installation fails with ansible vault
karasjoh000 opened this issue · 0 comments
karasjoh000 commented
Bug Report
What happened: using ansible vault and running ansible-playbook -i inventory.yml playbooks/site.yml --vault-password-file=./vault.password gives:
TASK [ceph-validate : validate container registry credentials] ******************************************************************************************************************************************************
Monday 08 November 2021 23:10:01 -0800 (0:00:00.201) 0:03:55.709 *******
fatal: [ceph01]: FAILED! =>
msg: |-
The conditional check '(ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0)' failed. The error was: Unexpected templating type error occurred on ({% if (ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0) %} True {% else %} False {% endif %}): object of type 'AnsibleVaultEncryptedUnicode' has no len()
The error appears to be in '/Users/jkarasev/Projects/jkarasev.control-plane.deploy.ceph/ceph-ansible/roles/ceph-validate/tasks/main.yml': line 233, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: validate container registry credentials
^ here
fatal: [ceph02]: FAILED! =>
msg: |-
The conditional check '(ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0)' failed. The error was: Unexpected templating type error occurred on ({% if (ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0) %} True {% else %} False {% endif %}): object of type 'AnsibleVaultEncryptedUnicode' has no len()
The error appears to be in '/Users/jkarasev/Projects/jkarasev.control-plane.deploy.ceph/ceph-ansible/roles/ceph-validate/tasks/main.yml': line 233, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: validate container registry credentials
^ here
fatal: [ceph03]: FAILED! =>
msg: |-
The conditional check '(ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0)' failed. The error was: Unexpected templating type error occurred on ({% if (ceph_docker_registry_username is not defined or ceph_docker_registry_password is not defined) or (ceph_docker_registry_username | length == 0 or ceph_docker_registry_password | length == 0) %} True {% else %} False {% endif %}): object of type 'AnsibleVaultEncryptedUnicode' has no len()
The error appears to be in '/Users/jkarasev/Projects/jkarasev.control-plane.deploy.ceph/ceph-ansible/roles/ceph-validate/tasks/main.yml': line 233, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: validate container registry credentials
^ hereWhat you expected to happen: logrotate not to fail.
How to reproduce it (minimal and precise):
Share your group_vars files, inventory and full ceph-ansibe log
play.yml:
- hosts: ceph
become: true
gather_facts: true
name: pre
tasks:
- name: chrony
import_role:
name: chrony
when: "ceph_chrony_role"
tags:
- chrony
tags:
- ceph-pre
- hosts: ceph
gather_facts: true
become: true
tasks:
- systemd:
name: apparmor
state: stopped
enabled: false
tags:
- ceph-install
- name: install ceph
import_playbook: site-container.yml
tags:
- ceph-install
- hosts: ceph
tasks:
- name: create symlink for python3
shell: ln -s /usr/bin/python3 /usr/libexec/platform-python
become: true
tags:
- cephadm-adopt
- name: cephadm adopt
vars:
ireallymeanit: yes
import_playbook: cephadm-adopt.yml
tags:
- cephadm-adopt
- hosts: ceph
become: true
tasks:
- name: install ceph cli
package:
name:
- ceph-common
- python3-pip
tags:
- ceph-cli
- pip3-install
- ceph-postall.yml:
---
ceph_release_num:
pacific: 16
configure_firewall: false
ntp_service_enabled: false
ceph_origin: repository
ceph_repository: community
ceph_stable_release: pacific
monitor_interface: ens3
journal_size: 5120 # OSD journal size in MB
public_network: <cidr>
radosgw_interface: ens3
ceph_conf_overrides:
mon:
auth_expose_insecure_global_id_reclaim: false
auth_allow_insecure_global_id_reclaim: false
ceph_docker_registry_auth: true
ceph_docker_registry_username: !vault |
