I created two ubuntu docker containers one with control node and another with slave. I ran
ansible all -m service -a "name=ssh state=stopped"
and it shows
172.18.0.3 | CHANGED => {
"changed": true,
"name": "ssh",
"status": {
"enabled": {
"changed": false,
"rc": null,
"stderr": null,
"stdout": null
},
"stopped": {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": " * Stopping OpenBSD Secure Shell server sshd\n ...done.\n"
}
}
}
Then I tried to ssh manually it failed because the openssh server has stopped which is fine. Then I ran another ansible command to start it.
# ansible all -m service -a "name=ssh state=started"
172.18.0.3 | CHANGED => {
"changed": true,
"name": "ssh",
"status": {
"enabled": {
"changed": false,
"rc": null,
"stderr": null,
"stdout": null
},
"started": {
"changed": true,
"rc": 0,
"stderr": "",
"stdout": " * Starting OpenBSD Secure Shell server sshd\n ...done.\n"
}
}
}
I am quiet amazed how was ansible able to connect to the node when I have already stopped the ssh service of the node ? Is there some alternative method that ansible is connecting to node other than ssh?
Ansible can connect to targets through a variety of protocols.
Take a look at the connection plugins list
In your case, for Docker containers, it uses the Docker API.
Related
I've just installed WSL2 and am using the Windows Terminal on Win10 1909 (18363.1256). I'm trying to set up 2 different profiles, one that launches a local WSL2 Ubuntu shell, and one that launches another WSL2 shell that will automatically ssh to a specific host.
The local one works great, shows up without an issue, however I can't seem to get my 2nd profile to show up in the list of profiles.
My settings.json looks like this:
"profiles":
{
"defaults":
{
// Put settings here that you want to apply to all profiles.
"colorScheme": "One Half Dark",
"fontFace": "JetbrainsMono NF",
"fontSize": 11
},
"list":
[
{
"guid": "{2c4de342-38b7-51cf-b940-2309a097f518}",
"hidden": false,
"name": "Ubuntu",
"source": "Windows.Terminal.Wsl",
"startingDirectory": "//wsl$/Ubuntu/home/sensanaty",
"tabTitle": "WSL2"
},
{
"guid": "{15c5814b-7ed1-4cec-bc64-d165274958fa}",
"hidden": false,
"name": "External Host",
"source": "Windows.Terminal.Wsl",
"commandline": "ssh example#123.456.7.89",
"tabTitle": "External Host"
},
]
},
With the above, I only get the Ubuntu profile in my list
I thought maybe it was the guid generated or something, but I just did a simple uuidgen and pasted it into the json so it shouldn't really be causing any issues there. I've also obviously tried restarting my system, to no avail. The default profiles show up fine if I disable the option to stop auto-generating them, as well.
Any clue as to what might help me out?
The 'source' attribute is for dynamically generated profiles, for which WSL will create one for each instance installed. You can't control the command line for these dynamically generated profiles. What you need is for your new profile to extend the command line to tell Terminal to use WSL. Remove the 'source' attribute entirely, so that your new profile is static.
In your case, that should be ...
{
"guid": "{15c5814b-7ed1-4cec-bc64-d165274958fa}",
"hidden": false,
"name": "External Host",
//"source": "Windows.Terminal.Wsl",
"commandline": "wsl.exe ssh example#123.456.7.89",
"tabTitle": "External Host"
}//,
As bwolfbarn mentioned, you should also ditch that trailing comma if it really comes at the end of the "list" block.
Here are a few lines from mine as additional examples as well ...
{
"guid": "{2c4de342-38b7-51cf-b940-2309a097f518}",
"hidden": false,
"name": "Ubuntu 20.04 WSL2 tmux",
//"source": "Windows.Terminal.Wsl",
"commandline": "wsl.exe -d Ubuntu -e sh -c \"/usr/bin/tmux has-session -t main 2>/dev/null && /usr/bin/tmux attach-session -d -t main || /usr/bin/tmux -2 new-session -t main -s main -c ${HOME}\"",
"cursorShape": "filledBox"
},
{
"guid": "{4e04fa7e-76c7-4746-a322-a227e70dde6c}",
"hidden": false,
"name": "Ubuntu 20.04 WSL1 tmux",
//"commandline": "wsl.exe -d Ubuntu20.04_WSL1",
"commandline": "wsl.exe -d Ubuntu20.04_WSL1 -e sh -c \"/usr/bin/tmux has-session -t main 2>/dev/null && /usr/bin/tmux attach-session -d -t main || /usr/bin/tmux -2 new-session -t main -s main -c ${HOME}\"",
"cursorShape": "filledBox"
}
Note that you could, I believe, use "wsl.exe -e" (a.k.a. --execute), but it's not really necessary in your case.
