docker build fails while running ansible-galaxy in the dockerfile .
Hello community please help me out here, I am trying to build a custom image from AWX-EE image using my dockerfile and it throws error the below error
Traceback (most recent call last):```
File "/usr/local/bin/ansible-galaxy", line 5, in <module>
from ansible.cli.galaxy import main
File "/usr/local/lib/python3.9/site-packages/ansible/cli/__init__.py", line 103, in <module>
from ansible.parsing.dataloader import DataLoader
File "/usr/local/lib/python3.9/site-packages/ansible/parsing/dataloader.py", line 17, in <module>
from ansible.module_utils.basic import is_executable
File "/usr/local/lib/python3.9/site-packages/ansible/module_utils/basic.py", line 85, in <module>
has_journal = hasattr(journal, 'sendv') and systemd_daemon.booted()
PermissionError: [Errno 1] Operation not permitted
My dockerfile is :
FROM quay.io/ansible/awx-ee:23.2.0
USER root
COPY requirements.yml requirements.yml
COPY requirements.txt requirements.txt
RUN python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml && rm -rf /root/.ansible /root/.cache /root/.pip
USER 1000
My requirement.txt is
pandas
requests
and the requirement.yml is
collections:
name: awx.awx
name: community.zabbix
name: google.cloud
name: community.general
name: ansible.posix
name: ansible.window
Please let me know what I am missing here ?
Thanks and Regards
Saravana Selvaraj
Are you running on an SELinux enabled machine? If so, I would try setting it to permissive mode and trying again.
Thanks @Denney-tech for the response. I just figured it works with in another server with docker version 26.0.0.
BTW in my machine SELinux is not enabled from the machine where build fails :
[root@XXXXi]# sudo sestatus
SELinux status: disabled
And it is enabled from the machine where build is successful.
So Now I am wondering what is causing the issue , Docker version or SELinux ?
To figure it out I am installing lower version of docker in my success machine because I can do R&D only on that server.
Let me know your thoughts please ?
You’re getting a permissions error, so my first thought was SELinux (and is also a top google result), but if SELinux is disabled, that isn’t it.
My next thought is maybe user permissions, race conditions or installation path.
My AWX-EE build started with the one generated by ansible-builder, and the ansible-galaxy commands are their own RUN lines and look like this:
RUN ansible-galaxy role install $ANSIBLE_GALAXY_CLI_ROLE_OPTS -r requirements.yml --roles-path "/usr/share/ansible/roles"
RUN ANSIBLE_GALAXY_DISABLE_GPG_VERIFY=1 ansible-galaxy collection install $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path "/usr/share/ansible/collections"
Maybe the install path is important?
Edit: Just an observation of the error message, I’m curious as to why ansible-galaxy cares about the system journal or systemd_daemon.booted()…
1 Like
I ran again with below command
RUN python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml --collections-path “/usr/share/ansible/collections” && rm -rf /root/.ansible /root/.cache /root/.pip
Still same error !
kurokobo
(kurokobo)
April 9, 2024, 4:30am
6
Hi, I can’t reproduce your issue on my side with your files.
Does this error occur during a build? If so, please provide logs before and after errors as well.
1 Like
Sure I can provide you the same. Yes it happens while building the image. It is not happening with me GCE server (docker version 24) but it happens with our on premise server (docker version 19)
I am running docker build . to build the image. Please assist me how can I generate logs before and after ?
kurokobo
(kurokobo)
April 9, 2024, 6:46am
8
Please assist me how can I generate logs before and after ?
Simply I want to see the full logs from docker build .
command, not just the lines of error cut out of the logs.
However in the first place, Docker 19 is quite old and already reached EOL. In my opinion, considering upgrading Docker to newer version is more meaningful than trying to make docker build
to work by keeping troubleshooting.
Hello, PFB for the detailed log
docker build .
