Issues encountered at various steps #1
Comments
|
Actually you could just use requests.Get(‘https://ipv4.ifconfig.co/json') On 22 Nov 2016, at 5:07 AM, wninobla <[email protected]mailto:[email protected]> wrote: When I run setup.py after configuring terraform/main.tf I get the following error - Detecting client IP... I changed the setup.py to derive the URL differently. It seems its making the call now, but now I get the following error: Detecting client IP... The firewall is open. It seems I am missing some step. I would imagine a web server would be running prior to receiving the HTTP request? — itevomcid |
|
Did not work either. |
|
Oops - wrong URL. Otherwise if it's a local network problem, you'll need to manually supply your client IP (in which case it won't try to auto-detect). |
|
Ok thanks. I was having issues with python versions and SSL support. So finally got past with Python 3.5 and updated code. Although, ran into this later when running terraform plan.
So I removed the variables from the main.tf. Its running now :) |
|
Hmm - the variables should be declared in there without a default value (just On 22 Nov 2016, at 2:19 PM, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok thanks. I was having issues with python versions and SSL support. So finally got past with Python 3.5 and updated code. Although, ran into this later when running terraform plan. module root: 3 error(s) occurred: So I removed the variables from the main.tf. Its running now :) — itevomcid |
|
Ok VM's deployed but now seeing this:
|
|
Do you have permission to define tag keys? On 22 Nov 2016, at 2:25 PM, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok VM's deployed but now seeing this: Error applying plan: 4 error(s) occurred:
Terraform does not automatically rollback in the face of errors. — itevomcid |
|
Yes I do. |
|
Ok, can you please set the following environment variables and run
Let's see what the log says. |
|
(it should be automatically creating the tag keys because it's been configured to) |
|
BTW if you're stuck and just need to get going, you just need to go and define the tag key "roles" and everything will work. But if you could run with logging once before you go and manually create the tag key I'd appreciate it (feel free to email me the logs instead). It'd be useful for working out where the problem lies :) |
|
Sounds good. Sure np. Should I generate the logs with terraform apply? |
|
Yes please - just make sure those variables are set first :) On 22 Nov 2016, at 2:53 PM, Andrew Das <[email protected]mailto:[email protected]> wrote: Sounds good. Sure np. Should I generate the logs with terraform apply? — itevomcid |
|
Where is the log generated? |
|
Ok log attached. |
|
Ok I added the roles tag key. Then ran ansible-playbook but Ansible cannot connect to workers. BTW my client machine is an MCP VM on another Network Domain. I gave the Client IP value as the public IP of the client machine (RHEL6). In case that was an issue.
|
|
Ah no, if it's in the MCP the client IP will need to be the client machine's network domain S/NAT IP address (firewall rules reference it). TBH, I didn't envision the client machine being in CaaS when I built this. Could work but there may need to be tweaks. On 22 Nov. 2016, at 3:18 pm, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok Ansible cannot connect to workers. BTW my client machine is an MCP VM on another Network Domain. I gave the Client IP value as the public IP of the client machine (RHEL6). In case that was in issue. (.dd-mcp) [root@10-0-0-9 ansible]# ansible-playbook playbooks/upgrade-packages.yml PLAY [all] ********************************************************************* TASK [clean apt] *************************************************************** PLAY RECAP ********************************************************************* You are receiving this because you commented. itevomcid |
|
@DDDrew - FYI, the |
|
Ok no problem. I can run this from my Mac. Also try out the latest code w/o tagging. |
|
Ok everything works until Ansible tries to make a connection. It gets permission denied with the password. I had also commented out the variables in main.tf otherwise I was getting an error regarding duplicate variables. Also I notice during provisioning the following in the output. Is that expected? Making sure its picking up the values. I will stop here until I get further directions from you. Don't want to tinker around further or it may cause some confusion.
