ansible-collections / azure Goto Github PK
View Code? Open in Web Editor NEWDevelopment area for Azure Collections
Home Page: https://galaxy.ansible.com/azure/azcollection
License: GNU General Public License v3.0
Development area for Azure Collections
Home Page: https://galaxy.ansible.com/azure/azcollection
License: GNU General Public License v3.0
Search for will be removed in 2.9
and version='2.9'
next to deprecate()
calls.
(I started removal in ansible/ansible#65749 but it turns out that the integration tests make heavy use of the functionality. This should better be done by someone who knows more about Azure.)
azure_rm_loadbalancer
azure_rm_networkinterface
2.9
2.10
Currently Azure CLI authentication is not working for atleast the modules around "azure_rm_keyvaultsecret_info".
azure_rm_keyvaultsecret_info & azure cli
ansible 2.9.9
config file = /home/linux_root/infrastructure/ansible/ansible.cfg
configured module search path = ['/home/linux_root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/linux_root/.local/lib/python3.6/site-packages/ansible
executable location = /home/linux_root/.local/bin/ansible
python version = 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 (Red Hat 8.3.1-4)]
DEFAULT_CALLBACK_WHITELIST(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['profile_tasks']
DEFAULT_HOST_LIST(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['/home/linux_root/infrastructure/ansible/hosts']
DEFAULT_REMOTE_USER(/home/linux_root/infrastructure/ansible/ansible.cfg) = linux_root
DEFAULT_ROLES_PATH(/home/linux_root/infrastructure/ansible/ansible.cfg) = ['/home/linux_root/infrastructure/ansible/roles']
DEFAULT_STDOUT_CALLBACK(/home/linux_root/infrastructure/ansible/ansible.cfg) = yaml
Its neither working on a CentOS 7.6 (Python 2.7) nor on CentOS 8.1 (python 3.6).
---
- name: retrieve secrets from keyvault
hosts: localhost
connection: local
collections:
- azure.azcollection
tasks:
- name: Ensure Keyvault-Secrets are present
azure_rm_keyvaultsecret_info:
name: "testsecret"
auth_source: "cli"
vault_uri: "https://keyvault-xyz.vault.azure.net/"
The secret should be collected and can be used for other tasks.
Python exception with not finding client_id comes up.
[linux_root@rkno-deleteme ansible]$ ansible-playbook playbooks/rkno.yml
PLAY [Ensure Keyvault-Secrets are present] **************************************************************************************************************************************************************************************************
TASK [Gathering Facts] **********************************************************************************************************************************************************************************************************************
Tuesday 26 May 2020 14:51:51 +0000 (0:00:00.026) 0:00:00.026 ***********
ok: [localhost]
TASK [Ensure Keyvault-Secrets are present] **************************************************************************************************************************************************************************************************
Tuesday 26 May 2020 14:51:52 +0000 (0:00:00.997) 0:00:01.024 ***********
fatal: [localhost]: FAILED! => changed=false
module_stderr: |-
Your credentials class does not support session injection. Performance will not be at the maximum.
Traceback (most recent call last):
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 102, in <module>
_ansiballz_main()
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/linux_root/.ansible/tmp/ansible-tmp-1590504712.0743444-27255-260440206983742/AnsiballZ_azure_rm_keyvaultsecret_info.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_keyvaultsecret_info', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib64/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib64/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib64/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 433, in <module>
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 429, in main
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 245, in __init__
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 418, in __init__
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 263, in exec_module
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 318, in get_secret
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/key_vault_client.py", line 1795, in get_secret
response = self._client.send(request, header_parameters, **operation_config)
File "/usr/local/lib/python3.6/site-packages/msrest/service_client.py", line 336, in send
pipeline_response = self.config.pipeline.run(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 197, in run
return first_node.send(pipeline_request, **kwargs) # type: ignore
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 72, in send
return self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 137, in send
return self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/__init__.py", line 150, in send
response = self.next.send(request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/pipeline/requests.py", line 193, in send
self.driver.send(request.http_request, **kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/universal_http/requests.py", line 333, in send
return super(RequestsHTTPSender, self).send(request, **requests_kwargs)
File "/usr/local/lib/python3.6/site-packages/msrest/universal_http/requests.py", line 142, in send
**kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/sessions.py", line 650, in send
r = dispatch_hook('response', hooks, r, **kwargs)
File "/usr/local/lib/python3.6/site-packages/requests/hooks.py", line 31, in dispatch_hook
_hook_data = hook(hook_data, **kwargs)
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 146, in _handle_401
security = self._get_message_security(prep, challenge)
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 172, in _get_message_security
scheme))
File "/usr/local/lib/python3.6/site-packages/azure/keyvault/custom/key_vault_authentication.py", line 61, in _auth_callback_compat
if len(inspect.getargspec(self._user_callback).args) == 3 \
File "/tmp/ansible_azure_rm_keyvaultsecret_info_payload_q9zkit50/ansible_azure_rm_keyvaultsecret_info_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_keyvaultsecret_info.py", line 282, in auth_callback
KeyError: 'client_id'
module_stdout: ''
msg: |-
MODULE FAILURE
See stdout/stderr for the exact error
rc: 1
PLAY RECAP **********************************************************************************************************************************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Could you please add a module to get info on a network interface for a VM Scale Set?
As azure_rm_networkinterface_info does for VM.
Use Case: retrieve Private address IPs for VMSS instances.
Class network_interfaces, Method get_virtual_machine_scale_set_network_interface()
When calling the azure.azcollection.azure_rm_securitygroup
module, which used to work fine until recently, we now get the following error:
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NotImplementedError: APIVersion 2019-06-01 is not available
Also tested using the current dev-branch of this project and updated requirements-pip.txt
azure.azcollection.azure_rm_securitygroup
ansible 2.9.9
config file = /home/justin/co/platform/ansible/ansible.cfg
configured module search path = [u'/home/justin/co/platform/ansible/library/modules', u'/home/justin/co/platform/ansible/common/library/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.16 (default, Oct 10 2019, 22:02:15) [GCC 8.3.0]
ANSIBLE_FORCE_COLOR(/home/justin/co/platform/ansible/ansible.cfg) = True
ANSIBLE_PIPELINING(/home/justin/co/platform/ansible/ansible.cfg) = True
ANSIBLE_SSH_ARGS(/home/justin/co/platform/ansible/ansible.cfg) = -o Compression=yes -o ForwardAgent={{ ssh_forward_agent|default(false)|bool|ternary('yes', 'no') }} -o ForwardX11=no -o GSSAPIDelegateCredentials=no -o ControlMaster=auto -o ControlPersist=60s -o UserKnownHo
ANSIBLE_SSH_CONTROL_PATH_DIR(/home/justin/co/platform/ansible/ansible.cfg) = ./var/run
BECOME_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/become', u'/home/justin/co/platform/ansible/common/library/plugins/become']
COLLECTIONS_PATHS(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible', u'/home/justin/co/platform/ansible/common']
DEFAULT_ACTION_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/action', u'/home/justin/co/platform/ansible/common/library/plugins/action']
DEFAULT_ASK_PASS(/home/justin/co/platform/ansible/ansible.cfg) = False
DEFAULT_ASK_VAULT_PASS(/home/justin/co/platform/ansible/ansible.cfg) = False
DEFAULT_CACHE_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/cache', u'/home/justin/co/platform/ansible/common/library/plugins/cache']
DEFAULT_CALLBACK_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/callback', u'/home/justin/co/platform/ansible/common/library/plugins/callback']
DEFAULT_CONNECTION_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/connection', u'/home/justin/co/platform/ansible/common/library/plugins/connection']
DEFAULT_FILTER_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/filter', u'/home/justin/co/platform/ansible/common/library/plugins/filter']
DEFAULT_FORKS(/home/justin/co/platform/ansible/ansible.cfg) = 20
DEFAULT_GATHERING(/home/justin/co/platform/ansible/ansible.cfg) = explicit
DEFAULT_HASH_BEHAVIOUR(/home/justin/co/platform/ansible/ansible.cfg) = merge
DEFAULT_HOST_LIST(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/inventory']
DEFAULT_INVENTORY_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/inventory', u'/home/justin/co/platform/ansible/common/library/plugins/inventory']
DEFAULT_LOAD_CALLBACK_PLUGINS(/home/justin/co/platform/ansible/ansible.cfg) = True
DEFAULT_LOOKUP_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/lookup', u'/home/justin/co/platform/ansible/common/library/plugins/lookup']
DEFAULT_MODULE_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/modules', u'/home/justin/co/platform/ansible/common/library/modules']
DEFAULT_REMOTE_USER(/home/justin/co/platform/ansible/ansible.cfg) = root
DEFAULT_ROLES_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/roles', u'/home/justin/co/platform/ansible/common/roles']
DEFAULT_STDOUT_CALLBACK(/home/justin/co/platform/ansible/ansible.cfg) = yaml
DEFAULT_STRATEGY_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/strategy', u'/home/justin/co/platform/ansible/common/library/plugins/strategy']
DEFAULT_TERMINAL_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/terminal', u'/home/justin/co/platform/ansible/common/library/plugins/terminal']
DEFAULT_TEST_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/test', u'/home/justin/co/platform/ansible/common/library/plugins/test']
DEFAULT_TIMEOUT(/home/justin/co/platform/ansible/ansible.cfg) = 15
DEFAULT_TRANSPORT(/home/justin/co/platform/ansible/ansible.cfg) = ssh
DEFAULT_VARS_PLUGIN_PATH(/home/justin/co/platform/ansible/ansible.cfg) = [u'/home/justin/co/platform/ansible/library/plugins/vars', u'/home/justin/co/platform/ansible/common/library/plugins/vars']
INJECT_FACTS_AS_VARS(/home/justin/co/platform/ansible/ansible.cfg) = False
INTERPRETER_PYTHON(/home/justin/co/platform/ansible/ansible.cfg) = /usr/bin/python
RETRY_FILES_SAVE_PATH(/home/justin/co/platform/ansible/ansible.cfg) = /home/justin/co/platform/ansible/var/retry_files
Ansible Host: Debian Buster
Authenticated using az login
Playbook:
- hosts: localhost
tasks:
- azure.azcollection.azure_rm_securitygroup:
resource_group: doesnt_matter
name: non_existent_security_group
state: absent
Task gets executed normally
$ ansible-playbook pb.yml
PLAY [localhost] ***************************************************************************************************************************************************************************************************************************************************************
TASK [azure.azcollection.azure_rm_securitygroup] *******************************************************************************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: NotImplementedError: APIVersion 2019-06-01 is not available
fatal: [localhost]: FAILED! => changed=false
module_stderr: |-
Traceback (most recent call last):
File "<stdin>", line 102, in <module>
File "<stdin>", line 94, in _ansiballz_main
File "<stdin>", line 40, in invoke_module
File "/usr/lib/python2.7/runpy.py", line 188, in run_module
fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 82, in _run_module_code
mod_name, mod_fname, mod_loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/tmp/ansible_azure.azcollection.azure_rm_securitygroup_payload_II2pLa/ansible_azure.azcollection.azure_rm_securitygroup_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_securitygroup.py", line 833, in <module>
File "/tmp/ansible_azure.azcollection.azure_rm_securitygroup_payload_II2pLa/ansible_azure.azcollection.azure_rm_securitygroup_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_securitygroup.py", line 829, in main
File "/tmp/ansible_azure.azcollection.azure_rm_securitygroup_payload_II2pLa/ansible_azure.azcollection.azure_rm_securitygroup_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_securitygroup.py", line 668, in __init__
File "/tmp/ansible_azure.azcollection.azure_rm_securitygroup_payload_II2pLa/ansible_azure.azcollection.azure_rm_securitygroup_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 418, in __init__
File "/tmp/ansible_azure.azcollection.azure_rm_securitygroup_payload_II2pLa/ansible_azure.azcollection.azure_rm_securitygroup_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_securitygroup.py", line 674, in exec_module
File "/usr/local/lib/python2.7/dist-packages/azure/mgmt/network/network_management_client.py", line 1580, in network_security_groups
raise NotImplementedError("APIVersion {} is not available".format(api_version))
NotImplementedError: APIVersion 2019-06-01 is not available
module_stdout: ''
msg: |-
MODULE FAILURE
See stdout/stderr for the exact error
rc: 1
PLAY RECAP *********************************************************************************************************************************************************************************************************************************************************************
localhost : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Copied from ansible/ansible#58709
The azure_rm_gallery
integration tests have been disabled by #58672.
Possible reasons #58576
azure_rm_gallery
devel
The tests fail all the time, e.g., in ansible/ansible#58623
N/A
N/A
passed
Fail with:
10:20 <testhost> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1562154933.93-98980176504656/ > /dev/null 2>&1 && sleep 0'
10:20 The full traceback is:
10:20 WARNING: The below traceback may *not* be related to the actual failure.
10:20 File "/tmp/ansible_azure_rm_galleryimageversion_payload_DCkqlY/__main__.py", line 397, in create_update_resource
10:20 30)
10:20 File "/tmp/ansible_azure_rm_galleryimageversion_payload_DCkqlY/ansible_azure_rm_galleryimageversion_payload.zip/ansible/module_utils/azure_rm_common_rest.py", line 80, in query
10:20 raise exp
10:20
10:20 fatal: [testhost]: FAILED! => {
10:20 "changed": false,
10:20 "invocation": {
10:20 "module_args": {
10:20 "ad_user": null,
10:20 "adfs_authority_url": null,
10:20 "api_profile": "latest",
10:20 "append_tags": true,
10:20 "auth_source": null,
10:20 "cert_validation_mode": null,
10:20 "client_id": null,
10:20 "cloud_environment": "AzureCloud",
10:20 "gallery_image_name": "myImage",
10:20 "gallery_name": "myGalleryebce060794",
10:20 "location": "West US",
10:20 "name": "10.1.3",
10:20 "password": null,
10:20 "profile": null,
10:20 "publishing_profile": {
10:20 "endOfLifeDate": "2021-10-01t00:00:00+00:00",
10:20 "excludeFromLatest": true,
10:20 "replicaCount": 3,
10:20 "source": {
10:20 "managedImage": {
10:20 "id": "/subscriptions/6d22db98-3e5f-4ab9-bdf9-2f911a2775f7/resourceGroups/ansible-core-ci-prod-991ee744-e8ec-4af3-888b-6f86a91dedfc-1/providers/Microsoft.Compute/images/testimagea"
10:20 }
10:20 },
10:20 "storageAccountType": "Standard_LRS",
10:20 "targetRegions": [
10:20 {
10:20 "name": "West US",
10:20 "regionalReplicaCount": 1
10:20 },
10:20 {
10:20 "name": "East US",
10:20 "regionalReplicaCount": 2,
10:20 "storageAccountType": "Standard_ZRS"
10:20 }
10:20 ]
10:20 },
10:20 "resource_group": "ansible-core-ci-prod-991ee744-e8ec-4af3-888b-6f86a91dedfc-1",
10:20 "secret": null,
10:20 "state": "present",
10:20 "subscription_id": null,
10:20 "tags": null,
10:20 "tenant": null
10:20 }
10:20 },
10:20 "msg": "Error creating the GalleryImageVersion instance: Azure Error: InvalidParameter\nMessage: Parameter 'galleryImageVersion.properties.storageProfile' is not allowed.\nTarget: galleryImageVersion.properties.storageProfile"
10:20 }
10:20
10:20 PLAY RECAP *********************************************************************
10:20 testhost : ok=29 changed=8 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
10:20
10:21 Command exited with status 2 after 276.723038912 seconds.
10:21 NOTICE: If azure_rm_gallery failed due to permissions, the test policy may need to be updated. For help, consult @mattclay or @gundalow on GitHub or #ansible-devel on IRC.
Developing a playbook to delete old images and shared image gallery versions and test it by running with --check --diff
. The _info
modules used to lookup candidates are reporting they do not support check mode.
azure_rm_image_info
azure_rm_galleryimageversion_info
ansible 2.9.6
config file = None
configured module search path = ['/home/jghal/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/jghal/Code/venv/ansible-2.9/lib64/python3.6/site-packages/ansible
executable location = /home/jghal/Code/venv/ansible-2.9/bin/ansible
python version = 3.6.8 (default, Aug 7 2019, 17:28:10) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
$ ansible-config dump --only-changed
$
Playbook will be run against localhost using only cloud modules
- name: "Find all {{ image_name }} images"
azure_rm_image_info:
resource_group: "{{ azure.packer_resource_group }}"
tags:
- "Name:{{ image_name }}"
- "branch:master"
register: build_image
- name: List all gallery image versions in a gallery image definition.
azure_rm_galleryimageversion_info:
gallery_name: "{{ azure.sig_name }}"
gallery_image_name: "{{ image_name }}"
resource_group: "{{ azure.sig_resource_group }}"
register: sig_image
$ ansible-playbook main.yml --check --diff --tags azure -e '{"image_name":["centos7.base"], }' -v
Should return the list of matching images and image versions
No config file found; using defaults
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match
'all'
PLAY [Retire base images] **********************************************************************************************
TASK [Gathering Facts] *************************************************************************************************
ok: [localhost]
TASK [Retire AZURE] ****************************************************************************************************
included: /home/jghal/Code/Halliburton-Landmark/ienergy-cloud/packer/retire-base-images/retire-azure.yml for localhost
TASK [Find all centos7.base images] ****************************************************************************
skipping: [localhost] => {"changed": false, "msg": "remote module (azure_rm_image_info) does not support check mode"}
TASK [List all gallery image versions in a gallery image definition.] **************************************************
skipping: [localhost] => {"changed": false, "msg": "remote module (azure_rm_galleryimageversion_info) does not support check mode"}
As requested, I have moved this to here from here.
I have an app that I running in a Docker container to create Azure resources utilizing Ansible and Python. I have installed the necessary arm modules with pip install ansible[azure]
to enable Ansible to work with Azure. For my Python script i am using the current azure-storage-blob, azure-mgmt-resource, and azure-common libraries. Everything with my app works and does what it needs to do locally.
The required Ansible libraries for Azure are listed here These versions are extremely outdated. The problem I am facing is on the build of the Docker image, the required libraries for Ansible are being installed (using pip install ansible[azure]
) and then when I install the necessary libraries for the Python script (azure-storage-blob, azure-mgmt-resource, and azure-common) pip is blowing away the old versions needed for Ansible. Those three that I need for Python are in the list of required Ansible libraries hence why they are being blown away. It's a lose lose situation. If I want the python script to work, I need relatively current Azure libraries. If I want my playbooks to work, I need to use the very dated libraries. Is there anything I can do to get these libraries from uninstalling each other? I am not too sure if there is anything that can be done, but I think its definitely something that should be brought up.
I believe the azure-storage-blob module is what is breaking my playbook. In the list of libraries needed for Ansible, it requires the module azure-storage 0.35.1. This has been deprecated for a long time now and was replaced by azure-storage-blob. azure-storage-blob is on version 12.0.
Examples of the uninstalls during the Docker run:
Installing collected packages: azure-mgmt-resource
Attempting uninstall: azure-mgmt-resource
Found existing installation: azure-mgmt-resource 2.1.0
Uninstalling azure-mgmt-resource-2.1.0:
Successfully uninstalled azure-mgmt-resource-2.1.0
Successfully installed azure-mgmt-resource-9.0.0
2.1 is what's needed and being used still? They are up to 9.0.
Installing collected packages: azure-core, msrest, azure-storage-blob
Attempting uninstall: msrest
Found existing installation: msrest 0.6.1
Uninstalling msrest-0.6.1:
Successfully uninstalled msrest-0.6.1
Successfully installed azure-core-1.5.0 azure-storage-blob-12.3.0 msrest-0.6.14
pip3 freeze | grep azure
results:
These are the versions that I ran the playbook with below.
azure-cli-core==2.0.35
azure-cli-nspkg==3.0.2
azure-common==1.1.25
azure-core==1.5.0
azure-graphrbac==0.40.0
azure-keyvault==1.0.0a1
azure-mgmt-authorization==0.51.1
azure-mgmt-automation==0.1.1
azure-mgmt-batch==5.0.1
azure-mgmt-cdn==3.0.0
azure-mgmt-compute==4.4.0
azure-mgmt-containerinstance==1.4.0
azure-mgmt-containerregistry==2.0.0
azure-mgmt-containerservice==4.4.0
azure-mgmt-cosmosdb==0.5.2
azure-mgmt-devtestlabs==3.0.0
azure-mgmt-dns==2.1.0
azure-mgmt-hdinsight==0.1.0
azure-mgmt-iothub==0.7.0
azure-mgmt-keyvault==1.1.0
azure-mgmt-loganalytics==0.2.0
azure-mgmt-marketplaceordering==0.1.0
azure-mgmt-monitor==0.5.2
azure-mgmt-network==2.3.0
azure-mgmt-nspkg==2.0.0
azure-mgmt-rdbms==1.4.1
azure-mgmt-redis==5.0.0
azure-mgmt-resource==9.0.0
azure-mgmt-servicebus==0.5.3
azure-mgmt-sql==0.10.0
azure-mgmt-storage==3.1.0
azure-mgmt-trafficmanager==0.50.0
azure-mgmt-web==0.41.0
azure-nspkg==2.0.0
azure-storage==0.35.1
azure-storage-blob==12.3.0
msrestazure==0.5.0
ansible 2.9.9
config file = /etc/ansible/ansible.cfg
configured module search path = ['/var/www/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Apr 18 2020, 01:56:04) [GCC 8.4.0]
This is just a snippet of the playbook I am using but it is erroring out because the azure-storage-blob library and azure-storage library cannot coexist. I know this because running the playbook without the azure-storage-library installed, it works.
- name: Download vars
azure_rm_storageblob:
resource_group: <resource group>
storage_account_name: <storage account name>
container: <container>
blob: <blob>
dest: /path/to/ex.yml
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ImportError: cannot import name 'PageBlobService'
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (ansible[azure] (azure >= 2.0.0)) on c3950e31c1f7's Python /usr/bin/python3. Please read module documentation and install in the appropriate location. If the required library
is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}
Copied from ansible/ansible#56356
The azure_rm_resource uses ansible.module_utils.dict_transformations.dict_merge for it's idempotency check with the server. It first merges the server's response with the user provided data and then does a ==
comparison on the two.
Unfortunately, this dict_merge
doesn't recurse through list objects with dicts contained in them. Therefore, any configuration with a list of dict objects will always be different.
azure_rm_resource
ansible 2.8.0rc2
Mac OS X
- name: Creating an Azure Virtual Network Gateway
azure_rm_resource:
api_version: "{{ azure_api_version }}"
ad_user: "{{ azure_user }}"
password: "{{ azure_password }}"
subscription_id: "{{ azure_subscription_id }}"
url: "{{ azure_api_network_prefix }}/virtualNetworkGateways/{{ azure_virtual_network_gateway_name }}"
idempotency: true
body:
location: "{{ azure_location }}"
properties:
sku:
name: Standard
tier: Standard
gatewayType: ExpressRoute
ipConfigurations:
- name: default
properties:
privateIPAllocationMethod: Dynamic
subnet:
id: "{{ azure_virtual_network.state.id }}/subnets/GatewaySubnet"
publicIPAddress:
id: "{{ azure_api_network_prefix }}/publicIPAddresses/{{ azure_public_ip_address.state.name }}"
Because this may be hard to recreate, I've pasted below a simple python script which defines the variables being compared (e.g. body
and response
) and shows how dict_merge
is improperly used here.
body = {
'location': 'westus2',
'properties': {
'ipConfigurations': [
{
'name': 'default',
'properties': {
'publicIPAddress': {
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/publicIPAddresses/ansiblePublicIpAddress'
},
'subnet': {
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworks/ansibleVirtualNetwork/subnets/GatewaySubnet'
}
}
}
],
'sku': {
'name': 'Standard',
'tier': 'Standard'
},
'gatewayType': 'ExpressRoute'
}
}
response = {
'name': 'ansibleVirtualNetworkGateway',
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworkGateways/ansibleVirtualNetworkGateway',
'etag': 'W/\"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\"',
'type': 'Microsoft.Network/virtualNetworkGateways',
'location': 'westus2',
'properties': {
'provisioningState': 'Succeeded',
'resourceGuid': 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX',
'ipConfigurations': [
{
'name': 'default',
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworkGateways/ansibleVirtualNetworkGateway/ipConfigurations/default',
'etag': 'W/\"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\"',
'type': 'Microsoft.Network/virtualNetworkGateways/ipConfigurations',
'properties': {
'provisioningState': 'Succeeded',
'privateIPAllocationMethod': 'Dynamic',
'publicIPAddress': {
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/publicIPAddresses/ansiblePublicIpAddress'
},
'subnet': {
'id': '/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworks/ansibleVirtualNetwork/subnets/GatewaySubnet'
}
}
}
],
'sku': {
'name': 'Standard',
'tier': 'Standard',
'capacity': 2
},
'gatewayType': 'ExpressRoute',
'vpnType': 'PolicyBased',
'enableBgp': False,
'activeActive': False
}
}
from ansible.module_utils.common.dict_transformations import dict_merge, recursive_diff
from json import dumps
print(dumps(dict_merge(response, body), indent=4, separators=(',', ': ')))
for x in recursive_diff(dict_merge(response, body), response):
print(dumps(x, indent=4, separators=(',', ': ')))
No differences from dict_merge
or a different applicable method to copy existing resource values to the user spec'd resource.
