Ansible Collection for automated deployment of AAP and other objects for general use
Home Page: https://galaxy.ansible.com/infra/aap_utilities
License: GNU General Public License v3.0
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "github-actions[bot]")
The roles don't really have an obvious example to follow for installing AAP.
In particular it isn't obvious what needs to be set for aap_setup_prep_inv_nodes and aap_setup_prep_inv_vars. The readme does point to the defaults but that isn't really documentation.
Just adding to the example at the bottom of the prepare and install roles' readmes would be a good start here.
add something like:
...
vars:
aap_setup_prep_inv_nodes:
automationcontroller:
autoctl1.example.com:
autoctl2.example.com:
aap_setup_prep_inv_vars:
...
fatal: [127.0.0.1]: FAILED! => {"msg": "The conditional check '(aap_setup_down_type + '-' + aap_setup_down_version) in item.filename' failed. The error was: Unexpected templating type error occurred on ({% if (aap_setup_down_type + '-' + aap_setup_down_version) in item.filename %} True {% else %} False {% endif %}): can only concatenate str (not "float") to str\n\nThe error appears to be in '/root/.ansible/collections/ansible_collections/redhat_cop/aap_utilities/roles/aap_setup_download/tasks/main.yml': line 27, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: downloading the latest installer of type {{ aap_setup_down_type }}\n ^ here\nWe could be wrong, but this one looks like it might be an issue with\nmissing quotes. Always quote template expression brackets when they\nstart a value. For instance:\n\n with_items:\n - {{ foo }}\n\nShould be written as:\n\n with_items:\n - "{{ foo }}"\n"}
rename the repo and update links to controller_utilities
Originally posted by spyrexd March 25, 2024
Support using the containerized installer when downloading and installing AAP.
Allow setting the arch of the installer to enable containerized installs to VMs running on aarch64.
I'm using 2.2.4
I can't find the ability to define an Instance Group.
Using the "traditional" inventory definition-> setup.sh pre-flight->setup.sh, it's possible to define for instance a group:
[isolated_node_bastion]
node1
node2
Right now I can only use
execution_nodes:
- execution-1.example
- execution-2.example
to add dedicated execution node.
But there doesn't seem to be a way to assign these execution_nodes to a specific Instance Group
Looking at the backup role, it is just running the backup command (setup.sh -b). Is there something else the role can perform? otherwise I could just run the setup.sh command myself. Also, I'm not sure why the role asks for Postgres credentials etc when all of this info should be in the inventory file and leveraged using setup.sh -i inventory -b command.
Also, of course, need to rewrite the role to talk about AAP instead of Tower.
while going through these roles I noticed that we have rhel8 hard coded here
I think we should change this to default 8 but if we gather facts and this is being run on a RHEL9 server it should pull the rhel9 copy.
I think this may be a typo?
automationhub_pg_database='{{ tower_ah_pg_database }}'
automationhub_pg_username='{{ tower_ah_pg_database }}'
automationhub_pg_password='{{ tower_ah_pg_database }}'
Surely we aren't setting all of these as tower_ah_pg_database? Should this not be:
automationhub_pg_database='{{ tower_ah_pg_database }}'
automationhub_pg_username='{{ tower_ah_pg_username }}'
automationhub_pg_password='{{ tower_ah_pg_password }}'
Test current roles versus ansible 2.9 and Tower 3.8/AAP 1.2, and see if they still work with the versions on the roles being bumped to 2.12
The aap_setup_install role hardcodes the commandline to call the setup.sh of the installer in a way, that only key=value variables are possible.
Adding complex variables via the -e @conf.yaml parameter is not supported because of the hardcoded template.
The aap_setup_install role hardcodes the commandline to call the setup.sh of the installer in a way, that only key=value variables are possible.
Adding complex variables via the -e @conf.yaml parameter is not supported because of the hardcoded template:
This is in conflict with some of the RedHat guides like LDAP integration (i.e. https://access.redhat.com/solutions/6977153) where it specifically documents in the resolution:
- Any extra LDAP parameters that need to be set must be defined in a dictionary named ldap_extra_settings, for example one can create a YAML file as such:
#ldapextras.yml
---
ldap_extra_settings:
AUTH_LDAP_USER_ATTR_MAP: '{"first_name": "givenName", "last_name": "sn", "email": "mail"}'
...
The above file can then be passed to the AAP installer using setup.sh -e @ldapextras.yml.
