search

ansible-collections / netapp.ontap

Ansible collection to support NetApp ONTAP configuration.
https://galaxy.ansible.com/netapp/ontap
GNU General Public License v3.0
54 stars 35 forks source link

netapp.ontap.na_ontap_net_port results in '13003:ZAPI is not enabled in pre-cluster mode.' #78

Closed JamesPGriffith closed 2 years ago

JamesPGriffith commented 2 years ago

Summary

I am attempting to automate a cluster setup but it fails with Unused cluster ports exist in the cluster

I am now attempting to configure those ports before the cluster setup but that's failing with ZAPI is not enabled in pre-cluster mode.

It seems that there's a catch22 with the pre-cluster configuration required by ONTAP that ONTAP doesn't allow via ZAPI/REST yet?

Component Name

netapp.ontap.na_ontap_net_port

Ansible Version

$ ansible --version
ansible [core 2.12.6]
  config file = /home/user/ontap-setup-automation/ansible.cfg
  configured module search path = ['/home/user/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/user/.local/lib/python3.8/site-packages/ansible
  ansible collection location = /home/user/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.8.10 (default, Mar 15 2022, 12:22:08) [GCC 9.4.0]
  jinja version = 3.1.2
  libyaml = True
$

### ONTAP Collection Version

```console
$ ansible-galaxy collection list

# /usr/share/ansible/collections/ansible_collections
Collection   Version
------------ -------
netapp.ontap 21.20.0

# /home/user/.local/lib/python3.8/site-packages/ansible_collections
Collection                    Version
----------------------------- -------
amazon.aws                    2.3.0  
ansible.netcommon             2.6.1  
ansible.posix                 1.4.0  
ansible.utils                 2.6.1  
ansible.windows               1.10.0 
arista.eos                    3.1.0  
awx.awx                       19.4.0 
azure.azcollection            1.13.0 
check_point.mgmt              2.3.0  
chocolatey.chocolatey         1.2.0  
cisco.aci                     2.2.0  
cisco.asa                     2.1.0  
cisco.dnac                    6.4.0  
cisco.intersight              1.0.19 
cisco.ios                     2.8.1  
cisco.iosxr                   2.9.0  
cisco.ise                     1.2.1  
cisco.meraki                  2.6.2  
cisco.mso                     1.4.0  
cisco.nso                     1.0.3  
cisco.nxos                    2.9.1  
cisco.ucs                     1.8.0  
cloud.common                  2.1.1  
cloudscale_ch.cloud           2.2.2  
community.aws                 2.5.0  
community.azure               1.1.0  
community.ciscosmb            1.0.5  
community.crypto              2.3.2  
community.digitalocean        1.19.0 
community.dns                 2.2.0  
community.docker              2.6.0  
community.fortios             1.0.0  
community.general             4.8.2  
community.google              1.0.0  
community.grafana             1.4.0  
community.hashi_vault         2.5.0  
community.hrobot              1.4.0  
community.kubernetes          2.0.1  
community.kubevirt            1.0.0  
community.libvirt             1.1.0  
community.mongodb             1.4.0  
community.mysql               2.3.8  
community.network             3.3.0  
community.okd                 2.2.0  
community.postgresql          1.7.4  
community.proxysql            1.4.0  
community.rabbitmq            1.2.1  
community.routeros            2.1.0  
community.sap                 1.0.0  
community.sap_libs            1.1.0  
community.skydive             1.0.0  
community.sops                1.2.2  
community.vmware              1.18.0 
community.windows             1.10.0 
community.zabbix              1.7.0  
containers.podman             1.9.3  
cyberark.conjur               1.1.0  
cyberark.pas                  1.0.14 
dellemc.enterprise_sonic      1.1.1  
dellemc.openmanage            4.4.0  
dellemc.os10                  1.1.1  
dellemc.os6                   1.0.7  
dellemc.os9                   1.0.4  
f5networks.f5_modules         1.17.0 
fortinet.fortimanager         2.1.5  
fortinet.fortios              2.1.6  
frr.frr                       1.0.4  
gluster.gluster               1.0.2  
google.cloud                  1.0.2  
hetzner.hcloud                1.6.0  
hpe.nimble                    1.1.4  
ibm.qradar                    1.0.3  
infinidat.infinibox           1.3.3  
infoblox.nios_modules         1.2.2  
inspur.sm                     1.3.0  
junipernetworks.junos         2.10.0 
kubernetes.core               2.3.1  
mellanox.onyx                 1.0.0  
netapp.aws                    21.7.0 
netapp.azure                  21.10.0
netapp.cloudmanager           21.17.0
netapp.elementsw              21.7.0 
netapp.ontap                  21.19.1
netapp.storagegrid            21.10.0
netapp.um_info                21.8.0 
netapp_eseries.santricity     1.3.0  
netbox.netbox                 3.7.1  
ngine_io.cloudstack           2.2.4  
ngine_io.exoscale             1.0.0  
ngine_io.vultr                1.1.1  
openstack.cloud               1.8.0  
openvswitch.openvswitch       2.1.0  
ovirt.ovirt                   1.6.6  
purestorage.flasharray        1.13.0 
purestorage.flashblade        1.9.0  
sensu.sensu_go                1.13.1 
servicenow.servicenow         1.0.6  
splunk.es                     1.0.2  
t_systems_mms.icinga_director 1.29.0 
theforeman.foreman            2.2.0  
vmware.vmware_rest            2.1.5  
vyos.vyos                     2.8.0  
wti.remote                    1.0.3  
$

### ONTAP Version