Changed on second invocation.
Results from the Python script:
{
"name": "ansibleVirtualNetworkGateway",
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworkGateways/ansibleVirtualNetworkGateway",
"etag": "W/\"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\"",
"type": "Microsoft.Network/virtualNetworkGateways",
"location": "westus2",
"properties": {
"provisioningState": "Succeeded",
"resourceGuid": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"ipConfigurations": [
{
"name": "default",
"properties": {
"publicIPAddress": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/publicIPAddresses/ansiblePublicIpAddress"
},
"subnet": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworks/ansibleVirtualNetwork/subnets/GatewaySubnet"
}
}
}
],
"sku": {
"name": "Standard",
"tier": "Standard",
"capacity": 2
},
"gatewayType": "ExpressRoute",
"vpnType": "PolicyBased",
"enableBgp": false,
"activeActive": false
}
}
{
"properties": {
"ipConfigurations": [
{
"name": "default",
"properties": {
"publicIPAddress": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/publicIPAddresses/ansiblePublicIpAddress"
},
"subnet": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworks/ansibleVirtualNetwork/subnets/GatewaySubnet"
}
}
}
]
}
}
{
"properties": {
"ipConfigurations": [
{
"name": "default",
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworkGateways/ansibleVirtualNetworkGateway/ipConfigurations/default",
"etag": "W/\"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\"",
"type": "Microsoft.Network/virtualNetworkGateways/ipConfigurations",
"properties": {
"provisioningState": "Succeeded",
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/publicIPAddresses/ansiblePublicIpAddress"
},
"subnet": {
"id": "/subscriptions/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/12341234/providers/Microsoft.Network/virtualNetworks/ansibleVirtualNetwork/subnets/GatewaySubnet"
}
}
}
]
}
}
azure_rm_storageaccount fails to create a storage account saying its type isn't a valid SkuName.
azure.azcollection.azure_rm_storageaccount
ansible 2.9.6
config file = None
configured module search path = ['/Users/xxxxxxx/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/ansible
executable location = /Library/Frameworks/Python.framework/Versions/3.7/bin//ansible
python version = 3.7.3 (v3.7.3:ef4ec6ed12, Mar 25 2019, 16:52:21) [Clang 6.0 (clang-600.0.57)]
empty
- hosts: localhost
gather_facts: no
collections:
- azure.azcollection
vars_files:
- ../../vars/cloud/cloud-resources.yml
tasks:
- name: Create a resource group
azure_rm_resourcegroup:
name: "{{ az_rg_name }}"
location: "{{ az_default_location }}"
tags: "{{ az_project_tags }}"
- name: Create a storage account
azure_rm_storageaccount:
resource_group: "{{ az_rg_name }}"
name: "{{ az_storage_acc }}"
type: StandardSSD_LRS
tags: "{{ az_project_tags }}"
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: xxxxxxxx
<127.0.0.1> EXEC /bin/sh -c 'echo ~xxxxxxx && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /Users/xxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441 `" && echo ansible-tmp-1587581006.960041-95851087720441="` echo /Users/xxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441 `" ) && sleep 0'
Using module file /Users/xxxxxxx/.ansible/collections/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py
<127.0.0.1> PUT /Users/xxxxxxxx/.ansible/tmp/ansible-local-79076qaiz4d4e/tmpmanhnnbf TO /Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/ /Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/Library/Frameworks/Python.framework/Versions/3.7/bin/python3.7 /Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "ValueError: 'StandardSSD_LRS' is not a valid SkuName\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File \"/Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py\", line 102, in <module>\n _ansiballz_main()\n File \"/Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/Users/xxxxxxxx/.ansible/tmp/ansible-tmp-1587581006.960041-95851087720441/AnsiballZ_azure_rm_storageaccount.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_storageaccount', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py\", line 684, in <module>\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py\", line 680, in main\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py\", line 377, in __init__\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py\", line 418, in __init__\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py\", line 413, in exec_module\n File \"/var/folders/hw/mfxwsjls6yq5v5d81st_x38m0000gp/T/ansible_azure_rm_storageaccount_payload_zw_pklwh/ansible_azure_rm_storageaccount_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_storageaccount.py\", line 616, in create_account\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/enum.py\", line 310, in __call__\n return cls.__new__(cls, value)\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/enum.py\", line 564, in __new__\n raise exc\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/enum.py\", line 548, in __new__\n result = cls._missing_(value)\n File \"/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/enum.py\", line 577, in _missing_\n raise ValueError(\"%r is not a valid %s\" % (value, cls.__name__))\nValueError: 'StandardSSD_LRS' is not a valid SkuName\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc":
Ansible support for using the following option while creating vmss.
https://docs.microsoft.com/en-us/cli/azure/vmss?view=azure-cli-latest#az-vmss-create
azure_rm_virtualmachine
https://docs.ansible.com/ansible/latest/modules/azure_rm_virtualmachine_module.html
We are planning to write Ansible code to implement the requested feature and wanted to check if you are working on this feature to avoid duplicate work. If you are working , what is the ETA?
The azure_rm_dnszone_info ansible module does not return data from Private DNS Zones. There are no parameters when you query to specify if you want public or private zones. This results in issues if subscription contains private DNS - at best you get empty results back.
azure_rm_dnszone_info
ansible --version
ansible 2.9.6
config file = /home/ocp/azure/ansible/ansible.cfg
configured module search path = ['/home/ocp/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.7.6 (default, Jan 30 2020, 09:44:41) [GCC 9.2.1 20190827 (Red Hat 9.2.1-1)
COMMAND_WARNINGS(/home/ocp/azure/ansible/ansible.cfg) = False
DEFAULT_FILTER_PLUGIN_PATH(/home/ocp/azure/ansible/ansible.cfg) = ['/home/ocp/azure/ansible/filter_plugins']
DEFAULT_HOST_LIST(/home/ocp/azure/ansible/ansible.cfg) = ['/home/ocp/azure/ansible/inventory']
DEPRECATION_WARNINGS(/home/ocp/azure/ansible/ansible.cfg) = False
HOST_KEY_CHECKING(/home/ocp/azure/ansible/ansible.cfg) = False
INTERPRETER_PYTHON(/home/ocp/azure/ansible/ansible.cfg) = auto
Fedora 31
ansible -i inventory localhost -m azure_rm_dnszone_info -a "resource_group=rg"
This fails to return any private DNS zones.
As the documentation states, I expect private DNS zones to returned with zoneType set to Private.
Empty result set - or when trying to use the zone to add record sets you get errors.
As this repo now lives in a organization call "ansible-collections", might be worth it just to change the name of the repo to just "azure" and remove the "ansible_collections" prefix.
Hello,
I created ansible/ansible#68628 but seems to be managed here now so I will create this issue to manage this problem
Regards Marc.
azure_rm_common.py
ansible 2.9.6
config file = /home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg
configured module search path = ['/home/admnet/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/admnet/git/company/client/ansible-playbooks/socle-install/venv/lib/python3.7/site-packages/ansible
executable location = /home/admnet/git/company/client/ansible-playbooks/socle-install/venv/bin/ansible
python version = 3.7.6 (default, Jan 30 2020, 09:44:41) [GCC 9.2.1 20190827 (Red Hat 9.2.1-1)]
ANSIBLE_FORCE_COLOR(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = True
CACHE_PLUGIN(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = jsonfile
CACHE_PLUGIN_CONNECTION(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = /tmp/ansible_fact_cache
DEFAULT_BECOME(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = True
DEFAULT_CALLBACK_WHITELIST(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = ['profile_tasks']
DEFAULT_GATHERING(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = smart
DEFAULT_HASH_BEHAVIOUR(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = merge
DEFAULT_REMOTE_USER(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = ansible
DEFAULT_SCP_IF_SSH(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = True
DEFAULT_STDOUT_CALLBACK(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = debug
DISPLAY_SKIPPED_HOSTS(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = False
HOST_KEY_CHECKING(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = False
RETRY_FILES_ENABLED(/home/admnet/git/company/client/ansible-playbooks/socle-install/ansible.cfg) = False
Linux maarc-vm 5.5.15-200.fc31.x86_64 #1 SMP Thu Apr 2 19:16:17 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
- name: "Get Azure VM infolved for collected host"
azure_rm_virtualmachine_info:
tags:
- "company:group:fonction:value"
register: vms
connection: local
ValueError: too many values to unpack
azure_rm_autoscale module generates a warning "[WARNING]: Azure API profile latest does not define an entry for MonitorManagementClient" and nothing is done
note also to replace "service_url" by "service_uri". Generated error: AttributeError: 'WebhookNotification' object has no attribute 'service_url'
azure_rm_autoscale
ansible 2.9.6
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Oct 30 2018, 23:45:53) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
# /var/lib/awx/venv/cloudbuilder/bin/pip freeze | grep azure-mgmt-monitor
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
azure-mgmt-monitor==0.5.2
(none)
I use Ansible Tower
CentOS Linux release 7.6.1810 (Core)
Example shared in azure_rm_autoscale module
- name: CREATE autoscale policy
delegate_to: localhost
azure_rm_autoscale:
resource_group: "rg-{{ extra_platform_name }}"
name: "autoscale-{{ extra_vmss_name }}"
target: "{{ output_vmss_info.vmss.0.id }}"
enabled: true
profiles:
- count: '1'
recurrence_days:
- Monday
name: Auto created scale condition
recurrence_timezone: China Standard Time
recurrence_mins:
- '0'
min_count: '1'
max_count: '1'
recurrence_frequency: Week
recurrence_hours:
- '18'
Create an autoscaling policy
Using module file /etc/ansible/roles/azure.azure_preview_modules/library/azure_rm_autoscale.py
<localhost> PUT /var/lib/awx/.ansible/tmp/ansible-local-306hC2f/tmpED2XRZ TO /var/lib/awx/.ansible/tmp/ansible-tmp-1589588855.16-207568799216910/AnsiballZ_azure_rm_autoscale.py
<localhost> EXEC /bin/sh -c 'chmod u+x /var/lib/awx/.ansible/tmp/ansible-tmp-1589588855.16-207568799216910/ /var/lib/awx/.ansible/tmp/ansible-tmp-1589588855.16-207568799216910/AnsiballZ_azure_rm_autoscale.py && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/python /var/lib/awx/.ansible/tmp/ansible-tmp-1589588855.16-207568799216910/AnsiballZ_azure_rm_autoscale.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /var/lib/awx/.ansible/tmp/ansible-tmp-1589588855.16-207568799216910/ > /dev/null 2>&1 && sleep 0'
[WARNING]: Azure API profile latest does not define an entry for
MonitorManagementClient
{
"target": "/subscriptions/XXX/resourceGroups/rg-XXX/providers/Microsoft.Compute/virtualMachineScaleSets/nginxapigw",
"tags": {},
"changed": false,
"enabled": true,
"profiles": [
{
"count": "1",
"recurrence_days": [
"Monday"
],
"name": "Auto created scale condition",
"recurrence_timezone": "China Standard Time",
"recurrence_mins": [
"0"
],
"min_count": "1",
"max_count": "1",
"recurrence_frequency": "Week",
"recurrence_hours": [
"18"
]
}
],
"name": "autoscale-nginxapigw",
"location": "eastus2",
"warnings": [
"Azure API profile latest does not define an entry for MonitorManagementClient"
],
"invocation": {
"module_args": {
"profile": null,
"resource_group": "rg-XXX",
"tags": null,
"ad_user": null,
"notifications": null,
"state": "present",
"client_id": null,
"api_profile": "latest",
"adfs_authority_url": null,
"password": null,
"tenant": null,
"target": "/subscriptions/YYY/resourceGroups/rg-XXX/providers/Microsoft.Compute/virtualMachineScaleSets/nginxapigw",
"name": "autoscale-nginxapigw",
"append_tags": true,
"cloud_environment": "AzureCloud",
"cert_validation_mode": null,
"profiles": [
{
"count": "1",
"fixed_date_start": null,
"recurrence_days": [
"Monday"
],
"name": "Auto created scale condition",
"rules": null,
"recurrence_timezone": "China Standard Time",
"fixed_date_timezone": null,
"min_count": "1",
"recurrence_mins": [
"0"
],
"max_count": "1",
"recurrence_frequency": "Week",
"recurrence_hours": [
"18"
],
"fixed_date_end": null
}
],
"secret": null,
"location": null,
"auth_source": null,
"subscription_id": null,
"enabled": true
}
},
"_ansible_delegated_vars": {
"ansible_host": "localhost"
},
"id": "/subscriptions/YYY/resourceGroups/rg-XXX/providers/microsoft.insights/autoscalesettings/autoscale-nginxapigw",
"notifications": [],
"_ansible_no_log": false
}
This issue logically the same as ansible/ansible#57965.
