Hello,

I wanted to give “This script” (from http://docs.ansible.com/intro_dynamic_inventory.html#example-the-cobbler-external-inventory-script) a try to do the dynamic inventory.

Benno helped me in irc to get rid of some errors, due to not having a cobbler.ini in the same directory.
An example file can be found in /opt/ansible/plugins/inventory/cobbler.ini or in git

It would be nice to include that in the manual, for newbies like me

Now I have currently 6 hosts in cobbler, but the script seems not aware of it, see output below:

[root@geppetto ansible]# cobbler system list
metop-20.oma.be
metop-28.oma.be
zotac-09
zotac-24.oma.be
zotac-29
zotac-36
[root@geppetto ansible]# ./cobbler.py
{}
[root@geppetto ansible]#
[root@geppetto ansible]# cobbler --version
Cobbler 2.4.0
source: ?, ?
build time: Thu Jun 20 06:07:51 2013
[root@geppetto ansible]#

Any ideas?
Would it make sense if I upload the output of
[root@geppetto ansible]# python -mtrace --trace ./cobbler.py > cobbler.py.debuglog

here? It is big!:
[root@geppetto ansible]# ls -lah cobbler.py.debuglog
-rw-r–r–. 1 root root 3.4M Jan 21 15:01 cobbler.py.debuglog
[root@geppetto ansible]# wc -l cobbler.py.debuglog
76780 cobbler.py.debuglog
[root@geppetto ansible]#

Thanks**,**

Joost

BTW:
A little note on selinux, since that is often the culprit: I have it running currently in permissive mode.
I grepped /var/log/audit/audit.log for ansible: nothing found.
What I found on cobbler I poured into a policy and applied it and I tried again:

[root@geppetto ansible]# grep ansible /var/log/audit/audit.log
[root@geppetto ansible]#
[root@geppetto ansible]# grep cobbler /var/log/audit/audit.log
type=AVC msg=audit(1390309171.088:106152): avc: denied { write } for pid=27878 comm=“httpd” name=“webui_sessions” dev=dm-0 ino=17958021 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=dir
type=AVC msg=audit(1390309171.088:106152): avc: denied { add_name } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf” scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=dir
type=AVC msg=audit(1390309171.088:106152): avc: denied { create } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf” scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=file
type=AVC msg=audit(1390309171.088:106152): avc: denied { write } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf” dev=dm-0 ino=17958488 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=file
type=AVC msg=audit(1390309171.089:106153): avc: denied { remove_name } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf_out_Ud8hJk” dev=dm-0 ino=17958538 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=dir
type=AVC msg=audit(1390309171.089:106153): avc: denied { rename } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf_out_Ud8hJk” dev=dm-0 ino=17958538 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=file
type=AVC msg=audit(1390309171.089:106153): avc: denied { unlink } for pid=27878 comm=“httpd” name=“sessionid5f93d6b7217e5248218a9c705f0769cf” dev=dm-0 ino=17958488 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:cobbler_var_lib_t:s0 tclass=file
[root@geppetto ansible]#

[root@geppetto selinux]# grep cobbler /var/log/audit/audit.log | audit2allow -M cobblerpol
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i cobblerpol.pp

[root@geppetto selinux]# semodule -i cobblerpol.pp
[root@geppetto selinux]# cd /etc/ansible
[root@geppetto ansible]# ./cobbler.py
{}
[root@geppetto ansible]#

But no real difference,… like it should since it is permissive mode.

Hi Joost,

I think you might need to add --list as an argument to the script if
you run it "stand alone".

If you want to use it with ansible or ansible-playbook you can run it
with -i cobbler.py ( example : ansible-playbook -i cobbler.py
<playbook> ).

I have no cobbler setup to test this, so I might be wrong.

Vincent

Vincent,

You are incorrect, the default behavior is in fact the same as --list.

I’d probably recommend debugging the example inventory script or you may have an issue with their being no systems the last time the cache of the inventory was written, which is in cobbler.ini as 900 seconds.

Vincent,

You are incorrect, the default behavior is in fact the same as --list.

Didn't know that. I also didn't check ( my bad ).

Thanks for looking into this, Michael and Vincent.
Alas no solution yet.
More than 900 seconds have passed by now, but still no hosts seen with the script:

[root@geppetto ansible]# cobbler system list
metop-20.oma.be
metop-28.oma.be
zotac-09
zotac-24.oma.be
zotac-29
zotac-36
[root@geppetto ansible]# ./cobbler.py --list
{}
[root@geppetto ansible]# ./cobbler.py
{}
[root@geppetto ansible]# date
wo jan 22 23:04:40 CET 2014
[root@geppetto ansible]# cat cobbler.ini
# Ansible Cobbler external inventory script settings

Hereby some grep output as promised in previous mail:
[root@geppetto ansible]# grep -i error -B 2 -A 2 cobbler.py.debuglog > errorswithsomelinesbeforeandsomeafter.log
[root@geppetto ansible]# [root@geppetto ansible]# cat errorswithsomelinesbeforeandsomeafter.log
argparse.py(64): version = ‘1.2.1’
argparse.py(66): ‘ArgumentParser’,
argparse.py(67): ‘ArgumentError’,
argparse.py(68): ‘ArgumentTypeError’,
argparse.py(69): ‘FileType’,
argparse.py(70): ‘HelpFormatter’,

I looked a bit further, did RTFM of cobbler, and found this:
https://fedorahosted.org/cobbler/wiki/CobblerXmlrpc
Where I did a test with the included example code:

<b>#!/usr/bin/python
import xmlrpclib
server = xmlrpclib.Server("http://127.0.0.1/cobbler_api")
server = xmlrpclib.Server("http://127.0.0.1/cobbler_api")
print server.get_distros()
print server.get_profiles()
print server.get_systems()
print server.get_images()
print server.get_repos()</b>

This gives a lot of output, not well formatted, but I recognise what is stored in cobbler.

So imho, the cobbler_api works, … but not the way the cobbler.py script tries present data from it.

Thanks,

Joost

That’s curious.

I wrote that script against a live Cobbler install and we’ve got users using it in the wild.

Unfortunately, this isn’t something we really have time to troubleshoot here. It is something that we’d help support customers with, but it involves replicating and digging inside of your Cobbler setup, so it’s a bit out of scope for ansible-project’s mailing list.

Hi Michael,

That’s really no problem. I just wanted to give it a go since it was in the tutorial.
Thanks for looking into it anyway.

I am glad I am now on http://cfgmgmtcamp.eu/ , the tutors here are great, I am learning a lot here.

Joost

I'm about to test cobbler to. I might have a look when I find the time.

Maybe later in the afternoon at cgmgmntcamp.

Vincent

Hi Joost,

I just spent some time digging for the same. Turns out that my existing systems did not have “management” set and were therefore not included in the results.

Should this be the case, you should start getting output after issuing one of these:

cobbler system edit --name=somenode --management=yes

Cheers
Wouter

Hi Wouter,

Thank you for looking into this and sharing your findings Wouter.
Good to hear that enabling management fixed it for you.
Alas for me that’s not the case.

[root@geppetto ansible]# cobbler system list
metop-20.oma.be
metop-28.oma.be
zotac-09
zotac-24.oma.be
zotac-29
zotac-36
[root@geppetto ansible]#
[root@geppetto ansible]# ./cobbler.py
{}
[root@geppetto ansible]# cobbler system edit --name=zotac-29 --management=yes
[root@geppetto ansible]# ./cobbler.py
{}

Whereas the api still works, because the following line gives lots of output (too much to be readable):

[root@geppetto ansible]# ./cobblerdemo.py | grep zotac-29

and this being the contents:
[root@geppetto ansible]# cat ./cobblerdemo.py
#!/usr/bin/python
import xmlrpclib
server = xmlrpclib.Server(“http://127.0.0.1/cobbler_api”)
server = xmlrpclib.Server(“http://127.0.0.1/cobbler_api”)
print server.get_systems()
[root@geppetto ansible]#

Cheers,

Joost

It is required to have filled both “management interface” and “dns name” (for the same interface if you have more than one).

W dniu wtorek, 11 lutego 2014 16:17:16 UTC+1 użytkownik Joost Ringoot napisał:

With help of Wouter Jagers, the script now picks up the systems installed by cobbler.
I needed to perform something like this for the hosts

cobbler system edit --name=$COBBLERHOSTNAME --dns-name=$FQDN --management=true

Thanks Wouter.
Thanks also to Michael for all your enormous work for the community.
Thanks also to Vincent and Tomasz and others I might forget.

IIRC, the management=true stuff is after my time with the project.

IMHO, the inventroy script shouldn’t care about this, but it may be something on the API side that was not returning something.