ricardozanini / vagrant-alm Goto Github PK
View Code? Open in Web Editor NEWAn excerpt of an ALM environment built on top of Vagrant, Libvirt and Ansible
License: Apache License 2.0
vagrant-alm's People
Contributors
Stargazers
Watchers
Forkers
oldcrowew sandeepk17 albohlabs brandeil ashresth0729 flaviolnx siteshm reneasanga01 s7an-it cloud-devops actsasrob medberry yolleksandr mronus gupthaamar balajimaniv djrohith branislavvukelic gnapol malli1983 kiruthikcs riponbanik danesh123 zhusas ksphub sdeseille cchaplin rragrag1 gopiprasanthpotipireddy mbah2017 robertol18 beamsoul cloudarchitectaws xiaoruiguo manso502 irfansst trinhvo gititreach evsq shobancs nagarjunacse02 thomas-ferchau moussena1992 iamminster saad1969 chejuro1 blee56seneca gdiaz-git alphacentrino dwon6 suusardzh ma-riahi avadhesh-kubematics edutilos6666 sumittuljapurkar14 amashhour1974 ayhan-ay billychintscts manigandan2997 lineuve soum74 gopal1cloud ayo18vagrant-alm's Issues
No route to host
While running the paybook I encountered underneath error:
fatal: [192.168.56.3]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.56.3 port 22: No route to host", "unreachable": true}
Unable to start nginx.service in sonar virtual box because of .PEM cert is not available.
SUMMARY
I am new to ANSIBLE. I am building my automation system with Ansible.
With this article as referece "https://www.redhat.com/en/blog/integrating-ansible-jenkins-cicd-process" and I have downloaded vagrant-alm-master source from this location "https://github.com/ricardozanini/vagrant-alm"
After entering command "vagrant up", I am getting below issue.
RUNNING HANDLER [/home/user/.ansible/roles/nginxinc.nginx : (Handler: All OSs) Start NGINX] ***
fatal: [sonar_box]: FAILED! => {"changed": false, "msg": "Unable to start service nginx: Job for nginx.service failed because the control process exited with error code. See \"systemctl status nginx.service\" and \"journalctl -xe\" for details.\n"}
RUNNING HANDLER [lean_delivery.sonarqube : Restart Sonarqube] ******************
NO MORE HOSTS LEFT *************************************************************
PLAY RECAP *********************************************************************
sonar_box : ok=54 changed=32 unreachable=0 failed=1 skipped=153 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
Vagrant build process stopped because of nginx service is not started in sonar virtual box.
Vagrant build process able to produce TOWER and JENKINS virtual box without error.
I have entered into sonar virtual box by giving this command " vagrant up sonar_box". I have observed that nginx service is not started because of "sonar.local.pem" certificate unavailable at this location "/etc/ssl/sonar.local/" . I am getting below error for nginx status
[vagrant@sonar ~]$ sudo systemctl status nginx.service
โ nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2019-07-11 10:29:55 UTC; 3min 5s ago
Docs: http://nginx.org/en/docs/
Process: 10714 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)
Jul 11 10:29:55 sonar.local systemd[1]: Starting nginx - high performance web server...
Jul 11 10:29:55 sonar.local nginx[10714]: nginx: [emerg] cannot load certificate "/etc/ssl/sonar.local/sonar.local.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No...:no such file)
Jul 11 10:29:55 sonar.local systemd[1]: nginx.service: control process exited, code=exited status=1
Jul 11 10:29:55 sonar.local systemd[1]: Failed to start nginx - high performance web server.
Jul 11 10:29:55 sonar.local systemd[1]: Unit nginx.service entered failed state.
Jul 11 10:29:55 sonar.local systemd[1]: nginx.service failed.
Hint: Some lines were ellipsized, use -l to show in full
I have observed "sonar.local" folder is not created under "/etc/ssl" in SONAR virtual box.
I have commented SSL certification path in the below roles, but it is not fixing the issue,
1.lean_delivery.sonarqube
2.nginxinc.nginx
ISSUE TYPE
- Build issue
COMPONENT NAME
1.lean_delivery.sonarqube
2.nginxinc.nginx
3.geerlingguy.sonar
ANSIBLE VERSION
root@quanta:/home/user/dhanasekar/Automation/vagrant-alm-master# ansible --version
ansible 2.8.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15+ (default, Nov 27 2018, 23:36:35) [GCC 7.3.0]
CONFIGURATION
root@quanta:/home/user/dhanasekar/Automation/vagrant-alm-master# ansible-config dump --only-changed
DEFAULT_HOST_LIST(/etc/ansible/ansible.cfg) = [u'/etc/ansible/hosts']
OS / ENVIRONMENT
OS: Ubuntu 18.04
STEPS TO REPRODUCE
- Download source from this location "https://github.com/ricardozanini/vagrant-alm"
- Go to this ".../vagran-alm-master"
- Enter "vagrant up" command in terminal
FYR, I have shared my alm.yaml file
# requirements install
- name: Install Roles from Galaxy
hosts: all
connection: local
tasks:
- name: installing required ansible-galaxy roles
command: "ansible-galaxy install --ignore-errors -r requirements.yml"
# Let's rock on ALM
- name: Deploy Jenkins CI
hosts: jenkins_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
- geerlingguy.repo-epel
# - geerlingguy.jenkins #commented by dhanasekar
- /home/user/.ansible/roles/geerlingguy.jenkins
- geerlingguy.git
- tecris.maven
- geerlingguy.ansible
- name: Deploy Nexus Server
hosts: nexus_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
# - geerlingguy.java #commented by dhanasekar
- /home/user/.ansible/roles/geerlingguy.java
- savoirfairelinux.nexus3-oss
- name: Deploy Sonar Server
hosts: sonar_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
# added by dhanasekar start
vars:
ssl_certs_common_name: "{{ ansible_fqdn }}"
# added by dhanasekar end
pre_tasks:
- name: "install epel"
package:
name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
state: "present"
when: ansible_distribution == 'RedHat'
# delete plugins installed on previous run to prevent conflict in case if any plugin is updated
- name: "delete plugins"
file:
path: "{{ sonar_path }}/sonarqube-{{ sonar_major_version }}.{{ sonar_minor_version }}/extensions/plugins"
state: absent
roles:
# - role: geerlingguy.java #commneted by dhanasekar
- role: /home/user/.ansible/roles/geerlingguy.java
# added by dhanasekar start
# - role: /home/user/.ansible/roles/jdauphant.ssl-certs
# ssl_certs_common_name: "{{ ansible_fqdn }}"
# - role: /home/user/.ansible/roles/lean_delivery.sonarqube
# added by dhanasekar end
- role: ANXS.postgresql
postgresql_users:
- name: sonar
pass: sonar
postgresql_databases:
- name: sonar
owner: sonar
- role: /home/user/.ansible/roles/nginxinc.nginx
- role: lean_delivery.sonarqube
sonar_java_opts:
web: "-server -Xmx512m -Xms512m"
es: "-Xmx1g -Xms1g"
ce: "-Xmx512m -Xms512m"
web:
host: "localhost"
port: 9000
path: "/"
sonar_proxy_server_name: "{{ ssl_certs_common_name }}"
sonar_proxy_http: True
# sonar_optional_plugins:
# - "https://sonarsource.bintray.com/Distribution/sonar-auth-github-plugin/sonar-auth-github-plugin-1.3.jar"
# - "https://github.com/QualInsight/qualinsight-plugins-sonarqube-smell/releases/download/qualinsight-plugins-sonarqube-smell-4.0.0/qualinsight-sonarqube-smell-plugin-4.0.0.jar"
# - "https://github.com/QualInsight/qualinsight-plugins-sonarqube-badges/releases/download/qualinsight-plugins-sonarqube-badges-3.0.1/qualinsight-sonarqube-badges-3.0.1.jar"
# - "https://github.com/racodond/sonar-json-plugin/releases/download/2.3/sonar-json-plugin-2.3.jar"
# - "https://github.com/RIGS-IT/sonar-xanitizer/releases/download/1.5.0/sonar-xanitizer-plugin-1.5.0.jar"
# - "https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.1/sonar-gitlab-plugin-3.0.1.jar"
# - "https://github.com/gabrie-allaigre/sonar-auth-gitlab-plugin/releases/download/1.3.2/sonar-auth-gitlab-plugin-1.3.2.jar"
# - "https://binaries.sonarsource.com/Distribution/sonar-css-plugin/sonar-css-plugin-1.0.2.611.jar"
# - "https://binaries.sonarsource.com/Distribution/sonar-kotlin-plugin/sonar-kotlin-plugin-1.2.1.2009.jar"
post_tasks:
- name: "start sonarqube"
service: name="sonarqube" state="started"
- name: "delete default nginx config"
file:
path: /etc/nginx/conf.d/default.conf
state: absent
- name: "restart, enable nginx"
service: name="nginx" state="restarted" enabled=True
# see https://github.com/ANXS/postgresql/issues/363
- name: "enable postgresql"
service: name="postgresql-{{ postgresql_version }}" enabled=True
when: ansible_distribution == 'CentOS'
- name: On Premises CentOS
hosts: app_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
- jenkins-keys-config
EXPECTED RESULTS
Build process should pass.