There is no way to specify sku
for azure_rm_sqldatabase
module. If I specify edition
parameter - I have an exception.
azure_rm_sqldatabase
ansible 2.9.9
config file = /vagrant/ansible/ansible.cfg
configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/vagrant/.local/lib/python3.6/site-packages/ansible
executable location = /home/vagrant/.local/bin/ansible
python version = 3.6.8 (default, Apr 2 2020, 13:34:55) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
Not related.
CentOS 7 + Python 3.6.8
$ pip3 list | grep azure
azure-cli-core (2.0.35)
azure-cli-nspkg (3.0.2)
azure-common (1.1.11)
azure-graphrbac (0.40.0)
azure-keyvault (1.0.0a1)
azure-mgmt-authorization (0.51.1)
azure-mgmt-automation (0.1.1)
azure-mgmt-batch (5.0.1)
azure-mgmt-cdn (3.0.0)
azure-mgmt-compute (4.4.0)
azure-mgmt-containerinstance (1.4.0)
azure-mgmt-containerregistry (2.0.0)
azure-mgmt-containerservice (4.4.0)
azure-mgmt-cosmosdb (0.5.2)
azure-mgmt-devtestlabs (3.0.0)
azure-mgmt-dns (2.1.0)
azure-mgmt-hdinsight (0.1.0)
azure-mgmt-iothub (0.7.0)
azure-mgmt-keyvault (1.1.0)
azure-mgmt-loganalytics (0.2.0)
azure-mgmt-marketplaceordering (0.1.0)
azure-mgmt-monitor (0.5.2)
azure-mgmt-network (2.3.0)
azure-mgmt-nspkg (2.0.0)
azure-mgmt-rdbms (1.4.1)
azure-mgmt-redis (5.0.0)
azure-mgmt-resource (2.1.0)
azure-mgmt-servicebus (0.5.3)
azure-mgmt-sql (0.10.0)
azure-mgmt-storage (3.1.0)
azure-mgmt-trafficmanager (0.50.0)
azure-mgmt-web (0.41.0)
azure-nspkg (2.0.0)
azure-storage (0.35.1)
msrestazure (0.5.0)
- name: Create sql server
azure_rm_sqlserver:
resource_group: myrg
name: myserver
admin_username: myadmin
admin_password: mypassword
- name: Create db
azure_rm_sqldatabase:
edition: basic
resource_group: myrg
server_name: myserver
name: mydatabase
The database should be created with Basic SKU.
There is an error:
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'edition'
failed: [localhost] ("module_stderr": "Traceback (most recent call last):\n File \"<stdin>\", line 102, in <module>\n File \"<stdin>\", line 94, in _ansiballz_main\n File \"<stdin>\", line 40, in invoke_modul
e\n File \"/usr/lib64/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib64/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_s
pec, pkg_name, script_name)\n File \"/usr/lib64/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_azure_rm_sqldatabase_payload_vis6a89q/ansible_azure_rm_sqldatabase_payload.zip/ansibl
e/modules/cloud/azure/azure_rm_sqldatabase.py\", line 514, in <module>\n File \"/tmp/ansible_azure_rm_sqldatabase_payload_vis6a89q/ansible_azure_rm_sqldatabase_payload.zip/ansible/modules/cloud/azure/azure_rm_sqldatabase.py\", li
ne 510, in main\n File \"/tmp/ansible_azure_rm_sqldatabase_payload_vis6a89q/ansible_azure_rm_sqldatabase_payload.zip/ansible/modules/cloud/azure/azure_rm_sqldatabase.py\", line 314, in __init__\n File \"/tmp/ansible_azure_rm_sql
database_payload_vis6a89q/ansible_azure_rm_sqldatabase_payload.zip/ansible/module_utils/azure_rm_common.py\", line 348, in __init__\n File \"/tmp/ansible_azure_rm_sqldatabase_payload_vis6a89q/ansible_azure_rm_sqldatabase_payload.
zip/ansible/modules/cloud/azure/azure_rm_sqldatabase.py\", line 387, in exec_module\nKeyError: 'edition'\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
I think the error in the line https://github.com/ansible-collections/azure/blob/dev/plugins/modules/azure_rm_sqldatabase.py#L387 in old_response['edition']
part.
Microsoft will take over all daily work for the Ansible Azure collection. Need to find out how to use Azure DevOps pipeline to run integration tests for a new pull request.
CI
When trying to update access policies azure_rm_keyvault module does not update them:
- name: "Update kv"
azure_rm_keyvault:
resource_group: "{{ rg }}"
vault_name: "{{ kv }}"
enabled_for_deployment: true
vault_tenant: "{{ kv_tenant }}"
enable_soft_delete: "false"
sku:
name: standard
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
- decrypt
- wrapkey
- unwrapkey
certificates:
- get
- list
- delete
- create
secrets:
- get
- list
- set
- delete
- recover
- backup
- restore
when changing the access_policies like this :
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
certificates:
- get
secrets:
- get
the module does not update them.
azure_rm_keyvault
ansible 2.9.6
config file = None
configured module search path = ['/Users/imjoseangel/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /Users/imjoseangel/.pyenv/versions/3.7.6/Python.framework/Versions/3.7/lib/python3.7/site-packages/ansible
executable location = /Users/imjoseangel/.pyenv/versions/3.7.6/bin/ansible
python version = 3.7.6 (default, Mar 10 2020, 19:25:59) [Clang 11.0.0 (clang-1100.0.33.16)]
None
ProductName: Mac OS X
ProductVersion: 10.15.3
BuildVersion: 19D76
Create a keyvault access policies. For instance:
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
- decrypt
- wrapkey
- unwrapkey
certificates:
- get
- list
- delete
- create
secrets:
- get
- list
- set
- delete
- recover
- backup
- restore
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
certificates:
- get
secrets:
- get
The new access policies should be:
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
certificates:
- get
secrets:
- get
The access policies are the same:
access_policies:
- tenant_id: "{{ tenant_id }}"
object_id: "{{ obj_id }}"
keys:
- encrypt
- decrypt
- wrapkey
- unwrapkey
certificates:
- get
- list
- delete
- create
secrets:
- get
- list
- set
- delete
- recover
- backup
- restore
Based on: ansible/ansible#68160
There is no parameter in azure_rm_virtualmachinescaleset
module to specify loadbalancer's backend pool name or NAT pool name. Azure CLI has these two options:
az vmss create -n testVMSS -g rg1 --instance-count 1 --vnet-name vnet --subnet subnet --image UbuntuLTS --load-balancer lb1 --backend-pool-name backend-pool-2 --lb-nat-pool-name inbound-pool-2 --vm-sku Standard_D1
azure_rm_virtualmachinescaleset
ansible 2.9.6
The tags and galaxy metadata here have version 0.1.0
, but there is a version on Galaxy with 0.1.1
Line 12 in c9d470c
While working on getting the collection staged for Automation Hub, I ran into a few errors in the sanity suite. These do not affect functionality but they can have an impact on the wider adoption and attract contributors.
The specific errors I am referring to is that of line endings being automatically added to files either via an editor or by a git config.
When multiple contributors are working on a file with different line endings the file switches back and forth between the two settings and the diffs usually show the entire file being rewritten.
This can be caught with ansible-test
and will look something like
ERROR: tests/integration/targets/azure_rm_securitygroup/tasks/main.yml:0:0: use "\n" for line endings instead of "\r\n"
This should be a relatively quick fix but as you fix this, do note that the diffs
might reflect that the whole file has been rewritten, when in fact, it has not been.
Running this as a basic test using this parameter results in the error below.
TypeError: string indices must be integers
azure_rm_subnet module
ansible 2.9.9
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/vagrant/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Apr 18 2020, 01:56:04) [GCC 8.4.0]
DEFAULT_VAULT_PASSWORD_FILE(env: ANSIBLE_VAULT_PASSWORD_FILE) = /home/vagrant/.ansible/.vault_password
HOST_KEY_CHECKING(env: ANSIBLE_HOST_KEY_CHECKING) = False
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
main.yml
- hosts: azure
collections:
- azure.azcollection
tasks:
- name: Subnet
azure_rm_subnet:
resource_group: "dmo"
virtual_network_name: "dmo"
name: "frontend"
address_prefix_cidr: "10.100.0.0/24"
service_endpoints:
Microsoft.Sql
register: subnet_status
inventory.yml:
all:
hosts:
azure:
ansible_host: 127.0.0.1
ansible_connection: local
ansible_python_interpreter: /usr/bin/python3
aws:
ansible_host: 127.0.0.1
ansible_connection: local
ansible_python_interpreter: /usr/bin/python3
command:
ansible-playbook -i ~/deploy/inventory.yml ~/deploy/submain.yml -vvvv
a subnet being deployed with Service Endpoints added.
TASK [Subnet] **************************************************************************************************************************************************************************************************
task path: /home/vagrant/deploy/submain.yml:5
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: vagrant
<127.0.0.1> EXEC /bin/sh -c 'echo ~vagrant && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/vagrant/.ansible/tmp `"&& mkdir /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336 && echo ansible-tmp-1591111818.8826323-4901-96458903446336="` echo /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336 `" ) && sleep 0'
Using module file /usr/local/lib/python3.6/dist-packages/ansible/modules/cloud/azure/azure_rm_subnet.py
<127.0.0.1> PUT /home/vagrant/.ansible/tmp/ansible-local-4829o3orv5c0/tmpeh2k3chf TO /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/ /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python3 /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py", line 102, in <module>
_ansiballz_main()
File "/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible.modules.cloud.azure.azure_rm_subnet', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib/python3.6/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py", line 399, in <module>
File "/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py", line 395, in main
File "/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py", line 235, in __init__
File "/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/module_utils/azure_rm_common.py", line 348, in __init__
File "/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py", line 291, in exec_module
TypeError: string indices must be integers
fatal: [azure]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py\", line 102, in <module>\n _ansiballz_main()\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1591111818.8826323-4901-96458903446336/AnsiballZ_azure_rm_subnet.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible.modules.cloud.azure.azure_rm_subnet', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/lib/python3.6/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.6/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/lib/python3.6/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py\", line 399, in <module>\n File \"/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py\", line 395, in main\n File \"/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py\", line 235, in __init__\n File \"/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/module_utils/azure_rm_common.py\", line 348, in __init__\n File \"/tmp/ansible_azure_rm_subnet_payload_79babr37/ansible_azure_rm_subnet_payload.zip/ansible/modules/cloud/azure/azure_rm_subnet.py\", line 291, in exec_module\nTypeError: string indices must be integers\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
The module azure_rm_keyvault_info not show storage field for access policies
from ansible/ansible #68167
Fixes #62
azure_rm_keyvault_info
ansible 2.9.6
None
ansible 2.9.6
python version = 3.7.6 (v3.7.6:43364a7ae0, Dec 18 2019, 14:18:50) [Clang 6.0 (clang-600.0.57)]
macOs Catalina 10.15.1 (19B88)
- name: Get Key Vault by name
azure_rm_keyvault_info:
resource_group: "{{ rg }}"
name: "{{ kv_name }}"
register: _kv_info
- name: Show keyvault info
debug:
msg: "{{ _kv_info }}"
- access_policies:
- object_id: xxxx
permissions:
certificates:
- get
- list
keys:
- encrypt
secrets:
- get
storage:
- get
- list
- access_policies:
- object_id: xxxx
permissions:
certificates:
- get
- list
keys:
- encrypt
secrets:
- get
Some improvements for the new CI pipeline.
CI
Support a multi-nic configuration in the module azure_rm_virtualmachine_scaleset
Currently, only one NIC, one LB can be set.
