Failed to get credentials for Azure

[FeelingTomato]

Expected behavior:

To be able to create an instance on Azure

Actual Behavior:

Error : fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get credentials. Either pass as parameters, set environment variables, define a profile in ~/.azure/credentials, or log in with Azure CLI (az login)."}

Steps to Reproduce:

1. On new Ubuntu VM followed steps to install git, python pip and dependencies, ansible, and ansible[azure]
2. Followed ://github.com/StreisandEffect/streisand/blob/master/documentation/AZURE.md , created an ini file with the correct information. Triple checked.
3. There was no .azure directory created, manually created. Location is ~/.azure/credentials (home/user/.azure/credentials)
4. Ran streisand and returned with error fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get credentials. Either pass as parameters, set environment variables, define a profile in ~/.azure/credentials, or log in with Azure CLI (az login)."}
5. Tried on new Ubuntu VM with same error. Also tried using Fedora. Same error

user@user-VirtualBox:~$ cd streisand user@user-VirtualBox:~/streisand$ sudo ./streisand [sudo] password for user:

S T R E I S A N D

Which provider are you using?

1. Amazon
2. Azure
3. DigitalOcean
4. Google
5. Linode
6. Rackspace
7. localhost (Advanced)
8. Existing Server (Advanced) : 2

Do you wish to customize which services Streisand will install? By saying 'no' Streisand will use the settings configured in /home/user/.streisand/site.yml

Press enter to customize your installation: no

Installing Streisand services specified in /home/user/.streisand/site.yml

[WARNING]: Found both group and host with same name: localhost

PLAY [Perform global variables validation] *****

TASK [validation : Stat the Streisand SSH private key] ***** ok: [localhost]

TASK [validation : Fail if the Streisand SSH private key file doesn't exist] *** skipping: [localhost]

TASK [validation : Stat the Streisand SSH public key] ** ok: [localhost]

TASK [validation : Fail if the Streisand SSH public key file doesn't exist] **** skipping: [localhost]

TASK [validation : Validate that OpenVPN optional variables are rational] ** skipping: [localhost]

TASK [validation : Validate that Tinyproxy optional variables are rational] **** skipping: [localhost]

TASK [validation : Validate that sshutle optional variables are rational] ** skipping: [localhost]

TASK [validation : Validate that the maximum number of clients is set to a reasonable amount] *** skipping: [localhost]

TASK [validation : Validate that at least one VPN is specified] **** skipping: [localhost]

PLAY RECAP ***** localhost : ok=2 changed=0 unreachable=0 failed=0

[WARNING]: Found both group and host with same name: localhost

What region should the server be located in?

North America: 1: East US (Virginia) 2: East US 2 (Virginia) 3: Central US (Iowa) 4: North Central US (Illinois) 5: South Central US (Texas) 6: West Central US (West Central US) 7: West US (California) 8: West US 2 (West US 2) 9: US Gov Virginia (Virginia) 10: US Gov Iowa (Iowa) 11: US DoD East (US DoD East) 12: US DoD Central (US DoD Central) 13: Canada East (Quebec City) 14: Canada Central (Toronto)

South America: 15: Brazil South (Sao Paulo State)

Asia: 16: Southeast Asia (Singapore) 17: East Asia (Hong Kong) 18: China East (Shanghai) 19: China North (Beijing) 20: Japan East (Tokyo, Saitama) 21: Japan West (Osaka) 22: Korea Central (Seoul) 23: Korea South (Busan) 24: Central India (Pune) 25: West India (Mumbai) 26: South India (Chennai)

Australia: 27: Australia East (New South Wales) 28: Australia Southeast (Victoria)

Europe: 29: North Europe (Ireland) 30: West Europe (Netherlands) 31: Germany Central (Frankfurt) 32: Germany Northeast (Magdeburg) 33: UK West (Cardiff) 34: UK South (London) Please choose the number of your region: Press enter for default (#1) region.

What should the server be named? Press enter for default (streisand). [streisand]:

Ensure that you have the azure credentials file: ~/.azure/credentials Details on generating this can be found at https://github.com/StreisandEffect/streisand/blob/master/documentation/AZURE.md:

Streisand will now set up your server: This process usually takes around ten minutes: Press Enter to begin setup... :

PLAY [Provision the Azure Server (Resource Manager mode)] **

TASK [Gathering Facts] ***** ok: [localhost]

TASK [Set the Azure Region fact] *** ok: [localhost]

TASK [Set the Azure Instance Name fact] **** ok: [localhost]

TASK [azure-security-group : Create Azure resource group] ** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to get credentials. Either pass as parameters, set environment variables, define a profile in ~/.azure/credentials, or log in with Azure CLI (az login)."} to retry, use: --limit @/home/user/streisand/playbooks/azure.retry

PLAY RECAP ***** localhost : ok=3 changed=0 unreachable=0 failed=1

Additional Details: Attached Screenshot

Log output from Ansible or other relevant services (link to Gist for longer output):

Target Cloud Provider: Azure

Operating System of target host:

Operating System of client: Ubuntu 18.04 LTS

Version of Ansible, using ansible --version : ansible 2.5.5

Output from git rev-parse HEAD in your Streisand directory : e5ba596fef3299b3a0887aca14f1d558163f2144

[alimakki]

Is ~/.azure/credentials a directory? If so the directory should be ~/.azure and your file within the directory should be named credentials and not ~/.azure/credentials/default.ini

[FeelingTomato]

So, you are saying ~/.azure/credentials.ini, Or do you mean ~/.azure/credentials/credentials.ini ?