If you want to see your "source": "Windows.Terminal.Wsl" in Windows Terminal Menu it must exist in the registry
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Lxss\{UUID}]
(The registry UUID is not related to Windows Terminal UUID).
This registry entry can be created by running "wsl --import" or by cloning existing entry (if you are comfortable messing with the registry).
If you still don't see your profile after confirming that the registry entry exists, remove all entries for "generatedProfiles" in state.json file located in the same folder as settings.json. This will force Windows Terminal to update state.json. If you generated Windows Terminal profile UUID yourself, it may ignore it and create its own one. In this case you will see duplicate entries for the profile in settings.json. Remove the ones that were generated manually, and leave the one generated by the terminal.
At least the last comma should be removed (I commented it in your example) as the element "External Host" is the last of the list.
[
{
"guid": "{2c4de342-38b7-51cf-b940-2309a097f518}",
"hidden": false,
"name": "Ubuntu",
"source": "Windows.Terminal.Wsl",
"startingDirectory": "//wsl$/Ubuntu/home/sensanaty",
"tabTitle": "WSL2"
},
{
"guid": "{15c5814b-7ed1-4cec-bc64-d165274958fa}",
"hidden": false,
"name": "External Host",
"source": "Windows.Terminal.Wsl",
"commandline": "ssh example#123.456.7.89",
"tabTitle": "External Host"
}//,
]
I try to get modification date using ansible shell module command
stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3
Note: the output of the shell i.e starttime.rc will always be true i.e 0 whether an output is returned or not because of pipe cut -d in the command.
I wish to display the time i.e the result of shell module if it returns output else display "Server NOT RUNNING".
Here is my playbook:
- hosts: test_test
any_errors_fatal: true
user: user1
gather_facts: false
tasks:
- shell: "stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3"
register: starttime
- name: Status of Server
set_fact:
starttime: "{{ starttime | default('Server NOT RUNNING') }}"
- debug:
msg: "STARTTIME:{{ starttime }}"
Below is the verbose output where I'm not getting the expected results.
TASK [shell] ************************************************************************************************************************************************
changed: [10.9.9.111] => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"cmd": "stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3",
"delta": "0:00:00.118151",
"end": "2019-11-08 10:46:28.345448",
"invocation": {
"module_args": {
"_raw_params": "stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3",
"_uses_shell": true,
"argv": null,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"stdin": null,
"stdin_add_newline": true,
"strip_empty_ends": true,
"warn": true
}
},
"rc": 0,
"start": "2019-11-08 10:46:28.227297",
"stderr": "stat: cannot stat â/proc/1178/statâ: No such file or directory",
"stderr_lines": [
"stat: cannot stat â/proc/1178/statâ: No such file or directory"
],
"stdout": "",
"stdout_lines": []
}
TASK [Status of Server] ****************************************************************************************************************************
task path: /app/script/condition_test.yml:14
ok: [10.9.9.111] => {
"ansible_facts": {
"starttime": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python"
},
"changed": true,
"cmd": "stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3",
"delta": "0:00:00.118151",
"end": "2019-11-08 10:46:28.345448",
"failed": false,
"rc": 0,
"start": "2019-11-08 10:46:28.227297",
"stderr": "stat: cannot stat â/proc/1178/statâ: No such file or directory",
"stderr_lines": [
"stat: cannot stat â/proc/1178/statâ: No such file or directory"
],
"stdout": "",
"stdout_lines": []
}
},
"changed": false
}
TASK [debug] ************************************************************************************************************************************************
task path: /app/script/condition_test.yml:19
ok: [10.9.9.111] => {
"msg": "STARTTIME:{'stderr_lines': [u'stat: cannot stat \\u2018/proc/1178/stat\\u2019: No such file or directory'], u'changed': True, u'end': u'2019-11-08 10:46:28.345448', u'stdout': u'', u'cmd': u\"stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3\", u'rc': 0, u'start': u'2019-11-08 10:46:28.227297', 'failed': False, u'stderr': u'stat: cannot stat \\u2018/proc/1178/stat\\u2019: No such file or directory', u'delta': u'0:00:00.118151', 'stdout_lines': [], 'ansible_facts': {u'discovered_interpreter_python': u'/usr/bin/python'}}"
}
META: ran handlers
META: ran handlers
PLAY RECAP **************************************************************************************************************************************************
10.9.9.111 : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Can you please suggest how can I handle this ?
Note: the output of the shell i.e starttime.rc will always be true i.e 0 whether an output is returned or not because of pipe cut -d in the command.
One can easily circumvent that with set -o pipefail (which may require updating your shell: to use bash, or another "modern" shell)
- shell: "set -o pipefail; stat /proc/1178/stat | grep Modify | cut -d' ' -f2,3"
register: starttime
Another perfectly reasonable approach would be to actually test that the file exists:
- shell: |
if [ ! -e {{fn}} ]; then exit 1; fi
stat {{fn}} | grep Modify | cut -d' ' -f2,3
vars:
fn: /proc/1178/stat
register: starttime
Without an agent on target host, Ansible is able to perform tasks like for example: adding a user(-m user).
To understand this, I read this article, which says:
"Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them. These programs are written to be resource models of the desired state of the system."
To understand this point, my interpretation is, user module is python module located in control server and this module is serialized on wire to target host, after running ansible command with -m user option.
Does ansible serialize these programs(user source code) via ssh? to execute on remote host...
Does this serialization involves ssh agent forwarding technique?
When ansible executes a module in your playbook, it serializes the code it needs to run with the encountered parameters into a local python files named <local user home>/.ansible/tmp/ansible-local-<current-run-hash>/tmp<some-other-hash>.
This file is uploaded to the remote host in <remote_user home dir>/.ansible/tmp/ansible-tmp-<current-run-hashed-id>/AnsiballZ_<module_name>.py using the declared connection for this host (ssh, docker, local...).
The python file is executed on the remote host through that connection, result is fetched back to the local machine and the file is cleaned-up.
You can see exactly how all this is executed using the -vvv option to ansible-playbook (or ansible if you are sending ad-hoc commands). Here is an example of running the stat module against a docker host on my local machine.
The task:
- name: Check if SystemD service is installed
stat:
path: /etc/systemd/system/nexus.service
register: nexus_systemd_service_file
Running with -vvv. The file copy to remote starts at line 7.
TASK [nexus3-oss : Check if SystemD service is installed] **********************
task path: /projects/ansible/nexus3-oss/tasks/main.yml:13
<nexus3-oss-debian-stretch> ESTABLISH DOCKER CONNECTION FOR USER: root
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'echo ~ && sleep 0'"]
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', '/bin/sh -c \'( umask 77 && mkdir -p "` echo /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721 `" && echo ansible-tmp-1555848182.1761565-31974482443721="` echo /deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721 `" ) && sleep 0\'']
Using module file /home/localuser/.local/lib/python3.6/site-packages/ansible/modules/files/stat.py
<nexus3-oss-debian-stretch> PUT /home/localuser/.ansible/tmp/ansible-local-30458wt820190/tmpq2vjarrv TO /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'chmod u+x /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/ /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py && sleep 0'"]
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', '/bin/sh -c \'http_proxy=\'"\'"\'\'"\'"\' https_proxy=\'"\'"\'\'"\'"\' no_proxy=\'"\'"\'\'"\'"\' /usr/bin/python /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/AnsiballZ_stat.py && sleep 0\'']
<nexus3-oss-debian-stretch> EXEC ['/usr/bin/docker', b'exec', b'-i', 'nexus3-oss-debian-stretch', '/bin/sh', '-c', "/bin/sh -c 'rm -f -r /home/deployuser/.ansible/tmp/ansible-tmp-1555848182.1761565-31974482443721/ > /dev/null 2>&1 && sleep 0'"]
ok: [nexus3-oss-debian-stretch] => {
"changed": false,
"invocation": {
"module_args": {
"checksum_algorithm": "sha1",
"follow": false,
"get_attributes": true,
"get_checksum": true,
"get_md5": null,
"get_mime": true,
"path": "/etc/systemd/system/nexus.service"
}
},
"stat": {
"atime": 1555848116.0796735,
"attr_flags": "",
"attributes": [],
"block_size": 4096,
"blocks": 8,
"charset": "us-ascii",
"checksum": "f1de2c2bc91adc019e58f83a29c970d1d79d5cc9",
"ctime": 1553622777.8884165,
"dev": 77,
"device_type": 0,
"executable": false,
"exists": true,
"gid": 0,
"gr_name": "root",
"inode": 22997,
"isblk": false,
"ischr": false,
"isdir": false,
"isfifo": false,
"isgid": false,
"islnk": false,
"isreg": true,
"issock": false,
"isuid": false,
"mimetype": "text/plain",
"mode": "0644",
"mtime": 1553622777.3485653,
"nlink": 1,
"path": "/etc/systemd/system/nexus.service",
"pw_name": "root",
"readable": true,
"rgrp": true,
"roth": true,
"rusr": true,
"size": 248,
"uid": 0,
"version": "687353",
"wgrp": false,
"woth": false,
"writeable": true,
"wusr": true,
"xgrp": false,
"xoth": false,
"xusr": false
}
}
I am trying to build images with packer in a jenkins pipeline. However, the packer ssh provisioner does not work as the ssh never becomes available and error out with timeout.
