My main.yml is executing a task called dumb-init and we are getting "msg": "Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA certificate installed " error STEPS TO REPRODUCE
Command used : sudo ansible-container --debug build Main.yml - name: Install dumb init get_url: url: https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 dest: /usr/bin/dumb-init owner: root group: root mode: 0775 environment: http_proxy: "http://xxx-proxy-out.xxx.com:8080"; https_proxy: "http://xxx-proxy-out.xxxx.com:8080"; HTTP_PROXY: "http://xxx-proxy-out.xxxx.com:8080"; HTTPS_PROXY: "http://xx-proxy-out.xxx.com:8080"; COmmand Used : sudo ansible-container --debug build Log: META: ran handlers TASK [node_container : Install dumb init] ************************************** task path: /src/roles/node_container/tasks/main.yml:2 Using module file /usr/lib/python2.7/site-packages/ansible/modules/net_tools/basics/get_url.py <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> ESTABLISH DOCKER CONNECTION FOR USER: root <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u"/bin/sh -c 'echo ~ && sleep 0'"] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u'/bin/sh -c '( umask 77 && mkdir -p "echo /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135" && echo ansible-tmp-1510211281.96-149794489024135="echo /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135" ) && sleep 0''] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> PUT /tmp/tmpUO7dPT TO /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u"/bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/ /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py && sleep 0'"] <6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98> EXEC ['/usr/local/bin/docker', 'exec', '-i', u'6e2a9499e5b3dc4c4748b72955de0d3784a01489b93b3f0c03851fd697a54c98', u'/bin/sh', '-c', u'/bin/sh -c 'https_proxy= http://prod-proxy-out.xxx.com:8080 http_proxy= http://prod-proxy-out.xxx.com:8080 HTTPS_PROXY= http://prod-proxy-out.xxxx.com:8080 HTTP_PROXY= http://prod-proxy-out.xxx.com:8080 /_usr/bin/python /root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/get_url.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1510211281.96-149794489024135/" > /dev/null 2>&1 && sleep 0''] The full traceback is: File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 1046, in fetch_url client_key=client_key, cookies=cookies) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 953, in open_url r = urllib_request.urlopen(*urlopen_args) File "/_usr/lib/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/_usr/lib/python2.7/urllib2.py", line 427, in open req = meth(req) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 765, in http_request build_ssl_validation_error(self.hostname, self.port, paths_checked, e) File "/tmp/ansible_eDZL6J/ansible_modlib.zip/ansible/module_utils/urls.py", line 591, in build_ssl_validation_error raise SSLValidationError(' '.join(msg) % (hostname, port, ", ".join(paths))) fatal: [ansible.node-container]: FAILED! => { "changed": false, "failed": true, "invocation": { "module_args": { "attributes": null, "backup": null, "checksum": "", "client_cert": null, "client_key": null, "content": null, "delimiter": null, "dest": "/usr/bin/dumb-init", "directory_mode": null, "follow": false, "force": false, "force_basic_auth": false, "group": "root", "headers": null, "http_agent": "ansible-httpget", "mode": 509, "owner": "root", "regexp": null, "remote_src": null, "selevel": null, "serole": null, "setype": null, "seuser": null, "sha256sum": "", "src": null, "timeout": 10, "tmp_dest": null, "unsafe_writes": null, "url": " https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 ", "url_password": null, "url_username": null, "use_proxy": true, "validate_certs": true } }, "msg": "Failed to validate the SSL certificate for github.com:443. Make sure your managed systems have a valid CA certificate installed. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible. The exception msg was: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)." } to retry, use: --limit @/tmp/tmpAZLAaM/playbook.retry PLAY RECAP ********************************************************************* ansible.node-container : ok=1 changed=0 unreachable=0 failed=1 2017-11-09T07:08:02.678075 Error applying role! [container.core] caller_file=/_ansible/container/core.py caller_func=apply_role_to_container caller_line=680 engine=<container.docker.engine.Engine object at 0x7f5b840bf710> exit_code=2 playbook=[{'hosts': u'ansible.node-container', 'roles': ['node_container'], 'vars': {}}] 2017-11-09T07:08:02.684010 Playbook run finished. [container.core] caller_file=/_ansible/container/core.py caller_func=conductorcmd_build caller_line=811 exit_code=2 Traceback (most recent call last): File "/usr/bin/conductor", line 11, in load_entry_point('ansible-container', 'console_scripts', 'conductor')() File "/_ansible/container/init.py", line 19, in wrapped return fn(*args, **kwargs) File "/_ansible/container/cli.py", line 399, in conductor_commandline **params) File "/_ansible/container/init.py", line 19, in wrapped return fn(*args, **kwargs) File "/_ansible/container/core.py", line 813, in conductorcmd_build raise RuntimeError('Build failed.') RuntimeError: Build failed. Exception in thread Thread-2: Traceback (most recent call last): File "/usr/lib64/python2.7/threading.py", line 812, in __bootstrap_inner self.run() File "/usr/lib64/python2.7/threading.py", line 765, in run self.__target(*self.__args, **self.__kwargs) File "/usr/lib/python2.7/site-packages/container/utils/logmux.py", line 40, in produce for message in iterator: File "/usr/lib/python2.7/site-packages/docker/api/client.py", line 339, in _multiplexed_response_stream_helper header = response.raw.read(STREAM_HEADER_SIZE_BYTES) File "/usr/lib/python2.7/site-packages/urllib3/response.py", line 231, in read raise ProtocolError('Connection broken: %r' % e, e) ProtocolError: ('Connection broken: IncompleteRead(0 bytes read)', IncompleteRead(0 bytes read)) 2017-11-09T07:08:02.876617 Could not connect to container host. Check your docker config [container.cli] caller_file=/usr/lib/python2.7/site-packages/container/cli.py caller_func= call caller_line=328 ANsible _ Version : Ansible Container, version 0.9.2 -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/cda7a6d1-b432-4394-ae12-5bd011d9bfb2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
