Using the ansible.builtin.ansible module I try to update remote servers. Running my playbook from ansible cmdline it all works fine. Using the same playbook in AAP I get an error:
“Failed to download metadata … Cannot download reponsd.xml All mirrors where tried”
The repo server is avaiable, no firewall obstructions (running playbook from cmdline works) Also running dnf update as root on a failing server works.
Any suggestions?
Code:
- name: Upgrade all packages using DNF
block:
- name: Executing DNF clean cache and update packages
ansible.builtin.dnf:
name: '*'
update_cache: true
state: latest
register: updated_packages
- name: List of updated packages
ansible.builtin.debug:
var: updated_packages.results|d()
when: updated_packages
Hi.
It might be a missing or old/out-of-date certificate in the execution environment you are using in AAP, since dnf uses ssl. What (base) image are you building your execution environment on?
Default exeution env based on RHEL9. Don’t think it a certificate issue since the playbook works on other servers within the same VLAN’s correctly. Somehow on some servers dnf won’t work. Neither when I’m using the builtin dnf module nor using shell cmd. Running it from cmdline, directly without execution nodes of course, all works fine. I’m not lost that soon but now I am
OK. Then it is probably an issue with the python interpreter. Try setting the ansible_python_interpreter variable in your inventory as a hostvars variable for the servers where dnf does not work. Example:
The yum/dnf modules specifically need to use /usr/libexec/platform-python to run, since the required libraries are only available under the OS’ python. Ansible does have a redirect feature for this module, so you don’t necessarily need to specify the ansible_python_interpreter here.
I’m more curious to know what version of Ansible you’re using on CLI, and what version you’re using on AAP’s EE.
@Denney-tech I didn’t know that it was possible to redirect to a specific version of Python directly from the ansible.builtin.dnf module. What is that parameter called? I can’t seem to find it in the documentation.
@jiholland As @shertel linked, the module itself is hardcoded to do this automatically.
For other modules, you can specify the ansible_python_interpreter variable at the task level, in case you ever run into other exceptions that don’t need (or can’t) run with the default or more broadly defined interpreter.
