f89838
Removing intermediate container 7ac4a0f89838
---> 07050da6e072
Step 5/26 : USER root
---> Running in 4ab9ca859339
Removing intermediate container 4ab9ca859339
---> bdea9cb2a84d
Step 6/26 : ADD _build /build
---> 46353d6c2a33
Step 7/26 : WORKDIR /build
---> Running in fcb7cd0986a2
Removing intermediate container fcb7cd0986a2
---> 8aa437aa7bfa
Step 8/26 : RUN ansible-galaxy role install -r requirements.yml --roles-path /usr/share/ansible/roles
---> Running in 0912b9ae75bf
Skipping install, no requirements found
Removing intermediate container 0912b9ae75bf
---> afeaafd5a7d4
Step 9/26 : RUN ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path /usr/share/ansible/collections
---> Running in 6f1c63fb55c1
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/redhatinsights-insights-1.0.7.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/redhatinsights-insights-1.0.7-95132bpz
Installing 'redhatinsights.insights:1.0.7' to '/usr/share/ansible/collections/ansible_collections/redhatinsights/insights'
redhatinsights.insights:1.0.7 was installed successfully
Downloading https://galaxy.ansible.com/download/ansible-posix-1.3.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/ansible-posix-1.3.0-eenffwhi
Installing 'ansible.posix:1.3.0' to '/usr/share/ansible/collections/ansible_collections/ansible/posix'
ansible.posix:1.3.0 was installed successfully
Downloading https://galaxy.ansible.com/download/google-cloud-1.0.2.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/google-cloud-1.0.2-3warlp2h
Installing 'google.cloud:1.0.2' to '/usr/share/ansible/collections/ansible_collections/google/cloud'
google.cloud:1.0.2 was installed successfully
Downloading https://galaxy.ansible.com/download/openstack-cloud-1.7.2.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/openstack-cloud-1.7.2-qvdm1sw1
Installing 'openstack.cloud:1.7.2' to '/usr/share/ansible/collections/ansible_collections/openstack/cloud'
openstack.cloud:1.7.2 was installed successfully
Downloading https://galaxy.ansible.com/download/kubernetes-core-2.3.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/kubernetes-core-2.3.0-ohu75x0p
Installing 'kubernetes.core:2.3.0' to '/usr/share/ansible/collections/ansible_collections/kubernetes/core'
kubernetes.core:2.3.0 was installed successfully
Downloading https://galaxy.ansible.com/download/ansible-windows-1.9.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/ansible-windows-1.9.0-nw9y0wme
Installing 'ansible.windows:1.9.0' to '/usr/share/ansible/collections/ansible_collections/ansible/windows'
ansible.windows:1.9.0 was installed successfully
Downloading https://galaxy.ansible.com/download/amazon-aws-3.1.1.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/amazon-aws-3.1.1-d7m29nwq
Installing 'amazon.aws:3.1.1' to '/usr/share/ansible/collections/ansible_collections/amazon/aws'
amazon.aws:3.1.1 was installed successfully
Downloading https://galaxy.ansible.com/download/azure-azcollection-1.12.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/azure-azcollection-1.12.0-vmz3w9_k
Installing 'azure.azcollection:1.12.0' to '/usr/share/ansible/collections/ansible_collections/azure/azcollection'
azure.azcollection:1.12.0 was installed successfully
Downloading https://galaxy.ansible.com/download/community-vmware-2.1.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/community-vmware-2.1.0-zjxqm4fr
Installing 'community.vmware:2.1.0' to '/usr/share/ansible/collections/ansible_collections/community/vmware'
community.vmware:2.1.0 was installed successfully
Downloading https://galaxy.ansible.com/download/theforeman-foreman-3.2.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/theforeman-foreman-3.2.0-b_r3mg_u
Installing 'theforeman.foreman:3.2.0' to '/usr/share/ansible/collections/ansible_collections/theforeman/foreman'
theforeman.foreman:3.2.0 was installed successfully
Downloading https://galaxy.ansible.com/download/ovirt-ovirt-1.6.6.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/ovirt-ovirt-1.6.6-3mf79pwm
Installing 'ovirt.ovirt:1.6.6' to '/usr/share/ansible/collections/ansible_collections/ovirt/ovirt'
ovirt.ovirt:1.6.6 was installed successfully
Downloading https://galaxy.ansible.com/download/awx-awx-20.0.1.tar.gz to /home/runner/.ansible/tmp/ansible-local-1ujcdjige/tmpnstch09g/awx-awx-20.0.1-ccprv783
Installing 'awx.awx:20.0.1' to '/usr/share/ansible/collections/ansible_collections/awx/awx'
awx.awx:20.0.1 was installed successfully
Removing intermediate container 6f1c63fb55c1
---> 9910d7caa8bc
Step 10/26 : FROM $EE_BUILDER_IMAGE as builder
---> b0348faa7f41
Step 11/26 : COPY --from=galaxy /usr/share/ansible /usr/share/ansible
---> faef7eb00729
Step 12/26 : ADD _build/bindep.txt bindep.txt
---> 80ecdf5d9115
Step 13/26 : RUN ansible-builder introspect --sanitize --user-bindep=bindep.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
---> Running in aac05262dbd0
# Sanitized dependencies for /usr/share/ansible/collections
---
python:
- 'botocore>=1.19.0 # from collection amazon.aws'
- 'boto3>=1.16.0 # from collection amazon.aws'
- 'boto>=2.49.0 # from collection amazon.aws'
- 'pytz # from collection awx.awx'
- 'python-dateutil>=2.7.0 # from collection awx.awx'
- 'awxkit # from collection awx.awx'
- 'packaging # from collection azure.azcollection'
- 'requests>=2.4.2 # from collection azure.azcollection,google.cloud,redhatinsights.insights,theforeman.foreman'
- 'xmltodict # from collection azure.azcollection'
- 'azure-cli-core==2.34.0 # from collection azure.azcollection'
- 'azure-common==1.1.11 # from collection azure.azcollection'
- 'azure-identity==1.7.0 # from collection azure.azcollection'
- 'azure-mgmt-apimanagement==0.2.0 # from collection azure.azcollection'
- 'azure-mgmt-authorization==0.51.1 # from collection azure.azcollection'
- 'azure-mgmt-batch==5.0.1 # from collection azure.azcollection'
- 'azure-mgmt-cdn==3.0.0 # from collection azure.azcollection'
- 'azure-mgmt-compute==23.1.0 # from collection azure.azcollection'
- 'azure-mgmt-containerinstance==1.4.0 # from collection azure.azcollection'
- 'azure-mgmt-containerregistry==2.0.0 # from collection azure.azcollection'
- 'azure-mgmt-containerservice==9.1.0 # from collection azure.azcollection'
- 'azure-mgmt-datalake-store==0.5.0 # from collection azure.azcollection'
