ansible-for-devops icon indicating copy to clipboard operation
ansible-for-devops copied to clipboard

Published 20 hours ago verified publisher icon geerlingguy

Molecule and wsl2

Open pnunn opened this issue 4 years ago • 6 comments

Hi Jeff,

just playing around with molecule testing some of my clunky scripts and ran into an interesting issue.

It seems that docker on wsl2 isn't able to run systemd despite using your images. The same tests pulled onto a linux laptop work fine, but things like installing npm using your role fail on windows when the ensure running step fires off.

Bit of a pain.. but that's windows for you!!

pnunn avatar Aug 10 '20 07:08 pnunn

Interesting... I hadn't spent much time with Molecule running directly under WSL2 but I'm wondering if it's an issue with the privs required through Docker on Windows running under WSL2 not being applied correctly.

geerlingguy avatar Aug 14 '20 16:08 geerlingguy

It is possible to run Molecule but you need to unlock systemd with genie https://github.com/arkane-systems/genie. Genie allows you to use systemd inside WSL and the Molecule scenario. I tested it with Winver 1909, WSL2 Unbuntu 20.04 and Docker Desktop on Windows.

florianow avatar Nov 01 '20 09:11 florianow

I was testing systemd permissions issues on WSL1, and it looks like it needs the command on top of privileged (or 'SYS_ADMIN' capability).

This:

privileged: True
command: "/usr/sbin/init"

Or:

capabilities:
  - SYS_ADMIN
command: "/usr/sbin/init"

So for the test scenarios:

platforms:
  - name: sysadmin_init
    image: local/centos7-systemd
    pre_build_image: true
    capabilities:
      - SYS_ADMIN
    command: "/usr/sbin/init"
  - name: sysadmin
    image: local/centos7-systemd
    pre_build_image: true
    capabilities:
      - SYS_ADMIN
  - name: privileged_init
    image: local/centos7-systemd
    pre_build_image: true
    privileged: True
    command: "/usr/sbin/init"
  - name: privileged
    image: local/centos7-systemd
    pre_build_image: true
    privileged: True

On Windows:

$ docker ps | awk '{print $NF}' | grep -vi names | while read line ; do docker exec $line systemctl status | head -n 1; done
    Failed to get D-Bus connection: Operation not permitted
    Failed to get D-Bus connection: Operation not permitted
    ● privileged_init
    ● sysadmin_init

victorbrca avatar Mar 01 '21 00:03 victorbrca

I am also running into an issue, while trying to run molecule in WSL2 with docker desktop integration.

molecule test
INFO     default scenario test matrix: dependency, lint, cleanup, destroy, syntax, create, prepare, converge, idempotence, side_effect, verify, cleanup, destroy
INFO     Performing prerun...
INFO     Added ANSIBLE_LIBRARY=/home/mkukan/.cache/ansible-compat/96cf6a/modules:/home/mkukan/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
INFO     Added ANSIBLE_COLLECTIONS_PATH=/home/mkukan/.cache/ansible-compat/96cf6a/collections:/home/mkukan/.ansible/collections:/usr/share/ansible/collections
INFO     Added ANSIBLE_ROLES_PATH=/home/mkukan/.cache/ansible-compat/96cf6a/roles:/home/mkukan/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
INFO     Using /home/mkukan/.ansible/roles/myname.myrole symlink to current repository in order to enable Ansible to find the role using its expected full name.
INFO     Running default > dependency
WARNING  Skipping, missing the requirements file.
WARNING  Skipping, missing the requirements file.
INFO     Running default > lint
INFO     Lint is disabled.
INFO     Running default > cleanup
WARNING  Skipping, cleanup playbook not configured.
INFO     Running default > destroy
INFO     Sanity checks: 'docker'
Traceback (most recent call last):
  File "/home/mkukan/.pyenv/versions/ansible-cookbook/bin/molecule", line 8, in <module>
    sys.exit(main())
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/core.py", line 1137, in __call__
    return self.main(*args, **kwargs)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/core.py", line 1062, in main
    rv = self.invoke(ctx)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/core.py", line 1668, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/core.py", line 763, in invoke
    return __callback(*args, **kwargs)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/command/test.py", line 159, in test
    base.execute_cmdline_scenarios(scenario_name, args, command_args, ansible_args)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/command/base.py", line 118, in execute_cmdline_scenarios
    execute_scenario(scenario)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/command/base.py", line 160, in execute_scenario
    execute_subcommand(scenario.config, action)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/command/base.py", line 149, in execute_subcommand
    return command(config).execute()
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/logger.py", line 188, in wrapper
    rt = func(*args, **kwargs)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/command/destroy.py", line 107, in execute
    self._config.provisioner.destroy()
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/provisioner/ansible.py", line 705, in destroy
    pb.execute()
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule/provisioner/ansible_playbook.py", line 110, in execute
    self._config.driver.sanity_checks()
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/molecule_docker/driver.py", line 236, in sanity_checks
    docker_client = docker.from_env()
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/docker/client.py", line 96, in from_env
    return cls(
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/docker/client.py", line 45, in __init__
    self.api = APIClient(*args, **kwargs)
  File "/home/mkukan/.pyenv/versions/3.9.6/envs/ansible-cookbook/lib/python3.9/site-packages/docker/api/client.py", line 113, in __init__
    raise TLSParameterError(
docker.errors.TLSParameterError: If using TLS, the base_url argument must be provided.. TLS configurations should map the Docker CLI client configurations. See https://docs.docker.com/engine/articles/https/ for API details.