Support a multi-nic configuration in the module azure_rm_virtualmachine_scaleset
Support requirements encountered in customers: one NIC for management plane and one NIC for dataplane
The azure_rm_virtualmachine_info isn't properly deserializing a diagnosticsProfile with an empty storage uri.
azure_rm_virtualmachine_info
ansible 2.9.9
config file = None
configured module search path = ['/home/conductor/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /mnt/c/Users/tireilly/GitHub/Spikes/EITC/ansible/venv/lib/python3.6/site-packages/ansible
executable location = /mnt/c/Users/tireilly/GitHub/Spikes/ansible/venv/bin/ansible
python version = 3.6.8 (default, Oct 7 2019, 12:59:55) [GCC 8.3.0]
''
Windows 10 -> bash
Create a vm, get info on vm.
ansible localhost -m azure_rm_virtualmachine_info -a "tags=environment:dev" -vvv
Expected to get information about vm's in the target subscription
With az vm list
I get this:
$ az vm list
[
{
"additionalCapabilities": null,
"availabilitySet": {
"id": "/subscriptions/5c514147-secret-4f7e-8329-625443da4254/resourceGroups/NETWORK-TEST-KA6U7-RG/providers/Microsoft.Compute/availabilitySets/MACHINES-SET",
"resourceGroup": "NETWORK-TEST-KA6U7-RG"
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": false,
"storageUri": null
}
},
The full traceback is:
File "/tmp/ansible_azure_rm_virtualmachine_info_payload_o2js5d3j/ansible_azure_rm_virtualmachine_info_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine_info.py", line 355, in get_vm
File "/tmp/ansible_azure_rm_virtualmachine_info_payload_o2js5d3j/ansible_azure_rm_virtualmachine_info_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine_info.py", line 417, in serialize_vm
localhost | FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"ad_user": null,
"adfs_authority_url": null,
"api_profile": "latest",
"auth_source": null,
"cert_validation_mode": null,
"client_id": null,
"cloud_environment": "AzureCloud",
"name": null,
"password": null,
"profile": null,
"resource_group": null,
"secret": null,
"subscription_id": null,
"tags": [
"environment:dev"
],
"tenant": null
}
},
"msg": "Error getting virtual machine None - 'storageUri'"
}
As noted in the coment in the code below, I do not have a problem if I use the default tasks from the cloud/ansible module. But if I use the most recent code from the collection, create virtual network and several related tasks break in the same way.
ansible-collection version 0.1.3 installed via:
ansible-galaxy collection install azure.azcollection --force
2.9.9 (installed via `pip3 install ansible`)
No output except DEFAULT_VALUE_PASSWORD_FILE setting
MacOS 10.15.4
Configure Azure CLI with credentials then run following tasks:
- name: Create resource group
azure.azcollection.azure_rm_resourcegroup: # this works
name: "{{azure_rg_name}}"
location: "{{azure_region}}"
- name: Create virtual network
azure.azcollection.azure_rm_virtualnetwork: # works if I remove `azure.azcollection.`
resource_group: "{{azure_rg_name}}"
name: "{{azure_vnet_name}}"
address_prefixes: "10.0.0.0/16"
Virtual network is created in azure.
TASK [create-azure-vm : Create virtual network] *********************************************************************************************************************************************************************************************************************
task path: /Users/mark/development/rubyforgood/babywearing/deploy/ansible/create-azure-vm/tasks/main.yml:12
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: mark
<127.0.0.1> EXEC /bin/sh -c 'echo ~mark && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /Users/mark/.ansible/tmp `"&& mkdir /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357 && echo ansible-tmp-1589607011.755611-53797-34652261434357="` echo /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357 `" ) && sleep 0'
Using module file /Users/mark/.ansible/collections/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py
<127.0.0.1> PUT /Users/mark/.ansible/tmp/ansible-local-53600_6fm55ho/tmp7ivwdgzr TO /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/ /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/local/opt/python/bin/python3.7 /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py", line 102, in <module>
_ansiballz_main()
File "/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_virtualnetwork', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py", line 205, in run_module
return _run_module_code(code, init_globals, run_name, mod_spec)
File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py", line 96, in _run_module_code
mod_name, mod_spec, pkg_name, script_name)
File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py", line 394, in <module>
File "/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py", line 390, in main
File "/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py", line 245, in __init__
File "/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 418, in __init__
File "/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py", line 272, in exec_module
File "/usr/local/lib/python3.7/site-packages/azure/mgmt/network/network_management_client.py", line 2449, in virtual_networks
raise NotImplementedError("APIVersion {} is not available".format(api_version))
NotImplementedError: APIVersion 2019-06-01 is not available
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\n File \"/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py\", line 102, in <module>\n _ansiballz_main()\n File \"/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py\", line 94, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/Users/mark/.ansible/tmp/ansible-tmp-1589607011.755611-53797-34652261434357/AnsiballZ_azure_rm_virtualnetwork.py\", line 40, in invoke_module\n runpy.run_module(mod_name='ansible_collections.azure.azcollection.plugins.modules.azure_rm_virtualnetwork', init_globals=None, run_name='__main__', alter_sys=True)\n File \"/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 205, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 96, in _run_module_code\n mod_name, mod_spec, pkg_name, script_name)\n File \"/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/runpy.py\", line 85, in _run_code\n exec(code, run_globals)\n File \"/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py\", line 394, in <module>\n File \"/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py\", line 390, in main\n File \"/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py\", line 245, in __init__\n File \"/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py\", line 418, in __init__\n File \"/var/folders/dh/qjj1yjqd2yz20zjh6n8r3w380000gn/T/ansible_azure.azcollection.azure_rm_virtualnetwork_payload_p2ddo37m/ansible_azure.azcollection.azure_rm_virtualnetwork_payload.zip/ansible_collections/azure/azcollection/plugins/modules/azure_rm_virtualnetwork.py\", line 272, in exec_module\n File \"/usr/local/lib/python3.7/site-packages/azure/mgmt/network/network_management_client.py\", line 2449, in virtual_networks\n raise NotImplementedError(\"APIVersion {} is not available\".format(api_version))\nNotImplementedError: APIVersion 2019-06-01 is not available\n",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"rc": 1
}
The "Big Migration" has now taken place.
As this collection already exists, we need to carefully check to see if any further commits went into devel since this repo was created.
Please check the contents of https://github.com/ansible-collection-migration/azure.azcollection against this repo
In particular:
Utilizing the azure_rm_virtualmachine module.
Receive the following error from Ansible in the stderr:
UnicodeEncodeError: 'ascii' codec can't encode character u'\\\\u2018' in position 596: ordinal not in range(128)\\n
Noting that the actual Azure error message reported is believed to be along the lines of:
Operation could not be completed as it results in exceeding approved Total Regional Cores quota. Additional details - Deployment Model: Resource Manager, Location: eastus, Current Limit: 350, Current Usage: 346, Additional Required: 8, (Minimum) New Limit Required: 354. Submit a request for Quota increase at https://aka.ms/ProdportalCRP/?#create/Microsoft.Support/Parameters/%7B%22subId%22:%222b66c83b-5e20-4ee0-a2e2-4ba091559f95%22,%22pesId%22:%2206bfd9d3-516b-d5c6-5802-169c800dec89%22,%22supportTopicId%22:%22e12e3d1d-7fa0-af33-c6d0-3c50df9658a3%22%7D by specifying parameters listed in the โDetailsโ section for deployment to succeed. Please read more about quota limits at https://docs.microsoft.com/en-us/azure/azure-supportability/regional-quota-requests.
Note that the error message from Azure includes left/right single quotes (hex U+2018 and U+2019). The fancy quotes are around the word Details in the 2nd to last sentence.
azure_rm_virtualmachine module
Suspect this could apply to any/all Azure modules.
ansible 2.10.0.dev0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /opt/ansible/azure-20200212/lib/python2.7/site-packages/ansible
executable location = /opt/ansible/azure-20200212/bin/ansible
python version = 2.7.5 (default, Jun 11 2019, 14:33:56) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
No changes/default config.
Ansible Tower ; RHEL 7.7 control nodes.
Azure Cloud Module(s)
In my case, used azure_rm_virtualmachine to create an Azure VM. The Azure Subscription had quotas in place that prevented the VM from being created. Azure believed to generate an error message to be read by Ansible. However, the Azure message/output contains unicode punctuation (left-quote and right-quote; u2018 and u02019).
These left-quote and right-quote characters result in the UnicodeEncodeError: 'ascii' codec can't encode character reported by Ansible.
Expect that Azure error messages be reported via Ansible modules. Expect to not need to obtain a nonsensical/ASCII error, then navigate to Azure to determine the actual error.
TASK [azure_provision_linux_vm : Create Azure VM azrs95056] ********************
task path: /var/lib/awx/projects/_273__azure_provision_linux_vm/roles/azure_provision_linux_vm/tasks/main.yml:95
๏ฟฝ[
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: awx
๏ฟฝ[
<127.0.0.1> EXEC /bin/sh -c 'echo ~awx && sleep 0'
๏ฟฝ[
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879 `" && echo ansible-tmp-1581531670.25-176907752234879="` echo /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879 `" ) && sleep 0'
๏ฟฝ[
Using module file /opt/ansible/azure-20200212/lib/python2.7/site-packages/ansible/modules/cloud/azure/azure_rm_virtualmachine.py
๏ฟฝ[
<127.0.0.1> PUT /var/lib/awx/.ansible/tmp/ansible-local-7JRYNDn/tmppZnixX TO /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py
๏ฟฝ[
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/ /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py && sleep 0'
๏ฟฝ[
<127.0.0.1> EXEC /bin/sh -c '/opt/ansible/azure-20200212/bin/python /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py && sleep 0'
๏ฟฝ[
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/ > /dev/null 2>&1 && sleep 0'
๏ฟฝ[
The full traceback is:
Traceback (most recent call last):
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py", line 102, in <module>
_ansiballz_main()
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py", line 40, in invoke_module
runpy.run_module(mod_name='ansible.modules.cloud.azure.azure_rm_virtualmachine', init_globals=None, run_name='__main__', alter_sys=True)
File "/usr/lib64/python2.7/runpy.py", line 176, in run_module
fname, loader, pkg_name)
File "/usr/lib64/python2.7/runpy.py", line 82, in _run_module_code
mod_name, mod_fname, mod_loader, pkg_name)
File "/usr/lib64/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py", line 2203, in <module>
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py", line 2199, in main
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py", line 899, in __init__
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/module_utils/azure_rm_common.py", line 417, in __init__
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py", line 1440, in exec_module
File "/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py", line 1970, in create_or_update_vm
File "/opt/ansible/azure-20200212/lib/python2.7/site-packages/msrestazure/azure_exceptions.py", line 193, in __str__
return str(self.error)
File "/opt/ansible/azure-20200212/lib/python2.7/site-packages/msrestazure/azure_exceptions.py", line 89, in __str__
error_str += "\\nMessage: {}".format(self._message)
UnicodeEncodeError: 'ascii' codec can't encode character u'\\u2018' in position 596: ordinal not in range(128)
fatal: [localhost]: FAILED! => {
"changed": false,
"module_stderr": "Traceback (most recent call last):\\n File \\"/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py\\", line 102, in <module>\\n _ansiballz_main()\\n File \\"/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py\\", line 94, in _ansiballz_main\\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\\n File \\"/var/lib/awx/.ansible/tmp/ansible-tmp-1581531670.25-176907752234879/AnsiballZ_azure_rm_virtualmachine.py\\", line 40, in invoke_module\\n runpy.run_module(mod_name='ansible.modules.cloud.azure.azure_rm_virtualmachine', init_globals=None, run_name='__main__', alter_sys=True)\\n File \\"/usr/lib64/python2.7/runpy.py\\", line 176, in run_module\\n fname, loader, pkg_name)\\n File \\"/usr/lib64/python2.7/runpy.py\\", line 82, in _run_module_code\\n mod_name, mod_fname, mod_loader, pkg_name)\\n File \\"/usr/lib64/python2.7/runpy.py\\", line 72, in _run_code\\n exec code in run_globals\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py\\", line 2203, in <module>\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py\\", line 2199, in main\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py\\", line 899, in __init__\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/module_utils/azure_rm_common.py\\", line 417, in __init__\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py\\", line 1440, in exec_module\\n File \\"/tmp/ansible_azure_rm_virtualmachine_payload_qkU1Tx/ansible_azure_rm_virtualmachine_payload.zip/ansible/modules/cloud/azure/azure_rm_virtualmachine.py\\", line 1970, in create_or_update_vm\\n File \\"/opt/ansible/azure-20200212/lib/python2.7/site-packages/msrestazure/azure_exceptions.py\\", line 193, in __str__\\n return str(self.error)\\n File \\"/opt/ansible/azure-20200212/lib/python2.7/site-packages/msrestazure/azure_exceptions.py\\", line 89, in __str__\\n error_str += \\"\\\\nMessage: {}\\".format(self._message)\\n
UnicodeEncodeError: 'ascii' codec can't encode character u'\\\\u2018' in position 596: ordinal not in range(128)\\n",
"module_stdout": "",
"msg": "MODULE FAILURE\\nSee stdout/stderr for the exact error",
"rc": 1
}
๏ฟฝ[
I want to update the "load balancing rules" of a basic Azure Load Balancer.