- 'azure-mgmt-dns==2.1.0 # from collection azure.azcollection'
- 'azure-mgmt-keyvault==1.1.0 # from collection azure.azcollection'
- 'azure-mgmt-marketplaceordering==0.1.0 # from collection azure.azcollection'
- 'azure-mgmt-monitor==3.0.0 # from collection azure.azcollection'
- 'azure-mgmt-managedservices==1.0.0 # from collection azure.azcollection'
- 'azure-mgmt-managementgroups==0.2.0 # from collection azure.azcollection'
- 'azure-mgmt-network==19.1.0 # from collection azure.azcollection'
- 'azure-mgmt-nspkg==2.0.0 # from collection azure.azcollection'
- 'azure-mgmt-privatedns==0.1.0 # from collection azure.azcollection'
- 'azure-mgmt-redis==5.0.0 # from collection azure.azcollection'
- 'azure-mgmt-resource==10.2.0 # from collection azure.azcollection'
- 'azure-mgmt-rdbms==1.9.0 # from collection azure.azcollection'
- 'azure-mgmt-search==3.0.0 # from collection azure.azcollection'
- 'azure-mgmt-servicebus==0.5.3 # from collection azure.azcollection'
- 'azure-mgmt-sql==0.10.0 # from collection azure.azcollection'
- 'azure-mgmt-storage==19.0.0 # from collection azure.azcollection'
- 'azure-mgmt-trafficmanager==0.50.0 # from collection azure.azcollection'
- 'azure-mgmt-web==0.41.0 # from collection azure.azcollection'
- 'azure-nspkg==2.0.0 # from collection azure.azcollection'
- 'azure-storage==0.35.1 # from collection azure.azcollection'
- 'msrest==0.6.21 # from collection azure.azcollection'
- 'msrestazure==0.6.4 # from collection azure.azcollection'
- 'azure-keyvault==1.0.0a1 # from collection azure.azcollection'
- 'azure-graphrbac==0.61.1 # from collection azure.azcollection'
- 'azure-mgmt-cosmosdb==0.5.2 # from collection azure.azcollection'
- 'azure-mgmt-hdinsight==0.1.0 # from collection azure.azcollection'
- 'azure-mgmt-devtestlabs==3.0.0 # from collection azure.azcollection'
- 'azure-mgmt-loganalytics==1.0.0 # from collection azure.azcollection'
- 'azure-mgmt-automation==0.1.1 # from collection azure.azcollection'
- 'azure-mgmt-iothub==0.7.0 # from collection azure.azcollection'
- 'azure-mgmt-recoveryservices==0.4.0 # from collection azure.azcollection'
- 'azure-mgmt-recoveryservicesbackup==0.6.0 # from collection azure.azcollection'
- 'azure-mgmt-notificationhubs==2.0.0 # from collection azure.azcollection'
- 'azure-mgmt-eventhub==2.0.0 # from collection azure.azcollection'
- 'pyVmomi>=6.7 # from collection community.vmware'
- 'git+https://github.com/vmware/vsphere-automation-sdk-python.git ; python_version
>= ''2.7'' # Python 2.6 is not supported # from collection community.vmware'
- 'google-auth # from collection google.cloud'
- 'kubernetes>=12.0.0 # from collection kubernetes.core'
- 'requests-oauthlib # from collection kubernetes.core'
- 'jsonpatch # from collection kubernetes.core'
- 'openstacksdk>=0.13 # from collection openstack.cloud'
- 'ovirt-engine-sdk-python>=4.4.11 # from collection ovirt.ovirt'
- 'ipaddress # from collection theforeman.foreman'
system:
- 'openssl [test platform:rpm] # from collection amazon.aws'
- 'gcc [test platform:rpm] # from collection amazon.aws'
- 'python3-devel [test platform:rpm] # from collection amazon.aws'
- 'python38-pytz [platform:centos-8 platform:rhel-8] # from collection awx.awx'
- 'python38-requests [platform:centos-8 platform:rhel-8] # from collection awx.awx,
openstack.cloud, redhatinsights.insights'
- 'python38-pyyaml [platform:centos-8 platform:rhel-8] # from collection awx.awx'
- 'kubernetes-client [platform:fedora] # from collection kubernetes.core'
- 'openshift-clients [platform:rhel-8] # from collection kubernetes.core'
- 'gcc [compile platform:centos-8 platform:rhel-8] # from collection openstack.cloud,
ovirt.ovirt'
- 'python38-cryptography [platform:centos-8 platform:rhel-8] # from collection openstack.cloud'
- 'python38-devel [compile platform:centos-8 platform:rhel-8] # from collection openstack.cloud,
ovirt.ovirt'
- 'libcurl-devel [compile platform:centos-8 platform:rhel-8] # from collection ovirt.ovirt'
- 'libxml2-devel [compile platform:centos-8 platform:rhel-8] # from collection ovirt.ovirt'
- 'openssl-devel [compile platform:centos-8 platform:rhel-8] # from collection ovirt.ovirt'
- 'qemu-img [platform:centos-8 platform:rhel-8] # from collection ovirt.ovirt'
- 'python3-rpm [(platform:redhat platform:base-py3)] # from collection theforeman.foreman'
- 'rpm-python [(platform:redhat platform:base-py2)] # from collection theforeman.foreman'
- 'python38-devel [platform:rpm compile] # from collection user'
- 'subversion [platform:rpm] # from collection user'
- 'subversion [platform:dpkg] # from collection user'
- 'git-lfs [platform:rpm] # from collection user'
Creating parent directory for /tmp/src/requirements.txt
Removing intermediate container aac05262dbd0
---> 42f61f55736b
Step 14/26 : RUN assemble
---> Running in ffaa31b172a8
++ source /etc/os-release
+++ NAME='CentOS Stream'
+++ VERSION=8
+++ ID=centos
+++ ID_LIKE='rhel fedora'
+++ VERSION_ID=8
+++ PLATFORM_ID=platform:el8
+++ PRETTY_NAME='CentOS Stream 8'
+++ ANSI_COLOR='0;31'
+++ CPE_NAME=cpe:/o:centos:centos:8
+++ HOME_URL=https://centos.org/
+++ BUG_REPORT_URL=https://bugzilla.redhat.com/
+++ REDHAT_SUPPORT_PRODUCT='Red Hat Enterprise Linux 8'
+++ REDHAT_SUPPORT_PRODUCT_VERSION='CentOS Stream'
++ echo centos
+ RELEASE=centos
+ PKGMGR=
+ PKGMGR_OPTS=
+ '[' -z ']'
+ PKGMGR=/usr/bin/dnf
+ '[' -f /usr/bin/microdnf ']'
+ mkdir -p /output/bindep
+ mkdir -p /output/wheels
+ mkdir -p /tmp/src
+ cd /tmp/src
+ /usr/bin/dnf update -y
CentOS Stream 8 - AppStream 2.6 MB/s | 21 MB 00:07
CentOS Stream 8 - BaseOS 8.4 MB/s | 20 MB 00:02
CentOS Stream 8 - Extras 36 kB/s | 18 kB 00:00
CentOS Stream 8 - PowerTools 430 kB/s | 4.4 MB 00:10
Extra Packages for Enterprise Linux Modular 8 - 1.1 MB/s | 1.0 MB 00:00
Error:
Problem: package centos-stream-repos-8-4.el8.noarch requires centos-gpg-keys = 1:8-4.el8, but none of the providers can be installed
- cannot install both centos-gpg-keys-1:8-5.el8.noarch and centos-gpg-keys-1:8-4.el8.noarch
- cannot install the best update candidate for package centos-stream-repos-8-4.el8.noarch
- cannot install the best update candidate for package centos-gpg-keys-1:8-4.el8.noarch
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
The command '/bin/sh -c assemble' returned a non-zero code: 1
An error occured (rc=1), see output line(s) above for details.