|
airmetal
changed the title
|
What if you try running ssh manually? ssh -i my/keyfile [email protected]:[email protected] Can you connect then? Usually access denied from Ansible is due to something like a key mismatch in ~/.ssh/known_hosts or similar. On 23 Nov. 2016, at 12:01 am, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok everything works until Ansible tries to make a connection. It gets permission denied with the password. Also I notice during provisioning the following in the output. Is that expected? Making sure its picking up the values. null_resource.install_ssh_key.1: You are receiving this because you commented. itevomcid |
|
BTW Ansible should not be using a password- that's why those null_resources are used - to install SSH keys (disables password authentication after the key is installed). On 23 Nov. 2016, at 12:01 am, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok everything works until Ansible tries to make a connection. It gets permission denied with the password. Also I notice during provisioning the following in the output. Is that expected? Making sure its picking up the values. null_resource.install_ssh_key.1: You are receiving this because you commented. itevomcid |
|
BTW, the null_resource provisioners will only be run once. I take it the SSH key file path used by those provisioners is correct? You could run On 23 Nov 2016, at 12:01 AM, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok everything works until Ansible tries to make a connection. It gets permission denied with the password. Also I notice during provisioning the following in the output. Is that expected? Making sure its picking up the values. null_resource.install_ssh_key.1: — itevomcid |
|
Also, you can pass On 23 Nov 2016, at 12:01 AM, Andrew Das <[email protected]mailto:[email protected]> wrote: Ok everything works until Ansible tries to make a connection. It gets permission denied with the password. Also I notice during provisioning the following in the output. Is that expected? Making sure its picking up the values. null_resource.install_ssh_key.1: — itevomcid |
|
What about the duplicate variables? The local_vars.tf also has the same variables so that's where the duplication is happening. I imagine that's expected? I am seeing this:
|
|
From what I understand, you can declare a variable as many times as you like as long as you only supply a value for it in one place. I've just checked out a fresh copy of the repository to test this out, and I don't see that error message. Is there any chance a file has been copied or otherwise doubled up? Maybe do a find-in-files in the |
|
BTW, if you get the latest source, you'll want to delete If you checked out the repository using Git, it might be worth running |
|
Well according to this variables cannot be defined as duplicates anymore. |
|
I never had the dns.tf. At least did not notice it. But then again I have cloned several times so perhaps the last copy did not have it anyway. |
Well that sucks. TBH I've been sticking with Terraform v7.1 so I guess I hadn't seen that behaviour. |
|
I've fixed the duplicate variable issue @DDDrew - if you fetch the latest code, then you should be good to go. I'm running a new deploy from scratch here so we'll see how it goes. The SSH key file you're using, is it |
|
It’s a recent addition (previously it was in a separate branch)… On 23 Nov 2016, at 9:56 AM, Andrew Das <[email protected]mailto:[email protected]> wrote: I never had the dns.tf. At least did not notice it. But then again I have cloned several times so perhaps the last copy did not have it anyway. — itevomcid |
|
So on Ansible I removed the known_hosts file and then tried to ssh directly to one of the workers. It then prompted me for the rss key passphrase. After that I ran ansible-playbook and it took off. What should I have done to prevent this workaround? |
|
Hmm. I don't know if there's much you can do to prevent it unfortunately (I run into it quite frequently). It's a security feature I think (if you create a host, |
|
Ok so it’s just a matter of starting with a clean environment. Maybe we can put that in the notes, if that error is encountered? |
|
Sure sounds good :) Would you like to open a pull request, or would you rather I did it? |
|
Do you still have the exact error text from Ansible? Would be helpful to put it in the docs (we could add a "troubleshooting" section). |
|
Yep here it is. The fix was to remove the known_hosts file and then try to connect again. The first time it prompts for a password and then rest of the hosts are good to go. |
|
Hmm - do you have the non-verbose error? |
|
Not anymore. |
|
Oh well, no worries. I'm writing something up now. |
|
Have a look at the README. |
|
May want to indicate that there can be be issue with the known_hosts file as well, especially if executing this after a previous run. |
|
Yeah, I was wondering about that :) The problem is, I don't want to advise people to just delete their known_hosts file if they get an error because that's like telling someone to use HTTP instead of HTTPS because they got a certificate error (i.e. potential security problem). Really I'd rather they actually understood the ramifications of that before proceeding. On the one hand, I'm trying to avoid turning this into a "how to use SSH" or "how to use Ansible" guide because that sort of thing becomes noise after a while if you already know that and want to know how to troubleshoot more difficult problems. For the most part, I expect anyone who's going to be setting up a Rancher cluster to already know about SSH (if not necessarily Terraform and Ansible). On the other, I'm not exactly sure of the actual audience for this stuff. Probably not regular developers, but maybe devops people and solution architects? What do you think - who's the target audience, and depending on that am I perhaps being unreasonable? |
|
I think there will be two tracks for this. One developer focused but may still need to be very explicit. We don’t want to limit our audience who is familiar with this stuff. Actually our motive should be reach out to those are not at all but have the technical chops to follow along without wasting time to research. The second track will be more solution architect/manager focused which should really focus on the technologies in use, the architecture and the process flow. Regards, Andrew Das From: Adam Friedman [email protected] Yeah, I was wondering about that :) On the one hand, I'm trying to avoid turning this into a "how to use SSH" or "how to use Ansible" guide because that sort of thing becomes noise after a while if you already know that and want to know how to troubleshoot more difficult problems. For the most part, I expect anyone who's going to be setting up a Rancher cluster to already know about SSH (if not necessarily Terraform and Ansible). On the other, I'm not exactly sure of the actual audience for this stuff. Probably not regular developers, but maybe devops people and solution architects? What do you think - who's the target audience, and depending on that am I perhaps being unreasonable? — itevomcid |
|
Ok, it sounds like there's room for a good suite of documentation on this stuff. This repository is not it though; I'd like to see more centralised documentation to improve discoverability :) Are you interested in helping to write up some tutorials based on the audience you have in mind? I'm happy to review and offer any technical guidance or other assistance where it'd be helpful. |
|
Sure, happy to help. Looking for new material for my blog ☺ Regards, Andrew Das From: Adam Friedman [email protected] Ok, it sounds like theres room for a good suite of documentation on this stuff. This repository is not it though; I'd like to see more centralised documentation to improve discoverability :) Are you interested in helping to write up some tutorials based on the audience you have in mind? I'm happy to review and offer any technical guidance or other assistance where it'd be helpful. — itevomcid |
When I run setup.py after configuring terraform/main.tf I get the following error -
I changed the setup.py to derive the URL differently. It seems its making the call now, but now I get the following error:
The firewall is open. It seems I am missing some step. I would imagine a web server would be running prior to receiving the HTTP request?
The text was updated successfully, but these errors were encountered: