ansible-collection-checkmk.general
ansible-collection-checkmk.general copied to clipboard
Published
20 hours ago •
Checkmk
Checkmk
[BUG] Error in the Agent role, Firewall seems to be only installed if checkmk_agent_server is an ip address
Describe the bug
It seems the Firewall Rules (Redhat and Debian) are only created if the checkmk_agent_server is an Ip address and skipped when not, which seems a bit Odd since you need an FQDN if you want to use https and check the cert.
Component Name
Component Name: roles/agent/tasks/ Debian.yml and Redhat.yml
Ansible Version
ansible [core 2.14.5]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.8 (main, Feb 19 2024, 22:58:08) [GCC 12.2.1 20220924] (/usr/bin/python3)
jinja version = 3.1.2
libyaml = True
Checkmk Version and Edition
2.2.0p24 (CRE)
Collection Version
Collection Version
----------------------------- -------
amazon.aws 5.4.0
ansible.netcommon 4.1.0
ansible.posix 1.5.2
ansible.utils 2.9.0
ansible.windows 1.13.0
arista.eos 6.0.1
awx.awx 21.14.0
azure.azcollection 1.15.0
check_point.mgmt 4.0.0
chocolatey.chocolatey 1.4.0
cisco.aci 2.6.0
cisco.asa 4.0.0
cisco.dnac 6.7.1
cisco.intersight 1.0.27
cisco.ios 4.5.0
cisco.iosxr 4.1.0
cisco.ise 2.5.12
cisco.meraki 2.15.1
cisco.mso 2.4.0
cisco.nso 1.0.3
cisco.nxos 4.3.0
cisco.ucs 1.8.0
cloud.common 2.1.3
cloudscale_ch.cloud 2.2.4
community.aws 5.4.0
community.azure 2.0.0
community.ciscosmb 1.0.5
community.crypto 2.12.0
community.digitalocean 1.23.0
community.dns 2.5.3
community.docker 3.4.3
community.fortios 1.0.0
community.general 6.6.0
community.google 1.0.0
community.grafana 1.5.4
community.hashi_vault 4.2.0
community.hrobot 1.8.0
community.libvirt 1.2.0
community.mongodb 1.5.2
community.mysql 3.6.0
community.network 5.0.0
community.okd 2.3.0
community.postgresql 2.3.2
community.proxysql 1.5.1
community.rabbitmq 1.2.3
community.routeros 2.8.0
community.sap 1.0.0
community.sap_libs 1.4.1
community.skydive 1.0.0
community.sops 1.6.1
community.vmware 3.5.0
community.windows 1.12.0
community.zabbix 1.9.3
containers.podman 1.10.1
cyberark.conjur 1.2.0
community.zabbix 1.9.3
containers.podman 1.10.1
cyberark.conjur 1.2.0
cyberark.pas 1.0.17
dellemc.enterprise_sonic 2.0.0
dellemc.openmanage 6.3.0
dellemc.os10 1.1.1
dellemc.os6 1.0.7
dellemc.os9 1.0.4
dellemc.powerflex 1.6.0
dellemc.unity 1.6.0
f5networks.f5_modules 1.23.0
fortinet.fortimanager 2.1.7
fortinet.fortios 2.2.3
frr.frr 2.0.2
gluster.gluster 1.0.2
google.cloud 1.1.3
grafana.grafana 1.1.1
hetzner.hcloud 1.11.0
hpe.nimble 1.1.4
ibm.qradar 2.1.0
ibm.spectrum_virtualize 1.11.0
infinidat.infinibox 1.3.12
infoblox.nios_modules 1.4.1
inspur.ispim 1.3.0
inspur.sm 2.3.0
junipernetworks.junos 4.1.0
kubernetes.core 2.4.0
lowlydba.sqlserver 1.3.1
mellanox.onyx 1.0.0
microsoft.ad 1.0.0
netapp.aws 21.7.0
netapp.azure 21.10.0
netapp.cloudmanager 21.22.0
netapp.elementsw 21.7.0
netapp.ontap 22.5.0
netapp.storagegrid 21.11.1
netapp.um_info 21.8.0
netapp_eseries.santricity 1.4.0
netbox.netbox 3.12.0
ngine_io.cloudstack 2.3.0
ngine_io.exoscale 1.0.0
ngine_io.vultr 1.1.3
openstack.cloud 1.10.0
openvswitch.openvswitch 2.1.0
ovirt.ovirt 2.4.1
purestorage.flasharray 1.17.2
purestorage.flashblade 1.11.0
purestorage.fusion 1.4.2
sensu.sensu_go 1.13.2
splunk.es 2.1.0
t_systems_mms.icinga_director 1.32.2
theforeman.foreman 3.10.0
vmware.vmware_rest 2.3.1
vultr.cloud 1.7.0
vyos.vyos 4.0.2
wti.remote 1.0.4
To Reproduce Steps to reproduce the behavior: run a playbook that uses the agent role with an FQDN as the checkmk_agent_server and set checkmk_agent_configure_firewall: 'true' FW Rule does not get generated
Expected behavior convert the FQDN to an IP and use that as the checkmk_agent_server_ip
Actual behavior Currently the Firewall Rule generation gets completly skipped if checkmk_agent_server is not an ip
Minimum reproduction example
- name: "Install and Register hosts Agents"
hosts: cmk_clients
collections:
- checkmk.general
vars:
checkmk_agent_server: "test.example.com"
checkmk_agent_site: monitoring
checkmk_agent_user: XXXXX
checkmk_agent_pass: XXXXX
# client agent config
checkmk_agent_edition: cre
checkmk_agent_version: "2.2.0p24"
checkmk_agent_discover: 'true'
checkmk_agent_update: 'false' #Register host for automatic updates
checkmk_agent_configure_firewall: 'true'
checkmk_agent_add_host: 'false'
checkmk_agent_server_protocol: https
checkmk_agent_tls: 'true'
roles:
- agent
Additional context
