ricardozanini / vagrant-alm Goto Github PK
View Code? Open in Web Editor NEWAn excerpt of an ALM environment built on top of Vagrant, Libvirt and Ansible
License: Apache License 2.0
An excerpt of an ALM environment built on top of Vagrant, Libvirt and Ansible
License: Apache License 2.0
While running the paybook I encountered underneath error:
fatal: [192.168.56.3]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: ssh: connect to host 192.168.56.3 port 22: No route to host", "unreachable": true}
I am new to ANSIBLE. I am building my automation system with Ansible.
With this article as referece "https://www.redhat.com/en/blog/integrating-ansible-jenkins-cicd-process" and I have downloaded vagrant-alm-master source from this location "https://github.com/ricardozanini/vagrant-alm"
After entering command "vagrant up", I am getting below issue.
RUNNING HANDLER [/home/user/.ansible/roles/nginxinc.nginx : (Handler: All OSs) Start NGINX] ***
fatal: [sonar_box]: FAILED! => {"changed": false, "msg": "Unable to start service nginx: Job for nginx.service failed because the control process exited with error code. See \"systemctl status nginx.service\" and \"journalctl -xe\" for details.\n"}
RUNNING HANDLER [lean_delivery.sonarqube : Restart Sonarqube] ******************
NO MORE HOSTS LEFT *************************************************************
PLAY RECAP *********************************************************************
sonar_box : ok=54 changed=32 unreachable=0 failed=1 skipped=153 rescued=0 ignored=0
Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.
Vagrant build process stopped because of nginx service is not started in sonar virtual box.
Vagrant build process able to produce TOWER and JENKINS virtual box without error.
I have entered into sonar virtual box by giving this command " vagrant up sonar_box". I have observed that nginx service is not started because of "sonar.local.pem" certificate unavailable at this location "/etc/ssl/sonar.local/" . I am getting below error for nginx status
[vagrant@sonar ~]$ sudo systemctl status nginx.service
โ nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2019-07-11 10:29:55 UTC; 3min 5s ago
Docs: http://nginx.org/en/docs/
Process: 10714 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)
Jul 11 10:29:55 sonar.local systemd[1]: Starting nginx - high performance web server...
Jul 11 10:29:55 sonar.local nginx[10714]: nginx: [emerg] cannot load certificate "/etc/ssl/sonar.local/sonar.local.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No...:no such file)
Jul 11 10:29:55 sonar.local systemd[1]: nginx.service: control process exited, code=exited status=1
Jul 11 10:29:55 sonar.local systemd[1]: Failed to start nginx - high performance web server.
Jul 11 10:29:55 sonar.local systemd[1]: Unit nginx.service entered failed state.
Jul 11 10:29:55 sonar.local systemd[1]: nginx.service failed.
Hint: Some lines were ellipsized, use -l to show in full
I have observed "sonar.local" folder is not created under "/etc/ssl" in SONAR virtual box.
I have commented SSL certification path in the below roles, but it is not fixing the issue,
1.lean_delivery.sonarqube
2.nginxinc.nginx
1.lean_delivery.sonarqube
2.nginxinc.nginx
3.geerlingguy.sonar
root@quanta:/home/user/dhanasekar/Automation/vagrant-alm-master# ansible --version
ansible 2.8.1
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.15+ (default, Nov 27 2018, 23:36:35) [GCC 7.3.0]
root@quanta:/home/user/dhanasekar/Automation/vagrant-alm-master# ansible-config dump --only-changed
DEFAULT_HOST_LIST(/etc/ansible/ansible.cfg) = [u'/etc/ansible/hosts']
OS: Ubuntu 18.04
FYR, I have shared my alm.yaml file
# requirements install
- name: Install Roles from Galaxy
hosts: all
connection: local
tasks:
- name: installing required ansible-galaxy roles
command: "ansible-galaxy install --ignore-errors -r requirements.yml"
# Let's rock on ALM
- name: Deploy Jenkins CI
hosts: jenkins_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
- geerlingguy.repo-epel
# - geerlingguy.jenkins #commented by dhanasekar
- /home/user/.ansible/roles/geerlingguy.jenkins
- geerlingguy.git
- tecris.maven
- geerlingguy.ansible
- name: Deploy Nexus Server
hosts: nexus_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
# - geerlingguy.java #commented by dhanasekar
- /home/user/.ansible/roles/geerlingguy.java
- savoirfairelinux.nexus3-oss
- name: Deploy Sonar Server
hosts: sonar_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
# added by dhanasekar start
vars:
ssl_certs_common_name: "{{ ansible_fqdn }}"
# added by dhanasekar end
pre_tasks:
- name: "install epel"
package:
name: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
state: "present"
when: ansible_distribution == 'RedHat'
# delete plugins installed on previous run to prevent conflict in case if any plugin is updated
- name: "delete plugins"
file:
path: "{{ sonar_path }}/sonarqube-{{ sonar_major_version }}.{{ sonar_minor_version }}/extensions/plugins"
state: absent
roles:
# - role: geerlingguy.java #commneted by dhanasekar
- role: /home/user/.ansible/roles/geerlingguy.java
# added by dhanasekar start
# - role: /home/user/.ansible/roles/jdauphant.ssl-certs
# ssl_certs_common_name: "{{ ansible_fqdn }}"
# - role: /home/user/.ansible/roles/lean_delivery.sonarqube
# added by dhanasekar end
- role: ANXS.postgresql
postgresql_users:
- name: sonar
pass: sonar
postgresql_databases:
- name: sonar
owner: sonar
- role: /home/user/.ansible/roles/nginxinc.nginx
- role: lean_delivery.sonarqube
sonar_java_opts:
web: "-server -Xmx512m -Xms512m"
es: "-Xmx1g -Xms1g"
ce: "-Xmx512m -Xms512m"
web:
host: "localhost"
port: 9000
path: "/"
sonar_proxy_server_name: "{{ ssl_certs_common_name }}"
sonar_proxy_http: True
# sonar_optional_plugins:
# - "https://sonarsource.bintray.com/Distribution/sonar-auth-github-plugin/sonar-auth-github-plugin-1.3.jar"
# - "https://github.com/QualInsight/qualinsight-plugins-sonarqube-smell/releases/download/qualinsight-plugins-sonarqube-smell-4.0.0/qualinsight-sonarqube-smell-plugin-4.0.0.jar"
# - "https://github.com/QualInsight/qualinsight-plugins-sonarqube-badges/releases/download/qualinsight-plugins-sonarqube-badges-3.0.1/qualinsight-sonarqube-badges-3.0.1.jar"
# - "https://github.com/racodond/sonar-json-plugin/releases/download/2.3/sonar-json-plugin-2.3.jar"
# - "https://github.com/RIGS-IT/sonar-xanitizer/releases/download/1.5.0/sonar-xanitizer-plugin-1.5.0.jar"
# - "https://github.com/gabrie-allaigre/sonar-gitlab-plugin/releases/download/3.0.1/sonar-gitlab-plugin-3.0.1.jar"
# - "https://github.com/gabrie-allaigre/sonar-auth-gitlab-plugin/releases/download/1.3.2/sonar-auth-gitlab-plugin-1.3.2.jar"
# - "https://binaries.sonarsource.com/Distribution/sonar-css-plugin/sonar-css-plugin-1.0.2.611.jar"
# - "https://binaries.sonarsource.com/Distribution/sonar-kotlin-plugin/sonar-kotlin-plugin-1.2.1.2009.jar"
post_tasks:
- name: "start sonarqube"
service: name="sonarqube" state="started"
- name: "delete default nginx config"
file:
path: /etc/nginx/conf.d/default.conf
state: absent
- name: "restart, enable nginx"
service: name="nginx" state="restarted" enabled=True
# see https://github.com/ANXS/postgresql/issues/363
- name: "enable postgresql"
service: name="postgresql-{{ postgresql_version }}" enabled=True
when: ansible_distribution == 'CentOS'
- name: On Premises CentOS
hosts: app_server
remote_user: "{{ ansible_ssh_user | default('vagrant') }}"
become: yes
roles:
- jenkins-keys-config
Build process should pass.