This is independent of the ansible or ansible-galaxy version, as it is a problem with the code in the install-role clearly linked above
This Bug is independent from the ansible installation method
This Bug is independent from the OS/Environment
I want to provide an additionals vars file to the installer via the -e @file.yaml directive in the aap_setup_install role
I cannot provide the additional @file.yaml parameter, because the syntax doesn't make this possible
Try to call the aap_setup_install role with an -e @file directive
aap_utilities/roles/aap_setup_install/tasks/main.yml
Lines 4 to 32 in 13f7f66
For the status checks we should use the inventory variables
automationhub_admin_password
admin_password
The README for the aap_ocp_install role suggests to use aap_ocp_install_connection, but code uses aap_ocp_install_ocp_connection that references ocp twice in the variable name. I recommend fixing the code to match the more sensible variable name.
ansible --version
ansible-galaxy collection list
podman --version
Please give some details of what is actually happening.
Include a minimum complete verifiable example with:
Hi, quick follow up to #192 because I figured out what caused my issue.
This should probably be something like {{ aap_setup_prep_inv_nodes['automationcontroller'] | first }}. Same goes for ah_hostname and eda_hostname - or you keep the role as it is and adjust the example in the readme :)
How do we want to handle requirements, In redhat_cop.controller_configuration we leave off awx.awx or ansible.controller because it lets the users use what they want.
With the addition of the ocp installer it requires either "redhat.openshift": ">=2.0.1", or community.okd, and galaxy complains if we set the galaxy.yml with something it can't find like redhat.openshift.
For now I've deleted it from the galaxy.yml, until we decide differently, but I am documenting it here.
The task "wait for automation hub to be running" fails to return a successful result (HTTP 403) as the Galaxy API requires authentication credentials be provided
within the aap_setup_install role, 2 default variables, controller_hostname, and ah_hostname are used to check if controller and AH are running. However, they are set to (literally):
controller_hostname: aap_setup_prep_inv_nodes['automationcontroller'][0]
ah_hostname: aap_setup_prep_inv_nodes['automationhub'][0]
As they are missing the brackets, these tasks fail.
Managing multiple AAP instances (dev,test,prod) or in different network zones is a challenge. The tasks often performed are:
Basic "Day 2" operations on AAP platform.
So, for example, I want to bring AAP down for some maintenance or whatnot, perhaps I run a playbook that ensures all running jobs are stopped, no new jobs are running, and then I shutdown the web layer (controller), the app layer (exec nodes) and then database layer (postgres) in that order to ensure a clean shutdown sequence. A playbook like that would be cool, which uses roles that support managing the different services (postgres, etc)
Or maybe I just want to bounce the postgres database service. Use a playbook/role for that. "aap_manage_postgres.yml" playbook would be called with extra var mode=restart for example.
Set up ansible collection, with github actions to push to galaxy as per tower-configuration
I'm thinking the references to Tower in the README and some of the roles should be changed to Controller and/or Ansible Automation Platform.
Before opening a PR with changes I'd like to gather feedback on if the references should be changed. Thoughts?
Since AAP 1.2 is available from access.redhat.com under a new package name "ansible-automation-platform-setup-bundle-1.2.1-1", we need to find a way to cope with a different name of the package, not easily downloadable, so probably pre-downloaded.
The following command shows that tower_database[...whatever...] is documented almost everywhere, but only used in "pre_tasks":
tower_cert/README.md
backup/README.md
install/README.md
pre_tasks/defaults/main.yml
pre_tasks/tasks/main.yml
pre_tasks/templates/inventory.j2
pre_tasks/README.md
restore/README.md
I strongly suspect a wild cut&paste effect. We should do the same exercise of cleaning up README.md resp. defaults/main.yml as I did for the tower_configuration.
Originally posted by @ericzolf in #30 (comment)
The code in the initialization.yml task file attempts to create the namespace, but not all OpenShift configurations are setup where the team/user can do anything. In my current situation, the user does not have the ability to create namespaces and this permission is granted to OCP admins and not all users.
As a result, the following task fails but it should fail if the namespace does not exist, but succeed if already existing. Note that, I believe the reason it fails is because the template yaml only contains the name parameter for the Namespace, whereas the existing namespace that was created by the OCP Admins already, has a bunch of properties set on that. So the "Desired state" mechanism of Ansible is probably trying to replace that object with the simpler one defined by the template. This is another reason I want the ability to just check if a namespace exists with the same name - and not attempt to create one in OCP. This is only to ensure the pre-req exists (namespace).
aap_utilities/roles/aap_ocp_install/tasks/initialization.yml
Lines 11 to 21 in ecf367a
ansible --version
ansible-galaxy collection list
podman --version
Please give some details of what is actually happening.