ERROR: InvocationError for command /root/awx-ee/.tox/docker/bin/ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee --container-runtime=docker (exited with code 1)
_______________________________________________________ summary _______________________________________________________
ERROR: docker: commands failed
No matter what tasks I attempt I always get a vague "sudo: command not found" error.
I tested both EE devel and 0.1.1 via AWX Ansible 19.0.0.
I also tried with a registered host in AWX as a local host with 127.0.0.1 ip, same result.
My playbook is this:
---
- name: Test
hosts: localhost
gather_facts: True
tasks:
- name: Test
debug:
msg: "This is a test"
Example of result:
{
"ansible_facts": {},
"msg": "The following modules failed to execute: ansible.legacy.setup\n",
"failed_modules": {
"ansible.legacy.setup": {
"failed": true,
"module_stdout": "",
"module_stderr": "/bin/sh: sudo: command not found\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 127
}
},
"_ansible_verbose_override": true,
"_ansible_no_log": false,
"changed": false
}
Full recap:
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
PLAY [Test] ********************************************************************
TASK [Gathering Facts] *********************************************************
fatal: [localhost]: FAILED! => {"ansible_facts": {}, "changed": false, "failed_modules": {"ansible.legacy.setup": {"failed": true, "module_stderr": "/bin/sh: sudo: command not found\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 127}}, "msg": "The following modules failed to execute: ansible.legacy.setup\n"}
PLAY RECAP *********************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Having error
The ipaddr filter requires python's netaddr be installed on the ansible controller
Issue at awx was closed without any action
ansible/awx#10370 (comment)
The current git version is not successfully building the image:
awx-ee on ๎ devel [!?] via ๐ v3.10.2 took 1m21s โฏ tox -edocker
docker installed: ansible-builder @ git+https://github.com/ansible/ansible-builder.git@db9e74a0b66aa4b535bf6946c5288f1c2619c133,bindep==2.10.2,distro==1.7.0,packaging==21.3,Parsley==1.3,pbr==5.8.1,pyparsing==3.0.7,PyYAML==6.0,requirements-parser==0.5.0,types-setuptools==57.4.11
docker run-test-pre: PYTHONHASHSEED='1727456150'
docker run-test: commands[0] | /bin/bash -c 'podman rmi quay.io/ansible/awx-ee:latest || true'
/bin/bash: Zeile 1: podman: Kommando nicht gefunden.
docker run-test: commands[1] | ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee --container-runtime=docker
Ansible Builder is building your execution environment image. Tags: quay.io/ansible/awx-ee
File ./_build/requirements.yml was placed in build context by user, leaving unmodified.
File ./_build/requirements.txt was placed in build context by user, leaving unmodified.
File ./_build/bindep.txt was placed in build context by user, leaving unmodified.
Rewriting Containerfile to capture collection requirements
Running command:
docker build -f ./Dockerfile -t quay.io/ansible/awx-ee .
Sending build context to Docker daemon 36.48MB
Step 1/27 : ARG EE_BASE_IMAGE=quay.io/ansible/ansible-runner:stable-2.12-devel
Step 2/27 : ARG EE_BUILDER_IMAGE=quay.io/ansible/ansible-builder:latest
Step 3/27 : FROM $EE_BASE_IMAGE as galaxy
---> 414ead38d7a1
Step 4/27 : ARG ANSIBLE_GALAXY_CLI_COLLECTION_OPTS=
---> Using cache
---> 9e63a2dd75f0
Step 5/27 : USER root
---> Using cache
---> 8bc61d09dcbf
Step 6/27 : ADD _build /build
---> Using cache
---> 36b32de4dce8
Step 7/27 : WORKDIR /build
---> Using cache
---> a04d9baab4c7
Step 8/27 : RUN ansible-galaxy role install -r requirements.yml --roles-path /usr/share/ansible/roles
---> Using cache
---> 41c9e5d29920
Step 9/27 : RUN ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path /usr/share/ansible/collections
---> Using cache
---> 174d25a96c05
Step 10/27 : FROM $EE_BUILDER_IMAGE as builder
---> c39b8017efc4
Step 11/27 : COPY --from=galaxy /usr/share/ansible /usr/share/ansible
---> Using cache
---> 7449744a7b76
Step 12/27 : ADD _build/requirements.txt requirements.txt
---> Using cache
---> f18edc568033
Step 13/27 : ADD _build/bindep.txt bindep.txt
---> Using cache
---> ccca8b6ec742
Step 14/27 : RUN ansible-builder introspect --sanitize --user-pip=requirements.txt --user-bindep=bindep.txt --write-bindep=/tmp/src/bindep.txt --write-pip=/tmp/src/requirements.txt
---> Using cache
---> 7f44ff462bbd
Step 15/27 : RUN assemble
---> Running in 425e01b57b1d
++ source /etc/os-release
+++ NAME='CentOS Linux'
+++ VERSION=8
+++ ID=centos
+++ ID_LIKE='rhel fedora'
+++ VERSION_ID=8
+++ PLATFORM_ID=platform:el8
+++ PRETTY_NAME='CentOS Linux 8'
+++ ANSI_COLOR='0;31'
+++ CPE_NAME=cpe:/o:centos:centos:8
+++ HOME_URL=https://centos.org/
+++ BUG_REPORT_URL=https://bugs.centos.org/
+++ CENTOS_MANTISBT_PROJECT=CentOS-8
+++ CENTOS_MANTISBT_PROJECT_VERSION=8
++ echo centos
+ RELEASE=centos
+ PKGMGR=
+ PKGMGR_OPTS=
+ '[' -z ']'
+ PKGMGR=/usr/bin/dnf
+ '[' -f /usr/bin/microdnf ']'
+ mkdir -p /output/bindep
+ mkdir -p /output/wheels
+ mkdir -p /tmp/src
+ cd /tmp/src
+ /usr/bin/dnf update -y
CentOS Linux 8 - AppStream 230 B/s | 38 B 00:00
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
The command '/bin/sh -c assemble' returned a non-zero code: 1
An error occured (rc=1), see output line(s) above for details.
