community.zabbix icon indicating copy to clipboard operation
community.zabbix copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

Zabbix inventory doesn't use first interface ip/dns for ssh connect.

Open oko235 opened this issue 11 months ago • 0 comments

SUMMARY

Zabbix inventory does not use first interface ip or dns but only "hostname" define in zabbix server for ssh connect. For ".local1" network where ansible is, that's ok but not for remote site in ".local2".

ISSUE TYPE

Zabbix inventory doesn't use ip/dns for ssh connect.

COMPONENT NAME

zabbix_inventory

ANSIBLE VERSION
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/username/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.11/site-packages/ansible
  ansible collection location = /home/username/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.3 (main, Apr  5 2023, 15:52:25) [GCC 12.2.1 20230201] (/usr/bin/python)
  jinja version = 3.1.2
  libyaml = True
CONFIGURATION
CONFIG_FILE() = /etc/ansible/ansible.cfg
DEFAULT_HOST_LIST(/etc/ansible/ansible.cfg) = ['/etc/ansible/zabbix_inventory.yml']
EDITOR(env: EDITOR) = /usr/bin/vim
INTERPRETER_PYTHON(/etc/ansible/ansible.cfg) = auto_silent
INVENTORY_ENABLED(/etc/ansible/ansible.cfg) = ['community.general.proxmox', 'community.zabbix.zabbix_inventory', 'auto', 'host_list', 'yaml', 'yml', 'ini', 'toml', 'script']
OS / ENVIRONMENT / Zabbix Version

I use Manjaro for ansible host and Zabbix version is 6.0.19 on Debian

STEPS TO REPRODUCE

"ansible-playbook --check -i zabbix_inventory.yml playbook.yml"

My zabbix_inventory.yml

server_url: http://zabbixserver.local1/zabbix/
login_user: ansible
login_password: password
validate_certs: false
add_zabbix_groups: true
host_zapi_query:
  selectApplications: ['name', 'applicationid']
  selectInterfaces: ['type','ip','dns']
  selectParentTemplates: ['name']
  selectGroups: ['name']
groups:
  enabled: zbx_status == "0"
  disabled: zbx_status == "1"
EXPECTED RESULTS

Ansible make ssh connect with first interfaces from zabbix host and go on. Working example on one host in ".local1" network:

2023-07-10 17:34:39,794 p=170769 u=username n=ansible | <ServernameA> (0, b'/root\n', b'OpenSSH_9.3p1, OpenSSL 3.0.8 7 Feb 2023\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug3: expanded UserKnownHostsFile \'~/.ssh/known_hosts\' -> \'/home/username/.ssh/known_hosts\'\r\ndebug3: expanded UserKnownHostsFile \'~/.ssh/known_hosts2\' -> \'/home/username/.ssh/known_hosts2\'\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/home/username/.ansible/cp/deda2b886c" does not exist\r\ndebug2: resolving "servernamea" port 22\r\ndebug3: resolve_host: lookup servernamea:22\r\ndebug3: ssh_connect_direct: entering\r\ndebug1: Connecting to servernamea [172.20.x.x] port 22 […)

As we can see, ansible/ssh resolve dns from "servernamea" only and not "servernamea.local1". But it's good because my ansible installation is in "local1" network and dns make the job.

ACTUAL RESULTS

But on host in another network ".local2", error :

2023-07-10 17:34:39,612 p=170769 u=username n=ansible | <Servernameb> (255, b'', b'OpenSSH_9.3p1, OpenSSL 3.0.8 7 Feb 2023\r\ndebug1: Reading configuration data /etc/ssh/ssh_config\r\ndebug3: expanded UserKnownHostsFile \'~/.ssh/known_hosts\' -> \'/home/username/.ssh/known_hosts\'\r\ndebug3: expanded UserKnownHostsFile \'~/.ssh/known_hosts2\' -> \'/home/username/.ssh/known_hosts2\'\r\ndebug1: auto-mux: Trying existing master\r\ndebug1: Control socket "/home/username/.ansible/cp/01b2a35d52" does not exist\r\ndebug2: resolving "servernameb" port 22\r\ndebug3: resolve_host: lookup servernameb:22\r\nssh: Could not resolve hostname servernameb: Name or service not known\r\n')

As we can see this time, ansible/ssh cant resolve dns from "servernameb" because this time, this host is in another network ".local2" and that info is not present in ssh connection chain.

For test, I added «selectInterfaces: ['type','ip','dns']» in my "zabbix_inventory.yml". We can see that interfaces of hosts are well defined in dns and ip.

For example for "servernameb"

zbx_interfaces": [
                    {
                        "dns": "servernameb.local2",
                        "ip": "172.21.x.x",
                        "type": "1"
                    },
                    {
                        "dns": "servernameb-ipmi.local2",
                        "ip": "172.21.x.x",
                        "type": "2"
                    }
		]

From my PC (where ansible is too), manual ssh to : servernamea.local1 ; servernameb.local2 ; 172.20.x.x ; 172.21.x.x all work.

Did I miss any configuration information or misunderstand something? Thank you for your help.

oko235 avatar Jul 12 '23 21:07 oko235