While testing the docker python client shows it can talk to docker server.

Python 3.9.6 (default, Aug 21 2021, 19:18:25) 
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import docker
>>> client = docker.APIClient(base_url='unix://var/run/docker.sock')
>>> client.version()
{'Platform': {'Name': 'Docker Engine - Community'}, 'Components': [{'Name': 'Engine', 'Version': '20.10.8', 'Details': {'ApiVersion': '1.41', 'Arch': 'amd64', 'BuildTime': '2021-07-30T19:52:31.000000000+00:00', 'Experimental': 'false', 'GitCommit': '75249d8', 'GoVersion': 'go1.16.6', 'KernelVersion': '5.10.16.3-microsoft-standard-WSL2', 'MinAPIVersion': '1.12', 'Os': 'linux'}}, {'Name': 'containerd', 'Version': '1.4.9', 'Details': {'GitCommit': 'e25210fe30a0a703442421b0f60afac609f950a3'}}, {'Name': 'runc', 'Version': '1.0.1', 'Details': {'GitCommit': 'v1.0.1-0-g4144b63'}}, {'Name': 'docker-init', 'Version': '0.19.0', 'Details': {'GitCommit': 'de40ad0'}}], 'Version': '20.10.8', 'ApiVersion': '1.41', 'MinAPIVersion': '1.12', 'GitCommit': '75249d8', 'GoVersion': 'go1.16.6', 'Os': 'linux', 'Arch': 'amd64', 'KernelVersion': '5.10.16.3-microsoft-standard-WSL2', 'BuildTime': '2021-07-30T19:52:31.000000000+00:00'}

Do you guys recommended going through genie installation that @florianow mentioned or is there a better way?

maroskukan avatar Nov 08 '21 15:11 maroskukan

Hello there, I have some updates for you folks running WSL2 and docker. Since my previous post I have migrated from Docker Desktop to docker by following this tutorial and the issue I had with running molecule went away.

maroskukan avatar Apr 12 '22 09:04 maroskukan

2024

  • WSL version: 2.0.9.0
  • Kernel version: 5.15.133.1-1
  • molecule 5.0.1 using python 3.11
  • ansible:2.16.4
  • docker:2.0.0 from molecule_docker requiring collections: community.docker>=3.0.0-a2
driver: docker
platforms:
  - name: rsyslog-server
    image: registry.access.redhat.com/ubi8/ubi-init
    command: /sbin/init
    privileged: True
    cgroupns_mode: host
    capabilities:
      - SYS_ADMIN
    tmpfs:
      - /run
      - /tmp
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
      - /var/lib/containerd

bbaassssiiee avatar Feb 27 '24 13:02 bbaassssiiee