search

F5Networks / f5-ansible

Imperative Ansible modules for F5 BIG-IP products
GNU General Public License v3.0
375 stars 231 forks source link

Getting a "MODULE FAILURE" error while loading certificate with bigip_ssl_certificate #1947

Closed df-cgdm closed 3 years ago

df-cgdm commented 3 years ago
ISSUE TYPE
COMPONENT NAME

bigip_ssl_certificate

ANSIBLE VERSION
ansible 2.10.3
  config file = /home/sa-automation/.ansible.cfg
  configured module search path = ['/home/sa-automation/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.6/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 3.6.9 (default, Oct  8 2020, 12:12:24) [GCC 8.4.0]
PYTHON VERSION
Python 3.6.9
BIGIP VERSION
BIG-IP 14.1.2.2 Build 0.0.4 Point Release 2
CONFIGURATION
OS / ENVIRONMENT

Ubuntu 18

SUMMARY

When I upload a certificate to the f5, I get the following error

Traceback (most recent call last):
  File "/usr/lib/python3.6/urllib/request.py", line 1325, in do_open
    encode_chunked=req.has_header('Transfer-encoding'))
  File "/usr/lib/python3.6/http/client.py", line 1281, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1327, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1276, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1042, in _send_output
    self.send(msg)
  File "/usr/lib/python3.6/http/client.py", line 980, in send
    self.connect()
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 433, in connect
  File "/usr/lib/python3.6/socket.py", line 724, in create_connection
    raise err
  File "/usr/lib/python3.6/socket.py", line 713, in create_connection
    sock.connect(sa)
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 102, in <module>
    _ansiballz_main()
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_certificate', init_globals=None, run_name='__main__', alter_sys=True)
  File "/usr/lib/python3.6/runpy.py", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 592, in <module>
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 585, in main
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 322, in exec_module
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py", line 99, in send_teem
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py", line 70, in send
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1399, in open_url
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1304, in open
  File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.6/urllib/request.py", line 526, in open
    response = self._open(req, data)
  File "/usr/lib/python3.6/urllib/request.py", line 544, in _open
    '_open', req)
  File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
    result = func(*args)
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 464, in https_open
  File "/usr/lib/python3.6/urllib/request.py", line 1327, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error timed out>
Exception ignored in: <bound method iControlRestSession.__del__ of <ansible_collections.f5networks.f5_modules.plugins.module_utils.icontrol.iControlRestSession object at 0x7f728e0265c0>>
Traceback (most recent call last):
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 255, in __del__
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 230, in delete
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 194, in send
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1222, in open
  File "/usr/lib/python3.6/netrc.py", line 32, in __init__
NameError: name 'open' is not defined

but in fact the certificate was uploaded

STEPS TO REPRODUCE
- name: bigip
  hosts: localhost
  vars:
    certificate: ~/.certificates/cert.crt
    cert_content: "{{lookup('file', certificate)}}"
    bigip_management: lb.url.com
    bigip_user: user
    bigip_password: password
  gather_facts: no
  tasks:
  - name: Get information on generated certificate
    community.crypto.x509_certificate_info:
       content: "{{ cert_content }}"
    register: cert_info
  - name: "Import {{ cert_info.subject.commonName }} Certificate"
    bigip_ssl_certificate:
      name: "{{ cert_info.subject.commonName }}"
      state: present
      content: "{{ cert_content }}"
      provider:
        server: '{{ bigip_management }}'
        user: '{{ bigip_user }}'
        password: '{{ bigip_password }}'
        validate_certs: false
    delegate_to: localhost
    register: result
  - debug:
      var: result
EXPECTED RESULTS