Farther investigation of the issue shows that, the image is missing network interface files ifconfig-eth0 in /etc/sysconfig/network-scripts directory so it never gets an ip and does not accept ssh connection.
The problem is, there are many such images to be generated and I can't open each one manually in GUI of virtualbox and correct the issue and repack. Is there any other possible solution to that?
{
"variables": {
"build_base": ".",
"isref_machine":"create-ova-caf",
"build_name":"virtual-box-jenkins",
"output_name":"packer-virtual-box",
"disk_size":"40000",
"ram":"1024",
"disk_adapter":"ide"
},
"builders":[
{
"name": "{{user `build_name`}}",
"type": "virtualbox-iso",
"guest_os_type": "Other_64",
"iso_url": "rhelis74_1710051533.iso",
"iso_checksum": "",
"iso_checksum_type": "none",
"hard_drive_interface":"{{user `disk_adapter`}}",
"ssh_username": "root",
"ssh_password": "Secret1.0",
"shutdown_command": "shutdown -P now",
"guest_additions_mode":"disable",
"boot_wait": "3s",
"boot_command": [ "auto<enter>"],
"ssh_timeout": "40m",
"headless":
"true",
"vm_name": "{{user `output_name`}}",
"disk_size": "{{user `disk_size`}}",
"output_directory":"{{user `build_base`}}/output-{{build_name}}",
"format": "ovf",
"vrdp_bind_address": "0.0.0.0",
"vboxmanage": [
["modifyvm", "{{.Name}}","--nictype1","virtio"],
["modifyvm", "{{.Name}}","--memory","{{ user `ram`}}"]
],
"skip_export":true,
"keep_registered": true
}
],
"provisioners": [
{
"type":"shell",
"inline": ["ls"]
}
]
}
When you don't need the SSH connection during the provisioning process you can switch it off. See the packer documentation about communicator, there you see the option none to switch of the communication between host and guest.
{
"builders": [
{
"type": "virtualbox-iso",
"communicator": "none"
}
]
}
Packer Builders DOCU virtualbox-iso
I have been playing around with load-testing my application on a single agent cluster in AKS. During the testing, the connection to the dashboard stalled and never resumed. My application seems down as well, so I am assuming the cluster is in a bad state.
The API server is restate-f4cbd3d9.hcp.centralus.azmk8s.io
kubectl cluster-info dump shows the following error:
{
"name": "kube-dns-v20-6c8f7f988b-9wpx9.14fbbbd6bf60f0cf",
"namespace": "kube-system",
"selfLink": "/api/v1/namespaces/kube-system/events/kube-dns-v20-6c8f7f988b-9wpx9.14fbbbd6bf60f0cf",
"uid": "47f57d3c-d577-11e7-88d4-0a58ac1f0249",
"resourceVersion": "185572",
"creationTimestamp": "2017-11-30T02:36:34Z",
"InvolvedObject": {
"Kind": "Pod",
"Namespace": "kube-system",
"Name": "kube-dns-v20-6c8f7f988b-9wpx9",
"UID": "9d2b20f2-d3f5-11e7-88d4-0a58ac1f0249",
"APIVersion": "v1",
"ResourceVersion": "299",
"FieldPath": "spec.containers{kubedns}"
},
"Reason": "Unhealthy",
"Message": "Liveness probe failed: Get http://10.244.0.4:8080/healthz-kubedns: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)",
"Source": {
"Component": "kubelet",
"Host": "aks-agentpool-34912234-0"
},
"FirstTimestamp": "2017-11-30T02:23:50Z",
"LastTimestamp": "2017-11-30T02:59:00Z",
"Count": 6,
"Type": "Warning"
}
As well as some Pod Sync errors in Kube-System.
Example of issue:
az aks browse -g REstate.Server -n REstate
Merged "REstate" as current context in C:\Users\User\AppData\Local\Temp\tmp29d0conq
Proxy running on http://127.0.0.1:8001/
Press CTRL+C to close the tunnel...
error: error upgrading connection: error dialing backend: dial tcp 10.240.0.4:10250: getsockopt: connection timed out
You'll probably need to ssh to the node to see if the Kubelet service is running. For future you can set Resource quotas from exhausting all resources in the cluster nodes.
Resource Quotas -https://kubernetes.io/docs/concepts/policy/resource-quotas/