search

ansible-collections / community.zabbix

Zabbix Ansible modules
http://galaxy.ansible.com/community/zabbix
Other
321 stars 280 forks source link

HTTP 300 Multiple Choices behind firewall/proxy/waf #1232

Closed abnerrizzi closed 2 months ago

abnerrizzi commented 4 months ago
SUMMARY

Trying to use api info in a zabbix behind proxies I am getting HTTP 300 return. However if I use ansible URI to do exact same action I could get the expected result.

the same for http and https

happens with zabbix 2.4 & 2.2 versions

ISSUE TYPE
CONFIGURATION
root@99e9f1a07a7c:~# ansible --version
ansible [core 2.14.3]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] (/usr/bin/python3)
  jinja version = 3.1.2
  libyaml = True

root@99e9f1a07a7c:~# ansible-galaxy collection list

# /root/.ansible/collections/ansible_collections
Collection       Version
---------------- -------
community.zabbix 2.2.0  

# /usr/lib/python3/dist-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    5.2.0  
ansible.netcommon             4.1.0  
ansible.posix                 1.5.1  
ansible.utils                 2.9.0  
ansible.windows               1.13.0 
arista.eos                    6.0.0  
awx.awx                       21.12.0
azure.azcollection            1.14.0 
check_point.mgmt              4.0.0  
chocolatey.chocolatey         1.4.0  
cisco.aci                     2.4.0  
cisco.asa                     4.0.0  
cisco.dnac                    6.6.3  
cisco.intersight              1.0.23 
cisco.ios                     4.3.1  
cisco.iosxr                   4.1.0  
cisco.ise                     2.5.12 
cisco.meraki                  2.15.1 
cisco.mso                     2.2.1  
cisco.nso                     1.0.3  
cisco.nxos                    4.1.0  
cisco.ucs                     1.8.0  
cloud.common                  2.1.2  
cloudscale_ch.cloud           2.2.4  
community.aws                 5.2.0  
community.azure               2.0.0  
community.ciscosmb            1.0.5  
community.crypto              2.11.0 
community.digitalocean        1.23.0 
community.dns                 2.5.1  
community.docker              3.4.2  
community.fortios             1.0.0  
community.general             6.4.0  
community.google              1.0.0  
community.grafana             1.5.4  
community.hashi_vault         4.1.0  
community.hrobot              1.7.0  
community.libvirt             1.2.0  
community.mongodb             1.5.1  
community.mysql               3.6.0  
community.network             5.0.0  
community.okd                 2.3.0  
community.postgresql          2.3.2  
community.proxysql            1.5.1  
community.rabbitmq            1.2.3  
community.routeros            2.7.0  
community.sap                 1.0.0  
community.sap_libs            1.4.0  
community.skydive             1.0.0  
community.sops                1.6.1  
community.vmware              3.4.0  
community.windows             1.12.0 
community.zabbix              1.9.2  
containers.podman             1.10.1 
cyberark.conjur               1.2.0  
cyberark.pas                  1.0.17 
dellemc.enterprise_sonic      2.0.0  
dellemc.openmanage            6.3.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
dellemc.powerflex             1.5.0  
dellemc.unity                 1.5.0  
f5networks.f5_modules         1.22.1 
fortinet.fortimanager         2.1.7  
fortinet.fortios              2.2.2  
frr.frr                       2.0.0  
gluster.gluster               1.0.2  
google.cloud                  1.1.2  
grafana.grafana               1.1.1  
hetzner.hcloud                1.10.0 
hpe.nimble                    1.1.4  
ibm.qradar                    2.1.0  
ibm.spectrum_virtualize       1.11.0 
infinidat.infinibox           1.3.12 
infoblox.nios_modules         1.4.1  
inspur.ispim                  1.3.0  
inspur.sm                     2.3.0  
junipernetworks.junos         4.1.0  
kubernetes.core               2.4.0  
lowlydba.sqlserver            1.3.1  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.22.0
netapp.elementsw              21.7.0 
netapp.ontap                  22.3.0 
netapp.storagegrid            21.11.1
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.4.0  
netbox.netbox                 3.11.0 
ngine_io.cloudstack           2.3.0  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.3  
openstack.cloud               1.10.0 
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   2.4.1  
purestorage.flasharray        1.17.0 
purestorage.flashblade        1.10.0 
purestorage.fusion            1.3.0  
sensu.sensu_go                1.13.2 
splunk.es                     2.1.0  
t_systems_mms.icinga_director 1.32.0 
theforeman.foreman            3.9.0  
vmware.vmware_rest            2.2.0  
vultr.cloud                   1.7.0  
vyos.vyos                     4.0.0  
wti.remote                    1.0.4
OS / ENVIRONMENT / Zabbix Version
STEPS TO REPRODUCE