Include a minimum complete verifiable example with:
Assuming we create the hosts fully automatically, they aren't known to each other, and the setup.sh can't work properly.
using 2.3.0 on latest aap2.4-1.3
This is a minor issue I think:
TASK [infra.aap_utilities.aap_setup_install : Wait for automation hub to be running] *****************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: {{ (aap_setup_prep_inv_nodes['automationedacontroller'].keys() | list)[0] }}: 'list object' has no attribute 'keys'. 'list object' has no attribute 'keys'. {{ (aap_setup_prep_inv_nodes['automationedacontroller'].keys() | list)[0] }}: 'list object' has no attribute 'keys'. 'list object' has no attribute 'keys'\n\nThe error appears to be in '/root/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_install/tasks/main.yml': line 111, column 7, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n - name: Wait for automation hub to be running\n ^ here\n"}
I can't see what keys are missing really, I'm not sure what's different than with AutomationHub task which seats just above in the tasks/main.yml. The name should be fixed but appart from that I don't see what's amiss.
Here the inventory it generated and ran on:
[automationcontroller]
s00vl9993310.fr.net.intra
s00vl9995756.fr.net.intra
[automationedacontroller]
it-automation-eda-test.staging.echonet.net.intra
[database]
s01vl9981311.fr.net.intra
[automationhub]
s01vl9989234.fr.net.intra
[execution_nodes]
s00vl9974130.fr.net.intra
s00vl9974136.fr.net.intra
[instance_group_bastion]
s00vl9974130.fr.net.intra
s00vl9974136.fr.net.intra
[all:vars]
pulp_rhel_codeready_repo=[]
registry_username=admin
registry_password=<>
registry_url=s01vl9989234.fr.net.intra
pg_host=s01vl9981311.fr.net.intra
pg_port='5432'
pg_database=awx
pg_username=awx
pg_sslmode=prefer
automationhub_require_content_approval=True
automationhub_enable_unauthenticated_collection_access=True
automationhub_enable_unauthenticated_collection_download=True
automationhub_pg_host=s01vl9981311.fr.net.intra
automationhub_pg_port='5432'
automationhub_pg_database=automationhub
automationhub_pg_username=automationhub
automationhub_pg_sslmode=prefer
postgres_use_ssl=False
automationedacontroller_pg_host=s01vl9981311.fr.net.intra
automationedacontroller_pg_port='5432'
automationedacontroller_pg_database=automationedacontroller
automationedacontroller_pg_username=automationedacontroller
admin_password=<>
pg_password=<>
automationhub_admin_password=<>
automationhub_pg_password=<>
automationedacontroller_admin_password=<>
automationedacontroller_pg_password=<>
[automationcontroller:vars]
peers=instance_group_bastion
node_type=hybrid
[execution_nodes:vars]
node_type=execution
variables for the setup_prepare:
## prepare inventory
aap_setup_prep_process_template: true
aap_setup_prep_inv_nodes:
automationcontroller: "{{ groups['automationcontroller'] }}"
automationedacontroller: "{{ groups['automationedacontroller'] }}"
database: "{{ groups['database'] | default(omit) }}"
automationhub: "{{ groups['automationhub'] }}"
execution_nodes: "{{ groups['execution_nodes'] }}"
instance_group_bastion: "{{ groups['instance_group_bastion'] }}"
The aap_certs role only supports using files for the cert/key vars. It would be nice to be able to specify the cert/key content so we can use a secrets backend like HashiCorp Vault.
I think this tag should not be controller, it should probably be something like hub.
As a side-note based on a comment from @ericzolf (#93 (comment)) maybe we should instead look at removing all tags from the roles. Thoughts?
aap_setup_rhel_version: "{{ ansible_distribution_major_version | default(8, true) }}"
has issues if the installer is not run on the same destination OS, we might grab this from an inventory item? or just set it to 9, and let user overwrite it, or update the docs.
I realized that setup.log isn't overwritten by setup.sh if it already exists, so that the log gets lost in such cases (at least if running setup.sh as non-root). There should hence be the possibility to move away a potentially existing setup.log. It's not as easy as it sounds because Ansible doesn't have a good option to move things (I don't think we want to simply remove the log file).
