search

Checkmk / ansible-collection-checkmk.general

The official Checkmk Ansible collection - brought to you by the Checkmk company.
https://galaxy.ansible.com/checkmk/general
GNU General Public License v3.0
120 stars 55 forks source link

first activation fails #20

Closed ogaida closed 2 years ago

ogaida commented 2 years ago

Description

if i run my playbook, it creates the folder but the activation fails with a 414. Here is the playbook:

---
# ansible-playbook playbooks/og_create_folder.yml
- name: "create a folder"
  hosts: localhost
  gather_facts: 'no'
  vars_files:
    - ./vars/config.yml
  tasks:
  - name: "Create folders."
    folder:
      server_url: "{{ server_url }}"
      site: "{{ site }}"
      automation_user: "{{ automation_user }}"
      automation_secret: "{{ automation_secret }}"
      path: "/pis2"
      title: "pis2"
      state: "present"
      #state: "absent"
  - name: "Run activation module"
    activation:
      server_url: "{{ server_url }}"
      site: "{{ site }}"
      automation_user: "{{ automation_user }}"
      automation_secret: "{{ automation_secret }}"
      force_foreign_changes: true

the verbose output of the last task is:

TASK [Run activation module] ****************************************************************************************************************************
task path: /home/ogaida/ansible-collection-tribe29.checkmk/playbooks/og_create_folder.yml:19
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: ogaida
<127.0.0.1> EXEC /bin/sh -c 'echo ~ogaida && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/ogaida/.ansible/tmp `"&& mkdir "` echo /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509 `" && echo ansible-tmp-1647882812.068487-842528-97282019257509="` echo /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509 `" ) && sleep 0'
Including module_utils file ansible/__init__.py
Including module_utils file ansible/module_utils/__init__.py
Including module_utils file ansible/module_utils/basic.py
Including module_utils file ansible/module_utils/_text.py
Including module_utils file ansible/module_utils/common/_collections_compat.py
Including module_utils file ansible/module_utils/common/__init__.py
Including module_utils file ansible/module_utils/common/_json_compat.py
Including module_utils file ansible/module_utils/common/_utils.py
Including module_utils file ansible/module_utils/common/arg_spec.py
Including module_utils file ansible/module_utils/common/file.py
Including module_utils file ansible/module_utils/common/locale.py
Including module_utils file ansible/module_utils/common/parameters.py
Including module_utils file ansible/module_utils/common/collections.py
Including module_utils file ansible/module_utils/common/process.py
Including module_utils file ansible/module_utils/common/sys_info.py
Including module_utils file ansible/module_utils/common/text/converters.py
Including module_utils file ansible/module_utils/common/text/__init__.py
Including module_utils file ansible/module_utils/common/text/formatters.py
Including module_utils file ansible/module_utils/common/validation.py
Including module_utils file ansible/module_utils/common/warnings.py
Including module_utils file ansible/module_utils/compat/selectors.py
Including module_utils file ansible/module_utils/compat/__init__.py
Including module_utils file ansible/module_utils/compat/_selectors2.py
Including module_utils file ansible/module_utils/compat/selinux.py
Including module_utils file ansible/module_utils/distro/__init__.py
Including module_utils file ansible/module_utils/distro/_distro.py
Including module_utils file ansible/module_utils/errors.py
Including module_utils file ansible/module_utils/parsing/convert_bool.py
Including module_utils file ansible/module_utils/parsing/__init__.py
Including module_utils file ansible/module_utils/pycompat24.py
Including module_utils file ansible/module_utils/six/__init__.py
Including module_utils file ansible/module_utils/urls.py
Using module file /home/ogaida/ansible-collection-tribe29.checkmk/plugins/modules/activation.py
<127.0.0.1> PUT /home/ogaida/.ansible/tmp/ansible-local-8424638lh4qirn/tmpcnu7tipu TO /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509/AnsiballZ_activation.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509/ /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509/AnsiballZ_activation.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python3 /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509/AnsiballZ_activation.py && sleep 0'
<127.0.0.1> EXEC /bin/sh -c 'rm -f -r /home/ogaida/.ansible/tmp/ansible-tmp-1647882812.068487-842528-97282019257509/ > /dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
    "changed": false,
    "http_code": 414,
    "invocation": {
        "module_args": {
            "automation_secret": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "automation_user": "automation",
            "force_foreign_changes": true,
            "server_url": "http://localhost:8080/",
            "site": "cmk",
            "sites": []
        }
    },
    "msg": "Error calling API"
}

PLAY RECAP **********************************************************************************************************************************************
localhost                  : ok=1    changed=1    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0

if i run the same playbook again, the activation works. my first guess was a timing problem. So i inserted a 5 seconds pause, but i does not help.