In Ansible 2.8, that module was updated for idempotency and it can be used to updated an existing LB object.
However, it doesn't append the new rules to existing rules in a LB, it just overwrites all the rules.
I was expecting the module to just "append" rules to the current set.
azure_rm_loadbalancer
ansible 2.8.1
config file = [redacted]/ansible.cfg
configured module search path = [u'[redacted]/library', u'[redacted]/ara/plugins/modules']
ansible python module location = [redacted]/local/lib/python2.7/site-packages/ansible
executable location = [redacted]/bin/ansible
python version = 2.7.15rc1 (default, Nov 12 2018, 14:31:15) [GCC 7.3.0]
ANSIBLE_NOCOWS([redacted]/ansible.cfg) = True
ANSIBLE_PIPELINING([redacted]/ansible.cfg) = True
ANSIBLE_SSH_ARGS([redacted]/ansible.cfg) = -o ControlMaster=auto -o ControlPersist=600s -o StrictHostKeyChecking=no
ANSIBLE_SSH_RETRIES([redacted]/ansible.cfg) = 3
CACHE_PLUGIN([redacted]/ansible.cfg) = jsonfile
CACHE_PLUGIN_CONNECTION([redacted]/ansible.cfg) = ~/.ansible/facts.cachedir
CACHE_PLUGIN_TIMEOUT([redacted]/ansible.cfg) = 300
DEFAULT_ACTION_PLUGIN_PATH([redacted]/ansible.cfg) = [u'[redacted]/ara/plugins/actions']
DEFAULT_CALLBACK_PLUGIN_PATH([redacted]/ansible.cfg) = [u'[redacted]/ara/plugins/callbacks']
DEFAULT_CALLBACK_WHITELIST([redacted]/ansible.cfg) = [u'profile_roles', u'profile_tasks', u'timer', u'junit']
DEFAULT_FORKS([redacted]/ansible.cfg) = 100
DEFAULT_GATHERING([redacted]/ansible.cfg) = smart
DEFAULT_HOST_LIST([redacted]/ansible.cfg) = [u'[redacted]/slinventory.sh']
DEFAULT_LOG_PATH([redacted]/ansible.cfg) = /home/renaud/.ansible/SLAnsible.log
DEFAULT_LOOKUP_PLUGIN_PATH([redacted]/ansible.cfg) = [u'[redacted]/plugins/lookup']
DEFAULT_MODULE_PATH([redacted]/ansible.cfg) = [u'[redacted]/library', u'[redacted]/ara/plugins/modules'
DEFAULT_REMOTE_USER([redacted]/ansible.cfg) = stylelabs
DEFAULT_ROLES_PATH([redacted]/ansible.cfg) = [u'[redacted]/roles_galaxy', u'[redacted]/roles_mansible']
DEFAULT_STDOUT_CALLBACK([redacted]/ansible.cfg) = yaml
DEFAULT_STRATEGY([redacted]/ansible.cfg) = mitogen_linear
DEFAULT_STRATEGY_PLUGIN_PATH([redacted]/ansible.cfg) = [u'[redacted]/mitogen/ansible_mitogen/plugins/strategy']
DEFAULT_TIMEOUT([redacted]/ansible.cfg) = 20
HOST_KEY_CHECKING([redacted]/ansible.cfg) = False
RETRY_FILES_ENABLED([redacted]/ansible.cfg) = False
Running on localhost.
Create a basic load balancer on Azure with a Frontend config and BackendPool.
Add a Load balancing rule manually with a health probe on port 80.
Execute Ansible task to add a new rule.
- name: "azure_rm_loadbalancer | add LB rule and probe"
azure_rm_loadbalancer:
auth_source: cli
subscription_id: "REDACTED"
name: "elbtest"
resource_group: "elb-test"
load_balancing_rules:
- backend_address_pool: "backend"
backend_port: "1024"
frontend_ip_configuration: LoadBalancerFrontEnd
frontend_port: "1024"
name: "1024-rule"
probe: "1024-probe"
protocol: Tcp
probes:
- name: "1024-probe"
port: "1024"
protocol: Tcp
I'm expecting just my rule to be added, unless I specifically say I want to purge everything.
The rules and probes that are not part of the current Ansible task are deleted.
This issue was created following the migration to azure collections.
Original ticket: ansible/ansible#58069
Trying to create a private DNS Zone:
$ ansible -i inventory localhost -m azure_rm_dnszone -a "resource_group=rg name=private.example.com state=present type=private"
[WARNING]: Azure API profile latest does not define an entry for DnsManagementClient
localhost | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"msg": "Error creating or updating zone rhocp.us - Operation failed with status: 'Bad Request'. Details: The feature you are trying to use is not available."
}
azure_rm_dnszone
$ ansible --version
ansible 2.9.6
config file = /home/ocp/azure/ansible/ansible.cfg
configured module search path = ['/home/ocp/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 3.7.6 (default, Jan 30 2020, 09:44:41) [GCC 9.2.1 20190827 (Red Hat 9.2.1-1)]
$ ansible-config dump --only-changed
COMMAND_WARNINGS(/home/ocp/azure/ansible/ansible.cfg) = False
DEFAULT_FILTER_PLUGIN_PATH(/home/ocp/azure/ansible/ansible.cfg) = ['/home/ocp/azure/ansible/filter_plugins']
DEFAULT_HOST_LIST(/home/ocp/azure/ansible/ansible.cfg) = ['/home/ocp/azure/ansible/inventory']
DEPRECATION_WARNINGS(/home/ocp/azure/ansible/ansible.cfg) = False
HOST_KEY_CHECKING(/home/ocp/azure/ansible/ansible.cfg) = False
INTERPRETER_PYTHON(/home/ocp/azure/ansible/ansible.cfg) = auto
Fedora 31
Run the command in the summary
$ ansible -i inventory localhost -m azure_rm_dnszone -a "resource_group=rg name=private.example.com state=present type=private"
Zone created or data for existing zone returned.
Error: The feature you are trying to use is not available.
localhost | FAILED! => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/bin/python3"
},
"changed": false,
"msg": "Error creating or updating zone rhocp.us - Operation failed with status: 'Bad Request'. Details: The feature you are trying to use is not available."
}
Thank you for the module "azure_rm_virtualnetworkgateway".
In order to complete the setup of a VPN GW connection, have you already developed modules associated to the Python classes below ?
Use Case: connect another Cloud (private/public) to Azure with an IPsec VPN GW
Action needed to automate:
Provision a VPN GW of a remote Cloud (private/public) --> LocalNetworkGateways class
Connect the remote VPN GW to a Azure VPN GW (virtual_network_gateway) --> virtual_network_gateway_connections class
New modules : modules local_network_gateways + virtual_network_gateway_connections
NetworkManagementClient.local_network_gateways
NetworkManagementClient.virtual_network_gateway_connections
Example of Python script currently used:
NetworkManagementClient(credentials, subscription_id).local_network_gateways.create_or_update(
resource_group_name=local_gw['resource_group_name'],
local_network_gateway_name=local_gw['local_network_gateway_name'],
parameters={
'location': local_gw['location'],
'local_network_address_space': {
'address_prefixes': local_gw['local_network_address_space']
},
'gateway_ip_address': local_gw['gateway_ip_address'],
'tags': local_gw['tags']
}
NetworkManagementClient(credentials, subscription_id).virtual_network_gateway_connections .create_or_update(
resource_group_name=local_gw['resource_group_name'],
virtual_network_gateway_connection_name=virtual_network_gateway_connection_name,
parameters={
'location': local_gw['location'],
'tags': local_gw['tags'],
'virtual_network_gateway1': virtual_network_gateway,
'local_network_gateway2': local_network_gateway,
'connection_type': 'IPsec',
'connection_protocol': 'IKEv2',
'shared_key': local_gw['shared_key']
}
)
The module azure_rm_keyvault_info not show storage field for access policies
From ansible/ansible #68167
azure_rm_keyvault_info
ansible 2.9.6
None
ansible 2.9.6
python version = 3.7.6 (v3.7.6:43364a7ae0, Dec 18 2019, 14:18:50) [Clang 6.0 (clang-600.0.57)]
macOs Catalina 10.15.1 (19B88)
- name: Get Key Vault by name
azure_rm_keyvault_info:
resource_group: "{{ rg }}"
name: "{{ kv_name }}"
register: _kv_info
- name: Show keyvault info
debug:
msg: "{{ _kv_info }}"
- access_policies:
- object_id: xxxx
permissions:
certificates:
- get
- list
keys:
- encrypt
secrets:
- get
storage:
- get
- list
- access_policies:
- object_id: xxxx
permissions:
certificates:
- get
- list
keys:
- encrypt
secrets:
- get
On Python 3.8 (the default on Ubuntu 20.04) this collection fails because is transitively using deprecated python functions.
This was fixed 6 months ago in Azure/azure-cli#11239 in azure-cli-core = ">=2.0.77"
but this collection wants azure-cli-core = "==2.0.35"
Looking through the requirements.txt listed here, it looks like we're kinda far behind.
Any
ansible 2.9.9
python version = 3.8.2 (default, Apr 27 2020, 15:53:34) [GCC 9.3.0]
DEFAULT_LOAD_CALLBACK_PLUGINS(~/.ansible.cfg) = True
DEFAULT_STDOUT_CALLBACK(~/.ansible.cfg) = yaml
INTERPRETER_PYTHON(~/.ansible.cfg) = auto
Distributor ID: Ubuntu
Description: Ubuntu 20.04 LTS
Release: 20.04
Codename: focal
$ virtualenv -p /usr/bin/python3.8 /tmp/foobar
$ cd /tmp/foobar
$ . bin/activate
# this is the current head of the dev branch
$ pip install -r https://raw.githubusercontent.com/ansible-collections/azure/234d9fc70097eb4481fe98c05580c9850c431798/requirements-azure.txt
$ ansible-galaxy collection install azure.azcollection --force
Installing 'azure.azcollection:0.1.3'
$ ansible -vvv \
-c local -e ansible_python_interpreter=/tmp/foobar/bin/python3 \
-i localhost, all \
-m azure.azcollection.azure_rm_resourcegroup -a "name=foobar location=eastus2"
$ ansible -c local -i localhost, all -m azure.azcollection.azure_rm_resourcegroup -a "name=foobar location=eastus2" -vvv
...
<localhost> EXEC /bin/sh -c '/tmp/foobar/bin/python3 /home/njbird/.ansible/tmp/ansible-tmp-1590766242.1559303-3640414-175026806580758/AnsiballZ_azure_rm_resourcegroup.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /home/njbird/.ansible/tmp/ansible-tmp-1590766242.1559303-3640414-175026806580758/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
File "/home/njbird/.ansible/tmp/ansible-tmp-1590766242.1559303-3640414-175026806580758/AnsiballZ_azure_rm_resourcegroup.py", line 102, in <module>
_ansiballz_main()
File "/home/njbird/.ansible/tmp/ansible-tmp-1590766242.1559303-3640414-175026806580758/AnsiballZ_azure_rm_resourcegroup.py", line 94, in _ansiballz_main
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
File "/home/njbird/.ansible/tmp/ansible-tmp-1590766242.1559303-3640414-175026806580758/AnsiballZ_azure_rm_resourcegroup.py", line 40, in invoke_module
...