Transform the attached playbooks into roles, possibly with one or two wrapper playbooks to use them directly from the collection:
infra.aap_utilities.aap_setup_download downloads 2 different setup types
ansible --version
ansible [core 2.14.2]
config file = /root/aap/aap_standalone/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.2 (main, May 24 2023, 00:00:00) [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] (/usr/bin/python3.11)
jinja version = 3.1.2
libyaml = True
ansible-galaxy collection list
# /root/.ansible/collections/ansible_collections
Collection Version
--------------------- -------
ansible.posix 1.5.4
awx.awx 23.0.0
community.crypto 2.15.1
community.general 7.3.0
infra.aap_utilities 2.3.0
kubernetes.core 2.4.0
nshaik.aap_collection 1.0.14
podman --version
podman version 4.4.1
Ansible Controller installation on RHEL 9.2 version
Installation inventory file should be configured in the correct installation bundle extracted folder
Installation bundle extracted and inventory file is configured in wrong location /var/tmp/ansible-automation-platform-containerized-setup-2.4-1/ where the correct collection should be /var/tmp/ansible-automation-platform-setup-2.4-2/
Sample variable file that was used to call infra.aap_utilities.aap_setup_download role
aap_setup_down_offline_token: "xxxxeyJhbGciOixxxx"
aap_setup_down_version: "2.4"
aap_setup_down_type: "setup"
aap_setup_rhel_version: "9"
aap_setup_prep_inv_nodes:
automationcontroller:
- controller.example.com
aap_setup_prep_inv_vars:
automationcontroller: # denotes the automation controller nodes as hybrid nodes (controller and execution)
node_type: hybrid
ignore_preflight_errors: true
all:
pg_database: "awx"
pg_username: "awx"
pg_sslmode: "prefer" # set to 'verify-full' for client-side enforced SSL
registry_url: "registry.redhat.io"
receptor_listener_port: 27199
aap_setup_prep_inv_secrets:
all:
registry_username: "myregistry_user"
registry_password: "changeme"
admin_password: "changeme"
pg_password: "changeme"
controller_validate_certs: false
This caused the the infra.aap_utilities.aap_setup_install role to fail with the following error
TASK [infra.aap_utilities.aap_setup_install : Run the Ansible Automation Platform setup program] ***
task path: /root/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_install/tasks/main.yml:72
ASYNC FAILED on controller: jid=439834133810.20100
fatal: [controller]: FAILED! => {"ansible_job_id": "439834133810.20100", "changed": false, "cmd": "./setup.sh -i inventory", "finished": 1, "msg": "[Errno 2] No such file or directory: b'./setup.sh'", "rc": 2, "results_file": "/root/.ansible_async/439834133810.20100", "started": 1, "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
We want to be able to install Tower on OpenShift in the same way we can install Tower normally.
A tower_install_ocp (or similar) role should be created which follows the same pattern of tower_install
Remove from tower-configuration-examples and update that repo to make use of this collection
It's not a big issue as long as the pipeline is short, but starts to be annoying when the pipeline takes more time.
I have no experience with GitHub Actions and only slightly more with .travis.yml but the way we solved this issue on another project was to only trigger on commits/branches/tags having specific names (e.g. master/devel, tags looking like release numbers, and branches ending with '_', useful especially when you just want to test the pipeline).
Using this role with it's defaults to download 2.3 of AAP errors on task "Extract the name of the downloaded installer to aap_setup_down_installer_file".
The role works when I specify aap_base_version: 2.2
ansible --version
ansible [core 2.13.6]
config file = None
configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/user/python-venv/ansible2.13/lib/python3.8/site-packages/ansible
ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
executable location = /home/user/python-venv/ansible2.13/bin/ansible
python version = 3.8.10 (default, Jun 22 2022, 20:18:18) [GCC 9.4.0]
jinja version = 3.1.2
libyaml = True
ansible-galaxy collection list
Collection Version
----------------------------- -------
amazon.aws 3.5.0
ansible.netcommon 3.1.3
ansible.posix 1.4.0
ansible.utils 2.7.0
ansible.windows 1.12.0
arista.eos 5.0.1
awx.awx 21.8.0
azure.azcollection 1.14.0
check_point.mgmt 2.3.0
chocolatey.chocolatey 1.3.1
cisco.aci 2.3.0
cisco.asa 3.1.0
cisco.dnac 6.6.0
cisco.intersight 1.0.20
cisco.ios 3.3.2
cisco.iosxr 3.3.1
cisco.ise 2.5.8
cisco.meraki 2.11.0
cisco.mso 2.1.0
cisco.nso 1.0.3
cisco.nxos 3.2.0
cisco.ucs 1.8.0
cloud.common 2.1.2
cloudscale_ch.cloud 2.2.2
community.aws 3.6.0
community.azure 1.1.0
community.ciscosmb 1.0.5
community.crypto 2.8.1
community.digitalocean 1.22.0
community.dns 2.4.0
