tripleo

unwritable /honme/stack/ansible.log after container image prepare

Bug #1895318 reported by John Fulton
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Medium
Kevin Carter
tripleo victoria-3 "tripleo victoria"

Bug Description

When using tripleo-operator-ansible to deploy an undercloud, after the tripleo-ansible role tripleo_container_image_prepare is executed /home/stack/ansible.log is owned by root. This creates a permissions problem for subsequent tasks [1].

As a workaround I can 'chmod 666 ansible.log' and re-run and the undercloud install continues without issue (e.g. heat starts running).

The following may need tweaking:

https://opendev.org/openstack/tripleo-ansible/src/branch/master/tripleo_ansible/roles/tripleo_container_image_prepare/tasks/main.yml#L18

https://opendev.org/openstack/tripleo-operator-ansible/src/commit/561df3e95f642a2e8e5c6c2d9da10875699fda60/roles/tripleo_container_image_prepare/defaults/main.yml#L4

[1]
[CentOS-8.2 - stack@undercloud ~]$ cat undercloud_install.log
Ansible execution failed. playbook: /usr/share/openstack-tripleo-validations/playbooks/undercloud-disk-space.yaml, Run Status: failed, Return Code: 1
An error occurred during configuration validation, please check your host configuration and try again. Error message: Ansible execution failed. playbook: /usr/share/openstack-tripleo-validations/playbooks/undercloud-disk-space.yaml, Run Status: failed, Return Code: 1
Traceback (most recent call last):
  File "/usr/bin/ansible-playbook", line 63, in <module>
    from ansible.utils.display import Display
  File "/usr/lib/python3.6/site-packages/ansible/utils/display.py", line 84, in <module>
    format='%(asctime)s p=%(process)d u=%(user)s n=%(name)s | %(message)s')
  File "/usr/lib64/python3.6/logging/__init__.py", line 1808, in basicConfig
    h = FileHandler(filename, mode)
  File "/usr/lib64/python3.6/logging/__init__.py", line 1032, in __init__
    StreamHandler.__init__(self, self._open())
  File "/usr/lib64/python3.6/logging/__init__.py", line 1061, in _open
    return open(self.baseFilename, self.mode, encoding=self.encoding)
PermissionError: [Errno 13] Permission denied: '/home/stack/ansible.log'
[CentOS-8.2 - stack@undercloud ~]$

Revision history for this message
John Fulton (jfulton-org) wrote :

I was able to workaround this with the following when using tripleo-lab

 ansible-playbook -i inventory.yaml builder.yaml -e @environments/overrides.yml -e @environments/topology-dcn.yml -e tripleo_container_image_prepare_become=false -e tripleo_container_image_prepare_log_file="/home/stack/tripleo-image-prepare.log"

Revision history for this message
John Fulton (jfulton-org) wrote :

Perhaps [0] can be false because it's using become in [1]

[0] https://opendev.org/openstack/tripleo-operator-ansible/src/commit/561df3e95f642a2e8e5c6c2d9da10875699fda60/roles/tripleo_container_image_prepare/defaults/main.yml#L4

[1] https://opendev.org/openstack/tripleo-ansible/src/branch/master/tripleo_ansible/roles/tripleo_container_image_prepare/tasks/main.yml#L18

Revision history for this message
John Fulton (jfulton-org) wrote :

tripleo-lab now has a workaround:

 https://github.com/cjeanner/tripleo-lab/commit/56f9f43fb7e4c33e49129b3a6cc90a95e29f40af

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-operator-ansible (master)

Fix proposed to branch: master
Review: https://review.opendev.org/751344

Changed in tripleo:
assignee: nobody → John Fulton (jfulton-org)
status: Triaged → In Progress
Revision history for this message
Alex Schultz (alex-schultz) wrote :

This is likely a side effect of switching this command to use ansible

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on tripleo-operator-ansible (master)

Change abandoned by John Fulton (<email address hidden>) on branch: master
Review: https://review.opendev.org/751344
Reason: Let's solve this bug using the following instead:
 https://review.opendev.org/#/c/751859/

OpenStack Infra (hudson-openstack)
Changed in tripleo:
assignee: John Fulton (jfulton-org) → Kevin Carter (kevin-carter)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-tripleoclient (master)

Reviewed: https://review.opendev.org/751859
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=7d9e41589a252fa6ef1fb0351fc12a75224e4701
Submitter: Zuul
Branch: master

commit 7d9e41589a252fa6ef1fb0351fc12a75224e4701
Author: Kevin Carter <email address hidden>
Date: Mon Sep 14 11:35:47 2020 -0500

    Ensure the ansible log file always has a correct UID

    This change will ensure that the owner of the ansible.log file is
    always set to the executing user, even when the tripleoclient is
    invoked using sudo.

    > The chagne will pull the UID and should the log file exist it
      will set the UID to the calling user accordingly. In the event
      of an upgrade, or command rerun, the client will ensure we're
      cleaning updating the file UID without user intevention; this
      makes the change transparent to the user and fixes a potential
      UX problem.

    Closes-Bug: #1895318
    Change-Id: If620fb3026c7420f37b924aa99d62f29a11730a9
    Signed-off-by: Kevin Carter <email address hidden>

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to python-tripleoclient (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/752948

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to python-tripleoclient (stable/ussuri)

Reviewed: https://review.opendev.org/752948
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=9a7411cb03bcdf864bac7434fcee5b157731fd84
Submitter: Zuul
Branch: stable/ussuri

commit 9a7411cb03bcdf864bac7434fcee5b157731fd84
Author: Kevin Carter <email address hidden>
Date: Mon Sep 14 11:35:47 2020 -0500

    Ensure the ansible log file always has a correct UID

    This change will ensure that the owner of the ansible.log file is
    always set to the executing user, even when the tripleoclient is
    invoked using sudo.

    > The chagne will pull the UID and should the log file exist it
      will set the UID to the calling user accordingly. In the event
      of an upgrade, or command rerun, the client will ensure we're
      cleaning updating the file UID without user intevention; this
      makes the change transparent to the user and fixes a potential
      UX problem.

    Closes-Bug: #1895318
    Change-Id: If620fb3026c7420f37b924aa99d62f29a11730a9
    Signed-off-by: Kevin Carter <email address hidden>
    (cherry picked from commit 7d9e41589a252fa6ef1fb0351fc12a75224e4701)

tags: added: in-stable-ussuri
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.