Sending build context to Docker daemon 4.608kB
Step 1/6 : FROM quay.io/ansible/awx-ee:23.2.0
---> 277e9aa01faf
Step 2/6 : USER root
---> Using cache
---> a121910fe93b
Step 3/6 : COPY requirements.yml requirements.yml
---> Using cache
---> 5f77a03a9858
Step 4/6 : COPY requirements.txt requirements.txt
---> Using cache
---> 17a4917e5e4a
Step 5/6 : RUN python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml --collections-path "/usr/share/ansible/collections" && rm -rf /root/.ansible /root/.cache /root/.pip
---> Running in 30338431d242
Requirement already satisfied: pip in /usr/local/lib/python3.9/site-packages (23.2.1)
Collecting pip
Obtaining dependency information for pip from https://files.pythonhosted.org/packages/8a/6a/19e9fe04fca059ccf770861c7d5721ab4c2aebc539889e97c7977528a53b/pip-24.0-py3-none-any.whl.metadata
Downloading pip-24.0-py3-none-any.whl.metadata (3.6 kB)
Downloading pip-24.0-py3-none-any.whl (2.1 MB)
Installing collected packages: pip
Attempting uninstall: pip
Found existing installation: pip 23.2.1
Uninstalling pip-23.2.1:
Successfully uninstalled pip-23.2.1
Successfully installed pip-24.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
Collecting pandas (from -r requirements.txt (line 1))
Downloading pandas-2.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (19 kB)
Requirement already satisfied: requests in /usr/local/lib/python3.9/site-packages (from -r requirements.txt (line 2)) (2.31.0)
Collecting numpy<2,>=1.22.4 (from pandas->-r requirements.txt (line 1))
Downloading numpy-1.26.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (61 kB)
Collecting python-dateutil>=2.8.2 (from pandas->-r requirements.txt (line 1))
Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl.metadata (8.4 kB)
Requirement already satisfied: pytz>=2020.1 in /usr/local/lib/python3.9/site-packages (from pandas->-r requirements.txt (line 1)) (2023.3.post1)
Collecting tzdata>=2022.7 (from pandas->-r requirements.txt (line 1))
Downloading tzdata-2024.1-py2.py3-none-any.whl.metadata (1.4 kB)
Requirement already satisfied: charset-normalizer<4,>=2 in /usr/local/lib64/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (3.2.0)
Requirement already satisfied: idna<4,>=2.5 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (3.4)
Requirement already satisfied: urllib3<3,>=1.21.1 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (1.26.16)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (2023.7.22)
Requirement already satisfied: six>=1.5 in /usr/local/lib/python3.9/site-packages (from python-dateutil>=2.8.2->pandas->-r requirements.txt (line 1)) (1.16.0)
Downloading pandas-2.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (13.0 MB)
Downloading numpy-1.26.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (18.2 MB)
Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB)
Downloading tzdata-2024.1-py2.py3-none-any.whl (345 kB)
Installing collected packages: tzdata, python-dateutil, numpy, pandas
Attempting uninstall: python-dateutil
Found existing installation: python-dateutil 2.8.1
Uninstalling python-dateutil-2.8.1:
Successfully uninstalled python-dateutil-2.8.1
Successfully installed numpy-1.26.4 pandas-2.2.1 python-dateutil-2.9.0.post0 tzdata-2024.1
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
Traceback (most recent call last):
File "/usr/local/bin/ansible-galaxy", line 5, in <module>
from ansible.cli.galaxy import main
File "/usr/local/lib/python3.9/site-packages/ansible/cli/__init__.py", line 103, in <module>
from ansible.parsing.dataloader import DataLoader
File "/usr/local/lib/python3.9/site-packages/ansible/parsing/dataloader.py", line 17, in <module>
from ansible.module_utils.basic import is_executable
File "/usr/local/lib/python3.9/site-packages/ansible/module_utils/basic.py", line 85, in <module>
has_journal = hasattr(journal, 'sendv') and systemd_daemon.booted()
PermissionError: [Errno 1] Operation not permitted
The command '/bin/sh -c python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml --collections-path "/usr/share/ansible/collections" && rm -rf /root/.ansible /root/.cache /root/.pip' returned a non-zero code: 1
kurokobo
(kurokobo)
April 9, 2024, 1:14pm
10
Still can’t reproduce your issue on 19.03.13.