community.docker 2.7.1
community.fortios 1.0.0
community.general 5.8.0
community.google 1.0.0
community.grafana 1.5.3
community.hashi_vault 3.4.0
community.hrobot 1.6.0
community.libvirt 1.2.0
community.mongodb 1.4.2
community.mysql 3.5.1
community.network 4.0.1
community.okd 2.2.0
community.postgresql 2.3.0
community.proxysql 1.4.0
community.rabbitmq 1.2.3
community.routeros 2.3.1
community.sap 1.0.0
community.sap_libs 1.3.0
community.skydive 1.0.0
community.sops 1.4.1
community.vmware 2.10.1
community.windows 1.11.1
community.zabbix 1.8.0
containers.podman 1.9.4
cyberark.conjur 1.2.0
cyberark.pas 1.0.14
dellemc.enterprise_sonic 1.1.2
dellemc.openmanage 5.5.0
dellemc.os10 1.1.1
dellemc.os6 1.0.7
dellemc.os9 1.0.4
f5networks.f5_modules 1.20.0
fortinet.fortimanager 2.1.6
fortinet.fortios 2.1.7
frr.frr 2.0.0
gluster.gluster 1.0.2
google.cloud 1.0.2
hetzner.hcloud 1.8.2
hpe.nimble 1.1.4
ibm.qradar 2.1.0
ibm.spectrum_virtualize 1.10.0
infinidat.infinibox 1.3.7
infoblox.nios_modules 1.4.0
inspur.ispim 1.2.0
inspur.sm 2.3.0
junipernetworks.junos 3.1.0
kubernetes.core 2.3.2
lowlydba.sqlserver 1.0.4
mellanox.onyx 1.0.0
netapp.aws 21.7.0
netapp.azure 21.10.0
netapp.cloudmanager 21.21.0
netapp.elementsw 21.7.0
netapp.ontap 21.24.1
netapp.storagegrid 21.11.1
netapp.um_info 21.8.0
netapp_eseries.santricity 1.3.1
netbox.netbox 3.8.1
ngine_io.cloudstack 2.2.4
ngine_io.exoscale 1.0.0
ngine_io.vultr 1.1.2
openstack.cloud 1.10.0
openvswitch.openvswitch 2.1.0
ovirt.ovirt 2.3.1
purestorage.flasharray 1.14.0
purestorage.flashblade 1.10.0
purestorage.fusion 1.1.1
sensu.sensu_go 1.13.1
servicenow.servicenow 1.0.6
splunk.es 2.1.0
t_systems_mms.icinga_director 1.31.4
theforeman.foreman 3.7.0
vmware.vmware_rest 2.2.0
vultr.cloud 1.3.0
vyos.vyos 3.0.1
wti.remote 1.0.4WSL Ubuntu 20.04
Package downloads
Package does not download
TASK [infra.aap_utilities.aap_setup_download : Login to Red Hat APIs] *******************************************************************************************************************************************task path: /home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml:3
ok: [localhost] => {"cache_control": "no-store", "changed": false, "connection": "close", "content_length": "2843", "content_type": "application/json", "cookies": {"2a4bcc483fa585dc0ad94b51550d0923": "29cfadb8e39357a26336465455f54321"}, "cookies_string": "2a4bcc483fa585dc0ad94b51550d0923=29cfadb8e39357a26336465455f54321", "date": "Tue, 02 May 2023 23:01:19 GMT", "elapsed": 0, "json": {"access_token": "<token>", "expires_in": 900, "not-before-policy": 0, "refresh_expires_in": 0, "refresh_token": "<token>", "scope": "offline_access", "session_state": "bea77889-8ee7-4651-87e1-3d72e52b8cba", "token_type": "Bearer"}, "keep_alive": "timeout=300", "msg": "OK (2843 bytes)", "pragma": "no-cache", "redirected": false, "referrer_policy": "strict-origin", "set_cookie": "2a4bcc483fa585dc0ad94b51550d0923=29cfadb8e39357a26336465455f54321; path=/; HttpOnly; Secure; SameSite=None", "status": 200, "strict_transport_security": "max-age=31536000; includeSubDomains", "url": "https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token", "x_content_type_options": "nosniff", "x_frame_options": "SAMEORIGIN", "x_rh_edge_cache_status": "Miss from child, Miss from parent", "x_rh_edge_reference_id": "0.8da96068.1683068479.2ba44f7c", "x_rh_edge_request_id": "2ba44f7c", "x_site": "prod-spoke-aws-us-east-1", "x_xss_protection": "1; mode=block"}
TASK [infra.aap_utilities.aap_setup_download : Collecting the available installers] *****************************************************************************************************************************task path: /home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml:14
ok: [localhost] => {"cache_control": "no-cache, no-store, max-age=0, must-revalidate", "changed": false, "connection": "close", "content": "{\"pagination\":{\"offset\":0,\"limit\":25,\"count\":5},\"body\":[{\"imageName\":\"Ansible Automation Platform 2.3 Setup\",\"filename\":\"ansible-automation-platform-setup-2.3-2.tar.gz\",\"arch\":\"x86_64\",\"datePublished\":\"2023-03-16T13:00:52.000Z\",\"checksum\":\"879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0\",\"downloadHref\":\"https://api.access.redhat.com/management/v1/images/879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0/download\"},{\"imageName\":\"Ansible Automation Platform 2.3 Setup Bundle\",\"filename\":\"ansible-automation-platform-setup-bundle-2.3-2.1.tar.gz\",\"arch\":\"x86_64\",\"datePublished\":\"2023-04-20T18:56:00.000Z\",\"checksum\":\"7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4\",\"downloadHref\":\"https://api.access.redhat.com/management/v1/images/7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4/download\"},{\"imageName\":\"Ansible