Closed okoliec closed 9 years ago
brucellino
commented
9 years ago Hi ! Are you able to resolve that url (http://shibboleth.net/downloads/identity-provider//2.4.1/shibboleth-identityprovider-2.4.1-bin.tar.gz ) and do a wget manually on the site ? It seems fine for me...
okoliec
commented
9 years ago Yes i am able without issues. i attempted to use a wget directly on the remote machine and that worked fine
okoliec
commented
9 years ago Will try to look at other options tomorrow. Am on transit now. Thanks for your time and quick responses.
brucellino
commented
9 years ago Seems to be reported here : https://github.com/ansible/ansible/issues/7606
brucellino
commented
9 years ago Can you try increase the timeout to something much larger than the default 10 ? timeout: 1000 for example ?
okoliec
commented
9 years ago @brucellino --- See below where i have added the timeone and seeme to fail.
brucellino
commented
9 years ago I think you've got the syntax wrong, it should be :
- name: Download the shibboleth package
get_url:
url: "{{ idp_url }}/{{ idp_version }}/{{ idp_package_name }}-{{ idp_version }}-bin.tar.gz"
dest: "/tmp/{{ idp_package_name }}-{{ idp_version }}-bin.tar.gz"
timeout: 1000It seems the module is only supported in the higher version of Ansible
TASK: [fmarco76.firewall | Save iptable rules] **** skipping: [idp.ugb.sn]
TASK: [shibboleth-idp | Download the shibboleth package] ****** failed: [idp.ugb.sn] => {"failed": true} msg: unsupported parameter for module: timeout
FATAL: all hosts have already failed -- aborting
PLAY RECAP **** to retry, use: --limit @/root/idp-ldap.retry
idp.ugb.sn : ok=11 changed=0 unreachable=0 failed=1
brucellino
commented
9 years ago can you use a newer version ? We can't reproduce the error this side.
okoliec
commented
9 years ago @brucellino --I have upgraded and getting another error now. Not sure why
TASK: [fmarco76.firewall | Count iptables rules] ****** ok: [idp.ugb.sn] => {"changed": false, "rc": 0, "stderr": "", "stdout": "5", "stdout_lines": ["5"]}
TASK: [fmarco76.firewall | Apply rules for the local network] ***** skipping: [idp.ugb.sn] => (item=443)
TASK: [fmarco76.firewall | Apply rules for the defined network] *** fatal: [idp.ugb.sn] => failed to transfer file to /home/ansible/.ansible/tmp/ansible-tmp-1422617856.96-145021520268085/command:
Connection timed out during banner exchange Couldn't read packet: Connection reset by peer
FATAL: all hosts have already failed -- aborting
brucellino
commented
9 years ago Ok - I suspect that this may be due to the underlying python or ruby library that Ansible is using....
okoliec
commented
9 years ago @brucellino --I think the upgrade to a higher version of ansible resolved my problem..
brucellino
commented
9 years ago great - did the playbook finish ?
okoliec
commented
9 years ago No i just posted a new issue with the error i got.
okoliec
commented
9 years ago Hello @brucellino and @fmarco76 --- Please am still getting this error messages. I have looked at the the playbooks for Debian and can't seem to find a clue to solving the error message.
TASK: [shibboleth-idp | Install the package] ****** fatal: [idp.ugb.sn] => environment must be a dictionary, received java_env
FATAL: all hosts have already failed -- aborting
PLAY RECAP **** to retry, use: --limit @/root/idp-ldap.retry
idp.ugb.sn : ok=25 changed=0 unreachable=1 failed=0
Hello @brucellino --- I have been getting this error while trying to install idp. Any clues how i should resolve it.