Get a OK

ACTUAL RESULTS
TASK [Import dfo-2020-12-11.demo.cegedim.cloud Certificate] ********************************************************************************************************************************
task path: /home/sa-automation/demo-dfo/bigip/import-cert.yml:31
redirecting (type: action) ansible.builtin.bigip to f5networks.f5_modules.bigip
redirecting (type: action) ansible.builtin.bigip to f5networks.f5_modules.bigip
<localhost> ESTABLISH LOCAL CONNECTION FOR USER: sa-automation
<localhost> EXEC /bin/sh -c 'echo ~sa-automation && sleep 0'
<localhost> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo /home/sa-automation/.ansible/tmp `"&& mkdir "` echo /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218 `" && echo ansible-tmp-1611080982.41616-26401-237247568235218="` echo /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218 `" ) && sleep 0'
redirecting (type: modules) ansible.builtin.bigip_ssl_certificate to f5networks.f5_modules.bigip_ssl_certificate
Using module file /usr/local/lib/python3.6/dist-packages/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py
<localhost> PUT /home/sa-automation/.ansible/tmp/ansible-local-26298wfktwxby/tmpmpzki915 TO /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py
<localhost> EXEC /bin/sh -c 'chmod u+x /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/ /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py && sleep 0'
<localhost> EXEC /bin/sh -c '/usr/bin/python3 /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py && sleep 0'
<localhost> EXEC /bin/sh -c 'rm -f -r /home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/ > /dev/null 2>&1 && sleep 0'
The full traceback is:
Traceback (most recent call last):
  File "/usr/lib/python3.6/urllib/request.py", line 1325, in do_open
    encode_chunked=req.has_header('Transfer-encoding'))
  File "/usr/lib/python3.6/http/client.py", line 1281, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1327, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1276, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/usr/lib/python3.6/http/client.py", line 1042, in _send_output
    self.send(msg)
  File "/usr/lib/python3.6/http/client.py", line 980, in send
    self.connect()
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 433, in connect
  File "/usr/lib/python3.6/socket.py", line 724, in create_connection
    raise err
  File "/usr/lib/python3.6/socket.py", line 713, in create_connection
    sock.connect(sa)
socket.timeout: timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 102, in <module>
    _ansiballz_main()
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_certificate', init_globals=None, run_name='__main__', alter_sys=True)
  File "/usr/lib/python3.6/runpy.py", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib/python3.6/runpy.py", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 592, in <module>
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 585, in main
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py", line 322, in exec_module
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py", line 99, in send_teem
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py", line 70, in send
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1399, in open_url
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1304, in open
  File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.6/urllib/request.py", line 526, in open
    response = self._open(req, data)
  File "/usr/lib/python3.6/urllib/request.py", line 544, in _open
    '_open', req)
  File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
    result = func(*args)
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 464, in https_open
  File "/usr/lib/python3.6/urllib/request.py", line 1327, in do_open
    raise URLError(err)
urllib.error.URLError: <urlopen error timed out>
Exception ignored in: <bound method iControlRestSession.__del__ of <ansible_collections.f5networks.f5_modules.plugins.module_utils.icontrol.iControlRestSession object at 0x7f728e0265c0>>
Traceback (most recent call last):
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 255, in __del__
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 230, in delete
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py", line 194, in send
  File "/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py", line 1222, in open
  File "/usr/lib/python3.6/netrc.py", line 32, in __init__
NameError: name 'open' is not defined
fatal: [localhost]: FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/usr/lib/python3.6/urllib/request.py\", line 1325, in do_open\n    encode_chunked=req.has_header('Transfer-encoding'))\n  File \"/usr/lib/python3.6/http/client.py\", line 1281, in request\n    self._send_request(method, url, body, headers, encode_chunked)\n  File \"/usr/lib/python3.6/http/client.py\", line 1327, in _send_request\n    self.endheaders(body, encode_chunked=encode_chunked)\n  File \"/usr/lib/python3.6/http/client.py\", line 1276, in endheaders\n    self._send_output(message_body, encode_chunked=encode_chunked)\n  File \"/usr/lib/python3.6/http/client.py\", line 1042, in _send_output\n    self.send(msg)\n  File \"/usr/lib/python3.6/http/client.py\", line 980, in send\n    self.connect()\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py\", line 433, in connect\n  File \"/usr/lib/python3.6/socket.py\", line 724, in create_connection\n    raise err\n  File \"/usr/lib/python3.6/socket.py\", line 713, in create_connection\n    sock.connect(sa)\nsocket.timeout: timed out\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n  File \"/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py\", line 102, in <module>\n    _ansiballz_main()\n  File \"/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py\", line 94, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/home/sa-automation/.ansible/tmp/ansible-tmp-1611080982.41616-26401-237247568235218/AnsiballZ_bigip_ssl_certificate.py\", line 40, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.f5networks.f5_modules.plugins.modules.bigip_ssl_certificate', init_globals=None, run_name='__main__', alter_sys=True)\n  File \"/usr/lib/python3.6/runpy.py\", line 205, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib/python3.6/runpy.py\", line 96, in _run_module_code\n    mod_name, mod_spec, pkg_name, script_name)\n  File \"/usr/lib/python3.6/runpy.py\", line 85, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py\", line 592, in <module>\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py\", line 585, in main\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/modules/bigip_ssl_certificate.py\", line 322, in exec_module\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py\", line 99, in send_teem\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/teem.py\", line 70, in send\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py\", line 1399, in open_url\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py\", line 1304, in open\n  File \"/usr/lib/python3.6/urllib/request.py\", line 223, in urlopen\n    return opener.open(url, data, timeout)\n  File \"/usr/lib/python3.6/urllib/request.py\", line 526, in open\n    response = self._open(req, data)\n  File \"/usr/lib/python3.6/urllib/request.py\", line 544, in _open\n    '_open', req)\n  File \"/usr/lib/python3.6/urllib/request.py\", line 504, in _call_chain\n    result = func(*args)\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py\", line 464, in https_open\n  File \"/usr/lib/python3.6/urllib/request.py\", line 1327, in do_open\n    raise URLError(err)\nurllib.error.URLError: <urlopen error timed out>\nException ignored in: <bound method iControlRestSession.__del__ of <ansible_collections.f5networks.f5_modules.plugins.module_utils.icontrol.iControlRestSession object at 0x7f728e0265c0>>\nTraceback (most recent call last):\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py\", line 255, in __del__\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py\", line 230, in delete\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible_collections/f5networks/f5_modules/plugins/module_utils/icontrol.py\", line 194, in send\n  File \"/tmp/ansible_bigip_ssl_certificate_payload_ancftifs/ansible_bigip_ssl_certificate_payload.zip/ansible/module_utils/urls.py\", line 1222, in open\n  File \"/usr/lib/python3.6/netrc.py\", line 32, in __init__\nNameError: name 'open' is not defined\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}
wojtek0806 commented 3 years ago

update to latest collection this issue was fixed already: https://github.com/F5Networks/f5-ansible/issues/1933