$ANSIBLE_VAULT;1.1;AES256
31623732396630386361326235393632303266636266663064313730323937323766653662393066
6630346262363964343265646234306136663165383930650a386430646634323934656139626230
63663132306539393537613234353263376130333634393237383763363333616661373532383635
3362333130326131330a643065663032343463646463626437343531313462313461323438633362
3338
ceph_docker_registry_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
62373530363030643666366339343934663534613139303062653462363530306431663835366532
6163363637366466373662353439396435663038666331310a373531346466386531333862383561
64633661373434623839373137633937616333366630313830653238623765653531323831363139
3232633934373566640a306634623938623861336137323366666135623165633334366338356133
3765
containerized_deployment: true
dashboard_enabled: true
dashboard_protocol: http
dashboard_admin_user: admin
dashboard_admin_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
33643964393636303533323765363736373461323430616161333962386131313566373865346164
3635306462383161663932336235326430343138363739620a613734336532623730333938656337
30333339373864653664383532363739323463353934333266636664643533353866353766386132
6337333933333664340a623535663261356130613538646637333730666438646339663131666463
6431
grafana_admin_user: admin
grafana_admin_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
39343165383064303936376236643766376363336234666636343531623339663633386130393562
3932636632353739313833323031663434613139383938370a613333613561376132613330373537
32313730346635356466333861643236313765653737626431343532666664316234316234333836
3762393363666438660a336263306338633664323631316364643837633566663937333930613638
3733clients.yml:
---
copy_admin_key: trueosds.yml:
---
devices: "{{ devices }}"
bluestore_wal_devices:
- /dev/vdb
- /dev/vdc
osd_auto_discovery: falsergws.yml:
rgw_create_pools:
"{{ rgw_zone }}.rgw.buckets.data":
pg_num: 64
type: replicated
size: 3
"{{ rgw_zone }}.rgw.buckets.index":
pg_num: 16
size: 3
type: replicated
"{{ rgw_zone }}.rgw.meta":
pg_num: 8
size: 3
type: replicated
"{{ rgw_zone }}.rgw.log":
pg_num: 8
size: 3
type: replicated
"{{ rgw_zone }}.rgw.control":
pg_num: 8
size: 3
type: replicatedzone.yml:
rgw_zone: us-west-1
rgw_zonemaster: true
rgw_zonesecondary: false
rgw_zonegroup: us-west
rgw_zonegroupmaster: trueinventory.yml:
all:
hosts:
ceph01:
ansible_host: ip-1
ceph02:
ansible_host: ip-2
ceph03:
ansible_host: ip-3
vars:
ansible_user: ubuntu
ansible_ssh_common_args: '-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
children:
ceph:
hosts:
ceph01:
ceph02:
ceph03:
mons:
children:
ceph:
osds:
children:
ceph:
mgrs:
children:
ceph:
mdss:
children:
ceph:
clients:
children:
ceph:
rgws:
children:
ceph:
monitoring:
hosts:
ceph01:Environment:
- OS (e.g. from /etc/os-release):
NAME="Ubuntu"
VERSION="20.04.2 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.2 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
- Kernel (e.g.
uname -a):Linux ceph-node-0 5.4.0-72-generic #80-Ubuntu SMP Mon Apr 12 17:35:00 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux - Docker version if applicable (e.g.
docker version):
Client:
Version: 20.10.7
API version: 1.41
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu1~20.04.2
Built: Fri Oct 1 14:07:06 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server:
Engine:
Version: 20.10.7
API version: 1.41 (minimum version 1.12)
Go version: go1.13.8
Git commit: 20.10.7-0ubuntu1~20.04.2
Built: Fri Oct 1 03:27:17 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.5.2-0ubuntu1~20.04.3
GitCommit:
runc:
Version: 1.0.0~rc95-0ubuntu1~20.04.2
GitCommit:
docker-init:
Version: 0.19.0
GitCommit:
- Ansible version (e.g.
ansible-playbook --version):2.9.0 - ceph-ansible version (e.g.
git head or tag or stable branch):stable-6.0 - Ceph version (e.g.
ceph -v):ceph version 16.2.5 (0883bdea7337b95e4b611c768c0279868462204a) pacific (stable)