Should created SONAR virtual box completely without error
NGINX service should start in SONAR virtual box
Build process is failing
SONAR virtual box is not creating completely
NGINX service is not starting in SONAR virtual box because of sonar.local.pem certificate is not available .
Users have to manually add Nexus, Sonar and Jenkins keys to the Jenkins credential store after the environment is provisioned. Would be nice if the Ansible playbook could do it beforehand so we'd have the lab ready after running vagrant for the first time.
inside the vagrant box
[root@app2 vagrant]# ps aux | grep 9080
root 5093 0.0 0.1 12492 720 pts/0 S+ 13:13 0:00 grep --color=auto 9080
[root@app2 vagrant]# wget http://127.0.0.1:9080
bash: wget: command not found
outside the vagrant box
$ wget http://172.16.10.100:9080
--2018-07-02 09:14:10-- http://172.16.10.100:9080/
Connecting to 172.16.10.100:9080... failed: Connection refused.
$ ping 172.16.10.100
PING 172.16.10.100 (172.16.10.100) 56(84) bytes of data.
64 bytes from 172.16.10.100: icmp_seq=1 ttl=64 time=0.404 ms
64 bytes from 172.16.10.100: icmp_seq=2 ttl=64 time=0.242 ms
TASK [geerlingguy.jenkins : Install Jenkins plugins using password.] ***********
changed: [jenkins] => (item=sonar)
changed: [jenkins] => (item=nexus-artifact-uploader)
changed: [jenkins] => (item=ansible)
failed: [jenkins] (item=workflow-aggregator) => {"changed": false, "details": "Connection failure: timed out", "item": "workflow-aggregator", "msg": "Cannot install plugin."}
changed: [jenkins] => (item=slack)
changed: [jenkins] => (item=slack-uploader)
changed: [jenkins] => (item=git)
changed: [jenkins] => (item=github)
changed: [jenkins] => (item=credentials-binding)
changed: [jenkins] => (item=pipeline-utility-steps)
changed: [jenkins] => (item=disk-usage)
changed: [jenkins] => (item=ws-cleanup)
to retry, use: --limit @/home/yhq/github/vagrant-alm/ansible/alm.retry
PLAY RECAP *********************************************************************
jenkins : ok=35 changed=16 unreachable=0 failed=1
[vagrant@app2 ~]$ ssh [email protected]
The authenticity of host '172.16.10.100 (172.16.10.100)' can't be established.
ECDSA key fingerprint is SHA256:l0KMAvM9/4cHoXoNAqfvDlfblbnGXOBs+jMadFewU9k.
ECDSA key fingerprint is MD5:f7:b2:c8:2b:60:20:01:e3:cb:3b:5f:8e:b7:09:4b:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.100' (ECDSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[vagrant@app2 ~]$ ssh 172.16.10.100
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
[vagrant@app2 ~]$ su
Password:
[root@app2 vagrant]# ls
[root@app2 vagrant]# ls /etc/ss
ssh/ ssl/
[root@app2 vagrant]# ls /etc/ssh/
moduli ssh_host_ecdsa_key.pub ssh_host_rsa_key
ssh_config ssh_host_ed25519_key ssh_host_rsa_key.pub
ssh_host_ecdsa_key ssh_host_ed25519_key.pub sshd_config
[root@app2 vagrant]# service sshd restart
Redirecting to /bin/systemctl restart sshd.service
[root@app2 vagrant]# ssh [email protected]
The authenticity of host '172.16.10.100 (172.16.10.100)' can't be established.
ECDSA key fingerprint is SHA256:l0KMAvM9/4cHoXoNAqfvDlfblbnGXOBs+jMadFewU9k.
ECDSA key fingerprint is MD5:f7:b2:c8:2b:60:20:01:e3:cb:3b:5f:8e:b7:09:4b:7f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.10.100' (ECDSA) to the list of known hosts.
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.