As I mentioned, I would like to recommend you to upgrade your Docker
$ docker version
Client: Docker Engine - Community
Version: 19.03.13
API version: 1.40
Go version: go1.13.15
Git commit: 4484c46d9d
Built: Wed Sep 16 17:02:36 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.13
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 4484c46d9d
Built: Wed Sep 16 17:01:11 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.28
GitCommit: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.18.0
GitCommit: fec3683
$ tail -n+1 Dockerfile requirements.txt requirements.yml
==> Dockerfile <==
FROM quay.io/ansible/awx-ee:23.2.0
USER root
COPY requirements.yml requirements.yml
COPY requirements.txt requirements.txt
RUN python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml && rm -rf /root/.ansible /root/.cache /root/.pip
USER 1000
==> requirements.txt <==
pandas
requests
==> requirements.yml <==
collections:
- name: awx.awx
- name: community.zabbix
- name: google.cloud
- name: community.general
- name: ansible.posix
- name: ansible.windows
$ docker build .
Sending build context to Docker daemon 4.096kB
Step 1/6 : FROM quay.io/ansible/awx-ee:23.2.0
23.2.0: Pulling from ansible/awx-ee
11e80c8b852f: Pull complete
711e40327943: Pull complete
ae79b81e22b0: Pull complete
8bbe0b70a5f1: Pull complete
62862f9df3e5: Pull complete
9bca31556fb0: Pull complete
23bb5e0a1426: Pull complete
47d06bab5467: Pull complete
f0d55f5ad39c: Pull complete
08373c336785: Pull complete
5b621dd61ba0: Pull complete
4395bfc32c75: Pull complete
4f4fb700ef54: Pull complete
56dfeee262b5: Pull complete
9250f6b083b3: Pull complete
4e583f12d4ff: Pull complete
4902e9eeeb15: Pull complete
Digest: sha256:3695f4c0d11557da70fe8182ffe9046d5ce1df0770137f08f51705ab6c08ae05
Status: Downloaded newer image for quay.io/ansible/awx-ee:23.2.0
---> 277e9aa01faf
Step 2/6 : USER root
---> Running in 1b05a03d588d
Removing intermediate container 1b05a03d588d
---> bd3f3ea81cc3
Step 3/6 : COPY requirements.yml requirements.yml
---> 72b135f5b28e
Step 4/6 : COPY requirements.txt requirements.txt
---> 33512da9c000
Step 5/6 : RUN python3 -m pip install --progress-bar off --upgrade pip && pip install --progress-bar off -r requirements.txt && ansible-galaxy collection install -r requirements.yml && rm -rf /root/.ansible /root/.cache /root/.pip
---> Running in fa9a88eef536
Requirement already satisfied: pip in /usr/local/lib/python3.9/site-packages (23.2.1)
Collecting pip
Obtaining dependency information for pip from https://files.pythonhosted.org/packages/8a/6a/19e9fe04fca059ccf770861c7d5721ab4c2aebc539889e97c7977528a53b/pip-24.0-py3-none-any.whl.metadata
Downloading pip-24.0-py3-none-any.whl.metadata (3.6 kB)
Downloading pip-24.0-py3-none-any.whl (2.1 MB)
Installing collected packages: pip
Attempting uninstall: pip
Found existing installation: pip 23.2.1
Uninstalling pip-23.2.1:
Successfully uninstalled pip-23.2.1
Successfully installed pip-24.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
Collecting pandas (from -r requirements.txt (line 1))
Downloading pandas-2.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (19 kB)
Requirement already satisfied: requests in /usr/local/lib/python3.9/site-packages (from -r requirements.txt (line 2)) (2.31.0)
Collecting numpy<2,>=1.22.4 (from pandas->-r requirements.txt (line 1))
Downloading numpy-1.26.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (61 kB)
Collecting python-dateutil>=2.8.2 (from pandas->-r requirements.txt (line 1))
Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl.metadata (8.4 kB)
Requirement already satisfied: pytz>=2020.1 in /usr/local/lib/python3.9/site-packages (from pandas->-r requirements.txt (line 1)) (2023.3.post1)
Collecting tzdata>=2022.7 (from pandas->-r requirements.txt (line 1))
Downloading tzdata-2024.1-py2.py3-none-any.whl.metadata (1.4 kB)
Requirement already satisfied: charset-normalizer<4,>=2 in /usr/local/lib64/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (3.2.0)
Requirement already satisfied: idna<4,>=2.5 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (3.4)