Rulebook 0.9.4 (Dev Preview - Source Only)\",\"filename\":\"ansible-rulebook-0.9.4.tar.gz\",\"arch\":\"x86_64\",\"datePublished\":\"2022-12-13T17:08:53.000Z\",\"checksum\":\"9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469\",\"downloadHref\":\"https://api.access.redhat.com/management/v1/images/9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469/download\"},{\"imageName\":\"Ansible Validated Content\",\"filename\":\"ansible-validated-content-bundle-1.1.tar.gz\",\"arch\":\"x86_64\",\"datePublished\":\"2023-04-04T15:59:28.000Z\",\"checksum\":\"c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c\",\"downloadHref\":\"https://api.access.redhat.com/management/v1/images/c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c/download\"},{\"imageName\":\"Event Driven Automation 0.1.0 (Dev Preview - Source Only)\",\"filename\":\"eda-server-0.1.0.tar.gz\",\"arch\":\"x86_64\",\"datePublished\":\"2022-12-13T17:24:08.000Z\",\"checksum\":\"a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c\",\"downloadHref\":\"https://api.access.redhat.com/management/v1/images/a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c/download\"}]}", "content_length": "2016", "content_type": "application/json", "cookies": {"1a500012c7bab34b642b199769f73ca5": "c46dc096f21026f274a601be1a7565e3"}, "cookies_string": "1a500012c7bab34b642b199769f73ca5=c46dc096f21026f274a601be1a7565e3", "date": "Tue, 02 May 2023 23:01:21 GMT", "elapsed": 1, "expires": "0", "json": {"body": [{"arch": "x86_64", "checksum": "879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0", "datePublished": "2023-03-16T13:00:52.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0/download", "filename": "ansible-automation-platform-setup-2.3-2.tar.gz", "imageName": "Ansible Automation Platform 2.3 Setup"}, {"arch": "x86_64", "checksum": "7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4", "datePublished": "2023-04-20T18:56:00.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4/download", "filename": "ansible-automation-platform-setup-bundle-2.3-2.1.tar.gz", "imageName": "Ansible Automation Platform 2.3 Setup Bundle"}, {"arch": "x86_64", "checksum": "9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469", "datePublished": "2022-12-13T17:08:53.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469/download", "filename": "ansible-rulebook-0.9.4.tar.gz", "imageName": "Ansible Rulebook 0.9.4 (Dev Preview - Source Only)"}, {"arch": "x86_64", "checksum": "c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c", "datePublished": "2023-04-04T15:59:28.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c/download", "filename": "ansible-validated-content-bundle-1.1.tar.gz", "imageName": "Ansible Validated Content"}, {"arch": "x86_64", "checksum": "a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c", "datePublished": "2022-12-13T17:24:08.000Z", "downloadHref":
"https://api.access.redhat.com/management/v1/images/a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c/download", "filename": "eda-server-0.1.0.tar.gz", "imageName": "Event Driven Automation 0.1.0 (Dev Preview - Source Only)"}], "pagination": {"count": 5, "limit": 25, "offset": 0}}, "msg": "OK (2016 bytes)", "pragma": "no-cache", "redirected": false, "referrer_policy": "no-referrer", "set_cookie": "1a500012c7bab34b642b199769f73ca5=c46dc096f21026f274a601be1a7565e3; path=/; HttpOnly; Secure; SameSite=None", "status": 200, "strict_transport_security": "max-age=31536000 ; includeSubDomains", "traceparent": "00-c34091c1c4a26e674674c696cc68d80d-5c6fdee870cd3e1c-01", "url": "https://api.access.redhat.com/management/v1/images/cset/ansible-automation-platform-2.3-for-rhel-9-x86_64-files", "vary": "Origin", "x_content_type_options": "nosniff", "x_frame_options": "DENY", "x_xss_protection": "1 ; mode=block"}
TASK [infra.aap_utilities.aap_setup_download : Simplify the list of possible downloads] *************************************************************************************************************************task path: /home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml:23