Component Name

Module: activation

Ansible Version

$ ansible --version
ansible [core 2.12.3]
  config file = /home/ogaida/ansible-collection-tribe29.checkmk/ansible.cfg
  configured module search path = ['/home/ogaida/ansible-collection-tribe29.checkmk/plugins/modules']
  ansible python module location = /home/ogaida/.local/lib/python3.9/site-packages/ansible
  ansible collection location = /home/ogaida/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
  jinja version = 2.11.3
  libyaml = True

Collection Version

$ ansible-galaxy collection list
# /usr/local/lib/python3.9/dist-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    2.1.0  
ansible.netcommon             2.5.1  
ansible.posix                 1.3.0  
ansible.utils                 2.5.2  
ansible.windows               1.9.0  
arista.eos                    3.1.0  
awx.awx                       19.4.0 
azure.azcollection            1.11.0 
check_point.mgmt              2.3.0  
chocolatey.chocolatey         1.2.0  
cisco.aci                     2.1.0  
cisco.asa                     2.1.0  
cisco.intersight              1.0.18 
cisco.ios                     2.8.0  
cisco.iosxr                   2.8.1  
cisco.ise                     1.2.1  
cisco.meraki                  2.6.0  
cisco.mso                     1.3.0  
cisco.nso                     1.0.3  
cisco.nxos                    2.9.0  
cisco.ucs                     1.7.0  
cloud.common                  2.1.0  
cloudscale_ch.cloud           2.2.0  
community.aws                 2.3.0  
community.azure               1.1.0  
community.ciscosmb            1.0.4  
community.crypto              2.2.3  
community.digitalocean        1.15.1 
community.dns                 2.0.8  
community.docker              2.2.1  
community.fortios             1.0.0  
community.general             4.6.0  
community.google              1.0.0  
community.grafana             1.3.3  
community.hashi_vault         2.3.0  
community.hrobot              1.2.2  
community.kubernetes          2.0.1  
community.kubevirt            1.0.0  
community.libvirt             1.0.2  
community.mongodb             1.3.2  
community.mysql               2.3.5  
community.network             3.1.0  
community.okd                 2.1.0  
community.postgresql          1.7.1  
community.proxysql            1.3.1  
community.rabbitmq            1.1.0  
community.routeros            2.0.0  
community.skydive             1.0.0  
community.sops                1.2.0  
community.vmware              1.17.1 
community.windows             1.9.0  
community.zabbix              1.5.1  
containers.podman             1.9.1  
cyberark.conjur               1.1.0  
cyberark.pas                  1.0.13 
dellemc.enterprise_sonic      1.1.0  
dellemc.openmanage            4.4.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
f5networks.f5_modules         1.15.0 
fortinet.fortimanager         2.1.4  
fortinet.fortios              2.1.4  
frr.frr                       1.0.3  
gluster.gluster               1.0.2  
google.cloud                  1.0.2  
hetzner.hcloud                1.6.0  
hpe.nimble                    1.1.4  
ibm.qradar                    1.0.3  
infinidat.infinibox           1.3.3  
infoblox.nios_modules         1.2.1  
inspur.sm                     1.3.0  
junipernetworks.junos         2.9.0  
kubernetes.core               2.2.3  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.15.0
netapp.elementsw              21.7.0 
netapp.ontap                  21.17.3
netapp.storagegrid            21.9.0 
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.2.13 
netbox.netbox                 3.6.0  
ngine_io.cloudstack           2.2.3  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.0  
openstack.cloud               1.7.2  
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   1.6.6  
purestorage.flasharray        1.12.1 
purestorage.flashblade        1.9.0  
sensu.sensu_go                1.13.0 
servicenow.servicenow         1.0.6  
splunk.es                     1.0.2  
t_systems_mms.icinga_director 1.27.1 
theforeman.foreman            2.2.0  
vyos.vyos                     2.8.0  
wti.remote                    1.0.3  