Should created SONAR virtual box completely without error
NGINX service should start in SONAR virtual box
ACTUAL RESULTS
Build process is failing
SONAR virtual box is not creating completely
NGINX service is not starting in SONAR virtual box because of sonar.local.pem certificate is not available .
Add environment credentials for Nexus, Sonar and Jenkins keys in Ansible playbook
Users have to manually add Nexus, Sonar and Jenkins keys to the Jenkins credential store after the environment is provisioned. Would be nice if the Ansible playbook could do it beforehand so we'd have the lab ready after running vagrant for the first time.
how can i access the jenkins server
inside the vagrant box
[root@app2 vagrant]# ps aux | grep 9080
root 5093 0.0 0.1 12492 720 pts/0 S+ 13:13 0:00 grep --color=auto 9080
[root@app2 vagrant]# wget http://127.0.0.1:9080
bash: wget: command not found
outside the vagrant box
$ wget http://172.16.10.100:9080
--2018-07-02 09:14:10-- http://172.16.10.100:9080/
Connecting to 172.16.10.100:9080... failed: Connection refused.
$ ping 172.16.10.100
PING 172.16.10.100 (172.16.10.100) 56(84) bytes of data.
64 bytes from 172.16.10.100: icmp_seq=1 ttl=64 time=0.404 ms
64 bytes from 172.16.10.100: icmp_seq=2 ttl=64 time=0.242 ms
it seems that workflow-aggregator can't installed successfully
TASK [geerlingguy.jenkins : Install Jenkins plugins using password.] ***********
changed: [jenkins] => (item=sonar)
changed: [jenkins] => (item=nexus-artifact-uploader)
changed: [jenkins] => (item=ansible)
failed: [jenkins] (item=workflow-aggregator) => {"changed": false, "details": "Connection failure: timed out", "item": "workflow-aggregator", "msg": "Cannot install plugin."}
changed: [jenkins] => (item=slack)
changed: [jenkins] => (item=slack-uploader)
changed: [jenkins] => (item=git)
changed: [jenkins] => (item=github)
changed: [jenkins] => (item=credentials-binding)
changed: [jenkins] => (item=pipeline-utility-steps)
changed: [jenkins] => (item=disk-usage)
changed: [jenkins] => (item=ws-cleanup)
to retry, use: --limit @/home/yhq/github/vagrant-alm/ansible/alm.retry
PLAY RECAP *********************************************************************
jenkins : ok=35 changed=16 unreachable=0 failed=1
i want change some config on jenkins ,but how can i ssh into the jenkins server
[vagrant@app2 ~]$ ssh [email protected]
The authenticity of host '172.16.10.100 (172.16.10.100)' can't be established.
ECDSA key fingerprint is SHA256:l0KMAvM9/4cHoXoNAqfvDlfblbnGXOBs+jMadFewU9k.
ECDSA key fingerprint is MD5:f7:b2:c8:2b:60:20:01:e3:cb:3b:5f:8e:b7:09:4b:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.100' (ECDSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[vagrant@app2 ~]$ ssh 172.16.10.100
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[vagrant@app2 ~]$ su
Password:
[root@app2 vagrant]# ls
[root@app2 vagrant]# ls /etc/ss
ssh/ ssl/
[root@app2 vagrant]# ls /etc/ssh/
moduli ssh_host_ecdsa_key.pub ssh_host_rsa_key
ssh_config ssh_host_ed25519_key ssh_host_rsa_key.pub
ssh_host_ecdsa_key ssh_host_ed25519_key.pub sshd_config
[root@app2 vagrant]# service sshd restart
Redirecting to /bin/systemctl restart sshd.service
[root@app2 vagrant]# ssh [email protected]
The authenticity of host '172.16.10.100 (172.16.10.100)' can't be established.
ECDSA key fingerprint is SHA256:l0KMAvM9/4cHoXoNAqfvDlfblbnGXOBs+jMadFewU9k.
ECDSA key fingerprint is MD5:f7:b2:c8:2b:60:20:01:e3:cb:3b:5f:8e:b7:09:4b:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.100' (ECDSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.