ok: [localhost] => {"ansible_facts": {"__aap_setup_down_images": [{"arch": "x86_64", "checksum": "7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4", "datePublished": "2023-04-20T18:56:00.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4/download", "filename": "ansible-automation-platform-setup-bundle-2.3-2.1.tar.gz", "imageName": "Ansible Automation Platform 2.3 Setup Bundle"}, {"arch": "x86_64", "checksum": "c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c", "datePublished": "2023-04-04T15:59:28.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c/download", "filename": "ansible-validated-content-bundle-1.1.tar.gz", "imageName": "Ansible Validated Content"}, {"arch": "x86_64", "checksum": "879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0", "datePublished": "2023-03-16T13:00:52.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/879e97e4c63de3727657284eb05a3a9e9897c66bd5059183d804d20f579c75a0/download", "filename": "ansible-automation-platform-setup-2.3-2.tar.gz", "imageName": "Ansible Automation Platform 2.3 Setup"}, {"arch": "x86_64", "checksum": "a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c", "datePublished": "2022-12-13T17:24:08.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/a414482ab3cce6d2f6932daff4362cb5bfe18271425d3c16217020886fb0d02c/download", "filename": "eda-server-0.1.0.tar.gz", "imageName": "Event Driven Automation 0.1.0 (Dev Preview - Source Only)"}, {"arch": "x86_64", "checksum": "9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469", "datePublished": "2022-12-13T17:08:53.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/9c75400190475a0beced9f8319123e9725b84a295f0fc8b2b2d03f8d83cb4469/download", "filename": "ansible-rulebook-0.9.4.tar.gz", "imageName": "Ansible Rulebook 0.9.4 (Dev Preview - Source Only)"}]}, "changed": false}
TASK [infra.aap_utilities.aap_setup_download : Downloading the latest installer of type setup] ******************************************************************************************************************task path: /home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml:27
skipping: [localhost] => (item={'imageName': 'Ansible Automation Platform 2.3 Setup Bundle', 'filename': 'ansible-automation-platform-setup-bundle-2.3-2.1.tar.gz', 'arch': 'x86_64', 'datePublished': '2023-04-20T18:56:00.000Z', 'checksum': '7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4', 'downloadHref': 'https://api.access.redhat.com/management/v1/images/7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4/download'}) => {"ansible_loop_var": "item", "changed": false, "item": {"arch": "x86_64", "checksum": "7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4", "datePublished":
"2023-04-20T18:56:00.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/7456b98f2f50e0e1d4c93fb4e375fe8a9174f397a5b1c0950915224f7f020ec4/download", "filename": "ansible-automation-platform-setup-bundle-2.3-2.1.tar.gz", "imageName": "Ansible Automation Platform 2.3 Setup Bundle"}, "skip_reason": "Conditional result was False"}
skipping: [localhost] => (item={'imageName': 'Ansible Validated Content', 'filename': 'ansible-validated-content-bundle-1.1.tar.gz', 'arch': 'x86_64', 'datePublished': '2023-04-04T15:59:28.000Z', 'checksum': 'c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c', 'downloadHref': 'https://api.access.redhat.com/management/v1/images/c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c/download'}) => {"ansible_loop_var": "item", "changed": false, "item": {"arch": "x86_64", "checksum": "c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c", "datePublished": "2023-04-04T15:59:28.000Z", "downloadHref": "https://api.access.redhat.com/management/v1/images/c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c/download", "filename": "ansible-validated-content-bundle-1.1.tar.gz", "imageName": "Ansible Validated Content"}, "skip_reason": "Conditional result was False"}
TASK [infra.aap_utilities.aap_setup_download : Extract the name of the downloaded installer to aap_setup_down_installer_file] ***********************************************************************************task path: /home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml:38
fatal: [localhost]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: list object has no element 0\n\nThe error appears to be in '/home/user/.ansible/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml': line 38, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Extract the name of the downloaded installer to aap_setup_down_installer_file\n ^ here\n"}Run playbook command on playbooks file
tasks:
- name: Install collections
community.general.ansible_galaxy_install:
type: collection
name: infra.aap_utilities
- name: Download Setup
ansible.builtin.import_role:
name: infra.aap_utilities.aap_setup_download
vars:
aap_setup_down_version: 2.3
aap_setup_down_dest_dir: /var/tmp
aap_setup_down_type: setup-bundle
aap_setup_rhel_version: 9roles/install_ocp/tasks/install_ocp.yml:29: [E208] File permissions not mentioned
roles/install_ocp/tasks/install_ocp.yml:45: [E208] File permissions not mentioned
roles/pre_tasks/tasks/pre_tasks.yml:14: [E208] File permissions not mentioned
roles/pre_tasks/tasks/pre_tasks.yml:28: [E208] File permissions not mentioned
roles/tower_cert/tasks/main.yml:2: [E208] File permissions not mentioned
roles/tower_cert/tasks/main.yml:10: [E208] File permissions not mentioned
This needs to be explored and tested, E208 has been disabled in a recent PR.