```console
cluster1-01::> version
NetApp Release 9.8P10: Fri Feb 04 19:51:21 UTC 2022

### Playbook

```console
- name: Configure IntraCluster Ports
  loop: "{{ groups['ontap_nodes'] }}"
  netapp.ontap.na_ontap_net_port:
    https: "{{ https }}"
    validate_certs: "{{ validate_certs }}"
    hostname: "{{ item }}"
    ipspace: Cluster
    state: present
    username: "{{ ontap_username }}"
    password: "{{ ansible_password }}"
    node: "{{ item }}"
    ports: "{{ item }}:e0a,{{ item }}:e0b,{{ item }}:e0c,{{ item }}:e0d"
    autonegotiate_admin: true
    up_admin: true
    mtu: 9000

### Steps to Reproduce

inventory.yml
```yaml
ontap_nodes:
  vars:
    ansible_user: "{{ ontap_username }}"
  hosts:
    cluster1-01:
    cluster1-02:
    cluster2-01:
    cluster2-02:

na_ontap_cluster_setup role:

---

- name: Configure IntraCluster Ports
  loop: "{{ groups['ontap_nodes'] }}"
  netapp.ontap.na_ontap_net_port:
    https: "{{ https }}"
    validate_certs: "{{ validate_certs }}"
    hostname: "{{ item }}"
    ipspace: Cluster
    state: present
    username: "{{ ontap_username }}"
    password: "{{ ansible_password }}"
    node: "{{ item }}"
    ports: "{{ item }}:e0a,{{ item }}:e0b,{{ item }}:e0c,{{ item }}:e0d"
    autonegotiate_admin: true
    up_admin: true
    mtu: 9000

playbook:

---
- hosts: localhost
  connection: local
  gather_facts: false
  collections:
    - netapp.ontap
  vars_files:
    - globalvars.yml

  roles:
    - na_ontap_cluster_setup

Expected Results

I expected to be able to automate the port configuration to satisfy the prerequisite to cluster setup.

Actual Results

I am attempting to automate a cluster setup, it fails with

The full traceback is:
NoneType: None
fatal: [localhost]: FAILED! => {
    "changed": false,
    "invocation": {
        "module_args": {
            "cert_filepath": null,
            "cluster_contact": null,
            "cluster_ip_address": null,
            "cluster_location": null,
            "cluster_name": "cluster1",
            "feature_flags": {},
            "force": false,
            "hostname": "192.168.0.111",
            "http_port": null,
            "https": true,
            "key_filepath": null,
            "node_name": null,
            "ontapi": null,
            "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
            "single_node_cluster": null,
            "state": "present",
            "time_out": 0,
            "use_rest": "auto",
            "username": "admin",
            "validate_certs": false
        }
    },
    "msg": "Error creating cluster cluster1: calling: cluster: got {
      'message': 'Unused cluster ports exist in the cluster. 
      One or more ports may not be in the \"healthy\" state, 
      or may be incorrectly assigned to the \"Cluster\" Ipspace. 
      Correct any issues, and then try the operation again.', 
      'code': '1182804'
      }."

