Behaviour of the Ansible yum module with enablerepo and disablerepo

Hi all,

I am using Ansible 1.9.2 on CentOS 6.7. I am designing a system which can deploy software onto machines when those machines don’t have access to the Internet. I basically have an Ansible controller node with cached RPMs and a web server. On each target node, I have defined a .repo file to instruct each node to fetch the rpms from the web server.

When I do the deployment, I am finding that the yum module does not work.

For example, executing the following task fails:

• name: install the MySQL-python package

yum: disablerepo=* enablerepo=ansible name=MySQL-python

The error message is:

TASK: [icingaweb2 | install the MySQL-python package] *************************

failed: [192.168.50.201] => {“changed”: false, “failed”: true, “rc”: 0, “results”: }

msg: No Package matching ‘MySQL-python’ found available, installed or updated

FATAL: all hosts have already failed – aborting

However if I use the yum command via an Ansible shell, the package is installed correctly:

• name: install the MySQL-python package

shell: yum -y --disablerepo=* --enablerepo=ansible install MySQL-python

I was wondering if I am not using the yum module correctly or if this is an Ansible bug.

Thanks in advance.

Guillaume.

Your playbook looks correct but I am unable to reproduce your problem
with Fedora 21 and ansible-1.9.3-2 from the Fedora packages:

I’ve got the same problem here on both 1.9.2 and 1.9.4. You need some “unreachable” repos in your /etc/yum.repos.d configured to reproduce.

Example :

I’m using this here “yum: name={{ item }} disablerepo=* enablerepo=private* state=present” and the output is like this :

failed: [psp6cdvhst07.coxlab.net] => (item=yum-utils,libselinux-python) => {“changed”: false, “failed”: true, “item”: “yum-utils,libselinux-python”, “rc”: 0, “results”: }

msg: No Package matching ‘yum-utils’ found available, installed or updated

Although if I use the yum CLI “# yum install yum-utils --disablerepo=* --enablerepo=private*” it works just fine.

Really does create a problem installing on servers on Private IP space which aren’t connect to internet.

Steve

If you use disablerepo=base,updates,extras it seems to work. the Wildcard doesn’t seem to work. ???

I still have not been able to replicate this. Taking all the things
that people have said on this list I just ran a test on a centos6
host:

$ cat /etc/redhat-release
                    (15:20:34)
CentOS release 6.6 (Final)

with ansible-1.9.2 from the epel repository.

[pts/0@rhel6 ~]$ rpm -q ansible
                                   (15:21:01)
ansible-1.9.2-1.el6.noarch
[pts/0@rhel6 ~]$ ansible --version
                                   (15:21:06)
[WARNING]: The version of gmp you have installed has a known issue regarding
timing vulnerabilities when used with pycrypto. If possible, you should update
it (i.e. yum update gmp).

ansible 1.9.2
  configured module search path = None

I have a repository that is unreachable enabled in /etc/yum.repos.d:

[pts/0@rhel6 ~]$ cat /etc/yum.repos.d/broken.repo
                                   (15:21:37)
[broken]
name=Broken
baseurl=http://download.fedoraproject.org/broken
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

[pts/0@rhel6 ~]$ sudo yum install -y python-q
                                   (15:22:08)
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirror.lax.hugeserver.com
* epel: linux.mirrors.es.net
* extras: mirrors.psychz.net
* updates: centos.mirrors.hoobly.com
http://download.fedoraproject.org/broken/repodata/repomd.xml: [Errno
14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not
Found"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for
repository: broken. Please verify its path and try again

The playbook seems to contain all the same pieces (including use of
wildcards in both disable and enablerepo):

[pts/0@rhel6 ~]$ cat yum.yml
                                   (15:26:51)