Local ansible smartbit

[smartbit]

Hi Anwar, local ansible is a good idea.

• On my macOS virtualbox uses the /vagrant shared folder and it wouldn't run pointing to /home/vagrant/sync.
• By default vagrant uses the latest version of ansible, which seems fine with me. Any particular reason why you use ansible 2.2?
• for privacy & surveillance reasons some people prefer not to use 8.8.8.8 although they are excellent dns servers. ansible_dns.nameservers[0] should always work and if you vm host uses 8.8.8.8 it will use 8.8.8.8 anyway. I added all three dns 192.168.4.200, ansible_dns & 8.8.8.8 to show what is possible. What do you think?

Sorry for the confusion, I closed and merged your #14, which was not my intention. Hope we can figure out how to fix my github errors.

[AnwarYagoub]

Hello smartbit,

• I pointed it to /home/vagrant/sync because this where vagrant mount sync folder for my centos box maybe because i don't have vbguest installed on it maybe we can fix this by setting a path in config.vm.synced_folder option and use the same path with ansible.provisioning_path so that ansible can find the roles inside the synced path.
• I doesn't have to be 2.2 but it must be set or ansible version 1.7.x will be installed in the cache-server. using an older version of ansible will result in so many errors the one I faced was (become) not being recognized & it's always good to use the latest version if that won't cause any problems.
• I set it back to ansible_dns.nameservers[0] because the configuration of FreeIPA task failed with dns resolving issues. it doesn't have to be google public dns any other server will suffice but setting it to ansible_dns.nameservers[0] will use the 192.168.4.200 as dns server to forward to which didn't work for me.

as for the the merge issue i will check it & give you feedback.

Regards,

[smartbit]

• tried vbguests on macOS and that failed too. Maybe some global setting in vagrant? vagrant shows
  ==> labipa: Rsyncing folder: ~/RHCSA-RHCE-Lab-Environment/ => /vagrant
• Ansible 2.2 is fine. I can send an update, but only after learning more about collaborator role on GitHub ;-)

setting it to ansible_dns.nameservers[0] will use the 192.168.4.200 as dns server

• on macOS w virtualbox

- debug: var=hostvars[inventory_hostname]

outputs

        "ansible_eth0": {
            "active": true,
            "device": "eth0",
            "ipv4": {
                "address": "10.0.2.15",
                "broadcast": "10.0.2.255",
                "netmask": "255.255.255.0",
                "network": "10.0.2.0"
            },

        "ansible_dns": {
            "nameservers": [
                "10.0.2.3"
            ],

just like it should:

the first card is connected to the private network 10.0.2.0, the second card to ...

And resulting --forwarder=10.0.2.3 works fine. On your CentOS environment, what does debug: var=hostvars[inventory_hostname] return for ansible_dns?

[AnwarYagoub]

the result of trimmed :

- debug: var=hostvars[inventory_hostname]

    "ansible_eth0": {
            "active": true, 
            "device": "eth0", 
            "ipv4": {
                "address": "10.0.2.15", 
                "broadcast": "10.0.2.255", 
                "netmask": "255.255.255.0", 
                "network": "10.0.2.0"
            }, 

        "ansible_dns": {
            "nameservers": [
                "192.168.4.200", 
                "fd00::200"
            ],

• there is a difference in dns.

• also we need to agree on a work flow to manage changes to the repository I suggest the following:

  1) You work directly on this repository instead of your fork. 2) Every proposed change pushed in a new WIP branch to avoid merging unfinished work. 3) Use the pull request review feature to agree on changes and push them to WIP branch until changes are ready to be merged. 4) Merge agreed work to master.

[smartbit]

• strange values for the name servers:

        "ansible_dns": {
            "nameservers": [
                "192.168.4.200", 
                "fd00::200"
            ],

Maybe there is another dhcp on your NAT network (connected to ansible_eth0)?

• Workflow

1) You work directly on this repository instead of your fork. 2) Every proposed change pushed in a new WIP branch to avoid merging unfinished work. 3) Use the pull request review feature to agree on changes and push them to WIP branch until changes are ready to be merged. 4) Merge agreed work to master.