It's possible to set the favicon for AAP on VMs using this article:
https://access.redhat.com/solutions/6998477
However, we don't have a documented way to set it for AAP on OCP yet. Would be great to add that to the role as something that we can automate.
[tower] is now [automationcontroller] with the current AAP installer and it will error because it is using the old name.
With the addition of the AH PR, if you only try to install AH it hangs up on the "Wait for ansible tower to be running." task. We should make it a little more robust to allow only AH installs.
Putting this here to discuss the firewall code that is currently commented out. We could enable it through a var, or remove it, but want to make an issue at least to remind us its there.
infra.aap_utilities.aap_setup_download role fails to find and download the correct bundle as things change on the Red Hat CDN
infra.aap_utilities 2.3.0 version
ansible --version
ansible [core 2.15.5]
config file = /var/lib/awx/projects/awxlab/ansible.cfg
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.9/site-packages/ansible
ansible collection location = /var/lib/awx/projects/awxlab/collections
executable location = /usr/bin/ansible
python version = 3.9.16 (main, Sep 12 2023, 00:00:00) [GCC 11.3.1 20221121 (Red Hat 11.3.1-4)] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
ansible-galaxy collection list
Collection Version
------------------- -------
ansible.posix 1.5.4
awx.awx 23.0.0
community.crypto 2.15.1
community.general 7.3.0
infra.aap_utilities 2.3.0
kubernetes.core 2.4.0
nshaik.aap 1.0.0
podman --version
podman version 4.4.1Please give some details of what is actually happening.
Include a minimum complete verifiable example with:
TASK [infra.aap_utilities.aap_setup_download : Downloading the latest installer of type setup] ***
skipping: [aap.example.com] => (item={'imageName': 'Ansible Automation Platform 2.3 Setup Bundle', 'filename': 'ansible-automation-platform-setup-bundle-2.3-2.9.tar.gz', 'arch': 'x86_64', 'datePublished': '2023-10-17T16:55:44.000Z', 'checksum': 'ea1e70775533cedac9a9d331d7446b0dc2f555820187a7b15ed398e3da5bb00d', 'downloadHref': 'https://xxxxx/download'})
skipping: [aap.example.com] => (item={'imageName': 'Ansible Automation Platform 2.3 Setup Bundle', 'filename': 'ansible-automation-platform-setup-bundle-2.3-2.8.tar.gz', 'arch': 'x86_64', 'datePublished': '2023-10-10T16:03:55.000Z', 'checksum': 'e6772abc2f953c0619a9ee2869618a1b13cc5d6a0f1b98a1bcf1ff7225507612', 'downloadHref': 'https://xxxxx/download'})
skipping: [aap.example.com] => (item={'imageName': 'Ansible Validated Content', 'filename': 'ansible-validated-content-bundle-1.1.tar.gz', 'arch': 'x86_64', 'datePublished': '2023-04-04T15:59:28.000Z', 'checksum': 'c0d2eb18e7a87c77f5660b41ce8dc85e5e64841e95986a553ae90edecdc30f0c', 'downloadHref': 'https://xxxxx/download'})
skipping: [aap.example.com]
TASK [infra.aap_utilities.aap_setup_download : Extract the name of the downloaded installer to aap_setup_down_installer_file] ***
fatal: [aap.example.com]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: list object has no element 0. list object has no element 0\\n\\nThe error appears to be in '/runner/project/collections/ansible_collections/infra/aap_utilities/roles/aap_setup_download/tasks/main.yml': line 40, column 3, but may\\nbe elsewhere in the file depending on the exact syntax problem.\\n\\nThe offending line appears to be:\\n\\n\\n- name: Extract the name of the downloaded installer to aap_setup_down_installer_file\\n ^ here\\n"}
Use the basic playbook to download infra.aap_utilities.aap_setup_download roleThis is the debug json output of `Simplify the list of possible downloads - Task`
https://gist.github.com/snagoor/9f5957f90e15cef59d6478cc0f96d1e2install fails because this is trying to hit localhost when checking if AH is up and running and not the host that AH is installed on. This value is set in defaults here
https://github.com/redhat-cop/tower_utilities/blob/dfe8f4a316f7dfc2fe339f41c42dcc949ec8bbe5/roles/install/defaults/main.yml#L9
@ericzolf I was looking at the branches, trying to find your aap_setup_prepare. Is it ok if we go and delete all your merged branches?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.