File "/tmp/ansible_azure.azcollection.azure_rm_resourcegroup_payload_wu2wgs7f/ansible_azure.azcollection.azure_rm_resourcegroup_payload.zip/ansible_collections/azure/azcollection/plugins/module_utils/azure_rm_common.py", line 1359, in _get_azure_cli_credentials
File "/tmp/foobar/lib/python3.8/site-packages/azure/common/credentials.py", line 46, in get_azure_cli_credentials
profile = get_cli_profile()
File "/tmp/foobar/lib/python3.8/site-packages/azure/common/credentials.py", line 29, in get_cli_profile
return Profile(storage=ACCOUNT)
File "/tmp/foobar/lib/python3.8/site-packages/azure/cli/core/_profile.py", line 125, in __init__
self.cli_ctx = cli_ctx or get_default_cli()
File "/tmp/foobar/lib/python3.8/site-packages/azure/cli/core/__init__.py", line 485, in get_default_cli
return AzCli(cli_name='az',
File "/tmp/foobar/lib/python3.8/site-packages/azure/cli/core/__init__.py", line 52, in __init__
SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600)
File "/tmp/foobar/lib/python3.8/site-packages/azure/cli/core/_session.py", line 37, in load
if st.st_mtime + max_age < time.clock():
AttributeError: module 'time' has no attribute 'clock'
I would like to define my own formula for generating the inventory_hostname. As Azure does not allow renaming VMs, I need to use a tag to get our names for the VM. I want to use our standardize tag name so that I can add vars in host_vars/
as required.
azure_rm inventory plugin
This is a continuation of ansible/ansible#54065 which only requested the ability to configure the legacy behavior.
I want to define my own inventory_hostname as mentiond here:
azure/plugins/inventory/azure_rm.py
Lines 366 to 368 in 4467d13
For reference, this is the section that currently defines the legacy/unique hostname definition:
azure/plugins/inventory/azure_rm.py
Lines 504 to 508 in 4467d13
In both cases, this uses vm_model['name']
but I explicitly do NOT want to use vm_model['name']
because Azure doesn't let me rename VMs.
node_resource_group doesn't work with azure_rm_aks in ansible 2.9.6
azure_rm_aks
ansible 2.9.6
config file = None
configured module search path = [u'/home/devans/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /home/devans/.local/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Apr 9 2019, 16:02:27) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36.0.1)]
cat /etc/oracle-release
Oracle Linux Server release 7.6
- name: Create a managed Azure Container Services (AKS) instance in mel for APT
azure_rm_aks:
name: "{{ snd_aks_mel_cluster_name }}"
location: "{{ snd_mel_nsg_location }}"
resource_group: "{{ snd_aks_resource_group }}"
node_resource_group: "{{ snd_aks_mel_node_resource_group_name }}"
enable_rbac: yes
dns_prefix: "{{ snd_aks_mel_cluster_name }}"
kubernetes_version: "{{ versionssyd.azure_aks_versions[-1] }}"
linux_profile:
admin_username: azure-user
ssh_key: "{{ lookup('file', '/home/devans/ansible-awx-git/cloud-automation/azure-user-ssh-key.pub') }}"
service_principal:
client_id: "{{ snd_apt_mel_spr_client_id }}"
client_secret: "{{ snd_apt_mel_spr_secret }}"
agent_pool_profiles:
- name: nodepool1
count: 3
vm_size: Standard_DS3_v2
vnet_subnet_id: "{{ snd_mel_subnet_reg.state.id }}"
network_profile:
dns_service_ip: "10.253.0.10"
docker_bridge_cidr: "10.255.0.1/16"
network_plugin: kubenet
service_cidr: "10.253.0.0/16"
addon:
monitoring:
enabled: yes
log_analytics_workspace_resource_id: "{{ snd_mel_law_reg.id }}"
profile: "{{ profilename }}"
tags:
CostCenter: "{{ CostCenter_tag }}"
Environment: "{{ Environment_tag }}"
Owner: "{{ Owner_tag }}"
environment: "{{ proxy_env }}"
register: aks_mel
Ansible module azure_rm_aks allows to pass node_resource_group argument
"msg": "Unsupported parameters for (azure_rm_aks) module: node_resource_group Supported parameters include: aad_profile, ad_user, addon, adfs_authority_url, agent_pool_profiles, api_profile, append_tags, auth_source, cert_validation_mode, client_id, cloud_environment, dns_prefix, enable_rbac, kubernetes_version, linux_profile, location, name, network_profile, password, profile, resource_group, secret, service_principal, state, subscription_id, tags, tenant"
}
I saw in ansible 2.9.6 azure_rm_aks.py python script and looks it accepts the node_resource_group argument . For some reason it looks like not working . Or may be we are not there yet ?
Also I have tried role azure_preview_modules , still I get similar error
Migrated from Ansible issue #67839
Azure KeyVault secrets have an optional content type. This is exposed via the setsecret REST API and Az Powershell Set-AzKeyVaultSecret
. The azure_rm_keyvaultsecret
module does not support this option.
azure_rm_keyvaultsecret
I would like a secret_content_type
parameter added to the module.
# Example invocation
- name: Create a secret
azure_rm_keyvaultsecret:
secret_name: MySecret
secret_value: My_Pass_Sec
secret_content_type: My_Content_Type
keyvault_uri: https://contoso.vault.azure.net/
tags:
testing: testing
delete: never
azure_rm_deployment marks the TASK failed when using dependson under template ( either in YML format or when using JSON file as template).
The same JSON file works fine when using with command
az group deployment create --template-file <JSON_FILE_NAME>
azure_rm_deployment
ansible 2.8.5
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/opt/ansible/roles']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Jun 11 2019, 14:33:56) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
ANSIBLE_NOCOWS(/etc/ansible/ansible.cfg) = True
ANSIBLE_PIPELINING(/etc/ansible/ansible.cfg) = True
ANY_ERRORS_FATAL(/etc/ansible/ansible.cfg) = True
DEFAULT_MANAGED_STR(/etc/ansible/ansible.cfg) = This file was created by Ansible, do not modify manually.
DEFAULT_MODULE_PATH(/etc/ansible/ansible.cfg) = [u'/opt/ansible/roles']
DEFAULT_PRIVATE_KEY_FILE(/etc/ansible/ansible.cfg) = /home/xxxx/.ssh/xxxx
DEFAULT_ROLES_PATH(/etc/ansible/ansible.cfg) = [u'/opt/ansible/roles']
DISPLAY_SKIPPED_HOSTS(/etc/ansible/ansible.cfg) = False
HOST_KEY_CHECKING(/etc/ansible/ansible.cfg) = False
RETRY_FILES_ENABLED(/etc/ansible/ansible.cfg) = False
Linux 3.10.0-1062.1.1.el7.x86_64 #1 SMP Tue Aug 13 18:39:59 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux - Red Hat Enterprise Linux Server release 7.7 (Maipo)
Aim:
# Create/Update
- name: 'Create Check Point Firewall'
azure_rm_deployment:
state: "{{ item.checkpoint_firewall_state | default('present') }}"
resource_group_name: "{{ item.checkpoint_firewall_resource_group_name }}"
location: "{{ item.checkpoint_firewall_resource_group_locationย | default('westeurope') }}"
deployment_name: "{{ item.checkpoint_firewall_name }}"
wait_for_deployment_polling_period: 10
wait_for_deployment_completion: yes
template: "{{ lookup('file', 'azuredeploy.json') }}"
"condition": "[not(equals(parameters('checkpoint_nic2'),''))]",
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2018-11-01",
"location": "[resourceGroup().location]",
"name": "[variables('nic2name')]",
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2018-10-01",
"dependson": [
"[concat('Microsoft.Network/networkInterfaces/', variables('nic1name'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('nic2name'))]"
],
NOTE: Please note that same json file if being deployed via az group deployment create --template-file command works perfectly fine.
The VM must be deployed with 1 NIC card ( if user has not provided value for second nic card)
The playbook fails complaining that nic2 is not found .
The full traceback is:
Traceback (most recent call last):
File "<stdin>", line 114, in <module>
File "<stdin>", line 106, in _ansiballz_main
File "<stdin>", line 49, in invoke_module
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 703, in <module>
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 699, in main
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 472, in __init__
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/ansible_azure_rm_deployment_payload.zip/ansible/module_utils/azure_rm_common.py", line 325, in __init__
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 495, in exec_module
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 648, in _get_instances
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 692, in _nic_to_public_ips_instance
File "/tmp/ansible_azure_rm_deployment_payload_DfG4BJ/__main__.py", line 692, in <genexpr>
File "/usr/lib/python2.7/site-packages/azure/mgmt/network/v2018_08_01/operations/network_interfaces_operations.py", line 175, in get
raise exp
msrestazure.azure_exceptions.CloudError: Azure Error: ResourceNotFound
Message: The Resource 'Microsoft.Network/networkInterfaces/XXXXXXXXX' under resource group 'YYYYYYYY' was not found.
ansible core docs for inventory plugin here: https://docs.ansible.com/ansible/latest/plugins/inventory/azure_rm.html say install azure
package:
The below requirements are needed on the local master node that executes this inventory.
I'm not 100% sure where docs for the plugin going forward will live, e.g. the plugin distributed by the collection, but I want to make sure the docs get fixed for the future as well as back in the core docs (hence https://github.com/ansible/ansible/issues/68940)
python >= 2.7
azure >= 2.0.0
Parameters
current docs in collection repo: https://github.com/ansible-collections/azure#requirements don't list any requirements
azure inventory plugin
any ansible version since azure inventory plugin was introduced
n/a
Traceback from pip when you try and install azure
:
RuntimeError:
Starting with v5.0.0, the 'azure' meta-package is deprecated and cannot be installed anymore.
Please install the service specific packages prefixed by `azure` needed for your application.
The complete list of available packages can be found at:
https://aka.ms/azsdk/python/all
Here's a non-exhaustive list of common packages:
- azure-mgmt-compute (https://pypi.python.org/pypi/azure-mgmt-compute) : Management of Virtual Machines, etc.
- azure-mgmt-storage (https://pypi.python.org/pypi/azure-mgmt-storage) : Management of storage accounts.
- azure-mgmt-resource (https://pypi.python.org/pypi/azure-mgmt-resource) : Generic package about Azure Resource Management (ARM)
- azure-keyvault-secrets (https://pypi.python.org/pypi/azure-keyvault-secrets) : Access to secrets in Key Vault
- azure-storage-blob (https://pypi.python.org/pypi/azure-storage-blob) : Access to blobs in storage accounts
A more comprehensive discussion of the rationale for this decision can be found in the following issue:
https://github.com/Azure/azure-sdk-for-python/issues/10646
The inventory plugin works with Ansible 2.9, but does not work with current devel
branch, which becomes Ansible 2.10 at some point.
plugins/inventory
ansible-inventory 2.10.0.dev0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/var/lib/awx/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-inventory
python version = 2.7.5 (default, Sep 26 2019, 13:23:47) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]
defaults
mac / control machine
Call ansible-inventory
and point it to your inventory file location.
works same in Ansible 2.9 and Ansible 2.10.
[WARNING]: * Failed to parse /tmp/awx_135_3xm2x23k/azure_rm.yml with auto
plugin: unknown doc_fragment(s) in file /var/lib/awx/vendor/inventory_collectio
ns/ansible_collections/azure/azcollection/plugins/inventory/azure_rm.py: azure
File "/usr/lib/python2.7/site-packages/ansible/inventory/manager.py", line 287, in parse_source
plugin.parse(self._inventory, self._loader, source, cache=cache)
File "/usr/lib/python2.7/site-packages/ansible/plugins/inventory/auto.py", line 50, in parse
plugin = inventory_loader.get(plugin_name)
File "/usr/lib/python2.7/site-packages/ansible/plugins/loader.py", line 553, in get
self._load_config_defs(name, self._module_cache[path], path)
File "/usr/lib/python2.7/site-packages/ansible/plugins/loader.py", line 290, in _load_config_defs
add_fragments(dstring, path, fragment_loader=fragment_loader)
File "/usr/lib/python2.7/site-packages/ansible/utils/plugin_docs.py", line 116, in add_fragments
raise AnsibleError('unknown doc_fragment(s) in file {0}: {1}'.format(filename, to_native(', '.join(unknown_fragments))))
This is caused by:
azure/plugins/inventory/azure_rm.py
Lines 11 to 12 in 40fac23
You can reference the FQCN doc fragment, that is azure.azcollection.azure
, but azure
was removed with the removal of content from Ansible core.
This isn't the only collection hit by this, it's a thing going around. I'm using this, so you hear about it from me.
azure_rm_postgresqlserver admin_password field doesn't update
azure_rm_postgresqlserver
ansible 2.9.6
config file = /home/drutledg/buildops/ansible/ansible.cfg
configured module search path = ['/home/drutledg/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Apr 18 2020, 01:56:04) [GCC 8.4.0]
ANSIBLE_SSH_ARGS(/home/drutledg/buildops/ansible/ansible.cfg) = -C -o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=../auth/ssh/known_hosts -o StrictHostKeyChecking
DEFAULT_HOST_LIST(/home/drutledg/buildops/ansible/ansible.cfg) = ['/home/drutledg/buildops/ansible/inventory']
DEFAULT_PRIVATE_KEY_FILE(/home/drutledg/buildops/ansible/ansible.cfg) = /home/drutledg/buildops/auth/ssh/local/id_rsa
DEFAULT_ROLES_PATH(/home/drutledg/buildops/ansible/ansible.cfg) = ['/home/drutledg/.ansible/roles', '/home/drutledg/buildops/ansible/roles', '/usr/share/ansible/roles', '/etc/ansibl
INVENTORY_ENABLED(/home/drutledg/buildops/ansible/ansible.cfg) = ['auto', 'yaml']
Windows WSL - Ubuntu 18.04
Run the playbook below, then update the admin_password value to a new one, and run the playbook again. No change is observed. Change is observed if other fields are updated.