ERROR: InvocationError for command /home/chofstede/tmp/awx-ee/.tox/docker/bin/ansible-builder build -v3 -c . -t quay.io/ansible/awx-ee --container-runtime=docker (exited with code 1)
__________________________________________________________________________________________ summary __________________________________________________________________________________________
ERROR: docker: commands failed
Hello,
I have been playing a bit with awx-operator (0.16.1) and awx-web (19.5.1) and recently went through the process of deleting my pods and pulling the awx-ee:latest image (which appears was updated about 8 hours ago, manifest: ba162e341631).
Unfortunately, I get the following error when the awx-ee container attempts to start:
kubectl logs awx-7c7f97bf75-dpq4t -c awx-ee -n awx
panic: qtls.ClientHelloInfo doesn't match
goroutine 1 [running]:
github.com/marten-seemann/qtls-go1-15.init.0()
/root/go/pkg/mod/github.com/marten-seemann/[email protected]/unsafe.go:20 +0x132
This causes the AWX pod to fail in a CrashLoop BackOff State.
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Created 36m kubelet Created container awx-task
Normal Started 36m kubelet Started container awx-task
Normal Created 36m kubelet Created container awx-web
Normal Pulling 36m (x2 over 36m) kubelet Pulling image "quay.io/ansible/awx-ee:latest"
Normal Created 36m (x2 over 36m) kubelet Created container awx-ee
Normal Started 36m (x2 over 36m) kubelet Started container awx-ee
Normal Pulled 36m kubelet Successfully pulled image "quay.io/ansible/awx-ee:latest" in 315.368081ms
Warning BackOff 60s (x162 over 36m) kubelet Back-off restarting failed container`
kubectl get pods -n awx
NAME READY STATUS RESTARTS AGE
awx-operator-controller-manager-6c96d9b446-tczbn 2/2 Running 4 (102m ago) 24h
awx-7c7f97bf75-dpq4t 3/4 CrashLoopBackOff 23 (3m42s ago) 97m
I am running a bare-metal Kubernetes cluster on Ubuntu 20.04 LTS.
Please let me know if there is anything else I can do to assist. :)
Thanks! :)
The import here is breaking:
These are still supported, and will need to work in AWX-EE. They didn't used to fail, but some recent changes here are causing it to fail.
TASK [Scan packages (Unix/Linux)] **********************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ModuleNotFoundError: No module named 'rpm'
fatal: [registered_host]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\\n File \\"/root/.ansible/tmp/ansible-tmp-1609915382.0675998-90-214846177902729/AnsiballZ_scan_packages.py\\", line 99, in <module>\\n _ansiballz_main()\\n File \\"/root/.ansible/tmp/ansible-tmp-1609915382.0675998-90-214846177902729/AnsiballZ_scan_packages.py\\", line 91, in _ansiballz_main\\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\\n File \\"/root/.ansible/tmp/ansible-tmp-1609915382.0675998-90-214846177902729/AnsiballZ_scan_packages.py\\", line 40, in invoke_module\\n runpy.run_module(mod_name='ansible.modules.scan_packages', init_globals=None, run_name='__main__', alter_sys=True)\\n File \\"/usr/lib64/python3.8/runpy.py\\", line 207, in run_module\\n return _run_module_code(code, init_globals, run_name, mod_spec)\\n File \\"/usr/lib64/python3.8/runpy.py\\", line 97, in _run_module_code\\n _run_code(code, mod_globals, init_globals,\\n File \\"/usr/lib64/python3.8/runpy.py\\", line 87, in _run_code\\n exec(code, run_globals)\\n File \\"/tmp/ansible_scan_packages_payload_pxffu5v8/ansible_scan_packages_payload.zip/ansible/modules/scan_packages.py\\", line 111, in <module>\\n File \\"/tmp/ansible_scan_packages_payload_pxffu5v8/ansible_scan_packages_payload.zip/ansible/modules/scan_packages.py\\", line 98, in main\\n File \\"/tmp/ansible_scan_packages_payload_pxffu5v8/ansible_scan_packages_payload.zip/ansible/modules/scan_packages.py\\", line 57, in rpm_package_list\\nModuleNotFoundError: No module named 'rpm'\\n", "module_stdout": "", "msg": "MODULE FAILURE\\nSee stdout/stderr for the exact error", "rc": 1}
I can confirm that this is present in the AWX images before execution environments. It is a global package:
bash-4.4$ pip3 show rpm
Name: rpm
Version: 4.14.3
Summary: Python bindings for rpm
Home-page: http://www.rpm.org/
Author: UNKNOWN
Author-email: [email protected]
License: UNKNOWN
Location: /usr/lib64/python3.6/site-packages
Requires:
I have not yet fully determined where this comes from, but the source appears to be part of "rpm" itself. This matches with the content in the AWX image site-packages, plus some *.so files.
https://github.com/rpm-software-management/rpm/tree/master/python/rpm
I have one specific playbook using strategy: free and I execute it on over 100 hosts.
It produces about ~1700 lines of logs and in most cases it does have an "error" status on AWX web interface.
There's no error message in job output on AWX web, so I checked logs from the pod itself using kubectl logs -n awx -f automation-job-81-5nmhw and this is the last line of said logs (formatted using Beautifier):
{
"uuid": "4b8c7664-a8a6-4295-836b-9480b8766a4b",
"counter": 2886,
"stdout": "",
"start_line": 1674,
"end_line": 1674,
"runner_ident": "81",
"event": "runner_on_start",
"job_id": 81,
"pid": 20,
"created": "2021-06-16T08:16:04.477365",
"parent_uuid": "c676cd20-5b22-898c-8cc6-00000000007f",
"event_data": {
"playbook": "restart_apps.yml",
"playbook_uuid": "19727f38-00ac-41f2-a46d-44d0ed81c721",
"play": "apps",
"play_uuid": "c676cd20-5b22-898c-8cc6-000000000078",
"play_pattern": "apps",
"task": "Start apps",
"task_uuid": "c676cd20-5b22-898c-8cc6-00000000007f",
"task_action": "shell",
"task_args": "",
"task_path": "/runner/project/restart_apps.yml:37",
"host": "REDACTED",
"uuid": "4b8c7664-a8a6-4295-836b-9480b8766a4b"
}
}
Seems like it just crashes without any error message?
