ansible remote bootstrap fails to include validate_address.yml when set apiserver_cert_sans in host configuration

Bug #1895849 reported by Andy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Medium
Andy

Bug Description

Brief Description
-----------------
When set apiserver_cert_sans and try to run ansible-playbook remotely,
it fails when try to include validate_address.yml

Severity
--------
Critical

(System won't be configured remotely.)

Steps to Reproduce
------------------

1. from system under configuration copy /usr/share/ansible/stx-ansible to your host
2. create file hosts and copy following content on it

---
all:
 hosts:
 hostname1:
 ansible_host: 192.168.59.3 #use your system ip address.
vars:
 ansible_ssh_user: sysadmin
 ansible_ssh_pass: Li69nux*
 ansible_become_pass: Li69nux*

3. export BOOTSTRAP_PLAYBOOK={path_where_you_copy_stx_ansible_files}/playbooks/bootstrap.yml
4. export ANSIBLE_HOST_KEY_CHECKING=False

6. create hostname1.yml and copy following configuration

---
cluster_host_subnet: 192.168.207.0/24
external_oam_floating_address: 192.168.59.2
external_oam_subnet: 192.168.59.0/24
external_oam_gateway_address: 192.168.59.1
dns_servers:
 - 128.224.144.130
apiserver_cert_sans:
 - 192.168.59.2 # any ip address it's fine.

7. ansible-playbooks $BOOTSTRAP_PLAYBOOK -i hosts -e "override_files_dir=`pwd`"

Expected Behavior
------------------
Validation address should be executed same way as previous steps, for instance:
File: playbooks/roles/bootstrap/validate-config/tasks/main.yml

    Validate no proxy addresses (same file line 442)
    Validate registry type if specified (same file line 525)

Actual Behavior
----------------
it failed and exit with the following error

TASK [bootstrap/validate-config : Validate apiserver_cert_sans entries] ********
fatal: [yow-cgcs-wildcat-112]: FAILED! => {"reason": "Could not find or access '/sandbox/AUTOMATION_LOGS/sys_install/stx/wcp_112/202006261512/ansible/playbooks/validate_address.yml ' on the Ansible Controller."}

Reproducibility
---------------
Reproducible

System Configuration
--------------------
AIO, but it seems it affects all configurations when try bootstrap remotely

Branch/Pull Time/Commit
-----------------------

N/A

Last Pass
---------
Unknown

Timestamp/Logs
--------------

TASK [bootstrap/validate-config : Purge old applications] **********************
skipping: [yow-cgcs-wildcat-112]

TASK [bootstrap/validate-config : Revert /etc/resolv.conf from coredns] ********
skipping: [yow-cgcs-wildcat-112]

TASK [bootstrap/validate-config : Validate apiserver_cert_sans list] ***********
skipping: [yow-cgcs-wildcat-112]

TASK [bootstrap/validate-config : Validate apiserver_cert_sans entries] ********
fatal: [yow-cgcs-wildcat-112]: FAILED! => {"reason": "Could not find or access '/sandbox/AUTOMATION_LOGS/sys_install/stx/wcp_112/202006261512/ansible/playbooks/validate_address.yml ' on the Ansible Controller."}

PLAY RECAP *********************************************************************
yow-cgcs-wildcat-112 : ok=119  changed=26  unreachable=0 failed=1  skipped=107  rescued=0 ignored=0

-----------
Setup started:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Test steps started:
***Failure at test call: /home/svc-cgcsauto/wassp-repos.new/labinstall/cgcs/CGCSAuto/tc_sysinstall/fresh_install/test_remote_bootstrap.py:164: utils.exceptions.CLIRejected: CLI command is rejected.
FAILED[2020-06-26 19:12:56,729] 271 INFO MainThread conftest.testcase_log::
-----------------------------------------------------------------
Test Result for: tc_sysinstall/fresh_install/test_remote_bootstrap.py::test_remote_bootstrap - Test Failed at test call

Test Activity
-------------
Developer Testing

Workaround
----------
Modify file playbooks/roles/bootstrap/validate-config/tasks/main.yml line 658 and remove one of the blank spaces between validate_address.yml and input_address parameter.

657: - name: Validate apiserver_cert_sans entries
658: include: validate_address.yml input_address={{ item }} # Remove blank space between .yml and input_
659: with_items: "{{ apiserver_cert_sans }}"

Andy (andy.wrs)
Changed in starlingx:
assignee: nobody → Andy (andy.wrs)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to ansible-playbooks (master)

Fix proposed to branch: master
Review: https://review.opendev.org/752243

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/752243
Committed: https://git.openstack.org/cgit/starlingx/ansible-playbooks/commit/?id=9979a35e03b2b101c3854396347434fec16137b3
Submitter: Zuul
Branch: master

commit 9979a35e03b2b101c3854396347434fec16137b3
Author: Andy Ning <email address hidden>
Date: Wed Sep 16 09:51:37 2020 -0400

    Fix ansible remote bootstrap address validation failure

    There is an extra blank space in the line
    "include: validate_address.yml input_address={{ item }}" in
    file "playbooks/roles/bootstrap/validate-config/tasks/main.yml" that
    causes remote ansible bootstrap to fail with error "Could not find or
    access '/sandbox/AUTOMATION_LOGS/sys_install/stx/wcp_112/202006261512
    /ansible/playbooks/validate_address.yml ' on the Ansible Controller.".

    Looks like somehow ansible takes the extra space as part of the file
    name (as indicated in the error message). This update removed the extra
    blank space and the address validation passes.

    Change-Id: I0b659e849f782bc01f2da0cf1ff79f667bb17484
    Closes-Bug: 1895849
    Signed-off-by: Andy Ning <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Ghada Khalil (gkhalil)
Changed in starlingx:
importance: Undecided → Medium
tags: added: stx.5.0 stx.config
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.