# /home/ogaida/.local/lib/python3.9/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    2.1.0  
ansible.netcommon             2.5.1  
ansible.posix                 1.3.0  
ansible.utils                 2.5.2  
ansible.windows               1.9.0  
arista.eos                    3.1.0  
awx.awx                       19.4.0 
azure.azcollection            1.11.0 
check_point.mgmt              2.3.0  
chocolatey.chocolatey         1.2.0  
cisco.aci                     2.1.0  
cisco.asa                     2.1.0  
cisco.intersight              1.0.18 
cisco.ios                     2.8.0  
cisco.iosxr                   2.8.1  
cisco.ise                     1.2.1  
cisco.meraki                  2.6.0  
cisco.mso                     1.3.0  
cisco.nso                     1.0.3  
cisco.nxos                    2.9.0  
cisco.ucs                     1.7.0  
cloud.common                  2.1.0  
cloudscale_ch.cloud           2.2.0  
community.aws                 2.3.0  
community.azure               1.1.0  
community.ciscosmb            1.0.4  
community.crypto              2.2.3  
community.digitalocean        1.15.1 
community.dns                 2.0.8  
community.docker              2.2.1  
community.fortios             1.0.0  
community.general             4.6.0  
community.google              1.0.0  
community.grafana             1.3.3  
community.hashi_vault         2.3.0  
community.hrobot              1.2.2  
community.kubernetes          2.0.1  
community.kubevirt            1.0.0  
community.libvirt             1.0.2  
community.mongodb             1.3.2  
community.mysql               2.3.5  
community.network             3.1.0  
community.okd                 2.1.0  
community.postgresql          1.7.1  
community.proxysql            1.3.1  
community.rabbitmq            1.1.0  
community.routeros            2.0.0  
community.skydive             1.0.0  
community.sops                1.2.0  
community.vmware              1.17.1 
community.windows             1.9.0  
community.zabbix              1.5.1  
containers.podman             1.9.1  
cyberark.conjur               1.1.0  
cyberark.pas                  1.0.13 
dellemc.enterprise_sonic      1.1.0  
dellemc.openmanage            4.4.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
f5networks.f5_modules         1.15.0 
fortinet.fortimanager         2.1.4  
fortinet.fortios              2.1.4  
frr.frr                       1.0.3  
gluster.gluster               1.0.2  
google.cloud                  1.0.2  
hetzner.hcloud                1.6.0  
hpe.nimble                    1.1.4  
ibm.qradar                    1.0.3  
infinidat.infinibox           1.3.3  
infoblox.nios_modules         1.2.1  
inspur.sm                     1.3.0  
junipernetworks.junos         2.9.0  
kubernetes.core               2.2.3  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.15.0
netapp.elementsw              21.7.0 
netapp.ontap                  21.17.3
netapp.storagegrid            21.9.0 
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.2.13 
netbox.netbox                 3.6.0  
ngine_io.cloudstack           2.2.3  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.0  
openstack.cloud               1.7.2  
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   1.6.6  
purestorage.flasharray        1.12.1 
purestorage.flashblade        1.9.0  
sensu.sensu_go                1.13.0 
servicenow.servicenow         1.0.6  
splunk.es                     1.0.2  
t_systems_mms.icinga_director 1.27.1 
theforeman.foreman            2.2.0  
vyos.vyos                     2.8.0  
wti.remote                    1.0.3

Environment

$ uname -a
Linux pi4 5.10.63-v8+ #1488 SMP PREEMPT Thu Nov 18 16:16:16 GMT 2021 aarch64 GNU/Linux
$ cat /etc/*release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
$ docker ps
CONTAINER ID   IMAGE                       COMMAND                  CREATED        STATUS                    PORTS                                                 NAMES
1d3c49f60f56   joeri2821/check-mk-raw-pi   "/docker-entrypoint.…"   2 months ago   Up 56 minutes (healthy)   6557/tcp, 0.0.0.0:8080->5000/tcp, :::8080->5000/tcp   monitoring

Checkmk 2.0.0p17

To Reproduce

run my playbook

Expected behavior

i expect no error by running this playbook

Actual behavior

the task with activation fails

Thanks in advance BR Oliver

ogaida commented 2 years ago

one more hint, the activation was done anyway. But then then the http-response 414 is not correct, but this might not a problem of the module.

ogaida commented 2 years ago

I close this bug, because it is not a bug of the module.

robin-checkmk commented 2 years ago

I did not get a chance to reproduce this yet, so can you please share, why you do not think it is a bug anymore?

ogaida commented 2 years ago

because of the API does the activation, it only gives the wrong feedback (414). So for me it seems the module is correct.

ogaida commented 2 years ago

if you want i reopen the issue

diademiemi commented 2 years ago

I encountered this issue too, it seems to be caused by SSL. Wasn't able to test if it would work on trusted certificates, but I expect it's due to untrusted certs. Switching to HTTP (And disabling redirection to HTTPS if it was enabled) fixed it for me.

diademiemi commented 2 years ago

Actually upon looking more I don't think it's the same issue. Mine reported a HTTP code of "-1". I wish the error messages this module gives was more descriptive, "Error calling API" doesn't help anyone.

robin-checkmk commented 2 years ago

@ogaida keep it closed for now, I will look into it when I can and take appropriate action. @diademiemi if the issue persists, please open a dedicated issue, so we can look into it.