While trying both ways, I received the same error message.

[alimakki]

It should be ~/.azure/credentials, no file extension.

[FeelingTomato]

I am sorry, but i do not see how i would do that. According to the Microsoft Azure Guide on the ansible website it says "When working in a development environment, it may be desirable to store credentials in a file. The modules will look for credentials in $HOME/.azure/credentials. This file is an ini style file. "

If you could explain how i would add my credentials without a file extenstion, I would greatly appreciate it.

[alimakki]

Just remove the .ini file extension, it will be able to read it.

[FeelingTomato]

Thanks, that worked. it was able to read my credentials. Now I am facing another issue.

I received an error saying:

fatal: [13.78.12.219]: FAILED! => {"changed": false, "cmd": "apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 008085DF5DBB8ACEE65423AAD5059C1FFCB15481", "msg": "gpg: requesting key FCB15481 from hkp server keyserver.ubuntu.com\ngpg: no valid OpenPGP data found.\ngpg: Total number processed: 0\ngpg: keyserver communications error: keyserver helper general error\ngpg: keyserver communications error: unknown pubkey algorithm\ngpg: keyserver receive failed: unknown pubkey algorithm", "rc": 2, "stderr": "gpg: requesting key FCB15481 from hkp server keyserver.ubuntu.com\ngpg: no valid OpenPGP data found.\ngpg: Total number processed: 0\ngpg: keyserver communications error: keyserver helper general error\ngpg: keyserver communications error: unknown pubkey algorithm\ngpg: keyserver receive failed: unknown pubkey algorithm\n", "stderr_lines": ["gpg: requesting key FCB15481 from hkp server keyserver.ubuntu.com", "gpg: no valid OpenPGP data found.", "gpg: Total number processed: 0", "gpg: keyserver communications error: keyserver helper general error", "gpg: keyserver communications error: unknown pubkey algorithm", "gpg: keyserver receive failed: unknown pubkey algorithm"], "stdout": "Executing: /tmp/tmp.jQOLcGhCqa/gpg.1.sh --recv-keys\n--keyserver\nhkp://keyserver.ubuntu.com:80\n008085DF5DBB8ACEE65423AAD5059C1FFCB15481\ngpgkeys: key 008085DF5DBB8ACEE65423AAD5059C1FFCB15481 can't be retrieved\n", "stdout_lines": ["Executing: /tmp/tmp.jQOLcGhCqa/gpg.1.sh --recv-keys", "--keyserver", "hkp://keyserver.ubuntu.com:80", "008085DF5DBB8ACEE65423AAD5059C1FFCB15481", "gpgkeys: key 008085DF5DBB8ACEE65423AAD5059C1FFCB15481 can't be retrieved"]}

So i reran the installation and disabled the option for shadowsocks, now i received this error:

I get error fatal: [13.78.12.219]: FAILED! => {"changed": true, "cmd": ["gpg-agent", "--homedir", "/root/.gnupg", "--use-standard-socket", "--daemon"], "delta": "0:00:01.461897", "end": "2018-06-22 21:48:17.329094", "msg": "non-zero return code", "rc": 2, "start": "2018-06-22 21:48:15.867197", "stderr": "gpg-agent[33800]: WARNING: \"--use-standard-socket\" is an obsolete option - it has no effect\ngpg-agent: a gpg-agent is already running - not starting a new one", "stderr_lines": ["gpg-agent[33800]: WARNING: \"--use-standard-socket\" is an obsolete option - it has no effect", "gpg-agent: a gpg-agent is already running - not starting a new one"], "stdout": "", "stdout_lines": []} .

[alimakki]

There's been an issue opened by @nopdotcom: #1388 for the first error you were seeing, I don't believe its unique to Azure.

During your second attempt, did you opt to create a fresh server or choose the existing server option?

[FeelingTomato]

Create a fresh server. I did not see an option to try an existing server.

[alimakki]

I believe you've run into a similar issue others have been facing, and there's a set of PRs for this: #1335, and #1387 that could resolve your issue.

[FeelingTomato]

Thank you so much for your assistance. I appreciate it. After multiple tries I was able to get it to complete. I will be closing this ticket.

[wajahatahmed245]

@FeelingTomato @alimakki if i don't have credentials file will az login be enough?