Requirement already satisfied: urllib3<3,>=1.21.1 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (1.26.16)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.9/site-packages (from requests->-r requirements.txt (line 2)) (2023.7.22)
Requirement already satisfied: six>=1.5 in /usr/local/lib/python3.9/site-packages (from python-dateutil>=2.8.2->pandas->-r requirements.txt (line 1)) (1.16.0)
Downloading pandas-2.2.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (13.0 MB)
Downloading numpy-1.26.4-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (18.2 MB)
Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB)
Downloading tzdata-2024.1-py2.py3-none-any.whl (345 kB)
Installing collected packages: tzdata, python-dateutil, numpy, pandas
Attempting uninstall: python-dateutil
Found existing installation: python-dateutil 2.8.1
Uninstalling python-dateutil-2.8.1:
Successfully uninstalled python-dateutil-2.8.1
Successfully installed numpy-1.26.4 pandas-2.2.1 python-dateutil-2.9.0.post0 tzdata-2024.1
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[WARNING]: Collection redhatinsights.insights does not support Ansible version
2.15.4
Starting galaxy collection install process
Process install dependency map
Starting collection install process
'awx.awx:23.1.0' is already installed, skipping.
'google.cloud:1.2.0' is already installed, skipping.
'ansible.posix:1.5.4' is already installed, skipping.
'ansible.windows:2.1.0' is already installed, skipping.
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/community-zabbix-2.3.1.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/community-zabbix-2.3.1-zxnjhzqx
Installing 'community.zabbix:2.3.1' to '/root/.ansible/collections/ansible_collections/community/zabbix'
community.zabbix:2.3.1 was installed successfully
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/ansible-netcommon-6.0.0.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/ansible-netcommon-6.0.0-aoqgjv5h
Installing 'ansible.netcommon:6.0.0' to '/root/.ansible/collections/ansible_collections/ansible/netcommon'
ansible.netcommon:6.0.0 was installed successfully
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/ansible-utils-4.0.0.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/ansible-utils-4.0.0-cl28bxhu
Installing 'ansible.utils:4.0.0' to '/root/.ansible/collections/ansible_collections/ansible/utils'
ansible.utils:4.0.0 was installed successfully
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/community-postgresql-3.4.0.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/community-postgresql-3.4.0-vte99j7u
Installing 'community.postgresql:3.4.0' to '/root/.ansible/collections/ansible_collections/community/postgresql'
community.postgresql:3.4.0 was installed successfully
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/community-mysql-3.9.0.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/community-mysql-3.9.0-4oa2m_00
Installing 'community.mysql:3.9.0' to '/root/.ansible/collections/ansible_collections/community/mysql'
community.mysql:3.9.0 was installed successfully
Downloading https://galaxy.ansible.com/api/v3/plugin/ansible/content/published/collections/artifacts/community-general-8.5.0.tar.gz to /root/.ansible/tmp/ansible-local-127vqdfhf1/tmp2_n3w6qj/community-general-8.5.0-4s7ftut2
Installing 'community.general:8.5.0' to '/root/.ansible/collections/ansible_collections/community/general'
community.general:8.5.0 was installed successfully
Removing intermediate container fa9a88eef536
---> 882240f4fbd5
Step 6/6 : USER 1000
---> Running in 7d84f484d68e
Removing intermediate container 7d84f484d68e
---> 13a4c3878ac2
Successfully built 13a4c3878ac2
Hello @kurokobo , No worries at all and Thank you so much for your help. We have figured out a workaround by building the image in local PC.
Have a great day ahead and Thanks again !
Best regards
Saravana Selvaraj
system
(system)
Closed
May 10, 2024, 6:21am
12
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.