Thank you for proposing this. Seems fine. We'll tune it when needed. I reverted back pip & ansible 2.2 then tried

Macbook-Pro:RHCSA-RHCE-Lab-Environment smartbit$ git commit -am "rsync /vagrant, ansible 2.2 again"
[use_ansible_local 6a60edc] rsync /vagrant, ansible 2.2 again
 4 files changed, 8 insertions(+), 6 deletions(-)
Macbook-Pro:RHCSA-RHCE-Lab-Environment smartbit$ git push origin -v anwar/use_ansible_local
Pushing to git@github.com:smartbit/RHCSA-RHCE-Lab-Environment.git
Total 0 (delta 0), reused 0 (delta 0)
To github.com:smartbit/RHCSA-RHCE-Lab-Environment.git
 * [new branch]      anwar/use_ansible_local -> anwar/use_ansible_local

I'm not sure what happened. Will have to research before I make more mistakes. Will take 1 or 2 days.

• regarding the sync folder. Vagrant docs says:

By default, Vagrant will share your project directory to /vagrant.

As it does with me. Maybe you can do a little research?

[smartbit]

Hi @AnwarYagoub I've been trying to reproduce your CentOS environment on a fresh CentOS 7.3 (build 1610-01):

ssh-keygen -t rsa -b 4096 -N "" -C "root@example.com" -f ~/.ssh/rhce # empty password
eval $(ssh-agent); echo $'eval $(ssh-agent)' >> ~/.bash_profile
ssh-add ~/.ssh/rhce; echo $'ssh-add ~/.ssh/rhce' >> ~/.bash_profile
wget http://download.virtualbox.org/virtualbox/rpm/el/virtualbox.repo -O /etc/yum.repos.d/virtualbox.repo
yum clean dbcache; yum -y repolist             # Import the GPG keys
yum -y install epel-release # should be 7.8
rpm -qi epel-release | grep 7.8
export virtualbox_version=`yum search VirtualBox | grep "VirtualBox-" | sed 's/ : Oracle VM VirtualBox//' | sed 's/.x86_64//' | tail -1`
yum -y install git gcc make kernel-devel $virtualbox_version
/sbin/vboxconfig            # load the vboxdrv kernel module
systemctl status vboxdrv    # enabled?
VBoxManage --version        # should return no errors
reboot
export vagrant_version=`wget --quiet -O - https://releases.hashicorp.com/vagrant/ | sed -n 's/.*href="\([^"]*\)".*/\1/p' | sort -r | head -1 | sed 's/[\/|vagrant]//g'`
yum -y install https://releases.hashicorp.com/vagrant/"$vagrant_version"/vagrant_"$vagrant_version"_x86_64.rpm
cd
git clone https://github.com/AnwarYagoub/RHCSA-RHCE-Lab-Environment.git
cd RHCSA-RHCE-Lab-Environment/ ; echo 'cd ~/RHCSA-RHCE-Lab-Environment/' >> ~/.bash_profile
git reset --hard 5393bce670cc7171d92225aafff503d1d8a1b4e5
sed -i 's/gui\: true/gui\: false/g' provisioning/RHCSA_RHCE_LAB/defaults/main.yml   # no need for gui on commandline
sed -i 's/vb.gui = true/vb.gui = false/g' Vagrantfile # without GUI vagrant will error with 'vb.gui = true'
grep "/home/vagrant" Vagrantfile    # Vagrantfile points ansible playbooks to /home/vagrant/sync
vagrant up cache-server

• with ansible.playbook = "provisioning/labipa.yml" I gave it a try and got this output:

