alainseys
October 10, 2024, 1:29pm
1
Hello Guys,
Can you help me out with a issue i am facing , i want to create a snapshot before “ansible” is changing somthing on a server.
I have the creation of snapshot this works as expected but if i combine it with a other playbook this returns in invalid credenitals.
i have tried adding the password in the vault , in awx always the same error. My touthts are that create snapshot is targeting locahost and the playbook is targetting a specefic host.
Could this be the issue?
---
# tasks file for createsnapshot
- name: Create Snapshot
community.vmware.vmware_guest_snapshot:
hostname: "{{ vcenter_hostname }}"
username: "{{ vcenter_username }}"
password: "{{ vcenter_password }}"
datacenter: "{{ vcenter_datacenter }}"
validate_certs: false
folder: "{{ vcenter_vm_folder }}"
name: "{{ vm_name | default(inventory_hostname) }}"
snapshot_name: "{{ vm_snapshot_name | default('Before execution ansible playbook') }}"
description: "{{ vm_snapshot_name | default('Before execution ansible playbook') }}"
state: present
memory_dump: true
delegate_to: localhost
- name: Deploy docker
hosts: TEST_ONLY
become: true
vars_files:
- ../vault.yml
tasks:
- name: Create snapshot
ansible.builtin.import_role:
name: vcenter/create-snapshot
delegate_to: localhost
- name: Install Docker
ansible.builtin.import_role:
name: linux/docker
the error i recieve
{
"module_stdout": "",
"module_stderr": "\nsu: Authentication failure\n",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1,
"_ansible_no_log": false,
"changed": false,
"_ansible_delegated_vars": {
"ansible_host": "localhost",
"ansible_port": null,
"ansible_user": "ansible",
"ansible_connection": "local"
}
}
1 Like
disi
October 10, 2024, 3:00pm
2
Ah sorry I didn’t read it correctly, move the “become: true” further down maybe, to the task where it is needed?
bvitnik
October 10, 2024, 11:56pm
3
I think delegate_to: localhost in your first task is extra and should be removed:
- name: Deploy docker
hosts: TEST_ONLY
become: true
vars_files:
- ../vault.yml
tasks:
- name: Create snapshot
ansible.builtin.import_role:
name: vcenter/create-snapshot
delegate_to: localhost <-- remove
- name: Install Docker
ansible.builtin.import_role:
name: linux/docker
You already have delegate_to: localhost in your role task and that should be enough.
alainseys
October 11, 2024, 7:20am
4
Hello, @bvitnik ,
I have tried this before did not resolve my issue same permission error.
alainseys
October 11, 2024, 7:22am
5
@disi removed the become since this is not required in the playbook the roles themself have the required steps if called for.
But did not change anything.
bvitnik
October 11, 2024, 4:38pm
6
Are you sure the error message is exactly the same when you remove delegate_to: localhost? Can you post your inventory file (if any) and command line you are using to run Ansible? Can you also tell us which exact task fails?
P.S. Ah. I see now that you are using import_role instead of include_role so delegate_to should have no effect here. I thought it was messing with the include. You can ignore the first question.
does the ‘ansible’ user exist on the localhost? It definitely seems like an error with become or connection vars.
delegate_to: localhost
vars:
ansible_become: false
What version of ansible is this? _ansible_ vars were removed in like 2.8
alainseys
October 11, 2024, 6:37pm
8
this is been run using AWX the inventory is simply containing 2 host
bvitnik
October 11, 2024, 7:09pm
9
Where is the “TEST_ONLY” host (or group?) defined? You are using it here:
But I don’t see it on your screenshots. What I see on your screenshots are:
An AWX inventory called “TEST ONLY” (under the hood it’s an inventory file)
A host called “TEST_HOST” specified inside the inventory from the previous point
The hosts: key in playbook accepts names of hosts and groups, not names of inventories if that is what you had in mind.
So either do something like this:
- name: Deploy docker
hosts: all
to target all of the hosts, both “ANSIBLE-DEPLOY” and “TEST_HOST” in your “TEST ONLY” inventory or like this:
- name: Deploy docker
hosts: TEST_HOST
if you want to target only the host “TEST_HOST” from your “TEST ONLY” inventory.
Just a note that underscore “_” is an invalid (non allowed) character for hostname. You should avoid it.
1 Like
alainseys
October 13, 2024, 5:42pm
10
let me clairify it a bit more
the creation of the snapshot should been taken on the localhost (Execution Enviroment that then talks to the vcenter to create the snap).
Then the installation of docker should be done on the hosts that are in TEST ONLY. Without that i am adjusting the modules so the modules keep repeatable
bvitnik
October 13, 2024, 10:17pm
11
vmware_guest_snapshot module is always used with delegate_to: localhost. That’s perfectly understandable and that’s how it was designed to work.
On the other hand, my comments are still holding. Also, the question “Can you also tell us which exact task fails?” is unfortunately left unanswered.
1 Like
alainseys
October 14, 2024, 8:25am
12
Hy,
i have simpelfied the playbook and put the creation of the snapshot first in line and there it is failing. My gues because it is set to all.
And the creation of the snapshot relies on localhost (what is not in the hostgroup).
so the failing task is creating the snapshot (if i run the task seperate targetting locahost direct this works).
bvitnik
October 14, 2024, 10:20am
13
I’m not sure I follow
alainseys
October 14, 2024, 10:33am
14
I have found a workable solution instead of importing the roles i include them with a small adjustment on role (become on role level instead of playbook).
This now works as expected, if run the playbook this creates the snapshot of the vm updates the message of the snapshot
- name: Deploy docker
hosts: all
tasks:
- name: Create snapshot vm
ansible.builtin.include_role:
name: vcenter/create-snapshot
vars:
vm_name: "{{ inventory_hostname }}"
vm_snapshot_name: "Before execution ansible playbook - Installation docker"
- name: Install Docker
ansible.builtin.include_role:
name: linux/docker
@bvitnik thanks for the help
1 Like
. Examples of the code that works and examples that does not work would be helpful.
