While I'm learning Ansible, I started on my first role, which is to do a
simple sudo apt-get update and upgrade.
As a flat file, this works:
---
- hosts: testing
remote_user: deploy
become: yes
tasks:
- name: run apt-get update
apt: update_cache=yes
- name: run apt-get upgrade
apt: upgrade=yes
However, some of my hosts have different logins or passwords or both, so
I'm using group_vars to include the passwords**. I'm wondering how to
properly set up my group_vars (most likely the incorrect one). Right now,
when I run it, it fails after connecting, saying "failed to lock apt for
exclusive operation" on the tasks.
Here's my *site.yml* (right now I have it on one group, vs all of them)
- name: apply common configuration to all nodes
hosts: testing
become: yes
roles:
- ubuntu-apt
And here's my */tasks/main.yml*
---
- name: run apt-get update
apt: update_cache=yes
- name: run apt-get upgrade
apt: upgrade=yes
I've got group_vars for the testing group in */group_vars/testing/test.yml*
---
ansible_ssh_user: deploy
ansible_become_user: deploy
ansible_become_pass: some_passw0rd
User deploy is in the sudoers group already, and like I mentioned above, it
works when I run it as a single playbook. But because I want to have all my
hosts with all their different login/passwords checked, I moved to using
roles. I'm not quite sure where I've broken things.
In my site.yml file, I can't put remote_user: deploy since some of my
logins aren't deploy and can be root or something else. I understand that
the error I've received was because of not having sudo access, but isn't
that what ansible_become_pass (aka ansible_sudo_pass) is for?
Here's the relevant output when I do ansible-playbook -i hosts site.yml
-vvvv
<baseimage> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
ControlPersist=60s -o
ControlPath="/Users/risa/.ansible/cp/ansible-ssh-%h-%p-%r" -o
KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 baseimage
/bin/sh -c 'chmod a+r /tmp/ansible-tmp-1445020605.45-256546847307774/apt'
<baseimage> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o
ControlPersist=60s -o
ControlPath="/Users/risa/.ansible/cp/ansible-ssh-%h-%p-%r" -o
KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
-o PasswordAuthentication=no -o User=deploy -o ConnectTimeout=10 baseimage
/bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible,
key=jkqtlmxhqvdyjguroyvjmfrroutwtnof] password: " -u deploy /bin/sh -c
'"'"'echo BECOME-SUCCESS-jkqtlmxhqvdyjguroyvjmfrroutwtnof; LANG=en_US.UTF-8
LC_CTYPE=en_US.UTF-8 /usr/bin/python
/tmp/ansible-tmp-1445020605.45-256546847307774/apt'"'"''
failed: [baseimage] => {"failed": true, "parsed": false}
BECOME-SUCCESS-jkqtlmxhqvdyjguroyvjmfrroutwtnof
Traceback (most recent call last):
File "/tmp/ansible-tmp-1445020605.45-256546847307774/apt", line 2258, in
<module>
main()
File "/tmp/ansible-tmp-1445020605.45-256546847307774/apt", line 554, in
main
cache = apt.Cache()
File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 107, in
__init__
self.open(progress)
File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 155, in open
self._list.read_main_list()
SystemError: E:Opening /etc/apt/sources.list.d/passenger.list -
ifstream::ifstream (13: Permission denied)
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/rbatta/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 53: Applying options for *
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 1553
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 4
debug3: mux_client_read_packet: read header failed: Broken pipe
debug2: Received exit status from master 1
>From what I can tell, it's looking like my sudo password was passed
through, but still saying permission denied?
**Note: I'm not worried about the passwords thing, since this is all
testing and isn't being checked into any repo. Once I get this going, I
can look into the vault thing, but I want to get this working first.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/05832760-f75f-4eb5-b84b-72ee33793b89%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