[root@centos73 RHCSA-RHCE-Lab-Environment]# vagrant up labipa
Bringing machine 'labipa' up with 'virtualbox' provider...
==> labipa: Box 'centos/7' could not be found. Attempting to find and install...
    labipa: Box Provider: virtualbox
    labipa: Box Version: >= 0
==> labipa: Loading metadata for box 'centos/7'
    labipa: URL: https://atlas.hashicorp.com/centos/7
==> labipa: Adding box 'centos/7' (v1609.01) for provider: virtualbox
    labipa: Downloading: https://atlas.hashicorp.com/centos/boxes/7/versions/1609.01/providers/virtualbox.box
==> labipa: Successfully added box 'centos/7' (v1609.01) for 'virtualbox'!
==> labipa: Importing base box 'centos/7'...
==> labipa: Matching MAC address for NAT networking...
==> labipa: Checking if box 'centos/7' is up to date...
==> labipa: Setting the name of the VM: labipa
==> labipa: Fixed port collision for 22 => 2222. Now on port 2200.
==> labipa: Clearing any previously set network interfaces...
==> labipa: Preparing network interfaces based on configuration...
    labipa: Adapter 1: nat
    labipa: Adapter 2: hostonly
    ==> labipa: Forwarding ports...
        labipa: 22 (guest) => 2200 (host) (adapter 1)
    ==> labipa: Running 'pre-boot' VM customizations...
    ==> labipa: Booting VM...
    ==> labipa: Waiting for machine to boot. This may take a few minutes...
        labipa: SSH address: 127.0.0.1:2200
        labipa: SSH username: vagrant
        labipa: SSH auth method: private key
        labipa: Warning: Remote connection disconnect. Retrying...
        labipa:
        labipa: Vagrant insecure key detected. Vagrant will automatically replace
        labipa: this with a newly generated keypair for better security.
        labipa:
        labipa: Inserting generated public key within guest...
        labipa: Removing insecure key from the guest if its present...
        labipa: Key inserted! Disconnecting and reconnecting using new SSH key...
    ==> labipa: Machine booted and ready!
    ==> labipa: Checking for guest additions in VM...
        labipa: No guest additions were detected on the base box for this VM! Guest
        labipa: additions are required for forwarded ports, shared folders, host only
        labipa: networking, and more. If SSH fails on this machine, please install
        labipa: the guest additions and repackage the box to continue.
        labipa:
        labipa: This is not an error message; everything may continue to work properly,
        labipa: in which case you may ignore this message.
    ==> labipa: Setting hostname...
    ==> labipa: Rsyncing folder: /root/RHCSA-RHCE-Lab-Environment/ => /vagrant
    ==> labipa: Running provisioner: ansible_local...
    `playbook` does not exist on the guest: /home/vagrant/sync/provisioning/labipa.yml

it results in an error as ansible files are in /vagrant.

[root@centos73 RHCSA-RHCE-Lab-Environment]# sed -i.bak '/\/home\/vagrant\/sync/d' Vagrantfile
[root@centos73 RHCSA-RHCE-Lab-Environment]# vagrant up labipa --provision
Bringing machine 'labipa' up with 'virtualbox' provider...
==> labipa: Checking if box 'centos/7' is up to date...
==> labipa: Running provisioner: ansible_local...
    labipa: Installing Ansible...
    labipa: Installing pip... (for Ansible installation)

PLAY [all] *********************************************************************

TASK [setup] *******************************************************************
ok: [labipa]

I pointed it to /home/vagrant/sync because this where vagrant mount sync folder for my centos box

On a clean CentOS I couldn't reproduce the mount sync folder pointing to /home/vagrant/sync. Could you please research your environment or do a clean install?

• regarding the DNS entries, could you please run tail -12 /root/VirtualBox\ VMs/labipa/Logs/VBox.log and show the output? I get the following:

tail -12 /root/VirtualBox\ VMs/labipa/Logs/VBox.log
00:00:26.002482 NAT: Link up
00:00:27.361147 NAT: IPv6 not supported
00:00:27.738534 NAT: resolv.conf: nameserver x.y.z.2
00:00:27.738566 NAT: resolv.conf: nameserver x.y.z.254
00:00:27.738572 NAT: resolv.conf: nameserver x.y.z.1
00:00:27.738605 NAT: Adding domain name mydomain.com
00:00:27.738611 NAT: DNS#0: x.y.z.2
00:00:27.738616 NAT: DNS#1: x.y.z.254
00:00:27.738620 NAT: DNS#2: x.y.z.1
00:00:27.738626 NAT: DHCP offered IP address 10.0.2.15
00:00:27.739843 NAT: DHCP offered IP address 10.0.2.15
00:00:45.209138 NAT: DHCP offered IP address 10.0.2.15

[AnwarYagoub]

My centos/7 vagrant box version was 1603.01 trying to create any machine from this version resulted in syncig to /home/vagrant/sync

but after updating my centos/7 box to the latest version 1609.01 everything is back to normal behaviour:

$ vagrant box update

[smartbit]

@AnwarYagoub great :+1:. And DNS ansible_dns.nameservers[0] now working fine?

Any other issues that prevent you from merging to master? If not, please resolve the conflicts and merge to master.

[AnwarYagoub]

• as for ansible_dns.nameservers[0] I got the same old result
• conflict is in you repository but what I can do is adding another pull request with the resolved conflict (for reviewing) or you may add me as collaborator in your repository