The interesting part is that the playbook does all the changes to the servers, just the output is incomplete.
After executing the same playbook on a small part of my inventory, it finishes successfully with play recap and those lines:
{"status": "successful", "runner_ident": "82"}
{"zipfile": 2998}
<BASE64 encoded zip file>
I tested it on the following versions of AWX EE: 0.2.0, 0.3.0 and 0.4.0 with the same result.
I also checked logs of awx-web, awx-task and awx-ee, but I didn't find anything useful.
AWX Version: 19.2.0
AWX Operator version: 0.10.0
Is there anything else I can check?
++++++++++UPDATE++++++++++++++++
Sorry, reject this issue. I just discovered my mistake. "ansible-network.network-engine" is a role not a collection.
++++++++++++++++++++++++++++++++
I get this error when I try to create a custom AWX-EE:
ERROR! Neither the collection requirement entry key '
name', nor 'source' point to a concrete resolvable collection artifact. Also 'name' is not an FQCN. A valid collection name must be in the format <namespace>.<collection>. Please make sure that the namespace and the collection name contain characters from [a-zA-Z0-9_] only.
Could not find **ansible-network.network-engine**.
Perhaps, the regular expression should include other characters like "-"
Thanks in advance.
Unarchive module does not work within AWX as the program itself is missing from the runners
Run any job that requires localhost to unarchive
File should be properly unarchived
The following error:
"Failed to find handler for \"/home/runner/.ansible/tmp/ansible-tmp-1651699342.1886215-100-27628397993063/terraform_1.1.9_linux_amd64b1ssqluj.zip\". Make sure the required command to extract the file is installed. Unable to find required 'unzip' or 'zipinfo' binary in the path. Command \"/usr/bin/gtar\" could not handle archive."
Hi guys,
sorry for this dumb newbie question... is it possible to build awx-ee based on, e.g. Debian? How?
Thanks,
Christian
Using everything default after setup, I get this with the current 0.2.0 EE.
It seems like it is ignoring the debug vaules you set in the template. Because when i execute ansible-playbook with -vvvvv with a non existing playbook i get more information above the message.
ERROR! the playbook: ping.yml could not be found
How and where is the runner searching for the playbook? I see my playbooks in /var/lib/awx/projects in all 3 containers.
When I run an adhoc command (ping) it is failing:
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD]
[--become-user BECOME_USER] [-K] [-i INVENTORY] [--list-hosts]
[-l SUBSET] [-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [-k]
[--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
[-c CONNECTION] [-T TIMEOUT]
[--ssh-common-args SSH_COMMON_ARGS]
[--sftp-extra-args SFTP_EXTRA_ARGS]
[--scp-extra-args SCP_EXTRA_ARGS]
[--ssh-extra-args SSH_EXTRA_ARGS] [-C] [--syntax-check] [-D]
[-e EXTRA_VARS] [--vault-id VAULT_IDS]
[--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES]
[-f FORKS] [-M MODULE_PATH] [--playbook-dir BASEDIR]
[--task-timeout TASK_TIMEOUT] [-a MODULE_ARGS] [-m MODULE_NAME]
pattern
ansible: error: the following arguments are required: pattern
usage: ansible [-h] [--version] [-v] [-b] [--become-method BECOME_METHOD]
[--become-user BECOME_USER] [-K] [-i INVENTORY] [--list-hosts]
[-l SUBSET] [-P POLL_INTERVAL] [-B SECONDS] [-o] [-t TREE] [-k]
[--private-key PRIVATE_KEY_FILE] [-u REMOTE_USER]
[-c CONNECTION] [-T TIMEOUT]
[--ssh-common-args SSH_COMMON_ARGS]
[--sftp-extra-args SFTP_EXTRA_ARGS]
[--scp-extra-args SCP_EXTRA_ARGS]
[--ssh-extra-args SSH_EXTRA_ARGS] [-C] [--syntax-check] [-D]
[-e EXTRA_VARS] [--vault-id VAULT_IDS]
[--ask-vault-password | --vault-password-file VAULT_PASSWORD_FILES]
[-f FORKS] [-M MODULE_PATH] [--playbook-dir BASEDIR]
[--task-timeout TASK_TIMEOUT] [-a MODULE_ARGS] [-m MODULE_NAME]
pattern
Define and run a single task 'playbook' against a set of hosts
positional arguments:
pattern host pattern
optional arguments:
--ask-vault-password, --ask-vault-pass
ask for vault password
--list-hosts outputs a list of matching hosts; does not execute
anything else
--playbook-dir BASEDIR
Since this tool does not use playbooks, use this as a
substitute playbook directory.This sets the relative
path for many features including roles/ group_vars/
etc.
--syntax-check perform a syntax check on the playbook, but do not
execute it
--task-timeout TASK_TIMEOUT
set task timeout limit in seconds, must be positive
integer.
--vault-id VAULT_IDS the vault identity to use
--vault-password-file VAULT_PASSWORD_FILES, --vault-pass-file VAULT_PASSWORD_FILES
vault password file
--version show program's version number, config file location,
configured module search path, module location,
executable location and exit
-B SECONDS, --background SECONDS
run asynchronously, failing after X seconds
(default=N/A)
-C, --check don't make any changes; instead, try to predict some
of the changes that may occur
-D, --diff when changing (small) files and templates, show the
differences in those files; works great with --check
-M MODULE_PATH, --module-path MODULE_PATH
prepend colon-separated path(s) to module library (def
ault=~/.ansible/plugins/modules:/usr/share/ansible/plu
gins/modules)
-P POLL_INTERVAL, --poll POLL_INTERVAL
set the poll interval if using -B (default=15)
-a MODULE_ARGS, --args MODULE_ARGS
module arguments
-e EXTRA_VARS, --extra-vars EXTRA_VARS
set additional variables as key=value or YAML/JSON, if
filename prepend with @
-f FORKS, --forks FORKS
specify number of parallel processes to use
(default=5)
-h, --help show this help message and exit
-i INVENTORY, --inventory INVENTORY, --inventory-file INVENTORY
specify inventory host path or comma separated host
list. --inventory-file is deprecated
-l SUBSET, --limit SUBSET
further limit selected hosts to an additional pattern
-m MODULE_NAME, --module-name MODULE_NAME
module name to execute (default=command)
-o, --one-line condense output
-t TREE, --tree TREE log output to this directory
-v, --verbose verbose mode (-vvv for more, -vvvv to enable
connection debugging)
Privilege Escalation Options:
control how and which user you become as on target hosts
--become-method BECOME_METHOD
privilege escalation method to use (default=sudo), use
`ansible-doc -t become -l` to list valid choices.
--become-user BECOME_USER
run operations as this user (default=root)
-K, --ask-become-pass
ask for privilege escalation password
-b, --become run operations with become (does not imply password
prompting)
Connection Options:
control as whom and how to connect to hosts
....
Some modules do not make sense in Ad-Hoc (include, meta, etc)
Right now we just have latest but seems the community would appreciate having distinct tags for awx-ee to rely on. see ansible/awx-operator#965
@shanemcd had the idea of just tagging images with whatever the current awx image tag is each time we build awx-ee
Proposed a patch at ansible-collections/azure#364, we will need to make sure that this gets adopted in a new release.
When running the latest quay.io/ansible/awx-ee image (latest and 0.6.0) , I am not able to execute the vmware module.
It just won't load.
This is the playbook I'm using: modzilla99/windows-update
and this is the Error message:
fatal: [localhost -> localhost]: FAILED! => {
"msg": "The module vmware_vm_info was redirected to community.vmware.vmware_vm_info, which could not be loaded."
}
The full log:
ansible-playbook [core 2.11.3.post0]
config file = None
configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.8/site-packages/ansible
ansible collection location = /runner/requirements_collections:/home/runner/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/local/bin/ansible-playbook
python version = 3.8.6 (default, Jan 29 2021, 17:38:16) [GCC 8.4.1 20200928 (Red Hat 8.4.1-1)]
jinja version = 2.10.3
libyaml = True
No config file found; using defaults
SSH password:
Vault password:
setting up inventory plugins
host_list declined parsing /runner/inventory/hosts as it did not pass its verify_file() method
Set default localhost to localhost
Parsed /runner/inventory/hosts inventory source with script plugin
redirecting (type: modules) ansible.builtin.win_shell to ansible.windows.win_shell
Loading collection ansible.windows from /usr/share/ansible/collections/ansible_collections/ansible/windows
redirecting (type: modules) ansible.builtin.vmware_guest_snapshot to community.vmware.vmware_guest_snapshot
Loading collection community.vmware from /usr/share/ansible/collections/ansible_collections/community/vmware
redirecting (type: modules) ansible.builtin.vmware_guest to community.vmware.vmware_guest
redirecting (type: modules) ansible.builtin.vmware_guest_snapshot to community.vmware.vmware_guest_snapshot
Loading callback plugin awx_display of type stdout, v2.0 from /usr/local/lib/python3.8/site-packages/ansible_runner/callbacks/awx_display.py
Skipping callback 'awx_display', as we already have a stdout callback.
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: main.yml *************************************************************
Positional arguments: main.yml
verbosity: 4
ask_pass: True
remote_user: [email protected]
connection: smart
timeout: 10
become_method: sudo
tags: ('all',)
inventory: ('/runner/inventory/hosts',)
extra_vars: ('@/runner/env/extravars',)
ask_vault_pass: True
forks: 5
2 plays in main.yml
PLAY [Snapshot] ****************************************************************
META: ran handlers
TASK [vmware_snapshot : Gather Facts of all VMs in variable machines.] *********
task path: /runner/project/roles/vmware_snapshot/tasks/main.yml:2
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
skipping: [srv2022] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
redirecting (type: modules) ansible.builtin.vmware_vm_info to community.vmware.vmware_vm_info
skipping: [srv2012r2] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
skipping: [srv2019] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
fatal: [localhost -> localhost]: FAILED! => {
"msg": "The module vmware_vm_info was redirected to community.vmware.vmware_vm_info, which could not be loaded."
}
skipping: [srv2016] => {
"changed": false,
"skip_reason": "Conditional result was False"
}
TASK [vmware_snapshot : Create list of machines to snapshot] *******************
task path: /runner/project/roles/vmware_snapshot/tasks/main.yml:12
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
fatal: [srv2022]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'virtual_machines'\\n\\nThe error appears to be in '/runner/project/roles/vmware_snapshot/tasks/main.yml': line 12, column 3, but may\\nbe elsewhere in the file depending on the exact syntax problem.\\n\\nThe offending line appears to be:\\n\\n\\n- name: Create list of machines to snapshot\\n ^ here\\n"
}
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
fatal: [srv2019]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'virtual_machines'\\n\\nThe error appears to be in '/runner/project/roles/vmware_snapshot/tasks/main.yml': line 12, column 3, but may\\nbe elsewhere in the file depending on the exact syntax problem.\\n\\nThe offending line appears to be:\\n\\n\\n- name: Create list of machines to snapshot\\n ^ here\\n"
}
Trying secret <ansible.parsing.vault.PromptVaultSecret object at 0x7f8f252f6280> for vault_id=default
fatal: [srv2012r2]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'virtual_machines'\\n\\nThe error appears to be in '/runner/project/roles/vmware_snapshot/tasks/main.yml': line 12, column 3, but may\\nbe elsewhere in the file depending on the exact syntax problem.\\n\\nThe offending line appears to be:\\n\\n\\n- name: Create list of machines to snapshot\\n ^ here\\n"
}
fatal: [srv2016]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'virtual_machines'\\n\\nThe error appears to be in '/runner/project/roles/vmware_snapshot/tasks/main.yml': line 12, column 3, but may\\nbe elsewhere in the file depending on the exact syntax problem.\\n\\nThe offending line appears to be:\\n\\n\\n- name: Create list of machines to snapshot\\n ^ here\\n"
}
PLAY RECAP *********************************************************************
srv2012r2 : ok=0 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
srv2016 : ok=0 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
srv2019 : ok=0 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
srv2022 : ok=0 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
ansible-inventory [core 2.12.5.post0]
config file = None
configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.8/site-packages/ansible
ansible collection location = /home/runner/.ansible/collections:/usr/share/ansible/collections:/usr/share/automation-controller/collections
executable location = /usr/local/bin/ansible-inventory
python version = 3.8.12 (default, Sep 21 2021, 00:10:52) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
jinja version = 2.10.3
libyaml = True
No config file found; using defaults
redirecting (type: inventory) ansible.builtin.aws_ec2 to amazon.aws.aws_ec2
[WARNING]: * Failed to parse /runner/inventory/aws_ec2.yml with auto plugin:
module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
File "/usr/local/lib/python3.8/site-packages/ansible/inventory/manager.py", line 290, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/inventory/auto.py", line 50, in parse
plugin = inventory_loader.get(plugin_name)
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 807, in get
return self.get_with_context(name, *args, **kwargs).object
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 827, in get_with_context
self._module_cache[path] = self._load_module_source(name, path)
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 791, in _load_module_source
spec.loader.exec_module(module)
File "", line 843, in exec_module
File "", line 219, in _call_with_frames_removed
File "/usr/share/ansible/collections/ansible_collections/amazon/aws/plugins/inventory/aws_ec2.py", line 229, in
import boto3
File "/usr/local/lib/python3.8/site-packages/boto3/init.py", line 17, in
from boto3.session import Session
File "/usr/local/lib/python3.8/site-packages/boto3/session.py", line 17, in
import botocore.session
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 26, in
import botocore.client
File "/usr/local/lib/python3.8/site-packages/botocore/client.py", line 15, in
from botocore import waiter, xform_name
File "/usr/local/lib/python3.8/site-packages/botocore/waiter.py", line 18, in
from botocore.docs.docstring import WaiterDocstring
File "/usr/local/lib/python3.8/site-packages/botocore/docs/init.py", line 15, in
from botocore.docs.service import ServiceDocumenter
File "/usr/local/lib/python3.8/site-packages/botocore/docs/service.py", line 14, in
from botocore.docs.client import ClientDocumenter, ClientExceptionsDocumenter
File "/usr/local/lib/python3.8/site-packages/botocore/docs/client.py", line 14, in
from botocore.docs.example import ResponseExampleDocumenter
File "/usr/local/lib/python3.8/site-packages/botocore/docs/example.py", line 13, in
from botocore.docs.shape import ShapeDocumenter
File "/usr/local/lib/python3.8/site-packages/botocore/docs/shape.py", line 19, in
from botocore.utils import is_json_value_header
File "/usr/local/lib/python3.8/site-packages/botocore/utils.py", line 34, in
import botocore.httpsession
File "/usr/local/lib/python3.8/site-packages/botocore/httpsession.py", line 41, in
from urllib3.contrib.pyopenssl import orig_util_SSLContext as SSLContext
File "/usr/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 46, in
import OpenSSL.SSL
File "/usr/local/lib/python3.8/site-packages/OpenSSL/init.py", line 8, in
from OpenSSL import crypto, SSL
File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1517, in
class X509StoreFlags(object):
File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1537, in X509StoreFlags
CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK
[WARNING]: Unable to parse /runner/inventory/aws_ec2.yml as an inventory source
ERROR! No inventory was parsed, please check your configuration and options.
Hi,
I'm trying to create a custom awx-ee from this project but when I modify ./_build/requirements_combined.txt I got this message during tox -e docker.
File ./_build/bindep_combined.txt had modifications and will be rewritten
File ./_build/requirements_combined.txt had modifications and will be rewritten
So my local change revert to the default one.
Any idea or advice.
Thx!
Started today on all projects sync fails with error: ERROR! Unexpected Exception, this is probably a bug: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
Full trace:
Traceback (most recent call last):
File "/usr/local/bin/ansible-galaxy", line 97, in <module>
mycli = getattr(import("ansible.cli.%s" % sub, fromlist=[myclass]), myclass)
File "/usr/local/lib/python3.8/site-packages/ansible/cli/galaxy.py", line 24, in <module>
from ansible.galaxy.api import GalaxyAPI
File "/usr/local/lib/python3.8/site-packages/ansible/galaxy/api.py", line 28, in <module>
from ansible.module_utils.urls import open_url, prepare_multipart
File "/usr/local/lib/python3.8/site-packages/ansible/module_utils/urls.py", line 115, in <module>
from urllib3.contrib.pyopenssl import PyOpenSSLContext
File "/usr/lib/python3.8/site-packages/urllib3/contrib/pyopenssl.py", line 46, in <module>
import OpenSSL.SSL
File "/usr/local/lib/python3.8/site-packages/OpenSSL/init.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1517, in <module>
class X509StoreFlags(object):
File "/usr/local/lib/python3.8/site-packages/OpenSSL/crypto.py", line 1537, in X509StoreFlags
CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK
AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
The same case like in https://github.com/ansible/awx/issues/9863
There is no collection compatibility between AWX =<17 and AWX >=18. This is still missing:
Pull requests #64
I use AWX 19.2.2 (same problem in 19.3 with ee 0.5.0) and try to connect to our Microsoft system with winrm and credssp. Python request uses certifi to connect to Microosft systems and certifi has its own bundle with ca certs (path: /usr/local/lib/python3.8/site-packages/certifi/cacert.pem).
I use the awx-operator option to define bundle_cacert_secret as spec to deploy awx. This secret will be enrolled to the awx-ee container.
Now my question. Is it possible to create a filesystem softlink like "ln -s" so the certifi pem file is linked to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem? It would be fantastic if i get a solution to use our own ca to connect Microsoft systems.
To resolve that issue i also tested an environment variable passed by ee_extra_env with the name REQUESTS_CA_BUNDLE but it would be ignored by certifi. Also the ansible parameter ansible_winrm_ca_trust_path: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem does not work.
It is apparently possible that ansible uses the wrong Python interpreter in an AWX job.
Example:
FROM quay.io/ansible/awx-ee:latest
USER root
RUN pip install hvac
While the default Python interpreter is set here https://github.com/ansible/awx-ee/blob/devel/Containerfile#L29
In the AWX run itself, however, ansible fetches the interpreter from /usr/libexec/platform-python which points to /usr/libexec/platform-python -> ./platform-python3.6
Which then leads to the following error message
Failed to import the required Python library (hvac) on automation-job-628-b2nwk's Python /usr/libexec/platform-python. Please read the module documentation and install it in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter",
It is possible to fix this via the following workaround
FROM quay.io/ansible/awx-ee:latest
USER root
RUN pip install hvac
RUN ln -sf "$(which python)" /usr/libexec/platform-python
This will force the rewrite of the link to the default Python interpreter which contain the packages installed via pip.
Hi Team,
Could you please help us to fix Vulnerabilities in AWX-EE 0.6.0,I could see below vulnerabilities reported
Quay Security Scanner has detected 31 vulnerabilities.
2 Critical-level vulnerabilities.
10 High-level vulnerabilities.
15 Medium-level vulnerabilities.
4 Unknown-level vulnerabilities.
Thanks
https://github.com/ansible-collections/community.kubernetes/blob/main/bindep.txt
We wan to change this to use the epel bindep profile instead, possibly like:
kubernetes-client [epel platform:rpm]
Hi,
We are using "Microsoft DevOps Server 2020" on prem, this product uses NTML.
When trying to sync/update a project in awx, i get an error with auth, I'v looked into the issue and is seems like a newer curl has to be present when compiling git(?)