root@ansible:~/DevOps/Ansible# ansible-playbook -i inventories/inventory.ugb idp-ldap.yml -v
PLAY [Prepare the identity machine common environment] ****
GATHERING FACTS *** ok: [idp.ugb.sn]
TASK: [fmarco76.firewall | Retrieve iptables rules] *** ok: [idp.ugb.sn] => {"changed": false, "cmd": ["iptables", "-t", "nat", "-L", "-n"], "delta": "0:00:00.005591", "end": "2013-10-09 01:01:38.113762", "rc": 0, "start": "2013-10-09 01:01:38.108171", "stderr": "", "stdout": "Chain PREROUTING (policy ACCEPT)\ntarget prot opt source destination \nDNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:196.1.99.8:8443 \nDNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:196.1.99.8:8080 \n\nChain POSTROUTING (policy ACCEPT)\ntarget prot opt source destination \n\nChain OUTPUT (policy ACCEPT)\ntarget prot opt source destination ", "stdout_lines": ["Chain PREROUTING (policy ACCEPT)", "target prot opt source destination ", "DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:196.1.99.8:8443 ", "DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:196.1.99.8:8080 ", "", "Chain POSTROUTING (policy ACCEPT)", "target prot opt source destination ", "", "Chain OUTPUT (policy ACCEPT)", "target prot opt source destination "]}
TASK: [fmarco76.firewall | Count iptables rules] ****** ok: [idp.ugb.sn] => {"changed": false, "rc": 0, "stderr": "", "stdout": "2", "stdout_lines": ["2"]}
TASK: [fmarco76.firewall | Apply rules for the local network] ***** skipping: [idp.ugb.sn] => (item={'dport': 8443, 'port': 443})
TASK: [fmarco76.firewall | Apply rules for the defined network] *** skipping: [idp.ugb.sn] => (item={'dport': 8443, 'port': 443})
TASK: [fmarco76.firewall | Apply nat rules] *** skipping: [idp.ugb.sn] => (item={'dport': 8443, 'port': 443})
TASK: [fmarco76.firewall | Save iptable rules] **** skipping: [idp.ugb.sn]
TASK: [fmarco76.firewall | Save iptable rules] **** skipping: [idp.ugb.sn]
TASK: [fmarco76.firewall | Retrieve iptables rules] *** ok: [idp.ugb.sn] => {"changed": false, "cmd": ["iptables", "-t", "filter", "-L", "-n"], "delta": "0:00:00.005670", "end": "2013-10-09 01:02:33.349256", "rc": 0, "start": "2013-10-09 01:02:33.343586", "stderr": "", "stdout": "Chain INPUT (policy ACCEPT)\ntarget prot opt source destination \nACCEPT all -- 0.0.0.0/0 0.0.0.0/0 \nACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED \nACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 \nACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 \nACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 \nACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 \nREJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-admin-prohibited \n\nChain FORWARD (policy ACCEPT)\ntarget prot opt source destination \nREJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-admin-prohibited \n\nChain OUTPUT (policy ACCEPT)\ntarget prot opt source destination ", "stdout_lines": ["Chain INPUT (policy ACCEPT)", "target prot opt source destination ", "ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ", "ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ", "ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ", "ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 ", "ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 ", "ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 ", "REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-admin-prohibited ", "", "Chain FORWARD (policy ACCEPT)", "target prot opt source destination ", "REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-admin-prohibited ", "", "Chain OUTPUT (policy ACCEPT)", "target prot opt source destination "]}
TASK: [fmarco76.firewall | Count iptables rules] ****** ok: [idp.ugb.sn] => {"changed": false, "rc": 0, "stderr": "", "stdout": "7", "stdout_lines": ["7"]}
TASK: [fmarco76.firewall | Apply rules for the local network] ***** skipping: [idp.ugb.sn] => (item=443)
TASK: [fmarco76.firewall | Apply rules for the defined network] *** skipping: [idp.ugb.sn] => (item=443)
TASK: [fmarco76.firewall | Apply nat rules] *** skipping: [idp.ugb.sn] => (item=443)
TASK: [fmarco76.firewall | Save iptable rules] **** skipping: [idp.ugb.sn]
TASK: [fmarco76.firewall | Save iptable rules] **** skipping: [idp.ugb.sn]
TASK: [shibboleth-idp | Download the shibboleth package] ******