- name: Create Postgres 9.6 instances
azure_rm_postgresqlserver:
resource_group: myresourcegroup
name: mypostgresservername
sku:
name: B_Gen5_2
tier: Basic
storage_mb: 5120
enforce_ssl: True
admin_username: pgadmin
admin_password: "**new admin password**"
version: "9.6"
admin-password would be updated in the postgres server, and change would be registered in the ansible execution
admin-password field is not updated, and no change is registred by ansible --
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: drutledg
<127.0.0.1> EXEC /bin/sh -c 'echo ~drutledg && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207 `" && echo ansible-tmp-1589819314.3041928-148793130011207="` echo /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207 `" ) && sleep 0'
Using module file /usr/local/lib/python3.6/dist-packages/ansible/modules/cloud/azure/azure_rm_postgresqlserver.py
<127.0.0.1> PUT /home/drutledg/.ansible/tmp/ansible-local-9149vg_n24fj/tmp9hix7eho TO /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207/AnsiballZ_azure_rm_postgresqlserver.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207/ /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207/AnsiballZ_azure_rm_postgresqlserver.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python3 /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207/AnsiballZ_azure_rm_postgresqlserver.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /home/drutledg/.ansible/tmp/ansible-tmp-1589819314.3041928-148793130011207/ > /dev/null 2>&1 && sleep 0'
ok: [localhost] => (item={'region_code': 'usc', 'location': 'centralus'}) => {
"ansible_index_var": "index",
"ansible_loop_var": "resource",
"changed": false,
"fully_qualified_domain_name": "mypostgresservername.postgres.database.azure.com",
"id": "/subscriptions/xxxxx-xxxx-xxxx-xxxx-xxxxxxx/resourceGroups/rg-jfrog-usc/providers/Microsoft.DBforPostgreSQL/servers/mypostgresservername",
"index": 0,
"invocation": {
"module_args": {
"ad_user": null,
"adfs_authority_url": null,
"admin_password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
"admin_username": "pgadmin",
"api_profile": "latest",
"append_tags": true,
"auth_source": null,
"cert_validation_mode": null,
"client_id": null,
"cloud_environment": "AzureCloud",
"create_mode": "Default",
"enforce_ssl": true,
"location": null,
"name": "mypostgresservername",
"password": null,
"profile": null,
"resource_group": "myresourcegroup",
"secret": null,
"sku": {
"name": "B_Gen5_2",
"tier": "Basic"
},
"state": "present",
"storage_mb": 5120,
"subscription_id": null,
"tags": null,
"tenant": null,
"version": "9.6"
}
},
"resource": {
"location": "centralus",
"region_code": "usc"
},
"state": "Ready",
"version": "9.6"
}
I am able to update the password successfully with az cli --
az postgres server update --admin-password **new password** --name mypostgresservername --resource-group myresourcegroup
and verify connection successfully --
psql -h mypostgresservername .postgres.database.azure.com -U pgadmin@mypostgresservername
Other azure_rm_postgresqlserver fields update as expected, and the change is registered in ansible.
Wrong example name field in azure_rm_roleassignment_info
azure_rm_roleassignment_info module
ansible 2.9.6
config file = /Users/imjoseangel/Documents/source/sandbox/ansible.cfg
configured module search path = ['/Users/imjoseangel/Documents/source/sandbox/library']
ansible python module location = /Users/imjoseangel/.pyenv/versions/3.7.7/Python.framework/Versions/3.7/lib/python3.7/site-packages/ansible
executable location = /Users/imjoseangel/.pyenv/versions/3.7.7/bin/ansible
python version = 3.7.7 (default, Mar 15 2020, 09:32:17) [Clang 11.0.0 (clang-1100.0.33.16)]
The _azure.py
module should be removed as it is an empty file that was deprecated and removed in ansible version 2.8.
I would recommend not shipping anything that is deprecated in your collection, especially the one going up to Automation Hub.
I will open a PR that removes the file shortly.
MS have already developed a lookup plugin for Key Vault
https://github.com/Azure/azure_preview_modules/blob/master/lookup_plugins/azure_keyvault_secret.py
Would be great to add it to the collection.
Ansible support to create disk encryption set. This feature is required for another feature request.
#80
Most probably a new Ansible module
https://docs.microsoft.com/en-us/cli/azure/disk-encryption-set?view=azure-cli-latest#az-disk-encryption-set-create
Is anyone working on this feature currently? If yes what is the ETA?
The documentation for the azure_rm_virtualmachine module doesn't specify that the parameter data_disks: caching=none option can be used.
Docs: https://docs.ansible.com/ansible/latest/modules/azure_rm_virtualmachine_module.html
Ideally the it should explicitly say that the parameter data_disks/caching can be set to none.
azure_rm_virtualmachine data_disks/caching
ansible 2.9.7
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/panzer/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/panzer/.local/lib/python3.6/site-packages/ansible
executable location = /home/panzer/.local/bin/ansible
python version = 3.6.9 (default, Apr 18 2020, 01:56:04) [GCC 8.4.0]
I am trying to use the azure_rm_deployment module to create azure vm. I have a custom byol template.
This template works fine if i use just the template.
But when i pass the parameters file along with the template, it throws the below mentioned error:
fatal: [localhost]: FAILED! => {"changed": false, "failed_deployment_operations": [], "msg": "Deployment failed with status code: 400 and message: Operation failed with status: 'Bad Request'. Details: 400 Client Error: Bad Request for url: https://management.azure.com/subscriptions/<subscription_id>/resourcegroups/<resource_group>/providers/Microsoft.Resources/deployments/<deployment_name??api-version=2017-05-10"}
When i click on the link, it gives some authorization error as shown below:
{"error":{"code":"AuthenticationFailed","message":"Authentication failed. The 'Authorization' header is missing."}}
But it does not throw this error if i remove the "parameters: "{{ (lookup('file', 'parameters.json') | from_json).parameters }}"" line from the playbook and pass the default values in the template file.
azure_rm_deployment
ansible 2.9.7
ANSIBLE_SSH_CONTROL_PATH_DIR(/home/bhavani/ansible.cfg) = /tmp/.ansible/cp
ANSIBLE_SSH_EXECUTABLE(/home/bhavani/ansible.cfg) = /usr/bin/ssh
DEFAULT_LOG_PATH(/home/bhavani/ansible.cfg) = /home/bhavani/ansible.log
DEFAULT_VAULT_PASSWORD_FILE(/home/bhavani/ansible.cfg) = /home/bhavani/.vault-pass.txt
DEPRECATION_WARNINGS(/home/bhavani/ansible.cfg) = False
HOST_KEY_CHECKING(/home/bhavani/ansible.cfg) = False
LOCALHOST_WARNING(/home/bhavani/ansible.cfg) = False
RETRY_FILES_ENABLED(/home/bhavani/ansible.cfg) = False
playbook:
hosts: localhost
connection: local
gather_facts: yes
tasks:
name: Ensure the VM is deployed to Azure
azure_rm_deployment:
state: present
name: deploymentname
location: West India
resource_group_name: resource_group
template: "{{ lookup('file', 'deploy-f5-byol.json') }}"
parameters: "{{ (lookup('file', 'parameters.json') | from_json).parameters }}"
When i run the playbook, it throws the below error:
command: ansible-playbook ansiblevm.yaml
[WARNING]: No inventory was parsed, only implicit localhost is available
PLAY [localhost] *********************************************************************************************************
TASK [Gathering Facts] ***************************************************************************************************
ok: [localhost]
TASK [Ensure the VM is deployed to Azure] ********************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "failed_deployment_operations": [], "msg": "Deployment failed with status code: 400 and message: Operation failed with status: 'Bad Request'. Details: 400 Client Error: Bad Request for url: https://management.azure.com/subscriptions/<subscription_id>/resourcegroups/<resource_group>/providers/Microsoft.Resources/deployments/deploymentname?api-version=2017-05-10"}
PLAY RECAP ***************************************************************************************************************
localhost : ok=1 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
This issue was re-opened here, original discussion can be found in ansible/ansible#66849.
I'm attempting to create a static IPv6 address with the azure_rm_publicipaddress module. Static IPv6 addresses are only supported with the 'Standard' SKU (see Limitations). Setting this SKU however results in a StandardSkuPublicIPAddressesMustBeStatic Azure Error, even though I set allocation_method
to Static
.
azure_rm_publicipaddress
ansible 2.9.4
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/imre/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /home/imre/.local/share/virtualenvs/debops-ciphermail-QJnPILZz/lib/python3.7/site-packages/ansible
executable location = /home/imre/.local/share/virtualenvs/debops-ciphermail-QJnPILZz/bin/ansible
python version = 3.7.3 (default, Apr 3 2019, 05:39:12) [GCC 8.3.0]
[empty]
I'm running Ansible 2.9.4 inside a virtual environment with Python 3.7.3 on Debian 10.2. These are the Azure client libraries in use:
azure-cli-core==2.0.35
azure-cli-nspkg==3.0.2
azure-common==1.1.11
azure-graphrbac==0.40.0
azure-keyvault==1.0.0a1
azure-mgmt-authorization==0.51.1
azure-mgmt-automation==0.1.1
azure-mgmt-batch==5.0.1
azure-mgmt-cdn==3.0.0
azure-mgmt-compute==4.4.0
azure-mgmt-containerinstance==1.4.0
azure-mgmt-containerregistry==2.0.0
azure-mgmt-containerservice==4.4.0
azure-mgmt-cosmosdb==0.5.2
azure-mgmt-devtestlabs==3.0.0
azure-mgmt-dns==2.1.0
azure-mgmt-hdinsight==0.1.0
azure-mgmt-iothub==0.7.0
azure-mgmt-keyvault==1.1.0
azure-mgmt-loganalytics==0.2.0
azure-mgmt-marketplaceordering==0.1.0
azure-mgmt-monitor==0.5.2
azure-mgmt-network==2.3.0
azure-mgmt-nspkg==2.0.0
azure-mgmt-rdbms==1.4.1
azure-mgmt-redis==5.0.0
azure-mgmt-resource==2.1.0
azure-mgmt-servicebus==0.5.3
azure-mgmt-sql==0.10.0
azure-mgmt-storage==3.1.0
azure-mgmt-trafficmanager==0.50.0
azure-mgmt-web==0.41.0
azure-nspkg==2.0.0
azure-storage==0.35.1
---
- name: Manage Azure cloud infrastructure
hosts: localhost
tasks:
- name: Create static IPv6 address
azure_rm_publicipaddress:
name: 'testimre-ipv6'
resource_group: 'ansible'
location: 'centralus'
version: 'ipv6'
sku: 'Standard'
allocation_method: 'Static'
A static IPv6 address should be created with 'Standard' SKU.
Error creating or updating testimre-ipv6 - Azure Error: StandardSkuPublicIPAddressesMustBeStatic
Message: Standard sku publicIp /subscriptions/CENSORED/resourceGroups/ansible/providers/Microsoft.Network/publicIPAddresses/testimre-ipv6 must have AllocationMethod set to Static.
It seems that some of the tasks only support simple resource configuration at this time. Two scenarios I've come across that supports this theory is:
Is this accurate? If not, can you please provide an example of how to accomplish this?
ansible 2.9.9
config file = /etc/ansible/ansible.cfgconfigured module search path = ['/home/ansibleadmin/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 3.6.9 (default, Apr 18 2020, 01:56:04) [GCC 8.4.0]
Migrate batch one modules from Ansible core to collection, including module files and integration tests.
azure_rm_keyvaultsecret_info.py
- name: Get secret current version
azure_rm_keyvaultsecret_info:
vault_uri: https://vault{{ rpfx }}.vault.azure.net
name: testsecret
register: facts
- name: Assert secret facts
assert:
that:
- facts['secrets'] | length == 1
- facts['secrets'][0]['sid']
- facts['secrets'][0]['secret']
- facts['secrets'][0]['tags']
- facts['secrets'][0]['version']
2.10
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.