I was not able to add a new version of curl or git into awx-ee, but I'v done the following tests:
export DUN=p-dos-itp-service
export DPW=password_passworddocker run -it --rm alpine:3.12 sh -c "apk update > /dev/null && apk add git > /dev/null ;git ls-remote https://$DUN:$DPW@dos.corp.se/corp/IT-Plattform/_git/compose-validator -h refs/heads/main"babe35c5a89cbf894722ba289524044c4474852e refs/heads/maindocker run -it --rm quay.io/ansible/awx-ee sh -c "git ls-remote https://$DUN:$DPW@dos.corp.se/corp/IT-Plattform/_git/compose-validator -h refs/heads/main"fatal: Authentication failed for 'https://dos.corp.se/corp/IT-Plattform/_git/compose-validator/'docker run -it --rm quay.io/ansible/awx-ee sh -c "git ls-remote https://$DUN@dos.corp.se/corp/IT-Plattform/_git/compose-validator -h refs/heads/main"
Password for 'https://[email protected]':babe35c5a89cbf894722ba289524044c4474852e refs/heads/mainIs it possible to get new versions of git/curl, or might there be another problem?
Br Sebastian
I've tried to build new custom EE today and I am getting this error:
[2/3] STEP 5/5: RUN assemble
++ source /etc/os-release
+++ NAME='CentOS Linux'
+++ VERSION=8
+++ ID=centos
+++ ID_LIKE='rhel fedora'
+++ VERSION_ID=8
+++ PLATFORM_ID=platform:el8
+++ PRETTY_NAME='CentOS Linux 8'
+++ ANSI_COLOR='0;31'
+++ CPE_NAME=cpe:/o:centos:centos:8
+++ HOME_URL=https://centos.org/
+++ BUG_REPORT_URL=https://bugs.centos.org/
+++ CENTOS_MANTISBT_PROJECT=CentOS-8
+++ CENTOS_MANTISBT_PROJECT_VERSION=8
++ echo centos
+ RELEASE=centos
+ PKGMGR=
+ PKGMGR_OPTS=
+ '[' -z ']'
+ PKGMGR=/usr/bin/dnf
+ '[' -f /usr/bin/microdnf ']'
+ mkdir -p /output/bindep
+ mkdir -p /output/wheels
+ mkdir -p /tmp/src
+ cd /tmp/src
+ /usr/bin/dnf update -y
CentOS Linux 8 - AppStream 45 B/s | 38 B 00:00
Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist
[3/3] STEP 1/18: FROM quay.io/ansible/ansible-runner:stable-2.11-latest
Error: error building at STEP "RUN assemble": error while running runtime: exit status 1
Is there any possibility to switch to stream ? Or is this issue of ansible-builder?
Since the 11th of this month, I can't delegate a task to a Windows host from AWX.
I have two AWX instances in two separate datacenter. The problem occurs on both of them.
I also have an Ansible server who can still run tasks delegated to a Windows host. So Windows configuration does not seem to be the issue.
The windows host uses the following parameters:
Here I the things I did to fix the problem :
At this point, I assume this is a bug introduced by a recent update.
First env :
Second env :
Run any job delegated to a Windows host.
In my case, i use the module "community.windows.win_dns_record" to add a DNS record in Active Directory.
The task should run without any problems.
This error :
ntlm: HTTPConnectionPool(host='XXXX ', port=5985): Max retries exceeded with url: /wsman (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fa7da5c36a0>: Failed to establish a new connection: [Errno 113] No route to host'))",
Where XXXX is the targeted host and not the host the task is delegated to.
Hello guys,
to support the connection with Jump for Windows target hosts, i hope you can include the PySocks module in the AWX default EE.
Thank you!
Best,
Claudio
I found that some basic requirements is not met.
dnspython required by dig lookup plugin is not available, and playbook fails.
also some preinstalled collections does not have all required python modules.
eg.
azure.azcollection included in
https://github.com/ansible/awx-ee/blob/devel/_build/requirements.yml
does not have azure-cli dependency satisfied.
Hi,
I am currently running AWX 19.2.2 with an execution environment build atop awx-ee:0.5.5.
There I'm connecting to a windows machine and running a PS script.
After exactly 30min the Job aborts without any errors.
I assume this has something to do with the idle_timeout of ansible-runner.
So far I could not find any other issue regarding timeout, that's what lead me to the ansible-runner in the first place.
Is there a possibility to override the env/settings (increase idle_timeout) when using a awx-ee based execution environment?
Thanks in advance!
Hi guys,
I'm a beginner with ansible and I try to deploy a classic virtual machine debian with an ansible playbook from AWX to my ESXI standalone on my Raspberry 4.
But when I run the template, I've this error :
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ModuleNotFoundError:
No module named 'pyVim' fatal: [ESXI]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/libexec/platform-python"}, "changed": false, "msg": "Failed to import the required Python library (PyVmomi) on automation-job-144-hcsd8's Python /usr/libexec/platform-python.
Please read the module documentation and install it in the appropriate location.
If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}`
So I decide to create my own awx-ee by following this tutorial : https://www.linkedin.com/pulse/creating-custom-ee-awx-phil-griffiths/
And by adding pyVmomi and pyVim in my requirements.txt then I build and push to my quay repository. I change my execution environment for my project and my template :
But now I've this error :
Traceback (most recent call last):
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/jobs.py", line 552, in run
res = receptor_job.run()
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 279, in run
res = self._run_internal(receptor_ctl)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 309, in _run_internal
result = receptor_ctl.submit_work(worktype=self.work_type, payload=sockout.makefile('rb'), params=self.receptor_params, signwork=self.sign_work, **_kw)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 423, in receptor_params
spec_yaml = yaml.dump(self.pod_definition, explicit_start=True)
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/tasks/receptor.py", line 471, in pod_definition
default_pod_spec = get_default_pod_spec()
File "/var/lib/awx/venv/awx/lib64/python3.9/site-packages/awx/main/utils/execution_environments.py", line 27, in get_default_pod_spec
raise RuntimeError("Unable to find an execution environment.")
RuntimeError: Unable to find an execution environment.
Aand I really don't know how to fix it.
There is someone to help me ?
Thanks a lot !
Closed #6 that had some details. We need to submit a patch to the ovirt collection that:
Adds compile time dependencies:
Mark these as needing the EPEL repo:
Then we will remove these from the EE definition here, being added in #5
Like:
libxml2-devel [platform:rpm]
gcc-c++ [compile platform:rpm]
python3-devel [compile platform:rpm]
python3-pycurl [platform:rpm]
python3-netaddr [platform:rpm]
python3-jmespath [platform:rpm]
python3-passlib [epel platform:rpm]
qemu-img [platform:rpm]
(this is all still speculative and relies on patches in other places being finalized)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.