I am now attempting to configure those ports before the cluster setup using the following task:

- name: Configure IntraCluster Ports
  loop: "{{ groups['ontap_nodes'] }}"
  netapp.ontap.na_ontap_net_port:
    https: "{{ https }}"
    validate_certs: "{{ validate_certs }}"
    hostname: "{{ item }}"
    ipspace: Cluster
    state: present
    username: "{{ ontap_username }}"
    password: "{{ ansible_password }}"
    node: "{{ item }}"
    ports: "{{ item }}:e0a,{{ item }}:e0b,{{ item }}:e0c,{{ item }}:e0d"
    autonegotiate_admin: true
    up_admin: true
    mtu: 9000

That's failing with:

failed: [localhost] (item=cluster2-02) => {
    "ansible_loop_var": "item",
    "changed": false,
    "item": "cluster2-02",
    "module_stderr": "/usr/lib/python3/dist-packages/urllib3/connectionpool.py:999: InsecureRequestWarning: Unverified HTTPS request is being made to host 'cluster2-02'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  warnings.warn(
405: Endpoint error: 405: {'message': 'Only POST/OPTIONS on /api/cluster, GET/HEAD/OPTIONS on /api/cluster/nodes, or calls on /api/cluster/jobs are available in precluster.', 'code': '9241607'}
/usr/lib/python3/dist-packages/urllib3/connectionpool.py:999: InsecureRequestWarning: Unverified HTTPS request is being made to host 'cluster2-02'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  warnings.warn(
Traceback (most recent call last):
  File \"/home/user/.ansible/tmp/ansible-tmp-1655315560.5594263-45947-170949213545048/AnsiballZ_na_ontap_net_port.py\", line 107, in <module>
    _ansiballz_main()
  File \"/home/user/.ansible/tmp/ansible-tmp-1655315560.5594263-45947-170949213545048/AnsiballZ_na_ontap_net_port.py\", line 99, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File \"/home/user/.ansible/tmp/ansible-tmp-1655315560.5594263-45947-170949213545048/AnsiballZ_na_ontap_net_port.py\", line 47, in invoke_module
    runpy.run_module(mod_name='ansible_collections.netapp.ontap.plugins.modules.na_ontap_net_port', init_globals=dict(_module_fqn='ansible_collections.netapp.ontap.plugins.modules.na_ontap_net_port', _modlib_path=modlib_path),
  File \"/usr/lib/python3.8/runpy.py\", line 207, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File \"/usr/lib/python3.8/runpy.py\", line 97, in _run_module_code
    _run_code(code, mod_globals, init_globals,
  File \"/usr/lib/python3.8/runpy.py\", line 87, in _run_code
    exec(code, run_globals)
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_port.py\", line 310, in <module>
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_port.py\", line 306, in main
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/modules/na_ontap_net_port.py\", line 276, in apply
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py\", line 368, in ems_log_event_cserver
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py\", line 450, in get_cserver
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py\", line 420, in get_cserver_zapi
  File \"/tmp/ansible_netapp.ontap.na_ontap_net_port_payload__4o9kfzt/ansible_netapp.ontap.na_ontap_net_port_payload.zip/ansible_collections/netapp/ontap/plugins/module_utils/netapp.py\", line 412, in get_cserver_zapi
  File \"/home/user/.local/lib/python3.8/site-packages/netapp_lib/api/zapi/zapi.py\", line 301, in invoke_successfully
    raise NaApiError(code, msg)
netapp_lib.api.zapi.zapi.NaApiError: NetApp API failed. Reason - 13003:ZAPI is not enabled in pre-cluster mode.
",
    "module_stdout": "",
    "msg": "MODULE FAILURE
See stdout/stderr for the exact error",
    "rc": 1
}
}
lonico commented 2 years ago

This is working as designed. A very limited number of ZAPIs, and an even number of REST APIs are available in precluster mode.

We had an offline discussion, and the use case where this is needed is very specific to NetApp, and should have been deprecated years ago.