geerlingguy
Molecule throws error during gather_facts : Failed to create temporary directory
Overview
This appears to be an issue with default docker settings on ubuntu 22.04 desktop, so I don't think it is an actual issue with the image. However, I wasn't sure where else to put the knowledge. Apologies if this is the wrong call.
Error
When running molecule test with the geerlingguy/docker-ubuntu2204-ansible:latest image, gather_facts throws the error:
{"changed": false, "msg": "Failed to create temporary directory.
In some cases, you may have been able to authenticate and did not have permissions on the target directory.
Consider changing the remote tmp path in ansible.cfg to a path rooted in \"/tmp\", for more error
information use -vvv.
Failed command was: ( umask 77 && mkdir -p \"` echo ~/.ansible/tmp `\"&& mkdir \"` echo ~/.ansible/tmp/ansible-tmp-1662828157.3138137-2593026-85746141845239 `\" && echo ansible-tmp-1662828157.3138137-2593026-85746141845239=\"`
echo ~/.ansible/tmp/ansible-tmp-1662828157.3138137-2593026-85746141845239 `\" ),
exited with result 1", "unreachable": true}
As stated clearly in the README for this project, the cgroupns=host should be used. Docker says the default cgroupns is host, however unless I specified that on the command line, it would not run manually or via molecule.
Making modifications to molecule.yml did nothing. Finally I edited /etc/docker/daemon.json to set the default cgroupns for docker to host and it started working.
Fix
Add `default-cgroupns-mode" to docker's daemon.json file and restart docker.
$ cat /etc/docker/daemon.json
{
"default-cgroupns-mode": "host"
}
Alternate Fix
If someone knows how to specify cgroupns in the molecule file, I think that would be a better solution. I could not find anyway to do so. Please comment if you know how.
Host Machine
Host: Ubuntu 22.04 Desktop, amd64
Docker Version
Client: Docker Engine - Community
Version: 20.10.17
API version: 1.41
Go version: go1.17.11
Git commit: 100c701
Built: Mon Jun 6 23:02:46 2022
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.17
API version: 1.41 (minimum version 1.12)
Go version: go1.17.11
Git commit: a89b842
Built: Mon Jun 6 23:00:51 2022
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.6
GitCommit: 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
runc:
Version: 1.1.2
GitCommit: v1.1.2-0-ga916309
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Molecule Config
---
dependency:
name: galaxy
driver:
name: docker
lint: |
yamllint .
ansible-lint
flake8
platforms:
- name: ubuntu-22.04
image: geerlingguy/docker-ubuntu2204-ansible:latest
command: "/lib/systemd/systemd"
privileged: true
pre_build_image: false
#dockerfile: ../common/Dockerfile-ubuntu.j2
capabilities:
- SYS_ADMIN
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
tmpfs:
- /run
- /tmp
provisioner:
name: ansible
verifier:
name: ansible
Concur with @patrickstump that this isn't actually an issue for this repo/image - molecule has an open discussion (here) and a PR in the works (here).
For those with the same issue, this is the solution:
# molecule.yml
# ,,,
platforms:
- name: ubuntu2204
image: geerlingguy/docker-ubuntu2204-ansible:latest
cgroupns_mode: host
command: ""
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw # won't work with ro
privileged: true
pre_build_image: true
# ...
My understanding is that this removes any isolation from the container and the processes run directly on the host. Obviously an issue in prod, but fine for local dev and automated testing on GitHub Actions.