I dont know what proxy or edge router or even waf are in the middle. check my code:

  block:
    - name: Set Credentials to Access Zabbix Server API
      ansible.builtin.set_fact:
        ansible_user: "{{ zabbix_user }}"
        ansible_httpapi_pass: "{{ zabbix_password }}"
        ansible_zabbix_url_path: "/"
        ansible_network_os: community.zabbix.zabbix
        ansible_connection: httpapi
        ansible_host: "{{ zabbix_host }}"
        ansible_httpapi_use_ssl: true
        ansible_httpapi_validate_certs: false

    - name: community.zabbix.zabbix_api_info | Retrieve API information
      community.zabbix.zabbix_api_info:
      register: zbx_api_info
      ignore_errors: true

    - debug:
        var: zbx_api_info.api.version

    - name: URI | Get Zabbix API information
      uri:
        url: "https://{{ ansible_host }}/api_jsonrpc.php"
        method: POST
        headers:
          Content-Type: "application/json"

        body: '{"jsonrpc":"2.0","method":"apiinfo.version","params":[],"id":1}'
      register: zabbix_api_info

    - debug:
        msg: "Zabbix API information: {{ zabbix_api_info.json.result }}"
EXPECTED RESULTS
ACTUAL RESULTS
TASK [zabbix : Set Credentials to Access Zabbix Server API] ************************************************************************************
ok: [localhost]

TASK [zabbix : community.zabbix.zabbix_api_info | Retrieve API information] ********************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: </body></html>
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/root/.ansible/tmp/ansible-local-1813y07_2k06/ansible-tmp-1716460581.540771-1827-30894493807628/AnsiballZ_zabbix_api_info.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/root/.ansible/tmp/ansible-local-1813y07_2k06/ansible-tmp-1716460581.540771-1827-30894493807628/AnsiballZ_zabbix_api_info.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/root/.ansible/tmp/ansible-local-1813y07_2k06/ansible-tmp-1716460581.540771-1827-30894493807628/AnsiballZ_zabbix_api_info.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.community.zabbix.plugins.modules.zabbix_api_info', init_globals=dict(_module_fqn='ansible_collections.community.zabbix.plugins.modules.zabbix_api_info', _modlib_path=modlib_path),\n  File \"<frozen runpy>\", line 226, in run_module\n  File \"<frozen runpy>\", line 98, in _run_module_code\n  File \"<frozen runpy>\", line 88, in _run_code\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible_collections/community/zabbix/plugins/modules/zabbix_api_info.py\", line 108, in <module>\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible_collections/community/zabbix/plugins/modules/zabbix_api_info.py\", line 103, in main\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible_collections/community/zabbix/plugins/modules/zabbix_api_info.py\", line 80, in __init__\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible_collections/community/zabbix/plugins/module_utils/base.py\", line 20, in __init__\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible_collections/community/zabbix/plugins/module_utils/api_request.py\", line 53, in api_version\n  File \"/tmp/ansible_community.zabbix.zabbix_api_info_payload_7371pbl_/ansible_community.zabbix.zabbix_api_info_payload.zip/ansible/module_utils/connection.py\", line 200, in __rpc__\nansible.module_utils.connection.ConnectionError: Invalid JSON response: <!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>300 Multiple Choices</title>\n</head><body>\n<h1>Multiple Choices</h1>\n</body></html>\n\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
...ignoring

TASK [zabbix : debug] **************************************************************************************************************************
ok: [localhost] => {
    "zbx_api_info.api.version": "VARIABLE IS NOT DEFINED!"
}

TASK [zabbix : URI | Get Zabbix API information] ***********************************************************************************************
ok: [localhost]

TASK [zabbix : debug] **************************************************************************************************************************
ok: [localhost] => {
    "msg": "Zabbix API information: 6.0.6"
}
BGmot commented 4 months ago

I don't see where you use HTTP proxy in your uri module. How does it work?

BGmot commented 4 months ago

Try using http_login_user and http_login_password for proxy authentication, not sure though if it will work. -/

abnerrizzi commented 4 months ago

I don't see where you use HTTP proxy in your uri module. How does it work?

it is a transparent proxy

Try using http_login_user and http_login_password for proxy authentication, not sure though if it will work. -/

great idea, but I dont need to autenticate;

BGmot commented 4 months ago

Well, if it is transparent proxy then it should not matter. Neither Zabbix nor this collection has this in their code 'Multiple Choices', it's your proxy giving this response.

BGmot commented 4 months ago

Try tcpdudmp and see what is really happening.