ansible-modules-hashivault
ansible-modules-hashivault copied to clipboard
Published
20 hours ago •
TerryHowe
TerryHowe
The module does not work with ansible install via apt
Hi, Module does not work on servers or ansible was installed directly via apt and not pip OS: Ubuntu 16.04 x64 update to date
root@srv01:~# ansible --version
ansible 2.4.3.0
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
executable location = /usr/local/bin/ansible
python version = 2.7.12 (default, Dec 4 2017, 14:50:18) [GCC 5.4.0 20160609]
Exemple
apt update
apt install software-properties-common
apt-add-repository ppa:ansible/ansible
apt update
apt install ansible
pip install ansible-modules-hashivault
export VAULT_ADDR="https://vault.mydomain:8200"
export VAULT_SKIP_VERIFY=1
Exemple: test.yml
- hosts: localhost
tasks:
- name: "blabla"
hashivault_status:
register: 'vault_status'
- assert: { that: "{{vault_status.changed}} == False" }
- assert: { that: "{{vault_status.status.progress}} == 0" }
- assert: { that: "{{vault_status.status.sealed}} == False" }
- assert: { that: "{{vault_status.rc}} == 0" }
root@srv01:~# ansible-playbook test.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in '/root/test.yml': line 3, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
- name: "blabla"
^ here
The error appears to have been in '/root/test.yml': line 3, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
- name: "blabla"
^ here
exception type: <class 'ansible.errors.AnsibleParserError'>
exception: no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in '/root/test.yml': line 3, column 5, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
- name: "blabla"
^ here
The same playbook on a server with Ansible install via pip
root@srv02:~# ansible-playbook test.yml
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
PLAY [localhost] ************************************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************************************************
ok: [localhost]
TASK [blabla] ***************************************************************************************************************************************************************************************************************************
ok: [localhost]
TASK [assert] ***************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [assert] ***************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [assert] ***************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
TASK [assert] ***************************************************************************************************************************************************************************************************************************
ok: [localhost] => {
"changed": false,
"msg": "All assertions passed"
}
PLAY RECAP ******************************************************************************************************************************************************************************************************************************
localhost : ok=6 changed=0 unreachable=0 failed=0
Yes on Xenial:
root@sandbox:/usr/local/lib/python2.7# find / -name module_utils
/usr/local/lib/python2.7/dist-packages/ansible/module_utils
/usr/lib/python2.7/dist-packages/ansible/module_utils
Two possible solutions:
- Add a package to ubuntu or a ppa to install hashivault
- Perhaps there is some environment variable to determine the location of ansible for pip
For now, the work around is going to have to be use pip to install ansible on ubuntu
Otherwise, the pip installation method is quite satisfactory. Besides, it's probably better to fix the pip package than to create a new one for apt.
Thanks for this module !
I had success using the following command after installing hashivault via pip:
ansible-playbook --module-path=/usr/local/lib/python2.7/dist-packages/ansible/modules/hashivault -i inventory/mycluster/hosts.ini -b cluster.yml
The main problem is default ansible python module location.
Default path is: /usr/lib/python2.7/dist-packages/ansible when it installed from apt.
But pip installing module to local libs: /usr/local/lib/python2.7/dist-packages/ansible
In my opinion it's huge problem and it must be resolved inside module.
By the way, we can quickly hack it this using symlinks:
ln -s /usr/local/lib/python2.7/dist-packages/ansible/modules/hashivault /usr/lib/python2.7/dist-packages/ansible/modules/hashivault
ln -s /usr/local/lib/python2.7/dist-packages/ansible/module_utils/hashivault.py /usr/lib/python2.7/dist-packages/ansible/module_utils/hashivault.py
@TerryHowe could you please confirm it will be fixed soon even I will made it for community. It's official module and I think it may be done asap.
UPD: one more option:
export ANSIBLE_LIBRARY='/usr/local/lib/python2.7/dist-packages/ansible:/usr/lib/python2.7/dist-packages/ansible'
export ANSIBLE_MODULE_UTILS='/usr/local/lib/python2.7/dist-packages/ansible/module_utils:/usr/lib/python2.7/dist-packages/ansible/module_utils'
I have the same problem under Centos 7 with ansible-playbook:
centos@bhenrion4 /home/centos/soft/ansible-modules-hashivault/functional [master] $ ./start.sh
+ set -e
+ DOCKER_NAME=testvault
+ PORT=8201
+ export VAULT_ADDR=http://127.0.0.1:8201
+ VAULT_ADDR=http://127.0.0.1:8201
++ mktemp -q /tmp/./start.sh.XXXXXX
+ TMP_CONFIG=/tmp/./start.sh.TrZYta
+ trap 'rm /tmp/./start.sh.TrZYta' EXIT
+ cat
+ chmod a+r /tmp/./start.sh.TrZYta
+ docker stop testvault
testvault
+ docker rm testvault
testvault
+ docker run --name testvault -h testvault -d --cap-add IPC_LOCK -p 127.0.0.1:8201:8201 -v /tmp/./start.sh.TrZYta:/etc/vault/config.json:ro vault server -config /etc/vault/config.json
2584dfb0ccb267259e27055a50631a59dddbb7bdbf15f421ee0e79194b103004
+ CNT=0
+ curl -sI http://127.0.0.1:8201/v1/sys/health
+ sleep 0.1
++ expr 0 + 1
+ CNT=1
+ '[' 1 -gt 20 ']'
+ curl -sI http://127.0.0.1:8201/v1/sys/health
+ sleep 0.1
++ expr 1 + 1
+ CNT=2
+ '[' 2 -gt 20 ']'
+ curl -sI http://127.0.0.1:8201/v1/sys/health
+ sleep 0.1
++ expr 2 + 1
+ CNT=3
+ '[' 3 -gt 20 ']'
+ curl -sI http://127.0.0.1:8201/v1/sys/health
+ ansible-playbook -v test_init.yml
Using /home/centos/soft/ansible-modules-hashivault/functional/ansible.cfg as config file
/home/centos/soft/ansible-modules-hashivault/functional/hosts did not meet host_list requirements, check plugin documentation if this is unexpected
/home/centos/soft/ansible-modules-hashivault/functional/hosts did not meet script requirements, check plugin documentation if this is unexpected
ERROR! no action detected in task. This often indicates a misspelled module name, or incorrect module path.
The error appears to have been in '/home/centos/soft/ansible-modules-hashivault/functional/test_init.yml': line 5, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
- name: Initialize vault
^ here
+ rm /tmp/./start.sh.TrZYta
The version was installed via yum, and is:
centos@bhenrion4 /home/centos/soft/ansible-modules-hashivault/functional [master] $ ansible-playbook --version
ansible-playbook 2.7.2
config file = /home/centos/soft/ansible-modules-hashivault/functional/ansible.cfg
configured module search path = [u'/home/centos/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 2.7.5 (default, Jul 13 2018, 13:06:57) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]
centos@bhenrion4 /home/centos/soft/ansible-modules-hashivault/functional [master] $
If you install the module as a normal user, the modules and module_utils paths must point to your home directory.
For example, on Debian 11, you would do:
export ANSIBLE_LIBRARY="${HOME}/.local/lib/python3.8/site-packages/ansible/modules"
export ANSIBLE_MODULE_UTILS="${HOME}/.local/lib/python3.8/site-packages/ansible/module_utils"
Not sure what the distinction between ansible and ansible/modules is, but the latter seems to work for me.
You can also put these into your ansible.cfg. The settings are called library and module_utils, respectively.
